Sync security updates to main. #897

kbecker42 · 2024-01-08T18:17:33Z

…890) * Bump requests from 2.26.0 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.26.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump cryptography from 3.4.8 to 41.0.2 Bumps [cryptography](https://github.com/pyca/cryptography) from 3.4.8 to 41.0.2. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@3.4.8...41.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump certifi from 2021.5.30 to 2023.7.22 Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.5.30 to 2023.7.22. - [Commits](certifi/python-certifi@2021.05.30...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Updated libs to address all Critical and High severity alerts. * up * up * up * Updated libs. * fix * up * up * up * up --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump requests from 2.26.0 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.26.0 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](psf/requests@v2.26.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump cryptography from 3.4.8 to 41.0.2 Bumps [cryptography](https://github.com/pyca/cryptography) from 3.4.8 to 41.0.2. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](pyca/cryptography@3.4.8...41.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Bump certifi from 2021.5.30 to 2023.7.22 Bumps [certifi](https://github.com/certifi/python-certifi) from 2021.5.30 to 2023.7.22. - [Commits](certifi/python-certifi@2021.05.30...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]> * Updated libs to address all Critical and High severity alerts. * up * up * up * Updated libs. * fix * up * up * up * up * Pillow 10.1.0 --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

# Conflicts: # pybossa/themes/default

coveralls · 2024-01-08T18:41:22Z

Pull Request Test Coverage Report for Build 7451567865

kbecker42 and others added 4 commits January 5, 2024 11:23

pyOpenSSL==22.1.0

488f49b

Merge branch 'main' into security-updates

734c649

# Conflicts: # pybossa/themes/default

kbecker42 changed the title ~~Sync security updates.~~ Sync security updates to main. Jan 8, 2024

kbecker42 requested a review from dchhabda January 8, 2024 18:23