From fc56eab12fb1c78bbd15a9c6a9803e9ff0aeb972 Mon Sep 17 00:00:00 2001 From: longieirl Date: Wed, 29 Apr 2026 11:16:06 +0100 Subject: [PATCH] chore(deps): bump cryptography, openpyxl, mypy, safety, detect-secrets, yamllint, pip-audit MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Consolidates all 7 open Dependabot PRs (#150–#157) into a single commit: - cryptography >=46.0.5 → >=47.0.0 (security patch) - openpyxl >=3.1.0 → >=3.1.5 - mypy >=1.8.0 → >=1.20.2 - safety >=2.0.0 → >=3.7.0 - detect-secrets >=1.4.0 → >=1.5.0 - yamllint >=1.33.0 → >=1.38.0 - pip-audit >=2.7.0 → >=2.10.0 --- requirements/base.txt | 4 ++-- requirements/ci.txt | 2 +- requirements/dev.txt | 8 ++++---- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/requirements/base.txt b/requirements/base.txt index 3f2557e..8f44a56 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -6,8 +6,8 @@ pypdf>=6.7.5 # PDF utilities - security patches (updated 2026-03-02) pandas>=2.2.0 # Data processing python-dotenv>=1.0.0 # Environment configuration tabulate>=0.9.0 # Table formatting -cryptography>=46.0.5 # Cryptographic operations - security patches (updated 2026-03-02) -openpyxl>=3.1.0 # Excel export (.xlsx format) +cryptography>=47.0.0 # Cryptographic operations - security patches (updated 2026-04-29) +openpyxl>=3.1.5 # Excel export (.xlsx format) # Note: Network libraries (requests, urllib3) intentionally excluded # This application processes sensitive financial data locally only diff --git a/requirements/ci.txt b/requirements/ci.txt index eb341d7..90e0e61 100644 --- a/requirements/ci.txt +++ b/requirements/ci.txt @@ -6,7 +6,7 @@ # Security scanning bandit==1.9.4 -pip-audit>=2.7.0 +pip-audit>=2.10.0 # License compliance pip-licenses>=5.0.0 diff --git a/requirements/dev.txt b/requirements/dev.txt index 5095d42..2e6f09e 100644 --- a/requirements/dev.txt +++ b/requirements/dev.txt @@ -10,7 +10,7 @@ isort>=8.0.1,<9.0.0 # Linting and Type Checking ruff>=0.15.12,<1.0.0 -mypy>=1.8.0,<2.0.0 +mypy>=1.20.2,<2.0.0 pyright>=1.1.350 # Type stubs (compatible versions) @@ -29,6 +29,6 @@ pre-commit>=3.0.0,<5.0.0 # Security tools (using compatible versions) bandit[toml]>=1.7.0,<2.0.0 -safety>=2.0.0,<4.0.0 -detect-secrets>=1.4.0,<2.0.0 -yamllint>=1.33.0,<2.0.0 \ No newline at end of file +safety>=3.7.0,<4.0.0 +detect-secrets>=1.5.0,<2.0.0 +yamllint>=1.38.0,<2.0.0 \ No newline at end of file