Skip to content

Commit

Permalink
Bump python libs, address insecure releases (apache#7550)
Browse files Browse the repository at this point in the history
* Bump python libs, address insecure releases

Using
https://requires.io/github/mistercrunch/superset/requirements/?branch=apache_release_improv
to identify insecure, old releases we're using and bumping.

* redis <3.0

* fix new flakes
  • Loading branch information
mistercrunch authored May 29, 2019
1 parent 2a2f395 commit fd5befe
Show file tree
Hide file tree
Showing 7 changed files with 27 additions and 30 deletions.
16 changes: 8 additions & 8 deletions requirements-dev.txt
Original file line number Diff line number Diff line change
Expand Up @@ -16,22 +16,22 @@
#
coverage==4.5.3
flake8-commas==2.0.0
flake8-import-order==0.18
flake8-import-order==0.18.1
flake8-mypy==17.8.0
flake8-quotes==1.0.0
flake8==3.6.0
flask-cors==3.0.6
ipdb==0.11
flake8-quotes==2.0.1
flake8==3.7.7
flask-cors==3.0.7
ipdb==0.12
mypy==0.670
mysqlclient==1.4.2.post1
nose==1.3.7
pip-tools==3.5.0
pip-tools==3.7.0
psycopg2-binary==2.7.5
pycodestyle==2.4.0
pycodestyle==2.5.0
pyhive==0.6.1
pylint==1.9.2
python-dotenv==0.10.1
redis==2.10.6
statsd==3.3.0
thrift==0.11.0
tox==3.5.3
tox==3.11.1
14 changes: 6 additions & 8 deletions requirements.txt
Original file line number Diff line number Diff line change
Expand Up @@ -2,9 +2,8 @@
# This file is autogenerated by pip-compile
# To update, run:
#
# pip-compile --output-file requirements.txt setup.py
# pip-compile --output-file=requirements.txt setup.py
#

alembic==1.0.0 # via flask-migrate
amqp==2.3.2 # via kombu
apispec[yaml]==1.2.0 # via flask-appbuilder
Expand Down Expand Up @@ -42,7 +41,7 @@ humanize==0.5.1
idna==2.6
isodate==0.6.0
itsdangerous==0.24 # via flask
jinja2==2.10 # via flask, flask-babel
jinja2==2.10.1 # via flask, flask-babel
jsonschema==3.0.1 # via flask-appbuilder
kombu==4.2.1 # via celery
mako==1.0.7 # via alembic
Expand All @@ -68,17 +67,16 @@ python-editor==1.0.3 # via alembic
python-geohash==0.8.5
python3-openid==3.1.0 # via flask-openid
pytz==2018.5 # via babel, celery, pandas
pyyaml==3.13
requests==2.20.0
pyyaml==5.1
requests==2.22.0
retry==0.9.2
selenium==3.141.0
simplejson==3.15.0
six==1.11.0 # via bleach, cryptography, flask-jwt-extended, flask-talisman, isodate, jsonschema, pathlib2, polyline, prison, pydruid, pyrsistent, python-dateutil, sqlalchemy-utils, wtforms-json
sqlalchemy-utils==0.32.21
sqlalchemy-utils==0.33.11
sqlalchemy==1.3.1
sqlparse==0.2.4
unicodecsv==0.14.1
urllib3==1.22 # via requests, selenium
urllib3==1.24.3 # via requests, selenium
vine==1.1.4 # via amqp
webencodings==0.5.1 # via bleach
werkzeug==0.14.1 # via flask, flask-jwt-extended
Expand Down
7 changes: 3 additions & 4 deletions setup.py
Original file line number Diff line number Diff line change
Expand Up @@ -97,15 +97,14 @@ def get_git_sha():
'python-dateutil',
'python-dotenv',
'python-geohash',
'pyyaml>=3.13',
'requests>=2.20.0',
'pyyaml>=5.1',
'requests>=2.22.0',
'retry>=0.9.2',
'selenium>=3.141.0',
'simplejson>=3.15.0',
'sqlalchemy>=1.3.1,<2.0',
'sqlalchemy-utils',
'sqlalchemy-utils>=0.33.2',
'sqlparse',
'unicodecsv',
'wtforms-json',
],
extras_require={
Expand Down
2 changes: 1 addition & 1 deletion superset/cli.py
Original file line number Diff line number Diff line change
Expand Up @@ -132,7 +132,7 @@ def load_examples(load_test_data):
@click.option('--datasource', '-d', help='Specify which datasource name to load, if '
'omitted, all datasources will be refreshed')
@click.option('--merge', '-m', is_flag=True, default=False,
help='Specify using \'merge\' property during operation. '
help="Specify using 'merge' property during operation. "
'Default value is False.')
def refresh_druid(datasource, merge):
"""Refresh druid datasources"""
Expand Down
8 changes: 4 additions & 4 deletions superset/views/core.py
Original file line number Diff line number Diff line change
Expand Up @@ -1340,12 +1340,12 @@ def explore(self, datasource_type=None, datasource_id=None):

if action == 'overwrite' and not slice_overwrite_perm:
return json_error_response(
_('You don\'t have the rights to ') + _('alter this ') + _('chart'),
_("You don't have the rights to ") + _('alter this ') + _('chart'),
status=400)

if action == 'saveas' and not slice_add_perm:
return json_error_response(
_('You don\'t have the rights to ') + _('create a ') + _('chart'),
_("You don't have the rights to ") + _('create a ') + _('chart'),
status=400)

if action in ('saveas', 'overwrite'):
Expand Down Expand Up @@ -1452,7 +1452,7 @@ def save_or_overwrite_slice(
dash_overwrite_perm = check_ownership(dash, raise_if_false=False)
if not dash_overwrite_perm:
return json_error_response(
_('You don\'t have the rights to ') + _('alter this ') +
_("You don't have the rights to ") + _('alter this ') +
_('dashboard'),
status=400)

Expand All @@ -1466,7 +1466,7 @@ def save_or_overwrite_slice(
dash_add_perm = security_manager.can_access('can_add', 'DashboardModelView')
if not dash_add_perm:
return json_error_response(
_('You don\'t have the rights to ') + _('create a ') + _('dashboard'),
_("You don't have the rights to ") + _('create a ') + _('dashboard'),
status=400)

dash = models.Dashboard(
Expand Down
2 changes: 1 addition & 1 deletion tests/db_engine_specs_test.py
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ def test_hive_error_msg(self):
'{...} errorMessage="Error while compiling statement: FAILED: '
'SemanticException [Error 10001]: Line 4'
':5 Table not found \'fact_ridesfdslakj\'", statusCode=3, '
'sqlState=\'42S02\', errorCode=10001)){...}')
"sqlState='42S02', errorCode=10001)){...}")
self.assertEquals((
'Error while compiling statement: FAILED: '
'SemanticException [Error 10001]: Line 4:5 '
Expand Down
8 changes: 4 additions & 4 deletions tests/viz_tests.py
Original file line number Diff line number Diff line change
Expand Up @@ -258,7 +258,7 @@ def test_parse_adhoc_filters(self):
{
'expressionType': 'SQL',
'clause': 'WHERE',
'sqlExpression': 'value3 in (\'North America\')',
'sqlExpression': "value3 in ('North America')",
},
],
}
Expand All @@ -273,7 +273,7 @@ def test_parse_adhoc_filters(self):
[{'op': '<', 'val': '10', 'col': 'SUM(value1)'}],
query_obj['extras']['having_druid'],
)
self.assertEqual('(value3 in (\'North America\'))', query_obj['extras']['where'])
self.assertEqual("(value3 in ('North America'))", query_obj['extras']['where'])
self.assertEqual('(SUM(value1) > 5)', query_obj['extras']['having'])

def test_adhoc_filters_overwrite_legacy_filters(self):
Expand All @@ -295,7 +295,7 @@ def test_adhoc_filters_overwrite_legacy_filters(self):
{
'expressionType': 'SQL',
'clause': 'WHERE',
'sqlExpression': 'value3 in (\'North America\')',
'sqlExpression': "value3 in ('North America')",
},
],
'having': 'SUM(value1) > 5',
Expand All @@ -311,7 +311,7 @@ def test_adhoc_filters_overwrite_legacy_filters(self):
[],
query_obj['extras']['having_druid'],
)
self.assertEqual('(value3 in (\'North America\'))', query_obj['extras']['where'])
self.assertEqual("(value3 in ('North America'))", query_obj['extras']['where'])
self.assertEqual('', query_obj['extras']['having'])

@patch('superset.viz.BaseViz.query_obj')
Expand Down

0 comments on commit fd5befe

Please sign in to comment.