From f239ddd558de7db484b66a1a0017f026d38bd373 Mon Sep 17 00:00:00 2001
From: Nicolas Valcarcel <nvalcarcel@gmail.com>
Date: Fri, 5 Jul 2019 18:14:55 -0500
Subject: [PATCH 1/2] Update flask to latest

---
 README.md        | 5 ++++-
 requirements.txt | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 1f88ab1..ad8f1f4 100644
--- a/README.md
+++ b/README.md
@@ -51,6 +51,9 @@ In order to make sure our libraries don't containg any know vulnerabilities, we
 
 We can start building our CI build script with a simple dependency vulnerabilities check using [Safety](https://pyup.io/safety/) as shown in build.sh
 
+### Fix
+In this case the fix is extremely simple, we just need up upgrade Flask to 1.0.3 in the requirements.txt file.
+
 ## Description
 Welcome to the Secure coding with python course. In this repository you will find a series of branches for each step of the development of a sample marketplace application. In such a development, we will be making security mistakes and introducing vulnerabilities, we will add tests for them and finally fixing them.
 
@@ -58,7 +61,7 @@ The branches will have the following naming scheme for easier navigation: {Chapt
 
 For this course we will be using Python3, Flask and PostgreSQL.
 
-**Proceed to [next section](https://github.com/nxvl/secure-coding-with-python/tree/1-vulnerable-components/fix)**
+**Proceed to [next section](https://github.com/nxvl/secure-coding-with-python/tree/2.1-sql-injection/code)**
 
 ## Index
 ### 1. Vulnerable Components
diff --git a/requirements.txt b/requirements.txt
index 4be7437..e05b516 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1 +1 @@
-Flask==0.12
\ No newline at end of file
+Flask==1.0.3
\ No newline at end of file

From 07b7fab37ada911401e29ffaa819cc718acd573e Mon Sep 17 00:00:00 2001
From: Nicolas Valcarcel <nvalcarcel@gmail.com>
Date: Sat, 3 Aug 2019 15:27:51 -0500
Subject: [PATCH 2/2] remove last step text

---
 README.md | 39 ---------------------------------------
 1 file changed, 39 deletions(-)

diff --git a/README.md b/README.md
index fab0cf8..5154f2c 100644
--- a/README.md
+++ b/README.md
@@ -1,45 +1,6 @@
 # Secure Coding with Python.
 
 ## Chapter 1: Project Bootstrap
-### Testing
-In order to make sure our libraries don't containg any know vulnerabilities, we can use a dependency scanner such as [Safety](https://pyup.io/safety/).
-
-```
-(venv) > $ pip install safety
-(venv) > $ safety check -r requirements.txt --full-report
-╒══════════════════════════════════════════════════════════════════════════════╕
-│                                                                              │
-│                               /$$$$$$            /$$                         │
-│                              /$$__  $$          | $$                         │
-│           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$           │
-│          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$           │
-│         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$           │
-│          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$           │
-│          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$           │
-│         |_______/  \_______/|__/     \_______/   \___/   \____  $$           │
-│                                                          /$$  | $$           │
-│                                                         |  $$$$$$/           │
-│  by pyup.io                                              \______/            │
-│                                                                              │
-╞══════════════════════════════════════════════════════════════════════════════╡
-│ REPORT                                                                       │
-│ checked 1 packages, using default DB                                         │
-╞════════════════════════════╤═══════════╤══════════════════════════╤══════════╡
-│ package                    │ installed │ affected                 │ ID       │
-╞════════════════════════════╧═══════════╧══════════════════════════╧══════════╡
-│ flask                      │ 0.12      │ <0.12.3                  │ 36388    │
-╞══════════════════════════════════════════════════════════════════════════════╡
-│ flask version Before 0.12.3 contains a CWE-20: Improper Input Validation     │
-│ vulnerability in flask that can result in Large amount of memory usage       │
-│ possibly leading to denial of service. This attack appear to be exploitable  │
-│ via Attacker provides JSON data in incorrect encoding. This vulnerability    │
-│ appears to have been fixed in 0.12.3.                                        │
-╘══════════════════════════════════════════════════════════════════════════════╛
-```
-**Note:** The free version of safety updates it's database once a month, so latest vulnerabilities might not show up. For better security a paid API key can be used to get more up-to-date releases information.
-
-We can start building our CI build script with a simple dependency vulnerabilities check using [Safety](https://pyup.io/safety/) as shown in build.sh
-
 ### Fix
 In this case the fix is extremely simple, we just need up upgrade Flask to 1.0.3 in the requirements.txt file.