Closed bolinocroustibat closed 1 month ago
bolinocroustibat
commented
1 month ago This looks good to me! Don't forget to add a changelog entry before merging.
Indeed! Done
Have you updated pinned dependencies for other .pip files also?
Nope, I would say to do it in another PR, let me know
I would say updating cryptography is a bigger jump and require testing more thoroughly. We can update it in another PR I would say
Sure, it makes sense.
ThibaudDauce
commented
1 month ago I think this PR breaks udata-front with dependencies conflicts (or maybe it's a problem with my cache venv…)
maudetes
commented
1 month ago I think this PR breaks
udata-frontwith dependencies conflicts (or maybe it's a problem with my cache venv…)
@nicolaskempf57 has updated udata-front indeed following this PR : https://github.com/datagouv/udata-front/pull/448
Update pinned dependencies according to project dependencies, without updating any project dependencies.
Compatibility between dependencies versions in this PR have been checked by a package manager, and updated to the latest ones when possible.
Note: It would be also useful to update
cryptographypackage in project dependencies, since 1) old versions are often causes of system incompatibilities issues and 2) since it's a security dependency and 3) since the project version is very old (2.8, we're now at42.0.8). This can be done in another PR, or in this PR, or later. Let me know what you think!