HBASE-26821 Bump dependencies in /dev-support/git-jira-release-audit (#4193)

Bumps urllib3 from 1.25.8 to 1.26.5 to resolve two dependabot warnings CRLF injection (Moderate) urllib3 (pip) · dev-support/git-jira-release-audit/requirements.txt Catastrophic backtracking in URL authority parser when passed URL containing many @ characters (High) urllib3 (pip) · dev-support/git-jira-release-audit/requirements.txt Bumps cryptography from 2.8 to 3.3.2 to resolve one dependabot warning RSA decryption vulnerable to Bleichenbacher timing vulnerability (Moderate) cryptography (pip) · dev-support/git-jira-release-audit/requirements.txt Signed-off-by: Duo Zhang <zhangduo@apache.org> Signed-off-by: Nick Dimiduk <ndimiduk@apache.org> Signed-off-by: Wei-Chiu Chuang <weichiu@apache.org>
2022-03-10 12:25:33 -08:00 · 2022-03-10 12:25:33 -08:00 · addace21b6
parent e5dbbd20ac
commit addace21b6
1 changed files with 2 additions and 2 deletions
--- a/dev-support/git-jira-release-audit/requirements.txt
+++ b/dev-support/git-jira-release-audit/requirements.txt
@ -19,7 +19,7 @@ blessed==1.17.0
 certifi==2019.11.28
 cffi==1.13.2
 chardet==3.0.4
-cryptography==2.8
+cryptography=3.3.2
 defusedxml==0.6.0
 enlighten==1.4.0
 gitdb2==2.0.6
@ -35,5 +35,5 @@ requests-oauthlib==1.3.0
 requests-toolbelt==0.9.1
 six==1.14.0
 smmap2==2.0.5
-urllib3==1.25.8
+urllib3==1.26.5
 wcwidth==0.1.8