Skip to content

/ saltfs

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Upgrade to requests v2.20.0 #912

Merged
merged 2 commits into from Nov 7, 2018
Merged

Upgrade to requests v2.20.0 #912

merged 2 commits into from Nov 7, 2018

Conversation

@asajeffrey
Copy link
Member

asajeffrey commented Nov 6, 2018
edited by larsbergstrom

Hopefully clears up the build errors such as https://travis-ci.org/servo/saltfs/jobs/451570788#L3606

[ FAIL ] Insecure Python packages installed in Homu env:
         ╒══════════════════════════════════════════════════════════════════════════════╕
         │                                                                              │
         │                               /$$$$$$            /$$                         │
         │                              /$$__  $$          | $$                         │
         │           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$           │
         │          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$           │
         │         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$           │
         │          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$           │
         │          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$           │
         │         |_______/  \_______/|__/     \_______/   \___/   \____  $$           │
         │                                                          /$$  | $$           │
         │                                                         |  $$$$$$/           │
         │  by pyup.io                                              \______/            │
         │                                                                              │
         ╞══════════════════════════════════════════════════════════════════════════════╡
         │ REPORT                                                                       │
         ╞════════════════════════════╤═══════════╤══════════════════════════╤══════════╡
         │ package                    │ installed │ affected                 │ ID       │
         ╞════════════════════════════╧═══════════╧══════════════════════════╧══════════╡
         │ requests                   │ 2.14.2    │ <2.19.1                  │ 36546    │
         ╞══════════════════════════════════════════════════════════════════════════════╡
         │ The Requests package before 2.19.1 sends an HTTP Authorization header to an  │
         │ http URI upon receiving a same-hostname https-to-http redirect, which makes  │
         │ it easier for remote attackers to discover credentials by sniffing the netwo │
         │ rk.                                                                          │
         ╘══════════════════════════════════════════════════════════════════════════════╛

This change is Reviewable
@asajeffrey
Upgrade to requests v2.20.0
Loading status checks…
6470c2c
@asajeffrey asajeffrey mentioned this pull request Nov 6, 2018
Merged
@asajeffrey asajeffrey force-pushed the asajeffrey:requestsup branch 3 times, most recently from ca40f01 to e613de7 Nov 7, 2018
@asajeffrey
Use the system virtualenv on travis, rather than one installed by salt
Loading status checks…
54807ab
@asajeffrey asajeffrey force-pushed the asajeffrey:requestsup branch from e613de7 to 54807ab Nov 7, 2018
@asajeffrey
Copy link
Member Author

asajeffrey commented Nov 7, 2018

To get this to pass CI on travis I removed the line:

salt_call --retcode-passthrough state.sls python

from .travis/dispatch.sh, and installed a python3 virtualenv.

Without this, we were getting errors on master:

----------
          ID: virtualenv
    Function: pip.installed
      Result: False
     Comment: An importable Python 2 pip module is required but could not be found on your system. This usually means that the system's pip package is not installed properly.
     Started: 02:50:55.960124
    Duration: 533.074 ms
     Changes:   
Summary for local
------------
Succeeded: 4
Failed:    1
------------

e.g. https://travis-ci.org/servo/saltfs/jobs/451681870
@jdm
Copy link
Member

jdm commented Nov 7, 2018

@bors-servo r+
@bors-servo
Copy link
Contributor

bors-servo commented Nov 7, 2018

📌 Commit 54807ab has been approved by jdm
@jdm
Copy link
Member

jdm commented Nov 7, 2018

@bors-servo r-
@jdm
Copy link
Member

jdm commented Nov 7, 2018

@bors-servo r+
@bors-servo
Copy link
Contributor

bors-servo commented Nov 7, 2018

📌 Commit 54807ab has been approved by jdm
@bors-servo
Copy link
Contributor

bors-servo commented Nov 7, 2018

Testing commit 54807ab with merge 67b2634...
bors-servo added a commit that referenced this pull request Nov 7, 2018
@bors-servo
Auto merge of #912 - asajeffrey:requestsup, r=jdm
Verified
This commit was created on GitHub.com and signed with a verified signature using GitHub’s key.
GPG key ID: 4AEE18F83AFDEB23 Learn about signing commits
Loading status checks…
67b2634 
Upgrade to requests v2.20.0

Hopefully clears up the build errors such as https://travis-ci.org/servo/saltfs/jobs/451570788#L3606
```
[ FAIL ] Insecure Python packages installed in Homu env:
         ╒══════════════════════════════════════════════════════════════════════════════╕
         │                                                                              │
         │                               /$$$$$$            /$$                         │
         │                              /$$__  $$          | $$                         │
         │           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$           │
         │          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$           │
         │         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$           │
         │          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$           │
         │          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$           │
         │         |_______/  \_______/|__/     \_______/   \___/   \____  $$           │
         │                                                          /$$  | $$           │
         │                                                         |  $$$$$$/           │
         │  by pyup.io                                              \______/            │
         │                                                                              │
         ╞══════════════════════════════════════════════════════════════════════════════╡
         │ REPORT                                                                       │
         ╞════════════════════════════╤═══════════╤══════════════════════════╤══════════╡
         │ package                    │ installed │ affected                 │ ID       │
         ╞════════════════════════════╧═══════════╧══════════════════════════╧══════════╡
         │ requests                   │ 2.14.2    │ <2.19.1                  │ 36546    │
         ╞══════════════════════════════════════════════════════════════════════════════╡
         │ The Requests package before 2.19.1 sends an HTTP Authorization header to an  │
         │ http URI upon receiving a same-hostname https-to-http redirect, which makes  │
         │ it easier for remote attackers to discover credentials by sniffing the netwo │
         │ rk.                                                                          │
         ╘══════════════════════════════════════════════════════════════════════════════╛
```

<!-- Reviewable:start -->
---
This change is [<img src="https://reviewable.io/review_button.svg" height="34" align="absmiddle" alt="Reviewable"/>](https://reviewable.io/reviews/servo/saltfs/912)
<!-- Reviewable:end -->
@bors-servo
Copy link
Contributor

bors-servo commented Nov 7, 2018

☀️ Test successful - status-travis
Approved by: jdm
Pushing 67b2634 to master...
@bors-servo bors-servo merged commit 54807ab into servo:master Nov 7, 2018
2 checks passed
2 checks passed
continuous-integration/travis-ci/pr The Travis CI build passed
Details
homu Test successful
Details
@jdm jdm removed the S-needs-deploy label Nov 8, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@jdm jdm

Labels
None yet
Projects
None yet
Milestone
No milestone
Linked issues

Successfully merging this pull request may close these issues.

None yet

4 participants
@asajeffrey @jdm @bors-servo @highfive
You can’t perform that action at this time.