From d9377ca414a0488da357d72b0503089be7ff1e2c Mon Sep 17 00:00:00 2001
From: edX requirements bot
 <49161187+edx-requirements-bot@users.noreply.github.com>
Date: Wed, 3 Aug 2022 05:28:22 -0400
Subject: [PATCH] Django 3.2.15 security patch update (#30822)

* chore: Updating Python Requirements
* fix: pin pycodestyle<2.9.0 to fix quality

Co-authored-by: UsamaSadiq <usama.sadiq@arbisoft.com>
---
 requirements/constraints.txt     |  4 ++++
 requirements/edx/base.txt        | 16 +++++++---------
 requirements/edx/development.txt | 25 +++++++++++++------------
 requirements/edx/django.txt      |  2 +-
 requirements/edx/pip-tools.txt   |  2 +-
 requirements/edx/testing.txt     | 17 ++++++++---------
 6 files changed, 34 insertions(+), 32 deletions(-)

diff --git a/requirements/constraints.txt b/requirements/constraints.txt
index c3d7ea6345..8110b37b3b 100644
--- a/requirements/constraints.txt
+++ b/requirements/constraints.txt
@@ -84,3 +84,7 @@ charset-normalizer<2.1.0
 # markdown>=3.4.0 has failures due to internal refactorings which causes the tests to fail
 # pinning the version untill the issue gets resolved in the package itself
 markdown<3.4.0
+
+# pycodestyle==2.9.0 generates false positive error E275. 
+# Constraint can be removed once the issue https://github.com/PyCQA/pycodestyle/issues/1090 is fixed.
+pycodestyle<2.9.0
diff --git a/requirements/edx/base.txt b/requirements/edx/base.txt
index 43d5c27e07..868ee1a132 100644
--- a/requirements/edx/base.txt
+++ b/requirements/edx/base.txt
@@ -42,7 +42,7 @@ async-timeout==4.0.2
     # via
     #   aiohttp
     #   redis
-attrs==21.4.0
+attrs==22.1.0
     # via
     #   -r requirements/edx/base.in
     #   aiohttp
@@ -180,7 +180,7 @@ deprecated==1.2.13
     # via
     #   jwcrypto
     #   redis
-django==3.2.14
+django==3.2.15
     # via
     #   -c requirements/edx/../common_constraints.txt
     #   -r requirements/edx/base.in
@@ -340,7 +340,7 @@ django-ratelimit==3.0.1
     # via -r requirements/edx/base.in
 django-require @ git+https://github.com/edx/django-require.git@0c54adb167142383b26ea6b3edecc3211822a776
     # via -r requirements/edx/github.in
-django-sekizai==3.0.1
+django-sekizai==4.0.0
     # via
     #   -r requirements/edx/base.in
     #   django-wiki
@@ -561,7 +561,7 @@ event-tracking==2.1.0
     #   -r requirements/edx/base.in
     #   edx-proctoring
     #   edx-search
-fastavro==1.5.3
+fastavro==1.5.4
     # via openedx-events
 frozenlist==1.3.0
     # via
@@ -661,7 +661,6 @@ lti-consumer-xblock==4.3.2
 lxml==4.9.1
     # via
     #   -r requirements/edx/base.in
-    #   capa
     #   edxval
     #   lti-consumer-xblock
     #   olxcleaner
@@ -745,13 +744,13 @@ oauthlib==3.0.1
     #   social-auth-core
 openedx-calc==3.0.1
     # via -r requirements/edx/base.in
-openedx-events==0.11.0
+openedx-events==0.11.1
     # via -r requirements/edx/base.in
 openedx-filters==0.7.0
     # via
     #   -r requirements/edx/base.in
     #   lti-consumer-xblock
-ora2==4.4.4
+ora2==4.4.5
     # via -r requirements/edx/base.in
 oscrypto==1.3.0
     # via snowflake-connector-python
@@ -895,7 +894,6 @@ pytz==2022.1
     #   -r requirements/edx/base.in
     #   babel
     #   blockstore
-    #   capa
     #   celery
     #   django
     #   django-ses
@@ -1160,7 +1158,7 @@ xmlsec==1.3.12
     # via python3-saml
 xss-utils==0.4.0
     # via -r requirements/edx/base.in
-yarl==1.7.2
+yarl==1.8.1
     # via aiohttp
 zipp==3.8.1
     # via importlib-metadata
diff --git a/requirements/edx/development.txt b/requirements/edx/development.txt
index 17266d66af..b7fac205c4 100644
--- a/requirements/edx/development.txt
+++ b/requirements/edx/development.txt
@@ -67,7 +67,7 @@ async-timeout==4.0.2
     #   -r requirements/edx/testing.txt
     #   aiohttp
     #   redis
-attrs==21.4.0
+attrs==22.1.0
     # via
     #   -r requirements/edx/testing.txt
     #   aiohttp
@@ -269,7 +269,7 @@ distlib==0.3.5
     # via
     #   -r requirements/edx/testing.txt
     #   virtualenv
-django==3.2.14
+django==3.2.15
     # via
     #   -c requirements/edx/../common_constraints.txt
     #   -r requirements/edx/testing.txt
@@ -444,7 +444,7 @@ django-ratelimit==3.0.1
     # via -r requirements/edx/testing.txt
 django-require @ git+https://github.com/edx/django-require.git@0c54adb167142383b26ea6b3edecc3211822a776
     # via -r requirements/edx/testing.txt
-django-sekizai==3.0.1
+django-sekizai==4.0.0
     # via
     #   -r requirements/edx/testing.txt
     #   django-wiki
@@ -702,7 +702,7 @@ fastapi==0.79.0
     # via
     #   -r requirements/edx/testing.txt
     #   pact-python
-fastavro==1.5.3
+fastavro==1.5.4
     # via
     #   -r requirements/edx/testing.txt
     #   openedx-events
@@ -827,7 +827,7 @@ jsonfield==3.1.0
     #   lti-consumer-xblock
     #   ora2
     #   outcome-surveys
-jsonschema==4.7.2
+jsonschema==4.9.0
     # via sphinxcontrib-openapi
 jwcrypto==1.3.1
     # via
@@ -865,7 +865,6 @@ lti-consumer-xblock==4.3.2
 lxml==4.9.1
     # via
     #   -r requirements/edx/testing.txt
-    #   capa
     #   edxval
     #   lti-consumer-xblock
     #   olxcleaner
@@ -973,13 +972,13 @@ oauthlib==3.0.1
     #   social-auth-core
 openedx-calc==3.0.1
     # via -r requirements/edx/testing.txt
-openedx-events==0.11.0
+openedx-events==0.11.1
     # via -r requirements/edx/testing.txt
 openedx-filters==0.7.0
     # via
     #   -r requirements/edx/testing.txt
     #   lti-consumer-xblock
-ora2==4.4.4
+ora2==4.4.5
     # via -r requirements/edx/testing.txt
 oscrypto==1.3.0
     # via
@@ -1021,7 +1020,7 @@ pbr==5.9.0
     # via
     #   -r requirements/edx/testing.txt
     #   stevedore
-pep517==0.12.0
+pep517==0.13.0
     # via
     #   -r requirements/edx/pip-tools.txt
     #   build
@@ -1034,6 +1033,8 @@ pillow==9.2.0
     #   edx-organizations
 pip-tools==6.8.0
     # via -r requirements/edx/pip-tools.txt
+pkgutil-resolve-name==1.3.10
+    # via jsonschema
 platformdirs==2.5.2
     # via
     #   -r requirements/edx/testing.txt
@@ -1074,6 +1075,7 @@ pyblake2==1.1.2
     #   -r requirements/edx/testing.txt
     #   blockstore
 pycodestyle==2.8.0
+    #   -c requirements/edx/../constraints.txt
     # via -r requirements/edx/testing.txt
 pycountry==22.3.5
     # via -r requirements/edx/testing.txt
@@ -1249,7 +1251,6 @@ pytz==2022.1
     #   -r requirements/edx/testing.txt
     #   babel
     #   blockstore
-    #   capa
     #   celery
     #   django
     #   django-ses
@@ -1568,7 +1569,7 @@ vine==5.0.0
     #   amqp
     #   celery
     #   kombu
-virtualenv==20.16.0
+virtualenv==20.16.2
     # via
     #   -r requirements/edx/testing.txt
     #   tox
@@ -1647,7 +1648,7 @@ xmlsec==1.3.12
     #   python3-saml
 xss-utils==0.4.0
     # via -r requirements/edx/testing.txt
-yarl==1.7.2
+yarl==1.8.1
     # via
     #   -r requirements/edx/testing.txt
     #   aiohttp
diff --git a/requirements/edx/django.txt b/requirements/edx/django.txt
index a55bd15cb3..8d21206b72 100644
--- a/requirements/edx/django.txt
+++ b/requirements/edx/django.txt
@@ -1 +1 @@
-django==3.2.14
+django==3.2.15
diff --git a/requirements/edx/pip-tools.txt b/requirements/edx/pip-tools.txt
index 587a663b64..34cb78bac3 100644
--- a/requirements/edx/pip-tools.txt
+++ b/requirements/edx/pip-tools.txt
@@ -12,7 +12,7 @@ click==8.1.3
     #   pip-tools
 packaging==21.3
     # via build
-pep517==0.12.0
+pep517==0.13.0
     # via build
 pip-tools==6.8.0
     # via -r requirements/edx/pip-tools.in
diff --git a/requirements/edx/testing.txt b/requirements/edx/testing.txt
index e60fcfe9e0..c87c97b8ac 100644
--- a/requirements/edx/testing.txt
+++ b/requirements/edx/testing.txt
@@ -62,7 +62,7 @@ async-timeout==4.0.2
     #   -r requirements/edx/base.txt
     #   aiohttp
     #   redis
-attrs==21.4.0
+attrs==22.1.0
     # via
     #   -r requirements/edx/base.txt
     #   aiohttp
@@ -425,7 +425,7 @@ django-ratelimit==3.0.1
     # via -r requirements/edx/base.txt
 django-require @ git+https://github.com/edx/django-require.git@0c54adb167142383b26ea6b3edecc3211822a776
     # via -r requirements/edx/base.txt
-django-sekizai==3.0.1
+django-sekizai==4.0.0
     # via
     #   -r requirements/edx/base.txt
     #   django-wiki
@@ -674,7 +674,7 @@ faker==13.15.1
     # via factory-boy
 fastapi==0.79.0
     # via pact-python
-fastavro==1.5.3
+fastavro==1.5.4
     # via
     #   -r requirements/edx/base.txt
     #   openedx-events
@@ -823,7 +823,6 @@ lti-consumer-xblock==4.3.2
 lxml==4.9.1
     # via
     #   -r requirements/edx/base.txt
-    #   capa
     #   edxval
     #   lti-consumer-xblock
     #   olxcleaner
@@ -920,13 +919,13 @@ oauthlib==3.0.1
     #   social-auth-core
 openedx-calc==3.0.1
     # via -r requirements/edx/base.txt
-openedx-events==0.11.0
+openedx-events==0.11.1
     # via -r requirements/edx/base.txt
 openedx-filters==0.7.0
     # via
     #   -r requirements/edx/base.txt
     #   lti-consumer-xblock
-ora2==4.4.4
+ora2==4.4.5
     # via -r requirements/edx/base.txt
 oscrypto==1.3.0
     # via
@@ -1011,6 +1010,7 @@ pyblake2==1.1.2
     #   -r requirements/edx/base.txt
     #   blockstore
 pycodestyle==2.8.0
+    #   -c requirements/edx/../constraints.txt
     # via -r requirements/edx/testing.in
 pycountry==22.3.5
     # via -r requirements/edx/base.txt
@@ -1173,7 +1173,6 @@ pytz==2022.1
     #   -r requirements/edx/base.txt
     #   babel
     #   blockstore
-    #   capa
     #   celery
     #   django
     #   django-ses
@@ -1448,7 +1447,7 @@ vine==5.0.0
     #   amqp
     #   celery
     #   kombu
-virtualenv==20.16.0
+virtualenv==20.16.2
     # via tox
 voluptuous==0.13.1
     # via
@@ -1519,7 +1518,7 @@ xmlsec==1.3.12
     #   python3-saml
 xss-utils==0.4.0
     # via -r requirements/edx/base.txt
-yarl==1.7.2
+yarl==1.8.1
     # via
     #   -r requirements/edx/base.txt
     #   aiohttp