From e9d93fbc6105b10f4454d985052307dcd7aa7e3b Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 1 Oct 2024 16:20:46 +0000
Subject: [PATCH 1/2] Update dependency bandit to v1.7.10

---
 Pipfile                                    |  2 +-
 Pipfile.lock                               | 22 ++++++-------
 docker/qgisserver/python/3.10/Pipfile      |  2 +-
 docker/qgisserver/python/3.10/Pipfile.lock | 38 +++++++++++-----------
 docker/qgisserver/python/3.8/Pipfile       |  2 +-
 5 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/Pipfile b/Pipfile
index 9c2c5e0697..2e9a0488f2 100644
--- a/Pipfile
+++ b/Pipfile
@@ -166,7 +166,7 @@ c2cciutils = "==1.1.46"
 mapbox-vector-tile = "==1.2.1"
 # Lock dependencies
 astroid = "==2.9.3"
-bandit = "==1.7.9"
+bandit = "==1.7.10"
 docopt = "==0.6.2"
 dodgy = "==0.2.1"
 flake8-polyfill = "==1.0.2"
diff --git a/Pipfile.lock b/Pipfile.lock
index 25b714ac74..c962b83095 100644
--- a/Pipfile.lock
+++ b/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "722988e9645985a1663f80b69b9989d1deb84afcb83d46788afdb5c0097d78da"
+            "sha256": "b19ac57b96fe73479a326b0caca151206b5112b42525bdb977a2cb603ab6993d"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -2025,11 +2025,11 @@
         },
         "bandit": {
             "hashes": [
-                "sha256:52077cb339000f337fb25f7e045995c4ad01511e716e5daac37014b9752de8ec",
-                "sha256:7c395a436743018f7be0a4cbb0a4ea9b902b6d87264ddecf8cfdc73b4f78ff61"
+                "sha256:59ed5caf5d92b6ada4bf65bc6437feea4a9da1093384445fed4d472acc6cff7b",
+                "sha256:665721d7bebbb4485a339c55161ac0eedde27d51e638000d91c8c2d68343ad02"
             ],
             "index": "pypi",
-            "version": "==1.7.9"
+            "version": "==1.7.10"
         },
         "beautifulsoup4": {
             "hashes": [
@@ -2487,7 +2487,7 @@
                 "sha256:6f62d78e2f89b4500b080fe3a81690850cd254227f27f75c3a0c491a1f351ba7",
                 "sha256:e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951"
             ],
-            "markers": "python_version < '4' and python_full_version >= '3.6.1'",
+            "markers": "python_version < '4.0' and python_full_version >= '3.6.1'",
             "version": "==5.10.1"
         },
         "jeepney": {
@@ -2527,7 +2527,7 @@
                 "sha256:636694eb41b3535ed608fe04129f26542b59ed99808b4f688aa32dcf55317a83",
                 "sha256:77281a1f71684953ee8b3d488371b162419767973789272434bbc3f29d9c8823"
             ],
-            "markers": "python_version >= '3.7'",
+            "markers": "python_version >= '3'",
             "version": "==4.4.0"
         },
         "jsonschema-gentypes": {
@@ -3293,18 +3293,18 @@
         },
         "rich": {
             "hashes": [
-                "sha256:1760a3c0848469b97b558fc61c85233e3dafb69c7a071b4d60c38099d3cd4c06",
-                "sha256:8260cda28e3db6bf04d2d1ef4dbc03ba80a824c88b0e7668a0f23126a424844a"
+                "sha256:097cffdf85db1babe30cc7deba5ab3a29e1b9885047dab24c57e9a7f8a9c1466",
+                "sha256:b340e739f30aa58921dc477b8adaa9ecdb7cecc217be01d93730ee1bc8aa83be"
             ],
-            "markers": "python_version >= '3.7'",
-            "version": "==13.8.1"
+            "markers": "python_version >= '3.8'",
+            "version": "==13.9.1"
         },
         "rsa": {
             "hashes": [
                 "sha256:5c6bd9dc7a543b7fe4304a631f8a8a3b674e2bbfc49c2ae96200cdbe55df6b17",
                 "sha256:95c5d300c4e879ee69708c428ba566c59478fd653cc3a22243eeb8ed846950bb"
             ],
-            "markers": "python_version >= '3.6' and python_version < '4'",
+            "markers": "python_version >= '3.6' and python_version < '4.0'",
             "version": "==4.8"
         },
         "ruamel.yaml": {
diff --git a/docker/qgisserver/python/3.10/Pipfile b/docker/qgisserver/python/3.10/Pipfile
index 97c3978674..68b647bc45 100644
--- a/docker/qgisserver/python/3.10/Pipfile
+++ b/docker/qgisserver/python/3.10/Pipfile
@@ -48,7 +48,7 @@ flake8 = "==4.0.1"
 types-pyyaml = "==6.0.12.20240917"
 # Lock dependencies
 astroid = "==2.9.3"
-bandit = "==1.7.9"
+bandit = "==1.7.10"
 dodgy = "==0.2.1"
 flake8-polyfill = "==1.0.2"
 gitdb = "==4.0.11"
diff --git a/docker/qgisserver/python/3.10/Pipfile.lock b/docker/qgisserver/python/3.10/Pipfile.lock
index 4dbcdae380..42fdccdeb9 100644
--- a/docker/qgisserver/python/3.10/Pipfile.lock
+++ b/docker/qgisserver/python/3.10/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "3c9376fc698edc11620383555290883137971dd15816ad72082cbae936f1a3a4"
+            "sha256": "38c6e45ab2de071151842b438ffdc72e548f14b4bdc725744318252cb69cb815"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -376,11 +376,11 @@
         },
         "setuptools": {
             "hashes": [
-                "sha256:f211a66637b8fa059bb28183da127d4e86396c991a942b028c6650d4319c3fd0",
-                "sha256:54faa7f2e8d2d11bcd2c07bed282eef1046b5c080d1c32add737d7b5817b1ad4"
+                "sha256:35ab7fd3bcd95e6b7fd704e4a1539513edad446c097797f2985e0e4b960772f2",
+                "sha256:d59a21b17a275fb872a9c3dae73963160ae079f1049ed956880cd7c09b120538"
             ],
             "markers": "python_version >= '3.8'",
-            "version": "==70.0.0"
+            "version": "==75.1.0"
         },
         "shapely": {
             "hashes": [
@@ -437,7 +437,7 @@
                 "sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254"
             ],
             "index": "pypi",
-            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
             "version": "==1.16.0"
         },
         "sqlalchemy": {
@@ -522,7 +522,7 @@
                 "sha256:b60ba63f05c0cf61e086a10c3781a41fcfe30027753a8ae6d819c77592ce83ea"
             ],
             "index": "pypi",
-            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "markers": "python_version >= '2.7' and python_version not in '3.0, 3.1, 3.2'",
             "version": "==1.8.8"
         },
         "wrapt": {
@@ -674,12 +674,12 @@
         },
         "bandit": {
             "hashes": [
-                "sha256:52077cb339000f337fb25f7e045995c4ad01511e716e5daac37014b9752de8ec",
-                "sha256:7c395a436743018f7be0a4cbb0a4ea9b902b6d87264ddecf8cfdc73b4f78ff61"
+                "sha256:59ed5caf5d92b6ada4bf65bc6437feea4a9da1093384445fed4d472acc6cff7b",
+                "sha256:665721d7bebbb4485a339c55161ac0eedde27d51e638000d91c8c2d68343ad02"
             ],
             "index": "pypi",
             "markers": "python_version >= '3.8'",
-            "version": "==1.7.9"
+            "version": "==1.7.10"
         },
         "dodgy": {
             "hashes": [
@@ -730,7 +730,7 @@
                 "sha256:e8443a5e7a020e9d7f97f1d7d9cd17c88bcb3bc7e218bf9cf5095fe550be2951"
             ],
             "index": "pypi",
-            "markers": "python_version < '4.0' and python_full_version >= '3.6.1'",
+            "markers": "python_full_version >= '3.6.1' and python_version < '4.0'",
             "version": "==5.10.1"
         },
         "lazy-object-proxy": {
@@ -871,7 +871,7 @@
                 "sha256:2dec5dac06f136880a3710996c0886dcc99e739007bbc05afc32884973f5c058",
                 "sha256:c04b3d593e7c525cf9a742fed62afbe02e2874f0e42f2f56a49378fd94037360"
             ],
-            "markers": "python_version < '4.0' and python_full_version >= '3.6.2'",
+            "markers": "python_full_version >= '3.6.2' and python_version < '4.0'",
             "version": "==1.7.7"
         },
         "pycodestyle": {
@@ -976,11 +976,11 @@
         },
         "rich": {
             "hashes": [
-                "sha256:1760a3c0848469b97b558fc61c85233e3dafb69c7a071b4d60c38099d3cd4c06",
-                "sha256:8260cda28e3db6bf04d2d1ef4dbc03ba80a824c88b0e7668a0f23126a424844a"
+                "sha256:097cffdf85db1babe30cc7deba5ab3a29e1b9885047dab24c57e9a7f8a9c1466",
+                "sha256:b340e739f30aa58921dc477b8adaa9ecdb7cecc217be01d93730ee1bc8aa83be"
             ],
-            "markers": "python_full_version >= '3.7.0'",
-            "version": "==13.8.1"
+            "markers": "python_full_version >= '3.8.0'",
+            "version": "==13.9.1"
         },
         "setoptconf-tmp": {
             "hashes": [
@@ -992,11 +992,11 @@
         },
         "setuptools": {
             "hashes": [
-                "sha256:f211a66637b8fa059bb28183da127d4e86396c991a942b028c6650d4319c3fd0",
-                "sha256:54faa7f2e8d2d11bcd2c07bed282eef1046b5c080d1c32add737d7b5817b1ad4"
+                "sha256:35ab7fd3bcd95e6b7fd704e4a1539513edad446c097797f2985e0e4b960772f2",
+                "sha256:d59a21b17a275fb872a9c3dae73963160ae079f1049ed956880cd7c09b120538"
             ],
             "markers": "python_version >= '3.8'",
-            "version": "==70.0.0"
+            "version": "==75.1.0"
         },
         "smmap": {
             "hashes": [
@@ -1030,7 +1030,7 @@
                 "sha256:b3bda1d108d5dd99f4a20d24d9c348e91c4db7ab1b749200bded2f839ccbe68f"
             ],
             "index": "pypi",
-            "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2, 3.3'",
+            "markers": "python_version >= '2.6' and python_version not in '3.0, 3.1, 3.2'",
             "version": "==0.10.2"
         },
         "tomli": {
diff --git a/docker/qgisserver/python/3.8/Pipfile b/docker/qgisserver/python/3.8/Pipfile
index 58274f7ca9..9eb6ed2b29 100644
--- a/docker/qgisserver/python/3.8/Pipfile
+++ b/docker/qgisserver/python/3.8/Pipfile
@@ -49,7 +49,7 @@ flake8 = "==4.0.1"
 types-pyyaml = "==6.0.12.20240917"
 # Lock dependencies
 astroid = "==2.9.3"
-bandit = "==1.7.9"
+bandit = "==1.7.10"
 dodgy = "==0.2.1"
 flake8-polyfill = "==1.0.2"
 gitdb = "==4.0.11"

From 092e9b8721f0f702e597ec995e28e8661e4640b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?St=C3=A9phane=20Brunner?= <stephane.brunner@camptocamp.com>
Date: Wed, 2 Oct 2024 13:05:06 +0200
Subject: [PATCH 2/2] Fix lock

---
 docker/qgisserver/python/3.8/Pipfile.lock | 16 ++++++++--------
 1 file changed, 8 insertions(+), 8 deletions(-)

diff --git a/docker/qgisserver/python/3.8/Pipfile.lock b/docker/qgisserver/python/3.8/Pipfile.lock
index ddd881479f..d9f9bb7564 100644
--- a/docker/qgisserver/python/3.8/Pipfile.lock
+++ b/docker/qgisserver/python/3.8/Pipfile.lock
@@ -1,7 +1,7 @@
 {
     "_meta": {
         "hash": {
-            "sha256": "a4ad76b98038d1bca5e9e1fa87282068b28447b445954696978f0e9ef1391903"
+            "sha256": "e87ec9c2e2d72d678a1093733db0bf6905e5c72fc33802517b3779863c00a237"
         },
         "pipfile-spec": 6,
         "requires": {
@@ -673,11 +673,11 @@
         },
         "bandit": {
             "hashes": [
-                "sha256:52077cb339000f337fb25f7e045995c4ad01511e716e5daac37014b9752de8ec",
-                "sha256:7c395a436743018f7be0a4cbb0a4ea9b902b6d87264ddecf8cfdc73b4f78ff61"
+                "sha256:59ed5caf5d92b6ada4bf65bc6437feea4a9da1093384445fed4d472acc6cff7b",
+                "sha256:665721d7bebbb4485a339c55161ac0eedde27d51e638000d91c8c2d68343ad02"
             ],
             "index": "pypi",
-            "version": "==1.7.9"
+            "version": "==1.7.10"
         },
         "dodgy": {
             "hashes": [
@@ -976,11 +976,11 @@
         },
         "rich": {
             "hashes": [
-                "sha256:1760a3c0848469b97b558fc61c85233e3dafb69c7a071b4d60c38099d3cd4c06",
-                "sha256:8260cda28e3db6bf04d2d1ef4dbc03ba80a824c88b0e7668a0f23126a424844a"
+                "sha256:097cffdf85db1babe30cc7deba5ab3a29e1b9885047dab24c57e9a7f8a9c1466",
+                "sha256:b340e739f30aa58921dc477b8adaa9ecdb7cecc217be01d93730ee1bc8aa83be"
             ],
-            "markers": "python_version >= '3.7'",
-            "version": "==13.8.1"
+            "markers": "python_version >= '3.8'",
+            "version": "==13.9.1"
         },
         "setoptconf-tmp": {
             "hashes": [