Closes #57 - Bumping dependencies (#58)

switcherapi · Apr 25, 2023 · 1aecdb4 · 1aecdb4
1 parent fc3da39
commit 1aecdb4
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 16 deletions.
diff --git a/.github/workflows/master.yml b/.github/workflows/master.yml
@@ -34,7 +34,7 @@ jobs:
       run: sed -i 's@'$GITHUB_WORKSPACE'@/github/workspace/@g' coverage.xml
 
     - name: SonarCloud Scan
-      uses: sonarsource/sonarcloud-github-action@master
+      uses: sonarsource/sonarcloud-github-action@v1.8
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}

diff --git a/requirements.txt b/requirements.txt
@@ -1,10 +1,11 @@
-slack_bolt==1.14.3
-python_dotenv==0.20.0
+slack_bolt==1.17.2
+python_dotenv==1.0.0
 gunicorn==20.1.0
-flask==2.2.2
-requests==2.25.1
-pyjwt==2.4.0
+flask==2.2.3
+requests==2.28.2
+pyjwt==2.6.0
 gql==3.4.0
-requests-toolbelt==0.9.1
+requests-toolbelt==0.10.1
 certifi>=2022.12.7 # not directly required, pinned by Snyk to avoid a vulnerability
-setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+setuptools>=65.5.1 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=2.2.3 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/tests/requirements.txt b/tests/requirements.txt
@@ -1,11 +1,11 @@
-slack_bolt==1.14.3
-python_dotenv==0.20.0
+slack_bolt==1.17.2
+python_dotenv==1.0.0
 gunicorn==20.1.0
-flask==2.2.2
-requests==2.25.1
-pyjwt==2.4.0
-pytest==7.1.2
-pytest-cov==3.0.0
+flask==2.2.3
+requests==2.28.2
+pyjwt==2.6.0
+pytest==7.3.1
+pytest-cov==4.0.0
 pytest-dotenv==0.5.2
 gql==3.4.0
-requests-toolbelt==0.9.1
+requests-toolbelt==0.10.1