Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update pinned dependencies #3089

Merged
merged 3 commits into from
Jul 16, 2024
Merged

Update pinned dependencies #3089

merged 3 commits into from
Jul 16, 2024

Conversation

bolinocroustibat
Copy link
Contributor

@bolinocroustibat bolinocroustibat commented Jul 12, 2024
edited
Loading

Update pinned dependencies according to project dependencies, without updating any project dependencies.

Compatibility between dependencies versions in this PR have been checked by a package manager, and updated to the latest ones when possible.

Note:
It would be also useful to update cryptography package in project dependencies, since 1) old versions are often causes of system incompatibilities issues and 2) since it's a security dependency and 3) since the project version is very old (2.8, we're now at 42.0.8). This can be done in another PR, or in this PR, or later. Let me know what you think!

@bolinocroustibat bolinocroustibat changed the title chore: update pinned dependencies Update pinned dependencies Jul 12, 2024
maudetes
maudetes approved these changes Jul 15, 2024
View reviewed changes
Copy link
Contributor

@maudetes maudetes left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me! Don't forget to add a changelog entry before merging.

Have you updated pinned dependencies for other .pip files also?

I would say updating cryptography is a bigger jump and require testing more thoroughly. We can update it in another PR I would say

@bolinocroustibat
Copy link
Contributor Author

bolinocroustibat commented Jul 15, 2024
edited
Loading

This looks good to me! Don't forget to add a changelog entry before merging.

Indeed! Done

Have you updated pinned dependencies for other .pip files also?

Nope, I would say to do it in another PR, let me know

I would say updating cryptography is a bigger jump and require testing more thoroughly. We can update it in another PR I would say

Sure, it makes sense.

@bolinocroustibat bolinocroustibat merged commit fbd5fe0 into master Jul 16, 2024
1 check passed
@bolinocroustibat bolinocroustibat deleted the update-dependencies branch July 16, 2024 14:56
@ThibaudDauce
Copy link
Contributor

I think this PR breaks udata-front with dependencies conflicts (or maybe it's a problem with my cache venv…)

@maudetes
Copy link
Contributor

I think this PR breaks udata-front with dependencies conflicts (or maybe it's a problem with my cache venv…)

@nicolaskempf57 has updated udata-front indeed following this PR : datagouv/udata-front#448

@maudetes maudetes mentioned this pull request Jul 24, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maudetes maudetes maudetes approved these changes

@ThibaudDauce ThibaudDauce Awaiting requested review from ThibaudDauce

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@bolinocroustibat @ThibaudDauce @maudetes