build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

dependabot · 2022-03-24T14:47:31Z

Bumps pylint from 2.5.3 to 2.12.2.

Release notes

pylint-2.8.1

Add numversion back (temporarily) in __pkginfo__ because it broke Pylama and revert the unnecessary pylint.version breaking change.

Closes #4399

pylint-2.8.0

New refactoring message consider-using-with. This message is emitted if resource-allocating functions or methods of the standard library (like open() or threading.Lock.acquire()) that can be used as a context manager are called without a with block.

Closes #3413

Resolve false positives on unused variables in decorator functions

Closes #4252

Add new extension ConfusingConsecutiveElifChecker. This optional checker emits a refactoring message (R5601 confusing-consecutive-elif) if if/elif statements with different indentation levels follow directly one after the other.

New option --output=<file> to output result to a file rather than printing to stdout.

Closes #1070

Use a prescriptive message for unidiomatic-typecheck

Closes #3891

Apply const-naming-style to module constants annotated with typing.Final

The packaging is now done via setuptools exclusively. doc, tests, man, elisp and Changelog are not packaged anymore - reducing the size of the package by 75%.

Debian packaging is now (officially) done in https://salsa.debian.org/python-team/packages/pylint.

The 'doc' extra-require has been removed.

__pkginfo__ now only contain __version__ (also accessible with pylint.__version__), other meta-information are still accessible with import importlib;metadata.metadata('pylint').

COPYING has been renamed to LICENSE for standardization.

Fix false-positive used-before-assignment in function returns.

Closes #4301

Updated astroid to 2.5.3

... (truncated)

Changelog

Sourced from pylint's changelog.

What's New in Pylint 2.12.2?

Release date: 2021-11-25

Fixed a false positive for unused-import where everything was not analyzed properly inside typing guards.

Fixed a false-positive regression for used-before-assignment for typed variables in the body of class methods that reference the same class

Closes #5342

Specified that the ignore-paths option considers "" to represent a windows directory delimiter instead of a regular expression escape character.

Fixed a crash with the ignore-paths option when invoking the option via the command line.

Closes #5437

Fixed handling of Sphinx-style parameter docstrings with asterisks. These should be escaped with by prepending a "".

Closes #5406

Add endLine and endColumn keys to output of JSONReporter.

Closes #5380

Fixed handling of Google-style parameter specifications where descriptions are on the line following the parameter name. These were generating false positives for missing-param-doc.

Closes #5452

Fix false negative for consider-iterating-dictionary during membership checks encapsulated in iterables or not in checks

Closes #5323

unused-import now check all ancestors for typing guards

Closes #5316

Allow usage of mccabe 0.7.x release

Closes #5878

... (truncated)

Commits

eec287f Bump pylint to 2.12.2, update changelog
7def527 Add Copyrite configuration for Yu Shao
608ed32 Require \ for asterisks in Sphinx-style parameter docstrings (#5464)
f89a337 Deprecate is_inside_lambda from utils (#5447)
765a0b7 Add endLine and endColumn keys to JSONReporter (#5456)
28a33ef Update outdated class name in "How to Write a Checker" test example (#5449)
bce059a Move Sphinx docstrings out of TestParamDocChecker (#5450)
e14596e Move no-member tests from TestTypeChecker (#5453)
4b70feb #5452: Fix false positive missing-doc-param from multi-line Google-st… (#5459)
35813de Move various tests from TestTypeChecker to functional tests (#5455)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pylint](https://github.com/PyCQA/pylint) from 2.5.3 to 2.12.2. - [Release notes](https://github.com/PyCQA/pylint/releases) - [Changelog](https://github.com/PyCQA/pylint/blob/main/ChangeLog) - [Commits](pylint-dev/pylint@pylint-2.5.3...v2.12.2) --- updated-dependencies: - dependency-name: pylint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

@oliverchang

cc @oliverchang @alan32liu after google#9100 and google#8448 After compiling locally, I can see that `./SystemSan ./target_dns -dict=vuln.dict` crashes in a few seconds with ``` ===BUG DETECTED: Arbitrary domain name resolution=== ===Domain resolved: .f.z=== ===DNS request type: 0, class: 256=== ==315== ERROR: libFuzzer: deadly signal #0 0x539131 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/asan/asan_stack.cpp:87:3 #1 0x457c48 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5 #2 0x43c923 in fuzzer::Fuzzer::CrashCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:233:3 #3 0x7fa57940041f (/lib/x86_64-linux-gnu/libpthread.so.0+0x1441f) (BuildId: 7b4536f41cdaa5888408e82d0836e33dcf436466) #4 0x7fa5793ff7db in send (/lib/x86_64-linux-gnu/libpthread.so.0+0x137db) (BuildId: 7b4536f41cdaa5888408e82d0836e33dcf436466) #5 0x503ba4 in __interceptor_send /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:6802:17 #6 0x7fa578abf462 (/lib/x86_64-linux-gnu/libresolv.so.2+0xb462) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94) #7 0x7fa578abbc43 in __res_context_query (/lib/x86_64-linux-gnu/libresolv.so.2+0x7c43) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94) #8 0x7fa578abc8ed in __res_context_search (/lib/x86_64-linux-gnu/libresolv.so.2+0x88ed) (BuildId: 4519041bde5b859c55798ac0745b0b6199cb7d94) #9 0x7fa578ad2cc1 (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2cc1) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130) #10 0x7fa578ad2e8b in _nss_dns_gethostbyname3_r (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2e8b) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130) #11 0x7fa578ad2f41 in _nss_dns_gethostbyname2_r (/lib/x86_64-linux-gnu/libnss_dns.so.2+0x2f41) (BuildId: 3fac4ec397ba8e8938fe298f103113f315465130) #12 0x7fa5792fdc9d in gethostbyname2_r (/lib/x86_64-linux-gnu/libc.so.6+0x130c9d) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) #13 0x7fa5792d179e (/lib/x86_64-linux-gnu/libc.so.6+0x10479e) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) google#14 0x7fa5792d2f58 in getaddrinfo (/lib/x86_64-linux-gnu/libc.so.6+0x105f58) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) google#15 0x4d93ac in getaddrinfo /src/llvm-project/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:2667:13 google#16 0x56c8d9 in LLVMFuzzerTestOneInput /out/SystemSan/target_dns.cpp:35:11 google#17 0x43dec3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:611:15 google#18 0x43d6aa in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:514:3 google#19 0x43ed79 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:757:19 google#20 0x43fa45 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, std::__Fuzzer::allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:895:5 google#21 0x42edaf in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:912:6 google#22 0x458402 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 google#23 0x7fa5791f1082 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x24082) (BuildId: 1878e6b475720c7c51969e69ab2d276fae6d1dee) google#24 0x41f7ed in _start (/out/SystemSan/target_dns+0x41f7ed) NOTE: libFuzzer has rudimentary signal handlers. Combine libFuzzer with AddressSanitizer or similar for better crash reports. SUMMARY: libFuzzer: deadly signal MS: 2 CrossOver-ManualDict- DE: "f.z"-; base unit: ac3478d69a3c81fa62e60f5c3696165a4e5e6ac4 0x66,0x2e,0x7a, f.z artifact_prefix='./'; Test unit written to ./crash-926813b2d6adde373f96a10594a5314951588384 Base64: Zi56 ``` You can also try ``` echo -n f.z > toto ./SystemSan ./target_dns toto ``` Co-authored-by: Oliver Chang <[email protected]> Co-authored-by: jonathanmetzman <[email protected]>

We've still got an issue with crashes on the urllib3 requests test that uses the mock HTTP server. Fix google#9958 to handle port mapping errors didn't resolve it. I got a feeling there's an ordering issue. Looking at the error logs [https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56500#c2](https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=56500#c2) there appears to be an issue where we're throwing exceptions before the coverage completes. ``` === Uncaught Python exception: === -- | MaxRetryError: HTTPConnectionPool(host='localhost', port=8011): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4cdf33d1f0>: Failed to establish a new connection: [Errno 101] Network is unreachable')) | Traceback (most recent call last): | File "fuzz_requests.py", line 109, in TestOneInput | File "urllib3/_request_methods.py", line 118, in request | File "urllib3/_request_methods.py", line 217, in request_encode_body | File "urllib3/poolmanager.py", line 433, in urlopen | File "urllib3/connectionpool.py", line 874, in urlopen | File "urllib3/connectionpool.py", line 874, in urlopen | File "urllib3/connectionpool.py", line 874, in urlopen | File "urllib3/connectionpool.py", line 844, in urlopen | File "urllib3/util/retry.py", line 505, in increment | MaxRetryError: HTTPConnectionPool(host='localhost', port=8011): Max retries exceeded with url: / (Caused by NewConnectionError('<urllib3.connection.HTTPConnection object at 0x7f4cdf33d1f0>: Failed to establish a new connection: [Errno 101] Network is unreachable')) | | INFO: Instrumenting 3854 functions... | INFO: Instrumentation complete. | ==10674== ERROR: libFuzzer: fuzz target exited | #0 0x7f4ce0bac694 in __sanitizer_print_stack_trace /src/llvm-project/compiler-rt/lib/ubsan/ubsan_diag_standalone.cpp:31:3 | #1 0x7f4ce0b2df48 in fuzzer::PrintStackTrace() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerUtil.cpp:210:5 | #2 0x7f4ce0b12cdc in fuzzer::Fuzzer::ExitCallback() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:250:3 | #3 0x7f4ce09068a6 in __run_exit_handlers /build/glibc-SzIz7B/glibc-2.31/stdlib/exit.c:108:8 | #4 0x7f4ce0906a5f in exit /build/glibc-SzIz7B/glibc-2.31/stdlib/exit.c:139:3 | #5 0x7f4ce03b2c78 in libpython3.8.so.1.0 | #6 0x7f4ce03b76cf in libpython3.8.so.1.0 | #7 0x403ad2 in fuzz_requests.pkg | #8 0x403e67 in fuzz_requests.pkg | #9 0x7f4ce08e4082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/libc-start.c:308:16 | #10 0x40249d in fuzz_requests.pkg | | SUMMARY: libFuzzer: fuzz target exited ``` This is an attempted fix inspired by the requests [fuzz_server.py](https://github.com/google/oss-fuzz/blob/master/projects/requests/fuzz_server.py) where the lifecycle of the test thread is managed within the server. Since the web server is created at the start of `TestOneInput` I don't expect there to be any timing issues or thread initialisation issues.

dependabot bot added dependencies Pull requests that update a dependency file python Pull requests that update Python code labels Mar 24, 2022

dependabot bot force-pushed the dependabot/pip/infra/ci/pylint-2.12.2 branch from ba5f390 to 414de00 Compare March 24, 2022 17:00

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

dependabot bot commented on behalf of github Mar 24, 2022 •

edited

Loading

build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

Are you sure you want to change the base?

build(deps): bump pylint from 2.5.3 to 2.12.2 in /infra/ci #9

Conversation

dependabot bot commented on behalf of github Mar 24, 2022 • edited Loading

pylint-2.8.1

pylint-2.8.0

What's New in Pylint 2.12.2?

dependabot bot commented on behalf of github Mar 24, 2022 •

edited

Loading