Skip to content

Commit b2d65aa

Browse files
CharStringSilvia
CharString
authored and
Silvia
committed
📌 chore: Security updates
Django CVE-2025-48432 requests CVE-2024-47081 h11 CVE-2025-43859
1 parent 04beb7f commit b2d65aa

File tree

4 files changed

+32
-28
lines changed

4 files changed

+32
-28
lines changed

backend/requirements/base.txt

Lines changed: 2 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -37,7 +37,7 @@ cryptography==44.0.2
3737
# mozilla-django-oidc
3838
# pyopenssl
3939
# webauthn
40-
django==5.2.1
40+
django==5.2.3
4141
# via
4242
# -r requirements/base.in
4343
# django-admin-index
@@ -191,7 +191,7 @@ referencing==0.36.2
191191
# via
192192
# jsonschema
193193
# jsonschema-specifications
194-
requests==2.32.3
194+
requests==2.32.4
195195
# via
196196
# ape-pie
197197
# django-rosetta
@@ -203,8 +203,6 @@ rpds-py==0.24.0
203203
# referencing
204204
ruamel-yaml==0.18.10
205205
# via django-setup-configuration
206-
ruamel-yaml-clib==0.2.12
207-
# via ruamel-yaml
208206
sentry-sdk==2.25.1
209207
# via -r requirements/base.in
210208
six==1.17.0
@@ -219,9 +217,7 @@ typing-extensions==4.13.1
219217
# mozilla-django-oidc-db
220218
# pydantic
221219
# pydantic-core
222-
# pyopenssl
223220
# qrcode
224-
# referencing
225221
# typing-inspection
226222
# zgw-consumers
227223
typing-inspection==0.4.0

backend/requirements/ci.txt

Lines changed: 8 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -75,7 +75,7 @@ cryptography==44.0.2
7575
# webauthn
7676
cssselect==1.3.0
7777
# via pyquery
78-
django==5.2.1
78+
django==5.2.3
7979
# via
8080
# -c requirements/base.txt
8181
# -r requirements/base.txt
@@ -270,6 +270,8 @@ jsonschema-specifications==2024.10.1
270270
# -c requirements/base.txt
271271
# -r requirements/base.txt
272272
# jsonschema
273+
legacy-cgi==2.6.3
274+
# via webob
273275
lxml==5.3.1
274276
# via pyquery
275277
markupsafe==3.0.2
@@ -295,6 +297,8 @@ msgspec==0.19.0
295297
# via
296298
# -c requirements/base.txt
297299
# -r requirements/base.txt
300+
multidict==6.4.4
301+
# via yarl
298302
orderedmultidict==1.0.1
299303
# via
300304
# -c requirements/base.txt
@@ -320,6 +324,8 @@ polib==1.2.0
320324
# -c requirements/base.txt
321325
# -r requirements/base.txt
322326
# django-rosetta
327+
propcache==0.3.2
328+
# via yarl
323329
psycopg2==2.9.10
324330
# via
325331
# -c requirements/base.txt
@@ -409,7 +415,7 @@ referencing==0.36.2
409415
# -r requirements/base.txt
410416
# jsonschema
411417
# jsonschema-specifications
412-
requests==2.32.3
418+
requests==2.32.4
413419
# via
414420
# -c requirements/base.txt
415421
# -r requirements/base.txt
@@ -434,11 +440,6 @@ ruamel-yaml==0.18.10
434440
# -c requirements/base.txt
435441
# -r requirements/base.txt
436442
# django-setup-configuration
437-
ruamel-yaml-clib==0.2.12
438-
# via
439-
# -c requirements/base.txt
440-
# -r requirements/base.txt
441-
# ruamel-yaml
442443
sentry-sdk==2.25.1
443444
# via
444445
# -c requirements/base.txt
@@ -490,9 +491,7 @@ typing-extensions==4.13.1
490491
# mozilla-django-oidc-db
491492
# pydantic
492493
# pydantic-core
493-
# pyopenssl
494494
# qrcode
495-
# referencing
496495
# typing-inspection
497496
# zgw-consumers
498497
typing-inspection==0.4.0

backend/requirements/dev.in

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -22,3 +22,8 @@ django-cors-headers
2222
# openapi type generator
2323
httpx[cli]
2424
datamodel-code-generator[http]
25+
26+
# CVE pins
27+
# These are sub-dependencies and can be completely removed when they have no
28+
# "via" anymore in the .txt
29+
h11>=0.16.0 # CVE-2025-43859

backend/requirements/dev.txt

Lines changed: 17 additions & 13 deletions
Original file line numberDiff line numberDiff line change
@@ -110,7 +110,7 @@ cssselect==1.3.0
110110
# pyquery
111111
datamodel-code-generator==0.30.1
112112
# via -r requirements/dev.in
113-
django==5.2.1
113+
django==5.2.3
114114
# via
115115
# -c requirements/ci.txt
116116
# -r requirements/ci.txt
@@ -297,9 +297,11 @@ glom==24.11.0
297297
# -c requirements/ci.txt
298298
# -r requirements/ci.txt
299299
# mozilla-django-oidc-db
300-
h11==0.14.0
301-
# via httpcore
302-
httpcore==1.0.7
300+
h11==0.16.0
301+
# via
302+
# -r requirements/dev.in
303+
# httpcore
304+
httpcore==1.0.9
303305
# via httpx
304306
httpx==0.28.1
305307
# via
@@ -354,6 +356,11 @@ jsonschema-specifications==2024.10.1
354356
# -c requirements/ci.txt
355357
# -r requirements/ci.txt
356358
# jsonschema
359+
legacy-cgi==2.6.3
360+
# via
361+
# -c requirements/ci.txt
362+
# -r requirements/ci.txt
363+
# webob
357364
lxml==5.3.1
358365
# via
359366
# -c requirements/ci.txt
@@ -436,6 +443,11 @@ polib==1.2.0
436443
# django-rosetta
437444
prompt-toolkit==3.0.50
438445
# via questionary
446+
propcache==0.3.2
447+
# via
448+
# -c requirements/ci.txt
449+
# -r requirements/ci.txt
450+
# yarl
439451
psycopg2==2.9.10
440452
# via
441453
# -c requirements/ci.txt
@@ -540,7 +552,7 @@ referencing==0.36.2
540552
# -r requirements/ci.txt
541553
# jsonschema
542554
# jsonschema-specifications
543-
requests==2.32.3
555+
requests==2.32.4
544556
# via
545557
# -c requirements/ci.txt
546558
# -r requirements/ci.txt
@@ -577,11 +589,6 @@ ruamel-yaml==0.18.10
577589
# -c requirements/ci.txt
578590
# -r requirements/ci.txt
579591
# django-setup-configuration
580-
ruamel-yaml-clib==0.2.12
581-
# via
582-
# -c requirements/ci.txt
583-
# -r requirements/ci.txt
584-
# ruamel-yaml
585592
ruff==0.11.12
586593
# via -r requirements/dev.in
587594
sentry-sdk==2.25.1
@@ -674,14 +681,11 @@ typing-extensions==4.13.1
674681
# via
675682
# -c requirements/ci.txt
676683
# -r requirements/ci.txt
677-
# anyio
678684
# beautifulsoup4
679685
# mozilla-django-oidc-db
680686
# pydantic
681687
# pydantic-core
682-
# pyopenssl
683688
# qrcode
684-
# referencing
685689
# rich-click
686690
# typeguard
687691
# typing-inspection

0 commit comments

Comments
 (0)