Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update requirements #556

Open
wants to merge 4 commits into
base: development
Choose a base branch
from

Conversation

stweil
Copy link
Contributor

@stweil stweil commented Sep 7, 2023

  • fix some security issues caused by too old Python packages
  • fix compatibility issues caused by newer versions of Python packages

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Newer versions cause a failure:

Run flake8 --select=F --ignore=F841
Traceback (most recent call last):
  File "/opt/hostedtoolcache/Python/3.7.17/x64/bin/flake8", line 8, in <module>
    sys.exit(main())
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/main/cli.py", line 22, in main
    app.run(argv)
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/main/application.py", line 363, in run
    self._run(argv)
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/main/application.py", line 350, in _run
    self.initialize(argv)
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/main/application.py", line 330, in initialize
    self.find_plugins(config_finder)
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/main/application.py", line 153, in find_plugins
    self.check_plugins = plugin_manager.Checkers(local_plugins.extension)
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/plugins/manager.py", line 357, in __init__
    self.namespace, local_plugins=local_plugins
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/plugins/manager.py", line 238, in __init__
    self._load_entrypoint_plugins()
  File "/opt/hostedtoolcache/Python/3.7.17/x64/lib/python3.7/site-packages/flake8/plugins/manager.py", line 254, in _load_entrypoint_plugins
    eps = importlib_metadata.entry_points().get(self.namespace, ())
AttributeError: 'EntryPoints' object has no attribute 'get'
Error: Process completed with exit code 1.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
Newer versions cause a CI failure:

_____________________ ERROR collecting tests/img_info_t.py _____________________
ImportError while importing test module '/home/runner/work/loris/loris/tests/img_info_t.py'.
Hint: make sure your test modules/packages have valid Python names.
Traceback:
tests/img_info_t.py:15: in <module>
    from tests import loris_t
tests/loris_t.py:12: in <module>
    from werkzeug.wrappers import BaseResponse
E   ImportError: cannot import name 'BaseResponse' from 'werkzeug.wrappers' (/opt/hostedtoolcache/Python/3.9.18/x64/lib/python3.9/site-packages/werkzeug/wrappers/__init__.py)
[...]

Signed-off-by: Stefan Weil <sw@weilnetz.de>
This fixes more security issues.

Signed-off-by: Stefan Weil <sw@weilnetz.de>
@stweil
Copy link
Contributor Author

stweil commented Sep 7, 2023

The "ImportError: cannot import name 'BaseResponse' from 'werkzeug.wrappers'" occurs because BaseResponse and BaseRequest have been deprecated starting werkzeug version 2.1.0. Therefore the requirements were updated to require werkzeug < 2.1.0. It would be better to replace BaseResponse and BaseRequest because old versions of werkzeug have high priority security issues.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant