Merge #2607

2607: Update python dependencies as suggested by dependabot r=mergify[bot] a=ghostwheel42 ## What type of PR? bug-fix ## What does this PR do? Update dependencies to silence dependabot (vulnerabilities are probably not exploitable) Only the certifi upgrade could be backported. Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2 years ago · fe2b0bedb7
parent 874e58348f 6f71ea833b
commit fe2b0bedb7
3 changed files with 33 additions and 11 deletions
--- a/core/admin/run_dev.sh
+++ b/core/admin/run_dev.sh
@ -11,6 +11,7 @@ DEV_LISTEN="${DEV_LISTEN:-127.0.0.1:8080}"
 [[ "${DEV_LISTEN}" == *:* ]] || DEV_LISTEN="127.0.0.1:${DEV_LISTEN}"
 DEV_ADMIN="${DEV_ADMIN:-admin@example.com}"
 DEV_PASSWORD="${DEV_PASSWORD:-letmein}"
+DEV_ARGS=( "$@" )

 ### MAIN

@ -90,7 +91,8 @@ EOF

 # build
 chmod -R u+rwX,go+rX .
-"${docker}" build --tag "${DEV_NAME}:latest" .
+echo Running: "${docker/*\/}" build --tag "${DEV_NAME}:latest" "${DEV_ARGS[@]}" .
+"${docker}" build --tag "${DEV_NAME}:latest" "${DEV_ARGS[@]}" .

 # gather volumes to map into container
 volumes=()
@ -110,6 +112,7 @@ done
 cat <<EOF

 =============================================================================
+
 The "${DEV_NAME}" container was built using this configuration:

 DEV_NAME="${DEV_NAME}"
@ -118,19 +121,34 @@ DEV_PROFILER="${DEV_PROFILER}"
 DEV_LISTEN="${DEV_LISTEN}"
 DEV_ADMIN="${DEV_ADMIN}"
 DEV_PASSWORD="${DEV_PASSWORD}"
-=============================================================================
+DEV_ARGS=( ${DEV_ARGS[*]} )

 =============================================================================
-You can start the container later using this commandline:
+
+You can start the container later using this command:

 ${docker/*\/} run --rm -it --name "${DEV_NAME}" --publish ${DEV_LISTEN}:8080$(printf " %q" "${volumes[@]}") "${DEV_NAME}"
-=============================================================================

 =============================================================================
+
+Enter the running container using this command:
+${docker/*\/} exec -it "${DEV_NAME}" /bin/bash
+
+=============================================================================
+
+To update requirements-prod.txt you can build (and test) using:
+${docker/*\/} build --tag "${DEV_NAME}:latest" --build-arg MAILU_DEPS=dev .
+
+And then fetch the new dependencies with:
+${docker/*\/} exec "${DEV_NAME}" pip freeze >$(realpath "${base}")/requirements-new.txt
+
+=============================================================================
+
 The Mailu UI can be found here: http://${DEV_LISTEN}/sso/login
 EOF
 [[ -z "${DEV_DB}" ]] && echo "You can log in with user ${DEV_ADMIN} and password ${DEV_PASSWORD}"
 cat <<EOF
+
 =============================================================================

 Starting mailu dev environment...
--- a/core/base/requirements-build.txt
+++ b/core/base/requirements-build.txt
@ -1,3 +1,3 @@
-pip==22.3
-setuptools==65.5.0
-wheel==0.37.1
+pip==22.3.1
+setuptools==65.6.3
+wheel==0.38.4
--- a/core/base/requirements-prod.txt
+++ b/core/base/requirements-prod.txt
@ -7,16 +7,18 @@ attrs==22.1.0
 Babel==2.11.0
 bcrypt==4.0.1
 blinker==1.5
-certifi==2022.9.24
+certifi==2022.12.7
 cffi==1.15.1
 charset-normalizer==2.1.1
 click==8.1.3
+colorclass==2.2.2
 cryptography==38.0.3
 decorator==5.1.1
 defusedxml==0.7.1
 Deprecated==1.2.13
 dnspython==2.2.1
 dominate==2.7.0
+easygui==0.98.3
 email-validator==1.3.0
 Flask==2.2.2
 Flask-Babel==2.0.0
@ -40,14 +42,17 @@ Mako==1.2.3
 MarkupSafe==2.1.1
 marshmallow==3.18.0
 marshmallow-sqlalchemy==0.28.1
+msoffcrypto-tool==5.0.0
 multidict==6.0.2
-oletools==0.60.1
 mysql-connector-python==8.0.29
+olefile==0.46
+oletools==0.60.1
 packaging==21.3
 passlib==1.7.4
+pcodedmp==1.2.6
 podop @ file:///app/libs/podop
 postfix-mta-sts-resolver==1.1.4
-protobuf==3.20.1
+protobuf==3.20.2
 psycopg2-binary==2.9.5
 pycares==4.2.2
 pycparser==2.21
@ -56,7 +61,6 @@ pyOpenSSL==22.1.0
 pyparsing==2.4.7
 python-dateutil==2.8.2
 python-magic==0.4.27
-python-dateutil==2.8.2
 pytz==2022.6
 PyYAML==6.0
 Radicale==3.1.8