diff --git a/CHANGELOG.rst b/CHANGELOG.rst index a7dcb9b739..c11665880a 100644 --- a/CHANGELOG.rst +++ b/CHANGELOG.rst @@ -29,9 +29,11 @@ Fixed * Update cryptography 3.4.7 -> 39.0.1, pyOpenSSL 21.0.0 -> 23.1.0, paramiko 2.10.5 -> 2.11.0 (security). #6055 -* Bumped `eventlet` to `0.33.3` and `gunicorn` to `21.2.0` to fix `RecursionError` bug in setting `SSLContext` `minimum_version` property. #6061 +* Bumped `eventlet` to `0.33.3` and `gunicorn` to `21.2.0` to fix `RecursionError` bug in setting `SSLContext` `minimum_version` property. (security) #6061 Contributed by @jk464 +* Update orquesta to v1.6.0 to fix outdated dependencies (security). #6050 + Added ~~~~~ diff --git a/contrib/runners/orquesta_runner/in-requirements.txt b/contrib/runners/orquesta_runner/in-requirements.txt index 3302e48fad..8bf195dae4 100644 --- a/contrib/runners/orquesta_runner/in-requirements.txt +++ b/contrib/runners/orquesta_runner/in-requirements.txt @@ -1 +1 @@ -orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.6.0 diff --git a/contrib/runners/orquesta_runner/requirements.txt b/contrib/runners/orquesta_runner/requirements.txt index be64688128..cf26d58430 100644 --- a/contrib/runners/orquesta_runner/requirements.txt +++ b/contrib/runners/orquesta_runner/requirements.txt @@ -5,4 +5,4 @@ # If you want to update depdencies for a single component, modify the # in-requirements.txt for that component and then run 'make requirements' to # update the component requirements.txt -orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.6.0 diff --git a/fixed-requirements.txt b/fixed-requirements.txt index 00ed7297b9..c1a14fbcba 100644 --- a/fixed-requirements.txt +++ b/fixed-requirements.txt @@ -26,8 +26,8 @@ lockfile==0.12.2 # >=0.23 was from jinja2 MarkupSafe<2.1.0,>=0.23 mongoengine==0.23.0 -# networkx v2.6 does not support Python3.6. Update networkx to match orquesta -networkx>=2.5.1,<2.6 +# required by orquesta (networkx<2.6 for py3.6, networkx<3 for py3.8) +networkx<3 # networkx requires decorator>=4.3,<5 which should resolve to version 4.4.2 # but the wheel on pypi does not say it supports python3.8, so pip gets # confused. For now, pin decorator to work around pip's confusion. diff --git a/requirements-pants.txt b/requirements-pants.txt index 3e07857de0..ef04eaaf91 100644 --- a/requirements-pants.txt +++ b/requirements-pants.txt @@ -31,7 +31,7 @@ mongoengine # networkx version is constrained in orquesta. networkx orjson -orquesta @ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta @ git+https://github.com/StackStorm/orquesta.git@v1.6.0 # NOTE: Recent version substantially affect the performance and add big import time overhead # See https://github.com/StackStorm/st2/issues/4160#issuecomment-394386433 for details oslo.config>=1.12.1,<1.13 diff --git a/requirements.txt b/requirements.txt index 841cf38cb3..638faf38f0 100644 --- a/requirements.txt +++ b/requirements.txt @@ -32,12 +32,12 @@ lockfile==0.12.2 logshipper@ git+https://github.com/StackStorm/logshipper.git@stackstorm_patched ; platform_system=="Linux" mock==4.0.3 mongoengine==0.23.0 -networkx>=2.5.1,<2.6 +networkx<3 nose nose-parallel==0.4.0 nose-timer==1.0.1 orjson==3.5.2 -orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.6.0 oslo.config>=1.12.1,<1.13 oslo.utils<5.0,>=4.0.0 paramiko==2.11.0 diff --git a/st2common/in-requirements.txt b/st2common/in-requirements.txt index 9580fa2fbe..1daa52fb8e 100644 --- a/st2common/in-requirements.txt +++ b/st2common/in-requirements.txt @@ -14,7 +14,7 @@ mongoengine networkx # used by networkx decorator -orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.6.0 st2-rbac-backend@ git+https://github.com/StackStorm/st2-rbac-backend.git@master oslo.config paramiko diff --git a/st2common/requirements.txt b/st2common/requirements.txt index bd1a1827af..ab7614ebbd 100644 --- a/st2common/requirements.txt +++ b/st2common/requirements.txt @@ -25,9 +25,9 @@ jsonschema==2.6.0 kombu==5.0.2 lockfile==0.12.2 mongoengine==0.23.0 -networkx>=2.5.1,<2.6 +networkx<3 orjson==3.5.2 -orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.5.0 +orquesta@ git+https://github.com/StackStorm/orquesta.git@v1.6.0 oslo.config>=1.12.1,<1.13 paramiko==2.11.0 pyOpenSSL==23.1.0