Develop - Upgrade Django, libraries, and fix tests. (#1761)

* Update Django to 3.2.14 to address vulnerability * Remove Opera from testing * Use older selenium 4.2.0 for tests to work Co-authored-by: Greg Elin <greg.elin@govready.com>
GovReady · Jul 9, 2022 · 991cf2c · 991cf2c
1 parent 8bdea80
commit 991cf2c
Show file tree

Hide file tree

Showing 7 changed files with 579 additions and 690 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,10 +1,21 @@
 GovReady-Q Release Notes
 ========================
 
+v0.10.1.2-dev (June 29, 2022)
+-----------------------------
+
+**Developer changes**
+
+* Remove Opera from test options.
+
+**Bug fixes**
+
+* Upgrade to Django 3.2.14 to fix Django vulnerability.
+
 v0.10.1.1-dev (June 29, 2022)
 -----------------------------
 
-**Buf fixes**
+**Bug fixes**
 
 * Hot patch to fix OSCAL SSP generation by making sure security_sensitivity_level has value.
 

diff --git a/dev_env/README.md b/dev_env/README.md
@@ -65,7 +65,7 @@ environment.json to include:
     "test_visible": true,
     "test_browser": "chrome" 
 ```````````
-You can choose from `firefox`, `chrome`, or `opera`
+You can choose from `firefox` or `chrome`.
 
 ### Connecting to the Selenium
 You will have to install a VNC Viewer (https://www.realvnc.com/en/connect/download/viewer/)
@@ -76,7 +76,6 @@ Open VNC Viewer and connect to the browser image you chose in your environment.j
 |---------|----------------|----------|
 | Chrome  | localhost:6900 | secret   |
 | Firefox | localhost:6902 | secret   |
-| Opera   | localhost:6903 | secret   |
 
 Then you can run your tests as you typically would by connecting to your container and running the tests.  Ex: 
 `docker exec -it govready-q-dev ./manage.py test`

diff --git a/dev_env/core/runner.py b/dev_env/core/runner.py
@@ -134,7 +134,7 @@ def run(self):
             "chrome": {"port": 6900, "file": "selenium/selenium-chrome.yml"},
             # "edge": {"port": 6901, "file": "selenium/selenium-edge.yml"},
             "firefox": {"port": 6902, "file": "selenium/selenium-firefox.yml"},
-            "opera": {"port": 6903, "file": "selenium/selenium-opera.yml"},
+            # "opera": {"port": 6903, "file": "selenium/selenium-opera.yml"},
         }
 
         if self.config['test_visible']:

diff --git a/requirements.in b/requirements.in
@@ -24,13 +24,13 @@ termcolor # MIT License
 xxhash # BSD License
 importlib-resources<2,>=1.0 # Apache License
 pyinstrument==3.2.0 # BSD License
-compliance-trestle==0.33.0 # OSI Approved :: Apache Software License
+compliance-trestle==1.1.0 # OSI Approved :: Apache Software License
 markdown # As Is Custom License
 
 jsonschema # MIT License
 filetype # MIT License
 # Common Django Packages
-Django==3.2.13 # BSD License
+Django==3.2.14 # BSD License
 django-allauth # MIT License
 django-bootstrap3 # BSD 3-Clause License
 importlib-metadata>=1.7.0 # Apache License 2.0
@@ -61,10 +61,11 @@ click # BSD License (BSD-3-Clause)
 # more-itertools # MIT License
 simplejson # Academic Free License (AFL), MIT License
 pandas # BSD License (BSD-3-Clause)
-spacy # MIT License
+# spacy # MIT License
 Unidecode # GNU General Public License
 wordcloud # MIT License
-numpy==1.22.2 # BSD 3-Clause "New" or "Revised" License
+numpy>=1.23.0 # BSD 3-Clause "New" or "Revised" License
+backports.zoneinfo==0.2.1 # Apache 2.0
 
 # Python Packages Developed by GovReady and/or Josh
 rtyaml # CC0
@@ -95,7 +96,7 @@ rfc5424-logging-handler # BSD License
 # Development & testing only
 bandit # Apache License 2.0
 coverage==6.0b1 # Apache License 2.0
-selenium # Apache License 2.0
+selenium==4.2.0 # Apache License 2.0
 safety # MIT License
 parsel # BSD License
 

diff --git a/requirements.txt b/requirements.txt
diff --git a/requirements_mysql.txt b/requirements_mysql.txt
@@ -1,7 +1,9 @@
-mysqlclient==2.1.0 \
-    --hash=sha256:02c8826e6add9b20f4cb12dcf016485f7b1d6e30356a1204d05431867a1b3947 \
-    --hash=sha256:2c8410f54492a3d2488a6a53e2d85b7e016751a1e7d116e7aea9c763f59f5e8c \
-    --hash=sha256:973235686f1b720536d417bf0a0d39b4ab3d5086b2b6ad5e6752393428c02b12 \
-    --hash=sha256:b62d23c11c516cedb887377c8807628c1c65d57593b57853186a6ee18b0c6a5b \
-    --hash=sha256:e6279263d5a9feca3e0edbc2b2a52c057375bf301d47da2089c075ff76331d14
+mysqlclient==2.1.1 \
+    --hash=sha256:0d1cd3a5a4d28c222fa199002810e8146cffd821410b67851af4cc80aeccd97c \
+    --hash=sha256:828757e419fb11dd6c5ed2576ec92c3efaa93a0f7c39e263586d1ee779c3d782 \
+    --hash=sha256:996924f3483fd36a34a5812210c69e71dea5a3d5978d01199b78b7f6d485c855 \
+    --hash=sha256:b355c8b5a7d58f2e909acdbb050858390ee1b0e13672ae759e5e784110022994 \
+    --hash=sha256:c1ed71bd6244993b526113cca3df66428609f90e4652f37eb51c33496d478b37 \
+    --hash=sha256:c812b67e90082a840efb82a8978369e6e69fc62ce1bda4ca8f3084a9d862308b \
+    --hash=sha256:dea88c8d3f5a5d9293dfe7f087c16dd350ceb175f2f6631c9cf4caf3e19b7a96
     # via -r requirements_mysql.in
diff --git a/siteapp/tests.py b/siteapp/tests.py
@@ -101,7 +101,6 @@ def setUpClass(cls):
         option_map = {
             "chrome": (selenium.webdriver.ChromeOptions, DesiredCapabilities.CHROME),
             "firefox": (selenium.webdriver.FirefoxOptions, DesiredCapabilities.FIREFOX),
-            "opera": (selenium.webdriver.ChromeOptions, DesiredCapabilities.OPERA),
         }
         option = option_map[SELENIUM_BROWSER]
         options = option[0]()