Update dependencies to fix vulnerabilities

.project-creation/.skeleton/requirements.in

@@ -15,4 +15,4 @@
 grpcio==1.59.0
 protobuf==4.24.4
 cloudevents==1.10.0
-aiohttp==3.9.3
+aiohttp==3.9.5

.project-creation/.skeleton/requirements.txt

@@ -4,33 +4,33 @@
 #
 #    pip-compile
 #
-aiohttp==3.9.3
+aiohttp==3.9.5
     # via -r requirements.in
 aiosignal==1.3.1
     # via aiohttp
 async-timeout==4.0.3
     # via aiohttp
-attrs==23.1.0
+attrs==23.2.0
     # via aiohttp
 cloudevents==1.10.0
     # via -r requirements.in
 deprecation==2.1.0
     # via cloudevents
-frozenlist==1.4.0
+frozenlist==1.4.1
     # via
     #   aiohttp
     #   aiosignal
 grpcio==1.59.0
     # via -r requirements.in
-idna==3.4
+idna==3.7
     # via yarl
-multidict==6.0.4
+multidict==6.0.5
     # via
     #   aiohttp
     #   yarl
-packaging==23.2
+packaging==24.1
     # via deprecation
 protobuf==4.24.4
     # via -r requirements.in
-yarl==1.9.2
+yarl==1.9.4
     # via aiohttp

examples/seat-adjuster/requirements.in

@@ -15,5 +15,5 @@
 grpcio==1.59.0
 protobuf==4.24.4
 cloudevents==1.10.0
-aiohttp==3.9.3
+aiohttp==3.9.5
 packaging==23.0

examples/seat-adjuster/requirements.txt

@@ -4,27 +4,27 @@
 #
 #    pip-compile
 #
-aiohttp==3.9.3
+aiohttp==3.9.5
     # via -r requirements.in
 aiosignal==1.3.1
     # via aiohttp
 async-timeout==4.0.3
     # via aiohttp
-attrs==23.1.0
+attrs==23.2.0
     # via aiohttp
 cloudevents==1.10.0
     # via -r requirements.in
 deprecation==2.1.0
     # via cloudevents
-frozenlist==1.4.0
+frozenlist==1.4.1
     # via
     #   aiohttp
     #   aiosignal
 grpcio==1.59.0
     # via -r requirements.in
-idna==3.4
+idna==3.7
     # via yarl
-multidict==6.0.4
+multidict==6.0.5
     # via
     #   aiohttp
     #   yarl
@@ -34,5 +34,5 @@ packaging==23.0
     #   deprecation
 protobuf==4.24.4
     # via -r requirements.in
-yarl==1.9.2
+yarl==1.9.4
     # via aiohttp

requirements.txt

@@ -4,34 +4,32 @@
 #
 #    pip-compile --extra=dev
 #
-aiohttp==3.9.3
+aiohttp==3.9.5
     # via velocitas_sdk (setup.py)
 aiosignal==1.3.1
     # via aiohttp
 apscheduler==3.10.4
     # via velocitas_sdk (setup.py)
 async-timeout==4.0.3
     # via aiohttp
-attrs==23.1.0
+attrs==23.2.0
     # via aiohttp
-build==1.0.3
+build==1.2.1
     # via pip-tools
-cachetools==5.3.2
+cachetools==5.3.3
     # via tox
 cfgv==3.4.0
     # via pre-commit
 chardet==5.2.0
     # via tox
 click==8.1.7
     # via pip-tools
-cloudevents==1.10.1
+cloudevents==1.11.0
     # via velocitas_sdk (setup.py)
 colorama==0.4.6
     # via tox
-coverage[toml]==7.4.1
-    # via
-    #   coverage
-    #   pytest-cov
+coverage[toml]==7.5.4
+    # via pytest-cov
 deprecated==1.2.14
     # via
     #   opentelemetry-api
@@ -40,146 +38,151 @@ deprecation==2.1.0
     # via cloudevents
 distlib==0.3.8
     # via virtualenv
-exceptiongroup==1.2.0
+exceptiongroup==1.2.1
     # via pytest
-filelock==3.13.1
+filelock==3.15.4
     # via
     #   tox
     #   virtualenv
-frozenlist==1.4.0
+frozenlist==1.4.1
     # via
     #   aiohttp
     #   aiosignal
 grpc-stubs==1.53.0.5
     # via velocitas_sdk (setup.py)
-grpcio==1.59.0
+grpcio==1.64.1
     # via
     #   grpc-stubs
     #   grpcio-tools
     #   velocitas_sdk (setup.py)
-grpcio-tools==1.59.0
+grpcio-tools==1.64.1
     # via velocitas_sdk (setup.py)
-identify==2.5.33
+identify==2.5.36
     # via pre-commit
-idna==3.4
+idna==3.7
     # via yarl
+importlib-metadata==7.1.0
+    # via opentelemetry-api
 iniconfig==2.0.0
     # via pytest
-multidict==6.0.4
+multidict==6.0.5
     # via
     #   aiohttp
     #   yarl
-mypy==1.8.0
+mypy==1.10.1
     # via velocitas_sdk (setup.py)
 mypy-extensions==1.0.0
     # via mypy
-mypy-protobuf==3.4.0
+mypy-protobuf==3.6.0
     # via velocitas_sdk (setup.py)
-nodeenv==1.8.0
+nodeenv==1.9.1
     # via pre-commit
-opentelemetry-api==1.15.0
+opentelemetry-api==1.25.0
     # via
     #   opentelemetry-distro
     #   opentelemetry-instrumentation
     #   opentelemetry-instrumentation-logging
     #   opentelemetry-sdk
+    #   opentelemetry-semantic-conventions
     #   velocitas_sdk (setup.py)
-opentelemetry-distro==0.36b0
+opentelemetry-distro==0.46b0
     # via velocitas_sdk (setup.py)
-opentelemetry-instrumentation==0.36b0
+opentelemetry-instrumentation==0.46b0
     # via
     #   opentelemetry-distro
     #   opentelemetry-instrumentation-logging
-opentelemetry-instrumentation-logging==0.36b0
+opentelemetry-instrumentation-logging==0.46b0
     # via velocitas_sdk (setup.py)
-opentelemetry-sdk==1.15.0
+opentelemetry-sdk==1.25.0
     # via
     #   opentelemetry-distro
     #   velocitas_sdk (setup.py)
-opentelemetry-semantic-conventions==0.36b0
+opentelemetry-semantic-conventions==0.46b0
     # via opentelemetry-sdk
-packaging==23.1
+packaging==24.1
     # via
     #   build
     #   deprecation
     #   pyproject-api
     #   pytest
     #   tox
-paho-mqtt==1.6.1
+paho-mqtt==2.1.0
     # via velocitas_sdk (setup.py)
-pip-tools==7.3.0
+pip-tools==7.4.1
     # via velocitas_sdk (setup.py)
-platformdirs==4.2.0
+platformdirs==4.2.2
     # via
     #   tox
     #   virtualenv
-pluggy==1.4.0
+pluggy==1.5.0
     # via
     #   pytest
     #   tox
-pre-commit==3.6.0
+pre-commit==3.7.1
     # via velocitas_sdk (setup.py)
-protobuf==4.21.12
+protobuf==5.27.2
     # via
     #   grpcio-tools
     #   mypy-protobuf
     #   velocitas_sdk (setup.py)
-pyproject-api==1.6.1
+pyproject-api==1.7.1
     # via tox
-pyproject-hooks==1.0.0
-    # via build
-pytest==7.4.4
+pyproject-hooks==1.1.0
+    # via
+    #   build
+    #   pip-tools
+pytest==8.2.2
     # via
     #   pytest-asyncio
     #   pytest-cov
     #   velocitas_sdk (setup.py)
-pytest-asyncio==0.23.4
+pytest-asyncio==0.23.7
     # via velocitas_sdk (setup.py)
-pytest-cov==4.1.0
+pytest-cov==5.0.0
     # via velocitas_sdk (setup.py)
 pytz==2024.1
     # via apscheduler
 pyyaml==6.0.1
     # via pre-commit
 six==1.16.0
-    # via
-    #   apscheduler
+    # via apscheduler
 tomli==2.0.1
     # via
     #   build
     #   coverage
     #   mypy
     #   pip-tools
     #   pyproject-api
-    #   pyproject-hooks
     #   pytest
     #   tox
-tox==4.11.4
+tox==4.16.0
     # via velocitas_sdk (setup.py)
-types-deprecated==1.2.9.20240106
+types-deprecated==1.2.9.20240311
     # via velocitas_sdk (setup.py)
-types-mock==5.1.0.20240106
+types-mock==5.1.0.20240425
     # via velocitas_sdk (setup.py)
-types-protobuf==4.24.0.20240129
+types-protobuf==5.27.0.20240626
     # via mypy-protobuf
-typing-extensions==4.7.1
+typing-extensions==4.12.2
     # via
     #   mypy
     #   opentelemetry-sdk
 tzlocal==5.2
     # via apscheduler
-virtualenv==20.25.0
+virtualenv==20.26.3
     # via
     #   pre-commit
     #   tox
-wheel==0.42.0
+wheel==0.43.0
     # via pip-tools
-wrapt==1.15.0
+wrapt==1.16.0
     # via
     #   deprecated
     #   opentelemetry-instrumentation
-yarl==1.9.2
+yarl==1.9.4
     # via aiohttp
+zipp==3.19.2
+    # via importlib-metadata
 
 # The following packages are considered to be unsafe in a requirements file:
 # pip

setup.py

@@ -18,12 +18,12 @@
     "grpcio>=1.59.0",
     "protobuf>=3.19.4",
     "cloudevents>=1.10.0",
-    "aiohttp==3.9.3",
-    "paho-mqtt>=1.6.1,<2",
-    "opentelemetry-distro<=0.36b0",
-    "opentelemetry-instrumentation-logging<=0.36b0",
-    "opentelemetry-sdk<=1.15.0",
-    "opentelemetry-api<=1.15.0",
+    "aiohttp>=3.9.5",
+    "paho-mqtt>=2.1.0",
+    "opentelemetry-distro>=0.46b0",
+    "opentelemetry-instrumentation-logging>=0.46b0",
+    "opentelemetry-sdk>=1.25.0",
+    "opentelemetry-api>=1.25.0",
 ]
 
 extra_requirements = {

velocitas_sdk/native/middleware.py

@@ -12,6 +12,7 @@
 #
 # SPDX-License-Identifier: Apache-2.0
 
+import sys
 from urllib.parse import urlparse
 
 from velocitas_sdk.base import Middleware, MiddlewareType
@@ -31,7 +32,12 @@ def __init__(self) -> None:
         _address = self.service_locator.get_service_location("mqtt")
         _port = urlparse(_address).port
         _hostname = urlparse(_address).hostname
-        self.pubsub_client = MqttClient(_port, _hostname)
+
+        if _hostname is None:
+            print("No hostname")
+            sys.exit(-1)
+
+        self.pubsub_client = MqttClient(_hostname, _port)
 
     async def start(self):
         pass

velocitas_sdk/native/mqtt.py

@@ -34,7 +34,7 @@ def __init__(self, topic, callback):
 class MqttClient(PubSubClient):
     """This class is a wrapper for the on_message callback of the MQTT broker."""
 
-    def __init__(self, port: Optional[int] = None, hostname: Optional[str] = None):
+    def __init__(self, hostname: str, port: Optional[int] = None):
         self._port = port
         self._hostname = hostname
         self._topics_to_subscribe: list[MqttTopicSubscription] = []
@@ -44,8 +44,12 @@ def __init__(self, port: Optional[int] = None, hostname: Optional[str] = None):
         self._sub_client.on_connect = self.on_connect
         self._sub_client.on_disconnect = self.on_disconnect
 
-        self._sub_client.connect(self._hostname, self._port)
-        self._pub_client.connect(self._hostname, self._port)
+        if self._port is None:
+            self._sub_client.connect(self._hostname)
+            self._pub_client.connect(self._hostname)
+        else:
+            self._sub_client.connect(self._hostname, self._port)
+            self._pub_client.connect(self._hostname, self._port)
 
     def on_connect(self, client, userdata, flags, rc):
         if rc == 0: