updating dependencies, and fixing the deprecated arrow.replaces to shift

lemur/certificates/service.py

@@ -419,7 +419,7 @@ def render(args):
         )
 
     if time_range:
-        to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD")
+        to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD")
         now = arrow.now().format("YYYY-MM-DD")
         query = query.filter(Certificate.not_after <= to).filter(
             Certificate.not_after >= now
@@ -561,7 +561,7 @@ def stats(**kwargs):
     """
     if kwargs.get("metric") == "not_after":
         start = arrow.utcnow()
-        end = start.replace(weeks=+32)
+        end = start.shift(weeks=+32)
         items = (
             database.db.session.query(Certificate.issuer, func.count(Certificate.id))
             .group_by(Certificate.issuer)

lemur/common/missing.py

@@ -15,11 +15,11 @@ def convert_validity_years(data):
         now = arrow.utcnow()
         data["validity_start"] = now.isoformat()
 
-        end = now.replace(years=+int(data["validity_years"]))
+        end = now.shift(years=+int(data["validity_years"]))
 
         if not current_app.config.get("LEMUR_ALLOW_WEEKEND_EXPIRATION", True):
             if is_weekend(end):
-                end = end.replace(days=-2)
+                end = end.shift(days=-2)
 
         data["validity_end"] = end.isoformat()
     return data

lemur/pending_certificates/schemas.py

@@ -46,10 +46,10 @@ class PendingCertificateOutputSchema(LemurOutputSchema):
 
     # Note aliasing is the first step in deprecating these fields.
     notify = fields.Boolean()
-    active = fields.Boolean(attribute="notify")
+    active = fields.Boolean(attribute="notify", dump_only=True)
 
     cn = fields.String()
-    common_name = fields.String(attribute="cn")
+    common_name = fields.String(attribute="cn", dump_only=True)
 
     owner = fields.Email()
 

lemur/pending_certificates/service.py

@@ -244,7 +244,7 @@ def render(args):
         )
 
     if time_range:
-        to = arrow.now().replace(weeks=+time_range).format("YYYY-MM-DD")
+        to = arrow.now().shift(weeks=+time_range).format("YYYY-MM-DD")
         now = arrow.now().format("YYYY-MM-DD")
         query = query.filter(PendingCertificate.not_after <= to).filter(
             PendingCertificate.not_after >= now

lemur/plugins/lemur_digicert/plugin.py

@@ -72,11 +72,11 @@ def determine_validity_years(end_date):
     """
     now = arrow.utcnow()
 
-    if end_date < now.replace(years=+1):
+    if end_date < now.shift(years=+1):
         return 1
-    elif end_date < now.replace(years=+2):
+    elif end_date < now.shift(years=+2):
         return 2
-    elif end_date < now.replace(years=+3):
+    elif end_date < now.shift(years=+3):
         return 3
 
     raise Exception(
@@ -148,12 +148,12 @@ def map_cis_fields(options, csr):
     """
     if not options.get("validity_years"):
         if not options.get("validity_end"):
-            options["validity_end"] = arrow.utcnow().replace(
+            options["validity_end"] = arrow.utcnow().shift(
                 years=current_app.config.get("DIGICERT_DEFAULT_VALIDITY", 1)
             )
         options["validity_years"] = determine_validity_years(options["validity_end"])
     else:
-        options["validity_end"] = arrow.utcnow().replace(
+        options["validity_end"] = arrow.utcnow().shift(
             years=options["validity_years"]
         )
 

lemur/plugins/lemur_verisign/plugin.py

@@ -111,16 +111,14 @@ def process_options(options):
 
     data["subject_alt_names"] = ",".join(get_additional_names(options))
 
-    if options.get("validity_end") > arrow.utcnow().replace(years=2):
+    if options.get("validity_end") > arrow.utcnow().shift(years=2):
         raise Exception(
             "Verisign issued certificates cannot exceed two years in validity"
         )
 
     if options.get("validity_end"):
         # VeriSign (Symantec) only accepts strictly smaller than 2 year end date
-        if options.get("validity_end") < arrow.utcnow().replace(years=2).replace(
+        if options.get("validity_end") < arrow.utcnow().shift(years=2, days=-1):
-            days=-1
-        ):
             period = get_default_issuance(options)
             data["specificEndDate"] = options["validity_end"].format("MM/DD/YYYY")
             data["validityPeriod"] = period
@@ -149,9 +147,9 @@ def get_default_issuance(options):
     """
     now = arrow.utcnow()
 
-    if options["validity_end"] < now.replace(years=+1):
+    if options["validity_end"] < now.shift(years=+1):
         validity_period = "1Y"
-    elif options["validity_end"] < now.replace(years=+2):
+    elif options["validity_end"] < now.shift(years=+2):
         validity_period = "2Y"
     else:
         raise Exception(
@@ -261,7 +259,7 @@ class VerisignIssuerPlugin(IssuerPlugin):
         url = current_app.config.get("VERISIGN_URL") + "/reportingws"
 
         end = arrow.now()
-        start = end.replace(days=-7)
+        start = end.shift(days=-7)
 
         data = {
             "reportType": "detail",
@@ -299,7 +297,7 @@ class VerisignSourcePlugin(SourcePlugin):
     def get_certificates(self):
         url = current_app.config.get("VERISIGN_URL") + "/reportingws"
         end = arrow.now()
-        start = end.replace(years=-5)
+        start = end.shift(years=-5)
         data = {
             "reportType": "detail",
             "startDate": start.format("MM/DD/YYYY"),

lemur/tests/test_missing.py

@@ -10,11 +10,11 @@ def test_convert_validity_years(session):
         data = convert_validity_years(dict(validity_years=2))
 
         assert data["validity_start"] == arrow.utcnow().isoformat()
-        assert data["validity_end"] == arrow.utcnow().replace(years=+2).isoformat()
+        assert data["validity_end"] == arrow.utcnow().shift(years=+2).isoformat()
 
     with freeze_time("2015-01-10"):
         data = convert_validity_years(dict(validity_years=1))
         assert (
             data["validity_end"]
-            == arrow.utcnow().replace(years=+1, days=-2).isoformat()
+            == arrow.utcnow().shift(years=+1, days=-2).isoformat()
         )

package.json

@@ -7,7 +7,7 @@
   },
   "dependencies": {
     "bower": "^1.8.2",
-    "browser-sync": "^2.3.1",
+    "browser-sync": "^2.26.7",
     "del": "^2.2.2",
     "gulp-autoprefixer": "^3.1.1",
     "gulp-cache": "^0.4.5",
@@ -25,7 +25,7 @@
     "gulp-minify-css": "^1.2.4",
     "gulp-minify-html": "~1.0.6",
     "gulp-ng-annotate": "~2.0.0",
-    "gulp-ng-html2js": "~0.2.2",
+    "gulp-ng-html2js": "^0.2.3",
     "gulp-notify": "^2.2.0",
     "gulp-plumber": "^1.1.0",
     "gulp-print": "^2.0.1",

requirements-dev.txt

@@ -6,31 +6,35 @@
 #
 aspy.yaml==1.3.0          # via pre-commit
 bleach==3.1.0             # via readme-renderer
-certifi==2019.3.9         # via requests
+certifi==2019.9.11        # via requests
-cfgv==2.0.0               # via pre-commit
+cfgv==2.0.1               # via pre-commit
 chardet==3.0.4            # via requests
-docutils==0.14            # via readme-renderer
+docutils==0.15.2          # via readme-renderer
 flake8==3.5.0
-identify==1.4.3           # via pre-commit
+identify==1.4.7           # via pre-commit
 idna==2.8                 # via requests
-importlib-metadata==0.17  # via pre-commit
+importlib-metadata==0.23  # via pre-commit
-invoke==1.2.0
+invoke==1.3.0
 mccabe==0.6.1             # via flake8
+more-itertools==7.2.0     # via zipp
 nodeenv==1.3.3
 pkginfo==1.5.0.1          # via twine
-pre-commit==1.16.1
+pre-commit==1.18.3
 pycodestyle==2.3.1        # via flake8
 pyflakes==1.6.0           # via flake8
 pygments==2.4.2           # via readme-renderer
-pyyaml==5.1
+pyyaml==5.1.2
 readme-renderer==24.0     # via twine
 requests-toolbelt==0.9.1  # via twine
 requests==2.22.0          # via requests-toolbelt, twine
 six==1.12.0               # via bleach, cfgv, pre-commit, readme-renderer
 toml==0.10.0              # via pre-commit
-tqdm==4.32.1              # via twine
+tqdm==4.36.1              # via twine
-twine==1.13.0
+twine==1.15.0
-urllib3==1.25.3           # via requests
+urllib3==1.25.5           # via requests
-virtualenv==16.6.0        # via pre-commit
+virtualenv==16.7.5        # via pre-commit
 webencodings==0.5.1       # via bleach
-zipp==0.5.1               # via importlib-metadata
+zipp==0.6.0               # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.2.0        # via twine

requirements-docs.txt

@@ -4,23 +4,23 @@
 #
 #    pip-compile --no-index --output-file=requirements-docs.txt requirements-docs.in
 #
-acme==0.34.2
+acme==0.38.0
 alabaster==0.7.12         # via sphinx
 alembic-autogenerate-enums==0.0.2
-alembic==1.0.10
+alembic==1.2.0
-amqp==2.5.0
+amqp==2.5.1
-aniso8601==6.0.0
+aniso8601==8.0.0
-arrow==0.14.2
+arrow==0.15.2
 asn1crypto==0.24.0
 asyncpool==1.0
 babel==2.7.0              # via sphinx
-bcrypt==3.1.6
+bcrypt==3.1.7
-billiard==3.6.0.0
+billiard==3.6.1.0
 blinker==1.4
-boto3==1.9.160
+boto3==1.9.232
-botocore==1.12.160
+botocore==1.12.232
 celery[redis]==4.3.0
-certifi==2019.3.9
+certifi==2019.9.11
 certsrv==2.1.1
 cffi==1.12.3
 chardet==3.0.4
@@ -29,10 +29,10 @@ cloudflare==2.3.0
 cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0
-docutils==0.14
+docutils==0.15.2
 dyn==1.8.1
 flask-bcrypt==0.7.1
-flask-cors==3.0.7
+flask-cors==3.0.8
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
@@ -40,10 +40,10 @@ flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
-flask==1.0.3
+flask==1.1.1
 future==0.17.1
 gunicorn==19.9.0
-hvac==0.9.1
+hvac==0.9.5
 idna==2.8
 imagesize==1.1.0          # via sphinx
 inflection==0.3.1
@@ -51,47 +51,47 @@ itsdangerous==1.1.0
 javaobj-py3==0.3.0
 jinja2==2.10.1
 jmespath==0.9.4
-josepy==1.1.0
+josepy==1.2.0
 jsonlines==1.2.0
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.11
+mako==1.1.0
 markupsafe==1.1.1
-marshmallow-sqlalchemy==0.16.3
+marshmallow-sqlalchemy==0.19.0
-marshmallow==2.19.2
+marshmallow==2.20.4
 mock==3.0.5
 ndg-httpsclient==0.5.1
-packaging==19.0           # via sphinx
+packaging==19.2           # via sphinx
-paramiko==2.4.2
+paramiko==2.6.0
-pem==19.1.0
+pem==19.2.0
-psycopg2==2.8.2
+psycopg2==2.8.3
-pyasn1-modules==0.2.5
+pyasn1-modules==0.2.6
-pyasn1==0.4.5
+pyasn1==0.4.7
 pycparser==2.19
-pycryptodomex==3.8.2
+pycryptodomex==3.9.0
 pygments==2.4.2           # via sphinx
 pyjks==19.0.0
 pyjwt==1.7.1
 pynacl==1.3.0
 pyopenssl==19.0.0
-pyparsing==2.4.0          # via packaging
+pyparsing==2.4.2          # via packaging
 pyrfc3339==1.1
 python-dateutil==2.8.0
 python-editor==1.0.4
 python-json-logger==0.1.11
-pytz==2019.1
+pytz==2019.2
-pyyaml==5.1
+pyyaml==5.1.2
 raven[flask]==6.10.0
-redis==3.2.1
+redis==3.3.8
 requests-toolbelt==0.9.1
 requests[security]==2.22.0
 retrying==1.3.3
-s3transfer==0.2.0
+s3transfer==0.2.1
 six==1.12.0
-snowballstemmer==1.2.1    # via sphinx
+snowballstemmer==1.9.1    # via sphinx
 sphinx-rtd-theme==0.4.3
-sphinx==2.1.0
+sphinx==2.2.0
 sphinxcontrib-applehelp==1.0.1  # via sphinx
 sphinxcontrib-devhelp==1.0.1  # via sphinx
 sphinxcontrib-htmlhelp==1.0.2  # via sphinx
@@ -99,11 +99,14 @@ sphinxcontrib-httpdomain==1.7.0
 sphinxcontrib-jsmath==1.0.1  # via sphinx
 sphinxcontrib-qthelp==1.0.2  # via sphinx
 sphinxcontrib-serializinghtml==1.1.3  # via sphinx
-sqlalchemy-utils==0.33.11
+sqlalchemy-utils==0.34.2
-sqlalchemy==1.3.4
+sqlalchemy==1.3.8
 tabulate==0.8.3
 twofish==0.3.0
-urllib3==1.25.3
+urllib3==1.25.5
 vine==1.3.0
-werkzeug==0.15.4
+werkzeug==0.16.0
 xmltodict==0.12.0
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.2.0        # via acme, josepy, sphinx

requirements-tests.txt

@@ -7,75 +7,82 @@
 appdirs==1.4.3            # via black
 asn1crypto==0.24.0        # via cryptography
 atomicwrites==1.3.0       # via pytest
-attrs==19.1.0             # via black, pytest
+attrs==19.1.0             # via black, jsonschema, pytest
-aws-sam-translator==1.11.0  # via cfn-lint
+aws-sam-translator==1.14.0  # via cfn-lint
 aws-xray-sdk==2.4.2       # via moto
-bandit==1.6.0
+bandit==1.6.2
 black==19.3b0
-boto3==1.9.160            # via aws-sam-translator, moto
+boto3==1.9.232            # via aws-sam-translator, moto
 boto==2.49.0              # via moto
-botocore==1.12.160        # via aws-xray-sdk, boto3, moto, s3transfer
+botocore==1.12.232        # via aws-xray-sdk, boto3, moto, s3transfer
-certifi==2019.3.9         # via requests
+certifi==2019.9.11        # via requests
 cffi==1.12.3              # via cryptography
-cfn-lint==0.21.4          # via moto
+cfn-lint==0.24.1          # via moto
 chardet==3.0.4            # via requests
 click==7.0                # via black, flask
-coverage==4.5.3
+coverage==4.5.4
-cryptography==2.7         # via moto
+cryptography==2.7         # via moto, sshpubkeys
-docker==4.0.1             # via moto
+datetime==4.3             # via moto
-docutils==0.14            # via botocore
+docker==4.0.2             # via moto
-ecdsa==0.13.2             # via python-jose
+docutils==0.15.2          # via botocore
+ecdsa==0.13.2             # via python-jose, sshpubkeys
 factory-boy==2.12.0
-faker==1.0.7
+faker==2.0.2
-flask==1.0.3              # via pytest-flask
+flask==1.1.1              # via pytest-flask
 freezegun==0.3.12
 future==0.17.1            # via aws-xray-sdk, python-jose
 gitdb2==2.0.5             # via gitpython
-gitpython==2.1.11         # via bandit
+gitpython==3.0.2          # via bandit
 idna==2.8                 # via moto, requests
-importlib-metadata==0.17  # via pluggy, pytest
+importlib-metadata==0.23  # via pluggy, pytest
 itsdangerous==1.1.0       # via flask
 jinja2==2.10.1            # via flask, moto
 jmespath==0.9.4           # via boto3, botocore
 jsondiff==1.1.2           # via moto
-jsonpatch==1.23           # via cfn-lint
+jsonpatch==1.24           # via cfn-lint
 jsonpickle==1.2           # via aws-xray-sdk
 jsonpointer==2.0          # via jsonpatch
-jsonschema==2.6.0         # via aws-sam-translator, cfn-lint
+jsonschema==3.0.2         # via aws-sam-translator, cfn-lint
 markupsafe==1.1.1         # via jinja2
 mock==3.0.5               # via moto
-more-itertools==7.0.0     # via pytest
+more-itertools==7.2.0     # via pytest, zipp
-moto==1.3.8
+moto==1.3.13
 nose==1.3.7
-packaging==19.0           # via pytest
+packaging==19.2           # via pytest
-pbr==5.2.1                # via stevedore
+pbr==5.4.3                # via stevedore
-pluggy==0.12.0            # via pytest
+pluggy==0.13.0            # via pytest
 py==1.8.0                 # via pytest
-pyasn1==0.4.5             # via rsa
+pyasn1==0.4.7             # via rsa
 pycparser==2.19           # via cffi
 pyflakes==2.1.1
-pyparsing==2.4.0          # via packaging
+pyparsing==2.4.2          # via packaging
+pyrsistent==0.15.4        # via jsonschema
 pytest-flask==0.15.0
 pytest-mock==1.10.4
-pytest==4.6.2
+pytest==5.1.2
 python-dateutil==2.8.0    # via botocore, faker, freezegun, moto
 python-jose==3.0.1        # via moto
-pytz==2019.1              # via moto
+pytz==2019.2              # via datetime, moto
-pyyaml==5.1
+pyyaml==5.1.2
-requests-mock==1.6.0
+requests-mock==1.7.0
-requests==2.22.0          # via cfn-lint, docker, moto, requests-mock, responses
+requests==2.22.0          # via docker, moto, requests-mock, responses
 responses==0.10.6         # via moto
 rsa==4.0                  # via python-jose
-s3transfer==0.2.0         # via boto3
+s3transfer==0.2.1         # via boto3
-six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, mock, moto, packaging, pytest, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
+six==1.12.0               # via aws-sam-translator, bandit, cfn-lint, cryptography, docker, faker, freezegun, jsonschema, mock, moto, packaging, pyrsistent, python-dateutil, python-jose, requests-mock, responses, stevedore, websocket-client
 smmap2==2.0.5             # via gitdb2
-stevedore==1.30.1         # via bandit
+sshpubkeys==3.1.0         # via moto
-text-unidecode==1.2       # via faker
+stevedore==1.31.0         # via bandit
+text-unidecode==1.3       # via faker
 toml==0.10.0              # via black
-urllib3==1.25.3           # via botocore, requests
+urllib3==1.25.5           # via botocore, requests
 wcwidth==0.1.7            # via pytest
 websocket-client==0.56.0  # via docker
-werkzeug==0.15.4          # via flask, moto, pytest-flask
+werkzeug==0.16.0          # via flask, moto, pytest-flask
-wrapt==1.11.1             # via aws-xray-sdk
+wrapt==1.11.2             # via aws-xray-sdk
 xmltodict==0.12.0         # via moto
-zipp==0.5.1               # via importlib-metadata
+zipp==0.6.0               # via importlib-metadata
+zope.interface==4.6.0     # via datetime
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.2.0        # via cfn-lint, jsonschema, zope.interface

requirements.in

@@ -32,7 +32,7 @@ kombu<4.6.0 # Bug with inspecting active tasks: https://github.com/celery/kombu/
 lockfile
 logmatic-python
 marshmallow-sqlalchemy
-marshmallow
+marshmallow<2.20.5 #schema duplicate issues https://github.com/marshmallow-code/marshmallow-sqlalchemy/issues/121
 ndg-httpsclient
 paramiko  # required for the SFTP destination plugin
 pem

requirements.txt

@@ -4,21 +4,21 @@
 #
 #    pip-compile --no-index --output-file=requirements.txt requirements.in
 #
-acme==0.34.2
+acme==0.38.0
 alembic-autogenerate-enums==0.0.2
-alembic==1.0.10           # via flask-migrate
+alembic==1.2.0            # via flask-migrate
-amqp==2.5.0               # via kombu
+amqp==2.5.1               # via kombu
-aniso8601==6.0.0          # via flask-restful
+aniso8601==8.0.0          # via flask-restful
-arrow==0.14.2
+arrow==0.15.2
 asn1crypto==0.24.0        # via cryptography
 asyncpool==1.0
-bcrypt==3.1.6             # via flask-bcrypt, paramiko
+bcrypt==3.1.7             # via flask-bcrypt, paramiko
-billiard==3.6.0.0         # via celery
+billiard==3.6.1.0         # via celery
 blinker==1.4              # via flask-mail, flask-principal, raven
-boto3==1.9.160
+boto3==1.9.232
-botocore==1.12.160
+botocore==1.12.232
 celery[redis]==4.3.0
-certifi==2019.3.9
+certifi==2019.9.11
 certsrv==2.1.1
 cffi==1.12.3              # via bcrypt, cryptography, pynacl
 chardet==3.0.4            # via requests
@@ -27,10 +27,10 @@ cloudflare==2.3.0
 cryptography==2.7
 dnspython3==1.15.0
 dnspython==1.15.0         # via dnspython3
-docutils==0.14            # via botocore
+docutils==0.15.2          # via botocore
 dyn==1.8.1
 flask-bcrypt==0.7.1
-flask-cors==3.0.7
+flask-cors==3.0.8
 flask-mail==0.9.1
 flask-migrate==2.5.2
 flask-principal==0.4.0
@@ -38,34 +38,34 @@ flask-replicated==1.3
 flask-restful==0.3.7
 flask-script==2.0.6
 flask-sqlalchemy==2.4.0
-flask==1.0.3
+flask==1.1.1
 future==0.17.1
 gunicorn==19.9.0
-hvac==0.9.1
+hvac==0.9.5
 idna==2.8                 # via requests
 inflection==0.3.1
 itsdangerous==1.1.0       # via flask
 javaobj-py3==0.3.0        # via pyjks
 jinja2==2.10.1
 jmespath==0.9.4           # via boto3, botocore
-josepy==1.1.0             # via acme
+josepy==1.2.0             # via acme
 jsonlines==1.2.0          # via cloudflare
 kombu==4.5.0
 lockfile==0.12.2
 logmatic-python==0.1.7
-mako==1.0.11              # via alembic
+mako==1.1.0               # via alembic
 markupsafe==1.1.1         # via jinja2, mako
-marshmallow-sqlalchemy==0.16.3
+marshmallow-sqlalchemy==0.19.0
-marshmallow==2.19.2
+marshmallow==2.20.4
 mock==3.0.5               # via acme
 ndg-httpsclient==0.5.1
-paramiko==2.4.2
+paramiko==2.6.0
-pem==19.1.0
+pem==19.2.0
-psycopg2==2.8.2
+psycopg2==2.8.3
-pyasn1-modules==0.2.5     # via pyjks, python-ldap
+pyasn1-modules==0.2.6     # via pyjks, python-ldap
-pyasn1==0.4.5             # via ndg-httpsclient, paramiko, pyasn1-modules, pyjks, python-ldap
+pyasn1==0.4.7             # via ndg-httpsclient, pyasn1-modules, pyjks, python-ldap
 pycparser==2.19           # via cffi
-pycryptodomex==3.8.2      # via pyjks
+pycryptodomex==3.9.0      # via pyjks
 pyjks==19.0.0
 pyjwt==1.7.1
 pynacl==1.3.0             # via paramiko
@@ -75,20 +75,23 @@ python-dateutil==2.8.0    # via alembic, arrow, botocore
 python-editor==1.0.4      # via alembic
 python-json-logger==0.1.11  # via logmatic-python
 python-ldap==3.2.0
-pytz==2019.1              # via acme, celery, flask-restful, pyrfc3339
+pytz==2019.2              # via acme, celery, flask-restful, pyrfc3339
-pyyaml==5.1
+pyyaml==5.1.2
 raven[flask]==6.10.0
-redis==3.2.1
+redis==3.3.8
 requests-toolbelt==0.9.1  # via acme
 requests[security]==2.22.0
 retrying==1.3.3
-s3transfer==0.2.0         # via boto3
+s3transfer==0.2.1         # via boto3
 six==1.12.0
-sqlalchemy-utils==0.33.11
+sqlalchemy-utils==0.34.2
-sqlalchemy==1.3.4         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
+sqlalchemy==1.3.8         # via alembic, flask-sqlalchemy, marshmallow-sqlalchemy, sqlalchemy-utils
 tabulate==0.8.3
 twofish==0.3.0            # via pyjks
-urllib3==1.25.3           # via botocore, requests
+urllib3==1.25.5           # via botocore, requests
 vine==1.3.0               # via amqp, celery
-werkzeug==0.15.4          # via flask
+werkzeug==0.16.0          # via flask
 xmltodict==0.12.0
+
+# The following packages are considered to be unsafe in a requirements file:
+# setuptools==41.2.0        # via acme, josepy