From 9623dff6b199270b50dc2a7ea00a6d0a7fe43c9d Mon Sep 17 00:00:00 2001 From: SergeantPanda Date: Thu, 18 Dec 2025 13:19:18 -0600 Subject: [PATCH] =?UTF-8?q?Enhancement:=20Updated=20dependencies:=20Django?= =?UTF-8?q?=20(5.2.4=20=E2=86=92=205.2.9)=20includes=20CVE=20security=20pa?= =?UTF-8?q?tch,=20psycopg2-binary=20(2.9.10=20=E2=86=92=202.9.11),=20celer?= =?UTF-8?q?y=20(5.5.3=20=E2=86=92=205.6.0),=20djangorestframework=20(3.16.?= =?UTF-8?q?0=20=E2=86=92=203.16.1),=20requests=20(2.32.4=20=E2=86=92=202.3?= =?UTF-8?q?2.5),=20psutil=20(7.0.0=20=E2=86=92=207.1.3),=20gevent=20(25.5.?= =?UTF-8?q?1=20=E2=86=92=2025.9.1),=20rapidfuzz=20(3.13.0=20=E2=86=92=203.?= =?UTF-8?q?14.3),=20torch=20(2.7.1=20=E2=86=92=202.9.1),=20sentence-transf?= =?UTF-8?q?ormers=20(5.1.0=20=E2=86=92=205.2.0),=20lxml=20(6.0.0=20?= =?UTF-8?q?=E2=86=92=206.0.2)=20(Closes=20#662)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- CHANGELOG.md | 1 + requirements.txt | 24 ++++++++++++------------ 2 files changed, 13 insertions(+), 12 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8d12ee80..d95ba566 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -17,6 +17,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0 - Removed unreachable code path in m3u output - Thanks [@DawtCom](https://github.com/DawtCom) - GitHub Actions workflows now use `docker/metadata-action` for cleaner and more maintainable OCI-compliant image label generation across all build pipelines (ci.yml, base-image.yml, release.yml). Labels are applied to both platform-specific images and multi-arch manifests with proper annotation formatting. - Thanks [@mrdynamo]https://github.com/mrdynamo) (Closes #724) - Update docker/dev-build.sh to support private registries, multiple architectures and pushing. Now you can do things like `dev-build.sh -p -r my.private.registry -a linux/arm64,linux/amd64` - Thanks [@jdblack](https://github.com/jblack) +- Updated dependencies: Django (5.2.4 → 5.2.9) includes CVE security patch, psycopg2-binary (2.9.10 → 2.9.11), celery (5.5.3 → 5.6.0), djangorestframework (3.16.0 → 3.16.1), requests (2.32.4 → 2.32.5), psutil (7.0.0 → 7.1.3), gevent (25.5.1 → 25.9.1), rapidfuzz (3.13.0 → 3.14.3), torch (2.7.1 → 2.9.1), sentence-transformers (5.1.0 → 5.2.0), lxml (6.0.0 → 6.0.2) (Closes #662) ### Fixed diff --git a/requirements.txt b/requirements.txt index 9d7c1965..3416804d 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,32 +1,32 @@ -Django==5.2.4 -psycopg2-binary==2.9.10 -celery[redis]==5.5.3 -djangorestframework==3.16.0 -requests==2.32.4 -psutil==7.0.0 +Django==5.2.9 +psycopg2-binary==2.9.11 +celery[redis]==5.6.0 +djangorestframework==3.16.1 +requests==2.32.5 +psutil==7.1.3 pillow -drf-yasg>=1.20.0 +drf-yasg>=1.21.11 streamlink python-vlc yt-dlp -gevent==25.5.1 +gevent==25.9.1 daphne uwsgi django-cors-headers djangorestframework-simplejwt m3u8 -rapidfuzz==3.13.0 +rapidfuzz==3.14.3 regex # Required by transformers but also used for advanced regex features tzlocal # PyTorch dependencies (CPU only) --extra-index-url https://download.pytorch.org/whl/cpu/ -torch==2.7.1+cpu +torch==2.9.1+cpu # ML/NLP dependencies -sentence-transformers==5.1.0 +sentence-transformers==5.2.0 channels channels-redis==4.3.0 django-filter django-celery-beat -lxml==6.0.0 +lxml==6.0.2