From d2f67833061c89e64bd47ea5257e14f0e9e0358d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?R=C3=A9gis=20Behmo?= <regis@behmo.com>
Date: Wed, 17 Apr 2019 08:02:51 +0200
Subject: [PATCH] Fix security issue with jinja2 requirement

https://nvd.nist.gov/vuln/detail/CVE-2019-10906

To fix this issue, all requirements were simply upgraded to the latest
version.
---
 CHANGELOG.md          |  1 +
 requirements/base.txt | 26 ++++++++++----------------
 requirements/dev.txt  | 20 +++++++-------------
 requirements/docs.txt | 21 +++++++++++++--------
 4 files changed, 31 insertions(+), 37 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index ca02af8..75d1beb 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -2,6 +2,7 @@
 
 ## Latest
 
+- [Security] Fix Jinja2 vulnerability
 - [Improvement] Improve CLI cold start performance
 - [Improvement] Allow uppercase "Y" and "N" as answers to boolean questions
 
diff --git a/requirements/base.txt b/requirements/base.txt
index 12f9b85..fc5b358 100644
--- a/requirements/base.txt
+++ b/requirements/base.txt
@@ -4,33 +4,27 @@
 #
 #    pip-compile --output-file requirements/base.txt requirements/base.in
 #
-adal==1.2.1               # via kubernetes
 appdirs==1.4.3
-asn1crypto==0.24.0        # via cryptography
 cachetools==3.1.0         # via google-auth
-certifi==2018.11.29       # via kubernetes, requests
-cffi==1.11.5              # via cryptography
+certifi==2019.3.9         # via kubernetes, requests
 chardet==3.0.4            # via requests
 click-repl==0.1.6
 click==7.0
-cryptography==2.5         # via adal
-google-auth==1.6.2        # via kubernetes
+google-auth==1.6.3        # via kubernetes
 idna==2.8                 # via requests
-jinja2==2.10
-kubernetes==8.0.1
-markupsafe==1.1.0         # via jinja2
+jinja2==2.10.1
+kubernetes==9.0.0
+markupsafe==1.1.1         # via jinja2
 oauthlib==3.0.1           # via requests-oauthlib
-prompt-toolkit==2.0.8     # via click-repl
+prompt-toolkit==2.0.9     # via click-repl
 pyasn1-modules==0.2.4     # via google-auth
 pyasn1==0.4.5             # via pyasn1-modules, rsa
-pycparser==2.19           # via cffi
-pyjwt==1.7.1              # via adal
-python-dateutil==2.8.0    # via adal, kubernetes
+python-dateutil==2.8.0    # via kubernetes
 pyyaml==5.1
 requests-oauthlib==1.2.0  # via kubernetes
-requests==2.21.0          # via adal, kubernetes, requests-oauthlib
+requests==2.21.0          # via kubernetes, requests-oauthlib
 rsa==4.0                  # via google-auth
-six==1.12.0               # via click-repl, cryptography, google-auth, kubernetes, prompt-toolkit, python-dateutil, websocket-client
+six==1.12.0               # via click-repl, google-auth, kubernetes, prompt-toolkit, python-dateutil, websocket-client
 urllib3==1.24.1           # via kubernetes, requests
 wcwidth==0.1.7            # via prompt-toolkit
-websocket-client==0.54.0  # via kubernetes
+websocket-client==0.56.0  # via kubernetes
diff --git a/requirements/dev.txt b/requirements/dev.txt
index be81144..8d22351 100644
--- a/requirements/dev.txt
+++ b/requirements/dev.txt
@@ -4,34 +4,28 @@
 #
 #    pip-compile --output-file requirements/dev.txt requirements/dev.in
 #
-adal==1.2.1
 altgraph==0.16.1          # via macholib, pyinstaller
 appdirs==1.4.3
-asn1crypto==0.24.0
 cachetools==3.1.0
-certifi==2018.11.29
-cffi==1.11.5
+certifi==2019.3.9
 chardet==3.0.4
 click-repl==0.1.6
 click==7.0
-cryptography==2.5
 future==0.17.1            # via pefile
-google-auth==1.6.2
+google-auth==1.6.3
 idna==2.8
-jinja2==2.10
-kubernetes==8.0.1
+jinja2==2.10.1
+kubernetes==9.0.0
 macholib==1.11            # via pyinstaller
-markupsafe==1.1.0
+markupsafe==1.1.1
 nose==1.3.7
 oauthlib==3.0.1
 pefile==2018.8.8          # via pyinstaller
 pip-tools==3.2.0
-prompt-toolkit==2.0.8
+prompt-toolkit==2.0.9
 pyasn1-modules==0.2.4
 pyasn1==0.4.5
-pycparser==2.19
 pyinstaller==3.4
-pyjwt==1.7.1
 python-dateutil==2.8.0
 pyyaml==5.1
 requests-oauthlib==1.2.0
@@ -40,4 +34,4 @@ rsa==4.0
 six==1.12.0
 urllib3==1.24.1
 wcwidth==0.1.7
-websocket-client==0.54.0
+websocket-client==0.56.0
diff --git a/requirements/docs.txt b/requirements/docs.txt
index 97a6e54..f6873f4 100644
--- a/requirements/docs.txt
+++ b/requirements/docs.txt
@@ -6,21 +6,26 @@
 #
 alabaster==0.7.12         # via sphinx
 babel==2.6.0              # via sphinx
-certifi==2018.11.29       # via requests
+certifi==2019.3.9         # via requests
 chardet==3.0.4            # via requests
 docutils==0.14            # via sphinx
 idna==2.8                 # via requests
 imagesize==1.1.0          # via sphinx
-jinja2==2.10              # via sphinx
-markupsafe==1.1.0         # via jinja2
+jinja2==2.10.1            # via sphinx
+markupsafe==1.1.1         # via jinja2
 packaging==19.0           # via sphinx
 pygments==2.3.1           # via sphinx
-pyparsing==2.3.1          # via packaging
-pytz==2018.9              # via babel
+pyparsing==2.4.0          # via packaging
+pytz==2019.1              # via babel
 requests==2.21.0          # via sphinx
-six==1.12.0               # via packaging, sphinx
+six==1.12.0               # via packaging
 snowballstemmer==1.2.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==1.8.4
-sphinxcontrib-websupport==1.1.0  # via sphinx
+sphinx==2.0.1
+sphinxcontrib-applehelp==1.0.1  # via sphinx
+sphinxcontrib-devhelp==1.0.1  # via sphinx
+sphinxcontrib-htmlhelp==1.0.2  # via sphinx
+sphinxcontrib-jsmath==1.0.1  # via sphinx
+sphinxcontrib-qthelp==1.0.2  # via sphinx
+sphinxcontrib-serializinghtml==1.1.3  # via sphinx
 urllib3==1.24.1           # via requests