Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Project dependencies have API risk issues #765

Open
PyDeps opened this issue Jul 12, 2022 · 2 comments
Open

Project dependencies have API risk issues #765

PyDeps opened this issue Jul 12, 2022 · 2 comments
Labels
help wanted

Comments

@PyDeps
Copy link
Contributor

PyDeps commented Jul 12, 2022
edited

Hi, In wttr.in, inappropriate dependency versioning constraints can cause risks.

Below are the dependencies and version constraints that the project is using

flask
geoip2
geopy
requests
gevent
astral
timezonefinder==2.1.2
pytz
pyte
python-dateutil
scipy
numpy
pillow
babel
pylru
emoji
grapheme

The version constraint == will introduce the risk of dependency conflicts because the scope of dependencies is too strict.
The version constraint No Upper Bound and * will introduce the risk of the missing API Error because the latest version of the dependencies may remove some APIs.

After further analysis, in this project,
The version constraint of dependency python-dateutil can be changed to >=2.5.0,<=2.8.1.
The version constraint of dependency astral can be changed to >=2.0,<=2.2.
The version constraint of dependency pylru can be changed to >=1.0.7,<=1.2.1.
The version constraint of dependency emoji can be changed to >=1.6.0,<=1.7.0.

The above modification suggestions can reduce the dependency conflicts as much as possible,
and introduce the latest version as much as possible without calling Error in the projects.

The invocation of the current project includes all the following methods.

In version astral-1.10.1, the API astral.LocationInfo whch is used by the current project in lib/view/line.py and lib/view/v2.py is missing.

image

In version pylru-1.0.6, the API pylru.lrucache.get whch is used by the current project in lib/cache.py is missing.

image

In version emoji-1.5.0, the API emoji.is_emoji whch is used by the current project in lib/fmt/png.py is missing.

image

The calling methods from the astral 
astral.LocationInfo
astral.sun.sunrise
astral.moon.phase
astral.sun.sunset
astral.sun.sun
astral.sun.dusk
astral.sun.dawn
The calling methods from the python-dateutil 
dateutil.parser.parse
The calling methods from the pylru 
pylru.lrucache
pylru.lrucache.get
The calling methods from the emoji 
emoji.is_emoji
The calling methods from the all methods 
flask.request.args.get
_wrap_response
_box
cyr
idx.sort
fixed_weather.append
language.split.split
load_translations
textwrap.wrap
flask.Flask
image.convert.convert
script_cat
constants.WWO_CODE.get
x.rjust.split
translations.SUPPORTED_LANGS.len.str.text.replace.replace.replace
_fully_qualified_location
x.rjust
timezone.pytz.timezone.datetime.datetime.now.strftime
sorted
parsed_query.json.dumps.encode
message_dict.get
gevent.subprocess.Popen.communicate
weather_symbol.get
request.headers.get.lower
_load_content_and_headers
f_iata_codes.readlines
csv.reader
globals.get_help_file
location.replace.replace
fields.DESCRIPTION.items
language.strip
_client_ip_address
days_to_return.timedelta.start_day_local.date
colorize
_make_query
len
os.path.basename
datetime.datetime.today
location.location_processing
isinstance
_geolocator
c.get
get_answer_language_and_view
cache_file.open.write
save_cache
render_line
PIL.Image.open
_parse_language_header
tzinfo.datetime.datetime.now.replace
request.args.get
json.loads.get
re.sub.splitlines
new_data.append
_fix_graphemes
location.lower.replace
parsed.get
logging.getLogger.error
_IP2LOCATION_KEY_FILE.open.read.strip
datetime.datetime.strptime
gevent.monkey.patch_all
full_location.split
config.get
requests.get.raise_for_status
_convert_hourly
signature.encode
current_day_local.days.append
f_name.split
weather_symbol_width_vte.get
sys.path.append
_is_ip
resp.data.decode
location.index.index
output.replace
group_hours_to_days.items
PIL.ImageDraw.Draw.text
_parse_language_header.split
contentf.read
timezonefinder.TimezoneFinder
draw_date
ord
_wego_wrapper
os.environ.get.split
cachefile.open.write
logging.error
location.lstrip.replace
pytz.utc.x.current_sun.replace.astimezone
line.decode.split
original.replace
filename.Image.open.resize
extract_emojis_to_directory
parsed_query.lower.startswith
re.sub.decode
local_tz.pytz.utc.x.current_sun.replace.astimezone.strftime
flask.Response
_log_unknown_translation
image.convert.save
draw_spark
math.floor
_ip2location
_get_hemisphere
unicodedata2.script_cat
re.sub
_ipinfo
pyjq.all
query_string.re.search.group
hpa_to_mb
location.upper.lstrip
idx.append
v3.main
buttons.add_buttons
cache._update_answer
empty_line
draw_wind
query_string.replace.replace
string.split
celsius_to_f
result.append
pyte.screens.Screen.set_mode
proxy_log.LoggerWWO.log
astral.LocationInfo
_parse_accept_language
_IPINFO_KEY_FILE.open.read
stdout.decode.encode
hostname.endswith
pylru.lrucache.get
os.path.dirname
requests.get
render_json
metno.metno_request
converted_hours.append
request.headers.getlist.startswith
_load_aliases
limits.Limits
line.strip
grapheme.graphemes
STATIC.os.path.join.open.read
format
limits.Limits.check_ip
location.lower.replace.replace
to_weather_code
globals.BLACKLIST.open.readlines
datetime.datetime.now.replace
name.split
parsed_query.get
_now_in_tz
_time_caps
_save_content_and_headers
str
main
repr
datetime.datetime.now
generate_panel
textual_information
list
pytz.utc.current_time_of_what.replace.astimezone
_fetch_content_and_headers
base64.b64decode
sys.argv.split
lang.get_message.upper
logging.getLogger.debug
json.dumps
metno_request
request.headers.get
f_debug.write
location.lower.endswith
astral.sun.sun
address.split
re.sub.append
_htmlize
line.decode
wttr_line.render_line
f_cache.read
parse_request.get
line.items
match.group
draw_emoji
line.strip.split
open.read
self._shorten_query
parsed_query.get.startswith
f_name.split.split
cats.index
fixed_hourly.append
round
map
flask.Flask.route
f_aliases.readlines
print
_script_category
re.match
view.wttr.get_wetter
options.get
astral.sun.dawn
shutil.move
ValueError
requests.get.json
constants.WEATHER_SYMBOL_WI_DAY.get
interpolate_data
_load_emojilib
_touch_empty_file
_convert_hour
parse_query.parse_wttrin_png_name
zlib.compress
proxy_log.LoggerWWO
get_local_time_of
parse_query.deserialize
locale_q_pairs.append
_hash
create_standard_json_from_metno.append
diagram.Point
pyte.screens.Screen
v2.main
float
globals.TRANSLATION_FILE.open.read
line.count
graphemes.append
x.rstrip
geo_data.copy
json.loads.capitalize
string.base64.b64decode.zlib.decompress.decode
io.BytesIO.getvalue
add_timezone_information
yinterp
prometheus.render_prometheus
template_code.lstrip
numpy.linspace
signature.encode.hashlib.md5.hexdigest
location_string.replace.replace
PIL.ImageFont.truetype
parse_request.lower
location.lower.startswith
socket.inet_pton
re.search.group
subprocess.Popen
hpa_to_in
current_day_gmt.astimezone.date
stdout.decode.decode
logging.getLogger
x.strip
time_interval.datetime.timedelta.datetime_day_start.replace
_WWO_KEY_FILE.open.read
format_weather_data.rstrip
self._shorten_query.split
astral.moon.phase
x.group
jq_query
gevent.pywsgi.WSGIServer.serve_forever
wttr_srv.wttr
parse_query.parse_query.get
babel.dates.format_datetime
_get_location
_cyclic_location_selection
self._file.write
format_weather_data.splitlines
location.lstrip.lower
tuple
local_time_of
_render_current
flask.request.query_string.decode
screen.buffer.items
gevent.threadpool.ThreadPool.spawn
render_function
join.splitlines
get_data
url.replace
wttr_line
language.split.strip
_get_local_time_of
re.findall
_randint
datetime.datetime.strptime.time_str.datetime.strptime.total_seconds
cats.append
cache_file.open.read
globals.error
doctest.testmod
_cache_file
self._clear_counters_if_needed
_find_srv_for_query
logging.basicConfig
trans.strip.strip
_sun.replace
meters_to_miles
query.get
sys.setdefaultencoding
diagram.DGWrapper
query.path.encode.hashlib.sha1.hexdigest.upper
jinja2.FileSystemLoader
parse_request
globals.log
set
PIL.ImageDraw.Draw.rectangle
x.startswith
_hash.startswith
parsed.update
_debug_log
diagram.DGWrapper.show
json.loads
astral.sun.sunrise
location.lstrip.lstrip
_convert_time_to_minutes.endswith
names.index
_shorten_full_location
load_cache
query.path.encode.hashlib.sha1.hexdigest
load_translations.keys
load_aiports_index
_store_in_file
cache.store
text.lower
_IPINFO_KEY_FILE.open.read.strip
pycountry.countries.get
urllib2.urlopen
globals.remove_ansi.splitlines
timezonefinder.TimezoneFinder.certain_timezone_at
location.lstrip.startswith
cachefile.open.read
key.startswith
supported_langs
draw_astronomical
ansi_output.encode
_update_answer
gevent.pywsgi.WSGIServer
re.compile.sub
query.path.encode
constants.WEATHER_SYMBOL_WI_NIGHT.get
image.convert.getdata
pylru.lrucache
self._get_limit
language.split
_wego_postprocessing
path.replace.replace
open
view.v3.v3_file.startswith
re.compile
cachefile.open.read.split
line.split
_color_code_for_wind_speed
glob.glob
os.path.exists
_location_normalize
local_tz.pytz.utc.current_time_of_what.replace.astimezone.strftime
query_osm
_main_
_gen_term
io.BytesIO
shorten_full_address
base64.b64encode
airports.get_airport_gps_location
mm_to_inches
view.v3.v3_file.rstrip
to_16_point
r.json.split
f.write
_remove_chars
_patch_greek
create_standard_json_from_metno
max_line.replace.replace
globals.BASH_FUNCTION_FILE.open.read
view.moon.get_moon
first.split.split
gevent.subprocess.Popen
self._log_visit
jinja2.ChoiceLoader
to_description
range
f_missing_translation.write
get_geodata
PIL.Image.new
args.items
geopy.geocoders.Nominatim.geocode
gevent.threadpool.ThreadPool
ip_addr.encode.encode
names.append
_read_from_file
datetime.datetime.fromisoformat
text.startswith
_country_name_workaround
output.rstrip.replace
first.split.strip
_parse_language_header.startswith
hashlib.sha1
text.split
_ipcache
font.get
m.group
join
requests.get.encode
already_seen.append
parse_query.serialize
parse_query.metric_or_imperial
_load_emojilib.get
metno.create_standard_json_from_metno
geopy.geocoders.Nominatim
scipy.interpolate.interp1d
add_translations
current_day_gmt.astimezone.time
part.split
globals.remove_ansi
COUNTRY_MAP.get
parsed_query.get.lower
globals.remove_ansi.append
output.append
_read_from_file.startswith
_get_opengraph
format_weather_data
sys.stdout.write
_sun
term.strip
flask.make_response
orig.strip.lower
query_string.split.startswith
weather_data.get_weather_data.get
query_string.split
RuntimeError
dateutil.parser.parse
_geoip
translations.get_message
astral.sun.dusk
parse_query
hour.replace
_ipcachewrite
parse_query.deserialize.get
translate
lang.TRANSLATIONS.get.get
data.get.get
parsed_query.json.dumps.encode.zlib.compress.base64.b64encode.decode
orig.strip.strip
geoip2.database.Reader.city
datetime.timedelta
_convert_time_to_minutes
file.write
cache.get
enumerate
_location_canonical_name
x.current_sun.replace
accept_language.split
_WWO_KEY_FILE.open.read.strip
_find_supported_language
view.line.wttr_line
flask.send_file
sys.path.insert
parse_query.parse_query
weather_data.get_weather_data
_cyclic_location_selection.startswith
emoji.is_emoji
_color_mapping
any
reload
image.convert.paste
datetime.datetime.fromisoformat.astimezone
stream.getvalue.decode
translations.SUPPORTED_LANGS.len.str.text.replace.replace
get_output_format
parse_query.parse_query.startswith
globals.DEFAULT_LOCATION.capitalize
view.v3.v3_file
pytz.timezone
location.is_location_blocked
diagram.DOption
random.randrange
constants.WEATHER_SYMBOL.get
cache.get_signature
geoip2.database.Reader
location.lstrip.split
flask.send_from_directory
flask.Flask.test_client
load_translations.get
location.replace.upper
os.path.join
hashlib.md5
constants.WEATHER_SYMBOL_WIDTH_VTE.get
add_frame
group_hours_to_days
f_cache.write
location.lower.replace.replace.strip
request.headers.getlist
_response
draw_diagram
re.search
int
datetime.datetime.utcnow
logging.info
_is_metno
pyte.Stream
is_testmode
hourlies.replace
astral.sun.sunset
_load_iata_codes
parse_request.update
self._limit_exceeded
show_text_file
_colorize
lang.get_help_file.open.read
zlib.decompress
weather_data.get_weather_data.items
stderr.decode.decode
os.makedirs
name.lower
_parse_language_header.lower
cyrtranslit.to_cyrillic
string.encode
socket.gethostbyname
flask.render_template
os.environ.get
self._report_excessive_visits
time.time
line_len
_strip_buf
image.convert.putdata
PIL.ImageDraw.Draw
os.path.abspath
draw_time
all
re.sub.replace
add_timezone_information.copy
max
_count_runes
pyte.Stream.feed
_cyclic_location_selection.lower
items
_IP2LOCATION_KEY_FILE.open.read

@developer
Could please help me check this issue?
May I pull a request to fix it?
Thank you very much.
@chubin
Copy link
Owner

chubin commented Oct 23, 2022

Yes, feel free to fix it

PyDeps added a commit to PyDeps/wttr.in that referenced this issue Oct 26, 2022
@PyDeps
Update requirements.txt
9383fc8 
Fix issue chubin#765 by change dependency **python-dateutil** version constraint to **>=2.5.0,<=2.6.1**.
@PyDeps PyDeps mentioned this issue Oct 26, 2022
Open
@PyDeps PyDeps mentioned this issue Mar 30, 2023
Merged
@a2937
Copy link

a2937 commented Oct 20, 2023

Hello. Are you accepting pull requests for this issue?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@chubin @a2937 @PyDeps