[4.6][dependency] CVE 2025 47273 (#7020)

* Update requirements for setuptools * first pass and need to commit * update makefile and run updater script
2026-02-17 03:00:04 -03:30 · 2025-07-22 15:21:06 -04:00
parent 03cd450669
commit e8b2920aec
3 changed files with 6 additions and 4 deletions
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -73,7 +73,7 @@ uWSGI>=2.0.28
 uwsgitop
 wheel>=0.38.1  # CVE-2022-40898
 pip==21.2.4  # see UPGRADE BLOCKERs
-setuptools  # see UPGRADE BLOCKERs
+setuptools==78.1.1  # see UPGRADE BLOCKERs
 setuptools_scm[toml]  # see UPGRADE BLOCKERs, xmlsec build dep
 setuptools-rust>=0.11.4  # cryptography build dep
 pkgconfig>=1.5.1  # xmlsec build dep - needed for offline build
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -190,7 +190,9 @@ djangorestframework-yaml==2.0.0
 docutils==0.20.1
    # via python-daemon
 dynaconf==3.2.10
-    # via django-ansible-base
+    # via
+    #   -r /awx_devel/requirements/requirements.in
+    #   django-ansible-base
 enum-compat==0.0.3
    # via asn1
 filelock==3.13.1
@@ -610,7 +612,7 @@ zope-interface==6.2
 # The following packages are considered to be unsafe in a requirements file:
 pip==21.2.4
    # via -r /awx_devel/requirements/requirements.in
-setuptools==69.0.2
+setuptools==78.1.1
    # via
    #   -r /awx_devel/requirements/requirements.in
    #   asciichartpy