From cd9ff1ec3293a4eedae889c00e2b9f0b293814f4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 24 Mar 2021 15:42:28 -0400 Subject: [PATCH] Bump jinja2 from 2.11.2 to 2.11.3 (#1838) * Bump jinja2 from 2.11.2 to 2.11.3 Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.2 to 2.11.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/master/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/2.11.2...2.11.3) Signed-off-by: dependabot[bot] * Run pip-compile our way * Add newline * Update CHANGELOG Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Kevin Chung Co-authored-by: Kevin Chung --- CHANGELOG.md | 1 + requirements.in | 2 +- requirements.txt | 9 +++++---- scripts/pip-compile.sh | 10 ++++++++++ 4 files changed, 17 insertions(+), 5 deletions(-) create mode 100755 scripts/pip-compile.sh diff --git a/CHANGELOG.md b/CHANGELOG.md index 4c4df8471..4b0b2fee1 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -53,6 +53,7 @@ - Install `python3-dev` instead of `python-dev` in apt - Require `pybluemonday` as pip dependency - Remove `lxml` and `html5lib` from pip dependencies +- Bump `Jinja2` to 2.11.3 - Bump pip-compile to 5.4.0 **Miscellaneous** diff --git a/requirements.in b/requirements.in index c556e5ba0..ac21adba0 100644 --- a/requirements.in +++ b/requirements.in @@ -1,6 +1,6 @@ Flask==1.1.2 Werkzeug==1.0.1 -Jinja2==2.11.2 +Jinja2==2.11.3 Flask-SQLAlchemy==2.4.3 Flask-Caching==1.8.0 Flask-Migrate==2.5.3 diff --git a/requirements.txt b/requirements.txt index 932bb1193..138217701 100644 --- a/requirements.txt +++ b/requirements.txt @@ -2,7 +2,7 @@ # This file is autogenerated by pip-compile # To update, run: # -# pip-compile +# ./scripts/pip-compile.sh # alembic==1.4.3 # via dataset, flask-migrate aniso8601==8.0.0 # via flask-restx @@ -28,9 +28,9 @@ gevent==20.9.0 # via -r requirements.in greenlet==0.4.17 # via gevent gunicorn==20.0.4 # via -r requirements.in idna==2.10 # via requests -importlib-metadata==2.0.0 # via jsonschema +importlib-metadata==3.7.3 # via jsonschema itsdangerous==1.1.0 # via -r requirements.in, flask -jinja2==2.11.2 # via -r requirements.in, flask +jinja2==2.11.3 # via -r requirements.in, flask jmespath==0.10.0 # via boto3, botocore jsonschema==3.2.0 # via flask-restx mako==1.1.3 # via alembic @@ -56,10 +56,11 @@ six==1.15.0 # via bcrypt, flask-marshmallow, flask-restx, jsonsche sqlalchemy-utils==0.36.6 # via -r requirements.in sqlalchemy==1.3.17 # via -r requirements.in, alembic, dataset, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils tenacity==6.2.0 # via -r requirements.in +typing-extensions==3.7.4.3 # via importlib-metadata urllib3==1.25.11 # via botocore, requests werkzeug==1.0.1 # via -r requirements.in, flask, flask-restx wtforms==2.3.1 # via -r requirements.in -zipp==3.4.0 # via importlib-metadata +zipp==3.4.1 # via importlib-metadata zope.event==4.5.0 # via gevent zope.interface==5.2.0 # via gevent diff --git a/scripts/pip-compile.sh b/scripts/pip-compile.sh new file mode 100755 index 000000000..35862a98a --- /dev/null +++ b/scripts/pip-compile.sh @@ -0,0 +1,10 @@ +#!/bin/bash +# Script to pin Python requirements in a Docker container +ROOTDIR=`pwd -P` +docker run \ + --rm \ + --entrypoint bash \ + -v $ROOTDIR:/mnt/CTFd \ + -e CUSTOM_COMPILE_COMMAND='./scripts/pip-compile.sh' \ + -it python:3.7 \ + -c 'cd /mnt/CTFd && pip install pip-tools==5.4.0 && pip-compile'