[Snyk] Fix for 6 vulnerabilities + Dependency Management Fixes (#1195)

* fix: requirements/requirements.dev.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-6592767 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6230369 - https://snyk.io/vuln/SNYK-PYTHON-DJANGO-6370660 - https://snyk.io/vuln/SNYK-PYTHON-IDNA-6597975 - https://snyk.io/vuln/SNYK-PYTHON-PILLOW-6514866 - https://snyk.io/vuln/SNYK-PYTHON-SQLPARSE-6615674 * fix snyk issues * Match Dev and Prod * Django 4.2.11 * Fix hard coded deps * fix jenkinsfile make install * fix flake8 * revert to previous requirements.txt * try simple update process --------- Co-authored-by: snyk-bot <[email protected]> Co-authored-by: jimmyfagan <[email protected]>
CMSgov · May 9, 2024 · f2feaaf · f2feaaf
1 parent b198516
commit f2feaaf
Show file tree

Hide file tree

Showing 6 changed files with 332 additions and 151 deletions.
diff --git a/.gitignore b/.gitignore
@@ -93,3 +93,5 @@ docker-compose/certstore/
 # dev tools dir for placing scripts you don't want checked in
 dev-tools/
 
+#dont upload packages
+vendor/
diff --git a/Jenkinsfiles/Jenkinsfile.cbc-run-multi-pr-checks-w-selenium b/Jenkinsfiles/Jenkinsfile.cbc-run-multi-pr-checks-w-selenium
@@ -55,8 +55,7 @@ pipeline {
  sh """
  python -m venv venv
  . venv/bin/activate
- pip install selenium pytest Flask Flask-WTF
- pip install cryptography==42.0.4
+ make reqs-download
  make reqs-install-dev
  """
  }

diff --git a/requirements/requirements.dev.in b/requirements/requirements.dev.in
@@ -2,9 +2,13 @@
 # test and development
 # coverage
 # python-coveralls
-flake8
+flake8 == 6.0.*
 django-debug-toolbar
 httmock
 beautifulsoup4
 debugpy
+selenium 
+pytest 
+Flask 
+Flask-WTF