requirements bump, only affected dev tools

2022-12-31 10:04:11 -06:00 · 2022-12-31 10:04:11 -06:00 · 83bc8b2c21
parent 4a2f650a33
commit 83bc8b2c21
3 changed files with 35 additions and 34 deletions
--- a/requirements/requirements-dev.in
+++ b/requirements/requirements-dev.in
@ -21,6 +21,6 @@ safety                      # check requirements file for issues

 # maintenance utilities and tox
 pip-tools                   # pip-compile
-tox                         # CI stuff
+tox<4                       # CI stuff, pinned for now to avoid packaging conflict w/safety
 tox-wheel                   # build wheels in tox
 versioneer                  # automatic version numbering
--- a/requirements/requirements-dev.txt
+++ b/requirements/requirements-dev.txt
@ -1,16 +1,16 @@
 #
-# This file is autogenerated by pip-compile with python 3.10
-# To update, run:
+# This file is autogenerated by pip-compile with Python 3.10
+# by the following command:
 #
 #    pip-compile --output-file=requirements/requirements-dev.txt requirements/requirements-dev.in
 #
-attrs==22.1.0
+attrs==22.2.0
    # via pytest
 bandit==1.7.4
    # via -r requirements/requirements-dev.in
-build==0.8.0
+build==0.9.0
    # via pip-tools
-certifi==2022.9.14
+certifi==2022.12.7
    # via requests
 charset-normalizer==2.1.1
    # via requests
@ -19,15 +19,17 @@ click==8.1.3
    #   flask
    #   pip-tools
    #   safety
-coverage[toml]==6.4.4
+coverage[toml]==7.0.1
    # via pytest-cov
 distlib==0.3.6
    # via virtualenv
 dlint==0.13.0
    # via -r requirements/requirements-dev.in
-dparse==0.6.0
+dparse==0.6.2
    # via safety
-filelock==3.8.0
+exceptiongroup==1.1.0
+    # via pytest
+filelock==3.9.0
    # via
    #   tox
    #   virtualenv
@ -42,31 +44,31 @@ flake8==5.0.4
    #   flake8-mutable
 flake8-blind-except==0.2.1
    # via -r requirements/requirements-dev.in
-flake8-builtins==1.5.3
+flake8-builtins==2.1.0
    # via -r requirements/requirements-dev.in
 flake8-docstrings==1.6.0
    # via -r requirements/requirements-dev.in
-flake8-executable==2.1.1
+flake8-executable==2.1.2
    # via -r requirements/requirements-dev.in
 flake8-fixme==1.1.1
    # via -r requirements/requirements-dev.in
-flake8-isort==4.2.0
+flake8-isort==6.0.0
    # via -r requirements/requirements-dev.in
-flake8-logging-format==0.7.5
+flake8-logging-format==0.9.0
    # via -r requirements/requirements-dev.in
 flake8-mutable==1.2.0
    # via -r requirements/requirements-dev.in
 flask==2.2.2
    # via -r requirements/requirements.in
-gitdb==4.0.9
+gitdb==4.0.10
    # via gitpython
-gitpython==3.1.27
+gitpython==3.1.30
    # via bandit
 idna==3.4
    # via requests
 iniconfig==1.1.1
    # via pytest
-isort==5.10.1
+isort==5.11.4
    # via flake8-isort
 itsdangerous==2.1.2
    # via flask
@ -87,22 +89,20 @@ packaging==21.3
    #   pytest
    #   safety
    #   tox
-pbr==5.10.0
+pbr==5.11.0
    # via stevedore
 pep517==0.13.0
    # via build
-pip-tools==6.8.0
+pip-tools==6.12.1
    # via -r requirements/requirements-dev.in
-platformdirs==2.5.2
+platformdirs==2.6.2
    # via virtualenv
 pluggy==1.0.0
    # via
    #   pytest
    #   tox
 py==1.11.0
-    # via
-    #   pytest
-    #   tox
+    # via tox
 pycodestyle==2.9.1
    # via flake8
 pydocstyle==6.1.1
@ -115,11 +115,11 @@ pyparsing==3.0.9
    # via
    #   packaging
    #   pydot
-pytest==7.1.3
+pytest==7.2.0
    # via
    #   -r requirements/requirements-dev.in
    #   pytest-cov
-pytest-cov==3.0.0
+pytest-cov==4.0.0
    # via -r requirements/requirements-dev.in
 pyyaml==6.0
    # via bandit
@ -127,9 +127,9 @@ requests==2.28.1
    # via safety
 ruamel-yaml==0.17.21
    # via safety
-ruamel-yaml-clib==0.2.6
+ruamel-yaml-clib==0.2.7
    # via ruamel-yaml
-safety==2.1.1
+safety==2.3.5
    # via -r requirements/requirements-dev.in
 six==1.16.0
    # via tox
@ -137,7 +137,7 @@ smmap==5.0.0
    # via gitdb
 snowballstemmer==2.2.0
    # via pydocstyle
-stevedore==4.0.0
+stevedore==4.1.1
    # via bandit
 toml==0.10.2
    # via dparse
@ -148,21 +148,21 @@ tomli==2.0.1
    #   pep517
    #   pytest
    #   tox
-tox==3.26.0
+tox==3.28.0
    # via
    #   -r requirements/requirements-dev.in
    #   tox-wheel
-tox-wheel==0.7.0
+tox-wheel==1.0.0
    # via -r requirements/requirements-dev.in
-urllib3==1.26.12
+urllib3==1.26.13
    # via requests
-versioneer==0.26
+versioneer==0.28
    # via -r requirements/requirements-dev.in
-virtualenv==20.16.5
+virtualenv==20.17.1
    # via tox
 werkzeug==2.2.2
    # via flask
-wheel==0.37.1
+wheel==0.38.4
    # via
    #   pip-tools
    #   tox-wheel
--- a/tox.ini
+++ b/tox.ini
@ -56,9 +56,10 @@ commands =
 # run security checks
 #
 # again it seems the most valuable here to run against the packaged code
+# 51457 is nearly a red herring that I'm stuck with because tox is pinned, try removing occasionally
 commands =
    bandit {envsitepackagesdir}/incorporealcms/ -r
-    safety check -r requirements/requirements-dev.txt
+    safety check -r requirements/requirements-dev.txt -i 51457

 [testenv:lint]
 # run style checks