Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

update djangorestframework to 3.9.1 #4488

Merged
merged 1 commit into from Jul 3, 2019

Conversation

Projects
None yet
3 participants
@thelostone-mc
Copy link
Member

commented May 26, 2019

Description

Github reported on our repo stating current version of djangorestframework has vulnerabilities and deems an update to 3.9.1

release notes are captured here :
https://www.django-rest-framework.org/community/release-notes/#391

Installing
  • Rebuilt docker image with the updated django-restframework as shown HERE
Flows Tested
  • Bounty Flow (Create + Submit + Normal Payout )
  • Grant Flow ( Create + Fund + Delete )
  • Kudos Flow (Send)
  • Tip (Send + Recieve )
  • API endpoints render in browser django-rest framework without any issues as shown HERE

Note: grant fund recurring failed once but passed the second time when I tried it

closes #4504

@thelostone-mc thelostone-mc requested a review from gitcoinco/engineers May 26, 2019

@codecov

This comment has been minimized.

Copy link

commented May 26, 2019

Codecov Report

Merging #4488 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #4488   +/-   ##
=======================================
  Coverage   30.08%   30.08%           
=======================================
  Files         209      209           
  Lines       16850    16850           
  Branches     2267     2267           
=======================================
  Hits         5070     5070           
  Misses      11582    11582           
  Partials      198      198

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5697255...c4584f8. Read the comment docs.

@codecov

This comment has been minimized.

Copy link

commented May 26, 2019

Codecov Report

Merging #4488 into master will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##           master    #4488   +/-   ##
=======================================
  Coverage   30.41%   30.41%           
=======================================
  Files         216      216           
  Lines       17223    17223           
  Branches     2332     2332           
=======================================
  Hits         5239     5239           
  Misses      11776    11776           
  Partials      208      208

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 5a4f4e5...c83516a. Read the comment docs.

@danlipert
Copy link
Collaborator

left a comment

How was this tested, and what version are we currently using in production? I see there are some backwards incompatibility notes in the DRF changelog

@SaptakS

This comment has been minimized.

Copy link
Contributor

commented May 27, 2019

I have the same concerns as @danlipert. I was looking to upgrade this for some time, but the changelog had a lot of changes. Especially since right now we are using 3.8.2 and this is 3.9.1. That's an entire release jump.

@thelostone-mc

This comment has been minimized.

Copy link
Member Author

commented May 27, 2019

Ah this should have been a WIP PR !
I haven't tested this bit out

@thelostone-mc thelostone-mc changed the title update djangorestframework to 3.9.1 [WIP] update djangorestframework to 3.9.1 May 27, 2019

@thelostone-mc thelostone-mc force-pushed the thelostone-mc:fix branch from c4584f8 to 6b788f6 May 29, 2019

@thelostone-mc thelostone-mc force-pushed the thelostone-mc:fix branch from 6b788f6 to c83516a Jun 29, 2019

@thelostone-mc thelostone-mc requested review from danlipert and octavioamu Jun 29, 2019

@thelostone-mc thelostone-mc self-assigned this Jun 29, 2019

@thelostone-mc thelostone-mc changed the title [WIP] update djangorestframework to 3.9.1 update djangorestframework to 3.9.1 Jun 29, 2019

@thelostone-mc thelostone-mc merged commit 15d9410 into gitcoinco:master Jul 3, 2019

3 checks passed

codecov/patch Coverage not affected when comparing 5a4f4e5...c83516a
Details
codecov/project 30.41% remains the same compared to 5a4f4e5
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

@thelostone-mc thelostone-mc deleted the thelostone-mc:fix branch Jul 4, 2019

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.