Skip to content

Commit 4c03971

Browse files
Avi-RobustaAvi-Robusta
authored
[ROB-2885] CVE patches (#493)
CVE-2025-66418 CVE-2025-66471 the git diff for requirements is off updated prometrix, boto3 botocore and removed importlib-resources since its no longer needed by newer versions of boto3/botocore/prometrix
1 parent c149d0b commit 4c03971

File tree

4 files changed

+98
-121
lines changed

4 files changed

+98
-121
lines changed

.github/workflows/pytest-on-push.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -13,7 +13,7 @@ jobs:
1313
- name: Set up Python
1414
uses: actions/setup-python@v2
1515
with:
16-
python-version: '3.9'
16+
python-version: '3.10'
1717

1818
- name: Install dependencies
1919
run: |

poetry.lock

Lines changed: 37 additions & 60 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pyproject.toml

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -23,21 +23,21 @@ plugins = "numpy.typing.mypy_plugin,pydantic.mypy"
2323
krr = "robusta_krr.main:run"
2424

2525
[tool.poetry.dependencies]
26-
python = ">=3.9,<=3.12.9"
26+
python = ">=3.10,<=3.12.9"
2727
typer = { extras = ["all"], version = "^0.7.0" }
2828
pydantic = "^1.10.7"
2929
kubernetes = "^26.1.0"
3030
prometheus-api-client = "0.5.3"
3131
numpy = ">=1.26.4,<1.27.0"
3232
alive-progress = "^3.1.2"
33-
prometrix = "0.2.5"
33+
prometrix = "0.2.9"
3434
slack-sdk = "^3.21.3"
3535
pandas = "2.2.2"
3636
requests = ">2.32.4"
3737
pyyaml = "6.0.1"
3838
typing-extensions = "4.6.0"
3939
idna = "3.7"
40-
urllib3 = "^1.26.20"
40+
urllib3 = "^2.6.2"
4141
setuptools = "^80.9.0"
4242
zipp = "^3.19.1"
4343
tenacity = "^9.0.0"

requirements.txt

Lines changed: 57 additions & 57 deletions
Original file line numberDiff line numberDiff line change
@@ -1,57 +1,57 @@
1-
about-time==4.2.1 ; python_version >= "3.9" and python_full_version < "3.13"
2-
alive-progress==3.1.5 ; python_version >= "3.9" and python_full_version < "3.13"
3-
boto3==1.34.62 ; python_version >= "3.9" and python_full_version < "3.13"
4-
botocore==1.34.62 ; python_version >= "3.9" and python_full_version < "3.13"
5-
cachetools==5.3.3 ; python_version >= "3.9" and python_full_version < "3.13"
6-
certifi==2024.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
7-
charset-normalizer==3.3.2 ; python_version >= "3.9" and python_full_version < "3.13"
8-
click==8.1.7 ; python_version >= "3.9" and python_full_version < "3.13"
9-
colorama==0.4.6 ; python_version >= "3.9" and python_full_version < "3.13"
10-
commonmark==0.9.1 ; python_version >= "3.9" and python_full_version < "3.13"
11-
contourpy==1.2.0 ; python_version >= "3.9" and python_full_version < "3.13"
12-
cycler==0.12.1 ; python_version >= "3.9" and python_full_version < "3.13"
13-
dateparser==1.2.0 ; python_version >= "3.9" and python_full_version < "3.13"
14-
fonttools==4.49.0 ; python_version >= "3.9" and python_full_version < "3.13"
15-
google-auth==2.28.2 ; python_version >= "3.9" and python_full_version < "3.13"
16-
grapheme==0.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
17-
httmock==1.4.0 ; python_version >= "3.9" and python_full_version < "3.13"
18-
idna==3.7 ; python_version >= "3.9" and python_full_version < "3.13"
19-
importlib-resources==6.3.0 ; python_version == "3.9"
20-
jmespath==1.0.1 ; python_version >= "3.9" and python_full_version < "3.13"
21-
kiwisolver==1.4.5 ; python_version >= "3.9" and python_full_version < "3.13"
22-
kubernetes==26.1.0 ; python_version >= "3.9" and python_full_version < "3.13"
23-
matplotlib==3.8.3 ; python_version >= "3.9" and python_full_version < "3.13"
24-
numpy==1.26.4 ; python_version >= "3.9" and python_full_version < "3.13"
25-
oauthlib==3.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
26-
packaging==24.0 ; python_version >= "3.9" and python_full_version < "3.13"
27-
pandas==2.2.2 ; python_version >= "3.9" and python_full_version < "3.13"
28-
pillow==10.3.0 ; python_version >= "3.9" and python_full_version < "3.13"
29-
prometheus-api-client==0.5.3 ; python_version >= "3.9" and python_full_version < "3.13"
30-
prometrix==0.2.5 ; python_version >= "3.9" and python_full_version < "3.13"
31-
pyasn1-modules==0.3.0 ; python_version >= "3.9" and python_full_version < "3.13"
32-
pyasn1==0.5.1 ; python_version >= "3.9" and python_full_version < "3.13"
33-
pydantic==1.10.15 ; python_version >= "3.9" and python_full_version < "3.13"
34-
pygments==2.17.2 ; python_version >= "3.9" and python_full_version < "3.13"
35-
pyparsing==3.1.2 ; python_version >= "3.9" and python_full_version < "3.13"
36-
python-dateutil==2.9.0.post0 ; python_version >= "3.9" and python_full_version < "3.13"
37-
pytz==2024.1 ; python_version >= "3.9" and python_full_version < "3.13"
38-
pyyaml==6.0.1 ; python_version >= "3.9" and python_full_version < "3.13"
39-
regex==2023.12.25 ; python_version >= "3.9" and python_full_version < "3.13"
40-
requests-oauthlib==1.4.0 ; python_version >= "3.9" and python_full_version < "3.13"
41-
requests==2.32.5 ; python_version >= "3.9" and python_full_version < "3.13"
42-
rich==12.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
43-
rsa==4.9 ; python_version >= "3.9" and python_full_version < "3.13"
44-
s3transfer==0.10.0 ; python_version >= "3.9" and python_full_version < "3.13"
45-
setuptools==80.9.0 ; python_version >= "3.9" and python_full_version < "3.13"
46-
shellingham==1.5.4 ; python_version >= "3.9" and python_full_version < "3.13"
47-
six==1.16.0 ; python_version >= "3.9" and python_full_version < "3.13"
48-
slack-sdk==3.27.1 ; python_version >= "3.9" and python_full_version < "3.13"
49-
tenacity==9.0.0 ; python_version >= "3.9" and python_full_version < "3.13"
50-
typer==0.7.0 ; python_version >= "3.9" and python_full_version < "3.13"
51-
typing-extensions==4.6.0 ; python_version >= "3.9" and python_full_version < "3.13"
52-
tzdata==2024.1 ; python_version >= "3.9" and python_full_version < "3.13"
53-
tzlocal==5.2 ; python_version >= "3.9" and python_full_version < "3.13"
54-
urllib3==1.26.20 ; python_version >= "3.9" and python_full_version < "3.13"
55-
websocket-client==1.7.0 ; python_version >= "3.9" and python_full_version < "3.13"
56-
zipp==3.20.2 ; python_version >= "3.9" and python_full_version < "3.13"
57-
pytest-asyncio==0.23.7 ; python_version >= "3.9" and python_full_version < "3.13"
1+
about-time==4.2.1 ; python_version >= "3.10" and python_full_version < "3.13"
2+
alive-progress==3.1.5 ; python_version >= "3.10" and python_full_version < "3.13"
3+
boto3==1.42.19 ; python_version >= "3.10" and python_full_version < "3.13"
4+
botocore==1.42.19 ; python_version >= "3.10" and python_full_version < "3.13"
5+
cachetools==5.3.3 ; python_version >= "3.10" and python_full_version < "3.13"
6+
certifi==2024.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
7+
charset-normalizer==3.3.2 ; python_version >= "3.10" and python_full_version < "3.13"
8+
click==8.1.7 ; python_version >= "3.10" and python_full_version < "3.13"
9+
colorama==0.4.6 ; python_version >= "3.10" and python_full_version < "3.13"
10+
commonmark==0.9.1 ; python_version >= "3.10" and python_full_version < "3.13"
11+
contourpy==1.2.0 ; python_version >= "3.10" and python_full_version < "3.13"
12+
cycler==0.12.1 ; python_version >= "3.10" and python_full_version < "3.13"
13+
dateparser==1.2.0 ; python_version >= "3.10" and python_full_version < "3.13"
14+
fonttools==4.49.0 ; python_version >= "3.10" and python_full_version < "3.13"
15+
google-auth==2.28.2 ; python_version >= "3.10" and python_full_version < "3.13"
16+
grapheme==0.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
17+
httmock==1.4.0 ; python_version >= "3.10" and python_full_version < "3.13"
18+
idna==3.7 ; python_version >= "3.10" and python_full_version < "3.13"
19+
jmespath==1.0.1 ; python_version >= "3.10" and python_full_version < "3.13"
20+
kiwisolver==1.4.5 ; python_version >= "3.10" and python_full_version < "3.13"
21+
kubernetes==26.1.0 ; python_version >= "3.10" and python_full_version < "3.13"
22+
matplotlib==3.8.3 ; python_version >= "3.10" and python_full_version < "3.13"
23+
numpy==1.26.4 ; python_version >= "3.10" and python_full_version < "3.13"
24+
oauthlib==3.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
25+
packaging==24.0 ; python_version >= "3.10" and python_full_version < "3.13"
26+
pandas==2.2.2 ; python_version >= "3.10" and python_full_version < "3.13"
27+
pillow==10.3.0 ; python_version >= "3.10" and python_full_version < "3.13"
28+
prometheus-api-client==0.5.3 ; python_version >= "3.10" and python_full_version < "3.13"
29+
prometrix==0.2.9 ; python_version >= "3.10" and python_full_version < "3.13"
30+
pyasn1-modules==0.3.0 ; python_version >= "3.10" and python_full_version < "3.13"
31+
pyasn1==0.5.1 ; python_version >= "3.10" and python_full_version < "3.13"
32+
pydantic==1.10.15 ; python_version >= "3.10" and python_full_version < "3.13"
33+
pygments==2.17.2 ; python_version >= "3.10" and python_full_version < "3.13"
34+
pyparsing==3.1.2 ; python_version >= "3.10" and python_full_version < "3.13"
35+
python-dateutil==2.9.0.post0 ; python_version >= "3.10" and python_full_version < "3.13"
36+
pytz==2024.1 ; python_version >= "3.10" and python_full_version < "3.13"
37+
pyyaml==6.0.1 ; python_version >= "3.10" and python_full_version < "3.13"
38+
regex==2023.12.25 ; python_version >= "3.10" and python_full_version < "3.13"
39+
requests-oauthlib==1.4.0 ; python_version >= "3.10" and python_full_version < "3.13"
40+
requests==2.32.5 ; python_version >= "3.10" and python_full_version < "3.13"
41+
rich==12.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
42+
rsa==4.9 ; python_version >= "3.10" and python_full_version < "3.13"
43+
s3transfer==0.16.0 ; python_version >= "3.10" and python_full_version < "3.13"
44+
setuptools==80.9.0 ; python_version >= "3.10" and python_full_version < "3.13"
45+
shellingham==1.5.4 ; python_version >= "3.10" and python_full_version < "3.13"
46+
six==1.16.0 ; python_version >= "3.10" and python_full_version < "3.13"
47+
slack-sdk==3.27.1 ; python_version >= "3.10" and python_full_version < "3.13"
48+
tenacity==9.0.0 ; python_version >= "3.10" and python_full_version < "3.13"
49+
typer==0.7.0 ; python_version >= "3.10" and python_full_version < "3.13"
50+
typing-extensions==4.6.0 ; python_version >= "3.10" and python_full_version < "3.13"
51+
tzdata==2024.1 ; python_version >= "3.10" and python_full_version < "3.13"
52+
tzlocal==5.2 ; python_version >= "3.10" and python_full_version < "3.13"
53+
urllib3==2.6.2 ; python_version >= "3.10" and python_full_version < "3.13"
54+
websocket-client==1.7.0 ; python_version >= "3.10" and python_full_version < "3.13"
55+
zipp==3.20.2 ; python_version >= "3.10" and python_full_version < "3.13"
56+
# required for tests
57+
pytest-asyncio==0.23.7 ; python_version >= "3.10" and python_full_version < "3.13"

0 commit comments

Comments
 (0)