[Snyk] Security upgrade django from 3.2.21 to 3.2.22 (#11563)

afabiani · snyk-bot · giohappy · web-flow · commit 24d34cde04d3 · 2023-10-05T14:21:30.000+02:00
* fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-5932095 * - Align setup.cfg to requirements.txt * upgrade spsycopg2 etup.cfg * - Align setup.cfg to requirements.txt --------- Co-authored-by: snyk-bot <snyk-bot@snyk.io> Co-authored-by: Giovanni Allegri <giohappy@gmail.com>
diff --git a/requirements.txt b/requirements.txt
@@ -2,7 +2,7 @@
 Pillow==10.0.1
 lxml==4.9.3
 psycopg2==2.9.9
-Django==3.2.21
+Django==3.2.22
 
 # Other
 amqp==5.1.1
diff --git a/setup.cfg b/setup.cfg
@@ -27,16 +27,16 @@ install_requires =
     # native dependencies
     Pillow==10.0.1
     lxml==4.9.3
-    psycopg2==2.9.7
-    Django==3.2.21
+    psycopg2==2.9.9
+    Django==3.2.22
 
     # Other
     amqp==5.1.1
     beautifulsoup4==4.12.2
     httplib2<0.22.1
     hyperlink==21.0.0
     idna>=2.5,<3.5
-    urllib3==1.26.15
+    urllib3==1.26.17
     Paver==1.3.4
     python-slugify==8.0.1
     decorator==5.1.1
@@ -134,7 +134,7 @@ install_requires =
     django-bootstrap3-datetimepicker-2==2.8.3
 
     # storage manager dependencies
-    django-storages==1.14
+    django-storages==1.14.1
     dropbox==11.36.2
     google-cloud-storage==2.11.0
     google-cloud-core==2.3.3
@@ -170,7 +170,7 @@ install_requires =
     # production
     uWSGI==2.0.22
     gunicorn==21.2.0
-    ipython==8.15.0
+    ipython==8.16.1
     docker==6.1.3
     invoke==2.2.0
 
@@ -195,7 +195,7 @@ install_requires =
     webdriver_manager==4.0.1
 
     # Security and audit
-    mistune==3.0.1
+    mistune==3.0.2
     protobuf==3.20.3
     mako==1.2.4
     paramiko==3.3.1 # not directly required, fixes Blowfish deprecation warning
