You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@superset.apache.org by be...@apache.org on 2023/04/04 22:36:41 UTC
[superset] branch cves created (now e868d3306b)
This is an automated email from the ASF dual-hosted git repository.
beto pushed a change to branch cves
in repository https://gitbox.apache.org/repos/asf/superset.git
at e868d3306b chore: bump dependencies
This branch includes the following new commits:
new e868d3306b chore: bump dependencies
The 1 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails. The revisions
listed as "add" were already present in the repository and have only
been added to this reference.
[superset] 01/01: chore: bump dependencies
Posted by be...@apache.org.
This is an automated email from the ASF dual-hosted git repository.
beto pushed a commit to branch cves
in repository https://gitbox.apache.org/repos/asf/superset.git
commit e868d3306be0fec95f3a32810e3fc3039c045f11
Author: Beto Dealmeida <ro...@dealmeida.net>
AuthorDate: Tue Apr 4 15:36:28 2023 -0700
chore: bump dependencies
---
requirements/base.txt | 212 +++++++++++++++++++++++++++++--------------
requirements/development.txt | 50 +++++-----
requirements/docker.txt | 10 +-
requirements/integration.txt | 68 +++++++-------
requirements/local.txt | 2 +-
requirements/testing.txt | 95 +++++++++++--------
setup.py | 3 +
7 files changed, 265 insertions(+), 175 deletions(-)
diff --git a/requirements/base.txt b/requirements/base.txt
index 3a5ec607fe..8e8d034fdd 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -7,17 +7,24 @@
#
-e file:.
# via -r requirements/base.in
-alembic==1.6.5
+alembic==1.10.2
# via flask-migrate
-amqp==5.1.0
+amqp==5.1.1
# via kombu
-apispec[yaml]==3.3.2
+apispec[yaml]==5.2.2
# via flask-appbuilder
-attrs==21.2.0
- # via jsonschema
-babel==2.9.1
+async-generator==1.10
+ # via trio
+async-timeout==4.0.2
+ # via redis
+attrs==22.2.0
+ # via
+ # jsonschema
+ # outcome
+ # trio
+babel==2.12.1
# via flask-babel
-backoff==1.11.1
+backoff==2.2.1
# via apache-superset
bcrypt==4.0.1
# via paramiko
@@ -29,13 +36,15 @@ brotli==1.0.9
# via flask-compress
cachelib==0.4.1
# via apache-superset
-celery==5.2.2
+celery==5.2.7
# via apache-superset
+certifi==2022.12.7
+ # via selenium
cffi==1.15.1
# via
# cryptography
# pynacl
-click==8.0.4
+click==8.1.3
# via
# apache-superset
# celery
@@ -50,26 +59,32 @@ click-plugins==1.1.1
# via celery
click-repl==0.2.0
# via celery
-colorama==0.4.4
+colorama==0.4.6
# via
# apache-superset
# flask-appbuilder
convertdate==2.4.0
# via holidays
-cron-descriptor==1.2.24
+cron-descriptor==1.2.35
# via apache-superset
-croniter==1.0.15
+croniter==1.3.8
# via apache-superset
-cryptography==39.0.1
+cryptography==39.0.2
# via
# apache-superset
# paramiko
+deprecated==1.2.13
+ # via limits
deprecation==2.1.0
# via apache-superset
-dnspython==2.1.0
+dnspython==2.3.0
# via email-validator
-email-validator==1.1.3
+email-validator==1.3.1
# via flask-appbuilder
+exceptiongroup==1.1.1
+ # via
+ # trio
+ # trio-websocket
flask==2.1.3
# via
# apache-superset
@@ -78,19 +93,22 @@ flask==2.1.3
# flask-caching
# flask-compress
# flask-jwt-extended
+ # flask-limiter
# flask-login
# flask-migrate
# flask-sqlalchemy
# flask-wtf
-flask-appbuilder==4.3.0
+flask-appbuilder==4.3.1
# via apache-superset
-flask-babel==1.0.0
+flask-babel==2.0.0
# via flask-appbuilder
flask-caching==1.10.1
# via apache-superset
flask-compress==1.13
# via apache-superset
-flask-jwt-extended==4.3.1
+flask-jwt-extended==4.4.4
+ # via flask-appbuilder
+flask-limiter==3.3.0
# via flask-appbuilder
flask-login==0.6.0
# via
@@ -110,147 +128,181 @@ flask-wtf==1.0.1
# flask-appbuilder
func-timeout==4.3.5
# via apache-superset
-geographiclib==1.52
+geographiclib==2.0
# via geopy
-geopy==2.2.0
+geopy==2.3.0
# via apache-superset
graphlib-backport==1.0.3
# via apache-superset
+greenlet==2.0.2
+ # via sqlalchemy
gunicorn==20.1.0
# via apache-superset
+h11==0.14.0
+ # via wsproto
hashids==1.3.1
# via apache-superset
hijri-converter==2.2.4
# via holidays
holidays==0.17.2
# via apache-superset
-humanize==3.11.0
+humanize==4.6.0
# via apache-superset
-idna==3.2
- # via email-validator
-isodate==0.6.0
+idna==3.4
+ # via
+ # email-validator
+ # trio
+importlib-metadata==6.1.0
+ # via
+ # alembic
+ # flask
+ # markdown
+importlib-resources==5.12.0
+ # via
+ # alembic
+ # jsonschema
+ # limits
+isodate==0.6.1
# via apache-superset
-itsdangerous==2.1.1
+itsdangerous==2.1.2
# via
# flask
# flask-wtf
-jinja2==3.0.3
+jinja2==3.1.2
# via
# flask
# flask-babel
-jsonschema==3.2.0
+jsonschema==4.17.3
# via flask-appbuilder
kombu==5.2.4
# via celery
-korean-lunar-calendar==0.2.1
+korean-lunar-calendar==0.3.1
# via holidays
-mako==1.1.4
- # via alembic
-markdown==3.3.4
+limits==3.3.1
+ # via flask-limiter
+mako==1.2.4
+ # via
+ # alembic
+ # apache-superset
+markdown==3.4.3
# via apache-superset
-markupsafe==2.1.1
+markdown-it-py==2.2.0
+ # via rich
+markupsafe==2.1.2
# via
# jinja2
# mako
+ # werkzeug
# wtforms
-marshmallow==3.13.0
+marshmallow==3.19.0
# via
# flask-appbuilder
# marshmallow-enum
# marshmallow-sqlalchemy
marshmallow-enum==1.5.1
# via flask-appbuilder
-marshmallow-sqlalchemy==0.23.1
+marshmallow-sqlalchemy==0.26.1
# via flask-appbuilder
-msgpack==1.0.2
+mdurl==0.1.2
+ # via markdown-it-py
+msgpack==1.0.5
# via apache-superset
numpy==1.23.5
# via
# apache-superset
# pandas
# pyarrow
-packaging==21.3
+ordered-set==4.1.0
+ # via flask-limiter
+outcome==1.2.0
+ # via trio
+packaging==23.0
# via
# bleach
# deprecation
+ # limits
+ # marshmallow
pandas==1.5.3
# via apache-superset
-paramiko==2.11.0
+paramiko==3.1.0
# via sshtunnel
parsedatetime==2.6
# via apache-superset
pgsanity==0.2.9
# via apache-superset
-polyline==1.4.0
+pkgutil-resolve-name==1.3.10
+ # via jsonschema
+polyline==2.0.0
# via apache-superset
prison==0.2.1
# via flask-appbuilder
-prompt-toolkit==3.0.28
+prompt-toolkit==3.0.38
# via click-repl
pyarrow==10.0.1
# via apache-superset
-pycparser==2.20
+pycparser==2.21
# via cffi
-pyjwt==2.4.0
+pygments==2.14.0
+ # via rich
+pyjwt==2.6.0
# via
# apache-superset
# flask-appbuilder
# flask-jwt-extended
-pymeeus==0.5.11
+pymeeus==0.5.12
# via convertdate
pynacl==1.5.0
# via paramiko
-pyparsing==3.0.6
- # via
- # apache-superset
- # packaging
-pyrsistent==0.16.1
+pyparsing==3.0.9
+ # via apache-superset
+pyrsistent==0.19.3
# via jsonschema
+pysocks==1.7.1
+ # via urllib3
python-dateutil==2.8.2
# via
- # alembic
# apache-superset
# croniter
# flask-appbuilder
# holidays
# pandas
-python-dotenv==0.19.0
+python-dotenv==1.0.0
# via apache-superset
-python-editor==1.0.4
- # via alembic
python-geohash==0.8.5
# via apache-superset
-pytz==2021.3
+pytz==2023.3
# via
# babel
# celery
# flask-babel
# pandas
-pyyaml==5.4.1
+pyyaml==6.0
# via
# apache-superset
# apispec
-redis==3.5.3
+redis==4.5.4
# via apache-superset
-selenium==3.141.0
+rich==13.3.3
+ # via flask-limiter
+selenium==4.8.3
# via apache-superset
-simplejson==3.17.3
+simplejson==3.18.4
# via apache-superset
six==1.16.0
# via
# bleach
# click-repl
# isodate
- # jsonschema
- # paramiko
- # polyline
# prison
- # pyrsistent
# python-dateutil
# wtforms-json
-slack-sdk==3.18.3
+slack-sdk==3.20.2
# via apache-superset
-sqlalchemy==1.4.36
+sniffio==1.3.0
+ # via trio
+sortedcontainers==2.4.0
+ # via trio
+sqlalchemy==1.4.47
# via
# alembic
# apache-superset
@@ -266,36 +318,56 @@ sqlparse==0.4.3
# via apache-superset
sshtunnel==0.4.0
# via apache-superset
-tabulate==0.8.9
+tabulate==0.8.10
# via apache-superset
-typing-extensions==4.4.0
- # via apache-superset
-urllib3==1.26.6
+trio==0.22.0
+ # via
+ # selenium
+ # trio-websocket
+trio-websocket==0.10.2
+ # via selenium
+typing-extensions==4.5.0
+ # via
+ # alembic
+ # apache-superset
+ # flask-limiter
+ # limits
+ # rich
+urllib3[socks]==1.26.15
# via selenium
vine==5.0.0
# via
# amqp
# celery
# kombu
-wcwidth==0.2.5
+wcwidth==0.2.6
# via prompt-toolkit
webencodings==0.5.1
# via bleach
-werkzeug==2.1.2
+werkzeug==2.2.3
# via
+ # apache-superset
# flask
# flask-jwt-extended
# flask-login
+wrapt==1.15.0
+ # via deprecated
+wsproto==1.2.0
+ # via trio-websocket
wtforms==2.3.3
# via
# apache-superset
# flask-appbuilder
# flask-wtf
# wtforms-json
-wtforms-json==0.3.3
+wtforms-json==0.3.5
# via apache-superset
-xlsxwriter==3.0.7
+xlsxwriter==3.0.9
# via apache-superset
+zipp==3.15.0
+ # via
+ # importlib-metadata
+ # importlib-resources
# The following packages are considered to be unsafe in a requirements file:
# setuptools
diff --git a/requirements/development.txt b/requirements/development.txt
index 47fe7a1737..4e0f671ffd 100644
--- a/requirements/development.txt
+++ b/requirements/development.txt
@@ -12,53 +12,51 @@
# -r requirements/development.in
appnope==0.1.3
# via ipython
-asttokens==2.0.5
+asttokens==2.2.1
# via stack-data
backcall==0.2.0
# via ipython
-boto3==1.18.19
+boto3==1.26.106
# via tabulator
-botocore==1.21.19
+botocore==1.29.106
# via
# boto3
# s3transfer
cached-property==1.5.2
# via tableschema
-certifi==2021.10.8
- # via requests
-chardet==4.0.0
+chardet==5.1.0
# via tabulator
-charset-normalizer==2.0.12
+charset-normalizer==3.1.0
# via requests
decorator==5.1.1
# via ipython
et-xmlfile==1.1.0
# via openpyxl
-executing==0.8.3
+executing==1.2.0
# via stack-data
flask-cors==3.0.10
# via apache-superset
-future==0.18.2
+future==0.18.3
# via pyhive
-ijson==3.1.4
+ijson==3.2.0.post0
# via tabulator
-ipython==8.3.0
+ipython==8.12.0
# via -r requirements/development.in
-jedi==0.18.1
+jedi==0.18.2
# via ipython
-jmespath==0.10.0
+jmespath==1.0.1
# via
# boto3
# botocore
-jsonlines==2.0.0
+jsonlines==3.1.0
# via tabulator
linear-tsv==1.1.0
# via tabulator
-matplotlib-inline==0.1.3
+matplotlib-inline==0.1.6
# via ipython
-mysqlclient==2.1.0
+mysqlclient==2.1.1
# via apache-superset
-openpyxl==3.0.7
+openpyxl==3.1.2
# via tabulator
parso==0.8.3
# via jedi
@@ -66,7 +64,7 @@ pexpect==4.8.0
# via ipython
pickleshare==0.7.5
# via ipython
-pillow==9.3.0
+pillow==9.5.0
# via apache-superset
progress==1.6
# via -r requirements/development.in
@@ -80,39 +78,37 @@ pure-sasl==0.6.2
# via thrift-sasl
pydruid==0.6.5
# via apache-superset
-pygments==2.12.0
- # via ipython
pyhive[hive]==0.6.5
# via apache-superset
-pyinstrument==4.0.2
+pyinstrument==4.4.0
# via -r requirements/development.in
-requests==2.26.0
+requests==2.28.2
# via
# pydruid
# tableschema
# tabulator
-rfc3986==1.5.0
+rfc3986==2.0.0
# via tableschema
-s3transfer==0.5.0
+s3transfer==0.6.0
# via boto3
sasl==0.3.1
# via pyhive
sqloxide==0.1.30
# via -r requirements/development.in
-stack-data==0.2.0
+stack-data==0.6.2
# via ipython
tableschema==1.20.2
# via apache-superset
tabulator==1.53.5
# via tableschema
-thrift==0.14.1
+thrift==0.16.0
# via
# apache-superset
# pyhive
# thrift-sasl
thrift-sasl==0.4.3
# via pyhive
-traitlets==5.2.1.post0
+traitlets==5.9.0
# via
# ipython
# matplotlib-inline
diff --git a/requirements/docker.txt b/requirements/docker.txt
index 0338f43fd8..4ea1fbaa62 100644
--- a/requirements/docker.txt
+++ b/requirements/docker.txt
@@ -6,19 +6,17 @@
# pip-compile-multi
#
-r base.txt
--e file:.
+-e file:///Users/beto/Projects/github/superset
# via
# -r requirements/base.in
# -r requirements/docker.in
-gevent==21.8.0
+gevent==22.10.2
# via -r requirements/docker.in
-greenlet==1.1.3.post0
- # via gevent
psycopg2-binary==2.9.5
# via apache-superset
-zope-event==4.5.0
+zope-event==4.6
# via gevent
-zope-interface==5.4.0
+zope-interface==6.0
# via gevent
# The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/integration.txt b/requirements/integration.txt
index a1c991750d..66a11c07ca 100644
--- a/requirements/integration.txt
+++ b/requirements/integration.txt
@@ -5,61 +5,67 @@
#
# pip-compile-multi
#
-build==0.8.0
+build==0.10.0
# via pip-tools
-cfgv==3.3.0
+cachetools==5.3.0
+ # via tox
+cfgv==3.3.1
# via pre-commit
-click==8.0.4
+chardet==5.1.0
+ # via tox
+click==8.1.3
# via
# pip-compile-multi
# pip-tools
+colorama==0.4.6
+ # via tox
distlib==0.3.6
# via virtualenv
-filelock==3.9.0
+filelock==3.10.7
# via
# tox
# virtualenv
-identify==2.2.13
+identify==2.5.22
# via pre-commit
-nodeenv==1.6.0
+nodeenv==1.7.0
# via pre-commit
-packaging==21.3
+packaging==23.0
# via
# build
+ # pyproject-api
# tox
-pep517==0.11.0
- # via build
pip-compile-multi==2.6.2
- # via -r integration.in
-pip-tools==6.8.0
+ # via -r requirements/integration.in
+pip-tools==6.12.3
# via pip-compile-multi
-platformdirs==2.6.2
- # via virtualenv
-pluggy==0.13.1
+platformdirs==3.2.0
+ # via
+ # tox
+ # virtualenv
+pluggy==1.0.0
# via tox
-pre-commit==3.2.0
- # via -r integration.in
-py==1.10.0
+pre-commit==3.2.2
+ # via -r requirements/integration.in
+pyproject-api==1.5.1
# via tox
-pyparsing==3.0.6
- # via packaging
-pyyaml==5.4.1
+pyproject-hooks==1.0.0
+ # via build
+pyyaml==6.0
# via pre-commit
-six==1.16.0
- # via tox
-toml==0.10.2
- # via tox
-tomli==1.2.1
- # via pep517
-toposort==1.6
+tomli==2.0.1
+ # via
+ # build
+ # pyproject-api
+ # tox
+toposort==1.10
# via pip-compile-multi
-tox==3.25.1
- # via -r integration.in
-virtualenv==20.17.1
+tox==4.4.8
+ # via -r requirements/integration.in
+virtualenv==20.21.0
# via
# pre-commit
# tox
-wheel==0.38.1
+wheel==0.40.0
# via pip-tools
# The following packages are considered to be unsafe in a requirements file:
diff --git a/requirements/local.txt b/requirements/local.txt
index c4bd3cd599..a78dbde0d9 100644
--- a/requirements/local.txt
+++ b/requirements/local.txt
@@ -6,7 +6,7 @@
# pip-compile-multi
#
-r development.txt
--e file:.
+-e file:///Users/beto/Projects/github/superset
# via
# -r requirements/base.in
# -r requirements/development.in
diff --git a/requirements/testing.txt b/requirements/testing.txt
index 5312ea4f23..0e688b85e8 100644
--- a/requirements/testing.txt
+++ b/requirements/testing.txt
@@ -12,19 +12,23 @@
# -r requirements/base.in
# -r requirements/development.in
# -r requirements/testing.in
-astroid==2.6.6
+astroid==2.15.2
# via pylint
-cachetools==5.2.0
- # via google-auth
-coverage==5.5
+backports-zoneinfo==0.2.1
+ # via
+ # pytz-deprecation-shim
+ # tzlocal
+coverage[toml]==7.2.2
# via pytest-cov
-db-dtypes==1.0.5
+db-dtypes==1.1.1
# via pandas-gbq
-docker==5.0.0
+dill==0.3.6
+ # via pylint
+docker==6.0.1
# via -r requirements/testing.in
flask-testing==0.8.1
# via -r requirements/testing.in
-freezegun==1.1.0
+freezegun==1.2.2
# via -r requirements/testing.in
google-api-core[grpc]==2.11.0
# via
@@ -33,7 +37,7 @@ google-api-core[grpc]==2.11.0
# google-cloud-core
# pandas-gbq
# sqlalchemy-bigquery
-google-auth==2.14.1
+google-auth==2.17.1
# via
# google-api-core
# google-auth-oauthlib
@@ -41,60 +45,65 @@ google-auth==2.14.1
# pandas-gbq
# pydata-google-auth
# sqlalchemy-bigquery
-google-auth-oauthlib==0.7.1
+google-auth-oauthlib==1.0.0
# via
# pandas-gbq
# pydata-google-auth
-google-cloud-bigquery[bqstorage,pandas]==3.4.0
+google-cloud-bigquery==3.9.0
# via
# apache-superset
# pandas-gbq
# sqlalchemy-bigquery
-google-cloud-bigquery-storage==2.16.2
+google-cloud-bigquery-storage==2.19.1
# via
- # google-cloud-bigquery
# pandas-gbq
# sqlalchemy-bigquery
google-cloud-core==2.3.2
# via google-cloud-bigquery
google-crc32c==1.5.0
# via google-resumable-media
-google-resumable-media==2.4.0
+google-resumable-media==2.4.1
# via google-cloud-bigquery
-googleapis-common-protos==1.57.0
+googleapis-common-protos==1.59.0
# via
# google-api-core
# grpcio-status
-grpcio==1.51.1
+grpcio==1.53.0
# via
# google-api-core
# google-cloud-bigquery
# grpcio-status
-grpcio-status==1.51.1
+grpcio-status==1.53.0
# via google-api-core
-iniconfig==1.1.1
+iniconfig==2.0.0
# via pytest
isort==5.12.0
# via pylint
-lazy-object-proxy==1.6.0
- # via astroid
-mccabe==0.6.1
+jsonschema-spec==0.1.4
+ # via openapi-spec-validator
+lazy-object-proxy==1.9.0
+ # via
+ # astroid
+ # openapi-spec-validator
+mccabe==0.7.0
# via pylint
oauthlib==3.2.2
# via requests-oauthlib
-openapi-schema-validator==0.1.5
+openapi-schema-validator==0.4.4
# via openapi-spec-validator
-openapi-spec-validator==0.3.1
+openapi-spec-validator==0.5.6
# via -r requirements/testing.in
-pandas-gbq==0.18.1
+pandas-gbq==0.19.1
# via apache-superset
-parameterized==0.8.1
+parameterized==0.9.0
# via -r requirements/testing.in
-proto-plus==1.22.1
+pathable==0.4.3
+ # via jsonschema-spec
+proto-plus==1.22.2
# via
# google-cloud-bigquery
# google-cloud-bigquery-storage
-protobuf==4.21.10
+protobuf==4.22.1
# via
# google-api-core
# google-cloud-bigquery
@@ -108,37 +117,43 @@ pyasn1==0.4.8
# rsa
pyasn1-modules==0.2.8
# via google-auth
-pydata-google-auth==1.4.0
+pydata-google-auth==1.7.0
# via pandas-gbq
-pyfakefs==4.5.6
+pyfakefs==5.2.0
# via -r requirements/testing.in
-pyhive[presto]==0.6.5
- # via apache-superset
-pylint==2.9.6
+pylint==2.17.2
# via -r requirements/testing.in
-pytest==6.2.4
+pytest==7.2.2
# via
# -r requirements/testing.in
# pytest-cov
# pytest-mock
-pytest-cov==2.12.1
+pytest-cov==4.0.0
# via -r requirements/testing.in
-pytest-mock==3.6.1
+pytest-mock==3.10.0
# via -r requirements/testing.in
+pytz-deprecation-shim==0.1.0.post0
+ # via tzlocal
requests-oauthlib==1.3.1
# via google-auth-oauthlib
+rfc3339-validator==0.1.4
+ # via openapi-schema-validator
rsa==4.9
# via google-auth
-sqlalchemy-bigquery==1.5.0
+sqlalchemy-bigquery==1.6.1
# via apache-superset
-statsd==3.3.0
+statsd==4.0.1
# via -r requirements/testing.in
-trino==0.319.0
+tomlkit==0.11.7
+ # via pylint
+trino==0.322.0
# via apache-superset
-websocket-client==1.2.0
+tzdata==2023.3
+ # via pytz-deprecation-shim
+tzlocal==4.3
+ # via trino
+websocket-client==1.5.1
# via docker
-wrapt==1.12.1
- # via astroid
# The following packages are considered to be unsafe in a requirements file:
# pip
diff --git a/setup.py b/setup.py
index c6850070a0..6a33ec589b 100644
--- a/setup.py
+++ b/setup.py
@@ -98,6 +98,7 @@ setup(
"holidays>=0.17.2, <0.18",
"humanize",
"isodate",
+ "Mako>=1.2.2",
"markdown>=3.0",
"msgpack>=1.0.0, <1.1",
"numpy==1.23.5",
@@ -114,6 +115,7 @@ setup(
"PyJWT>=2.4.0, <3.0",
"redis",
"selenium>=3.141.0",
+ "setuptools>=65.5.1",
"sshtunnel>=0.4.0, <0.5",
"simplejson>=3.15.0",
"slack_sdk>=3.1.1, <4",
@@ -123,6 +125,7 @@ setup(
"tabulate>=0.8.9, <0.9",
"typing-extensions>=4, <5",
"waitress; sys_platform == 'win32'",
+ "werkzeug>=2.2.3",
"wtforms>=2.3.3, <2.4",
"wtforms-json",
"xlsxwriter>=3.0.7, <3.1",