Vendor new safety (pypa#5217)

* Vendor safety==2.1.1 cleanly with ruamel.

* Apply more minimal patch to safety.

pipenv/patched/patched.txt

@@ -1,3 +1,3 @@
 pip==22.2.1
 pipfile==0.0.2
-safety==1.10.3
+safety==2.1.1

pipenv/patched/safety/VERSION

@@ -0,0 +1 @@
+2.1.1

pipenv/patched/safety/__init__.py

@@ -2,4 +2,10 @@
 
 __author__ = """pyup.io"""
 __email__ = 'support@pyup.io'
-__version__ = '1.10.3'
+
+import os
+
+ROOT = os.path.dirname(os.path.abspath(__file__))
+
+with open(os.path.join(ROOT, 'VERSION')) as version_file:
+    VERSION = version_file.read().strip()

pipenv/patched/safety/__main__.py

@@ -1,48 +1,8 @@
 """Allow safety to be executable through `python -m safety`."""
 from __future__ import absolute_import
 
-import os
-import sys
-import sysconfig
-
-
-PATCHED_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
-PIPENV_DIR = os.path.dirname(PATCHED_DIR)
-VENDORED_DIR = os.path.join("PIPENV_DIR", "vendor")
-
-
-def get_site_packages():
-    prefixes = {sys.prefix, sysconfig.get_config_var('prefix')}
-    try:
-        prefixes.add(sys.real_prefix)
-    except AttributeError:
-        pass
-    form = sysconfig.get_path('purelib', expand=False)
-    py_version_short = '{0[0]}.{0[1]}'.format(sys.version_info)
-    return {
-        form.format(base=prefix, py_version_short=py_version_short)
-        for prefix in prefixes
-    }
-
-
-def insert_before_site_packages(*paths):
-    site_packages = get_site_packages()
-    index = None
-    for i, path in enumerate(sys.path):
-        if path in site_packages:
-            index = i
-            break
-    if index is None:
-        sys.path += list(paths)
-    else:
-        sys.path = sys.path[:index] + list(paths) + sys.path[index:]
-
-
-def insert_pipenv_dirs():
-    insert_before_site_packages(os.path.dirname(PIPENV_DIR), PATCHED_DIR, VENDORED_DIR)
+from pipenv.patched.safety.cli import cli
 
 
 if __name__ == "__main__":  # pragma: no cover
-    insert_pipenv_dirs()
-    from pipenv.patched.safety.cli import cli
     cli(prog_name="safety")

pipenv/patched/safety/constants.py

@@ -2,21 +2,37 @@
 import os
 
 OPEN_MIRRORS = [
-    "https://raw.githubusercontent.com/pyupio/safety-db/master/data/",
+    "https://pyup.io/aws/safety/free/",
 ]
 
+API_VERSION = 'v1/'
+SAFETY_ENDPOINT = 'safety/'
+API_BASE_URL = 'https://pyup.io/api/' + API_VERSION + SAFETY_ENDPOINT
+
 API_MIRRORS = [
-    "https://pyup.io/api/v1/safety/"
+    API_BASE_URL
 ]
 
 REQUEST_TIMEOUT = 5
 
-CACHE_VALID_SECONDS = 60 * 60 * 2  # 2 hours
-
-CACHE_LICENSES_VALID_SECONDS = 60 * 60 * 24 * 7  # one week
-
 CACHE_FILE = os.path.join(
     os.path.expanduser("~"),
     ".safety",
     "cache.json"
 )
+
+# Colors
+YELLOW = 'yellow'
+RED = 'red'
+GREEN = 'green'
+
+
+# Exit codes
+EXIT_CODE_OK = 0
+EXIT_CODE_FAILURE = 1
+EXIT_CODE_VULNERABILITIES_FOUND = 64
+EXIT_CODE_INVALID_API_KEY = 65
+EXIT_CODE_TOO_MANY_REQUESTS = 66
+EXIT_CODE_UNABLE_TO_LOAD_LOCAL_VULNERABILITY_DB = 67
+EXIT_CODE_UNABLE_TO_FETCH_VULNERABILITY_DB = 68
+EXIT_CODE_MALFORMED_DB = 69

pipenv/patched/safety/errors.py

@@ -1,14 +1,106 @@
-class DatabaseFetchError(Exception):
-    pass
+from pipenv.patched.safety.constants import EXIT_CODE_FAILURE, EXIT_CODE_INVALID_API_KEY, EXIT_CODE_TOO_MANY_REQUESTS, \
+    EXIT_CODE_UNABLE_TO_FETCH_VULNERABILITY_DB, EXIT_CODE_UNABLE_TO_LOAD_LOCAL_VULNERABILITY_DB, EXIT_CODE_MALFORMED_DB
+
+
+class SafetyException(Exception):
+
+    def __init__(self, message="Unhandled exception happened: {info}", info=""):
+        self.message = message.format(info=info)
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_FAILURE
+
+
+class SafetyError(Exception):
+
+    def __init__(self, message="Unhandled Safety generic error"):
+        self.message = message
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_FAILURE
+
+
+class MalformedDatabase(SafetyError):
+
+    def __init__(self, reason=None, fetched_from="server",
+                 message="Sorry, something went wrong.\n" +
+                         "Safety CLI can not read the data fetched from {fetched_from} because is malformed.\n"):
+        info = "Reason, {reason}".format(reason=reason)
+        self.message = message.format(fetched_from=fetched_from) + (info if reason else "")
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_MALFORMED_DB
+
+
+class DatabaseFetchError(SafetyError):
+
+    def __init__(self, message="Unable to load vulnerability database"):
+        self.message = message
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_UNABLE_TO_FETCH_VULNERABILITY_DB
 
 
 class DatabaseFileNotFoundError(DatabaseFetchError):
-    pass
+
+    def __init__(self, db=None, message="Unable to find vulnerability database in {db}"):
+        self.db = db
+        self.message = message.format(db=db)
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_UNABLE_TO_LOAD_LOCAL_VULNERABILITY_DB
 
 
 class InvalidKeyError(DatabaseFetchError):
-    pass
+
+    def __init__(self, key=None, message="Your API Key '{key}' is invalid. See {link}.", reason=None):
+        self.key = key
+        self.link = 'https://bit.ly/3OY2wEI'
+        self.message = message.format(key=key, link=self.link) if key else message
+        info = f" Reason: {reason}"
+        self.message = self.message + (info if reason else "")
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_INVALID_API_KEY
 
 
 class TooManyRequestsError(DatabaseFetchError):
-    pass
+
+    def __init__(self, reason=None,
+                 message="Too many requests."):
+        info = f" Reason: {reason}"
+        self.message = message + (info if reason else "")
+        super().__init__(self.message)
+
+    def get_exit_code(self):
+        return EXIT_CODE_TOO_MANY_REQUESTS
+
+
+class NetworkConnectionError(DatabaseFetchError):
+
+    def __init__(self, message="Check your network connection, unable to reach the server."):
+        self.message = message
+        super().__init__(self.message)
+
+
+class RequestTimeoutError(DatabaseFetchError):
+
+    def __init__(self, message="Check your network connection, the request timed out."):
+        self.message = message
+        super().__init__(self.message)
+
+
+class ServerError(DatabaseFetchError):
+
+    def __init__(self, reason=None,
+                 message="Sorry, something went wrong.\n" + "Safety CLI can not connect to the server.\n" +
+                         "Our engineers are working quickly to resolve the issue."):
+        info = f" Reason: {reason}"
+        self.message = message + (info if reason else "")
+        super().__init__(self.message)