Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⬆️ Maintenance/upgrade of httpx library #4171

Merged
merged 13 commits into from
May 2, 2023
Merged

⬆️ Maintenance/upgrade of httpx library #4171

merged 13 commits into from
May 2, 2023

Conversation

matusdrobuliak66
Copy link
Contributor

@matusdrobuliak66 matusdrobuliak66 commented Apr 27, 2023
edited
Loading

What do these changes do?

Unify httpx across the repository

  • #packages before: 3
  • #packages after : 2
# name before after upgrade count packages
1 httpx 0.23.3, 0.23.0 0.24.0 minor 11 api-server⬆️🧪
autoscaling⬆️🧪
catalog⬆️🧪
datcore-adapter⬆️🧪
dynamic-sidecar⬆️
invitations⬆️🧪
2 rfc3986 1.4.0, 1.5.0 🗑️ removed 11 api-server⬆️🧪
autoscaling⬆️🧪
catalog⬆️🧪
datcore-adapter⬆️🧪
dynamic-sidecar⬆️
invitations⬆️🧪
3 anyio 3.6.1 3.6.2 5 api-server⬆️🧪
catalog⬆️🧪
dynamic-sidecar⬆️

Legend:

  • ⬆️ base dependency (only services because packages are floating)
  • 🧪 test dependency
  • 🔧 tool dependency

Related issue/s

How to test

DevOps Checklist

@matusdrobuliak66 matusdrobuliak66 changed the title ⬆️ Maintenance/upgrade of libraries ⬆️ Maintenance/upgrade of httpx library Apr 27, 2023
@codecov
Copy link

codecov bot commented Apr 27, 2023
edited
Loading

Codecov Report

Merging #4171 (3d95444) into master (4ca1035) will decrease coverage by 15.4%.
The diff coverage is n/a.

Impacted file tree graph

@@            Coverage Diff            @@
##           master   #4171      +/-   ##
=========================================
- Coverage    85.9%   70.5%   -15.4%     
=========================================
  Files         473     485      +12     
  Lines       24537   23944     -593     
  Branches      173       0     -173     
=========================================
- Hits        21081   16895    -4186     
- Misses       3407    7049    +3642     
+ Partials       49       0      -49
Flag Coverage Δ
integrationtests 66.7% <ø> (+4.4%) ⬆️
unittests 87.0% <ø> (+3.4%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

see 338 files with indirect coverage changes

@matusdrobuliak66 matusdrobuliak66 marked this pull request as ready for review April 27, 2023 08:17
@matusdrobuliak66 matusdrobuliak66 self-assigned this Apr 27, 2023
@matusdrobuliak66 matusdrobuliak66 added the t:maintenance Some planned maintenance work label Apr 27, 2023
@matusdrobuliak66 matusdrobuliak66 added this to the Jelly Beans milestone Apr 27, 2023
GitHK
GitHK approved these changes Apr 27, 2023
View reviewed changes
Copy link
Contributor

@GitHK GitHK left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks for both these upgrades

pcrespov
pcrespov approved these changes Apr 27, 2023
View reviewed changes
Copy link
Member

@pcrespov pcrespov left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thx!

Here is a thought. I was wondering whether in this case it would have made sense to create a single PR to solve the vulnerability issue introduced by anyio and httpx. Note that the former is actually in the requirements because of the latter. Or in other words, from a dev perspective, we only know about httpx

In that case we could use something like

packages=httpx,anyio

for u in ${packages//,/ }
do
   make reqs-all upgrade=$u &> reqs-$u.log
   git commit -am "upgrades $u" --no-verify
done

which is in https://github.com/ITISFoundation/osparc-simcore/blob/master/requirements/how-to-unify-versions.md?plain=1#L39-L48

@matusdrobuliak66 matusdrobuliak66 enabled auto-merge (squash) April 28, 2023 13:12
@codeclimate
Copy link

codeclimate bot commented Apr 28, 2023

Code Climate has analyzed commit 3d95444 and detected 0 issues on this pull request.

View more on Code Climate.

@sonarcloud
Copy link

sonarcloud bot commented Apr 28, 2023

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
0.0% 0.0% Duplication

@matusdrobuliak66 matusdrobuliak66 merged commit 320f091 into ITISFoundation:master May 2, 2023
@matusdrobuliak66 matusdrobuliak66 mentioned this pull request May 8, 2023
Closed
15 tasks
@matusdrobuliak66 matusdrobuliak66 mentioned this pull request May 30, 2023
Closed
24 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sanderegg sanderegg sanderegg approved these changes

@pcrespov pcrespov pcrespov approved these changes

@GitHK GitHK GitHK approved these changes

Assignees

@matusdrobuliak66 matusdrobuliak66

Labels
t:maintenance Some planned maintenance work
Projects
None yet
Milestone
Jelly Beans
Development

Successfully merging this pull request may close these issues.
4 participants
@matusdrobuliak66 @GitHK @pcrespov @sanderegg