diff --git a/Makefile b/Makefile index 168398a6e2..4d4a870635 100644 --- a/Makefile +++ b/Makefile @@ -137,9 +137,10 @@ virtualenv_ansible: fi; \ if [ ! -d "$(VENV_BASE)/ansible" ]; then \ virtualenv -p python --system-site-packages $(VENV_BASE)/ansible && \ - $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --ignore-installed six packaging appdirs && \ - $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --ignore-installed setuptools==36.0.1 && \ - $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --ignore-installed pip==9.0.1; \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) six packaging appdirs && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) setuptools==42.0.1 && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) pip==19.3.1 && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) wheel==0.33.6; \ fi; \ fi @@ -149,7 +150,10 @@ virtualenv_ansible_py3: mkdir $(VENV_BASE); \ fi; \ if [ ! -d "$(VENV_BASE)/ansible" ]; then \ - $(PYTHON) -m venv --system-site-packages $(VENV_BASE)/ansible; \ + $(PYTHON) -m venv --system-site-packages $(VENV_BASE)/ansible && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) setuptools==42.0.1 && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) pip==19.3.1 && \ + $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) wheel==0.33.6; \ fi; \ fi @@ -160,23 +164,22 @@ virtualenv_awx: fi; \ if [ ! -d "$(VENV_BASE)/awx" ]; then \ $(PYTHON) -m venv --system-site-packages $(VENV_BASE)/awx; \ - $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) --ignore-installed docutils==0.14; \ fi; \ fi requirements_ansible: virtualenv_ansible if [[ "$(PIP_OPTIONS)" == *"--no-index"* ]]; then \ - cat requirements/requirements_ansible.txt requirements/requirements_ansible_local.txt | $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements_ansible.txt requirements/requirements_ansible_local.txt | $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) -r /dev/stdin ; \ else \ - cat requirements/requirements_ansible.txt requirements/requirements_ansible_git.txt | $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements_ansible.txt requirements/requirements_ansible_git.txt | $(VENV_BASE)/ansible/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) -r /dev/stdin ; \ fi $(VENV_BASE)/ansible/bin/pip uninstall --yes -r requirements/requirements_ansible_uninstall.txt requirements_ansible_py3: virtualenv_ansible_py3 if [[ "$(PIP_OPTIONS)" == *"--no-index"* ]]; then \ - cat requirements/requirements_ansible.txt requirements/requirements_ansible_local.txt | $(VENV_BASE)/ansible/bin/pip3 install $(PIP_OPTIONS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements_ansible.txt requirements/requirements_ansible_local.txt | $(VENV_BASE)/ansible/bin/pip3 install $(PIP_OPTIONS) -r /dev/stdin ; \ else \ - cat requirements/requirements_ansible.txt requirements/requirements_ansible_git.txt | $(VENV_BASE)/ansible/bin/pip3 install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements_ansible.txt requirements/requirements_ansible_git.txt | $(VENV_BASE)/ansible/bin/pip3 install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) -r /dev/stdin ; \ fi $(VENV_BASE)/ansible/bin/pip3 uninstall --yes -r requirements/requirements_ansible_uninstall.txt @@ -188,9 +191,9 @@ requirements_ansible_dev: # Install third-party requirements needed for AWX's environment. requirements_awx: virtualenv_awx if [[ "$(PIP_OPTIONS)" == *"--no-index"* ]]; then \ - cat requirements/requirements.txt requirements/requirements_local.txt | $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements.txt requirements/requirements_local.txt | $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) -r /dev/stdin ; \ else \ - cat requirements/requirements.txt requirements/requirements_git.txt | $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) --ignore-installed -r /dev/stdin ; \ + cat requirements/requirements.txt requirements/requirements_git.txt | $(VENV_BASE)/awx/bin/pip install $(PIP_OPTIONS) --no-binary $(SRC_ONLY_PKGS) -r /dev/stdin ; \ fi echo "include-system-site-packages = true" >> $(VENV_BASE)/awx/lib/python$(PYTHON_VERSION)/pyvenv.cfg $(VENV_BASE)/awx/bin/pip uninstall --yes -r requirements/requirements_tower_uninstall.txt diff --git a/awx/__init__.py b/awx/__init__.py index 433892edbf..0e2547752d 100644 --- a/awx/__init__.py +++ b/awx/__init__.py @@ -24,31 +24,18 @@ except ImportError: # pragma: no cover import hashlib try: - import django - from django.db.backends.base import schema - from django.db.backends.utils import names_digest + import django # noqa: F401 HAS_DJANGO = True except ImportError: HAS_DJANGO = False +else: + from django.db.backends.base import schema + from django.db.backends.utils import names_digest if HAS_DJANGO is True: - # This line exists to make sure we don't regress on FIPS support if we - # upgrade Django; if you're upgrading Django and see this error, - # update the version check below, and confirm that FIPS still works. - # If operating in a FIPS environment, `hashlib.md5()` will raise a `ValueError`, - # but will support the `usedforsecurity` keyword on RHEL and Centos systems. - - # Keep an eye on https://code.djangoproject.com/ticket/28401 - target_version = '2.2.4' - if django.__version__ != target_version: - raise RuntimeError( - "Django version other than {target} detected: {current}. " - "Overriding `names_digest` is known to work for Django {target} " - "and may not work in other Django versions.".format(target=target_version, - current=django.__version__) - ) + # See upgrade blocker note in requirements/README.md try: names_digest('foo', 'bar', 'baz', length=8) except ValueError: diff --git a/awx/settings/defaults.py b/awx/settings/defaults.py index e86208e051..51436473a1 100644 --- a/awx/settings/defaults.py +++ b/awx/settings/defaults.py @@ -310,6 +310,9 @@ REST_FRAMEWORK = { 'VIEW_DESCRIPTION_FUNCTION': 'awx.api.generics.get_view_description', 'NON_FIELD_ERRORS_KEY': '__all__', 'DEFAULT_VERSION': 'v2', + # For swagger schema generation + # see https://github.com/encode/django-rest-framework/pull/6532 + 'DEFAULT_SCHEMA_CLASS': 'rest_framework.schemas.AutoSchema', #'URL_FORMAT_OVERRIDE': None, } diff --git a/awx/sso/middleware.py b/awx/sso/middleware.py index 5ed1e5a9e2..fcdf3e9b2e 100644 --- a/awx/sso/middleware.py +++ b/awx/sso/middleware.py @@ -20,17 +20,7 @@ class SocialAuthMiddleware(SocialAuthExceptionMiddleware): def process_request(self, request): if request.path.startswith('/sso'): - # django-social keeps a list of backends in memory that it gathers - # based on the value of settings.AUTHENTICATION_BACKENDS *at import - # time*: - # https://github.com/python-social-auth/social-app-django/blob/c1e2795b00b753d58a81fa6a0261d8dae1d9c73d/social_django/utils.py#L13 - # - # our settings.AUTHENTICATION_BACKENDS can *change* - # dynamically as Tower settings are changed (i.e., if somebody - # configures Github OAuth2 integration), so we need to - # _overwrite_ this in-memory value at the top of every request so - # that we have the latest version - # see: https://github.com/ansible/tower/issues/1979 + # See upgrade blocker note in requirements/README.md utils.BACKENDS = settings.AUTHENTICATION_BACKENDS token_key = request.COOKIES.get('token', '') token_key = urllib.parse.quote(urllib.parse.unquote(token_key).strip('"')) diff --git a/awx/wsgi.py b/awx/wsgi.py index 6d155ab6c3..2c60221e99 100644 --- a/awx/wsgi.py +++ b/awx/wsgi.py @@ -34,11 +34,6 @@ if MODE == 'production': logger.error("Missing or incorrect metadata for Tower version. Ensure Tower was installed using the setup playbook.") raise Exception("Missing or incorrect metadata for Tower version. Ensure Tower was installed using the setup playbook.") -if social_django.__version__ != '2.1.0': - raise RuntimeError("social_django version other than 2.1.0 detected {}. \ - Confirm that per-request social_django.utils.BACKENDS override \ - still works".format(social_django.__version__)) - # Return the default Django WSGI application. application = get_wsgi_application() diff --git a/docs/licenses/amqp-2.4.2.tar.gz b/docs/licenses/amqp-2.4.2.tar.gz deleted file mode 100644 index 78afb45311..0000000000 Binary files a/docs/licenses/amqp-2.4.2.tar.gz and /dev/null differ diff --git a/docs/licenses/amqp-2.5.2.tar.gz b/docs/licenses/amqp-2.5.2.tar.gz new file mode 100644 index 0000000000..9ee574fa18 Binary files /dev/null and b/docs/licenses/amqp-2.5.2.tar.gz differ diff --git a/docs/licenses/argparse.txt b/docs/licenses/argparse.txt deleted file mode 100644 index 640bc78095..0000000000 --- a/docs/licenses/argparse.txt +++ /dev/null @@ -1,20 +0,0 @@ -argparse is (c) 2006-2009 Steven J. Bethard . - -The argparse module was contributed to Python as of Python 2.7 and thus -was licensed under the Python license. Same license applies to all files in -the argparse package project. - -For details about the Python License, please see doc/Python-License.txt. - -History -------- - -Before (and including) argparse 1.1, the argparse package was licensed under -Apache License v2.0. - -After argparse 1.1, all project files from the argparse project were deleted -due to license compatibility issues between Apache License 2.0 and GNU GPL v2. - -The project repository then had a clean start with some files taken from -Python 2.7.1, so definitely all files are under Python License now. - diff --git a/docs/licenses/importlib-metadata.txt b/docs/licenses/importlib-metadata.txt new file mode 100644 index 0000000000..be7e092b0b --- /dev/null +++ b/docs/licenses/importlib-metadata.txt @@ -0,0 +1,13 @@ +Copyright 2017-2019 Jason R. Coombs, Barry Warsaw + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/docs/licenses/importlib-resources.txt b/docs/licenses/importlib-resources.txt new file mode 100644 index 0000000000..378b991a4d --- /dev/null +++ b/docs/licenses/importlib-resources.txt @@ -0,0 +1,13 @@ +Copyright 2017-2019 Brett Cannon, Barry Warsaw + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + +http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. diff --git a/docs/licenses/ntlm-auth-1.3.0.tar.gz b/docs/licenses/ntlm-auth-1.3.0.tar.gz deleted file mode 100644 index cdc5f009c4..0000000000 Binary files a/docs/licenses/ntlm-auth-1.3.0.tar.gz and /dev/null differ diff --git a/docs/licenses/ntlm-auth-1.4.0.tar.gz b/docs/licenses/ntlm-auth-1.4.0.tar.gz new file mode 100644 index 0000000000..cc9a415251 Binary files /dev/null and b/docs/licenses/ntlm-auth-1.4.0.tar.gz differ diff --git a/docs/licenses/ordereddict.txt b/docs/licenses/ordereddict.txt deleted file mode 100644 index 73abaf7b9c..0000000000 --- a/docs/licenses/ordereddict.txt +++ /dev/null @@ -1,21 +0,0 @@ -Copyright (c) 2009 Raymond Hettinger - -Permission is hereby granted, free of charge, to any person -obtaining a copy of this software and associated documentation files -(the "Software"), to deal in the Software without restriction, -including without limitation the rights to use, copy, modify, merge, -publish, distribute, sublicense, and/or sell copies of the Software, -and to permit persons to whom the Software is furnished to do so, -subject to the following conditions: - - The above copyright notice and this permission notice shall be - included in all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES - OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT - HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, - WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING - FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR - OTHER DEALINGS IN THE SOFTWARE. diff --git a/docs/licenses/paramiko-2.6.0.tar.gz b/docs/licenses/paramiko-2.6.0.tar.gz deleted file mode 100644 index 55d1dc0cf7..0000000000 Binary files a/docs/licenses/paramiko-2.6.0.tar.gz and /dev/null differ diff --git a/docs/licenses/paramiko-2.7.0.tar.gz b/docs/licenses/paramiko-2.7.0.tar.gz new file mode 100644 index 0000000000..0ac13e2b0b Binary files /dev/null and b/docs/licenses/paramiko-2.7.0.tar.gz differ diff --git a/docs/licenses/psycopg2-2.8.2.tar.gz b/docs/licenses/psycopg2-2.8.2.tar.gz deleted file mode 100644 index 52dcabea1e..0000000000 Binary files a/docs/licenses/psycopg2-2.8.2.tar.gz and /dev/null differ diff --git a/docs/licenses/psycopg2-2.8.4.tar.gz b/docs/licenses/psycopg2-2.8.4.tar.gz new file mode 100644 index 0000000000..7a5c773b6a Binary files /dev/null and b/docs/licenses/psycopg2-2.8.4.tar.gz differ diff --git a/docs/licenses/pyrsistent.txt b/docs/licenses/pyrsistent.txt new file mode 100644 index 0000000000..a3dd359f7c --- /dev/null +++ b/docs/licenses/pyrsistent.txt @@ -0,0 +1,22 @@ +Copyright (c) 2019 Tobias Gustafsson + +Permission is hereby granted, free of charge, to any person +obtaining a copy of this software and associated documentation +files (the "Software"), to deal in the Software without +restriction, including without limitation the rights to use, +copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following +conditions: + +The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +OTHER DEALINGS IN THE SOFTWARE. diff --git a/docs/licenses/pysocks.txt b/docs/licenses/pysocks.txt deleted file mode 100644 index 04b6b1f37c..0000000000 --- a/docs/licenses/pysocks.txt +++ /dev/null @@ -1,22 +0,0 @@ -Copyright 2006 Dan-Haim. All rights reserved. - -Redistribution and use in source and binary forms, with or without modification, -are permitted provided that the following conditions are met: -1. Redistributions of source code must retain the above copyright notice, this - list of conditions and the following disclaimer. -2. Redistributions in binary form must reproduce the above copyright notice, - this list of conditions and the following disclaimer in the documentation - and/or other materials provided with the distribution. -3. Neither the name of Dan Haim nor the names of his contributors may be used - to endorse or promote products derived from this software without specific - prior written permission. - -THIS SOFTWARE IS PROVIDED BY DAN HAIM "AS IS" AND ANY EXPRESS OR IMPLIED -WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF -MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO -EVENT SHALL DAN HAIM OR HIS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, -INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT -LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA -OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF -LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT -OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMANGE. diff --git a/docs/licenses/asn1crypto.txt b/docs/licenses/ruamel.yaml.clib.txt similarity index 53% rename from docs/licenses/asn1crypto.txt rename to docs/licenses/ruamel.yaml.clib.txt index 91724008af..1c3e20a20e 100644 --- a/docs/licenses/asn1crypto.txt +++ b/docs/licenses/ruamel.yaml.clib.txt @@ -1,14 +1,16 @@ -Copyright (c) 2015-2016 Will Bond +The MIT License (MIT) -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies -of the Software, and to permit persons to whom the Software is furnished to do -so, subject to the following conditions: +Copyright (c) 2019 Anthon van der Neut, Ruamel bvba -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. +Permission is hereby granted, free of charge, to any person obtaining a copy +of this software and associated documentation files (the "Software"), to deal +in the Software without restriction, including without limitation the rights +to use, copy, modify, merge, publish, distribute, sublicense, and/or sell +copies of the Software, and to permit persons to whom the Software is +furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in +all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, diff --git a/docs/licenses/service-identity.txt b/docs/licenses/service-identity.txt deleted file mode 100644 index 64c8a6f591..0000000000 --- a/docs/licenses/service-identity.txt +++ /dev/null @@ -1,19 +0,0 @@ -Copyright (c) 2014 Hynek Schlawack - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies -of the Software, and to permit persons to whom the Software is furnished to do -so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. diff --git a/docs/licenses/simplejson.txt b/docs/licenses/simplejson.txt deleted file mode 100644 index e05f49c3fd..0000000000 --- a/docs/licenses/simplejson.txt +++ /dev/null @@ -1,79 +0,0 @@ -simplejson is dual-licensed software. It is available under the terms -of the MIT license, or the Academic Free License version 2.1. The full -text of each license agreement is included below. This code is also -licensed to the Python Software Foundation (PSF) under a Contributor -Agreement. - -MIT License -=========== - -Copyright (c) 2006 Bob Ippolito - -Permission is hereby granted, free of charge, to any person obtaining a copy of -this software and associated documentation files (the "Software"), to deal in -the Software without restriction, including without limitation the rights to -use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies -of the Software, and to permit persons to whom the Software is furnished to do -so, subject to the following conditions: - -The above copyright notice and this permission notice shall be included in all -copies or substantial portions of the Software. - -THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR -IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, -FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE -AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER -LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, -OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE -SOFTWARE. - -Academic Free License v. 2.1 -============================ - -Copyright (c) 2006 Bob Ippolito. All rights reserved. - -This Academic Free License (the "License") applies to any original work of authorship (the "Original Work") whose owner (the "Licensor") has placed the following notice immediately following the copyright notice for the Original Work: - -Licensed under the Academic Free License version 2.1 - -1) Grant of Copyright License. Licensor hereby grants You a world-wide, royalty-free, non-exclusive, perpetual, sublicenseable license to do the following: - -a) to reproduce the Original Work in copies; - -b) to prepare derivative works ("Derivative Works") based upon the Original Work; - -c) to distribute copies of the Original Work and Derivative Works to the public; - -d) to perform the Original Work publicly; and - -e) to display the Original Work publicly. - -2) Grant of Patent License. Licensor hereby grants You a world-wide, royalty-free, non-exclusive, perpetual, sublicenseable license, under patent claims owned or controlled by the Licensor that are embodied in the Original Work as furnished by the Licensor, to make, use, sell and offer for sale the Original Work and Derivative Works. - -3) Grant of Source Code License. The term "Source Code" means the preferred form of the Original Work for making modifications to it and all available documentation describing how to modify the Original Work. Licensor hereby agrees to provide a machine-readable copy of the Source Code of the Original Work along with each copy of the Original Work that Licensor distributes. Licensor reserves the right to satisfy this obligation by placing a machine-readable copy of the Source Code in an information repository reasonably calculated to permit inexpensive and convenient access by You for as long as Licensor continues to distribute the Original Work, and by publishing the address of that information repository in a notice immediately following the copyright notice that applies to the Original Work. - -4) Exclusions From License Grant. Neither the names of Licensor, nor the names of any contributors to the Original Work, nor any of their trademarks or service marks, may be used to endorse or promote products derived from this Original Work without express prior written permission of the Licensor. Nothing in this License shall be deemed to grant any rights to trademarks, copyrights, patents, trade secrets or any other intellectual property of Licensor except as expressly stated herein. No patent license is granted to make, use, sell or offer to sell embodiments of any patent claims other than the licensed claims defined in Section 2. No right is granted to the trademarks of Licensor even if such marks are included in the Original Work. Nothing in this License shall be interpreted to prohibit Licensor from licensing under different terms from this License any Original Work that Licensor otherwise would have a right to license. - -5) This section intentionally omitted. - -6) Attribution Rights. You must retain, in the Source Code of any Derivative Works that You create, all copyright, patent or trademark notices from the Source Code of the Original Work, as well as any notices of licensing and any descriptive text identified therein as an "Attribution Notice." You must cause the Source Code for any Derivative Works that You create to carry a prominent Attribution Notice reasonably calculated to inform recipients that You have modified the Original Work. - -7) Warranty of Provenance and Disclaimer of Warranty. Licensor warrants that the copyright in and to the Original Work and the patent rights granted herein by Licensor are owned by the Licensor or are sublicensed to You under the terms of this License with the permission of the contributor(s) of those copyrights and patent rights. Except as expressly stated in the immediately proceeding sentence, the Original Work is provided under this License on an "AS IS" BASIS and WITHOUT WARRANTY, either express or implied, including, without limitation, the warranties of NON-INFRINGEMENT, MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY OF THE ORIGINAL WORK IS WITH YOU. This DISCLAIMER OF WARRANTY constitutes an essential part of this License. No license to Original Work is granted hereunder except under this disclaimer. - -8) Limitation of Liability. Under no circumstances and under no legal theory, whether in tort (including negligence), contract, or otherwise, shall the Licensor be liable to any person for any direct, indirect, special, incidental, or consequential damages of any character arising as a result of this License or the use of the Original Work including, without limitation, damages for loss of goodwill, work stoppage, computer failure or malfunction, or any and all other commercial damages or losses. This limitation of liability shall not apply to liability for death or personal injury resulting from Licensor's negligence to the extent applicable law prohibits such limitation. Some jurisdictions do not allow the exclusion or limitation of incidental or consequential damages, so this exclusion and limitation may not apply to You. - -9) Acceptance and Termination. If You distribute copies of the Original Work or a Derivative Work, You must make a reasonable effort under the circumstances to obtain the express assent of recipients to the terms of this License. Nothing else but this License (or another written agreement between Licensor and You) grants You permission to create Derivative Works based upon the Original Work or to exercise any of the rights granted in Section 1 herein, and any attempt to do so except under the terms of this License (or another written agreement between Licensor and You) is expressly prohibited by U.S. copyright law, the equivalent laws of other countries, and by international treaty. Therefore, by exercising any of the rights granted to You in Section 1 herein, You indicate Your acceptance of this License and all of its terms and conditions. - -10) Termination for Patent Action. This License shall terminate automatically and You may no longer exercise any of the rights granted to You by this License as of the date You commence an action, including a cross-claim or counterclaim, against Licensor or any licensee alleging that the Original Work infringes a patent. This termination provision shall not apply for an action alleging patent infringement by combinations of the Original Work with other software or hardware. - -11) Jurisdiction, Venue and Governing Law. Any action or suit relating to this License may be brought only in the courts of a jurisdiction wherein the Licensor resides or in which Licensor conducts its primary business, and under the laws of that jurisdiction excluding its conflict-of-law provisions. The application of the United Nations Convention on Contracts for the International Sale of Goods is expressly excluded. Any use of the Original Work outside the scope of this License or after its termination shall be subject to the requirements and penalties of the U.S. Copyright Act, 17 U.S.C. ยง 101 et seq., the equivalent laws of other countries, and international treaty. This section shall survive the termination of this License. - -12) Attorneys Fees. In any action to enforce the terms of this License or seeking damages relating thereto, the prevailing party shall be entitled to recover its costs and expenses, including, without limitation, reasonable attorneys' fees and costs incurred in connection with such action, including any appeal of such action. This section shall survive the termination of this License. - -13) Miscellaneous. This License represents the complete agreement concerning the subject matter hereof. If any provision of this License is held to be unenforceable, such provision shall be reformed only to the extent necessary to make it enforceable. - -14) Definition of "You" in This License. "You" throughout this License, whether in upper or lower case, means an individual or a legal entity exercising rights under, and complying with all of the terms of, this License. For legal entities, "You" includes any entity that controls, is controlled by, or is under common control with you. For purposes of this definition, "control" means (i) the power, direct or indirect, to cause the direction or management of such entity, whether by contract or otherwise, or (ii) ownership of fifty percent (50%) or more of the outstanding shares, or (iii) beneficial ownership of such entity. - -15) Right to Use. You may use the Original Work in all ways not otherwise restricted or conditioned by this License or by law, and Licensor promises not to interfere with or be responsible for such uses by You. - -This license is Copyright (C) 2003-2004 Lawrence E. Rosen. All rights reserved. Permission is hereby granted to copy and distribute this license without modification. This license may not be modified without the express written permission of its copyright owner. diff --git a/docs/licenses/uwsgi-2.0.17.tar.gz b/docs/licenses/uwsgi-2.0.17.tar.gz deleted file mode 100644 index 844ef55c90..0000000000 Binary files a/docs/licenses/uwsgi-2.0.17.tar.gz and /dev/null differ diff --git a/docs/licenses/uwsgi-2.0.18.tar.gz b/docs/licenses/uwsgi-2.0.18.tar.gz new file mode 100644 index 0000000000..4d125332d1 Binary files /dev/null and b/docs/licenses/uwsgi-2.0.18.tar.gz differ diff --git a/docs/licenses/zipp.txt b/docs/licenses/zipp.txt new file mode 100644 index 0000000000..5e795a61f3 --- /dev/null +++ b/docs/licenses/zipp.txt @@ -0,0 +1,7 @@ +Copyright Jason R. Coombs + +Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: + +The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. + +THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. diff --git a/requirements/README.md b/requirements/README.md index 08ccba1567..1a58c30833 100644 --- a/requirements/README.md +++ b/requirements/README.md @@ -1,10 +1,37 @@ +# Dependency Management + The `requirements.txt` and `requirements_ansible.txt` files are generated from `requirements.in` and `requirements_ansible.in`, respectively, using `pip-tools` `pip-compile`. -Run `./updater.sh` command from inside `./requirements` directory of the awx repository. +## How To Use -Make sure you have `patch, awk, python3, python2, python3-venv, python2-virtualenv, pip2, pip3` installed. +Commands should from inside `./requirements` directory of the awx repository. -If you are using the development container image, you need to run `dnf install libpq-devel libcurl-devel`. These packages are only installed temporarily in the Dockerfile. +Make sure you have `patch, awk, python3, python2, python3-venv, python2-virtualenv, pip2, pip3` installed. The development container image should have all these. + +### Upgrading or Adding Select Libraries + +If you need to add or upgrade one targeted library, then modify `requirements.in`, +then run the script: + +`./updater.sh` + +#### Upgrading Unpinned Dependency + +If you require a new version of a dependency that does not have a pinned version +for a fix or feature, pin a minimum version and run `./updater.sh`. For example, +replace the line `asgi-amqp` with `asgi-amqp>=1.1.4`, and consider leaving a +note. + +Then next time that a general upgrade is performed, the minimum version specifiers +can be removed, because `*.txt` files are upgraded to latest. + +### Upgrading Dependencies + +You can upgrade (`pip-compile --upgrade`) the dependencies by running + +`./updater.sh upgrade`. + +## What The Script Does This script will: @@ -13,7 +40,6 @@ This script will: - including an automated patch that adds `python_version < "3"` for Python 2 backward compatibility - Removes the `docutils` dependency line from `requirements.txt` and `requirements_ansible.txt` -You can also upgrade (`pip-compile --upgrade`) the dependencies by running `./updater.sh upgrade`. ## Licenses and Source Files @@ -29,3 +55,97 @@ pip download -d docs/licenses/ --no-binary :all: --no-deps ``` Make sure to delete the old tarball if it is an upgrade. + +## UPGRADE BLOCKERs + +Anything pinned in `*.in` files involves additional manual work in +order to upgrade. Some information related to that work is outlined here. + +### django + +For any upgrade of Django, it must be confirmed that +we don't regress on FIPS support before merging. + +See internal integration test knowledge base article `how_to_test_FIPS` +for instructions. + +If operating in a FIPS environment, `hashlib.md5()` will raise a `ValueError`, +but will support the `usedforsecurity` keyword on RHEL and Centos systems. + +Keep an eye on https://code.djangoproject.com/ticket/28401 + +The override of `names_digest` could easily be broken in a future version. +Check that the import remains the same in the desired version. + +https://github.com/django/django/blob/af5ec222ccd24e81f9fec6c34836a4e503e7ccf7/django/db/backends/base/schema.py#L7 + +### social-auth-app-django + +django-social keeps a list of backends in memory that it gathers +based on the value of `settings.AUTHENTICATION_BACKENDS` *at import time*: +https://github.com/python-social-auth/social-app-django/blob/c1e2795b00b753d58a81fa6a0261d8dae1d9c73d/social_django/utils.py#L13 + +Our `settings.AUTHENTICATION_BACKENDS` can *change* +dynamically as Tower settings are changed (i.e., if somebody +configures Github OAuth2 integration), so we need to +_overwrite_ this in-memory value at the top of every request so +that we have the latest version +see: https://github.com/ansible/tower/issues/1979 + +### django-oauth-toolkit + +Version 1.2.0 of this project has a bug that error when revoking tokens. +This is fixed in the master branch but is not yet released. + +When upgrading past 1.2.0 in the future, the `0025` migration needs to be +edited, just like the old migration was edited in the project: +https://github.com/jazzband/django-oauth-toolkit/commit/96538876d0d7ea0319ba5286f9bde842a906e1c5 +The field can simply have the validator method `validate_uris` removed. + +### azure-keyvault + +Upgrading to 4.0.0 causes error because imports changed. + +``` + File "/var/lib/awx/venv/awx/lib64/python3.6/site-packages/awx/main/credential_plugins/azure_kv.py", line 4, in + from azure.keyvault import KeyVaultClient, KeyVaultAuthentication +ImportError: cannot import name 'KeyVaultClient' +``` + +### slackclient + +Imports as used in `awx/main/notifications/slack_backend.py` changed +in version 2.0. This plugin code will need to change and be re-tested +as the upgrade takes place. + +### django-jsonfield + +Instead of calling a `loads()` operation, the returned value is casted into +a string in some cases, introduced in the change: + +https://github.com/adamchainz/django-jsonfield/pull/14 + +This breaks a very large amount of AWX code that assumes these fields +are returned as dicts. Upgrading this library will require a refactor +to accomidate this change. + +### pip and setuptools + +The offline installer needs to have functionality confirmed before upgrading these. + +## Library Notes + +### celery + +This is only used for the beat feature (running periodic tasks). +This could be replaced, see: https://github.com/ansible/awx/pull/2530 + +### requests-futures + +This can be removed when a solution for the external log queuing is ready. +https://github.com/ansible/awx/pull/5092 + +### asgi-amqp + +This library is not compatible with channels 2 and is not expected +to become so. This drives other pins in the requirements file. diff --git a/requirements/requirements.in b/requirements/requirements.in index 44706dac84..86ea6385f5 100644 --- a/requirements/requirements.in +++ b/requirements/requirements.in @@ -1,53 +1,48 @@ -ansible-runner==1.4.4 -ansiconv==1.0.0 -appdirs==1.4.2 -asgi-amqp==1.1.4 -azure-keyvault==1.1.0 -boto==2.47.0 -channels==1.1.8 -celery==4.3.0 -daphne==1.3.0 # Last before backwards-incompatible channels 2 upgrade -twisted[tls]>=17.1 # from daphne, see https://github.com/django/daphne/pull/257 -Django==2.2.4 -django-auth-ldap==1.7.0 -django-cors-headers==2.4.0 -django-crum==0.7.2 -django-extensions==2.0.0 -django-jsonfield==1.2.0 -django-oauth-toolkit==1.1.3 -django-polymorphic==2.0.2 -django-pglocks==1.0.2 -django-qsstats-magic==1.1.0 -django-radius==1.3.3 -django-solo==1.1.3 -django-split-settings==0.3.0 -django-taggit==0.22.2 -djangorestframework==3.9.4 -djangorestframework-yaml==1.0.3 -GitPython==2.1.11 -irc==16.2 -jinja2==2.10.1 -jsonschema==2.6.0 -Markdown==2.6.11 # used for formatting API help -openshift==0.9.0 -ordereddict==1.1 -prometheus_client==0.6.0 -psutil==5.4.3 -psycopg2==2.8.2 -pygerduty==0.37.0 -pyparsing==2.2.0 -python-dateutil==2.7.2 # contains support for TZINFO= parsing -python-memcached==1.59 -python-radius==1.0 -python3-saml==1.4.0 -social-auth-core==3.0.0 -social-auth-app-django==2.1.0 -requests==2.21.0 -requests-futures==0.9.7 -slackclient==1.1.2 -tacacs_plus==1.0 -twilio==6.10.4 -uWSGI==2.0.17 -uwsgitop==0.10.0 -pip==9.0.1 -setuptools==36.0.1 +ansible-runner +ansiconv==1.0.0 # UPGRADE BLOCKER: from 2013, consider replacing instead of upgrading +asgi-amqp>=1.1.4 # see library notes, related to channels 2 +azure-keyvault==1.1.0 # see UPGRADE BLOCKERs +boto # replacement candidate https://github.com/ansible/awx/issues/2115 +channels==1.1.8 # UPGRADE BLOCKER: Last before backwards-incompatible channels 2 upgrade +celery==4.3.0 # see library notes +daphne==1.4.2 # UPGRADE BLOCKER: last before channels 2 but not pinned by other deps +Django==2.2.7 # see UPGRADE BLOCKERs +django-auth-ldap +django-cors-headers +django-crum +django-extensions +django-jsonfield==1.2.0 # see UPGRADE BLOCKERs +django-oauth-toolkit==1.1.3 # see UPGRADE BLOCKERs +django-polymorphic +django-pglocks +django-qsstats-magic +django-radius==1.3.3 # FIX auth does not work with later versions +django-solo +django-split-settings +django-taggit +djangorestframework +djangorestframework-yaml +GitPython +irc +jinja2 +jsonschema +Markdown # used for formatting API help +openshift +prometheus_client +psycopg2 +pygerduty +pyparsing +python-memcached +python-radius +python3-saml +social-auth-core==3.2.0 # see UPGRADE BLOCKERs +social-auth-app-django==3.1.0 # see UPGRADE BLOCKERs +requests +requests-futures # see library notes +slackclient==1.1.2 # see UPGRADE BLOCKERs +tacacs_plus==1.0 # UPGRADE BLOCKER: auth does not work with later versions +twilio +uWSGI +uwsgitop +pip==19.3.1 # see UPGRADE BLOCKERs +setuptools==42.0.1 # see UPGRADE BLOCKERs diff --git a/requirements/requirements.txt b/requirements/requirements.txt index ca37b6ef92..129fc169b0 100644 --- a/requirements/requirements.txt +++ b/requirements/requirements.txt @@ -1,135 +1,132 @@ -adal==1.2.1 # via msrestazure -amqp==2.4.2 # via kombu +adal==1.2.2 # via msrestazure +amqp==2.5.2 # via kombu ansible-runner==1.4.4 ansiconv==1.0.0 -appdirs==1.4.2 -argparse==1.4.0 # via uwsgitop asgi-amqp==1.1.4 asgiref==1.1.2 # via asgi-amqp, channels, daphne -asn1crypto==0.24.0 # via cryptography -attrs==19.1.0 # via automat, service-identity, twisted -autobahn==19.5.1 # via daphne -automat==0.7.0 # via twisted -azure-common==1.1.21 # via azure-keyvault +attrs==19.3.0 # via automat, jsonschema, twisted +autobahn==19.11.1 # via daphne +automat==0.8.0 # via twisted +azure-common==1.1.23 # via azure-keyvault azure-keyvault==1.1.0 azure-nspkg==3.0.2 # via azure-keyvault -billiard==3.6.0.0 # via celery -boto==2.47.0 +billiard==3.6.1.0 # via celery +boto==2.49.0 cachetools==3.1.1 # via google-auth celery==4.3.0 -certifi==2019.3.9 # via kubernetes, msrest, requests -cffi==1.12.3 # via cryptography +certifi==2019.11.28 # via kubernetes, msrest, requests +cffi==1.13.2 # via cryptography channels==1.1.8 chardet==3.0.4 # via requests constantly==15.1.0 # via twisted -cryptography==2.6.1 # via adal, azure-keyvault, pyopenssl, service-identity -daphne==1.3.0 -defusedxml==0.5.0 # via python3-openid, python3-saml, social-auth-core +cryptography==2.8 # via adal, autobahn, azure-keyvault +daphne==1.4.2 +defusedxml==0.6.0 # via python3-openid, python3-saml, social-auth-core dictdiffer==0.8.0 # via openshift -django-auth-ldap==1.7.0 -django-cors-headers==2.4.0 -django-crum==0.7.2 -django-extensions==2.0.0 +django-auth-ldap==2.1.0 +django-cors-headers==3.2.0 +django-crum==0.7.4 +django-extensions==2.2.5 django-jsonfield==1.2.0 django-oauth-toolkit==1.1.3 -django-pglocks==1.0.2 -django-polymorphic==2.0.2 +django-pglocks==1.0.3 +django-polymorphic==2.1.2 django-qsstats-magic==1.1.0 django-radius==1.3.3 django-solo==1.1.3 -django-split-settings==0.3.0 -django-taggit==0.22.2 -django==2.2.4 +django-split-settings==1.0.0 +django-taggit==1.2.0 +django==2.2.7 djangorestframework-yaml==1.0.3 -djangorestframework==3.9.4 +djangorestframework==3.10.3 future==0.16.0 # via django-radius -gitdb2==2.0.5 # via gitpython -gitpython==2.1.11 -google-auth==1.6.3 # via kubernetes +gitdb2==2.0.6 # via gitpython +gitpython==3.0.5 +google-auth==1.7.1 # via kubernetes hyperlink==19.0.0 # via twisted -idna==2.8 # via hyperlink, requests, twisted +idna==2.8 # via hyperlink, requests +importlib-metadata==1.1.0 # via inflect, irc, jsonschema, kombu +importlib-resources==1.0.2 # via jaraco.text incremental==17.5.0 # via twisted -inflect==2.1.0 # via jaraco.itertools -irc==16.2 +inflect==3.0.2 # via jaraco.itertools +irc==17.1 isodate==0.6.0 # via msrest, python3-saml jaraco.classes==2.0 # via jaraco.collections -jaraco.collections==2.0 # via irc +jaraco.collections==2.1 # via irc jaraco.functools==2.0 # via irc, jaraco.text, tempora jaraco.itertools==4.4.2 # via irc jaraco.logging==2.0 # via irc jaraco.stream==2.0 # via irc -jaraco.text==3.0 # via irc, jaraco.collections -jinja2==2.10.1 +jaraco.text==3.2.0 # via irc, jaraco.collections +jinja2==2.10.3 jsonpickle==1.2 # via asgi-amqp -jsonschema==2.6.0 -kombu==4.5.0 # via asgi-amqp, celery -kubernetes==9.0.0 # via openshift +jsonschema==3.2.0 +kombu==4.6.6 # via asgi-amqp, celery +kubernetes==10.0.1 # via openshift lockfile==0.12.2 # via python-daemon -lxml==4.3.3 # via xmlsec -markdown==2.6.11 +lxml==4.4.2 # via xmlsec +markdown==3.1.1 markupsafe==1.1.1 # via jinja2 -more-itertools==7.0.0 # via irc, jaraco.functools, jaraco.itertools +more-itertools==8.0.0 # via irc, jaraco.functools, jaraco.itertools, zipp msgpack-python==0.5.6 # via asgi-amqp -msrest==0.6.6 # via azure-keyvault, msrestazure -msrestazure==0.6.0 # via azure-keyvault +msrest==0.6.10 # via azure-keyvault, msrestazure +msrestazure==0.6.2 # via azure-keyvault netaddr==0.7.19 # via pyrad -oauthlib==3.0.1 # via django-oauth-toolkit, requests-oauthlib, social-auth-core -openshift==0.9.0 -ordereddict==1.1 -pexpect==4.6.0 # via ansible-runner +oauthlib==3.1.0 # via django-oauth-toolkit, requests-oauthlib, social-auth-core +openshift==0.10.0 +pexpect==4.7.0 # via ansible-runner pkgconfig==1.5.1 # via xmlsec -prometheus_client==0.6.0 -psutil==5.4.3 -psycopg2==2.8.2 +prometheus-client==0.7.1 +psutil==5.6.7 # via ansible-runner +psycopg2==2.8.4 ptyprocess==0.6.0 # via pexpect -pyasn1-modules==0.2.5 # via google-auth, python-ldap, service-identity -pyasn1==0.4.5 # via pyasn1-modules, python-ldap, rsa, service-identity +pyasn1-modules==0.2.7 # via google-auth, python-ldap +pyasn1==0.4.8 # via pyasn1-modules, python-ldap, rsa pycparser==2.19 # via cffi -pygerduty==0.37.0 +pygerduty==0.38.2 pyhamcrest==1.9.0 # via twisted pyjwt==1.7.1 # via adal, social-auth-core, twilio -pyopenssl==19.0.0 # via twisted -pyparsing==2.2.0 -pyrad==2.1 # via django-radius -pysocks==1.7.0 # via twilio -python-daemon==2.2.3 # via ansible-runner -python-dateutil==2.7.2 +pyparsing==2.4.5 +pyrad==2.2 # via django-radius +pyrsistent==0.15.6 # via jsonschema +python-daemon==2.2.4 # via ansible-runner +python-dateutil==2.8.1 # via adal, kubernetes python-ldap==3.2.0 # via django-auth-ldap python-memcached==1.59 python-radius==1.0 python-string-utils==0.6.0 # via openshift python3-openid==3.1.0 # via social-auth-core -python3-saml==1.4.0 +python3-saml==1.9.0 pytz==2019.3 # via celery, django, irc, tempora, twilio -pyyaml==5.1 # via ansible-runner, djangorestframework-yaml, kubernetes -requests-futures==0.9.7 -requests-oauthlib==1.2.0 # via kubernetes, msrest, social-auth-core -requests==2.21.0 +pyyaml==5.2 # via ansible-runner, djangorestframework-yaml, kubernetes +requests-futures==1.0.0 +requests-oauthlib==1.3.0 # via kubernetes, msrest, social-auth-core +requests==2.22.0 rsa==4.0 # via google-auth -ruamel.yaml==0.15.99 # via openshift -service-identity==18.1.0 # via twisted -simplejson==3.16.0 # via uwsgitop -six==1.12.0 # via ansible-runner, asgi-amqp, asgiref, autobahn, automat, cryptography, django-extensions, google-auth, irc, isodate, jaraco.classes, jaraco.collections, jaraco.itertools, jaraco.logging, jaraco.stream, kubernetes, openshift, pygerduty, pyhamcrest, pyopenssl, pyrad, python-dateutil, python-memcached, slackclient, social-auth-app-django, social-auth-core, tacacs-plus, tempora, twilio, txaio, websocket-client +ruamel.yaml.clib==0.2.0 # via ruamel.yaml +ruamel.yaml==0.16.5 # via openshift +six==1.13.0 # via ansible-runner, asgi-amqp, asgiref, autobahn, automat, cryptography, django-extensions, google-auth, isodate, jaraco.classes, jaraco.collections, jaraco.itertools, jaraco.logging, jaraco.stream, jaraco.text, jsonschema, kubernetes, openshift, pygerduty, pyhamcrest, pyrad, pyrsistent, python-dateutil, python-memcached, slackclient, social-auth-app-django, social-auth-core, tacacs-plus, tempora, twilio, txaio, websocket-client slackclient==1.1.2 smmap2==2.0.5 # via gitdb2 -social-auth-app-django==2.1.0 -social-auth-core==3.0.0 +social-auth-app-django==3.1.0 +social-auth-core==3.2.0 sqlparse==0.3.0 # via django tacacs_plus==1.0 tempora==1.14.1 # via irc, jaraco.logging -twilio==6.10.4 -twisted[tls]==19.2.0 +twilio==6.33.1 +twisted==19.10.0 # via daphne txaio==18.8.1 # via autobahn -typing==3.6.6 # via django-extensions -urllib3==1.24.3 # via kubernetes, requests -uwsgi==2.0.17 -uwsgitop==0.10.0 +urllib3==1.25.7 # via kubernetes, requests +uwsgi==2.0.18 +uwsgitop==0.11 vine==1.3.0 # via amqp, celery websocket-client==0.56.0 # via kubernetes, slackclient xmlsec==1.3.3 # via python3-saml -zope.interface==4.6.0 # via twisted +zipp==0.6.0 # via importlib-metadata +zope.interface==4.7.1 # via twisted # The following packages are considered to be unsafe in a requirements file: -pip==9.0.1 -setuptools==36.0.1 +pip==19.3.1 +setuptools==42.0.1 +wheel==0.33.6 diff --git a/requirements/requirements_ansible.in b/requirements/requirements_ansible.in index 1c44179fc2..dcd948fc7b 100644 --- a/requirements/requirements_ansible.in +++ b/requirements/requirements_ansible.in @@ -53,8 +53,8 @@ ovirt-engine-sdk-python==4.3.0 # minimum set inside Ansible facts module requ pycurl==7.43.0.1 # higher versions will not install without SSL backend specified # AWX usage psutil==5.4.3 # same as AWX requirement -setuptools==36.0.1 -pip==9.0.1 +pip==19.3.1 # see upgrade blockers +setuptools==42.0.1 # see upgrade blockers # VMware pyvmomi==6.7.3 # WinRM diff --git a/requirements/requirements_ansible.txt b/requirements/requirements_ansible.txt index 4ac99e6016..3a1775183b 100644 --- a/requirements/requirements_ansible.txt +++ b/requirements/requirements_ansible.txt @@ -1,9 +1,8 @@ -adal==1.2.1 # via msrestazure +adal==1.2.2 # via msrestazure apache-libcloud==2.5.0 appdirs==1.4.3 # via openstacksdk applicationinsights==0.11.9 # via azure-cli-core -argcomplete==1.9.5 # via azure-cli-core, knack -asn1crypto==0.24.0 # via cryptography +argcomplete==1.10.3 # via azure-cli-core, knack azure-cli-core==2.0.35 azure-cli-nspkg==3.0.2 azure-common==1.1.11 @@ -39,82 +38,83 @@ azure-mgmt-web==0.41.0 azure-nspkg==2.0.0 azure-storage==0.35.1 backports.ssl-match-hostname==3.5.0.1 -bcrypt==3.1.6 # via paramiko +bcrypt==3.1.7 # via paramiko boto3==1.9.223 boto==2.47.0 -botocore==1.12.223 # via boto3, s3transfer -cachetools==3.1.0 # via google-auth -certifi==2019.3.9 # via msrest, requests -cffi==1.12.3 # via bcrypt, cryptography, pynacl +botocore==1.12.253 # via boto3, s3transfer +cachetools==3.1.1 # via google-auth +certifi==2019.11.28 # via msrest, requests +cffi==1.13.2 # via bcrypt, cryptography, pynacl chardet==3.0.4 # via requests colorama==0.4.1 # via azure-cli-core, knack -cryptography==2.6.1 # via adal, azure-keyvault, azure-storage, openstacksdk, paramiko, pyopenssl, requests-credssp, requests-kerberos, requests-ntlm -decorator==4.4.0 # via dogpile.cache, openstacksdk -docutils==0.14 # via botocore -dogpile.cache==0.7.1 # via openstacksdk +cryptography==2.8 # via adal, azure-keyvault, azure-storage, openstacksdk, paramiko, pyopenssl, requests-credssp, requests-kerberos, requests-ntlm +decorator==4.4.1 # via dogpile.cache, openstacksdk +docutils==0.15.2 # via botocore +dogpile.cache==0.9.0 # via openstacksdk enum34==1.1.6; python_version < "3" # via cryptography, knack, msrest, ovirt-engine-sdk-python -futures==3.2.0; python_version < "3" # via openstacksdk, s3transfer +futures==3.3.0; python_version < "3" # via openstacksdk, s3transfer google-auth==1.6.2 humanfriendly==4.18 # via azure-cli-core idna==2.8 # via requests -ipaddress==1.0.22; python_version < "3" # via cryptography, openstacksdk +ipaddress==1.0.23; python_version < "3" # via cryptography, openstacksdk iso8601==0.1.12 # via keystoneauth1, openstacksdk isodate==0.6.0 # via msrest jinja2==2.10.1 jmespath==0.9.4 # via azure-cli-core, boto3, botocore, knack, openstacksdk -jsonpatch==1.23 # via openstacksdk +jsonpatch==1.24 # via openstacksdk jsonpointer==2.0 # via jsonpatch -keystoneauth1==3.14.0 # via openstacksdk +keystoneauth1==3.18.0 # via openstacksdk knack==0.3.3 # via azure-cli-core -lxml==4.3.3 # via ncclient, pyvmomi +lxml==4.4.2 # via ncclient markupsafe==1.1.1 # via jinja2 monotonic==1.5; python_version < "3" # via humanfriendly msrest==0.6.1 msrestazure==0.5.0 -munch==2.3.2 # via openstacksdk +munch==2.5.0 # via openstacksdk ncclient==0.6.3 netaddr==0.7.19 netifaces==0.10.9 # via openstacksdk -ntlm-auth==1.3.0 # via requests-credssp, requests-ntlm -oauthlib==3.0.1 # via requests-oauthlib +ntlm-auth==1.4.0 # via requests-credssp, requests-ntlm +oauthlib==3.1.0 # via requests-oauthlib openstacksdk==0.31.1 os-service-types==1.7.0 # via keystoneauth1, openstacksdk ovirt-engine-sdk-python==4.3.0 -packaging==19.0 -paramiko==2.6.0 # via azure-cli-core, ncclient -pbr==5.2.0 # via keystoneauth1, openstacksdk, os-service-types, stevedore +packaging==19.2 +paramiko==2.7.0 # via azure-cli-core, ncclient +pbr==5.4.4 # via keystoneauth1, openstacksdk, os-service-types, stevedore psutil==5.4.3 -pyasn1-modules==0.2.5 # via google-auth -pyasn1==0.4.5 # via pyasn1-modules, requests-credssp, rsa +pyasn1-modules==0.2.7 # via google-auth +pyasn1==0.4.8 # via pyasn1-modules, requests-credssp, rsa pycparser==2.19 # via cffi pycurl==7.43.0.1 -pygments==2.3.1 # via azure-cli-core, knack +pygments==2.5.2 # via azure-cli-core, knack pyjwt==1.7.1 # via adal, azure-cli-core pykerberos==1.2.1 # via requests-kerberos pynacl==1.3.0 # via paramiko -pyopenssl==19.0.0 # via azure-cli-core, pyvmomi, requests-credssp -pyparsing==2.4.0 # via packaging -python-dateutil==2.6.1 # via adal, azure-storage, botocore +pyopenssl==19.1.0 # via azure-cli-core, requests-credssp +pyparsing==2.4.5 # via packaging +python-dateutil==2.8.1 # via adal, azure-storage, botocore pyvmomi==6.7.3 pywinrm[kerberos]==0.3.0 -pyyaml==5.1 # via azure-cli-core, knack, openstacksdk +pyyaml==5.2 # via azure-cli-core, knack, openstacksdk requests-credssp==1.0.2 requests-kerberos==0.12.0 # via pywinrm requests-ntlm==1.1.0 # via pywinrm -requests-oauthlib==1.2.0 # via msrest -requests==2.21.0 +requests-oauthlib==1.3.0 # via msrest +requests==2.22.0 requestsexceptions==1.4.0 # via openstacksdk rsa==4.0 # via google-auth s3transfer==0.2.1 # via boto3 selectors2==2.0.1 # via ncclient -six==1.12.0 # via azure-cli-core, bcrypt, cryptography, google-auth, isodate, keystoneauth1, knack, munch, ncclient, openstacksdk, ovirt-engine-sdk-python, packaging, pynacl, pyopenssl, python-dateutil, pyvmomi, pywinrm, requests-credssp, stevedore -stevedore==1.30.1 # via keystoneauth1 +six==1.13.0 # via azure-cli-core, bcrypt, cryptography, google-auth, isodate, keystoneauth1, knack, munch, ncclient, openstacksdk, ovirt-engine-sdk-python, packaging, pynacl, pyopenssl, python-dateutil, pyvmomi, pywinrm, requests-credssp, stevedore +stevedore==1.31.0 # via keystoneauth1 tabulate==0.8.2 # via azure-cli-core, knack -typing==3.6.6; python_version < "3" # via msrest -urllib3==1.24.3 # via botocore, requests -wheel==0.30.0 # via azure-cli-core +typing==3.7.4.1; python_version < "3" # via msrest +urllib3==1.25.7 # via botocore, requests +# wheel==0.30.0 # via azure-cli-core xmltodict==0.12.0 # via pywinrm # The following packages are considered to be unsafe in a requirements file: -pip==9.0.1 -setuptools==36.0.1 +pip==19.3.1 +setuptools==42.0.1 +wheel==0.33.6 diff --git a/requirements/requirements_setup_requires.txt b/requirements/requirements_setup_requires.txt index fc0588be19..5d2db8fbfb 100644 --- a/requirements/requirements_setup_requires.txt +++ b/requirements/requirements_setup_requires.txt @@ -5,3 +5,5 @@ pytest-runner isort virtualenv m2r +twine # from python-daemon +wheel==0.33.6