Merge pull request #217 from SEI-gstrom/version/3.0.36

SEI-gstrom · web-flow · commit adb241f1bae9 · 2026-04-20T12:43:42.000-04:00
Upgrade VINCE to 3.0.36
diff --git a/.gitignore b/.gitignore
@@ -27,4 +27,7 @@ venv*
 # claude stuff
 .devcontainer
 .claude
-.claudeignore
+.claudeignore
+
+# references folder
+references/
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -7,6 +7,14 @@ VINCE Coordination platform code
 ## Description
 VINCE Coordination platform 
 
+Version 3.0.36 2026-04-20
+
+* dependabot update recommendation: `sqlparse` 0.5.0 to 0.5.4, `PyJWT` 2.6.0 to 2.12.0, `markdown` 3.5 to 3.8.1, `pyasn1` 0.4.8 to 0.6.3, `awscli` 1.26.85 to 1.44.38, `Django` 4.2.28 to 4.2.30, `cryptography` 46.0.6 to 46.0.7
+* updated `python-jose` 3.4.0 to 3.5.0, `botocore` 1.31.85 to 1.42.48, `docutils` 0.16 to 0.18.1, `s3transfer` 0.7.0 to 0.16.0, `boto3` 1.28.85 to 1.42.48, `typing-extensions` 4.4.0 to 4.9.0, `M2Crypto` 0.38.0 to 0.47.0 (Internal-841)
+* added `setuptools` >=65.0.0,<81 (Internal-841)
+* tweaked code in various files to prepare for upgrade to Python 3.12 (Internal-841)
+
+
 Version 3.0.35 2026-03-30
 
 * dependabot update recommendation: `requests` 2.23.4 to 2.33.0, `ecdsa` 0.18.0 to 0.19.2, `cryptography` 44.0.1 to 46.0.6
diff --git a/bakery/management/commands/publish.py b/bakery/management/commands/publish.py
@@ -333,7 +333,7 @@ def get_md5(self, filename):
         Returns the md5 checksum of the provided file name.
         """
         with self.fs.open(filename, "rb") as f:
-            m = hashlib.md5(f.read())
+            m = hashlib.md5(f.read(), usedforsecurity=False)
         return m.hexdigest()
 
     def get_multipart_md5(self, filename, chunk_size=8 * 1024 * 1024):
@@ -352,13 +352,13 @@ def get_multipart_md5(self, filename, chunk_size=8 * 1024 * 1024):
                 if not data:
                     break
                 # Generate a md5 hash for each chunk
-                md5s.append(hashlib.md5(data))
+                md5s.append(hashlib.md5(data, usedforsecurity=False))
 
         # Combine the chunks
         digests = b"".join(m.digest() for m in md5s)
 
         # Generate a new hash using them
-        new_md5 = hashlib.md5(digests)
+        new_md5 = hashlib.md5(digests, usedforsecurity=False)
 
         # Create the ETag as Amazon will
         new_etag = '"%s-%s"' % (new_md5.hexdigest(), len(md5s))
diff --git a/bigvince/settings_.py b/bigvince/settings_.py
@@ -54,7 +54,7 @@
 ROOT_DIR = environ.Path(__file__) - 3
 
 # any change that requires database migrations is a minor release
-VERSION = "3.0.35"
+VERSION = "3.0.36"
 
 # Quick-start development settings - unsuitable for production
 # See https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/
diff --git a/cdk/lambda/CreateDatabases/requests/auth.py b/cdk/lambda/CreateDatabases/requests/auth.py
@@ -50,7 +50,7 @@ def _basic_auth_str(username, password):
             "Non-string passwords will no longer be supported in Requests "
             "3.0.0. Please convert the object you've passed in ({!r}) to "
             "a string or bytes object in the near future to avoid "
-            "problems.".format(password),
+            "problems.".format(type(password)),
             category=DeprecationWarning,
         )
         password = str(password)
@@ -145,7 +145,7 @@ def build_digest_header(self, method, url):
             def md5_utf8(x):
                 if isinstance(x, str):
                     x = x.encode('utf-8')
-                return hashlib.md5(x).hexdigest()
+                return hashlib.md5(x, usedforsecurity=False).hexdigest()
             hash_utf8 = md5_utf8
         elif _algorithm == 'SHA':
             def sha_utf8(x):
@@ -239,7 +239,7 @@ def handle_401(self, r, **kwargs):
         """
 
         # If response is not 4xx, do not auth
-        # See https://github.com/requests/requests/issues/3772
+        # See https://github.com/psf/requests/issues/3772
         if not 400 <= r.status_code < 500:
             self._thread_local.num_401_calls = 1
             return r
diff --git a/lib/warrant/aws_srp.py b/lib/warrant/aws_srp.py
@@ -189,7 +189,7 @@ def process_challenge(self, challenge_parameters):
         # re strips leading zero from a day number (required by AWS Cognito)
         with temp_locale(('en_US', 'UTF-8')):
             timestamp = re.sub(r" 0(\d) ", r" \1 ",
-                               datetime.datetime.utcnow().strftime("%a %b %d %H:%M:%S UTC %Y"))
+                               datetime.datetime.now(datetime.timezone.utc).strftime("%a %b %d %H:%M:%S UTC %Y"))
         hkdf = self.get_password_authentication_key(user_id_for_srp,
                                                     self.password, hex_to_long(srp_b_hex), salt_hex)
         secret_block_bytes = base64.standard_b64decode(secret_block_b64)
diff --git a/requirements.txt b/requirements.txt
@@ -4,27 +4,27 @@ asgiref==3.6.0
 asn1crypto==1.5.1
 async-timeout==4.0.2
 attrs==22.1.0
-awscli==1.29.85
+awscli==1.44.38
 backports.zoneinfo;python_version<"3.9"
 beautifulsoup4==4.11.1
 billiard==4.0.2
 bleach==5.0.1
 bleach-whitelist==0.0.11
 boto==2.49.0
-boto3==1.28.85
-botocore==1.31.85
+boto3==1.42.48
+botocore==1.42.48
 cached-property==1.5.2
 certifi==2024.7.4
 cffi==2.0.0
 chardet==5.0.0
 charset-normalizer==2.1.1
 click==8.1.3
 colorama==0.4.4
-cryptography==46.0.6
+cryptography==46.0.7
 cvelib==1.3.0
 Deprecated==1.2.13
 dictdiffer==0.9.0
-Django==4.2.28
+Django==4.2.30
 django-appconf==1.0.5
 django-countries==7.4.2
 django-environ==0.9.0
@@ -34,7 +34,7 @@ django-ses==3.5.0
 django-storages==1.13.1
 django-widget-tweaks==1.4.12
 djangorestframework==3.14.0
-docutils==0.16
+docutils==0.18.1
 ecdsa==0.19.2
 envs==1.4
 fs==2.4.16
@@ -47,38 +47,39 @@ pip-install==1.3.5
 jmespath==1.0.1
 jsonschema==4.17.0
 kombu==5.2.4
-M2Crypto==0.38.0
-Markdown==3.5
+M2Crypto==0.47.0
+Markdown==3.8.1
 openpyxl==3.1.5
 packaging==22.0
 pinax-messages==3.0.0
 pip-autoremove==0.10.0
 pkgutil-resolve-name==1.3.10
 psycopg2==2.9.9
 psycopg2-binary==2.9.5
-pyasn1==0.4.8
+pyasn1==0.6.3
 pycparser==2.21
 pycryptodome==3.19.1
 pydantic==1.10.13
-PyJWT==2.6.0
+PyJWT==2.12.0
 pyparsing==3.0.9
 pyrsistent==0.19.2
 python-dateutil==2.8.2
 python-gnupg==0.5.0
-python-jose==3.4.0
+python-jose==3.5.0
 pytz==2022.6
 PyYAML==6.0.1
 qrcode==7.3.1
 redis==4.5.4
 requests==2.33.0
 rsa==4.7.2
-s3transfer==0.7.0
+s3transfer==0.16.0
 segno==1.5.2
+setuptools>=65.0.0,<81
 simplejson==3.18.0
 six==1.16.0
 soupsieve==2.3.2.post1
-sqlparse==0.5.0
-typing-extensions==4.4.0
+sqlparse==0.5.4
+typing-extensions>=4.9.0
 # (urllib3 is currently at 1.26.19. Dependabot recommends urllib3 2.6.3, but that breaks when combined with any currently available version of botocore.)
 urllib3==1.26.19
 vine==5.0.0
diff --git a/vince/lib.py b/vince/lib.py
@@ -128,7 +128,7 @@ def get_parameter(param):
 
 
 def md5_file(f):
-    hash_md5 = hashlib.md5()
+    hash_md5 = hashlib.md5(usedforsecurity=False)
     b = bytearray(128 * 1024)
     mv = memoryview(b)
     for n in iter(lambda: f.readinto(mv), 0):
diff --git a/vince/static/vince/css/style.css b/vince/static/vince/css/style.css
@@ -144,7 +144,7 @@ h1.vince_login_logo {
 .announcement-banner {
     background-color: #b00;
     color: #fefefe;
-    font-size: small;
+    font-size: xx-large;
     padding-left: 20px;
     padding-right: 20px;
 }
@@ -173,7 +173,7 @@ h1.vince_login_logo {
     top: 0;
     left: 0;
     right: 0;
-    font-size: small;
+    font-size: xx-large;
     background-color: #b00;
     color: #fefefe;
     padding-left: 20px;
@@ -1431,7 +1431,7 @@ div.homelink a {
     padding-right:0;
 }
 
-/* When putting up an announcement-banner, change padding-top for the following selectors to something appropriate, */
+/* When putting up an announcement-banner, change padding-top for the following selectors to something appropriate, so that */
 /* the sidebar menu does not get partially obscured by the banner when scrolling down, When the banner goes away, */
 /* change it back to 150px and 130px respectively. */
 
@@ -1442,7 +1442,7 @@ div.homelink a {
     border-right: 1px solid #c2c2c2;
     color: #4d4d4f;
     padding-top: 150px;
-    /* padding-top:340px; */
+    /* padding-top: 225px; */
 
 }
 
@@ -1452,22 +1452,24 @@ div.homelink a {
     border-right: 1px solid #c2c2c2;
     background-color: #282829;
     padding-top:130px;
+    /* padding-top: 205px; */
 
 }
 
-/* When putting up an announcement-banner, change top for the following selector to something appropriate, */
+/* When putting up an announcement-banner, change top for the following two selectors to something appropriate, so that */
 /* the sidebar menu does not get partially obscured by the banner when scrolling down. When the banner goes away, */
 /* change it back to "0 !important". */
 
 .less_padding {
     top: 0 !important;
-    /* top: 340px !important; */
+    /* top: 225px !important; */
     position: absolute;
     width:100%;
 }
 
 .less_padding_vt {
     top: 0px !important;
+    /* top: 225px !important; */
     position: absolute;
     width:100%;
 }
@@ -1481,6 +1483,7 @@ div.homelink a {
     border-right: 1px solid #c2c2c2;
     color: #f1f1f2;
     padding-top:130px;
+    /* padding-top: 225px; */
 
 }
 
@@ -1489,7 +1492,7 @@ div.homelink a {
     border-right: 1px solid #c2c2c2;
     color: #4d4d4f;
     padding-top: 150px;
-    /* padding-top:340px; */
+    /* padding-top:225px; */
 }
 
 /*.position-left.reveal-for-medium ~ .off-canvas-content {
diff --git a/vincepub/static/vincepub/css/style.css b/vincepub/static/vincepub/css/style.css
@@ -2716,7 +2716,7 @@ pre code {
 .announcement-banner {
   background-color: #b00;
   color: #fefefe;
-  font-size: small;
+  font-size: xx-large;
   padding-left: 20px;
   padding-right: 20px;
   border-top-style: solid;
@@ -2741,7 +2741,7 @@ pre code {
     top: 0;
     left: 0;
     right: 0;
-    font-size: small;
+    font-size: xx-large;
     background-color: #b00;
     color: #fefefe;
     padding-left: 20px;
