Update dependency certifi to v2023.7.22 [SECURITY] (#46)

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [certifi](https://togithub.com/certifi/python-certifi) | `==2023.5.7` -> `==2023.7.22` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/certifi/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/certifi/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/certifi/2023.5.7/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/certifi/2023.5.7/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2023-37920](https://togithub.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7) Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These are in the process of being removed from Mozilla's trust store. e-Tugra's root certificates are being removed pursuant to an investigation prompted by reporting of security issues in their systems. Conclusions of Mozilla's investigation can be found [here](https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A). --- ### Release Notes <details> <summary>certifi/python-certifi (certifi)</summary> ### [`v2023.7.22`](https://togithub.com/certifi/python-certifi/compare/2023.05.07...2023.07.22) [Compare Source](https://togithub.com/certifi/python-certifi/compare/2023.05.07...2023.07.22) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "" in timezone Etc/UTC, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/canonical/spark-k8s-toolkit-py).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
canonical · Oct 25, 2023 · 0ae7962 · 0ae7962
1 parent 4f2ddf9
commit 0ae7962
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/requirements.txt b/requirements.txt
@@ -1,9 +1,9 @@
 anyio==4.0.0; python_full_version > "3.8.0" and python_version < "4.0" \
     --hash=sha256:cfdb2b588b9fc25ede96d8db56ed50848b0b649dca3dd1df0b11f683bb9e0b5f \
     --hash=sha256:f7ed51751b2c2add651e5747c891b47e26d2a21be5d32d9311dfe9692f3e5d7a
-certifi==2023.5.7 ; python_full_version > "3.8.0" and python_version < "4.0" \
-    --hash=sha256:0f0d56dc5a6ad56fd4ba36484d6cc34451e1c6548c61daad8c320169f91eddc7 \
-    --hash=sha256:c6c2e98f5c7869efca1f8916fed228dd91539f9f1b444c314c06eef02980c716
+certifi==2023.7.22; python_full_version > "3.8.0" and python_version < "4.0" \
+    --hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \
+    --hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9
 envyaml==1.10.211231 ; python_full_version > "3.8.0" and python_version < "4.0" \
     --hash=sha256:88f8a076159e3c317d3450a5f404132b6ac91aecee4934ea72eac65f911f1244 \
     --hash=sha256:8d7a7a6be12587cc5da32a587067506b47b849f4643981099ad148015a72de52