From 3719eb9843eae0524a7e1f8da91a073e959ffabc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jan=20Ga=C5=82da?= Date: Fri, 27 Oct 2023 14:19:24 +0200 Subject: [PATCH] tools: Update packages with vulnerabilities MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Update packages with vulnerabilities Signed-off-by: Jan Gałda --- scripts/pip-audit-whitelist.yml | 2 - scripts/requirements-ci.txt | 2 +- scripts/requirements-fixed.txt | 483 +++++++++----------------------- 3 files changed, 128 insertions(+), 359 deletions(-) diff --git a/scripts/pip-audit-whitelist.yml b/scripts/pip-audit-whitelist.yml index 1c3b902f4e0..1f7741d0964 100644 --- a/scripts/pip-audit-whitelist.yml +++ b/scripts/pip-audit-whitelist.yml @@ -1,4 +1,2 @@ py: - PYSEC-2022-42969 - - GHSA-cwvm-v4w8-q58c - - PYSEC-2023-192 diff --git a/scripts/requirements-ci.txt b/scripts/requirements-ci.txt index 80b9665559d..68445f16ca3 100644 --- a/scripts/requirements-ci.txt +++ b/scripts/requirements-ci.txt @@ -2,7 +2,7 @@ aenum bitarray chardet gitlint==0.18.0 -GitPython==3.1.35 +GitPython==3.1.37 jsonschema milksnake py diff --git a/scripts/requirements-fixed.txt b/scripts/requirements-fixed.txt index 65b5da711a5..c33f0e53eac 100644 --- a/scripts/requirements-fixed.txt +++ b/scripts/requirements-fixed.txt @@ -2,361 +2,132 @@ # This file is autogenerated by pip-compile with Python 3.8 # by the following command: # -# pip-compile --allow-unsafe --output-file=requirements-fixed.txt --strip-extras ./bootloader/mcuboot/scripts/requirements.txt ./nrf/scripts/requirements-ci.txt ./nrf/scripts/requirements-extra.txt ./nrf/scripts/requirements.txt ./zephyr/scripts/requirements.txt +# pip-compile --allow-unsafe --annotation-style=line --output-file=/home/runner/work/sdk-nrf/sdk-nrf/ncs/nrf/scripts/requirements-fixed.txt --strip-extras ./bootloader/mcuboot/scripts/requirements.txt ./nrf/scripts/requirements-ci.txt ./nrf/scripts/requirements-extra.txt ./nrf/scripts/requirements.txt ./zephyr/scripts/requirements.txt # -aenum==3.1.15 - # via -r ./nrf/scripts/requirements-ci.txt -anytree==2.9.0 - # via - # -r ./zephyr/scripts/requirements-base.txt - # -r ./zephyr/scripts/requirements-extras.txt -appdirs==1.4.4 - # via cmsis-pack-manager -arrow==1.2.1 - # via gitlint-core -astroid==2.15.6 - # via pylint -attrs==23.1.0 - # via - # jsonschema - # referencing -bitarray==2.8.1 - # via -r ./nrf/scripts/requirements-ci.txt -canopen==2.1.0 - # via -r ./zephyr/scripts/requirements-base.txt -capstone==4.0.2 - # via pyocd -cbor==1.0.0 - # via -r ./zephyr/scripts/requirements-run-test.txt -cbor2==5.4.6 - # via - # -r ./bootloader/mcuboot/scripts/requirements.txt - # -r ./nrf/scripts/requirements-build.txt - # imgtool - # zcbor -certifi==2023.7.22 - # via requests -cffi==1.15.1 - # via - # cmsis-pack-manager - # cryptography - # milksnake - # pygit2 - # pynacl -chardet==5.2.0 - # via -r ./nrf/scripts/requirements-ci.txt -charset-normalizer==3.2.0 - # via requests -clang-format==17.0.1 - # via - # -r ./nrf/scripts/requirements-build.txt - # -r ./zephyr/scripts/requirements-extras.txt -click==8.0.3 - # via - # -r ./bootloader/mcuboot/scripts/requirements.txt - # gitlint-core - # imgtool -cmsis-pack-manager==0.5.2 - # via pyocd -colorama==0.4.6 - # via - # -r ./zephyr/scripts/requirements-build-test.txt - # pyocd - # west -coverage==7.3.1 - # via -r ./zephyr/scripts/requirements-build-test.txt -cryptography==41.0.4 - # via - # -r ./bootloader/mcuboot/scripts/requirements.txt - # -r ./nrf/scripts/requirements-build.txt - # imgtool - # pyjwt -deprecated==1.2.14 - # via pygithub -dill==0.3.7 - # via pylint -docopt==0.6.2 - # via pykwalify -ecdsa==0.18.0 - # via -r ./nrf/scripts/requirements-build.txt -editdistance==0.6.2 - # via -r ./nrf/scripts/requirements-extra.txt -exceptiongroup==1.1.3 - # via pytest -future==0.18.3 - # via junitparser -gcovr==6.0 - # via -r ./zephyr/scripts/requirements-build-test.txt -gitdb==4.0.10 - # via gitpython -gitlint==0.18.0 - # via - # -r ./nrf/scripts/requirements-ci.txt - # -r ./zephyr/scripts/requirements-extras.txt -gitlint-core==0.18.0 - # via gitlint -gitpython==3.1.35 - # via -r ./nrf/scripts/requirements-ci.txt -graphviz==0.20.1 - # via -r ./zephyr/scripts/requirements-extras.txt -grpcio==1.58.0 - # via grpcio-tools -grpcio-tools==1.58.0 - # via -r ./zephyr/scripts/requirements-extras.txt -idna==3.4 - # via requests -imagesize==1.4.1 - # via -r ./nrf/scripts/requirements-build.txt -imgtool==1.10.0 - # via -r ./zephyr/scripts/requirements-extras.txt -importlib-metadata==6.8.0 - # via pyocd -importlib-resources==6.1.0 - # via - # jsonschema - # jsonschema-specifications - # libusb-package - # pyocd -iniconfig==2.0.0 - # via pytest -intelhex==2.3.0 - # via - # -r ./bootloader/mcuboot/scripts/requirements.txt - # -r ./nrf/scripts/requirements-build.txt - # -r ./zephyr/scripts/requirements-base.txt - # imgtool - # lpc-checksum - # pyocd -intervaltree==3.1.0 - # via pyocd -isort==5.12.0 - # via pylint -jinja2==3.1.2 - # via - # gcovr - # junit2html -jsonschema==4.19.1 - # via -r ./nrf/scripts/requirements-ci.txt -jsonschema-specifications==2023.7.1 - # via jsonschema -junit2html==30.1.3 - # via -r ./zephyr/scripts/requirements-extras.txt -junitparser==3.1.0 - # via -r ./zephyr/scripts/requirements-compliance.txt -lark==1.1.7 - # via pyocd -lazy-object-proxy==1.9.0 - # via astroid -libusb-package==1.0.26.2 - # via pyocd -lpc-checksum==2.2.0 - # via -r ./zephyr/scripts/requirements-extras.txt -lxml==4.9.3 - # via - # -r ./zephyr/scripts/requirements-compliance.txt - # gcovr -markupsafe==2.1.3 - # via jinja2 -mccabe==0.7.0 - # via pylint -milksnake==0.1.5 - # via -r ./nrf/scripts/requirements-ci.txt -mock==5.1.0 - # via -r ./zephyr/scripts/requirements-build-test.txt -msgpack==1.0.5 - # via python-can -mypy==1.5.1 - # via -r ./zephyr/scripts/requirements-build-test.txt -mypy-extensions==1.0.0 - # via mypy -natsort==8.4.0 - # via pyocd -nrfcredstore==1.0.0 - # via -r ./nrf/scripts/requirements-extra.txt -packaging==23.1 - # via - # -r ./zephyr/scripts/requirements-base.txt - # pytest - # python-can - # west -pathspec==0.11.2 - # via yamllint -pillow==10.0.1 - # via -r ./zephyr/scripts/requirements-extras.txt -pkgutil-resolve-name==1.3.10 - # via jsonschema -platformdirs==3.10.0 - # via pylint -pluggy==1.3.0 - # via pytest -ply==3.11 - # via -r ./zephyr/scripts/requirements-build-test.txt -prettytable==3.9.0 - # via pyocd -progress==1.6 - # via -r ./zephyr/scripts/requirements-base.txt -protobuf==4.24.3 - # via - # -r ./zephyr/scripts/requirements-extras.txt - # grpcio-tools -psutil==5.9.5 - # via - # -r ./zephyr/scripts/requirements-base.txt - # -r ./zephyr/scripts/requirements-run-test.txt - # pylink-square -py==1.11.0 - # via -r ./nrf/scripts/requirements-ci.txt -pycparser==2.21 - # via cffi -pyelftools==0.30 - # via - # -r ./zephyr/scripts/requirements-base.txt - # pyocd -pygit2==1.10.0 - # via -r ./nrf/scripts/requirements-extra.txt -pygithub==1.59.1 - # via - # -r ./nrf/scripts/requirements-extra.txt - # -r ./zephyr/scripts/requirements-extras.txt -pygments==2.16.1 - # via gcovr -pyjwt==2.8.0 - # via pygithub -pykwalify==1.8.0 - # via - # -r ./zephyr/scripts/requirements-base.txt - # west -pylink-square==1.2.0 - # via - # -r ./zephyr/scripts/requirements-base.txt - # pyocd -pylint==2.17.5 - # via - # -r ./nrf/scripts/requirements-build.txt - # -r ./zephyr/scripts/requirements-compliance.txt -pynacl==1.5.0 - # via pygithub -pyocd==0.35.1 - # via -r ./zephyr/scripts/requirements-run-test.txt -pyparsing==3.1.1 - # via -r ./nrf/scripts/requirements-ci.txt -pypng==0.20220715.0 - # via qrcode -pyserial==3.5 - # via - # -r ./zephyr/scripts/requirements-base.txt - # nrfcredstore -pytest==7.4.2 - # via -r ./zephyr/scripts/requirements-build-test.txt -python-can==4.2.2 - # via canopen -python-dateutil==2.8.2 - # via - # arrow - # pykwalify -python-magic==0.4.27 - # via -r ./zephyr/scripts/requirements-compliance.txt -python-stdnum==1.19 - # via -r ./nrf/scripts/requirements-ci.txt -pytz==2023.3.post1 - # via -r ./nrf/scripts/requirements-ci.txt -pyusb==1.2.1 - # via - # -r ./nrf/scripts/requirements-ci.txt - # pyocd -pyyaml==6.0.1 - # via - # -r ./zephyr/scripts/requirements-base.txt - # cmsis-pack-manager - # pyocd - # west - # yamllint - # zcbor -qrcode==7.4.2 - # via -r ./nrf/scripts/requirements-ci.txt -referencing==0.30.2 - # via - # jsonschema - # jsonschema-specifications -regex==2023.8.8 - # via zcbor -requests==2.31.0 - # via - # -r ./zephyr/scripts/requirements-base.txt - # pygithub -rpds-py==0.10.3 - # via - # jsonschema - # referencing -ruamel-yaml==0.17.32 - # via pykwalify -ruamel-yaml-clib==0.2.7 - # via ruamel-yaml -sh==1.14.2 - # via gitlint-core -six==1.16.0 - # via - # anytree - # ecdsa - # pylink-square - # pyocd - # python-dateutil -smmap==5.0.1 - # via gitdb -sortedcontainers==2.4.0 - # via intervaltree -stringcase==1.2.0 - # via -r ./nrf/scripts/requirements-ci.txt -tabulate==0.9.0 - # via -r ./zephyr/scripts/requirements-run-test.txt -toml==0.10.2 - # via -r ./nrf/scripts/requirements-ci.txt -tomli==2.0.1 - # via - # mypy - # pylint - # pytest -tomlkit==0.12.1 - # via pylint -typed-ast==1.5.5 - # via -r ./nrf/scripts/requirements-ci.txt -typing-extensions==4.8.0 - # via - # astroid - # mypy - # pylint - # pyocd - # python-can - # qrcode -urllib3==2.0.5 - # via requests -wcwidth==0.2.6 - # via prettytable -west==1.1.0 - # via - # -r ./nrf/scripts/requirements-base.txt - # -r ./zephyr/scripts/requirements-base.txt -wget==3.2 - # via -r ./nrf/scripts/requirements-ci.txt -wrapt==1.15.0 - # via - # astroid - # deprecated - # python-can -yamllint==1.32.0 - # via -r ./zephyr/scripts/requirements-compliance.txt -zcbor==0.7.0 - # via - # -r ./nrf/scripts/requirements-build.txt - # -r ./nrf/scripts/requirements-extra.txt - # -r ./zephyr/scripts/requirements-extras.txt -zipp==3.17.0 - # via - # importlib-metadata - # importlib-resources +aenum==3.1.15 # via -r ./nrf/scripts/requirements-ci.txt +anytree==2.9.0 # via -r ./zephyr/scripts/requirements-base.txt, -r ./zephyr/scripts/requirements-extras.txt +appdirs==1.4.4 # via cmsis-pack-manager +arrow==1.2.1 # via gitlint-core +astroid==2.15.6 # via pylint +attrs==23.1.0 # via jsonschema, referencing +bitarray==2.8.1 # via -r ./nrf/scripts/requirements-ci.txt +canopen==2.1.0 # via -r ./zephyr/scripts/requirements-base.txt +capstone==4.0.2 # via pyocd +cbor==1.0.0 # via -r ./zephyr/scripts/requirements-run-test.txt +cbor2==5.4.6 # via -r ./bootloader/mcuboot/scripts/requirements.txt, -r ./nrf/scripts/requirements-build.txt, imgtool, zcbor +certifi==2023.7.22 # via requests +cffi==1.15.1 # via cmsis-pack-manager, cryptography, milksnake, pygit2, pynacl +chardet==5.2.0 # via -r ./nrf/scripts/requirements-ci.txt +charset-normalizer==3.2.0 # via requests +clang-format==17.0.1 # via -r ./nrf/scripts/requirements-build.txt, -r ./zephyr/scripts/requirements-extras.txt +click==8.0.3 # via -r ./bootloader/mcuboot/scripts/requirements.txt, gitlint-core, imgtool +cmsis-pack-manager==0.5.2 # via pyocd +colorama==0.4.6 # via -r ./zephyr/scripts/requirements-build-test.txt, pyocd, west +coverage==7.3.1 # via -r ./zephyr/scripts/requirements-build-test.txt +cryptography==41.0.4 # via -r ./bootloader/mcuboot/scripts/requirements.txt, -r ./nrf/scripts/requirements-build.txt, imgtool, pyjwt +deprecated==1.2.14 # via pygithub +dill==0.3.7 # via pylint +docopt==0.6.2 # via pykwalify +ecdsa==0.18.0 # via -r ./nrf/scripts/requirements-build.txt +editdistance==0.6.2 # via -r ./nrf/scripts/requirements-extra.txt +exceptiongroup==1.1.3 # via pytest +future==0.18.3 # via junitparser +gcovr==6.0 # via -r ./zephyr/scripts/requirements-build-test.txt +gitdb==4.0.10 # via gitpython +gitlint==0.18.0 # via -r ./nrf/scripts/requirements-ci.txt, -r ./zephyr/scripts/requirements-extras.txt +gitlint-core==0.18.0 # via gitlint, gitlint-core +gitpython==3.1.37 # via -r ./nrf/scripts/requirements-ci.txt +graphviz==0.20.1 # via -r ./zephyr/scripts/requirements-extras.txt +grpcio==1.58.0 # via grpcio-tools +grpcio-tools==1.58.0 # via -r ./zephyr/scripts/requirements-extras.txt +idna==3.4 # via requests +imagesize==1.4.1 # via -r ./nrf/scripts/requirements-build.txt +imgtool==1.10.0 # via -r ./zephyr/scripts/requirements-extras.txt +importlib-metadata==6.8.0 # via pyocd +importlib-resources==6.1.0 # via jsonschema, jsonschema-specifications, libusb-package, pyocd +iniconfig==2.0.0 # via pytest +intelhex==2.3.0 # via -r ./bootloader/mcuboot/scripts/requirements.txt, -r ./nrf/scripts/requirements-build.txt, -r ./zephyr/scripts/requirements-base.txt, imgtool, lpc-checksum, pyocd +intervaltree==3.1.0 # via pyocd +isort==5.12.0 # via pylint +jinja2==3.1.2 # via gcovr, junit2html +jsonschema==4.19.1 # via -r ./nrf/scripts/requirements-ci.txt +jsonschema-specifications==2023.7.1 # via jsonschema +junit2html==30.1.3 # via -r ./zephyr/scripts/requirements-extras.txt +junitparser==3.1.0 # via -r ./zephyr/scripts/requirements-compliance.txt +lark==1.1.7 # via pyocd +lazy-object-proxy==1.9.0 # via astroid +libusb-package==1.0.26.2 # via pyocd +lpc-checksum==2.2.0 # via -r ./zephyr/scripts/requirements-extras.txt +lxml==4.9.3 # via -r ./zephyr/scripts/requirements-compliance.txt, gcovr +markupsafe==2.1.3 # via jinja2 +mccabe==0.7.0 # via pylint +milksnake==0.1.5 # via -r ./nrf/scripts/requirements-ci.txt +mock==5.1.0 # via -r ./zephyr/scripts/requirements-build-test.txt +msgpack==1.0.5 # via python-can +mypy==1.5.1 # via -r ./zephyr/scripts/requirements-build-test.txt +mypy-extensions==1.0.0 # via mypy +natsort==8.4.0 # via pyocd +nrfcredstore==1.0.0 # via -r ./nrf/scripts/requirements-extra.txt +packaging==23.1 # via -r ./zephyr/scripts/requirements-base.txt, pytest, python-can, west +pathspec==0.11.2 # via yamllint +pillow==10.0.1 # via -r ./zephyr/scripts/requirements-extras.txt +pkgutil-resolve-name==1.3.10 # via jsonschema +platformdirs==3.10.0 # via pylint +pluggy==1.3.0 # via pytest +ply==3.11 # via -r ./zephyr/scripts/requirements-build-test.txt +prettytable==3.9.0 # via pyocd +progress==1.6 # via -r ./zephyr/scripts/requirements-base.txt +protobuf==4.24.3 # via -r ./zephyr/scripts/requirements-extras.txt, grpcio-tools +psutil==5.9.5 # via -r ./zephyr/scripts/requirements-base.txt, -r ./zephyr/scripts/requirements-run-test.txt, pylink-square +py==1.11.0 # via -r ./nrf/scripts/requirements-ci.txt +pycparser==2.21 # via cffi +pyelftools==0.30 # via -r ./zephyr/scripts/requirements-base.txt, pyocd +pygit2==1.10.0 # via -r ./nrf/scripts/requirements-extra.txt +pygithub==1.59.1 # via -r ./nrf/scripts/requirements-extra.txt, -r ./zephyr/scripts/requirements-extras.txt +pygments==2.16.1 # via gcovr +pyjwt==2.8.0 # via pygithub, pyjwt +pykwalify==1.8.0 # via -r ./zephyr/scripts/requirements-base.txt, west +pylink-square==1.2.0 # via -r ./zephyr/scripts/requirements-base.txt, pyocd +pylint==2.17.5 # via -r ./nrf/scripts/requirements-build.txt, -r ./zephyr/scripts/requirements-compliance.txt +pynacl==1.5.0 # via pygithub +pyocd==0.35.1 # via -r ./zephyr/scripts/requirements-run-test.txt +pyparsing==3.1.1 # via -r ./nrf/scripts/requirements-ci.txt +pypng==0.20220715.0 # via qrcode +pyserial==3.5 # via -r ./zephyr/scripts/requirements-base.txt, nrfcredstore +pytest==7.4.2 # via -r ./zephyr/scripts/requirements-build-test.txt +python-can==4.2.2 # via canopen +python-dateutil==2.8.2 # via arrow, pykwalify +python-magic==0.4.27 # via -r ./zephyr/scripts/requirements-compliance.txt +python-stdnum==1.19 # via -r ./nrf/scripts/requirements-ci.txt +pytz==2023.3.post1 # via -r ./nrf/scripts/requirements-ci.txt +pyusb==1.2.1 # via -r ./nrf/scripts/requirements-ci.txt, pyocd +pyyaml==6.0.1 # via -r ./zephyr/scripts/requirements-base.txt, cmsis-pack-manager, pyocd, west, yamllint, zcbor +qrcode==7.4.2 # via -r ./nrf/scripts/requirements-ci.txt +referencing==0.30.2 # via jsonschema, jsonschema-specifications +regex==2023.8.8 # via zcbor +requests==2.31.0 # via -r ./zephyr/scripts/requirements-base.txt, pygithub +rpds-py==0.10.3 # via jsonschema, referencing +ruamel-yaml==0.17.32 # via pykwalify +ruamel-yaml-clib==0.2.7 # via ruamel-yaml +sh==1.14.2 # via gitlint-core +six==1.16.0 # via anytree, ecdsa, pylink-square, pyocd, python-dateutil +smmap==5.0.1 # via gitdb +sortedcontainers==2.4.0 # via intervaltree +stringcase==1.2.0 # via -r ./nrf/scripts/requirements-ci.txt +tabulate==0.9.0 # via -r ./zephyr/scripts/requirements-run-test.txt +toml==0.10.2 # via -r ./nrf/scripts/requirements-ci.txt +tomli==2.0.1 # via mypy, pylint, pytest +tomlkit==0.12.1 # via pylint +typed-ast==1.5.5 # via -r ./nrf/scripts/requirements-ci.txt +typing-extensions==4.8.0 # via astroid, mypy, pylint, pyocd, python-can, qrcode +urllib3==2.0.7 # via requests +wcwidth==0.2.6 # via prettytable +west==1.1.0 # via -r ./nrf/scripts/requirements-base.txt, -r ./zephyr/scripts/requirements-base.txt +wget==3.2 # via -r ./nrf/scripts/requirements-ci.txt +wrapt==1.15.0 # via astroid, deprecated, python-can +yamllint==1.32.0 # via -r ./zephyr/scripts/requirements-compliance.txt +zcbor==0.7.0 # via -r ./nrf/scripts/requirements-build.txt, -r ./nrf/scripts/requirements-extra.txt, -r ./zephyr/scripts/requirements-extras.txt +zipp==3.17.0 # via importlib-metadata, importlib-resources + # The following packages are considered to be unsafe in a requirements file: -setuptools==68.2.2 - # via - # grpcio-tools - # python-can - # west +setuptools==68.2.2 # via grpcio-tools, python-can, west