Bump zipp from 3.17.0 to 3.19.1 in /src (#295)

* Bump zipp from 3.17.0 to 3.19.1 in /src Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.19.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.17.0...v3.19.1) --- updated-dependencies: - dependency-name: zipp dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Bump zipp from 3.17.0 to 3.19.1 in /src Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.19.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.17.0...v3.19.1) --- updated-dependencies: - dependency-name: zipp dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Bump zipp from 3.17.0 to 3.19.1 in /src Bumps [zipp](https://github.com/jaraco/zipp) from 3.17.0 to 3.19.1. - [Release notes](https://github.com/jaraco/zipp/releases) - [Changelog](https://github.com/jaraco/zipp/blob/main/NEWS.rst) - [Commits](jaraco/zipp@v3.17.0...v3.19.1) --- updated-dependencies: - dependency-name: zipp dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> * Update requirements.in and recompile requirements * Update all pre-commit hooks * Run pre-commit hooks on all files --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Anthony Romaniello <[email protected]>
NTIA · Jul 25, 2024 · 2eb5bf8 · 2eb5bf8
1 parent 50b769d
commit 2eb5bf8
Show file tree

Hide file tree

Showing 5 changed files with 11 additions and 8 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -3,7 +3,7 @@ default_language_version:
   python: python3.8
 repos:
   - repo: https://github.com/pre-commit/pre-commit-hooks
-    rev: v4.5.0
+    rev: v4.6.0
     hooks:
       - id: check-ast
         types: [file, python]
@@ -19,7 +19,7 @@ repos:
       - id: end-of-file-fixer
       - id: trailing-whitespace
   - repo: https://github.com/asottile/pyupgrade
-    rev: v3.15.2
+    rev: v3.16.0
     hooks:
       - id: pyupgrade
         args: ["--py38-plus"]
@@ -31,12 +31,12 @@ repos:
         types: [file, python]
         args: ["--profile", "black", "--filter-files", "--gitignore"]
   - repo: https://github.com/psf/black
-    rev: 24.3.0
+    rev: 24.4.2
     hooks:
       - id: black
         types: [file, python]
   - repo: https://github.com/igorshubovych/markdownlint-cli
-    rev: v0.39.0
+    rev: v0.41.0
     hooks:
       - id: markdownlint
         types: [file, markdown]

diff --git a/compose.yaml b/compose.yaml
@@ -19,7 +19,7 @@ services:
         options:
             max-file: 20
             max-size: 10m
-        
+
 
   api:
     healthcheck:

diff --git a/src/requirements-dev.txt b/src/requirements-dev.txt
@@ -367,7 +367,7 @@ wcwidth==0.2.12
     # via blessed
 yarl==1.9.4
     # via aiohttp
-zipp==3.17.0
+zipp==3.19.1
     # via
     #   -r requirements.txt
     #   importlib-resources

diff --git a/src/requirements.in b/src/requirements.in
@@ -21,3 +21,4 @@ grpcio>=1.53.0        # CVE-2023-32732, CVE-2023-32731, CVE-2023-1428
 pyyaml>=5.4.0         # CVE-2020-14343
 sqlparse>=0.5.0       # CVE-2024-4340
 urllib3>=2.2.2        # CVE-2024-37891
+zipp>=3.19.1          # CVE-2024-5569
diff --git a/src/requirements.txt b/src/requirements.txt
@@ -175,5 +175,7 @@ urllib3==2.2.2
     # via
     #   -r requirements.in
     #   requests
-zipp==3.17.0
-    # via importlib-resources
+zipp==3.19.1
+    # via
+    #   -r requirements.in
+    #   importlib-resources