From d91b13494664d40fcd8cba2cdb31e2807c1dea55 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 10 Jul 2024 22:20:28 +0000 Subject: [PATCH 1/3] Bump django from 4.2.13 to 4.2.14 in /requirements Bumps [django](https://github.com/django/django) from 4.2.13 to 4.2.14. - [Commits](https://github.com/django/django/compare/4.2.13...4.2.14) --- updated-dependencies: - dependency-name: django dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements/dev-requirements.txt | 78 +++++++++++++++---------------- requirements/requirements.txt | 64 ++++++++++++------------- 2 files changed, 71 insertions(+), 71 deletions(-) diff --git a/requirements/dev-requirements.txt b/requirements/dev-requirements.txt index a4182023..a0ceb131 100644 --- a/requirements/dev-requirements.txt +++ b/requirements/dev-requirements.txt @@ -8,7 +8,7 @@ alabaster==0.7.13 # via sphinx asgiref==3.7.2 # via - # -c requirements/requirements.txt + # -c requirements.txt # django asttokens==2.4.1 # via stack-data @@ -18,19 +18,19 @@ backcall==0.2.0 # via ipython backports-zoneinfo==0.2.1 # via - # -c requirements/requirements.txt + # -c requirements.txt # django certifi==2023.11.17 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # requests cfgv==3.4.0 # via pre-commit charset-normalizer==3.3.2 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # requests colorama==0.4.6 # via sphinx-autobuild @@ -40,16 +40,16 @@ decorator==5.1.1 # ipython distlib==0.3.8 # via virtualenv -django==4.2.13 +django==4.2.14 # via - # -c requirements/requirements.txt + # -c requirements.txt # django-debug-toolbar # django-stubs # django-stubs-ext django-debug-toolbar==4.4.5 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in django-stubs==4.2.7 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in django-stubs-ext==4.2.7 # via django-stubs docutils==0.20.1 @@ -62,17 +62,17 @@ identify==2.5.34 # via pre-commit idna==3.7 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # requests imagesize==1.4.1 # via sphinx importlib-metadata==7.0.0 # via - # -c requirements/requirements.txt + # -c requirements.txt # sphinx ipdb==0.13.13 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in ipython==8.12.3 # via ipdb jedi==0.19.1 @@ -88,15 +88,15 @@ markupsafe==2.1.5 matplotlib-inline==0.1.6 # via ipython mypy==1.10.1 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in mypy-extensions==1.0.0 # via mypy nodeenv==1.8.0 # via pre-commit packaging==21.3 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # sphinx parso==0.8.3 # via jedi @@ -107,7 +107,7 @@ pickleshare==0.7.5 platformdirs==4.1.0 # via virtualenv pre-commit==3.5.0 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in prompt-toolkit==3.0.43 # via ipython ptyprocess==0.7.0 @@ -120,38 +120,38 @@ pygments==2.17.2 # sphinx pyparsing==3.1.1 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # packaging pytz==2023.3.post1 # via - # -c requirements/requirements.txt + # -c requirements.txt # babel pyyaml==6.0.1 # via - # -c requirements/test-requirements.txt + # -c test-requirements.txt # pre-commit requests==2.32.3 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # sphinx ruff==0.5.1 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in six==1.16.0 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # asttokens # livereload snowballstemmer==2.2.0 # via sphinx sphinx==7.1.2 # via - # -r requirements/dev-requirements.in + # -r dev-requirements.in # sphinx-autobuild sphinx-autobuild==2021.3.14 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in sphinxcontrib-applehelp==1.0.4 # via sphinx sphinxcontrib-devhelp==1.0.2 @@ -166,15 +166,15 @@ sphinxcontrib-serializinghtml==1.1.5 # via sphinx sqlparse==0.5.0 # via - # -c requirements/requirements.txt + # -c requirements.txt # django # django-debug-toolbar stack-data==0.6.3 # via ipython tomli==2.0.1 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # django-stubs # ipdb # mypy @@ -189,11 +189,11 @@ types-pytz==2024.1.0.20240203 types-pyyaml==6.0.12.12 # via django-stubs types-requests==2.32.0.20240622 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in typing-extensions==4.8.0 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # asgiref # django-stubs # django-stubs-ext @@ -201,8 +201,8 @@ typing-extensions==4.8.0 # mypy urllib3==2.2.2 # via - # -c requirements/requirements.txt - # -c requirements/test-requirements.txt + # -c requirements.txt + # -c test-requirements.txt # requests # types-requests virtualenv==20.25.1 @@ -210,10 +210,10 @@ virtualenv==20.25.1 wcwidth==0.2.13 # via prompt-toolkit werkzeug==3.0.3 - # via -r requirements/dev-requirements.in + # via -r dev-requirements.in zipp==3.17.0 # via - # -c requirements/requirements.txt + # -c requirements.txt # importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 028705a0..710ab3d1 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -5,7 +5,7 @@ # pip-compile requirements/requirements.in # argon2-cffi==23.1.0 - # via -r requirements/requirements.in + # via -r requirements.in argon2-cffi-bindings==21.2.0 # via argon2-cffi asgiref==3.7.2 @@ -24,7 +24,7 @@ cachetools==5.3.2 # via google-auth certifi==2023.11.17 # via - # -r requirements/requirements.in + # -r requirements.in # requests cffi==1.16.0 # via @@ -38,15 +38,15 @@ click==8.1.3 # via pip-tools crispy-bootstrap5==2024.2 # via - # -r requirements/requirements.in + # -r requirements.in # django-anvil-consortium-manager cryptography==42.0.5 # via pyjwt defusedxml==0.7.1 # via python3-openid -django==4.2.13 +django==4.2.14 # via - # -r requirements/requirements.in + # -r requirements.in # crispy-bootstrap5 # django-allauth # django-anvil-consortium-manager @@ -61,48 +61,48 @@ django==4.2.13 # django-simple-history # django-tables2 django-allauth==0.54.0 - # via -r requirements/requirements.in + # via -r requirements.in django-anvil-consortium-manager @ git+https://github.com/UW-GAC/django-anvil-consortium-manager.git@v0.24 - # via -r requirements/requirements.in + # via -r requirements.in django-autocomplete-light==3.11.0 # via django-anvil-consortium-manager django-constance==3.1.0 - # via -r requirements/requirements.in + # via -r requirements.in django-crispy-forms==2.2 # via - # -r requirements/requirements.in + # -r requirements.in # crispy-bootstrap5 # django-anvil-consortium-manager django-dbbackup==4.1.0 - # via -r requirements/requirements.in + # via -r requirements.in django-environ==0.10.0 - # via -r requirements/requirements.in + # via -r requirements.in django-extensions==3.2.3 # via - # -r requirements/requirements.in + # -r requirements.in # django-anvil-consortium-manager django-filter==23.5 # via django-anvil-consortium-manager django-htmx==1.18.0 - # via -r requirements/requirements.in + # via -r requirements.in django-login-required-middleware==0.9.0 - # via -r requirements/requirements.in + # via -r requirements.in django-maintenance-mode==0.21.1 - # via -r requirements/requirements.in + # via -r requirements.in django-model-utils==4.5.1 - # via -r requirements/requirements.in + # via -r requirements.in django-picklefield==3.2 # via - # -r requirements/requirements.in + # -r requirements.in # django-constance django-simple-history==3.7.0 # via - # -r requirements/requirements.in + # -r requirements.in # django-anvil-consortium-manager django-tables2==2.7.0 # via django-anvil-consortium-manager django-tree-queries==0.19.0 - # via -r requirements/requirements.in + # via -r requirements.in fastobo==0.12.3 # via pronto fontawesomefree==6.5.1 @@ -111,7 +111,7 @@ google-auth==2.28.1 # via django-anvil-consortium-manager idna==3.7 # via - # -r requirements/requirements.in + # -r requirements.in # requests importlib-metadata==7.0.0 # via build @@ -120,13 +120,13 @@ importlib-resources==6.1.1 # jsonschema # jsonschema-specifications jsonapi-requests==0.7.0 - # via -r requirements/requirements.in + # via -r requirements.in jsonschema==4.22.0 - # via -r requirements/requirements.in + # via -r requirements.in jsonschema-specifications==2023.12.1 # via jsonschema mysqlclient==2.2.4 - # via -r requirements/requirements.in + # via -r requirements.in networkx==3.1 # via # django-anvil-consortium-manager @@ -137,22 +137,22 @@ numpy==1.24.4 # pandas oauthlib==3.2.2 # via - # -r requirements/requirements.in + # -r requirements.in # requests-oauthlib packaging==21.3 # via # build # plotly pandas==2.0.3 - # via -r requirements/requirements.in + # via -r requirements.in pip-tools==7.4.1 - # via -r requirements/requirements.in + # via -r requirements.in pkgutil-resolve-name==1.3.10 # via jsonschema plotly==5.19.0 # via django-anvil-consortium-manager pronto==2.5.7 - # via -r requirements/requirements.in + # via -r requirements.in pyasn1==0.5.1 # via # pyasn1-modules @@ -188,7 +188,7 @@ referencing==0.33.0 # jsonschema-specifications requests==2.32.3 # via - # -r requirements/requirements.in + # -r requirements.in # django-allauth # django-anvil-consortium-manager # jsonapi-requests @@ -205,10 +205,10 @@ six==1.16.0 # via python-dateutil sqlparse==0.5.0 # via - # -r requirements/requirements.in + # -r requirements.in # django tablib==3.6.1 - # via -r requirements/requirements.in + # via -r requirements.in tenacity==8.2.3 # via # jsonapi-requests @@ -224,12 +224,12 @@ tzdata==2023.4 # via pandas urllib3==2.2.2 # via - # -r requirements/requirements.in + # -r requirements.in # requests wheel==0.42.0 # via pip-tools whitenoise==6.7.0 - # via -r requirements/requirements.in + # via -r requirements.in zipp==3.17.0 # via # importlib-metadata From 461d8e753208f8ecb6314ab97f803acdb3359e64 Mon Sep 17 00:00:00 2001 From: Adrienne Stilp Date: Wed, 10 Jul 2024 17:06:41 -0700 Subject: [PATCH 2/3] Allow pip-compile job to open pull requests --- .github/workflows/pip-compile.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/pip-compile.yml b/.github/workflows/pip-compile.yml index 131df4ff..7391197f 100644 --- a/.github/workflows/pip-compile.yml +++ b/.github/workflows/pip-compile.yml @@ -6,6 +6,8 @@ on: jobs: update-requirements-files: + permissions: + pull-requests: write runs-on: ubuntu-latest steps: From 52713e90a9636e4d1b7bbffa6b358cab6eb9a30f Mon Sep 17 00:00:00 2001 From: Adrienne Stilp Date: Wed, 10 Jul 2024 17:22:21 -0700 Subject: [PATCH 3/3] Add requirements/ prefix back to requirements.txt files Note: to do this in the future, you can find and raplce (\w*?-)?requirements\. with requirements/$1requirements. note the space at the beginning. This is because dependabot security updates remove the path prefix when running pip-compile, which causes the pip-compile check to fail. See issue: https://github.com/dependabot/dependabot-core/issues/9490 --- requirements/dev-requirements.txt | 76 +++++++++++++++---------------- requirements/requirements.txt | 62 ++++++++++++------------- 2 files changed, 69 insertions(+), 69 deletions(-) diff --git a/requirements/dev-requirements.txt b/requirements/dev-requirements.txt index a0ceb131..b0bf891b 100644 --- a/requirements/dev-requirements.txt +++ b/requirements/dev-requirements.txt @@ -8,7 +8,7 @@ alabaster==0.7.13 # via sphinx asgiref==3.7.2 # via - # -c requirements.txt + # -c requirements/requirements.txt # django asttokens==2.4.1 # via stack-data @@ -18,19 +18,19 @@ backcall==0.2.0 # via ipython backports-zoneinfo==0.2.1 # via - # -c requirements.txt + # -c requirements/requirements.txt # django certifi==2023.11.17 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # requests cfgv==3.4.0 # via pre-commit charset-normalizer==3.3.2 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # requests colorama==0.4.6 # via sphinx-autobuild @@ -42,14 +42,14 @@ distlib==0.3.8 # via virtualenv django==4.2.14 # via - # -c requirements.txt + # -c requirements/requirements.txt # django-debug-toolbar # django-stubs # django-stubs-ext django-debug-toolbar==4.4.5 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in django-stubs==4.2.7 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in django-stubs-ext==4.2.7 # via django-stubs docutils==0.20.1 @@ -62,17 +62,17 @@ identify==2.5.34 # via pre-commit idna==3.7 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # requests imagesize==1.4.1 # via sphinx importlib-metadata==7.0.0 # via - # -c requirements.txt + # -c requirements/requirements.txt # sphinx ipdb==0.13.13 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in ipython==8.12.3 # via ipdb jedi==0.19.1 @@ -88,15 +88,15 @@ markupsafe==2.1.5 matplotlib-inline==0.1.6 # via ipython mypy==1.10.1 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in mypy-extensions==1.0.0 # via mypy nodeenv==1.8.0 # via pre-commit packaging==21.3 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # sphinx parso==0.8.3 # via jedi @@ -107,7 +107,7 @@ pickleshare==0.7.5 platformdirs==4.1.0 # via virtualenv pre-commit==3.5.0 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in prompt-toolkit==3.0.43 # via ipython ptyprocess==0.7.0 @@ -120,38 +120,38 @@ pygments==2.17.2 # sphinx pyparsing==3.1.1 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # packaging pytz==2023.3.post1 # via - # -c requirements.txt + # -c requirements/requirements.txt # babel pyyaml==6.0.1 # via - # -c test-requirements.txt + # -c requirements/test-requirements.txt # pre-commit requests==2.32.3 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # sphinx ruff==0.5.1 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in six==1.16.0 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # asttokens # livereload snowballstemmer==2.2.0 # via sphinx sphinx==7.1.2 # via - # -r dev-requirements.in + # -r requirements/dev-requirements.in # sphinx-autobuild sphinx-autobuild==2021.3.14 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in sphinxcontrib-applehelp==1.0.4 # via sphinx sphinxcontrib-devhelp==1.0.2 @@ -166,15 +166,15 @@ sphinxcontrib-serializinghtml==1.1.5 # via sphinx sqlparse==0.5.0 # via - # -c requirements.txt + # -c requirements/requirements.txt # django # django-debug-toolbar stack-data==0.6.3 # via ipython tomli==2.0.1 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # django-stubs # ipdb # mypy @@ -189,11 +189,11 @@ types-pytz==2024.1.0.20240203 types-pyyaml==6.0.12.12 # via django-stubs types-requests==2.32.0.20240622 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in typing-extensions==4.8.0 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # asgiref # django-stubs # django-stubs-ext @@ -201,8 +201,8 @@ typing-extensions==4.8.0 # mypy urllib3==2.2.2 # via - # -c requirements.txt - # -c test-requirements.txt + # -c requirements/requirements.txt + # -c requirements/test-requirements.txt # requests # types-requests virtualenv==20.25.1 @@ -210,10 +210,10 @@ virtualenv==20.25.1 wcwidth==0.2.13 # via prompt-toolkit werkzeug==3.0.3 - # via -r dev-requirements.in + # via -r requirements/dev-requirements.in zipp==3.17.0 # via - # -c requirements.txt + # -c requirements/requirements.txt # importlib-metadata # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/requirements.txt b/requirements/requirements.txt index 710ab3d1..51f09ee6 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -5,7 +5,7 @@ # pip-compile requirements/requirements.in # argon2-cffi==23.1.0 - # via -r requirements.in + # via -r requirements/requirements.in argon2-cffi-bindings==21.2.0 # via argon2-cffi asgiref==3.7.2 @@ -24,7 +24,7 @@ cachetools==5.3.2 # via google-auth certifi==2023.11.17 # via - # -r requirements.in + # -r requirements/requirements.in # requests cffi==1.16.0 # via @@ -38,7 +38,7 @@ click==8.1.3 # via pip-tools crispy-bootstrap5==2024.2 # via - # -r requirements.in + # -r requirements/requirements.in # django-anvil-consortium-manager cryptography==42.0.5 # via pyjwt @@ -46,7 +46,7 @@ defusedxml==0.7.1 # via python3-openid django==4.2.14 # via - # -r requirements.in + # -r requirements/requirements.in # crispy-bootstrap5 # django-allauth # django-anvil-consortium-manager @@ -61,48 +61,48 @@ django==4.2.14 # django-simple-history # django-tables2 django-allauth==0.54.0 - # via -r requirements.in + # via -r requirements/requirements.in django-anvil-consortium-manager @ git+https://github.com/UW-GAC/django-anvil-consortium-manager.git@v0.24 - # via -r requirements.in + # via -r requirements/requirements.in django-autocomplete-light==3.11.0 # via django-anvil-consortium-manager django-constance==3.1.0 - # via -r requirements.in + # via -r requirements/requirements.in django-crispy-forms==2.2 # via - # -r requirements.in + # -r requirements/requirements.in # crispy-bootstrap5 # django-anvil-consortium-manager django-dbbackup==4.1.0 - # via -r requirements.in + # via -r requirements/requirements.in django-environ==0.10.0 - # via -r requirements.in + # via -r requirements/requirements.in django-extensions==3.2.3 # via - # -r requirements.in + # -r requirements/requirements.in # django-anvil-consortium-manager django-filter==23.5 # via django-anvil-consortium-manager django-htmx==1.18.0 - # via -r requirements.in + # via -r requirements/requirements.in django-login-required-middleware==0.9.0 - # via -r requirements.in + # via -r requirements/requirements.in django-maintenance-mode==0.21.1 - # via -r requirements.in + # via -r requirements/requirements.in django-model-utils==4.5.1 - # via -r requirements.in + # via -r requirements/requirements.in django-picklefield==3.2 # via - # -r requirements.in + # -r requirements/requirements.in # django-constance django-simple-history==3.7.0 # via - # -r requirements.in + # -r requirements/requirements.in # django-anvil-consortium-manager django-tables2==2.7.0 # via django-anvil-consortium-manager django-tree-queries==0.19.0 - # via -r requirements.in + # via -r requirements/requirements.in fastobo==0.12.3 # via pronto fontawesomefree==6.5.1 @@ -111,7 +111,7 @@ google-auth==2.28.1 # via django-anvil-consortium-manager idna==3.7 # via - # -r requirements.in + # -r requirements/requirements.in # requests importlib-metadata==7.0.0 # via build @@ -120,13 +120,13 @@ importlib-resources==6.1.1 # jsonschema # jsonschema-specifications jsonapi-requests==0.7.0 - # via -r requirements.in + # via -r requirements/requirements.in jsonschema==4.22.0 - # via -r requirements.in + # via -r requirements/requirements.in jsonschema-specifications==2023.12.1 # via jsonschema mysqlclient==2.2.4 - # via -r requirements.in + # via -r requirements/requirements.in networkx==3.1 # via # django-anvil-consortium-manager @@ -137,22 +137,22 @@ numpy==1.24.4 # pandas oauthlib==3.2.2 # via - # -r requirements.in + # -r requirements/requirements.in # requests-oauthlib packaging==21.3 # via # build # plotly pandas==2.0.3 - # via -r requirements.in + # via -r requirements/requirements.in pip-tools==7.4.1 - # via -r requirements.in + # via -r requirements/requirements.in pkgutil-resolve-name==1.3.10 # via jsonschema plotly==5.19.0 # via django-anvil-consortium-manager pronto==2.5.7 - # via -r requirements.in + # via -r requirements/requirements.in pyasn1==0.5.1 # via # pyasn1-modules @@ -188,7 +188,7 @@ referencing==0.33.0 # jsonschema-specifications requests==2.32.3 # via - # -r requirements.in + # -r requirements/requirements.in # django-allauth # django-anvil-consortium-manager # jsonapi-requests @@ -205,10 +205,10 @@ six==1.16.0 # via python-dateutil sqlparse==0.5.0 # via - # -r requirements.in + # -r requirements/requirements.in # django tablib==3.6.1 - # via -r requirements.in + # via -r requirements/requirements.in tenacity==8.2.3 # via # jsonapi-requests @@ -224,12 +224,12 @@ tzdata==2023.4 # via pandas urllib3==2.2.2 # via - # -r requirements.in + # -r requirements/requirements.in # requests wheel==0.42.0 # via pip-tools whitenoise==6.7.0 - # via -r requirements.in + # via -r requirements/requirements.in zipp==3.17.0 # via # importlib-metadata