From 0ae79620cd4f4722a0f6219de8b292e7ccc8c09c Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Wed, 25 Oct 2023 08:29:26 +0200 Subject: [PATCH] Update dependency certifi to v2023.7.22 [SECURITY] (#46) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Change | Age | Adoption | Passing | Confidence | |---|---|---|---|---|---| | [certifi](https://togithub.com/certifi/python-certifi) | `==2023.5.7` -> `==2023.7.22` | [![age](https://developer.mend.io/api/mc/badges/age/pypi/certifi/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![adoption](https://developer.mend.io/api/mc/badges/adoption/pypi/certifi/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![passing](https://developer.mend.io/api/mc/badges/compatibility/pypi/certifi/2023.5.7/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | [![confidence](https://developer.mend.io/api/mc/badges/confidence/pypi/certifi/2023.5.7/2023.7.22?slim=true)](https://docs.renovatebot.com/merge-confidence/) | ### GitHub Vulnerability Alerts #### [CVE-2023-37920](https://togithub.com/certifi/python-certifi/security/advisories/GHSA-xqr8-7jwr-rhp7) Certifi 2023.07.22 removes root certificates from "e-Tugra" from the root store. These are in the process of being removed from Mozilla's trust store. e-Tugra's root certificates are being removed pursuant to an investigation prompted by reporting of security issues in their systems. Conclusions of Mozilla's investigation can be found [here](https://groups.google.com/a/mozilla.org/g/dev-security-policy/c/C-HrP1SEq1A). --- ### Release Notes
certifi/python-certifi (certifi) ### [`v2023.7.22`](https://togithub.com/certifi/python-certifi/compare/2023.05.07...2023.07.22) [Compare Source](https://togithub.com/certifi/python-certifi/compare/2023.05.07...2023.07.22)
--- ### Configuration 📅 **Schedule**: Branch creation - "" in timezone Etc/UTC, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/canonical/spark-k8s-toolkit-py). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- requirements.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 958dd08..d92875d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,9 +1,9 @@ anyio==4.0.0; python_full_version > "3.8.0" and python_version < "4.0" \ --hash=sha256:cfdb2b588b9fc25ede96d8db56ed50848b0b649dca3dd1df0b11f683bb9e0b5f \ --hash=sha256:f7ed51751b2c2add651e5747c891b47e26d2a21be5d32d9311dfe9692f3e5d7a -certifi==2023.5.7 ; python_full_version > "3.8.0" and python_version < "4.0" \ - --hash=sha256:0f0d56dc5a6ad56fd4ba36484d6cc34451e1c6548c61daad8c320169f91eddc7 \ - --hash=sha256:c6c2e98f5c7869efca1f8916fed228dd91539f9f1b444c314c06eef02980c716 +certifi==2023.7.22; python_full_version > "3.8.0" and python_version < "4.0" \ + --hash=sha256:539cc1d13202e33ca466e88b2807e29f4c13049d6d87031a3c110744495cb082 \ + --hash=sha256:92d6037539857d8206b8f6ae472e8b77db8058fec5937a1ef3f54304089edbb9 envyaml==1.10.211231 ; python_full_version > "3.8.0" and python_version < "4.0" \ --hash=sha256:88f8a076159e3c317d3450a5f404132b6ac91aecee4934ea72eac65f911f1244 \ --hash=sha256:8d7a7a6be12587cc5da32a587067506b47b849f4643981099ad148015a72de52