From ec77040e87c86ae368d512b56a4d4b03254e5d86 Mon Sep 17 00:00:00 2001
From: Georg Krause <mail@georg-krause.net>
Date: Sun, 25 Apr 2021 21:52:56 +0200
Subject: [PATCH] Update deps and add CI job to check outdated pkgs

---
 .gitlab-ci.yml             | 29 ++++++++++++++++++++++++---
 api/requirements/base.txt  | 41 +++++++++++++++++++-------------------
 api/requirements/local.txt | 14 ++++++-------
 api/requirements/test.txt  | 17 ++++++++--------
 scripts/check-api-deps.sh  |  4 ++++
 5 files changed, 65 insertions(+), 40 deletions(-)
 create mode 100755 scripts/check-api-deps.sh

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 9d5204cfab..9d4f7b9f12 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -16,6 +16,7 @@ stages:
   - test
   - build
   - deploy
+  - deps
 
 review_front:
   interruptible: true
@@ -292,6 +293,28 @@ build_api:
     - master@funkwhale/funkwhale
     - develop@funkwhale/funkwhale
 
-include:
-  - template: Security/Secret-Detection.gitlab-ci.yml
-  - template: Security/SAST.gitlab-ci.yml
+check_api_dependencies:
+  interruptible: true
+  stage: deps
+  image: funkwhale/funkwhale:develop
+  cache:
+    key: "$CI_PROJECT_ID__pip_cache"
+    paths:
+      - "$PIP_CACHE_DIR"
+  variables:
+    DJANGO_SETTINGS_MODULE: config.settings.local
+    POSTGRES_HOST_AUTH_METHOD: trust
+  only:
+    - branches
+  before_script:
+    - apk add make git gcc python3-dev musl-dev
+    - apk add postgresql-dev py3-psycopg2 libldap libffi-dev make zlib-dev jpeg-dev openldap-dev
+    - cd api
+    - pip3 install -r requirements/base.txt
+    - pip3 install -r requirements/local.txt
+    - pip3 install -r requirements/test.txt
+  script:
+    - $CI_PROJECT_DIR/scripts/check-api-deps.sh
+  tags:
+    - docker
+  allow_failure: true
diff --git a/api/requirements/base.txt b/api/requirements/base.txt
index 9048ee198f..dc0a7ca696 100644
--- a/api/requirements/base.txt
+++ b/api/requirements/base.txt
@@ -4,7 +4,7 @@ setuptools>=49
 django-environ~=0.4.0
 
 # Images
-Pillow~=7.0.0
+Pillow~=8.2.0
 
 django-allauth~=0.42.0
 
@@ -16,21 +16,20 @@ pytz==2020.1
 # Redis support
 django-redis~=4.12.0
 redis~=3.5.0
-kombu~=4.6.0
-
-celery~=4.4.0
+kombu~=5.0.0
 
+celery~=5.0.0
 
 # Your custom requirements go here
-django-cors-headers~=3.4.0
+django-cors-headers~=3.7.0
 musicbrainzngs~=0.7.1
-djangorestframework~=3.11.0
-arrow~=0.15.5
+djangorestframework~=3.12.2
+arrow~=1.1.0
 persisting-theory~=0.2.0
 django-versatileimagefield~=2.0.0
-django-filter~=2.3.0
+django-filter~=2.4.0
 django-rest-auth~=0.9.0
-ipython~=7.10.0
+ipython~=7.22.0
 mutagen~=1.45.0
 
 pymemoize~=1.0.0
@@ -38,38 +37,38 @@ pymemoize~=1.0.0
 django-dynamic-preferences~=1.10
 python-magic~=0.4.0
 channels~=2.4.0
-channels_redis~=3.0.0
-uvicorn[standard]~=0.12.0
-gunicorn~=20.0.0
+channels_redis~=3.2.0
+uvicorn[standard]~=0.13.4
+gunicorn~=20.1.0
 
 cryptography~=2.9.0
 # requests-http-signature==0.0.3
 # clone until the branch is merged and released upstream
 git+https://github.com/agateblue/requests-http-signature.git@signature-header-support
-django-cleanup~=5.0.0
+django-cleanup~=5.2.0
 requests~=2.25.1
 pyOpenSSL~=19.1.0
 
 # for LDAP authentication
 python-ldap~=3.3.0
-django-auth-ldap~=2.2.0
+django-auth-ldap~=2.4.0
 
-pydub~=0.24.0
+pydub~=0.25.1
 pyld~=1.0.0
 aiohttp~=3.7.4
 
 django-oauth-toolkit~=1.3.0
-django-storages~=1.9.0
-boto3~=1.14.0
+django-storages~=1.11.1
+boto3~=1.17.59
 unicode-slugify~=0.1.0
-django-cacheops~=5.0.0
+django-cacheops~=5.1.0
 
 click~=7.1.0
 service_identity~=18.1.0
-markdown~=3.2.0
-bleach~=3.1.0
+markdown~=3.3.4
+bleach~=3.3.0
 feedparser~=6.0.0
-watchdog~=1.0.2
+watchdog~=2.0.3
 
 ## Pin third party dependency to avoid issue with latest version
 twisted==20.3.0
diff --git a/api/requirements/local.txt b/api/requirements/local.txt
index fd3e2620cb..e6d413f1f8 100644
--- a/api/requirements/local.txt
+++ b/api/requirements/local.txt
@@ -1,19 +1,19 @@
 # Local development dependencies go here
 
-coverage~=4.5.0
-django_coverage_plugin~=1.6.0
+coverage~=5.5.0
+django_coverage_plugin~=1.8.0
 factory_boy~=2.11.0
 
 # django-debug-toolbar that works with Django 1.5+
-django-debug-toolbar~=2.2.0
+django-debug-toolbar~=3.2.1
 
 # improved REPL
-ipdb~=0.11.0
-prompt_toolkit~=2.0.0
-black==19.10b0
+ipdb~=0.13.7
+prompt_toolkit~=3.0.18
+black~=21.4b1
 #profiling
 
-asynctest~=0.12.0
+asynctest~=0.13.0
 aioresponses~=0.7.2
 #line_profiler<3
 #https://github.com/dmclain/django-debug-toolbar-line-profiler/archive/master.zip
diff --git a/api/requirements/test.txt b/api/requirements/test.txt
index fe9bf9a150..0f8b6255d4 100644
--- a/api/requirements/test.txt
+++ b/api/requirements/test.txt
@@ -1,13 +1,12 @@
 # Test dependencies go here.
 
-flake8~=3.8.0
-pytest~=6.0.0
-pytest-cov~=2.10.0
-pytest-django~=3.9.0
+flake8~=3.9.1
+pytest~=6.2.3
+pytest-cov~=2.11.1
+pytest-django~=4.2.0
 pytest-env~=0.6.0
-pytest-mock~=3.2.0
-pytest-randomly~=3.4.0
+pytest-mock~=3.6.0
+pytest-randomly~=3.7.0
 pytest-sugar~=0.9.0
-requests-mock~=1.8.0
-#pytest-profiling<1.4
-faker!=5.5.0
+requests-mock~=1.9.0
+faker~=8.1.1
diff --git a/scripts/check-api-deps.sh b/scripts/check-api-deps.sh
new file mode 100755
index 0000000000..5d73372bf7
--- /dev/null
+++ b/scripts/check-api-deps.sh
@@ -0,0 +1,4 @@
+outdated=$(pip list -o)
+echo -n "$outdated"
+return_code=$(echo -n "$outdated" | wc -l)
+exit $return_code
-- 
GitLab