Merge branch 'main' into dependabot/pip/sphinx-8.1.3

move-coop · Dec 9, 2024 · db336d8 · db336d8
2 parents dc9d918 + 7593a55
commit db336d8
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 17 deletions.
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -18,11 +18,11 @@ jobs:
         runs-on: ubuntu-latest
         steps:
             - name: Harden Runner
-              uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+              uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
               with:
                   egress-policy: audit
 
             - name: 'Checkout Repository'
               uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
             - name: 'Dependency Review'
-              uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
+              uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
diff --git a/.github/workflows/python-checks.yml b/.github/workflows/python-checks.yml
@@ -30,7 +30,7 @@ jobs:
                   python-version: ${{ matrix.python-version }}
 
             - name: Install uv
-              uses: install-pinned/uv@ffec6b0ac55e0000217a14a4b1f838c941e88ce3  # 0.4.12
+              uses: install-pinned/uv@79cef4cccc47c7fb191b653a4184e34d83437a8b  # 0.4.12
 
             - name: Patch install error when using Python 3.9, limited dependencies, and MacOS
               if: ${{ matrix.limited-dependencies }} == True and ${{ matrix.os }} == "macos-latest" and ${{ matrix.python-version }} == "3.9"
@@ -59,7 +59,7 @@ jobs:
                   python-version: "3.12"
 
             - name: Install uv
-              uses: install-pinned/uv@ffec6b0ac55e0000217a14a4b1f838c941e88ce3  # 0.4.12
+              uses: install-pinned/uv@79cef4cccc47c7fb191b653a4184e34d83437a8b  # 0.4.12
 
             - name: Install dependencies
               run: |
@@ -81,7 +81,7 @@ jobs:
                   python-version: "3.12"
 
             - name: Install uv
-              uses: install-pinned/uv@ffec6b0ac55e0000217a14a4b1f838c941e88ce3  # 0.4.12
+              uses: install-pinned/uv@79cef4cccc47c7fb191b653a4184e34d83437a8b  # 0.4.12
 
             - name: Install dependencies
               run: |
@@ -103,7 +103,7 @@ jobs:
                   python-version: "3.12"
 
             - name: Install uv
-              uses: install-pinned/uv@ffec6b0ac55e0000217a14a4b1f838c941e88ce3  # 0.4.12
+              uses: install-pinned/uv@79cef4cccc47c7fb191b653a4184e34d83437a8b  # 0.4.12
 
             - name: Install bandit
               run: |
@@ -125,7 +125,7 @@ jobs:
                   python-version: "3.12"
 
             - name: Install uv
-              uses: install-pinned/uv@ffec6b0ac55e0000217a14a4b1f838c941e88ce3  # 0.4.12
+              uses: install-pinned/uv@79cef4cccc47c7fb191b653a4184e34d83437a8b  # 0.4.12
 
             - name: Install dependencies
               run: |
@@ -152,7 +152,7 @@ jobs:
 
         steps:
             - name: Harden Runner
-              uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+              uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
               with:
                   egress-policy: audit
 

diff --git a/.github/workflows/security_scorecard.yml b/.github/workflows/security_scorecard.yml
@@ -33,7 +33,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+        uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2
         with:
           egress-policy: audit
 
@@ -74,6 +74,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f09c1c0a94de965c15400f5634aa42fac8fb8f88 # v3.27.5
+        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
         with:
           sarif_file: results.sarif
diff --git a/requirements.txt b/requirements.txt
@@ -2,22 +2,20 @@ pyairtable==2.3.3
 azure-storage-blob==12.13.0
 boto3>=1.17.98
 boxsdk==2.10.0
-braintree==4.17.1
-bs4==0.0.1
+braintree==4.31.0
+bs4==0.0.2
 censusgeocode==0.5.2
 civis==1.16.1
 curlify==2.2.1
 dbt_redshift==1.4.0
-docutils<0.18,>=0.14
 defusedxml>=0.7.1, <=0.8.0
 facebook-business==13.0.0
-google-api-core==2.19.2
+google-api-core==2.23.0
 google-api-python-client==1.7.7
 google-auth==2.29.0
 google-cloud-bigquery==3.26.0
 google-cloud-storage-transfer==1.9.1
-google-cloud-storage==2.16.0
-google-resumable-media==2.7.0
+google-cloud-storage==2.18.2
 grpcio==1.68.1
 gspread==6.1.4
 httplib2==0.22.0
@@ -39,7 +37,7 @@ slackclient==1.3.0
 sqlalchemy >= 1.4.22, != 1.4.33, < 3.0.0 # Prefect does not work with 1.4.33 and >=2.0.0 has breaking changes
 suds-py3==1.4.5.0
 surveygizmo==1.2.3
-twilio==8.2.1
+twilio==9.3.8
 urllib3==1.26.19
 validate-email==1.3
 xmltodict==0.14.1