Bump OpenSSL-related deps
- plus bandit as non-strict version breaks tests
Change-Id: I180f5bcddedb7f1e8bd51a83e66587e3a194842e
Related-PROD: PRODX-9916
diff --git a/requirements.txt b/requirements.txt
index ce7be24..4025580 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,10 +1,11 @@
asn1crypto==0.24.0
+Authlib==0.15.2
cachetools==3.0.0
-certifi==2018.10.15
-cffi==1.11.5
+certifi==2020.12.5
+cffi==1.14.4
chardet==3.0.4
Click==7.0
-cryptography==2.4.1
+cryptography==3.3.1
enum34==1.1.6
Flask==1.0.2
idna==2.7
@@ -14,7 +15,7 @@
MarkupSafe==1.1.0
prometheus-client==0.4.2
pycparser==2.19
-pyOpenSSL==18.0.0
+pyOpenSSL==20.0.0
PyYAML==5.3.1
requests==2.23.0
simple-salesforce==0.74.2
diff --git a/test-requirements.txt b/test-requirements.txt
index 46292b6..513a4ba 100644
--- a/test-requirements.txt
+++ b/test-requirements.txt
@@ -4,7 +4,7 @@
flake8-docstrings==0.2.1.post1 # MIT
flake8-import-order>=0.17.1 #LGPLv3
-bandit>=1.1.0 # Apache-2.0
+bandit==1.4.0 # Apache-2.0
sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
pytest==4.6.9
pytest-mock==1.10.0