Merge pull request #2853 from hosseinsh/up-dependencies-20Sep2019

updating dependencies, and fixing the deprecated arrow.replaces to shift
2019-09-20 15:34:55 -07:00 · 2019-09-20 15:34:55 -07:00 · 4e7e81aee8
parent 0c70e5c3fd 96b2149433
commit 4e7e81aee8
12 changed files with 127 additions and 128 deletions
--- a/lemur/certificates/service.py
+++ b/lemur/certificates/service.py
@ -419,7 +419,7 @@ def render(args):
        )

    if time_range:
-        to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD")
+        to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD")
        now = arrow.now().format("YYYY-MM-DD")
        query = query.filter(Certificate.not_after <= to).filter(
            Certificate.not_after >= now
@ -561,7 +561,7 @@ def stats(**kwargs):
    """
    if kwargs.get("metric") == "not_after":
        start = arrow.utcnow()
-        end = start.replace(weeks=+32)
+        end = start.shift(weeks=+32)
        items = (
            database.db.session.query(Certificate.issuer, func.count(Certificate.id))
            .group_by(Certificate.issuer)
--- a/lemur/common/missing.py
+++ b/lemur/common/missing.py
@ -15,11 +15,11 @@ def convert_validity_years(data):
        now = arrow.utcnow()
        data["validity_start"] = now.isoformat()

-        end = now.replace(years=+int(data["validity_years"]))
+        end = now.shift(years=+int(data["validity_years"]))

        if not current_app.config.get("LEMUR_ALLOW_WEEKEND_EXPIRATION", True):
            if is_weekend(end):
-                end = end.replace(days=-2)
+                end = end.shift(days=-2)

        data["validity_end"] = end.isoformat()
    return data
--- a/lemur/pending_certificates/service.py
+++ b/lemur/pending_certificates/service.py
@ -244,7 +244,7 @@ def render(args):
        )

    if time_range:
-        to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD")
+        to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD")
        now = arrow.now().format("YYYY-MM-DD")
        query = query.filter(PendingCertificate.not_after <= to).filter(
            PendingCertificate.not_after >= now
--- a/lemur/plugins/lemur_digicert/plugin.py
+++ b/lemur/plugins/lemur_digicert/plugin.py
@ -72,11 +72,11 @@ def determine_validity_years(end_date):
    """
    now = arrow.utcnow()

-    if end_date < now.replace(years=+1):
+    if end_date < now.shift(years=+1):
        return 1
-    elif end_date < now.replace(years=+2):
+    elif end_date < now.shift(years=+2):
        return 2
-    elif end_date < now.replace(years=+3):
+    elif end_date < now.shift(years=+3):
        return 3

    raise Exception(
@ -148,12 +148,12 @@ def map_cis_fields(options, csr):
    """
    if not options.get("validity_years"):
        if not options.get("validity_end"):
-            options["validity_end"] = arrow.utcnow().replace(
+            options["validity_end"] = arrow.utcnow().shift(
                years=current_app.config.get("DIGICERT_DEFAULT_VALIDITY", 1)
            )
        options["validity_years"] = determine_validity_years(options["validity_end"])
    else:
-        options["validity_end"] = arrow.utcnow().replace(
+        options["validity_end"] = arrow.utcnow().shift(
            years=options["validity_years"]
        )

--- a/lemur/plugins/lemur_verisign/plugin.py
+++ b/lemur/plugins/lemur_verisign/plugin.py
@ -111,16 +111,14 @@ def process_options(options):

    data["subject_alt_names"] = ",".join(get_additional_names(options))

-    if options.get("validity_end") > arrow.utcnow().replace(years=2):
+    if options.get("validity_end") > arrow.utcnow().shift(years=2):
        raise Exception(
            "Verisign issued certificates cannot exceed two years in validity"
        )

    if options.get("validity_end"):
        # VeriSign (Symantec) only accepts strictly smaller than 2 year end date
-        if options.get("validity_end") < arrow.utcnow().replace(years=2).replace(
-            days=-1
-        ):
+        if options.get("validity_end") < arrow.utcnow().shift(years=2, days=-1):
            period = get_default_issuance(options)
            data["specificEndDate"] = options["validity_end"].format("MM/DD/YYYY")
            data["validityPeriod"] = period
@ -149,9 +147,9 @@ def get_default_issuance(options):
    """
    now = arrow.utcnow()

-    if options["validity_end"] < now.replace(years=+1):
+    if options["validity_end"] < now.shift(years=+1):
        validity_period = "1Y"
-    elif options["validity_end"] < now.replace(years=+2):
+    elif options["validity_end"] < now.shift(years=+2):
        validity_period = "2Y"
    else:
        raise Exception(
@ -261,7 +259,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
        url = current_app.config.get("VERISIGN_URL") + "/reportingws"

        end = arrow.now()
-        start = end.replace(days=-7)
+        start = end.shift(days=-7)

        data = {
            "reportType": "detail",
@ -299,7 +297,7 @@ class VerisignSourcePlugin(SourcePlugin):
    def get_certificates(self):
        url = current_app.config.get("VERISIGN_URL") + "/reportingws"
        end = arrow.now()
-        start = end.replace(years=-5)
+        start = end.shift(years=-5)
        data = {
            "reportType": "detail",
            "startDate": start.format("MM/DD/YYYY"),
--- a/lemur/tests/test_missing.py
+++ b/lemur/tests/test_missing.py
@ -10,11 +10,11 @@ def test_convert_validity_years(session):
        data = convert_validity_years(dict(validity_years=2))

        assert data["validity_start"] == arrow.utcnow().isoformat()
-        assert data["validity_end"] == arrow.utcnow().replace(years=+2).isoformat()
+        assert data["validity_end"] == arrow.utcnow().shift(years=+2).isoformat()

    with freeze_time("2015-01-10"):
        data = convert_validity_years(dict(validity_years=1))
        assert (
            data["validity_end"]
-            == arrow.utcnow().replace(years=+1, days=-2).isoformat()
+            == arrow.utcnow().shift(years=+1, days=-2).isoformat()
        )
--- a/package.json
+++ b/package.json
@ -7,7 +7,7 @@
  },
  "dependencies": {
    "bower": "^1.8.2",
-    "browser-sync": "^2.3.1",
+    "browser-sync": "^2.26.7",
    "del": "^2.2.2",
    "gulp-autoprefixer": "^3.1.1",
    "gulp-cache": "^0.4.5",
@ -25,7 +25,7 @@
    "gulp-minify-css": "^1.2.4",
    "gulp-minify-html": "~1.0.6",
    "gulp-ng-annotate": "~2.0.0",
-    "gulp-ng-html2js": "~0.2.2",
+    "gulp-ng-html2js": "^0.2.3",
    "gulp-notify": "^2.2.0",
    "gulp-plumber": "^1.1.0",
    "gulp-print": "^2.0.1",
--- a/requirements-dev.txt
+++ b/requirements-dev.txt
@ -6,34 +6,35 @@
 #
 aspy.yaml==1.3.0          # via pre-commit
 bleach==3.1.0             # via readme-renderer
-certifi==2019.6.16        # via requests
-cfgv==2.0.0               # via pre-commit
+certifi==2019.9.11        # via requests
+cfgv==2.0.1               # via pre-commit
 chardet==3.0.4            # via requests
-docutils==0.14            # via readme-renderer
+docutils==0.15.2          # via readme-renderer
 flake8==3.5.0
-identify==1.4.5           # via pre-commit
+identify==1.4.7           # via pre-commit
 idna==2.8                 # via requests
-importlib-metadata==0.18  # via pre-commit
-invoke==1.2.0
+importlib-metadata==0.23  # via pre-commit
+invoke==1.3.0
 mccabe==0.6.1             # via flake8
+more-itertools==7.2.0     # via zipp
 nodeenv==1.3.3
 pkginfo==1.5.0.1          # via twine
-pre-commit==1.17.0
+pre-commit==1.18.3
 pycodestyle==2.3.1        # via flake8
 pyflakes==1.6.0           # via flake8
 pygments==2.4.2           # via readme-renderer
-pyyaml==5.1.1
+pyyaml==5.1.2
 readme-renderer==24.0     # via twine
 requests-toolbelt==0.9.1  # via twine
 requests==2.22.0          # via requests-toolbelt, twine
 six==1.12.0               # via bleach, cfgv, pre-commit, readme-renderer
 toml==0.10.0              # via pre-commit
-tqdm==4.32.2              # via twine
-twine==1.13.0
-urllib3==1.25.3           # via requests
-virtualenv==16.6.1        # via pre-commit
+tqdm==4.36.1              # via twine
+twine==1.15.0
+urllib3==1.25.5           # via requests
+virtualenv==16.7.5        # via pre-commit
 webencodings==0.5.1       # via bleach
-zipp==0.5.2               # via importlib-metadata
+zipp==0.6.0               # via importlib-metadata

 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.0.1        # via twine
+# setuptools==41.2.0        # via twine
--- a/requirements-docs.txt
+++ b/requirements-docs.txt
@ -4,23 +4,23 @@
 #
 #    pip-compile --no-index --output-file=requirements-docs.txt requirements-docs.in
 #
-acme==0.36.0
+acme==0.38.0
 alabaster==0.7.12         # via sphinx
 alembic-autogenerate-enums==0.0.2
-alembic==1.0.11
-amqp==2.5.0
-aniso8601==7.0.0
-arrow==0.14.2
+alembic==1.2.0
+amqp==2.5.1
+aniso8601==8.0.0
+arrow==0.15.2
 asn1crypto==0.24.0
 asyncpool==1.0
 babel==2.7.0              # via sphinx
 bcrypt==3.1.7
-billiard==3.6.0.0
+billiard==3.6.1.0
 blinker==1.4
-boto3==1.9.187
-botocore==1.12.187
+boto3==1.9.232
+botocore==1.12.232
 celery[redis]==4.3.0
-certifi==2019.6.16
+certifi==2019.9.11
 certsrv==2.1.1
 cffi==1.12.3
 chardet==3.0.4
@ -29,7 +29,7 @@ cloudflare==2.3.0
 cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0
-docutils==0.14
+docutils==0.15.2
 dyn==1.8.1
 flask-bcrypt==0.7.1
 flask-cors==3.0.8
@ -43,7 +43,7 @@ flask-sqlalchemy==2.4.0
 flask==1.1.1
 future==0.17.1
 gunicorn==19.9.0
-hvac==0.9.3
+hvac==0.9.5
 idna==2.8
 imagesize==1.1.0          # via sphinx
 inflection==0.3.1
@ -56,42 +56,42 @@ jsonlines==1.2.0
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.13
+mako==1.1.0
 markupsafe==1.1.1
-marshmallow-sqlalchemy==0.17.0
-marshmallow==2.19.5
+marshmallow-sqlalchemy==0.19.0
+marshmallow==2.20.4
 mock==3.0.5
 ndg-httpsclient==0.5.1
-packaging==19.0           # via sphinx
+packaging==19.2           # via sphinx
 paramiko==2.6.0
-pem==19.1.0
+pem==19.2.0
 psycopg2==2.8.3
-pyasn1-modules==0.2.5
-pyasn1==0.4.5
+pyasn1-modules==0.2.6
+pyasn1==0.4.7
 pycparser==2.19
-pycryptodomex==3.8.2
+pycryptodomex==3.9.0
 pygments==2.4.2           # via sphinx
 pyjks==19.0.0
 pyjwt==1.7.1
 pynacl==1.3.0
 pyopenssl==19.0.0
-pyparsing==2.4.0          # via packaging
+pyparsing==2.4.2          # via packaging
 pyrfc3339==1.1
 python-dateutil==2.8.0
 python-editor==1.0.4
 python-json-logger==0.1.11
-pytz==2019.1
-pyyaml==5.1.1
+pytz==2019.2
+pyyaml==5.1.2
 raven[flask]==6.10.0
-redis==3.2.1
+redis==3.3.8
 requests-toolbelt==0.9.1
 requests[security]==2.22.0
 retrying==1.3.3
 s3transfer==0.2.1
 six==1.12.0
-snowballstemmer==1.9.0    # via sphinx
+snowballstemmer==1.9.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==2.1.2
+sphinx==2.2.0
 sphinxcontrib-applehelp==1.0.1  # via sphinx
 sphinxcontrib-devhelp==1.0.1  # via sphinx
 sphinxcontrib-htmlhelp==1.0.2  # via sphinx
@ -99,14 +99,14 @@ sphinxcontrib-httpdomain==1.7.0
 sphinxcontrib-jsmath==1.0.1  # via sphinx
 sphinxcontrib-qthelp==1.0.2  # via sphinx
 sphinxcontrib-serializinghtml==1.1.3  # via sphinx
-sqlalchemy-utils==0.34.0
-sqlalchemy==1.3.5
+sqlalchemy-utils==0.34.2
+sqlalchemy==1.3.8
 tabulate==0.8.3
 twofish==0.3.0
-urllib3==1.25.3
+urllib3==1.25.5
 vine==1.3.0
-werkzeug==0.15.4
+werkzeug==0.16.0
 xmltodict==0.12.0

 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.0.1        # via acme, josepy, sphinx
+# setuptools==41.2.0        # via acme, josepy, sphinx
--- a/requirements-tests.txt
+++ b/requirements-tests.txt
@ -8,84 +8,84 @@ appdirs==1.4.3            # via black
 asn1crypto==0.24.0        # via cryptography
 atomicwrites==1.3.0       # via pytest
 attrs==19.1.0             # via black, jsonschema, pytest
-aws-sam-translator==1.12.0  # via cfn-lint
+aws-sam-translator==1.14.0  # via cfn-lint
 aws-xray-sdk==2.4.2       # via moto
 bandit==1.6.2
 black==19.3b0
-boto3==1.9.187            # via aws-sam-translator, moto
+boto3==1.9.232            # via aws-sam-translator, moto
 boto==2.49.0              # via moto
-botocore==1.12.187        # via aws-xray-sdk, boto3, moto, s3transfer
-certifi==2019.6.16        # via requests
+botocore==1.12.232        # via aws-xray-sdk, boto3, moto, s3transfer
+certifi==2019.9.11        # via requests
 cffi==1.12.3              # via cryptography
-cfn-lint==0.22.2          # via moto
+cfn-lint==0.24.1          # via moto
 chardet==3.0.4            # via requests
 click==7.0                # via black, flask
-coverage==4.5.3
+coverage==4.5.4
 cryptography==2.7         # via moto, sshpubkeys
 datetime==4.3             # via moto
 docker==4.0.2             # via moto
-docutils==0.14            # via botocore
+docutils==0.15.2          # via botocore
 ecdsa==0.13.2             # via python-jose, sshpubkeys
 factory-boy==2.12.0
-faker==1.0.7
-fakeredis==1.0.3
+faker==2.0.2
+fakeredis==1.0.5
 flask==1.1.1              # via pytest-flask
 freezegun==0.3.12
 future==0.17.1            # via aws-xray-sdk, python-jose
 gitdb2==2.0.5             # via gitpython
-gitpython==2.1.11         # via bandit
+gitpython==3.0.2          # via bandit
 idna==2.8                 # via moto, requests
-importlib-metadata==0.18  # via pluggy, pytest
+importlib-metadata==0.23  # via pluggy, pytest
 itsdangerous==1.1.0       # via flask
 jinja2==2.10.1            # via flask, moto
 jmespath==0.9.4           # via boto3, botocore
 jsondiff==1.1.2           # via moto
-jsonpatch==1.23           # via cfn-lint
+jsonpatch==1.24           # via cfn-lint
 jsonpickle==1.2           # via aws-xray-sdk
 jsonpointer==2.0          # via jsonpatch
-jsonschema==3.0.1         # via aws-sam-translator, cfn-lint
+jsonschema==3.0.2         # via aws-sam-translator, cfn-lint
 markupsafe==1.1.1         # via jinja2
 mock==3.0.5               # via moto
-more-itertools==7.1.0     # via pytest
-moto==1.3.11
+more-itertools==7.2.0     # via pytest, zipp
+moto==1.3.13
 nose==1.3.7
-packaging==19.0           # via pytest
-pbr==5.4.0                # via stevedore
-pluggy==0.12.0            # via pytest
+packaging==19.2           # via pytest
+pbr==5.4.3                # via stevedore
+pluggy==0.13.0            # via pytest
 py==1.8.0                 # via pytest
-pyasn1==0.4.5             # via rsa
+pyasn1==0.4.7             # via rsa
 pycparser==2.19           # via cffi
 pyflakes==2.1.1
-pyparsing==2.4.0          # via packaging
-pyrsistent==0.15.3        # via jsonschema
+pyparsing==2.4.2          # via packaging
+pyrsistent==0.15.4        # via jsonschema
 pytest-flask==0.15.0
 pytest-mock==1.10.4
-pytest==5.0.1
+pytest==5.1.2
 python-dateutil==2.8.0    # via botocore, faker, freezegun, moto
 python-jose==3.0.1        # via moto
-pytz==2019.1              # via datetime, moto
-pyyaml==5.1.1
-redis==3.2.1              # via fakeredis
-requests-mock==1.6.0
-requests==2.22.0          # via cfn-lint, docker, moto, requests-mock, responses
+pytz==2019.2              # via datetime, moto
+pyyaml==5.1.2
+redis==3.3.8              # via fakeredis
+requests-mock==1.7.0
+requests==2.22.0          # via docker, moto, requests-mock, responses
 responses==0.10.6         # via moto
 rsa==4.0                  # via python-jose
 s3transfer==0.2.1         # via boto3
-six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, jsonschema, mock, moto, packaging, pyrsistent, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
+six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, fakeredis, freezegun, jsonschema, mock, moto, packaging, pyrsistent, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
 smmap2==2.0.5             # via gitdb2
-sshpubkeys==3.1.0         # via moto
 sortedcontainers==2.1.0   # via fakeredis
-stevedore==1.30.1         # via bandit
-text-unidecode==1.2       # via faker
+sshpubkeys==3.1.0         # via moto
+stevedore==1.31.0         # via bandit
+text-unidecode==1.3       # via faker
 toml==0.10.0              # via black
-urllib3==1.25.3           # via botocore, requests
+urllib3==1.25.5           # via botocore, requests
 wcwidth==0.1.7            # via pytest
 websocket-client==0.56.0  # via docker
-werkzeug==0.15.4          # via flask, moto, pytest-flask
+werkzeug==0.16.0          # via flask, moto, pytest-flask
 wrapt==1.11.2             # via aws-xray-sdk
 xmltodict==0.12.0         # via moto
-zipp==0.5.2               # via importlib-metadata
+zipp==0.6.0               # via importlib-metadata
 zope.interface==4.6.0     # via datetime

 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.0.1        # via cfn-lint, jsonschema, zope.interface
+# setuptools==41.2.0        # via cfn-lint, jsonschema, zope.interface
--- a/requirements.in
+++ b/requirements.in
@ -32,7 +32,7 @@ kombu<4.6.0 # Bug with inspecting active tasks: https://github.com/celery/kombu/
 lockfile
 logmatic-python
 marshmallow-sqlalchemy
-marshmallow
+marshmallow<2.20.5 #schema duplicate issues https://github.com/marshmallow-code/marshmallow-sqlalchemy/issues/121
 ndg-httpsclient
 paramiko  # required for the SFTP destination plugin
 pem
--- a/requirements.txt
+++ b/requirements.txt
@ -4,21 +4,21 @@
 #
 #    pip-compile --no-index --output-file=requirements.txt requirements.in
 #
-acme==0.36.0
+acme==0.38.0
 alembic-autogenerate-enums==0.0.2
-alembic==1.0.11           # via flask-migrate
-amqp==2.5.0               # via kombu
-aniso8601==7.0.0          # via flask-restful
-arrow==0.14.2
+alembic==1.2.0            # via flask-migrate
+amqp==2.5.1               # via kombu
+aniso8601==8.0.0          # via flask-restful
+arrow==0.15.2
 asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
 bcrypt==3.1.7             # via flask-bcrypt, paramiko
-billiard==3.6.0.0         # via celery
+billiard==3.6.1.0         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.9.187
-botocore==1.12.187
+boto3==1.9.232
+botocore==1.12.232
 celery[redis]==4.3.0
-certifi==2019.6.16
+certifi==2019.9.11
 certsrv==2.1.1
 cffi==1.12.3              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
@ -27,7 +27,7 @@ cloudflare==2.3.0
 cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0         # via dnspython3
-docutils==0.14            # via botocore
+docutils==0.15.2          # via botocore
 dyn==1.8.1
 flask-bcrypt==0.7.1
 flask-cors==3.0.8
@ -41,7 +41,7 @@ flask-sqlalchemy==2.4.0
 flask==1.1.1
 future==0.17.1
 gunicorn==19.9.0
-hvac==0.9.3
+hvac==0.9.5
 idna==2.8                 # via requests
 inflection==0.3.1
 itsdangerous==1.1.0       # via flask
@ -53,19 +53,19 @@ jsonlines==1.2.0          # via cloudflare
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.13              # via alembic
+mako==1.1.0               # via alembic
 markupsafe==1.1.1         # via jinja2, mako
-marshmallow-sqlalchemy==0.17.0
-marshmallow==2.19.5
+marshmallow-sqlalchemy==0.19.0
+marshmallow==2.20.4
 mock==3.0.5               # via acme
 ndg-httpsclient==0.5.1
 paramiko==2.6.0
-pem==19.1.0
+pem==19.2.0
 psycopg2==2.8.3
-pyasn1-modules==0.2.5     # via pyjks, python-ldap
-pyasn1==0.4.5             # via ndg-httpsclient, pyasn1-modules, pyjks, python-ldap
+pyasn1-modules==0.2.6     # via pyjks, python-ldap
+pyasn1==0.4.7             # via ndg-httpsclient, pyasn1-modules, pyjks, python-ldap
 pycparser==2.19           # via cffi
-pycryptodomex==3.8.2      # via pyjks
+pycryptodomex==3.9.0      # via pyjks
 pyjks==19.0.0
 pyjwt==1.7.1
 pynacl==1.3.0             # via paramiko
@ -75,23 +75,23 @@ python-dateutil==2.8.0    # via alembic, arrow, botocore
 python-editor==1.0.4      # via alembic
 python-json-logger==0.1.11  # via logmatic-python
 python-ldap==3.2.0
-pytz==2019.1              # via acme, celery, flask-restful, pyrfc3339
-pyyaml==5.1.1
+pytz==2019.2              # via acme, celery, flask-restful, pyrfc3339
+pyyaml==5.1.2
 raven[flask]==6.10.0
-redis==3.2.1
+redis==3.3.8
 requests-toolbelt==0.9.1  # via acme
 requests[security]==2.22.0
 retrying==1.3.3
 s3transfer==0.2.1         # via boto3
 six==1.12.0
-sqlalchemy-utils==0.34.0
-sqlalchemy==1.3.5         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+sqlalchemy-utils==0.34.2
+sqlalchemy==1.3.8         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
 tabulate==0.8.3
 twofish==0.3.0            # via pyjks
-urllib3==1.25.3           # via botocore, requests
+urllib3==1.25.5           # via botocore, requests
 vine==1.3.0               # via amqp, celery
-werkzeug==0.15.4          # via flask
+werkzeug==0.16.0          # via flask
 xmltodict==0.12.0

 # The following packages are considered to be unsafe in a requirements file:
-# setuptools==41.0.1        # via acme, josepy
+# setuptools==41.2.0        # via acme, josepy