From 9665378f44f740c892d67b9d3e9667c7eb4eda2f Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Wed, 24 Jun 2020 13:06:58 +0000 Subject: [PATCH 1/8] fix: requirements.txt to reduce vulnerabilities The following vulnerabilities are fixed by pinning transitive dependencies: - https://snyk.io/vuln/SNYK-PYTHON-PSUTIL-483082 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 76f470c2..368791af 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ aiohttp-cors==0.7.0 aiofiles==0.4.0 Jinja2>=2.7.3 sentry-sdk>=0.14.4 -psutil==5.6.6 +psutil==5.6.7 async-timeout==3.0.1 distro>=1.3.0 py-cpuinfo==5.0.0 From 12d3ba391f65d66735fe435a87825b5e8870d3a2 Mon Sep 17 00:00:00 2001 From: "whitesource-for-github-com[bot]" <50673670+whitesource-for-github-com[bot]@users.noreply.github.com> Date: Fri, 26 Jun 2020 01:01:48 +0000 Subject: [PATCH 2/8] Add .whitesource configuration file --- .whitesource | 13 +++++++++++++ 1 file changed, 13 insertions(+) create mode 100644 .whitesource diff --git a/.whitesource b/.whitesource new file mode 100644 index 00000000..60fc783c --- /dev/null +++ b/.whitesource @@ -0,0 +1,13 @@ +{ + "scanSettings": { + "configMode": "AUTO", + "configExternalURL": "", + "projectToken" : "" + }, + "checkRunSettings": { + "vulnerableCheckRunConclusionLevel": "failure" + }, + "issueSettings": { + "minSeverityLevel": "LOW" + } +} \ No newline at end of file From 3af71d8976377e46d45d9394163f543d5ccdbcb3 Mon Sep 17 00:00:00 2001 From: Jeremy Grossmann Date: Fri, 26 Jun 2020 18:31:58 +0930 Subject: [PATCH 3/8] Set up GitHub Action for running tests --- .github/workflows/testing.yml | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) create mode 100644 .github/workflows/testing.yml diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml new file mode 100644 index 00000000..02e2f68d --- /dev/null +++ b/.github/workflows/testing.yml @@ -0,0 +1,35 @@ +name: testing + +on: + push: + branches: [ master ] + pull_request: + branches: [ master ] + +jobs: + build: + + runs-on: ubuntu-latest + strategy: + matrix: + python-version: [3.6, 3.7, 3.8] + + steps: + - uses: actions/checkout@v2 + - name: Set up Python ${{ matrix.python-version }} + uses: actions/setup-python@v2 + with: + python-version: ${{ matrix.python-version }} + - name: Install dependencies + run: | + python -m pip install --upgrade pip + if [ -f dev-requirements.txt ]; then pip install -r dev-requirements.txt; fi + - name: Lint with flake8 + run: | + # stop the build if there are Python syntax errors or undefined names + flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics + # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide + flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics + - name: Test with pytest + run: | + pytest -vv From 4ba7131451a49765b91e6513b56afec47c44fb6b Mon Sep 17 00:00:00 2001 From: grossmj Date: Fri, 26 Jun 2020 18:35:25 +0930 Subject: [PATCH 4/8] Add flake8 in dev-requirements.txt --- dev-requirements.txt | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/dev-requirements.txt b/dev-requirements.txt index 06a54888..4f92f379 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -1,7 +1,6 @@ -rrequirements.txt -sphinx==1.8.3 pytest==5.4.3 -pep8==1.7.1 +flake8==3.8.3 pytest-timeout==1.3.3 pytest-aiohttp==0.3.0 From af22fb8e983776ebc1f6a71554900f9c142a5d31 Mon Sep 17 00:00:00 2001 From: grossmj Date: Fri, 26 Jun 2020 18:47:31 +0930 Subject: [PATCH 5/8] Comment unused code that causes issue with flake8 --- gns3server/utils/asyncio/input_stream.py | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/gns3server/utils/asyncio/input_stream.py b/gns3server/utils/asyncio/input_stream.py index c80dc8f6..d5999a3f 100644 --- a/gns3server/utils/asyncio/input_stream.py +++ b/gns3server/utils/asyncio/input_stream.py @@ -14,11 +14,11 @@ from six.moves import range from prompt_toolkit.keys import Keys from prompt_toolkit.key_binding.input_processor import KeyPress -__all__ = ( - 'InputStream', - 'raw_mode', - 'cooked_mode', -) +# __all__ = ( +# 'InputStream', +# 'raw_mode', +# 'cooked_mode', +# ) _DEBUG_RENDERER_INPUT = False _DEBUG_RENDERER_INPUT_FILENAME = 'prompt-toolkit-render-input.log' From d7083541b07b43f0fccd01aee3b7699ecf8f6bb5 Mon Sep 17 00:00:00 2001 From: grossmj Date: Fri, 26 Jun 2020 18:55:52 +0930 Subject: [PATCH 6/8] Remove Travis CI support and add GitHub Actions badge --- .travis.yml | 32 -------------------------------- DockerfileTests.tpl | 15 --------------- README.rst | 4 ++-- docker-compose.yml | 4 ---- 4 files changed, 2 insertions(+), 53 deletions(-) delete mode 100644 .travis.yml delete mode 100644 DockerfileTests.tpl delete mode 100644 docker-compose.yml diff --git a/.travis.yml b/.travis.yml deleted file mode 100644 index 1ccd8c38..00000000 --- a/.travis.yml +++ /dev/null @@ -1,32 +0,0 @@ -sudo: required - -services: - - docker - -install: - - sed -e 's/${PYTHON_VERSION}/'${PYTHON_VERSION}/g DockerfileTests.tpl > /tmp/DockerfileTests - - docker-compose build - -script: - - docker-compose run tests - -before_deploy: -- sudo pip install twine -- sudo pip install urllib3[secure] - -deploy: - provider: pypi - edge: - branch: v1.8.45 - user: noplay - password: - secure: Fa66zp8ML4oSGwzkUMZi07MIYfO3tbS5gHFUaLN2mk2MBknhCjDYexmFJqT//sC/+xqv6sSJE6rz1EPoy/THbxj8R96ZgIyiUZIbDCbzgdy92d7J/eusrDoNdpApBLke8NqQqtFETb3addMZZNofQ3IDANFD2m2jY+KECU8z8NI= - on: - tags: true - repo: GNS3/gns3-server - -env: - matrix: - - PYTHON_VERSION=3.6 - - PYTHON_VERSION=3.7 - - PYTHON_VERSION=3.8 diff --git a/DockerfileTests.tpl b/DockerfileTests.tpl deleted file mode 100644 index d34542e4..00000000 --- a/DockerfileTests.tpl +++ /dev/null @@ -1,15 +0,0 @@ -FROM python:${PYTHON_VERSION} - -RUN pip install -U setuptools pip - -ADD requirements.txt /server/requirements.txt -ADD dev-requirements.txt /server/dev-requirements.txt - -RUN pip install -r/server/dev-requirements.txt - -RUN useradd -ms /bin/bash gns3 - -USER gns3 - -ADD . /server -WORKDIR /server diff --git a/README.rst b/README.rst index 250cc4ed..1bff34ba 100644 --- a/README.rst +++ b/README.rst @@ -1,8 +1,8 @@ GNS3-server =========== -.. image:: https://travis-ci.org/GNS3/gns3-server.svg?branch=master - :target: https://travis-ci.org/GNS3/gns3-server +.. image:: https://github.com/GNS3/gns3-server/workflows/testing/badge.svg + :target: https://github.com/GNS3/gns3-server/actions?query=workflow%3Atesting .. image:: https://img.shields.io/pypi/v/gns3-server.svg :target: https://pypi.python.org/pypi/gns3-server diff --git a/docker-compose.yml b/docker-compose.yml deleted file mode 100644 index 9d30d366..00000000 --- a/docker-compose.yml +++ /dev/null @@ -1,4 +0,0 @@ -tests: - build: . - dockerfile: /tmp/DockerfileTests - command: py.test -v -s tests From 79249632767530faba53290a5970af8382aef700 Mon Sep 17 00:00:00 2001 From: grossmj Date: Fri, 26 Jun 2020 19:08:21 +0930 Subject: [PATCH 7/8] Remove tox and update dependencies --- MANIFEST.in | 1 - dev-requirements.txt | 2 +- requirements.txt | 6 +++--- setup.py | 1 + tox.ini | 17 ----------------- win-requirements.txt | 2 +- 6 files changed, 6 insertions(+), 23 deletions(-) delete mode 100644 tox.ini diff --git a/MANIFEST.in b/MANIFEST.in index 38cadc48..438d9f6e 100644 --- a/MANIFEST.in +++ b/MANIFEST.in @@ -2,7 +2,6 @@ include README.rst include AUTHORS include LICENSE include MANIFEST.in -include tox.ini include requirements.txt recursive-include tests * recursive-exclude docs * diff --git a/dev-requirements.txt b/dev-requirements.txt index 4f92f379..afc5a106 100644 --- a/dev-requirements.txt +++ b/dev-requirements.txt @@ -2,5 +2,5 @@ pytest==5.4.3 flake8==3.8.3 -pytest-timeout==1.3.3 +pytest-timeout==1.4.1 pytest-aiohttp==0.3.0 diff --git a/requirements.txt b/requirements.txt index 368791af..2fba1cd1 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,10 +1,10 @@ jsonschema==3.2.0 aiohttp==3.6.2 aiohttp-cors==0.7.0 -aiofiles==0.4.0 +aiofiles==0.5.0 Jinja2>=2.7.3 sentry-sdk>=0.14.4 -psutil==5.6.7 +psutil==5.7.0 async-timeout==3.0.1 distro>=1.3.0 -py-cpuinfo==5.0.0 +py-cpuinfo==6.0.0 diff --git a/setup.py b/setup.py index 39665c36..8a0c2fc7 100644 --- a/setup.py +++ b/setup.py @@ -38,6 +38,7 @@ class PyTest(TestCommand): errcode = pytest.main(self.test_args) sys.exit(errcode) + dependencies = open("requirements.txt", "r").read().splitlines() setup( diff --git a/tox.ini b/tox.ini deleted file mode 100644 index bd0fe746..00000000 --- a/tox.ini +++ /dev/null @@ -1,17 +0,0 @@ -[tox] -envlist = py34 - -[testenv] -commands = python setup.py test -deps = -rdev-requirements.txt - -[pep8] -ignore = E501,E402,E265 - -[flake8] -ignore = E265,E501 -exclude = tests/* - -[pytest] -norecursedirs = .tox -timeout = 15 diff --git a/win-requirements.txt b/win-requirements.txt index 851b9264..923d8682 100644 --- a/win-requirements.txt +++ b/win-requirements.txt @@ -1,4 +1,4 @@ -rrequirements.txt pywin32>=223 # pyup: ignore -wmi==1.4.9 +wmi==1.5.1 From d0487b92c500fc315887115c37f71924a6916b49 Mon Sep 17 00:00:00 2001 From: grossmj Date: Fri, 26 Jun 2020 19:20:40 +0930 Subject: [PATCH 8/8] Remove pyup and pep8 script. --- .pyup.yml | 2 -- scripts/pep8.sh | 19 ------------------- win-requirements.txt | 2 +- 3 files changed, 1 insertion(+), 22 deletions(-) delete mode 100644 .pyup.yml delete mode 100755 scripts/pep8.sh diff --git a/.pyup.yml b/.pyup.yml deleted file mode 100644 index 4f1bbaec..00000000 --- a/.pyup.yml +++ /dev/null @@ -1,2 +0,0 @@ -branch: - 2.2 diff --git a/scripts/pep8.sh b/scripts/pep8.sh deleted file mode 100755 index 33e0f54a..00000000 --- a/scripts/pep8.sh +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash - -echo ' - _______ ________ _______ ______ -| \ | \| \ / \ -| $$$$$$$\| $$$$$$$$| $$$$$$$\| $$$$$$\ -| $$__/ $$| $$__ | $$__/ $$| $$__/ $$ -| $$ $$| $$ \ | $$ $$ >$$ $$ -| $$$$$$$ | $$$$$ | $$$$$$$ | $$$$$$ -| $$ | $$_____ | $$ | $$__/ $$ -| $$ | $$ \| $$ \$$ $$ - \$$ \$$$$$$$$ \$$ \$$$$$$ - -' - - -find . -name '*.py' -exec autopep8 --in-place -v --aggressive --aggressive \{\} \; - -echo "It's all clean now!" diff --git a/win-requirements.txt b/win-requirements.txt index 923d8682..a4f66249 100644 --- a/win-requirements.txt +++ b/win-requirements.txt @@ -1,4 +1,4 @@ -rrequirements.txt -pywin32>=223 # pyup: ignore +pywin32>=223 wmi==1.5.1