bump sqlparse to 0.5.5 (#1899)

de1987 · web-flow · commit cdf7b1823564 · 2026-02-16T14:48:00.000-05:00
ignore cryptography CVE-2026-26007 on pip-audit
diff --git a/.github/workflows/pip_audit.yml b/.github/workflows/pip_audit.yml
@@ -74,3 +74,5 @@ jobs:
             # DoS vulnerability in protobuf json_format.ParseDict() - no fix available yet
             # See: https://github.com/advisories/GHSA-7gcm-g887-7qv7
             GHSA-7gcm-g887-7qv7
+            # Ignoring cryptography as it should be fixed by a RHEL RPM
+            GHSA-r6ph-v2qm-q3c2
diff --git a/pyproject.toml b/pyproject.toml
@@ -99,7 +99,7 @@ constraint-dependencies = [
   # Pin pyOpenSSL for compatibility
   'pyOpenSSL==24.2.1',
   # Pin sqlparse to address GHSA-2m57-hf25-phgg
-  'sqlparse==0.5.2',
+  'sqlparse~=0.5.5',
 ]
 
 
diff --git a/requirements.txt b/requirements.txt
@@ -445,7 +445,7 @@ social-auth-core==4.7.0
     # via
     #   ansible-ai-connect
     #   social-auth-app-django
-sqlparse==0.5.2
+sqlparse==0.5.5
     # via
     #   django
     #   django-ansible-base
diff --git a/uv.lock b/uv.lock

Original file line number	Diff line number	Diff line change
`@@ -99,7 +99,7 @@ constraint-dependencies = [`
`99`	`99`	`# Pin pyOpenSSL for compatibility`
`100`	`100`	`'pyOpenSSL==24.2.1',`
`101`	`101`	`# Pin sqlparse to address GHSA-2m57-hf25-phgg`
`102`		`- 'sqlparse==0.5.2',`
	`102`	`+ 'sqlparse~=0.5.5',`
`103`	`103`	`]`
`104`	`104`
`105`	`105`