Merge pull request #3711 from AlanCoding/conservative_upgrades3

Apply critical dependency upgrades (try 2) Reviewed-by: https://github.com/softwarefactory-project-zuul[bot]
2026-03-07 19:51:08 -03:30 · 2019-04-17 13:04:24 +00:00
parent daeeb31590 941009bf6d
commit fbc7d1a9f2
11 changed files with 29 additions and 29 deletions
--- a/awx/init.py
+++ b/awx/init.py
@@ -37,9 +37,9 @@ if HAS_DJANGO is True:
    # This line exists to make sure we don't regress on FIPS support if we
    # upgrade Django; if you're upgrading Django and see this error,
    # update the version check below, and confirm that FIPS still works.
-    if django.__version__ != '1.11.16':
+    if django.__version__ != '1.11.20':
-        raise RuntimeError("Django version other than 1.11.16 detected {}. \
+        raise RuntimeError("Django version other than 1.11.20 detected {}. \
-                Subclassing BaseDatabaseSchemaEditor is known to work for Django 1.11.16 \
+                Subclassing BaseDatabaseSchemaEditor is known to work for Django 1.11.20 \
                and may not work in newer Django versions.".format(django.__version__))
--- a/awx/main/tests/functional/api/test_job_runtime_params.py
+++ b/awx/main/tests/functional/api/test_job_runtime_params.py
@@ -291,7 +291,7 @@ def test_job_launch_JT_with_validation(machine_credential, credential, deploy_jo
    kv['credentials'] = [machine_credential]  # conversion to internal value
    job_obj = deploy_jobtemplate.create_unified_job(**kv)
-    final_job_extra_vars = yaml.load(job_obj.extra_vars)
+    final_job_extra_vars = yaml.safe_load(job_obj.extra_vars)
    assert 'job_launch_var' in final_job_extra_vars
    assert 'job_template_var' in final_job_extra_vars
    assert set([cred.pk for cred in job_obj.credentials.all()]) == set([machine_credential.id, credential.id])
--- a/awx/main/tests/unit/test_tasks.py
+++ b/awx/main/tests/unit/test_tasks.py
@@ -172,7 +172,7 @@ def test_openstack_client_config_generation(mocker, source, expected, private_da
        'ansible_virtualenv_path': '/venv/foo'
    })
    cloud_config = update.build_private_data(inventory_update, private_data_dir)
-    cloud_credential = yaml.load(
+    cloud_credential = yaml.safe_load(
        cloud_config.get('credentials')[credential]
    )
    assert cloud_credential['clouds'] == {
@@ -215,7 +215,7 @@ def test_openstack_client_config_generation_with_private_source_vars(mocker, sou
    })
    cloud_config = update.build_private_data(inventory_update, private_data_dir)
    cloud_credential = yaml.load(
-        cloud_config.get('credentials')[credential]
+        cloud_config.get('credentials')[credential], Loader=SafeLoader
    )
    assert cloud_credential['clouds'] == {
        'devstack': {
@@ -249,7 +249,7 @@ def parse_extra_vars(args):
    for chunk in args:
        if chunk.startswith('@/tmp/'):
            with open(chunk.strip('@'), 'r') as f:
-                extra_vars.update(yaml.load(f, SafeLoader))
+                extra_vars.update(yaml.load(f, Loader=SafeLoader))
    return extra_vars
@@ -268,7 +268,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        # ensure that strings are marked as unsafe
        for unsafe in ['awx_job_template_name', 'tower_job_template_name',
@@ -292,7 +292,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == self.UNSAFE
        assert hasattr(extra_vars['msg'], '__UNSAFE__')
@@ -303,7 +303,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == {'a': [self.UNSAFE]}
        assert hasattr(extra_vars['msg']['a'][0], '__UNSAFE__')
@@ -314,7 +314,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == self.UNSAFE
        assert not hasattr(extra_vars['msg'], '__UNSAFE__')
@@ -326,7 +326,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == {'a': {'b': [self.UNSAFE]}}
        assert not hasattr(extra_vars['msg']['a']['b'][0], '__UNSAFE__')
@@ -343,7 +343,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == 'other-value'
        assert hasattr(extra_vars['msg'], '__UNSAFE__')
@@ -358,7 +358,7 @@ class TestExtraVarSanitation(TestJobExecution):
        task.build_extra_vars_file(job, private_data_dir, {})
        fd = open(os.path.join(private_data_dir, 'env', 'extravars'))
-        extra_vars = yaml.load(fd, SafeLoader)
+        extra_vars = yaml.load(fd, Loader=SafeLoader)
        assert extra_vars['msg'] == self.UNSAFE
        assert hasattr(extra_vars['msg'], '__UNSAFE__')
--- a/awx/main/tests/unit/utils/test_common.py
+++ b/awx/main/tests/unit/utils/test_common.py
@@ -59,7 +59,7 @@ class TestParserExceptions:
    @staticmethod
    def yaml_error(data):
        try:
-            yaml.load(data)
+            yaml.safe_load(data)
            return None
        except Exception as e:
            return str(e)
--- a/awx/wsgi.py
+++ b/awx/wsgi.py
@@ -41,10 +41,10 @@ if social_django.__version__ != '2.1.0':
            still works".format(social_django.__version__))
-if django.__version__ != '1.11.16':
+if django.__version__ != '1.11.20':
-    raise RuntimeError("Django version other than 1.11.16 detected {}. \
+    raise RuntimeError("Django version other than 1.11.20 detected {}. \
            Inherit from WSGIHandler to support short-circuit Django Middleware. \
-            This is known to work for Django 1.11.16 and may not work with other, \
+            This is known to work for Django 1.11.20 and may not work with other, \
            even minor, versions.".format(django.__version__))
--- a/docs/licenses/paramiko-2.4.0.tar.gz
+++ b/docs/licenses/paramiko-2.4.0.tar.gz
--- a/docs/licenses/paramiko-2.4.2.tar.gz
+++ b/docs/licenses/paramiko-2.4.2.tar.gz
--- a/requirements/requirements.in
+++ b/requirements/requirements.in
@@ -8,7 +8,7 @@ channels==1.1.8
 celery==4.2.1
 daphne==1.3.0   # Last before backwards-incompatible channels 2 upgrade
 defusedxml==0.5.0  # py36 support https://github.com/tiran/defusedxml/pull/4
-Django==1.11.16
+Django==1.11.20
 django-auth-ldap==1.7.0
 django-cors-headers==2.4.0
 django-crum==0.7.2
@@ -24,7 +24,7 @@ django-taggit==0.22.2
 djangorestframework==3.7.7
 djangorestframework-yaml==1.0.3
 irc==16.2
-jinja2==2.10
+jinja2==2.10.1
 jsonschema==2.6.0
 Markdown==2.6.11    # used for formatting API help
 ordereddict==1.1
--- a/requirements/requirements.txt
+++ b/requirements/requirements.txt
@@ -26,7 +26,7 @@ cffi==1.12.1              # via cryptography
 channels==1.1.8
 chardet==3.0.4            # via requests
 constantly==15.1.0        # via twisted
-cryptography==2.5         # via adal, azure-keyvault, pyopenssl
+cryptography==2.6.1       # via adal, azure-keyvault, pyopenssl
 daphne==1.3.0
 defusedxml==0.5.0
 django-auth-ldap==1.7.0
@@ -41,7 +41,7 @@ django-radius==1.3.3
 django-solo==1.1.3
 django-split-settings==0.3.0
 django-taggit==0.22.2
-django==1.11.16
+django==1.11.20
 djangorestframework-yaml==1.0.3
 djangorestframework==3.7.7
 future==0.16.0            # via django-radius
@@ -58,7 +58,7 @@ jaraco.itertools==4.4.1   # via irc
 jaraco.logging==2.0       # via irc
 jaraco.stream==2.0        # via irc
 jaraco.text==2.0          # via irc, jaraco.collections
-jinja2==2.10
+jinja2==2.10.1
 jsonpickle==1.1           # via asgi-amqp
 jsonschema==2.6.0
 kombu==4.2.1              # via asgi-amqp, celery
@@ -96,7 +96,7 @@ python-radius==1.0
 python3-openid==3.1.0     # via social-auth-core
 python3-saml==1.4.0
 pytz==2018.9              # via celery, django, irc, tempora, twilio
-pyyaml==3.13              # via djangorestframework-yaml
+pyyaml==5.1               # via djangorestframework-yaml
 requests-futures==0.9.7
 requests-oauthlib==1.2.0  # via msrest, social-auth-core
 requests[security]==2.21.0
--- a/requirements/requirements_ansible.in
+++ b/requirements/requirements_ansible.in
@@ -31,7 +31,7 @@ azure-graphrbac==0.40.0
 boto==2.47.0    # last which does not break ec2 scripts
 boto3==1.6.2
 google-auth==1.6.2    # needed for gce inventory imports
-jinja2==2.10    # required for native jinja2 types for inventory compat mode
+jinja2==2.10.1  # required for native jinja2 types for inventory compat mode
 # netconf for network modules
 ncclient==0.6.3
 # netaddr filter
--- a/requirements/requirements_ansible.txt
+++ b/requirements/requirements_ansible.txt
@@ -44,7 +44,7 @@ cffi==1.11.5              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
 colorama==0.3.9           # via azure-cli-core, knack
 configparser==3.5.0       # via entrypoints
-cryptography==2.1.4       # via adal, azure-keyvault, azure-storage, paramiko, pyopenssl, requests-kerberos, requests-ntlm, secretstorage
+cryptography==2.6.1       # via adal, azure-keyvault, azure-storage, paramiko, pyopenssl, requests-kerberos, requests-ntlm, secretstorage
 decorator==4.2.1          # via openstacksdk
 deprecation==2.0          # via openstacksdk
 docutils==0.14            # via botocore
@@ -58,7 +58,7 @@ idna==2.6                 # via cryptography, requests
 ipaddress==1.0.19         # via cryptography, openstacksdk
 iso8601==0.1.12           # via keystoneauth1, openstacksdk
 isodate==0.6.0            # via msrest
-jinja2==2.10
+jinja2==2.10.1
 jmespath==0.9.3           # via azure-cli-core, boto3, botocore, knack, openstacksdk
 jsonpatch==1.21           # via openstacksdk
 jsonpointer==2.0          # via jsonpatch
@@ -79,7 +79,7 @@ openstacksdk==0.23.0
 os-service-types==1.2.0   # via openstacksdk
 ovirt-engine-sdk-python==4.2.4
 packaging==17.1
-paramiko==2.4.0           # via azure-cli-core, ncclient
+paramiko==2.4.2           # via azure-cli-core, ncclient
 pbr==3.1.1                # via keystoneauth1, openstacksdk, os-service-types, stevedore
 pexpect==4.6.0
 psutil==5.4.3
@@ -97,7 +97,7 @@ pyparsing==2.2.0          # via packaging
 python-dateutil==2.6.1    # via adal, azure-storage, botocore
 pyvmomi==6.5
 pywinrm[kerberos]==0.3.0
-pyyaml==3.12              # via azure-cli-core, knack, openstacksdk, os-client-config
+pyyaml==5.1               # via azure-cli-core, knack, openstacksdk, os-client-config
 requests-credssp==0.1.0
 requests-kerberos==0.12.0  # via pywinrm
 requests-ntlm==1.1.0      # via pywinrm