From e34a00111c6568601c08922a4739a0cf86a410ac Mon Sep 17 00:00:00 2001 From: edX requirements bot Date: Tue, 30 Jan 2024 10:23:36 -0500 Subject: [PATCH 1/2] chore: Updating Python Requirements --- requirements/base.txt | 20 +++++++------- requirements/ci.txt | 2 +- requirements/common_constraints.txt | 5 ---- requirements/dev.txt | 42 ++++++++++++++++++----------- requirements/doc.txt | 39 ++++++++++++++++----------- requirements/production.txt | 20 +++++++------- requirements/quality.txt | 39 ++++++++++++++++----------- requirements/test.txt | 32 +++++++++++----------- requirements/validation.txt | 42 ++++++++++++++++++----------- 9 files changed, 135 insertions(+), 106 deletions(-) diff --git a/requirements/base.txt b/requirements/base.txt index 85b73091..54e9cda1 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -19,9 +19,9 @@ attrs==23.2.0 # openedx-events bleach==6.1.0 # via lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # boto3 # s3transfer @@ -45,7 +45,7 @@ coreapi==2.3.3 # openapi-codec coreschema==0.0.4 # via coreapi -cryptography==42.0.0 +cryptography==42.0.1 # via # pyjwt # social-auth-core @@ -142,7 +142,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/base.in edx-event-bus-kafka==5.6.0 # via -r requirements/base.in @@ -198,7 +198,7 @@ lxml==5.1.0 # via # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # lti-consumer-xblock # xblock @@ -209,7 +209,7 @@ markupsafe==2.1.4 # xblock mysqlclient==2.2.1 # via -r requirements/base.in -newrelic==9.5.0 +newrelic==9.6.0 # via edx-django-utils oauthlib==3.2.2 # via @@ -261,11 +261,11 @@ python-dateutil==2.8.2 # via # botocore # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via code-annotations python3-openid==3.2.0 # via social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/base.in # django @@ -313,7 +313,7 @@ slumber==0.7.1 # via edx-rest-api-client social-auth-app-django==5.4.0 # via edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # edx-auth-backends # social-auth-app-django @@ -346,7 +346,7 @@ webencodings==0.5.1 # via bleach webob==1.8.7 # via xblock -xblock==1.9.1 +xblock==1.10.0 # via lti-consumer-xblock # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/ci.txt b/requirements/ci.txt index ebdfb1eb..b20990d5 100644 --- a/requirements/ci.txt +++ b/requirements/ci.txt @@ -24,7 +24,7 @@ platformdirs==4.1.0 # via # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via tox pyproject-api==1.6.1 # via tox diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt index 3fd8b637..d26d7918 100644 --- a/requirements/common_constraints.txt +++ b/requirements/common_constraints.txt @@ -1,9 +1,4 @@ - - - - - # A central location for most common version constraints # (across edx repos) for pip-installation. # diff --git a/requirements/dev.txt b/requirements/dev.txt index eb90071a..6fb82ee9 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -31,11 +31,11 @@ bleach==6.1.0 # via # -r requirements/validation.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/validation.txt # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/validation.txt # boto3 @@ -97,15 +97,16 @@ coreschema==0.0.4 # via # -r requirements/validation.txt # coreapi -coverage[toml]==7.4.0 +coverage[toml]==7.4.1 # via # -r requirements/validation.txt # coverage # pytest-cov -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/validation.txt # pyjwt + # secretstorage # social-auth-core ddt==1.7.1 # via -r requirements/validation.txt @@ -116,7 +117,7 @@ defusedxml==0.8.0rc2 # social-auth-core diff-cover==8.0.3 # via -r requirements/dev.in -dill==0.3.7 +dill==0.3.8 # via # -r requirements/validation.txt # pylint @@ -237,7 +238,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/validation.txt edx-event-bus-kafka==5.6.0 # via -r requirements/validation.txt @@ -270,7 +271,7 @@ exceptiongroup==1.2.0 # pytest factory-boy==3.3.0 # via -r requirements/validation.txt -faker==22.5.0 +faker==22.6.0 # via # -r requirements/validation.txt # factory-boy @@ -334,6 +335,11 @@ jaraco-classes==3.3.0 # via # -r requirements/validation.txt # keyring +jeepney==0.8.0 + # via + # -r requirements/validation.txt + # keyring + # secretstorage jinja2==3.1.3 # via # -r requirements/validation.txt @@ -365,7 +371,7 @@ lxml==5.1.0 # edx-i18n-tools # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/validation.txt # lti-consumer-xblock @@ -396,7 +402,7 @@ more-itertools==10.2.0 # jaraco-classes mysqlclient==2.2.1 # via -r requirements/validation.txt -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/validation.txt # edx-django-utils @@ -454,7 +460,7 @@ platformdirs==4.1.0 # pylint # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via # -r requirements/validation.txt # diff-cover @@ -537,14 +543,14 @@ pyproject-hooks==1.0.0 # via # -r requirements/pip-tools.txt # build -pytest==7.4.4 +pytest==8.0.0 # via # -r requirements/validation.txt # pytest-cov # pytest-django pytest-cov==4.1.0 # via -r requirements/validation.txt -pytest-django==4.7.0 +pytest-django==4.8.0 # via -r requirements/validation.txt python-dateutil==2.8.2 # via @@ -553,7 +559,7 @@ python-dateutil==2.8.2 # faker # freezegun # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/validation.txt # code-annotations @@ -561,7 +567,7 @@ python3-openid==3.2.0 # via # -r requirements/validation.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/validation.txt # django @@ -620,6 +626,10 @@ s3transfer==0.10.0 # via # -r requirements/validation.txt # boto3 +secretstorage==3.3.3 + # via + # -r requirements/validation.txt + # keyring semantic-version==2.10.0 # via # -r requirements/validation.txt @@ -653,7 +663,7 @@ social-auth-app-django==5.4.0 # via # -r requirements/validation.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/validation.txt # edx-auth-backends @@ -738,7 +748,7 @@ wheel==0.42.0 # via # -r requirements/pip-tools.txt # pip-tools -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/validation.txt # lti-consumer-xblock diff --git a/requirements/doc.txt b/requirements/doc.txt index a1b5ca08..1882f5e1 100644 --- a/requirements/doc.txt +++ b/requirements/doc.txt @@ -35,11 +35,11 @@ bleach==6.1.0 # via # -r requirements/test.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/test.txt # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/test.txt # boto3 @@ -96,15 +96,16 @@ coreschema==0.0.4 # via # -r requirements/test.txt # coreapi -coverage[toml]==7.4.0 +coverage[toml]==7.4.1 # via # -r requirements/test.txt # coverage # pytest-cov -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/test.txt # pyjwt + # secretstorage # social-auth-core ddt==1.7.1 # via -r requirements/test.txt @@ -113,7 +114,7 @@ defusedxml==0.8.0rc2 # -r requirements/test.txt # python3-openid # social-auth-core -dill==0.3.7 +dill==0.3.8 # via # -r requirements/test.txt # pylint @@ -235,7 +236,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/test.txt edx-event-bus-kafka==5.6.0 # via -r requirements/test.txt @@ -268,7 +269,7 @@ exceptiongroup==1.2.0 # pytest factory-boy==3.3.0 # via -r requirements/test.txt -faker==22.5.0 +faker==22.6.0 # via # -r requirements/test.txt # factory-boy @@ -329,6 +330,10 @@ itypes==1.2.0 # coreapi jaraco-classes==3.3.0 # via keyring +jeepney==0.8.0 + # via + # keyring + # secretstorage jinja2==3.1.3 # via # -r requirements/test.txt @@ -357,7 +362,7 @@ lxml==5.1.0 # -r requirements/test.txt # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/test.txt # lti-consumer-xblock @@ -382,7 +387,7 @@ more-itertools==10.2.0 # via jaraco-classes mysqlclient==2.2.1 # via -r requirements/test.txt -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/test.txt # edx-django-utils @@ -432,7 +437,7 @@ platformdirs==4.1.0 # pylint # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via # -r requirements/test.txt # pytest @@ -506,14 +511,14 @@ pyproject-api==1.6.1 # tox pyproject-hooks==1.0.0 # via build -pytest==7.4.4 +pytest==8.0.0 # via # -r requirements/test.txt # pytest-cov # pytest-django pytest-cov==4.1.0 # via -r requirements/test.txt -pytest-django==4.7.0 +pytest-django==4.8.0 # via -r requirements/test.txt python-dateutil==2.8.2 # via @@ -522,7 +527,7 @@ python-dateutil==2.8.2 # faker # freezegun # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/test.txt # code-annotations @@ -530,7 +535,7 @@ python3-openid==3.2.0 # via # -r requirements/test.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/test.txt # babel @@ -584,6 +589,8 @@ s3transfer==0.10.0 # via # -r requirements/test.txt # boto3 +secretstorage==3.3.3 + # via keyring semantic-version==2.10.0 # via # -r requirements/test.txt @@ -616,7 +623,7 @@ social-auth-app-django==5.4.0 # via # -r requirements/test.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/test.txt # edx-auth-backends @@ -712,7 +719,7 @@ webob==1.8.7 # via # -r requirements/test.txt # xblock -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/test.txt # lti-consumer-xblock diff --git a/requirements/production.txt b/requirements/production.txt index 5ebc11ac..1ed1abf6 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -26,12 +26,12 @@ bleach==6.1.0 # via # -r requirements/base.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/base.txt # django-ses # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/base.txt # boto3 @@ -67,7 +67,7 @@ coreschema==0.0.4 # via # -r requirements/base.txt # coreapi -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/base.txt # pyjwt @@ -183,7 +183,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/base.txt edx-event-bus-kafka==5.6.0 # via -r requirements/base.txt @@ -267,7 +267,7 @@ lxml==5.1.0 # -r requirements/base.txt # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/base.txt # lti-consumer-xblock @@ -282,7 +282,7 @@ mysqlclient==2.2.1 # via # -r requirements/base.txt # -r requirements/production.in -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/base.txt # edx-django-utils @@ -362,7 +362,7 @@ python-dateutil==2.8.2 # xblock python-memcached==1.62 # via -r requirements/production.in -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/base.txt # code-annotations @@ -370,7 +370,7 @@ python3-openid==3.2.0 # via # -r requirements/base.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/base.txt # django @@ -436,7 +436,7 @@ social-auth-app-django==5.4.0 # via # -r requirements/base.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/base.txt # edx-auth-backends @@ -486,7 +486,7 @@ webob==1.8.7 # via # -r requirements/base.txt # xblock -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/base.txt # lti-consumer-xblock diff --git a/requirements/quality.txt b/requirements/quality.txt index 2dce8e81..a30d9a19 100644 --- a/requirements/quality.txt +++ b/requirements/quality.txt @@ -31,11 +31,11 @@ bleach==6.1.0 # via # -r requirements/test.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/test.txt # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/test.txt # boto3 @@ -90,15 +90,16 @@ coreschema==0.0.4 # via # -r requirements/test.txt # coreapi -coverage[toml]==7.4.0 +coverage[toml]==7.4.1 # via # -r requirements/test.txt # coverage # pytest-cov -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/test.txt # pyjwt + # secretstorage # social-auth-core ddt==1.7.1 # via -r requirements/test.txt @@ -107,7 +108,7 @@ defusedxml==0.8.0rc2 # -r requirements/test.txt # python3-openid # social-auth-core -dill==0.3.7 +dill==0.3.8 # via # -r requirements/test.txt # pylint @@ -223,7 +224,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/test.txt edx-event-bus-kafka==5.6.0 # via -r requirements/test.txt @@ -256,7 +257,7 @@ exceptiongroup==1.2.0 # pytest factory-boy==3.3.0 # via -r requirements/test.txt -faker==22.5.0 +faker==22.6.0 # via # -r requirements/test.txt # factory-boy @@ -314,6 +315,10 @@ itypes==1.2.0 # coreapi jaraco-classes==3.3.0 # via keyring +jeepney==0.8.0 + # via + # keyring + # secretstorage jinja2==3.1.3 # via # -r requirements/test.txt @@ -341,7 +346,7 @@ lxml==5.1.0 # -r requirements/test.txt # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/test.txt # lti-consumer-xblock @@ -366,7 +371,7 @@ more-itertools==10.2.0 # via jaraco-classes mysqlclient==2.2.1 # via -r requirements/test.txt -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/test.txt # edx-django-utils @@ -414,7 +419,7 @@ platformdirs==4.1.0 # pylint # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via # -r requirements/test.txt # pytest @@ -488,14 +493,14 @@ pyproject-api==1.6.1 # via # -r requirements/test.txt # tox -pytest==7.4.4 +pytest==8.0.0 # via # -r requirements/test.txt # pytest-cov # pytest-django pytest-cov==4.1.0 # via -r requirements/test.txt -pytest-django==4.7.0 +pytest-django==4.8.0 # via -r requirements/test.txt python-dateutil==2.8.2 # via @@ -504,7 +509,7 @@ python-dateutil==2.8.2 # faker # freezegun # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/test.txt # code-annotations @@ -512,7 +517,7 @@ python3-openid==3.2.0 # via # -r requirements/test.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/test.txt # django @@ -562,6 +567,8 @@ s3transfer==0.10.0 # via # -r requirements/test.txt # boto3 +secretstorage==3.3.3 + # via keyring semantic-version==2.10.0 # via # -r requirements/test.txt @@ -593,7 +600,7 @@ social-auth-app-django==5.4.0 # via # -r requirements/test.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/test.txt # edx-auth-backends @@ -669,7 +676,7 @@ webob==1.8.7 # via # -r requirements/test.txt # xblock -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/test.txt # lti-consumer-xblock diff --git a/requirements/test.txt b/requirements/test.txt index 87247d45..1c177678 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -30,11 +30,11 @@ bleach==6.1.0 # via # -r requirements/base.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/base.txt # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/base.txt # boto3 @@ -82,11 +82,11 @@ coreschema==0.0.4 # via # -r requirements/base.txt # coreapi -coverage[toml]==7.4.0 +coverage[toml]==7.4.1 # via # -r requirements/test.in # pytest-cov -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/base.txt # pyjwt @@ -98,7 +98,7 @@ defusedxml==0.8.0rc2 # -r requirements/base.txt # python3-openid # social-auth-core -dill==0.3.7 +dill==0.3.8 # via pylint distlib==0.3.8 # via virtualenv @@ -207,7 +207,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via -r requirements/base.txt edx-event-bus-kafka==5.6.0 # via -r requirements/base.txt @@ -236,7 +236,7 @@ exceptiongroup==1.2.0 # via pytest factory-boy==3.3.0 # via -r requirements/test.in -faker==22.5.0 +faker==22.6.0 # via factory-boy fastavro==1.9.3 # via @@ -303,7 +303,7 @@ lxml==5.1.0 # -r requirements/base.txt # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/base.txt # lti-consumer-xblock @@ -320,7 +320,7 @@ mock==5.1.0 # via -r requirements/test.in mysqlclient==2.2.1 # via -r requirements/base.txt -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/base.txt # edx-django-utils @@ -363,7 +363,7 @@ platformdirs==4.1.0 # pylint # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via # pytest # tox @@ -420,13 +420,13 @@ pynacl==1.5.0 # edx-django-utils pyproject-api==1.6.1 # via tox -pytest==7.4.4 +pytest==8.0.0 # via # pytest-cov # pytest-django pytest-cov==4.1.0 # via -r requirements/test.in -pytest-django==4.7.0 +pytest-django==4.8.0 # via -r requirements/test.in python-dateutil==2.8.2 # via @@ -435,7 +435,7 @@ python-dateutil==2.8.2 # faker # freezegun # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/base.txt # code-annotations @@ -443,7 +443,7 @@ python3-openid==3.2.0 # via # -r requirements/base.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/base.txt # django @@ -512,7 +512,7 @@ social-auth-app-django==5.4.0 # via # -r requirements/base.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/base.txt # edx-auth-backends @@ -579,7 +579,7 @@ webob==1.8.7 # via # -r requirements/base.txt # xblock -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/base.txt # lti-consumer-xblock diff --git a/requirements/validation.txt b/requirements/validation.txt index 8f873392..cea56143 100644 --- a/requirements/validation.txt +++ b/requirements/validation.txt @@ -37,12 +37,12 @@ bleach==6.1.0 # -r requirements/quality.txt # -r requirements/test.txt # lti-consumer-xblock -boto3==1.34.25 +boto3==1.34.30 # via # -r requirements/quality.txt # -r requirements/test.txt # fs-s3fs -botocore==1.34.25 +botocore==1.34.30 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -109,17 +109,18 @@ coreschema==0.0.4 # -r requirements/quality.txt # -r requirements/test.txt # coreapi -coverage[toml]==7.4.0 +coverage[toml]==7.4.1 # via # -r requirements/quality.txt # -r requirements/test.txt # coverage # pytest-cov -cryptography==42.0.0 +cryptography==42.0.1 # via # -r requirements/quality.txt # -r requirements/test.txt # pyjwt + # secretstorage # social-auth-core ddt==1.7.1 # via @@ -131,7 +132,7 @@ defusedxml==0.8.0rc2 # -r requirements/test.txt # python3-openid # social-auth-core -dill==0.3.7 +dill==0.3.8 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -280,7 +281,7 @@ edx-django-utils==5.10.1 # edx-event-bus-redis # edx-rest-api-client # edx-toggles -edx-drf-extensions==9.1.2 +edx-drf-extensions==10.1.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -328,7 +329,7 @@ factory-boy==3.3.0 # via # -r requirements/quality.txt # -r requirements/test.txt -faker==22.5.0 +faker==22.6.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -403,6 +404,11 @@ jaraco-classes==3.3.0 # via # -r requirements/quality.txt # keyring +jeepney==0.8.0 + # via + # -r requirements/quality.txt + # keyring + # secretstorage jinja2==3.1.3 # via # -r requirements/quality.txt @@ -439,7 +445,7 @@ lxml==5.1.0 # -r requirements/test.txt # lti-consumer-xblock # xblock -mako==1.3.1 +mako==1.3.2 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -477,7 +483,7 @@ mysqlclient==2.2.1 # via # -r requirements/quality.txt # -r requirements/test.txt -newrelic==9.5.0 +newrelic==9.6.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -538,7 +544,7 @@ platformdirs==4.1.0 # pylint # tox # virtualenv -pluggy==1.3.0 +pluggy==1.4.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -628,7 +634,7 @@ pyproject-api==1.6.1 # -r requirements/quality.txt # -r requirements/test.txt # tox -pytest==7.4.4 +pytest==8.0.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -638,7 +644,7 @@ pytest-cov==4.1.0 # via # -r requirements/quality.txt # -r requirements/test.txt -pytest-django==4.7.0 +pytest-django==4.8.0 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -650,7 +656,7 @@ python-dateutil==2.8.2 # faker # freezegun # xblock -python-slugify==8.0.1 +python-slugify==8.0.2 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -660,7 +666,7 @@ python3-openid==3.2.0 # -r requirements/quality.txt # -r requirements/test.txt # social-auth-core -pytz==2023.3.post1 +pytz==2023.4 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -726,6 +732,10 @@ s3transfer==0.10.0 # -r requirements/quality.txt # -r requirements/test.txt # boto3 +secretstorage==3.3.3 + # via + # -r requirements/quality.txt + # keyring semantic-version==2.10.0 # via # -r requirements/quality.txt @@ -764,7 +774,7 @@ social-auth-app-django==5.4.0 # -r requirements/quality.txt # -r requirements/test.txt # edx-auth-backends -social-auth-core==4.5.1 +social-auth-core==4.5.2 # via # -r requirements/quality.txt # -r requirements/test.txt @@ -856,7 +866,7 @@ webob==1.8.7 # -r requirements/quality.txt # -r requirements/test.txt # xblock -xblock==1.9.1 +xblock==1.10.0 # via # -r requirements/quality.txt # -r requirements/test.txt From 49f6467815571dce979cede38b7a58554b81ff80 Mon Sep 17 00:00:00 2001 From: michaelroytman Date: Wed, 31 Jan 2024 08:20:21 -0500 Subject: [PATCH 2/2] fix: remove references to edx-drf-extensions USE-JWT-COOKIE constant This commit removes references to the edx-drf-extensions USE-JWT-COOKIE constant. This constant was removed in version 10.0.0 of the edx-drf-extensions library. This constant is no longer necessary, because JWT authentication will now be attempted on all requests. This removes the need to set this constant explicitly inthe presence of a JWT cookie. This also removes the need to force an early return for lti endpoints, because edx-drf-extensions will fallback to other forms of authentication in the event that JWT authentication fails. Please see the associated DEPR issue in the edx-drf-extensions library for more information: https://github.com/openedx/edx-drf-extensions/issues/371. --- edx_exams/apps/core/middleware.py | 23 ----------------------- edx_exams/settings/base.py | 2 -- 2 files changed, 25 deletions(-) delete mode 100644 edx_exams/apps/core/middleware.py diff --git a/edx_exams/apps/core/middleware.py b/edx_exams/apps/core/middleware.py deleted file mode 100644 index 55bc05a4..00000000 --- a/edx_exams/apps/core/middleware.py +++ /dev/null @@ -1,23 +0,0 @@ -""" -Middleware that checks if in incoming request has a browser jwt cookie -and enables JWT auth for that request. - -This is a temporary workaround that allows easier testing of browser endpoints in -absence of a frontend UI. Normally a frontend application must explicity request -the JWT token to be used for auth by setting USE_JWT_COOKIE_HEADER. -""" -from django.utils.deprecation import MiddlewareMixin -from edx_rest_framework_extensions.auth.jwt.constants import USE_JWT_COOKIE_HEADER -from edx_rest_framework_extensions.auth.jwt.cookies import jwt_cookie_header_payload_name - - -class ForceJWTAuthMiddleware(MiddlewareMixin): # pragma: no cover - """ Middleware to automically enable JWT auth for browser requests """ - def process_request(self, request): # pylint: disable=missing-function-docstring - # prevent lti callback endpoints from reading jwt, we want to ensure - # the session token generated for these is used instead - if request.path.startswith('/lti/lti_consumer'): - return - - if request.COOKIES.get(jwt_cookie_header_payload_name(), None): - request.META[USE_JWT_COOKIE_HEADER] = 'true' diff --git a/edx_exams/settings/base.py b/edx_exams/settings/base.py index e11a883c..d6e09523 100644 --- a/edx_exams/settings/base.py +++ b/edx_exams/settings/base.py @@ -64,8 +64,6 @@ def root(*path_fragments): 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'django.middleware.common.CommonMiddleware', - # Forces JWT auth if edx JWT cookie exists - 'edx_exams.apps.core.middleware.ForceJWTAuthMiddleware', 'edx_rest_framework_extensions.auth.jwt.middleware.JwtAuthCookieMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware',