Merge pull request #162 from rycus86/snyk-fix-f8af0331244e9932bdfe27b…

…73dc071f2 [Snyk] Security upgrade werkzeug from 2.2.3 to 3.0.1
rycus86 · Oct 26, 2023 · 9e20f3f · 9e20f3f
2 parents 2172404 + 447ba87
commit 9e20f3f
Show file tree

Hide file tree

Showing 8 changed files with 21 additions and 17 deletions.
diff --git a/.github/workflows/test-and-publish.yml b/.github/workflows/test-and-publish.yml
@@ -10,11 +10,11 @@ jobs:
       fail-fast: false
       matrix:
         python-version:
-          - '3.7'
           - '3.8'
           - '3.9'
           - '3.10'
           - '3.11'
+          - '3.12'
     steps:
       - uses: actions/checkout@v3
       - name: Set up Python ${{ matrix.python-version }}

diff --git a/README.md b/README.md
@@ -24,7 +24,7 @@ or paste it into requirements.txt:
 prometheus-flask-exporter
 
 # or with specific version number
-prometheus-flask-exporter==0.22.4
+prometheus-flask-exporter==0.23.0
 ```
 and then install dependencies from requirements.txt file as usual:
 ```

diff --git a/examples/wsgi/Dockerfile b/examples/wsgi/Dockerfile
@@ -2,15 +2,19 @@ FROM httpd
 
 RUN apt-get update \
     && apt-get install --no-install-recommends -y \
-        python3 python3-dev python3-setuptools python3-pip \
-        libapr1-dev libaprutil1-dev gcc \
-    && pip install mod_wsgi
+        python3 python3-dev python3-pip python3-venv \
+        libapr1-dev libaprutil1-dev gcc
 
-ADD examples/wsgi/requirements.txt /tmp/requirements.txt
-RUN pip install -r /tmp/requirements.txt
+WORKDIR /usr/local/apache2
 
+ADD examples/wsgi/requirements.txt /tmp/requirements.txt
 ADD . /tmp/latest
-RUN pip install -e /tmp/latest --upgrade
+
+RUN python3 -m venv venv \
+    && . venv/bin/activate \
+    && pip install mod_wsgi \
+    && pip install -r /tmp/requirements.txt \
+    && pip install -e /tmp/latest --upgrade
 
 ADD examples/wsgi/httpd.conf /usr/local/apache2/conf/httpd.conf
 ADD examples/wsgi/app.py examples/wsgi/wsgi.py /var/flask/
diff --git a/examples/wsgi/httpd.conf b/examples/wsgi/httpd.conf
@@ -546,8 +546,8 @@ SSLRandomSeed startup builtin
 SSLRandomSeed connect builtin
 </IfModule>
 
-LoadModule wsgi_module "/usr/local/lib/python3.9/dist-packages/mod_wsgi/server/mod_wsgi-py39.cpython-39-x86_64-linux-gnu.so"
-WSGIPythonHome "/usr"
+LoadModule wsgi_module "/usr/local/apache2/venv/lib/python3.11/site-packages/mod_wsgi/server/mod_wsgi-py311.cpython-311-x86_64-linux-gnu.so"
+WSGIPythonHome "/usr/local/apache2/venv"
 
 WSGISocketPrefix /var/run/wsgi
 

diff --git a/examples/wsgi/run_tests.sh b/examples/wsgi/run_tests.sh
@@ -8,13 +8,13 @@ _fail() {
     exit 1
 }
 
-docker build -f Dockerfile -t wsgi-sample ../../. > /dev/null || _fail
+docker build --platform linux/amd64 -f Dockerfile -t wsgi-sample ../../. > /dev/null || _fail
 docker run -d --name wsgi-sample -p 8889:80 wsgi-sample > /dev/null || _fail
 
 echo 'Waiting for the server to start...'
 
 for _ in $(seq 1 10); do
-    if curl -fs http://localhost:8889/ping > /dev/null; then
+    if curl --max-time 1 -fs http://localhost:8889/ping > /dev/null; then
         break
     else
         sleep 0.2

diff --git a/prometheus_flask_exporter/__init__.py b/prometheus_flask_exporter/__init__.py
@@ -1024,4 +1024,4 @@ def _make_response(response):
         return _make_response
 
 
-__version__ = '0.22.4'
+__version__ = '0.23.0'
diff --git a/requirements.txt b/requirements.txt
@@ -1,3 +1,3 @@
 flask
 prometheus_client
-werkzeug>=2.2.3 # not directly required, pinned by Snyk to avoid a vulnerability
+werkzeug>=3.0.1 # not directly required, pinned by Snyk to avoid a vulnerability
diff --git a/setup.py b/setup.py
@@ -6,15 +6,15 @@
 setup(
     name='prometheus_flask_exporter',
     packages=['prometheus_flask_exporter'],
-    version='0.22.4',
+    version='0.23.0',
     description='Prometheus metrics exporter for Flask',
     long_description=long_description,
     long_description_content_type='text/markdown',
     license='MIT',
     author='Viktor Adam',
     author_email='rycus86@gmail.com',
     url='https://github.com/rycus86/prometheus_flask_exporter',
-    download_url='https://github.com/rycus86/prometheus_flask_exporter/archive/0.22.4.tar.gz',
+    download_url='https://github.com/rycus86/prometheus_flask_exporter/archive/0.23.0.tar.gz',
     keywords=['prometheus', 'flask', 'monitoring', 'exporter'],
     classifiers=[
         'Development Status :: 4 - Beta',
@@ -23,11 +23,11 @@
         'Topic :: System :: Monitoring',
         'License :: OSI Approved :: MIT License',
         'Programming Language :: Python :: 3',
-        'Programming Language :: Python :: 3.7',
         'Programming Language :: Python :: 3.8',
         'Programming Language :: Python :: 3.9',
         'Programming Language :: Python :: 3.10',
         'Programming Language :: Python :: 3.11',
+        'Programming Language :: Python :: 3.12',
     ],
     install_requires=['prometheus_client', 'flask'],
 )