From e300cf6e1b5dc1d8bb4d36c69881b74824db0e92 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Thu, 30 May 2019 13:34:44 -0700
Subject: [PATCH 1/4] Downgrade Kombu

---
 requirements-docs.txt | 2 +-
 requirements.in       | 2 +-
 requirements.txt      | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/requirements-docs.txt b/requirements-docs.txt
index fbd70c49..afd01a77 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -53,7 +53,7 @@ jinja2==2.10.1
 jmespath==0.9.4
 josepy==1.1.0
 jsonlines==1.2.0
-kombu==4.6.0
+kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
 mako==1.0.10
diff --git a/requirements.in b/requirements.in
index ae64c225..d766b7a9 100644
--- a/requirements.in
+++ b/requirements.in
@@ -28,7 +28,7 @@ gunicorn
 hvac # required for the vault destination plugin
 inflection
 jinja2
-kombu
+kombu<4.6.0 # Bug with inspecting active tasks: https://github.com/celery/kombu/issues/1051
 lockfile
 logmatic-python
 marshmallow-sqlalchemy
diff --git a/requirements.txt b/requirements.txt
index 7dde8a3d..4542d440 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -50,7 +50,7 @@ jinja2==2.10.1
 jmespath==0.9.4           # via boto3, botocore
 josepy==1.1.0             # via acme
 jsonlines==1.2.0          # via cloudflare
-kombu==4.6.0
+kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
 mako==1.0.10              # via alembic

From 28b216273d6cb9e9f009816e6c9fc96362c39ab3 Mon Sep 17 00:00:00 2001
From: Kush Bavishi <kush.bavishi@gmail.com>
Date: Fri, 31 May 2019 14:07:26 -0700
Subject: [PATCH 2/4] Upgrading Gulp. If this is not necessary, we can remove
 it later.

---
 package.json | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/package.json b/package.json
index f47978db..fe1267a6 100644
--- a/package.json
+++ b/package.json
@@ -9,7 +9,6 @@
     "bower": "^1.8.2",
     "browser-sync": "^2.3.1",
     "del": "^2.2.2",
-    "gulp": "^3.8.11",
     "gulp-autoprefixer": "^3.1.1",
     "gulp-cache": "^0.4.5",
     "gulp-concat": "^2.4.1",
@@ -60,6 +59,7 @@
     "test": "gulp test"
   },
   "devDependencies": {
+    "gulp": "^3.9.1",
     "jshint": "^2.8.0",
     "karma-chrome-launcher": "^2.0.0"
   }

From 45231c2423a95fddbc9804fab99db61a817d43f7 Mon Sep 17 00:00:00 2001
From: Kush Bavishi <kush.bavishi@gmail.com>
Date: Fri, 31 May 2019 14:08:28 -0700
Subject: [PATCH 3/4] Added code to automatically add the common name as a DNS
 name while creating a certificate.

---
 .../certificate/tracking.tpl.html             |  2 ++
 .../app/angular/certificates/services.js      | 20 +++++++++++++++++++
 2 files changed, 22 insertions(+)

diff --git a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
index b64f6e3d..573510cd 100644
--- a/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
+++ b/lemur/static/app/angular/certificates/certificate/tracking.tpl.html
@@ -33,6 +33,8 @@
                uib-tooltip="If you need a certificate with multiple domains enter your primary domain here and the rest under 'Subject Alternate Names' by clicking 'More Options'"
                ng-model="certificate.commonName" placeholder="Common Name" class="form-control"
                ng-maxlength="64"
+               ng-blur="certificate.attachCommonName()"
+               ng-focus="certificate.removeCommonName()"
                required/>
 
         <p ng-show="trackingForm.commonName.$invalid && !trackingForm.commonName.$pristine" class="help-block">
diff --git a/lemur/static/app/angular/certificates/services.js b/lemur/static/app/angular/certificates/services.js
index ecd7870f..3a23076d 100644
--- a/lemur/static/app/angular/certificates/services.js
+++ b/lemur/static/app/angular/certificates/services.js
@@ -18,6 +18,26 @@ angular.module('lemur')
           this.authority = authority;
           this.authority.maxDate = moment(this.authority.notAfter).subtract(1, 'days').format('YYYY/MM/DD');
         },
+        attachCommonName: function () {
+          if (this.extensions === undefined) {
+            this.extensions = {};
+          }
+
+          if (this.extensions.subAltNames === undefined) {
+            this.extensions.subAltNames = {'names': []};
+          }
+
+          if (angular.isString(this.commonName)) {
+            this.extensions.subAltNames.names.unshift({'nameType': 'DNSName', 'value': this.commonName});
+          }
+        },
+        removeCommonName: function () {
+          if (angular.isDefined(this.extensions) && angular.isDefined(this.extensions.subAltNames)) {
+            if (angular.equals(this.extensions.subAltNames.names[0].value, this.commonName)) {
+              this.extensions.subAltNames.names.shift();
+            }
+          }
+        },
         attachSubAltName: function () {
           if (this.extensions === undefined) {
             this.extensions = {};

From aeb32f4853a4ac0cdeeba85ba8ec561aebc97a18 Mon Sep 17 00:00:00 2001
From: Curtis Castrapel <ccastrapel@netflix.com>
Date: Tue, 4 Jun 2019 08:21:52 -0700
Subject: [PATCH 4/4] Upgrade docker to 3.7

---
 Dockerfile             |  2 +-
 requirements-docs.txt  | 14 +++++++-------
 requirements-tests.txt | 20 +++++++++++---------
 requirements.txt       | 12 ++++++------
 4 files changed, 25 insertions(+), 23 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index b9d7335e..b9439be7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-FROM python:3.5
+FROM python:3.7
 RUN apt-get update
 RUN apt-get install -y make software-properties-common curl
 RUN curl -sL https://deb.nodesource.com/setup_7.x | bash -
diff --git a/requirements-docs.txt b/requirements-docs.txt
index afd01a77..c0fe427e 100644
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@@ -10,15 +10,15 @@ alembic-autogenerate-enums==0.0.2
 alembic==1.0.10
 amqp==2.5.0
 aniso8601==6.0.0
-arrow==0.13.2
+arrow==0.14.2
 asn1crypto==0.24.0
 asyncpool==1.0
 babel==2.7.0              # via sphinx
 bcrypt==3.1.6
 billiard==3.6.0.0
 blinker==1.4
-boto3==1.9.158
-botocore==1.12.158
+boto3==1.9.160
+botocore==1.12.160
 celery[redis]==4.3.0
 certifi==2019.3.9
 certsrv==2.1.1
@@ -26,7 +26,7 @@ cffi==1.12.3
 chardet==3.0.4
 click==7.0
 cloudflare==2.3.0
-cryptography==2.6.1
+cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0
 docutils==0.14
@@ -36,7 +36,7 @@ flask-cors==3.0.7
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
-flask-replicated==1.2
+flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
@@ -56,7 +56,7 @@ jsonlines==1.2.0
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.10
+mako==1.0.11
 markupsafe==1.1.1
 marshmallow-sqlalchemy==0.16.3
 marshmallow==2.19.2
@@ -91,7 +91,7 @@ s3transfer==0.2.0
 six==1.12.0
 snowballstemmer==1.2.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==2.0.1
+sphinx==2.1.0
 sphinxcontrib-applehelp==1.0.1  # via sphinx
 sphinxcontrib-devhelp==1.0.1  # via sphinx
 sphinxcontrib-htmlhelp==1.0.2  # via sphinx
diff --git a/requirements-tests.txt b/requirements-tests.txt
index cf53fa17..77bc92af 100644
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@@ -12,16 +12,16 @@ aws-sam-translator==1.11.0  # via cfn-lint
 aws-xray-sdk==2.4.2       # via moto
 bandit==1.6.0
 black==19.3b0
-boto3==1.9.158            # via aws-sam-translator, moto
+boto3==1.9.160            # via aws-sam-translator, moto
 boto==2.49.0              # via moto
-botocore==1.12.158        # via aws-xray-sdk, boto3, moto, s3transfer
+botocore==1.12.160        # via aws-xray-sdk, boto3, moto, s3transfer
 certifi==2019.3.9         # via requests
 cffi==1.12.3              # via cryptography
-cfn-lint==0.21.3          # via moto
+cfn-lint==0.21.4          # via moto
 chardet==3.0.4            # via requests
 click==7.0                # via black, flask
 coverage==4.5.3
-cryptography==2.6.1       # via moto
+cryptography==2.7         # via moto
 docker==4.0.1             # via moto
 docutils==0.14            # via botocore
 ecdsa==0.13.2             # via python-jose
@@ -33,7 +33,7 @@ future==0.17.1            # via aws-xray-sdk, python-jose
 gitdb2==2.0.5             # via gitpython
 gitpython==2.1.11         # via bandit
 idna==2.8                 # via moto, requests
-importlib-metadata==0.17  # via pluggy
+importlib-metadata==0.17  # via pluggy, pytest
 itsdangerous==1.1.0       # via flask
 jinja2==2.10.1            # via flask, moto
 jmespath==0.9.4           # via boto3, botocore
@@ -47,30 +47,32 @@ mock==3.0.5               # via moto
 more-itertools==7.0.0     # via pytest
 moto==1.3.8
 nose==1.3.7
+packaging==19.0           # via pytest
 pbr==5.2.1                # via stevedore
 pluggy==0.12.0            # via pytest
 py==1.8.0                 # via pytest
 pyasn1==0.4.5             # via rsa
 pycparser==2.19           # via cffi
 pyflakes==2.1.1
+pyparsing==2.4.0          # via packaging
 pytest-flask==0.15.0
 pytest-mock==1.10.4
-pytest==4.5.0
+pytest==4.6.2
 python-dateutil==2.8.0    # via botocore, faker, freezegun, moto
 python-jose==3.0.1        # via moto
 pytz==2019.1              # via moto
 pyyaml==5.1
 requests-mock==1.6.0
-requests==2.21.0          # via cfn-lint, docker, moto, requests-mock, responses
+requests==2.22.0          # via cfn-lint, docker, moto, requests-mock, responses
 responses==0.10.6         # via moto
 rsa==4.0                  # via python-jose
 s3transfer==0.2.0         # via boto3
-six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, mock, moto, pytest, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
+six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, mock, moto, packaging, pytest, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
 smmap2==2.0.5             # via gitdb2
 stevedore==1.30.1         # via bandit
 text-unidecode==1.2       # via faker
 toml==0.10.0              # via black
-urllib3==1.24.3           # via botocore, requests
+urllib3==1.25.3           # via botocore, requests
 wcwidth==0.1.7            # via pytest
 websocket-client==0.56.0  # via docker
 werkzeug==0.15.4          # via flask, moto, pytest-flask
diff --git a/requirements.txt b/requirements.txt
index 4542d440..c19c7b6e 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -9,14 +9,14 @@ alembic-autogenerate-enums==0.0.2
 alembic==1.0.10           # via flask-migrate
 amqp==2.5.0               # via kombu
 aniso8601==6.0.0          # via flask-restful
-arrow==0.13.2
+arrow==0.14.2
 asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
 bcrypt==3.1.6             # via flask-bcrypt, paramiko
 billiard==3.6.0.0         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.9.158
-botocore==1.12.158
+boto3==1.9.160
+botocore==1.12.160
 celery[redis]==4.3.0
 certifi==2019.3.9
 certsrv==2.1.1
@@ -24,7 +24,7 @@ cffi==1.12.3              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
 click==7.0                # via flask
 cloudflare==2.3.0
-cryptography==2.6.1
+cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0         # via dnspython3
 docutils==0.14            # via botocore
@@ -34,7 +34,7 @@ flask-cors==3.0.7
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
-flask-replicated==1.2
+flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
@@ -53,7 +53,7 @@ jsonlines==1.2.0          # via cloudflare
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.10              # via alembic
+mako==1.0.11              # via alembic
 markupsafe==1.1.1         # via jinja2, mako
 marshmallow-sqlalchemy==0.16.3
 marshmallow==2.19.2