Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: integration of worker latest version #1680

Merged
merged 4 commits into from
Jun 10, 2024
Merged

Conversation

holtgrewe
Copy link
Collaborator

No description provided.

@holtgrewe holtgrewe enabled auto-merge (squash) June 6, 2024 04:55
Copy link

github-actions bot commented Jun 6, 2024

deps-report 🔍

Commit scanned: fb31726
ℹ️ Python version 3.10 is used by your project but the latest version is 3.12.

Vulnerable dependencies

3 dependencies have vulnerabilities 😱
Dependency Advisory Versions impacted
jinja2 (transitive) In Jinja2, the from_string function is prone to Server Side Template Injection (SSTI) where it takes the "source" parameter as a template object, renders it, and then returns it. The attacker can exploit it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple third parties believe that this vulnerability isn't valid because users shouldn't use untrusted templates without sandboxing. >=0
pyopenssl (transitive) CVE-2023-6129 affects PyOpenSSL versions starting from 22.0.0 due to a vulnerability in the POLY1305 MAC algorithm on PowerPC CPUs. This issue could lead to state corruption in applications, causing inaccurate outcomes or service disruptions. Attackers need specific conditions to exploit this flaw, including the ability to manipulate the algorithm's use and reliance on certain system registers by the application. >=22.0.0
sqlalchemy Sqlalchemy 2.0.0b1 avoids leaking cleartext passwords to the open for careless uses of str(engine.URL()) in logs and prints. sqlalchemy/sqlalchemy#8563 <2.0.0b1

Outdated dependencies

59 outdated dependencies found (including 15 outdated major versions)😢
Dependency Installed version Latest version
argon2-cffi (transitive) 21.3.0 23.1.0
billiard (transitive) 3.6.4.0 4.2.0
crispy-bootstrap4 (transitive) 2022.1 2024.1
django 3.2.25 5.0.6
flake8 (dev) 6.1.0 7.0.0
lxml 4.9.4 5.2.2
mistune (transitive) 2.0.5 3.0.2
packaging (transitive) 23.2 24.1
protobuf 3.20.3 5.27.1
setuptools (transitive) 67.6.1 70.0.0
sphinx (transitive) 6.2.1 7.3.7
sphinx-rtd-theme (transitive) 1.2.2 2.0.0
sqlalchemy 1.4.52 2.0.30
unidecode (transitive) 0.4.21 1.3.8
xmlschema (transitive) 2.5.1 3.3.1
Dependency Installed version Latest version
aiobotocore (transitive) 2.12.3 2.13.0
annotated-types (transitive) 0.6.0 0.7.0
botocore (transitive) 1.34.69 1.34.122
celery (transitive) 5.2.7 5.4.0
certifi (transitive) 2024.2.2 2024.6.2
coverage (dev,transitive) 7.4.4 7.5.3
coveralls (dev) 4.0.0 4.0.1
cryptography (transitive) 42.0.7 42.0.8
django-autocomplete-light (transitive) 3.9.4 3.11.0
django-crispy-forms (transitive) 2.0 2.1
django-db-file-storage (transitive) 0.5.5 0.5.6.1
django-debug-toolbar 4.3.0 4.4.2
django-dirtyfields (transitive) 1.9.2 1.9.3
django-environ (transitive) 0.10.0 0.11.2
django-iconify (transitive) 0.1.1 0.4
django-model-utils (transitive) 4.3.1 4.5.1
django-plugins-bihealth 0.4.0 0.5.2
django-postgres-copy 2.3.7 2.7.4
djangorestframework (transitive) 3.14.0 3.15.1
docutils (transitive) 0.18.1 0.21.2
drf-keyed-list-bihealth 0.1.1 0.2.1
drf-spectacular-sidecar (transitive) 2024.5.1 2024.6.1
faker (dev,transitive) 25.2.0 25.8.0
fsspec (transitive) 2024.3.1 2024.6.0
ipython (dev,transitive) 8.24.0 8.25.0
markdown (transitive) 3.4.1 3.6
openpyxl (dev) 3.1.2 3.1.3
prompt-toolkit (transitive) 3.0.43 3.0.46
pydantic 2.7.1 2.7.3
pydantic-core (transitive) 2.18.2 2.18.4
pyflakes (dev,transitive) 3.1.0 3.2.0
redis 5.0.4 5.0.5
regex (transitive) 2024.5.10 2024.5.15
requests 2.32.2 2.32.3
requests-http-signature 0.2.0 0.7.1
rules (transitive) 3.3 3.4
s3fs 2024.3.1 2024.6.0
selenium (dev) 4.20.0 4.21.0
sentry-sdk 2.3.1 2.5.1
trio (dev,transitive) 0.25.0 0.25.1
typing-extensions (transitive) 4.11.0 4.12.2
versioneer (transitive) 0.28 0.29
watchdog (dev) 4.0.0 4.0.1
wheel (transitive) 0.40.0 0.43.0

Logs

Copy link

codecov bot commented Jun 6, 2024

Codecov Report

Attention: Patch coverage is 98.30508% with 1 line in your changes missing coverage. Please review.

Project coverage is 80%. Comparing base (e209961) to head (98f0920).
Report is 4 commits behind head on main.

Additional details and impacted files
@@          Coverage Diff          @@
##            main   #1680   +/-   ##
=====================================
  Coverage     80%     80%           
=====================================
  Files        769     770    +1     
  Lines      42285   42315   +30     
  Branches    1761    1761           
=====================================
+ Hits       34112   34141   +29     
- Misses      8173    8174    +1     
Files Coverage Δ
cases/models.py 100% <100%> (ø)
...mport/tests/snapshots/snap_test_models_executor.py 100% <100%> (ø)
cases_import/tests/test_models_executor.py 100% <100%> (ø)
cases_qc/migrations/0003_auto_20240604_1128.py 100% <100%> (ø)
cases_import/models/executors.py 95% <97%> (-1%) ⬇️

@holtgrewe holtgrewe force-pushed the fix-integration-of-worker branch from 97ff071 to cfc17a9 Compare June 6, 2024 12:07
@holtgrewe holtgrewe merged commit ab441ff into main Jun 10, 2024
16 checks passed
@holtgrewe holtgrewe deleted the fix-integration-of-worker branch June 10, 2024 06:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant