diff --git a/poetry.lock b/poetry.lock index b1ce865..a91125d 100644 --- a/poetry.lock +++ b/poetry.lock @@ -436,7 +436,7 @@ version = "3.4.6" description = "The Real First Universal Charset Detector. Open, modern and actively maintained alternative to Chardet." optional = false python-versions = ">=3.7" -groups = ["docs", "security", "test"] +groups = ["docs", "test"] files = [ {file = "charset_normalizer-3.4.6-cp310-cp310-macosx_10_9_universal2.whl", hash = "sha256:2e1d8ca8611099001949d1cdfaefc510cf0f212484fe7c565f735b68c78c3c95"}, {file = "charset_normalizer-3.4.6-cp310-cp310-manylinux2014_aarch64.manylinux_2_17_aarch64.manylinux_2_28_aarch64.whl", hash = "sha256:e25369dc110d58ddf29b949377a93e0716d72a24f62bad72b2b39f155949c1fd"}, @@ -890,7 +890,7 @@ version = "3.15" description = "Internationalized Domain Names in Applications (IDNA)" optional = false python-versions = ">=3.8" -groups = ["dev", "docs", "security", "test"] +groups = ["docs", "security", "test"] files = [ {file = "idna-3.15-py3-none-any.whl", hash = "sha256:048adeaf8c2d788c40fee287673ccaa74c24ffd8dcf09ffa555a2fbb59f10ac8"}, {file = "idna-3.15.tar.gz", hash = "sha256:ca962446ea538f7092a95e057da437618e886f4d349216d2b1e294abfdb65fdc"}, @@ -2228,7 +2228,7 @@ version = "2.33.0" description = "Python HTTP for Humans." optional = false python-versions = ">=3.10" -groups = ["docs", "security", "test"] +groups = ["docs", "test"] files = [ {file = "requests-2.33.0-py3-none-any.whl", hash = "sha256:3324635456fa185245e24865e810cecec7b4caf933d7eb133dcde67d48cee69b"}, {file = "requests-2.33.0.tar.gz", hash = "sha256:c7ebc5e8b0f21837386ad0e1c8fe8b829fa5f544d8df3b2253bff14ef29d7652"}, @@ -2457,18 +2457,19 @@ files = [ [[package]] name = "safety" -version = "3.7.0" +version = "3.8.1" description = "Scan dependencies for known vulnerabilities and licenses." optional = false python-versions = ">=3.9" groups = ["security"] files = [ - {file = "safety-3.7.0-py3-none-any.whl", hash = "sha256:65e71db45eb832e8840e3456333d44c23927423753d5610596a09e909a66d2bf"}, - {file = "safety-3.7.0.tar.gz", hash = "sha256:daec15a393cafc32b846b7ef93f9c952a1708863e242341ab5bde2e4beabb54e"}, + {file = "safety-3.8.1-py3-none-any.whl", hash = "sha256:953c1c3c60c873f53a6cc250b2a9c4b38bb6ef45f0625990e43f20bff916c965"}, + {file = "safety-3.8.1.tar.gz", hash = "sha256:e646123b976bbb6707cfaacae8c926e2f886b744a60e0f410e8610a3a4eaf7be"}, ] [package.dependencies] authlib = ">=1.2.0" +certifi = "*" click = ">=8.0.2" dparse = ">=0.6.4" filelock = ">=3.16.1,<4.0" @@ -2478,12 +2479,12 @@ marshmallow = ">=3.15.0" nltk = ">=3.9" packaging = ">=21.0" pydantic = ">=2.6.0" -requests = "*" ruamel-yaml = ">=0.17.21" safety-schemas = "0.0.16" tenacity = ">=8.1.0" tomlkit = "*" -typer = ">=0.16.0" +truststore = {version = ">=0.10.4", markers = "python_version >= \"3.10\""} +typer = ">=0.16.0,<0.26.0" typing-extensions = ">=4.7.1" [package.extras] @@ -2635,6 +2636,18 @@ notebook = ["ipywidgets (>=6)"] slack = ["slack-sdk"] telegram = ["requests"] +[[package]] +name = "truststore" +version = "0.10.4" +description = "Verify certificates using native system trust stores" +optional = false +python-versions = ">=3.10" +groups = ["security"] +files = [ + {file = "truststore-0.10.4-py3-none-any.whl", hash = "sha256:adaeaecf1cbb5f4de3b1959b42d41f6fab57b2b1666adb59e89cb0b53361d981"}, + {file = "truststore-0.10.4.tar.gz", hash = "sha256:9d91bd436463ad5e4ee4aba766628dd6cd7010cf3e2461756b3303710eebc301"}, +] + [[package]] name = "typer" version = "0.24.1" @@ -2686,7 +2699,7 @@ version = "2.7.0" description = "HTTP library with thread-safe connection pooling, file post, and more." optional = false python-versions = ">=3.10" -groups = ["docs", "security", "test"] +groups = ["docs", "test"] files = [ {file = "urllib3-2.7.0-py3-none-any.whl", hash = "sha256:9fb4c81ebbb1ce9531cce37674bbc6f1360472bc18ca9a553ede278ef7276897"}, {file = "urllib3-2.7.0.tar.gz", hash = "sha256:231e0ec3b63ceb14667c67be60f2f2c40a518cb38b03af60abc813da26505f4c"}, @@ -2797,4 +2810,4 @@ dev = ["doc8", "flake8", "flake8-import-order", "rstcheck[sphinx]", "ruff", "sph [metadata] lock-version = "2.1" python-versions = "<3.15,>=3.14" -content-hash = "f0a2f22156cdee3bb4ff3dfd471632dff96e6982f25d1d7d5bd84a292dd070a8" +content-hash = "a8669cc83aa7a56808431bc88c23f6b63857d2a697bb56b363bb215d3ae5c4aa" diff --git a/pyproject.toml b/pyproject.toml index c1464ed..7cc18c5 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -36,7 +36,7 @@ yamllint = "^1.38.0" ansible-lint = {version = "^26.4.0", markers = "platform_system != 'Windows'"} [tool.poetry.group.security.dependencies] -safety = "^3.7.0" +safety = "^3.8.1" [tool.poetry.group.typing.dependencies] mypy = "^2.1.0"