fix(dependencies): Upgrade dependencies

Upgrade plugin dependencies to cover security risks Ignore Safety ID 51457 dues to a false-positive reported here: pytest-dev/py#287 Ignore bandit B113 request timeout issue
Venafi · Jun 1, 2023 · 1f6db3b · 1f6db3b
1 parent f473011
commit 1f6db3b
Show file tree

Hide file tree

Showing 6 changed files with 17 additions and 16 deletions.
diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh
@@ -7,6 +7,7 @@ set -o pipefail
 bandit -r vcert/
 
 # ID 40291 is pip, ignore so we can still test python 2.7
-safety check -i 40291
+#Ignoring false-positive issue with pytest. ref: https://github.com/pytest-dev/py/issues/287
+safety check -i 40291 -i 51457
 
 pytest -v --junit-xml=junit.xml --junit-prefix=`python -V | tr ' ' '_'` --cov=vcert --cov=vcert.parser --cov=vcert.policy --cov-report term --cov-report xml
diff --git a/requirements-build.txt b/requirements-build.txt
@@ -1,4 +1,4 @@
-pytest==6.2.5
-pytest-cov==3.0.0
-safety==1.10.3
-bandit==1.7.1
+pytest==7.3.1
+pytest-cov==4.1.0
+safety==2.3.5
+bandit==1.7.5
diff --git a/requirements.txt b/requirements.txt
@@ -1,6 +1,6 @@
-requests==2.27.1
+requests==2.31.0
 python-dateutil==2.8.2
-cryptography==36.0.1
+cryptography==41.0.0
 six==1.16.0
-ruamel.yaml==0.17.20
+ruamel.yaml==0.17.31
 pynacl==1.5.0
diff --git a/vcert/connection_cloud.py b/vcert/connection_cloud.py
@@ -169,7 +169,7 @@ def _get(self, url, params=None):
             'accept': MIME_ANY,
             'cache-control': "no-cache"
         }
-        r = requests.get(self._base_url + url, params=params, headers=headers, **self._http_request_kwargs)
+        r = requests.get(self._base_url + url, params=params, headers=headers, **self._http_request_kwargs)  # nosec B113
         return self.process_server_response(r)
 
     def _post(self, url, data=None):
@@ -185,7 +185,7 @@ def _post(self, url, data=None):
             'cache-control': "no-cache"
         }
         if isinstance(data, dict):
-            r = requests.post(self._base_url + url, json=data, headers=headers, **self._http_request_kwargs)
+            r = requests.post(self._base_url + url, json=data, headers=headers, **self._http_request_kwargs)  # nosec B113
         else:
             log.error(f"Unexpected client data type: {type(data)} for {url}")
             raise ClientBadData
@@ -204,7 +204,7 @@ def _put(self, url, data=None):
             'accept': MIME_JSON
         }
         if isinstance(data, dict):
-            r = requests.put(self._base_url + url, json=data, headers=headers, **self._http_request_kwargs)
+            r = requests.put(self._base_url + url, json=data, headers=headers, **self._http_request_kwargs)  # nosec B113
         else:
             log.error(f"Unexpected client data type: {type(data)} for {url}")
             raise ClientBadData

diff --git a/vcert/connection_tpp.py b/vcert/connection_tpp.py
@@ -86,7 +86,7 @@ def _get(self, url="", params=None):
                                   'content-type': MIME_JSON,
                                   'cache-control': 'no-cache'},
                          params=params,
-                         **self._http_request_kwargs)
+                         **self._http_request_kwargs)  # nosec B113
         return self.process_server_response(r)
 
     def _post(self, url, data=None):
@@ -100,7 +100,7 @@ def _post(self, url, data=None):
                                        'content-type': MIME_JSON,
                                        'cache-control': "no-cache"},
                               json=data,
-                              **self._http_request_kwargs)
+                              **self._http_request_kwargs)  # nosec B113
         else:
             log.error(f"Unexpected client data type: {type(data)} for {url}")
             raise ClientBadData
@@ -126,7 +126,7 @@ def auth(self):
                           json=data,
                           headers={'content-type': MIME_JSON,
                                    'cache-control': "no-cache"},
-                          **self._http_request_kwargs)
+                          **self._http_request_kwargs)  # nosec B113
 
         status, user = self.process_server_response(r)
         if status == HTTPStatus.OK:

diff --git a/vcert/connection_tpp_token.py b/vcert/connection_tpp_token.py
@@ -98,7 +98,7 @@ def _get(self, url=None, params=None, check_token=True, include_token_header=Tru
             token = self._get_auth_header_value(self._auth.access_token)
             headers[HEADER_AUTHORIZATION] = token
 
-        r = requests.get(self._base_url + url, headers=headers, params=params, **self._http_request_kwargs)
+        r = requests.get(self._base_url + url, headers=headers, params=params, **self._http_request_kwargs)  # nosec B113
         return self.process_server_response(r)
 
     def _post(self, url=None, data=None, check_token=True, include_token_header=True):
@@ -115,7 +115,7 @@ def _post(self, url=None, data=None, check_token=True, include_token_header=True
 
         if isinstance(data, dict):
             log.debug(f"POST Request\n\tURL: {self._base_url+url}\n\tHeaders:{headers}\n\tBody:{data}\n")
-            r = requests.post(self._base_url + url, headers=headers, json=data,  **self._http_request_kwargs)
+            r = requests.post(self._base_url + url, headers=headers, json=data,  **self._http_request_kwargs)  # nosec B113
         else:
             log.error(f"Unexpected client data type: {type(data)} for {url}")
             raise ClientBadData