Skip to content

Runs cargo update [ci full]#4407

Merged
tarikeshaq merged 3 commits intomainfrom
fix-sec-dep
Aug 24, 2021
Merged

Runs cargo update [ci full]#4407
tarikeshaq merged 3 commits intomainfrom
fix-sec-dep

Conversation

@tarikeshaq
Copy link
Copy Markdown
Contributor

@tarikeshaq tarikeshaq commented Aug 24, 2021

Our CI for dependencies was failing on an openssl security vulnerability. We do not use openssl except for tests (it's pulled in by reqwest, which is pulled in by viaduct_reqwest that is only ever used in tests)

Ran cargo update to get the versions not affected, and get CI to pass.

ref on the vulnerabilities:

Here's ci failing: https://app.circleci.com/pipelines/github/mozilla/application-services/28022/workflows/0561703c-b69e-4985-ab91-d2d0f7d42f95/jobs/112849

@tarikeshaq tarikeshaq requested a review from a team August 24, 2021 18:43
@codecov-commenter
Copy link
Copy Markdown

codecov-commenter commented Aug 24, 2021
edited
Loading

Codecov Report

Merging #4407 (36eb5ea) into main (d8920cc) will not change coverage.
The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff           @@
##             main    #4407   +/-   ##
=======================================
  Coverage   76.00%   76.00%           
=======================================
  Files          46       46           
  Lines        4193     4193           
=======================================
  Hits         3187     3187           
  Misses       1006     1006

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update d8920cc...36eb5ea. Read the comment docs.

@tarikeshaq tarikeshaq mentioned this pull request Aug 24, 2021
Merged
4 tasks
@tarikeshaq
Copy link
Copy Markdown
Contributor Author

tarikeshaq commented Aug 24, 2021

Looks like taskcluster builds were failing https://firefox-ci-tc.services.mozilla.com/tasks/HrllhdAzSvqRA3Wr1DyIRw/runs/0/logs/public/logs/live.log

I think it's because they were running in python2 instead of python3, the python interpreter couldn't recognize the f"string {value}", so that was my quick guess. In response, I changed the shebang to be #!/usr/bin/env python3

The reason the builds didn't fail with #4394 (that introduced the python3 support) is because that PR didn't run [ci full] - and thus didn't run the taskcluster builds

skhamis
skhamis approved these changes Aug 24, 2021
View reviewed changes
Copy link
Copy Markdown
Contributor

@skhamis skhamis left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Makes sense and LGTM! Nice catch 🚀

Edit: FTR, I did try look at any other places we still might be using python2 and could only find

application-services/.circleci/config.yml

Line 106 in e1abe5a

- run: sudo apt-get install python tcl
which seems find as it's just installing stuffs

@tarikeshaq tarikeshaq merged commit fe9870b into main Aug 24, 2021
@tarikeshaq tarikeshaq deleted the fix-sec-dep branch August 24, 2021 21:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@skhamis skhamis skhamis approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@tarikeshaq @codecov-commenter @skhamis