From b1edb1217f978dd32a0bc9768aed65c3563f4444 Mon Sep 17 00:00:00 2001
From: Laurent Vaylet <lvaylet@users.noreply.github.com>
Date: Wed, 29 Nov 2023 14:36:02 +0100
Subject: [PATCH] fix(deps): bump version of `pip` to avoid known CVE (#397)

* fix(deps): bump version of `pip` to avoid known CVE

* ci: remove Python 3.7 (that reached EOL) from CI

* ci: remove Python 3.7 (EOL) from unit tests too
---
 .github/workflows/test.yml | 4 ++--
 setup.cfg                  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
index cbced31b..725d94a8 100644
--- a/.github/workflows/test.yml
+++ b/.github/workflows/test.yml
@@ -10,7 +10,7 @@ jobs:
       matrix:
         os: [ubuntu-latest]
         architecture: ['x64']
-        python-version: ['3.7', '3.8', '3.9', '3.10', '3.11']
+        python-version: ['3.8', '3.9', '3.10', '3.11']
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
@@ -31,7 +31,7 @@ jobs:
       matrix:
         os: [ubuntu-latest]
         architecture: ['x64']
-        python-version: ['3.7', '3.8', '3.9', '3.10', '3.11']
+        python-version: ['3.8', '3.9', '3.10', '3.11']
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@v4
diff --git a/setup.cfg b/setup.cfg
index 6fd89055..e312e85d 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -102,7 +102,7 @@ pubsub =
 cloudevent =
     cloudevents
 dev =
-    pip >=22.3  # avoid known vulnerabilities in pip 20.3.4 (reported by `safety check`)
+    pip >=23.3  # avoid known vulnerabilities in pip <23.3 (reported by `safety check`)
     wheel
     flake8
     black