Fix CVE

Upgrade black@22.8.0 to black@24.3.0 to fix ✗ Regular Expression Denial of Service (ReDoS) (new) [Medium Severity][https://security.snyk.io/vuln/SNYK-PYTHON-BLACK-6256273] in black@22.8.0 introduced by black@22.8.0
camptocamp · Mar 19, 2024 · 3e79b72 · 3e79b72
1 parent f4b7a4c
commit 3e79b72
Show file tree

Hide file tree

Showing 7 changed files with 121 additions and 104 deletions.
diff --git a/c2cciutils/__init__.py b/c2cciutils/__init__.py
@@ -214,14 +214,16 @@ def get_config(branch: Optional[str] = None) -> c2cciutils.configuration.Configu
                     else {}
                 ),
             },
-            "versions": {
-                "extra_versions": [master_branch],
-                "backport_labels": True,
-                "audit": True,
-                "branches": True,
-            }
-            if based_on_master
-            else False,
+            "versions": (
+                {
+                    "extra_versions": [master_branch],
+                    "backport_labels": True,
+                    "audit": True,
+                    "branches": True,
+                }
+                if based_on_master
+                else False
+            ),
             "black": True,
             "isort": True,
             "codespell": True,

diff --git a/c2cciutils/applications_definition.py b/c2cciutils/applications_definition.py
@@ -2,7 +2,6 @@
 Automatically generated file from a JSON schema.
 """
 
-
 from typing import Dict, List, Literal, TypedDict, Union
 
 # Application configuration

diff --git a/c2cciutils/configuration.py b/c2cciutils/configuration.py
@@ -2,7 +2,6 @@
 Automatically generated file from a JSON schema.
 """
 
-
 from typing import Any, Dict, List, Literal, TypedDict, Union
 
 # Audit

diff --git a/c2cciutils/lib/docker.py b/c2cciutils/lib/docker.py
@@ -1,6 +1,7 @@
 """
 Some utility functions for Docker images.
 """
+
 import os
 import subprocess  # nosec: B404
 from typing import Dict, Optional, Tuple, cast

diff --git a/c2cciutils/pr_checks.py b/c2cciutils/pr_checks.py
@@ -3,6 +3,7 @@
 
 Commits, messages and labels.
 """
+
 import os
 import re
 import subprocess  # nosec

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -94,7 +94,7 @@ jsonschema = "4.16.0"
 jsonschema-gentypes = "1.3.2"
 node-vm2 = "0.4.5"
 defusedxml = "0.7.1"
-black = { version = "22.8.0", optional = true }
+black = { version = "24.3.0", optional = true }
 click = "8.1.7"
 isort = { version = "5.10.1", optional = true }
 twine = { version = "4.0.2", optional = true }
@@ -131,7 +131,7 @@ publish = [
 pr_checks = ["codespell"]
 
 [tool.poetry.dev-dependencies]
-prospector = { version = "1.7.7", extras = ["with_bandit", "with_mypy", "with_pyroma"] }
+prospector = { version = "1.9.0", extras = ["with_bandit", "with_mypy", "with_pyroma"] }
 types-requests = "2.28.11.17"
 types-pyyaml = "6.0.12.12"
 types-setuptools = "65.3.0"
-Original file line number
+Diff line change
@@ Expand Up / @@ -2,7 +2,6 @@ @@
     Automatically generated file from a JSON schema.
     """
     from typing import Dict, List, Literal, TypedDict, Union
     # Application configuration
@@ Expand Down @@