From 034b9c3bb2ace6afc21624e759c39f0baebcecf7 Mon Sep 17 00:00:00 2001
From: Matt McFarland <mmcfarland@microsoft.com>
Date: Wed, 12 Jun 2024 10:53:46 -0400
Subject: [PATCH] Security patching (#219)

* Security patching

Near-SLA security updates

* fixup
---
 pccommon/requirements.txt       | 2 +-
 pccommon/setup.py               | 2 +-
 pcstac/setup.py                 | 2 +-
 pctiler/requirements-dev.txt    | 3 ++-
 pctiler/requirements-server.txt | 3 ++-
 pctiler/setup.py                | 1 +
 requirements-dev.txt            | 2 ++
 7 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/pccommon/requirements.txt b/pccommon/requirements.txt
index 17770920..453fc080 100644
--- a/pccommon/requirements.txt
+++ b/pccommon/requirements.txt
@@ -16,7 +16,7 @@ azure-core==1.30.1
     #   opencensus-ext-azure
 azure-data-tables==12.5.0
     # via pccommon (pccommon/setup.py)
-azure-identity==1.16.0
+azure-identity==1.16.1
     # via
     #   opencensus-ext-azure
     #   pccommon (pccommon/setup.py)
diff --git a/pccommon/setup.py b/pccommon/setup.py
index 9e12dcbe..82e069a7 100644
--- a/pccommon/setup.py
+++ b/pccommon/setup.py
@@ -9,7 +9,7 @@
     "opencensus-ext-azure==1.1.13",
     "opencensus-ext-logging==0.1.1",
     "orjson>=3.10.4",
-    "azure-identity==1.16.0",
+    "azure-identity==1.16.1",
     "azure-data-tables==12.5.0",
     "azure-storage-blob>=12.20.0",
     "pydantic>=1.10, <2.0.0",
diff --git a/pcstac/setup.py b/pcstac/setup.py
index 37839d38..dcadd19c 100644
--- a/pcstac/setup.py
+++ b/pcstac/setup.py
@@ -11,7 +11,7 @@
     "stac-fastapi.types==2.4.8",
     "orjson==3.10.4",
     # Required due to some imports related to pypgstac CLI usage in startup script
-    "pypgstac[psycopg]~=0.7",
+    "pypgstac[psycopg]>=0.7.10,<0.8",
     "pystac==1.10.1",
 ]
 
diff --git a/pctiler/requirements-dev.txt b/pctiler/requirements-dev.txt
index f4d2b734..511c8b7a 100644
--- a/pctiler/requirements-dev.txt
+++ b/pctiler/requirements-dev.txt
@@ -190,8 +190,9 @@ rasterio==1.3.10
     #   rio-tiler
     #   supermercado
     #   titiler-core
-requests==2.31.0
+requests==2.32.2
     # via
+    #   pctiler (pctiler/setup.py)
     #   planetary-computer
     #   pystac-client
 rio-tiler==4.1.13
diff --git a/pctiler/requirements-server.txt b/pctiler/requirements-server.txt
index e7f828e8..0ab6f9dd 100644
--- a/pctiler/requirements-server.txt
+++ b/pctiler/requirements-server.txt
@@ -202,8 +202,9 @@ rasterio==1.3.10
     #   rio-tiler
     #   supermercado
     #   titiler-core
-requests==2.31.0
+requests==2.32.2
     # via
+    #   pctiler (pctiler/setup.py)
     #   planetary-computer
     #   pystac-client
 rio-tiler==4.1.13
diff --git a/pctiler/setup.py b/pctiler/setup.py
index 824f7d84..89c93ad8 100644
--- a/pctiler/setup.py
+++ b/pctiler/setup.py
@@ -17,6 +17,7 @@
     "botocore==1.34.123",
     "pydantic==1.10.14",
     "idna>=3.7.0",
+    "requests==2.32.2",
     # titiler-pgstac
     "psycopg[binary,pool]",
     "titiler.pgstac==0.2.4",
diff --git a/requirements-dev.txt b/requirements-dev.txt
index d165d367..b1ea644f 100644
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@@ -7,6 +7,8 @@ cachetools<=4.2.
 pytest==7.*
 pytest-asyncio==0.18.*
 httpx>=0.22.0
+json-schema<4.18.0  # https://github.com/stac-utils/pystac/issues/1186
+
 pip-tools
 # Mypy types
 types-python-dateutil