diff --git a/Makefile b/Makefile index 4bd94ada..e75699ec 100644 --- a/Makefile +++ b/Makefile @@ -48,13 +48,13 @@ dev: virtualenv uv sync --frozen --extra dev outdated: - @echo "-> Audit the project's dependencies for known vulnerabilities" - uv audit @echo "-> Check for outdated packages (with 7 days cooldown)" uv pip list --outdated \ --no-config \ --index-url https://pypi.org/simple \ --exclude-newer "7 days" + @echo "-> Audit the project's dependencies for known vulnerabilities" + uv audit upgrade: @if [ -z "$(PACKAGE)" ]; then \ diff --git a/pyproject.toml b/pyproject.toml index 5d6109fa..c303e570 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -31,12 +31,12 @@ classifiers = [ ] dependencies = [ # Base configuration tools - "setuptools==82.0.0", + "setuptools==82.0.1", "wheel==0.47.0", "packaging==26.2", - "pip==26.1", + "pip==26.1.2", # Django - "Django==6.0.4", + "django==6.0.5", "asgiref==3.11.1", "typing_extensions==4.15.0", "sqlparse==0.5.5", @@ -75,24 +75,24 @@ dependencies = [ # Testing "model_bakery==1.23.3", # Task queue - "rq==2.8.0", + "rq==2.9.0", "croniter==6.2.2", "django-rq==3.2.2", "fakeredis==2.35.1", # Libs - "certifi==2026.4.22", - "urllib3==2.6.3", + "certifi==2026.5.20", + "urllib3==2.7.0", "python-dateutil==2.9.0.post0", "python-mimeparse==2.0.0", - "PyJWT==2.12.1", + "pyjwt==2.13.0", "natsort==8.4.0", "six==1.17.0", - "requests==2.33.0", - "idna==3.11", + "requests==2.34.2", + "idna==3.18", "charset-normalizer==3.4.7", "PyYAML==6.0.3", "cython==3.2.4", - "zipp==3.23.0", + "zipp==4.1.0", "XlsxWriter==3.2.9", # Markdown "markdown==3.10.2", @@ -130,7 +130,7 @@ dependencies = [ # PackageURL "packageurl-python==0.17.6", # Gunicorn - "gunicorn==25.3.0", + "gunicorn==26.0.0", # SPDX validation "jsonschema==4.26.0", "jsonschema-specifications==2025.9.1", @@ -142,7 +142,7 @@ dependencies = [ "sortedcontainers==2.4.0", "py-serializable==2.1.0", # Git - "gitpython==3.1.49", + "gitpython==3.1.50", "gitdb==4.0.12", "smmap==5.0.3", # CSAF diff --git a/thirdparty/dist/certifi-2026.5.20-py3-none-any.whl b/thirdparty/dist/certifi-2026.5.20-py3-none-any.whl new file mode 100644 index 00000000..a2e0e89c Binary files /dev/null and b/thirdparty/dist/certifi-2026.5.20-py3-none-any.whl differ diff --git a/thirdparty/dist/django-6.0.5-py3-none-any.whl b/thirdparty/dist/django-6.0.5-py3-none-any.whl new file mode 100644 index 00000000..14a0b4a9 Binary files /dev/null and b/thirdparty/dist/django-6.0.5-py3-none-any.whl differ diff --git a/thirdparty/dist/gitpython-3.1.50-py3-none-any.whl b/thirdparty/dist/gitpython-3.1.50-py3-none-any.whl new file mode 100644 index 00000000..d56fcd90 Binary files /dev/null and b/thirdparty/dist/gitpython-3.1.50-py3-none-any.whl differ diff --git a/thirdparty/dist/gunicorn-26.0.0-py3-none-any.whl b/thirdparty/dist/gunicorn-26.0.0-py3-none-any.whl new file mode 100644 index 00000000..ed0636fe Binary files /dev/null and b/thirdparty/dist/gunicorn-26.0.0-py3-none-any.whl differ diff --git a/thirdparty/dist/idna-3.18-py3-none-any.whl b/thirdparty/dist/idna-3.18-py3-none-any.whl new file mode 100644 index 00000000..57a9e844 Binary files /dev/null and b/thirdparty/dist/idna-3.18-py3-none-any.whl differ diff --git a/thirdparty/dist/pip-26.1.2-py3-none-any.whl b/thirdparty/dist/pip-26.1.2-py3-none-any.whl new file mode 100644 index 00000000..24b5cc90 Binary files /dev/null and b/thirdparty/dist/pip-26.1.2-py3-none-any.whl differ diff --git a/thirdparty/dist/pyjwt-2.13.0-py3-none-any.whl b/thirdparty/dist/pyjwt-2.13.0-py3-none-any.whl new file mode 100644 index 00000000..32b2becd Binary files /dev/null and b/thirdparty/dist/pyjwt-2.13.0-py3-none-any.whl differ diff --git a/thirdparty/dist/redis-8.0.0-py3-none-any.whl b/thirdparty/dist/redis-8.0.0-py3-none-any.whl new file mode 100644 index 00000000..95eee436 Binary files /dev/null and b/thirdparty/dist/redis-8.0.0-py3-none-any.whl differ diff --git a/thirdparty/dist/requests-2.34.2-py3-none-any.whl b/thirdparty/dist/requests-2.34.2-py3-none-any.whl new file mode 100644 index 00000000..fb4b8a78 Binary files /dev/null and b/thirdparty/dist/requests-2.34.2-py3-none-any.whl differ diff --git a/thirdparty/dist/rq-2.9.0-py3-none-any.whl b/thirdparty/dist/rq-2.9.0-py3-none-any.whl new file mode 100644 index 00000000..e4bdd585 Binary files /dev/null and b/thirdparty/dist/rq-2.9.0-py3-none-any.whl differ diff --git a/thirdparty/dist/ruff-0.15.14-py3-none-macosx_11_0_arm64.whl b/thirdparty/dist/ruff-0.15.14-py3-none-macosx_11_0_arm64.whl new file mode 100644 index 00000000..50a82143 Binary files /dev/null and b/thirdparty/dist/ruff-0.15.14-py3-none-macosx_11_0_arm64.whl differ diff --git a/thirdparty/dist/ruff-0.15.14-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl b/thirdparty/dist/ruff-0.15.14-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl new file mode 100644 index 00000000..fa253526 Binary files /dev/null and b/thirdparty/dist/ruff-0.15.14-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl differ diff --git a/thirdparty/dist/setuptools-82.0.1-py3-none-any.whl b/thirdparty/dist/setuptools-82.0.1-py3-none-any.whl new file mode 100644 index 00000000..2db749a7 Binary files /dev/null and b/thirdparty/dist/setuptools-82.0.1-py3-none-any.whl differ diff --git a/thirdparty/dist/urllib3-2.7.0-py3-none-any.whl b/thirdparty/dist/urllib3-2.7.0-py3-none-any.whl new file mode 100644 index 00000000..1400ec63 Binary files /dev/null and b/thirdparty/dist/urllib3-2.7.0-py3-none-any.whl differ diff --git a/thirdparty/dist/zipp-4.1.0-py3-none-any.whl b/thirdparty/dist/zipp-4.1.0-py3-none-any.whl new file mode 100644 index 00000000..c3381ba6 Binary files /dev/null and b/thirdparty/dist/zipp-4.1.0-py3-none-any.whl differ diff --git a/uv.lock b/uv.lock index b1d415ac..308a22df 100644 --- a/uv.lock +++ b/uv.lock @@ -11,7 +11,7 @@ supported-markers = [ ] [options] -exclude-newer = "2026-04-27T11:37:45.819719Z" +exclude-newer = "2026-05-27T07:06:32.816217Z" exclude-newer-span = "P7D" [[package]] @@ -95,10 +95,10 @@ wheels = [ [[package]] name = "certifi" -version = "2026.4.22" +version = "2026.5.20" source = { registry = "thirdparty/dist" } wheels = [ - { path = "certifi-2026.4.22-py3-none-any.whl" }, + { path = "certifi-2026.5.20-py3-none-any.whl" }, ] [[package]] @@ -311,7 +311,7 @@ requires-dist = [ { name = "bleach", specifier = "==6.3.0" }, { name = "bleach-allowlist", specifier = "==1.0.3" }, { name = "boolean-py", specifier = "==5.0" }, - { name = "certifi", specifier = "==2026.4.22" }, + { name = "certifi", specifier = "==2026.5.20" }, { name = "charset-normalizer", specifier = "==3.4.7" }, { name = "clamd", specifier = "==1.0.2" }, { name = "click", specifier = "==8.3.3" }, @@ -321,7 +321,7 @@ requires-dist = [ { name = "cyclonedx-python-lib", specifier = "==11.6.0" }, { name = "cython", specifier = "==3.2.4" }, { name = "defusedxml", specifier = "==0.7.1" }, - { name = "django", specifier = "==6.0.4" }, + { name = "django", specifier = "==6.0.5" }, { name = "django-altcha", specifier = "==0.10.0" }, { name = "django-auth-ldap", specifier = "==5.3.0" }, { name = "django-axes", specifier = "==8.3.1" }, @@ -341,9 +341,9 @@ requires-dist = [ { name = "et-xmlfile", specifier = "==2.0.0" }, { name = "fakeredis", specifier = "==2.35.1" }, { name = "gitdb", specifier = "==4.0.12" }, - { name = "gitpython", specifier = "==3.1.49" }, - { name = "gunicorn", specifier = "==25.3.0" }, - { name = "idna", specifier = "==3.11" }, + { name = "gitpython", specifier = "==3.1.50" }, + { name = "gunicorn", specifier = "==26.0.0" }, + { name = "idna", specifier = "==3.18" }, { name = "inflection", specifier = "==0.5.1" }, { name = "jinja2", specifier = "==3.1.6" }, { name = "jsonfield", specifier = "==3.2.0" }, @@ -362,14 +362,14 @@ requires-dist = [ { name = "openpyxl", specifier = "==3.1.5" }, { name = "packageurl-python", specifier = "==0.17.6" }, { name = "packaging", specifier = "==26.2" }, - { name = "pip", specifier = "==26.1" }, + { name = "pip", specifier = "==26.1.2" }, { name = "psycopg", specifier = "==3.3.4" }, { name = "py-serializable", specifier = "==2.1.0" }, { name = "pyasn1", specifier = "==0.6.3" }, { name = "pyasn1-modules", specifier = "==0.4.2" }, { name = "pydantic", specifier = "==2.12.5" }, { name = "pydantic-core", specifier = "==2.41.5" }, - { name = "pyjwt", specifier = "==2.12.1" }, + { name = "pyjwt", specifier = "==2.13.0" }, { name = "pypng", specifier = "==0.20220715.0" }, { name = "python-dateutil", specifier = "==2.9.0.post0" }, { name = "python-ldap", specifier = "==3.4.5" }, @@ -380,14 +380,14 @@ requires-dist = [ { name = "qrcode", specifier = "==8.2" }, { name = "redis", specifier = "==7.4.0" }, { name = "referencing", specifier = "==0.37.0" }, - { name = "requests", specifier = "==2.33.0" }, + { name = "requests", specifier = "==2.34.2" }, { name = "requests-oauthlib", specifier = "==2.0.0" }, { name = "rpds-py", specifier = "==0.30.0" }, - { name = "rq", specifier = "==2.8.0" }, + { name = "rq", specifier = "==2.9.0" }, { name = "ruff", marker = "extra == 'dev'", specifier = "==0.15.0" }, { name = "saneyaml", specifier = "==0.6.1" }, { name = "semantic-version", specifier = "==2.10.0" }, - { name = "setuptools", specifier = "==82.0.0" }, + { name = "setuptools", specifier = "==82.0.1" }, { name = "setuptools-rust", specifier = "==1.12.0" }, { name = "setuptools-scm", specifier = "==9.2.2" }, { name = "six", specifier = "==1.17.0" }, @@ -399,24 +399,24 @@ requires-dist = [ { name = "typing-extensions", specifier = "==4.15.0" }, { name = "typing-inspection", specifier = "==0.4.2" }, { name = "uritemplate", specifier = "==4.2.0" }, - { name = "urllib3", specifier = "==2.6.3" }, + { name = "urllib3", specifier = "==2.7.0" }, { name = "webencodings", specifier = "==0.5.1" }, { name = "wheel", specifier = "==0.47.0" }, { name = "xlsxwriter", specifier = "==3.2.9" }, - { name = "zipp", specifier = "==3.23.0" }, + { name = "zipp", specifier = "==4.1.0" }, ] provides-extras = ["dev"] [[package]] name = "django" -version = "6.0.4" +version = "6.0.5" source = { registry = "thirdparty/dist" } dependencies = [ { name = "asgiref", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, { name = "sqlparse", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, ] wheels = [ - { path = "django-6.0.4-py3-none-any.whl" }, + { path = "django-6.0.5-py3-none-any.whl" }, ] [[package]] @@ -636,32 +636,32 @@ wheels = [ [[package]] name = "gitpython" -version = "3.1.49" +version = "3.1.50" source = { registry = "thirdparty/dist" } dependencies = [ { name = "gitdb", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, ] wheels = [ - { path = "gitpython-3.1.49-py3-none-any.whl" }, + { path = "gitpython-3.1.50-py3-none-any.whl" }, ] [[package]] name = "gunicorn" -version = "25.3.0" +version = "26.0.0" source = { registry = "thirdparty/dist" } dependencies = [ { name = "packaging", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, ] wheels = [ - { path = "gunicorn-25.3.0-py3-none-any.whl" }, + { path = "gunicorn-26.0.0-py3-none-any.whl" }, ] [[package]] name = "idna" -version = "3.11" +version = "3.18" source = { registry = "thirdparty/dist" } wheels = [ - { path = "idna-3.11-py3-none-any.whl" }, + { path = "idna-3.18-py3-none-any.whl" }, ] [[package]] @@ -840,10 +840,10 @@ wheels = [ [[package]] name = "pip" -version = "26.1" +version = "26.1.2" source = { registry = "thirdparty/dist" } wheels = [ - { path = "pip-26.1-py3-none-any.whl" }, + { path = "pip-26.1.2-py3-none-any.whl" }, ] [[package]] @@ -913,10 +913,10 @@ wheels = [ [[package]] name = "pyjwt" -version = "2.12.1" +version = "2.13.0" source = { registry = "thirdparty/dist" } wheels = [ - { path = "pyjwt-2.12.1-py3-none-any.whl" }, + { path = "pyjwt-2.13.0-py3-none-any.whl" }, ] [[package]] @@ -1015,7 +1015,7 @@ wheels = [ [[package]] name = "requests" -version = "2.33.0" +version = "2.34.2" source = { registry = "thirdparty/dist" } dependencies = [ { name = "certifi", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, @@ -1024,7 +1024,7 @@ dependencies = [ { name = "urllib3", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, ] wheels = [ - { path = "requests-2.33.0-py3-none-any.whl" }, + { path = "requests-2.34.2-py3-none-any.whl" }, ] [[package]] @@ -1051,7 +1051,7 @@ wheels = [ [[package]] name = "rq" -version = "2.8.0" +version = "2.9.0" source = { registry = "thirdparty/dist" } dependencies = [ { name = "click", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, @@ -1059,7 +1059,7 @@ dependencies = [ { name = "redis", marker = "sys_platform == 'darwin' or sys_platform == 'linux'" }, ] wheels = [ - { path = "rq-2.8.0-py3-none-any.whl" }, + { path = "rq-2.9.0-py3-none-any.whl" }, ] [[package]] @@ -1093,10 +1093,10 @@ wheels = [ [[package]] name = "setuptools" -version = "82.0.0" +version = "82.0.1" source = { registry = "thirdparty/dist" } wheels = [ - { path = "setuptools-82.0.0-py3-none-any.whl" }, + { path = "setuptools-82.0.1-py3-none-any.whl" }, ] [[package]] @@ -1200,10 +1200,10 @@ wheels = [ [[package]] name = "urllib3" -version = "2.6.3" +version = "2.7.0" source = { registry = "thirdparty/dist" } wheels = [ - { path = "urllib3-2.6.3-py3-none-any.whl" }, + { path = "urllib3-2.7.0-py3-none-any.whl" }, ] [[package]] @@ -1235,8 +1235,8 @@ wheels = [ [[package]] name = "zipp" -version = "3.23.0" +version = "4.1.0" source = { registry = "thirdparty/dist" } wheels = [ - { path = "zipp-3.23.0-py3-none-any.whl" }, + { path = "zipp-4.1.0-py3-none-any.whl" }, ]