snappass

Author	SHA1	Message	Date
dependabot[bot]	1a9824d24d	Bump redis from 4.5.5 to 5.0.1 Bumps [redis](https://github.com/redis/redis-py) from 4.5.5 to 5.0.1. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](https://github.com/redis/redis-py/compare/v4.5.5...v5.0.1) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-23 16:35:54 +00:00
Yuping Li	c4d6074e48	Merge pull request #292 from pinterest/dependabot/pip/fakeredis-2.20.0 Bump fakeredis from 2.14.1 to 2.20.0	2023-10-23 09:35:13 -07:00
dependabot[bot]	03bf76fbcc	Bump fakeredis from 2.14.1 to 2.20.0 Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 2.14.1 to 2.20.0. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](https://github.com/cunla/fakeredis-py/compare/v2.14.1...v2.20.0) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2023-10-23 02:56:17 +00:00
dependabot[bot]	f3edccdd1f	Bump tox from 4.6.0 to 4.11.3 (#287 ) Bumps [tox](https://github.com/tox-dev/tox) from 4.6.0 to 4.11.3. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/4.6.0...4.11.3) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-25 23:36:02 -07:00
Devin Lundberg	31ae18d57d	[Snyk] Security upgrade cryptography from 41.0.1 to 41.0.4 (#284 ) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-CRYPTOGRAPHY-5914629 Co-authored-by: snyk-bot <snyk-bot@snyk.io>	2023-09-25 09:24:35 -07:00
dependabot[bot]	9d68d6b058	Bump actions/checkout from 3 to 4 (#282 ) Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-09-25 09:22:23 -07:00
dependabot[bot]	4c118cf022	Bump pytest-cov from 3.0.0 to 4.1.0 (#266 ) Bumps [pytest-cov](https://github.com/pytest-dev/pytest-cov) from 3.0.0 to 4.1.0. - [Changelog](https://github.com/pytest-dev/pytest-cov/blob/master/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest-cov/compare/v3.0.0...v4.1.0) --- updated-dependencies: - dependency-name: pytest-cov dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-12 12:52:57 -07:00
dependabot[bot]	5725b0db2e	Bump coverage from 6.4.1 to 7.2.7 (#267 ) Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.4.1 to 7.2.7. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.4.1...7.2.7) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-12 12:52:38 -07:00
dependabot[bot]	a34aaf8bb4	Bump redis from 4.5.3 to 4.5.5 (#253 ) Bump redis from 4.3.3 to 4.5.5 Bumps [redis](https://github.com/redis/redis-py) from 4.3.3 to 4.5.5. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](https://github.com/redis/redis-py/compare/v4.3.3...v4.5.5) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Yuru Shao <yshao@pinterest.com>	2023-06-09 13:38:27 -07:00
dependabot[bot]	6fec10eaab	Bump pytest from 7.1.2 to 7.3.1 (#243 ) Bumps [pytest](https://github.com/pytest-dev/pytest) from 7.1.2 to 7.3.1. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/7.1.2...7.3.1) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-09 13:38:04 -07:00
dependabot[bot]	147bdf390a	Bump flask from 2.1.2 to 2.3.2 (#250 ) Bumps [flask](https://github.com/pallets/flask) from 2.1.2 to 2.3.2. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/flask/compare/2.1.2...2.3.2) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-09 13:30:50 -07:00
dependabot[bot]	95f5c35291	Bump fakeredis from 1.7.5 to 2.14.1 (#263 ) Bumps [fakeredis](https://github.com/cunla/fakeredis-py) from 1.7.5 to 2.14.1. - [Release notes](https://github.com/cunla/fakeredis-py/releases) - [Commits](https://github.com/cunla/fakeredis-py/compare/v1.7.5...v2.14.1) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-09 13:19:43 -07:00
dependabot[bot]	013c0d1e77	Bump tox from 3.25.0 to 4.6.0 (#262 ) Bumps [tox](https://github.com/tox-dev/tox) from 3.25.0 to 4.6.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/main/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/3.25.0...4.6.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-09 13:15:29 -07:00
dependabot[bot]	6f02f6e2b7	Bump cryptography from 39.0.2 to 41.0.1 (#260 ) Bumps [cryptography](https://github.com/pyca/cryptography) from 39.0.2 to 41.0.1. - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/39.0.2...41.0.1) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-06-09 13:01:50 -07:00
Yuru Shao	1e1b189d77	Remove py3.7 (#234 ) * Remove py3.7 * Restore cache action	2023-06-09 12:54:41 -07:00
dependabot[bot]	a2a887bb2c	Bump flake8 from 4.0.1 to 6.0.0 (#205 ) Bumps [flake8](https://github.com/pycqa/flake8) from 4.0.1 to 6.0.0. - [Release notes](https://github.com/pycqa/flake8/releases) - [Commits](https://github.com/pycqa/flake8/compare/4.0.1...6.0.0) --- updated-dependencies: - dependency-name: flake8 dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-17 16:19:46 -07:00
Devin Lundberg	0aaf1ec89b	[Snyk] Security upgrade werkzeug from 2.1.2 to 2.2.3 (#221 ) fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319935 - https://snyk.io/vuln/SNYK-PYTHON-WERKZEUG-3319936 Co-authored-by: snyk-bot <snyk-bot@snyk.io>	2023-03-17 16:18:25 -07:00
dependabot[bot]	c251bffc89	Bump cryptography from 37.0.2 to 39.0.2 (#224 ) Bumps [cryptography](https://github.com/pyca/cryptography) from 37.0.2 to 39.0.2. - [Release notes](https://github.com/pyca/cryptography/releases) - [Changelog](https://github.com/pyca/cryptography/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pyca/cryptography/compare/37.0.2...39.0.2) --- updated-dependencies: - dependency-name: cryptography dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-17 16:15:29 -07:00
dependabot[bot]	7da90b08a4	Bump markupsafe from 1.1.1 to 2.1.1 (#164 ) Bumps [markupsafe](https://github.com/pallets/markupsafe) from 1.1.1 to 2.1.1. - [Release notes](https://github.com/pallets/markupsafe/releases) - [Changelog](https://github.com/pallets/markupsafe/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/markupsafe/compare/1.1.1...2.1.1) --- updated-dependencies: - dependency-name: markupsafe dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-16 13:26:48 -07:00
dependabot[bot]	26fb06efe3	Bump coverage from 6.3.3 to 6.4.1 Bumps [coverage](https://github.com/nedbat/coveragepy) from 6.3.3 to 6.4.1. - [Release notes](https://github.com/nedbat/coveragepy/releases) - [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst) - [Commits](https://github.com/nedbat/coveragepy/compare/6.3.3...6.4.1) --- updated-dependencies: - dependency-name: coverage dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-28 19:02:08 +00:00
dependabot[bot]	4292228200	Bump tox from 3.1.2 to 3.25.0 Bumps [tox](https://github.com/tox-dev/tox) from 3.1.2 to 3.25.0. - [Release notes](https://github.com/tox-dev/tox/releases) - [Changelog](https://github.com/tox-dev/tox/blob/master/docs/changelog.rst) - [Commits](https://github.com/tox-dev/tox/compare/3.1.2...3.25.0) --- updated-dependencies: - dependency-name: tox dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-28 19:01:42 +00:00
Yuru Shao	f13bc17d92	Upgrade jquery from 1.12.4 to 3.6.0 (#183 )	2022-06-28 11:59:52 -07:00
Yuru Shao	1245b0c43f	Merge pull request #180 from pinterest/dependabot/pip/freezegun-1.2.1 Bump freezegun from 0.3.15 to 1.2.1	2022-06-28 10:15:28 -07:00
dependabot[bot]	25cd5740d4	Bump freezegun from 0.3.15 to 1.2.1 Bumps [freezegun](https://github.com/spulec/freezegun) from 0.3.15 to 1.2.1. - [Release notes](https://github.com/spulec/freezegun/releases) - [Changelog](https://github.com/spulec/freezegun/blob/master/CHANGELOG) - [Commits](https://github.com/spulec/freezegun/compare/0.3.15...1.2.1) --- updated-dependencies: - dependency-name: freezegun dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 21:00:49 +00:00
Yuru Shao	3011638028	Merge pull request #153 from pinterest/dependabot/pip/itsdangerous-2.1.2 Bump itsdangerous from 0.24 to 2.1.2	2022-06-22 14:00:08 -07:00
dependabot[bot]	2304a29e7c	Bump itsdangerous from 0.24 to 2.1.2 Bumps [itsdangerous](https://github.com/pallets/itsdangerous) from 0.24 to 2.1.2. - [Release notes](https://github.com/pallets/itsdangerous/releases) - [Changelog](https://github.com/pallets/itsdangerous/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/itsdangerous/compare/0.24...2.1.2) --- updated-dependencies: - dependency-name: itsdangerous dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 18:44:21 +00:00
Yuru Shao	e61453d577	Merge pull request #173 from pinterest/dependabot/pip/redis-4.3.3 Bump redis from 2.10.6 to 4.3.3	2022-06-22 11:42:43 -07:00
dependabot[bot]	8f9ecb8a7a	Bump redis from 2.10.6 to 4.3.3 Bumps [redis](https://github.com/redis/redis-py) from 2.10.6 to 4.3.3. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](https://github.com/redis/redis-py/compare/2.10.6...v4.3.3) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-22 18:36:08 +00:00
Yuru Shao	b2a41073de	Merge pull request #171 from pinterest/dependabot/pip/werkzeug-2.1.2 Bump werkzeug from 0.15.6 to 2.1.2	2022-06-22 11:34:39 -07:00
Yuru Shao	bfae576fb2	Merge pull request #176 from pinterest/dependabot/pip/flask-2.1.2 Bump flask from 1.0.2 to 2.1.2	2022-06-22 11:27:36 -07:00
Yuru Shao	f89a8b2fdc	Merge pull request #175 from pinterest/codeql_setup Create codeql-analysis.yml	2022-06-20 13:11:00 -07:00
Yuru Shao	36b2d79e38	add tests.py to on:pull_request:paths-ignore	2022-06-20 13:06:20 -07:00
dependabot[bot]	ecdcb70470	Bump werkzeug from 0.15.6 to 2.1.2 Bumps [werkzeug](https://github.com/pallets/werkzeug) from 0.15.6 to 2.1.2. - [Release notes](https://github.com/pallets/werkzeug/releases) - [Changelog](https://github.com/pallets/werkzeug/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/werkzeug/compare/0.15.6...2.1.2) --- updated-dependencies: - dependency-name: werkzeug dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-20 03:43:08 +00:00
dependabot[bot]	ca3ba14c21	Bump flask from 1.0.2 to 2.1.2 Bumps [flask](https://github.com/pallets/flask) from 1.0.2 to 2.1.2. - [Release notes](https://github.com/pallets/flask/releases) - [Changelog](https://github.com/pallets/flask/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/flask/compare/1.0.2...2.1.2) --- updated-dependencies: - dependency-name: flask dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-20 03:42:48 +00:00
Yuru Shao	bdba9bf7f6	Merge pull request #168 from pinterest/dependabot/pip/jinja2-3.1.2 Bump jinja2 from 2.11.3 to 3.1.2	2022-06-19 20:42:17 -07:00
Yuru Shao	261fa83273	Update codeql workflow configs	2022-06-19 19:59:46 -07:00
Yuru Shao	bcef439238	Create codeql-analysis.yml	2022-06-19 00:07:49 -07:00
dependabot[bot]	abacd0c776	Bump actions/setup-python from 3 to 4 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 3 to 4. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-06-13 14:16:08 +00:00
dependabot[bot]	f16106acc7	Merge pull request #170 from pinterest/dependabot/pip/fakeredis-1.7.5	2022-05-18 14:49:45 +00:00
dependabot[bot]	d6aa58976e	Bump fakeredis from 0.7.0 to 1.7.5 Bumps [fakeredis](https://github.com/dsoftwareinc/fakeredis-py) from 0.7.0 to 1.7.5. - [Release notes](https://github.com/dsoftwareinc/fakeredis-py/releases) - [Commits](https://github.com/dsoftwareinc/fakeredis-py/compare/0.7.0...v1.7.5) --- updated-dependencies: - dependency-name: fakeredis dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-18 02:00:53 +00:00
dependabot[bot]	47f002ab2d	Bump jinja2 from 2.11.3 to 3.1.2 Bumps [jinja2](https://github.com/pallets/jinja) from 2.11.3 to 3.1.2. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](https://github.com/pallets/jinja/compare/2.11.3...3.1.2) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-18 02:00:49 +00:00
Jon Parise	b8121166b7	Remove transitive dependencies (#167 ) Given how we're currently managing our dependencies in this project, it doesn't make sense to list transitive dependencies in this set of requirements (i.e. it's not meant to act as a lock file).	2022-05-17 12:29:12 -07:00
dependabot[bot]	37cd63d394	Merge pull request #162 from pinterest/dependabot/pip/idna-3.3	2022-05-17 19:21:19 +00:00
dependabot[bot]	bdefc11a72	Bump idna from 2.9 to 3.3 Bumps [idna](https://github.com/kjd/idna) from 2.9 to 3.3. - [Release notes](https://github.com/kjd/idna/releases) - [Changelog](https://github.com/kjd/idna/blob/master/HISTORY.rst) - [Commits](https://github.com/kjd/idna/compare/v2.9...v3.3) --- updated-dependencies: - dependency-name: idna dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-17 18:58:15 +00:00
dependabot[bot]	cbbe67dcae	Merge pull request #159 from pinterest/dependabot/pip/cryptography-37.0.2	2022-05-17 18:57:29 +00:00
Jon Parise	f21c696a5d	Report coverage information to the terminal (#165 ) Also, upgrade the relevant package dependencies to their latest versions.	2022-05-17 11:54:51 -07:00
dependabot[bot]	ff243787c7	Merge pull request #155 from pinterest/dependabot/pip/pytest-7.1.2	2022-05-17 18:42:33 +00:00
Jon Parise	2c702b0a39	Run flake8 across the entire code base (#163 ) Also, make sure we're using a consistent version of flake8 in CI.	2022-05-17 11:41:01 -07:00
dependabot[bot]	5e47d5efa1	Bump pytest from 3.6.3 to 7.1.2 Bumps [pytest](https://github.com/pytest-dev/pytest) from 3.6.3 to 7.1.2. - [Release notes](https://github.com/pytest-dev/pytest/releases) - [Changelog](https://github.com/pytest-dev/pytest/blob/main/CHANGELOG.rst) - [Commits](https://github.com/pytest-dev/pytest/compare/3.6.3...7.1.2) --- updated-dependencies: - dependency-name: pytest dependency-type: direct:development update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2022-05-17 18:22:03 +00:00
dependabot[bot]	7102b4560b	Merge pull request #161 from pinterest/dependabot/pip/flake8-4.0.1	2022-05-17 18:21:07 +00:00

1 2 3 4 5 ...

329 commits