Skip to content

Commit

Permalink
Remove sqlalchemy-utils
Browse files Browse the repository at this point in the history 
- Vulnerability not addressed for years:
  kvesteri/sqlalchemy-utils#166

- No bandit on prod code.

- ZeroVer
  • Loading branch information
@tucked
tucked committed Feb 18, 2023
1 parent ac05f8d commit 14aceb3
Show file tree
Hide file tree
Showing 7 changed files with 15 additions and 50 deletions.
1 change: 0 additions & 1 deletion Pipfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,6 @@ psycopg2 = {version = ">=2.9"}
python-magic = {version = ">=0.4"}
pyyaml = {version = ">=6.0"}
sqlalchemy = {version = "~=1.4"}
sqlalchemy-utils = {version = ">=0.38"}

[dev-packages]
bandit = {version = ">=1.7"}
Expand Down
10 changes: 1 addition & 9 deletions Pipfile.lock
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions docker-compose.test.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ services:
db:
image: postgres:9.6
environment:
- POSTGRES_DB=pastedb
- POSTGRES_USER=postgres
- POSTGRES_PASSWORD=postgres
app:
Expand Down
44 changes: 10 additions & 34 deletions pbnh/db/createdb.py
View file
Original file line number Diff line number Diff line change
@@ -1,48 +1,24 @@
import argparse
from sqlalchemy import create_engine
from sqlalchemy_utils import create_database

from pbnh import conf
from pbnh import app
from pbnh.db import models
from pbnh.db.connect import DBConnect


class CreateDB:
def __init__(
self,
dialect=None,
driver=None,
username=None,
password=None,
host=None,
port=None,
dbname=None,
):
"""Grab connection information to pass to DBConnect"""
self.dialect = dialect or "sqlite"
self.dbname = dbname or app.app.config["CONFIG"].get("database").get("dbname")
self.driver = driver
self.username = username
self.password = password
self.host = host
self.port = port
def __init__(self, *args, **kwargs):
self._dbconnect = DBConnect(*args, **kwargs)
self.engine = create_engine(str(self._dbconnect))

def __str__(self):
return str(self._dbconnect)

def create(self):
connection = DBConnect(
dialect=self.dialect,
driver=self.driver,
username=self.username,
password=self.password,
host=self.host,
port=self.port,
dbname=self.dbname,
)
print(connection)
create_database(str(connection))
engine = create_engine(str(connection))
models.Base.metadata.create_all(engine)
return connection
models.Base.metadata.create_all(self.engine)

def delete(self):
models.Paste.__table__.drop(self.engine)


def main():
Expand Down
3 changes: 1 addition & 2 deletions run_tests.sh
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,7 @@
set -o errexit
set -o xtrace
pipenv install --deploy --dev
# https://github.com/kvesteri/sqlalchemy-utils/issues/166
pipenv check --ignore 42194 --ignore 51668 # https://github.com/sqlalchemy/sqlalchemy/pull/8563
pipenv check --ignore 51668 # https://github.com/sqlalchemy/sqlalchemy/pull/8563
pipenv run black --check pbnh tests
pipenv run flake8 pbnh tests
pipenv run bandit --recursive pbnh
Expand Down
2 changes: 1 addition & 1 deletion sample_config.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ server:
debug : True

database:
dbname : "database_name"
dbname : "pastedb"
dialect : "postgresql"
driver : null
host : "db"
Expand Down
4 changes: 1 addition & 3 deletions tests/paste_psql_test.py
View file
Original file line number Diff line number Diff line change
@@ -1,11 +1,9 @@
import unittest

from datetime import datetime
from sqlalchemy_utils import drop_database

from pbnh.conf import get_config
from pbnh.db.createdb import CreateDB
from pbnh.db.connect import DBConnect
from pbnh.db import paste


Expand All @@ -20,7 +18,7 @@ def setUp(self):
self.newdb.create()

def tearDown(self):
drop_database(str(DBConnect(**CONFIG["database"])))
self.newdb.delete()

def test_create_new(self):
with paste.Paster(**CONFIG["database"]) as p:
Expand Down

0 comments on commit 14aceb3

Please sign in to comment.