Update Django and Setuptools

This upgrades `worker` to have dependencies that don't depend on `distutils`. Also, we want to upgrade Django to 4.2.15 because there are several security concerns: GHSA-f6f8-9mx6-9mx2 GHSA-x7q2-wr7g-xqmf GHSA-9jmf-237g-qf46
codecov · Aug 7, 2024 · 06c110a · 06c110a
1 parent c3ba63a
commit 06c110a
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 5 deletions.
diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -8,7 +8,7 @@ FROM us-docker.pkg.dev/berglas/berglas/berglas:$BERGLAS_VERSION as berglas
 FROM $REQUIREMENTS_IMAGE as app
 COPY . /worker
 WORKDIR /worker
-RUN pip install setuptools==70.3.0
+RUN pip install setuptools==72.1.0
 RUN chmod +x worker.sh
 ARG RELEASE_VERSION
 ENV RELEASE_VERSION=$RELEASE_VERSION

diff --git a/requirements.txt b/requirements.txt
@@ -2,7 +2,7 @@
 # This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
-#    pip-compile requirements.in
+#    pip-compile
 #
 amqp==5.2.0
     # via kombu
@@ -90,7 +90,7 @@ distlib==0.3.7
     # via virtualenv
 distro==1.8.0
     # via openai
-django==4.2.11
+django==4.2.15
     # via
     #   django-model-utils
     #   django-postgres-extra
@@ -243,7 +243,7 @@ opentelemetry-semantic-conventions==0.45b0
     # via
     #   opentelemetry-instrumentation-celery
     #   opentelemetry-sdk
-packaging==20.9
+packaging==24.1
     # via pytest
 platformdirs==3.11.0
     # via virtualenv
@@ -289,7 +289,6 @@ pyjwt==2.4.0
 pyparsing==2.4.7
     # via
     #   httplib2
-    #   packaging
     #   shared
 pytest==8.1.1
     # via