tmpayton
commented
1 year ago Hey Tricia, I think we generally like to keep e-regs consistent with CMS. Cg-django-uua prevents us right now from moving to Django 4, (and Wagtail 4.2.3 prevents us from moving past 4.2)
Do you think it might be better to move to 3.2.19 to remove the vulnerability for right now, and move the CMS and e-regs to 4 together?
@cnlucas Yes, that sounds like a good idea, I'll downgrade it for now!
Summary (required)
This ticket fixes the snyk vulnerbilities in requirements-parsing.txt and requirements.txt
packages upgraded:
Required reviewers 1 developers
Impacted areas of the application
General components of the application that this PR will affect:
Related PRs
Related PRs against other branches: Regulations-Site PR Regulations-Parser PR Regulations-Core PR
How to test
regparser
-e git+https://github.com/fecgov/regulations-parser.git@upgrade-django#egg=regparser
regsite
-e git+https://github.com/fecgov/regulations-site@upgrade-django#egg=regulations
regcore
-e git+https://github.com/fecgov/regulations-core@update-django#egg=regcore
Terminal One:
pyenv virtualenv (your virtual environment)pip install -r requirements.txtsnyk test --file=requirements.txt --package-manager=piprm -rf node_modulesnpm inpm run builddropdb eregs_localcreatedb eregs_localpython manage.py migratepython manage.py compile_frontendpython manage.py runserver(leave running)Terminal Two:
pyenv virtualenv (your virtual environment)pip install -r requirements-parsing.txtsnyk test --file=requirements-parsing.txt --package-manager=pippython load_regs/load_fec_regs.py localFor more detailed instructions follow the wiki on how to setup/parse regulations on local environment
This will not pass circle build until other PRs are merged first.