Mercurial > p > roundup > code

changeset 8551:06fd452534d0

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
merge heads
author John Rouillard <rouilj@ieee.org>
date Mon, 30 Mar 2026 11:55:23 -0400
parents 2c59d8deb653 (diff) e920db4d00d3 (current diff)
children dbe30d5032b8
files
diffstat 1 files changed, 10 insertions(+), 6 deletions(-) [+]
line wrap: on
line diff
--- a/scripts/Docker/requirements.txt	Mon Mar 30 10:55:53 2026 -0400
+++ b/scripts/Docker/requirements.txt	Mon Mar 30 11:55:23 2026 -0400
@@ -1,5 +1,9 @@
+# Get newest versions, but specify minimum versions to get versions
+# without known vulnerabilities as reported by:
+# https://tools.simonwillison.net/python-vulnerability-lookup
+
 # setuptools required for installation - missing from newer base images
-setuptools
+setuptools >= 78.1.1
 # human timezones
 pytz
 # indexer
@@ -8,13 +12,13 @@
 # extra database support
 psycopg2
 mysqlclient
-redis
+redis >= 4.5.4
 # encryption
 gpg
 # java web tokens
-PyJWT
+PyJWT >= 2.12.0
 # extra HTTP compression methods
-Brotli
-zstd
+Brotli >= 1.2.0
+zstd >= 1.5.4
 # jinja2 template engine
-Jinja2
+Jinja2 >= 3.1.6
Roundup Issue Tracker: http://roundup-tracker.org/