Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Compatibility with newest Python, Terraform versions + new features #103

Open
wants to merge 160 commits into
base: master
Choose a base branch
from
Open

Compatibility with newest Python, Terraform versions + new features #103

wants to merge 160 commits into from

Conversation

Ianyliu
Copy link

@Ianyliu Ianyliu commented Aug 16, 2022
edited
Loading

I've been working on the improvements of this tool as a Cisco Technical Intern this summer.

Here are some of the major changes I've made:

  • Add compatibility with recent versions of Terraform, Python, and Python packages
  • Allow Blast Radius to run independent of any Terraform file/folder/installation. Just simply provide a DOT script (file upload/text input)
  • New functionality (on app)
    • Tabs. This enables infrastructure comparison from different Terraform plans from different people.
    • Print graph. Allows users to print graph directly. (TODO: Doesn't work all the time)
    • Upload DOT files to generate graphs. Upload .txt files with DOT script (copy and past terraform graph output into a text file.
    • Text input for DOT script.
  • UI enhancements. Updated color scheme to more closely follow the 60-30-10 rule.
  • Added an example for running Blast Radius on AWS EC2 via Terraform
  • Added an example for running Blast Radius on Kubernetes
  • Added 3 example DOT files in examples/ folder to test out the newest features I've added
  • Better error handling to notify user of the problem
  • Create new Docker repo
  • Updated Dockerfile and Docker image to implement aforementioned functionality and features.
  • Update Docker image to include multi-cpu architecture (ARM, AMD, etc.)
  • Updated README.md to include more information
  • Other changes: I've spend quite some time looking across different forks and pull requests from others like gruberdev, AshleyHollis, etc. to merge changes (haven't finished). Some them include, switching to pyhcl2, adding Terratests to Dockerfile, PowerShell scripts that run Blast Radius on Docker, allowing Blast Radius to run even if JSON data couldn't be parsed, etc.

You can test out my Docker image at https://hub.docker.com/repository/docker/ianyliu/blast-radius-fork/

Ianyliu and others added 30 commits August 8, 2022 17:40
@Ianyliu
Commit all previous changes from previous repository
30da508 
In my previous repo, I accidentally committed the API_KEY and access key. I decided to delete the repository and start anew.
@Ianyliu
Update comments and variables in blast-radius-aws.tf
10bdad3
@Ianyliu
Allow Blast Radius to handle remote Terraform modules
40bfb03 
According to Terraform, "A module is a container for multiple resources that are used together.... The .tf files in your working directory when you run terraform plan or terraform apply together form the root module. "

Since Terraform must be init-ed before using, it can be assumed that the remote modules have been downloaded to .terraform/modules. If the filepath joined by Terraform.directory and "source" variable does not exist, we look for remote modules instead.
@Ianyliu
Improve Error Handling & Allow Blast Radius Viewer to be Accessed Eve…
84ed47a 
…n If JSON Data Loading Failed

If the JSON data could not be parsed, then error messages will notify the user instead of silently failing.

In addition, if there was an error loading JSON data, the viewer can still be accessed. (The graph will still be there but the JSON data and some of the mouse events + colorization will be absent.
@Ianyliu
Remove console.logs
903bbdb
@Ianyliu
Add an alert to navbar on server failure
724c33f 
This commit was retrieved from Jrc356 at 28mm@74ba708
@Ianyliu
Include package data when setup.py is run during installation processes
304ff63 
Commit from Jrc356 at 28mm@706a377
@Ianyliu
Add JS variables and documentation
ce4ac67
@Ianyliu
Update requirements.txt
6e16c57 
Based on changes by obourdon at 28mm@3c27bda
@Ianyliu
Update Dockerfile to update packages in container
948dac8
@Ianyliu
Simplify code
8176bd0
@Ianyliu
Add Terratests to Dockerfile
028ee36 
Terratests are a way to automate testing for your infrastructure code. See https://terratest.gruntwork.io/ for more information.

This is an original commit by gruberdev
28mm@353045a
@Ianyliu
Provide doc fix support
0d3631b 
Merges commmit by gruberdev at 28mm@246eb35
@Ianyliu
Ignore .vscode configuration folders
cba20cd
@Ianyliu
Update documentation for hcl2 instead of pyhcl
4308ac6
@Ianyliu
Add compatibility with collections library regardless of Python version
b0bad3a 
According to Python3 documentation for collections module (https://docs.python.org/3.7/library/collections.html):
"Changed in version 3.3: Moved Collections Abstract Base Classes to the collections.abc module. For backwards compatibility, they continue to be visible in this module through Python 3.7. Subsequently, they will be removed entirely."
@dependabot
Bump jinja2 from 2.10.1 to 2.11.3
f458970 
Bumps [jinja2](https://github.com/pallets/jinja) from 2.10.1 to 2.11.3.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@2.10.1...2.11.3)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@Ianyliu
Create codeql-analysis.yml
a208749
@Ianyliu
Merge pull request #1 from Ianyliu/dependabot/pip/jinja2-2.11.3
6b2b3dc 
Bump jinja2 from 2.10.1 to 2.11.3
@Ianyliu
Updated README.md
8b20178
@Ianyliu
Allow print function to be used in even in Python 2
ddbed77
@Ianyliu
Add Docker Build and Run PowerShell Scripts
933492d 
Merged commit from AshleyHollis at

nishubharti@2bd233d
@Ianyliu
Updated index.html
de86130
@Ianyliu
Update Docker Run PowerShell Script
b326b4e
@Ianyliu
Update Docker Build PowerShell Command to Use BuildX
4f4bfa9 
BuildX is a Docker service that allows users to build Docker images for multi-cpu architectures (ARM, AMD64, etc.).
@Ianyliu
Allow Users to Run Docker Container using BASH Script
c87c952 
The purpose of adding a BASH script for running the Docker containers is to
1. Reduce complexity to run Docker containers (lots of flags and parameters omitted)
2. Allow users to add alias(es) so they can run Blast Radius as if there were no container (```blast-radius --serve```)
@Ianyliu
Update PowerShell Script to Avoid Build Error
41f1702 
Moving the PowerShell Script to the PowerShell folder means the Dockerfile is no longer in the same relative location, so I updated it to refer back to the parent directory.
@Ianyliu
Remove comments
38b3a70
@Ianyliu
Fix Flask Installation Error
01c83fa
@Ianyliu
Resolve pip Installation Error
c473926 
The conflict was caused by:
blastradius 0.1.25 depends on Jinja2==2.11.3
flask 2.1.2 depends on Jinja2>=3.0
@rquadling
Copy link

My first attempt at using BlastRadius led me to #93, which led me to here.

I'm on an M1 MacBook and when I run the docker run command, I get:

$ docker run --rm -it -p 5000:5000 -v $(pwd):/data:ro --security-opt apparmor:unconfined --cap-add=SYS_ADMIN  ianyliu/blast-radius-fork
Initializing modules...

Initializing the backend...
╷
│ Error: Backend configuration changed
│ 
│ A change in the backend configuration has been detected, which may require migrating existing state.
│ 
│ If you wish to attempt automatic migration of the state, use "terraform init -migrate-state".
│ If you wish to store the current configuration with no changes to the state, use "terraform init -reconfigure".
╵

This is run immediately after running the necessary commands to initialise and plan Terraform.

I've got a plan summary script to help reduce the volume of "stuff" produced by Terraform.

[snipped and cleaned]

Plan: 11 to add, 7 to change, 7 to destroy.

Changes to Outputs:
  ~ shared_rds_route_53                    = {
      ~ postgresql_16_1_serverless = {
          ~ compute = {
              + rds_read_only_proxy  = "rds-postgresql-16-1-serverless-ro-proxy.***.aws"
              + rds_read_write_proxy = "rds-postgresql-16-1-serverless-proxy.***.aws"
                # (2 unchanged attributes hidden)
            }
          ~ devops  = {
              + rds_read_only_proxy  = "rds-postgresql-16-1-serverless-ro-proxy.***.aws"
              + rds_read_write_proxy = "rds-postgresql-16-1-serverless-proxy.***.aws"
                # (2 unchanged attributes hidden)
            }
        }
        # (1 unchanged attribute hidden)
    }

─────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────────


Saved the plan to: terraform.tfplan

To perform exactly these actions, run the following command to apply:
    terraform apply "terraform.tfplan"

Plan Summary
============

Resource address                                                                                       Read  Deleted  Created  Updated  Trigger
----------------                                                                                       ----  -------  -------  -------  -------
aws_db_proxy_default_target_group.rds_proxy_target_group                                                        *                        
aws_db_proxy_endpoint.rds_proxy_read_only_endpoint                                                              *                        
aws_db_proxy_target.rds_proxy_target                                                                            *                        
aws_iam_policy.rds_proxy_policy                                                                                 *                        
aws_iam_role.rds_proxy_role                                                                                     *                        
aws_iam_role_policy_attachment.rds_proxy_role_policy_attachment                                                 *                        
aws_route53_record.compute_r53_store_rds_proxy_read_only                                                                          *      
aws_route53_record.compute_store_rds_proxy_read_only                                                                              *      
aws_route53_record.devops_r53_store_rds_proxy_read_only                                                                           *      
aws_secretsmanager_secret.proxy_credentials                                                                     *                        
module.cloudfront_invalidation.aws_lambda_function.cloudfront_invalidation_lambda                                                 *      
module.rds_proxy["mysql_5_7_provisioned"].data.aws_iam_policy_document.proxy_policy_document            *                                
module.rds_proxy["mysql_5_7_provisioned"].data.aws_kms_alias.proxy                                      *                                
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy.proxy                                                                      *      
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_default_target_group.proxy                                        *               
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_endpoint.proxy                                                    *               
module.rds_proxy["mysql_5_7_provisioned"].aws_db_proxy_target.proxy                                                      *               
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_policy.proxy                                                           *               
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_role.proxy                                                             *               
module.rds_proxy["mysql_5_7_provisioned"].aws_iam_role_policy_attachment.proxy_role_policy_attachment                    *               
module.rds_proxy["mysql_5_7_provisioned"].aws_secretsmanager_secret.proxy                                                *               
module.rds_r53["mysql_5_7_provisioned"].aws_route53_record.compute["rds_read_only_proxy"]                                         *      
module.rds_r53["mysql_5_7_provisioned"].aws_route53_record.devops["rds_read_only_proxy"]                                          *      
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.compute["rds_read_only_proxy"]                           *               
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.compute["rds_read_write_proxy"]                          *               
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.devops["rds_read_only_proxy"]                            *               
module.rds_r53["postgresql_16_1_serverless"].aws_route53_record.devops["rds_read_write_proxy"]                           *               

Completed

Effectively, I'm ready to apply the changes. I just wanted to see the dependency graph so I can see the sequence of what gets altered.

I want the new things created and the updates to carry through to the resources that use the references, before the old resources are deleted.

If I use moved, the deletion comes first. If I don't use moved, then the above is the list of create/destroy, just with no easy way of seeing the dependency order.

dependabot bot and others added 17 commits May 6, 2024 20:40
@dependabot
Bump jinja2 from 3.1.3 to 3.1.4
5fdf934 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/pallets/jinja/releases)
- [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst)
- [Commits](pallets/jinja@3.1.3...3.1.4)

---
updated-dependencies:
- dependency-name: jinja2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@Ianyliu
Bump jinja2 from 3.1.3 to 3.1.4 (#46)
ba6affc 
Bumps [jinja2](https://github.com/pallets/jinja) from 3.1.3 to 3.1.4.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/releases">jinja2's
releases</a>.</em></p>
<blockquote>
<h2>3.1.4</h2>
<p>This is the Jinja 3.1.4 security release, which fixes security issues
and bugs but does not otherwise change behavior and should not result in
breaking changes.</p>
<p>PyPI: <a
href="https://pypi.org/project/Jinja2/3.1.4/">https://pypi.org/project/Jinja2/3.1.4/</a>
Changes: <a
href="https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4">https://jinja.palletsprojects.com/en/3.1.x/changes/#version-3-1-4</a></p>
<ul>
<li>The <code>xmlattr</code> filter does not allow keys with
<code>/</code> solidus, <code>&gt;</code> greater-than sign, or
<code>=</code> equals sign, in addition to disallowing spaces.
Regardless of any validation done by Jinja, user input should never be
used as keys to this filter, or must be separately validated first.
GHSA-h75v-3vvj-5mfj</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pallets/jinja/blob/main/CHANGES.rst">jinja2's
changelog</a>.</em></p>
<blockquote>
<h2>Version 3.1.4</h2>
<p>Released 2024-05-05</p>
<ul>
<li>The <code>xmlattr</code> filter does not allow keys with
<code>/</code> solidus, <code>&gt;</code>
greater-than sign, or <code>=</code> equals sign, in addition to
disallowing spaces.
Regardless of any validation done by Jinja, user input should never be
used
as keys to this filter, or must be separately validated first.
:ghsa:<code>h75v-3vvj-5mfj</code></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pallets/jinja/commit/dd4a8b5466d8790540c181590b14db4d4d889d57"><code>dd4a8b5</code></a>
release version 3.1.4</li>
<li><a
href="https://github.com/pallets/jinja/commit/0668239dc6b44ef38e7a6c9f91f312fd4ca581cb"><code>0668239</code></a>
Merge pull request from GHSA-h75v-3vvj-5mfj</li>
<li><a
href="https://github.com/pallets/jinja/commit/d655030770081e2dfe46f90e27620472a502289d"><code>d655030</code></a>
disallow invalid characters in keys to xmlattr filter</li>
<li><a
href="https://github.com/pallets/jinja/commit/a7863ba9d3521f1450f821119c50d19d7ecea329"><code>a7863ba</code></a>
add ghsa links</li>
<li><a
href="https://github.com/pallets/jinja/commit/b5c98e78c2ee7d2bf0aa06d29ed9bf7082de9cf4"><code>b5c98e7</code></a>
start version 3.1.4</li>
<li><a
href="https://github.com/pallets/jinja/commit/da3a9f0b804199845fcb76f2e08748bdaeba93ee"><code>da3a9f0</code></a>
update project files (<a
href="https://redirect.github.com/pallets/jinja/issues/1968">#1968</a>)</li>
<li><a
href="https://github.com/pallets/jinja/commit/0ee5eb41d1a2d7d9a05a02dc26dd70e63aaaeeb1"><code>0ee5eb4</code></a>
satisfy formatter, linter, and strict mypy</li>
<li><a
href="https://github.com/pallets/jinja/commit/20477c63575175196bfc8103f223cc9f5642595d"><code>20477c6</code></a>
update project files (<a
href="https://redirect.github.com/pallets/jinja/issues/5457">#5457</a>)</li>
<li><a
href="https://github.com/pallets/jinja/commit/e491223739dedbb1f4fc6a71340c1484e149d947"><code>e491223</code></a>
update pyyaml dev dependency</li>
<li><a
href="https://github.com/pallets/jinja/commit/36f98854c721f98ba103f97f65a8a098da5af0d7"><code>36f9885</code></a>
fix pr link</li>
<li>Additional commits viewable in <a
href="https://github.com/pallets/jinja/compare/3.1.3...3.1.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jinja2&package-manager=pip&previous-version=3.1.3&new-version=3.1.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Ianyliu/blast-radius-fork/network/alerts).

</details>
@dependabot
---
bffe1db 
updated-dependencies:
- dependency-name: requests
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@Ianyliu
Bump requests from 2.31.0 to 2.32.0 (#47)
8b8d95d 
Bumps [requests](https://github.com/psf/requests) from 2.31.0 to 2.32.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/releases">requests's
releases</a>.</em></p>
<blockquote>
<h2>v2.32.0</h2>
<h2>2.32.0 (2024-05-20)</h2>
<h2>🐍 PYCON US 2024 EDITION 🐍</h2>
<p><strong>Security</strong></p>
<ul>
<li>Fixed an issue where setting <code>verify=False</code> on the first
request from a
Session will cause subsequent requests to the <em>same origin</em> to
also ignore
cert verification, regardless of the value of <code>verify</code>.
(<a
href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li><code>verify=True</code> now reuses a global SSLContext which should
improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a
Python
version built with OpenSSL 3.x. (<a
href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li>
<li>Requests now supports optional use of character detection
(<code>chardet</code> or <code>charset_normalizer</code>) when
repackaged or vendored.
This enables <code>pip</code> and other projects to minimize their
vendoring
surface area. The <code>Response.text()</code> and
<code>apparent_encoding</code> APIs
will default to <code>utf-8</code> if neither library is present. (<a
href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed bug in length detection where emoji length was incorrectly
calculated in the request content-length. (<a
href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li>
<li>Fixed deserialization bug in JSONDecodeError. (<a
href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li>
<li>Fixed bug where an extra leading <code>/</code> (path separator)
could lead
urllib3 to unnecessarily reparse the request URI. (<a
href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Requests has officially added support for CPython 3.12 (<a
href="https://redirect.github.com/psf/requests/issues/6503">#6503</a>)</li>
<li>Requests has officially added support for PyPy 3.9 and 3.10 (<a
href="https://redirect.github.com/psf/requests/issues/6641">#6641</a>)</li>
<li>Requests has officially dropped support for CPython 3.7 (<a
href="https://redirect.github.com/psf/requests/issues/6642">#6642</a>)</li>
<li>Requests has officially dropped support for PyPy 3.7 and 3.8 (<a
href="https://redirect.github.com/psf/requests/issues/6641">#6641</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
<p><strong>Packaging</strong></p>
<ul>
<li>Requests has started adopting some modern packaging practices.
The source files for the projects (formerly <code>requests</code>) is
now located
in <code>src/requests</code> in the Requests sdist. (<a
href="https://redirect.github.com/psf/requests/issues/6506">#6506</a>)</li>
<li>Starting in Requests 2.33.0, Requests will migrate to a PEP 517
build system
using <code>hatchling</code>. This should not impact the average user,
but extremely old
versions of packaging utilities may have issues with the new packaging
format.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/matthewarmand"><code>@​matthewarmand</code></a>
made their first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6258">psf/requests#6258</a></li>
<li><a href="https://github.com/cpzt"><code>@​cpzt</code></a> made their
first contribution in <a
href="https://redirect.github.com/psf/requests/pull/6456">psf/requests#6456</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/psf/requests/blob/main/HISTORY.md">requests's
changelog</a>.</em></p>
<blockquote>
<h2>2.32.0 (2024-05-20)</h2>
<p><strong>Security</strong></p>
<ul>
<li>Fixed an issue where setting <code>verify=False</code> on the first
request from a
Session will cause subsequent requests to the <em>same origin</em> to
also ignore
cert verification, regardless of the value of <code>verify</code>.
(<a
href="https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56">https://github.com/psf/requests/security/advisories/GHSA-9wx4-h78v-vm56</a>)</li>
</ul>
<p><strong>Improvements</strong></p>
<ul>
<li><code>verify=True</code> now reuses a global SSLContext which should
improve
request time variance between first and subsequent requests. It should
also minimize certificate load time on Windows systems when using a
Python
version built with OpenSSL 3.x. (<a
href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li>
<li>Requests now supports optional use of character detection
(<code>chardet</code> or <code>charset_normalizer</code>) when
repackaged or vendored.
This enables <code>pip</code> and other projects to minimize their
vendoring
surface area. The <code>Response.text()</code> and
<code>apparent_encoding</code> APIs
will default to <code>utf-8</code> if neither library is present. (<a
href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>)</li>
</ul>
<p><strong>Bugfixes</strong></p>
<ul>
<li>Fixed bug in length detection where emoji length was incorrectly
calculated in the request content-length. (<a
href="https://redirect.github.com/psf/requests/issues/6589">#6589</a>)</li>
<li>Fixed deserialization bug in JSONDecodeError. (<a
href="https://redirect.github.com/psf/requests/issues/6629">#6629</a>)</li>
<li>Fixed bug where an extra leading <code>/</code> (path separator)
could lead
urllib3 to unnecessarily reparse the request URI. (<a
href="https://redirect.github.com/psf/requests/issues/6644">#6644</a>)</li>
</ul>
<p><strong>Deprecations</strong></p>
<ul>
<li>Requests has officially added support for CPython 3.12 (<a
href="https://redirect.github.com/psf/requests/issues/6503">#6503</a>)</li>
<li>Requests has officially added support for PyPy 3.9 and 3.10 (<a
href="https://redirect.github.com/psf/requests/issues/6641">#6641</a>)</li>
<li>Requests has officially dropped support for CPython 3.7 (<a
href="https://redirect.github.com/psf/requests/issues/6642">#6642</a>)</li>
<li>Requests has officially dropped support for PyPy 3.7 and 3.8 (<a
href="https://redirect.github.com/psf/requests/issues/6641">#6641</a>)</li>
</ul>
<p><strong>Documentation</strong></p>
<ul>
<li>Various typo fixes and doc improvements.</li>
</ul>
<p><strong>Packaging</strong></p>
<ul>
<li>Requests has started adopting some modern packaging practices.
The source files for the projects (formerly <code>requests</code>) is
now located
in <code>src/requests</code> in the Requests sdist. (<a
href="https://redirect.github.com/psf/requests/issues/6506">#6506</a>)</li>
<li>Starting in Requests 2.33.0, Requests will migrate to a PEP 517
build system
using <code>hatchling</code>. This should not impact the average user,
but extremely old
versions of packaging utilities may have issues with the new packaging
format.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/psf/requests/commit/d6ebc4a2f1f68b7e355fb7e4dd5ffc0845547f9f"><code>d6ebc4a</code></a>
v2.32.0</li>
<li><a
href="https://github.com/psf/requests/commit/9a40d1277807f0a4f26c9a37eea8ec90faa8aadc"><code>9a40d12</code></a>
Avoid reloading root certificates to improve concurrent performance (<a
href="https://redirect.github.com/psf/requests/issues/6667">#6667</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/0c030f78d24f29a459dbf39b28b4cc765e2153d7"><code>0c030f7</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6702">#6702</a>
from nateprewitt/no_char_detection</li>
<li><a
href="https://github.com/psf/requests/commit/555b870eb19d497ddb67042645420083ec8efb02"><code>555b870</code></a>
Allow character detection dependencies to be optional in post-packaging
steps</li>
<li><a
href="https://github.com/psf/requests/commit/d6dded3f00afcf56a7e866cb0732799045301eb0"><code>d6dded3</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6700">#6700</a>
from franekmagiera/update-redirect-to-invalid-uri-test</li>
<li><a
href="https://github.com/psf/requests/commit/bf24b7d8d17da34be720c19e5978b2d3bf94a53b"><code>bf24b7d</code></a>
Use an invalid URI that will not cause httpbin to throw 500</li>
<li><a
href="https://github.com/psf/requests/commit/2d5f54779ad174035c5437b3b3c1146b0eaf60fe"><code>2d5f547</code></a>
Pin 3.8 and 3.9 runners back to macos-13 (<a
href="https://redirect.github.com/psf/requests/issues/6688">#6688</a>)</li>
<li><a
href="https://github.com/psf/requests/commit/f1bb07d39b74d6444e333879f8b8a3d9dd4d2311"><code>f1bb07d</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6687">#6687</a>
from psf/dependabot/github_actions/github/codeql-act...</li>
<li><a
href="https://github.com/psf/requests/commit/60047ade64b0b882cbc94e047198818ab580911e"><code>60047ad</code></a>
Bump github/codeql-action from 3.24.0 to 3.25.0</li>
<li><a
href="https://github.com/psf/requests/commit/31ebb8102c00f8cf8b396a6356743cca4362e07b"><code>31ebb81</code></a>
Merge pull request <a
href="https://redirect.github.com/psf/requests/issues/6682">#6682</a>
from frenzymadness/pytest8</li>
<li>Additional commits viewable in <a
href="https://github.com/psf/requests/compare/v2.31.0...v2.32.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=requests&package-manager=pip&previous-version=2.31.0&new-version=2.32.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Ianyliu/blast-radius-fork/network/alerts).

</details>
@dependabot
Bump setuptools from 65.5.1 to 70.0.0
f8af9dc 
Bumps [setuptools](https://github.com/pypa/setuptools) from 65.5.1 to 70.0.0.
- [Release notes](https://github.com/pypa/setuptools/releases)
- [Changelog](https://github.com/pypa/setuptools/blob/main/NEWS.rst)
- [Commits](pypa/setuptools@v65.5.1...v70.0.0)

---
updated-dependencies:
- dependency-name: setuptools
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@Ianyliu
Bump setuptools from 65.5.1 to 70.0.0 (#49)
e47caed 
Bumps [setuptools](https://github.com/pypa/setuptools) from 65.5.1 to
70.0.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pypa/setuptools/blob/main/NEWS.rst">setuptools's
changelog</a>.</em></p>
<blockquote>
<h1>v70.0.0</h1>
<h2>Features</h2>
<ul>
<li>Emit a warning when <code>[tools.setuptools]</code> is present in
<code>pyproject.toml</code> and will be ignored. -- by
:user:<code>SnoopJ</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4150">#4150</a>)</li>
<li>Improved <code>AttributeError</code> error message if
<code>pkg_resources.EntryPoint.require</code> is called without extras
or distribution
Gracefully &quot;do nothing&quot; when trying to activate a
<code>pkg_resources.Distribution</code> with a <code>None</code>
location, rather than raising a <code>TypeError</code>
-- by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4262">#4262</a>)</li>
<li>Typed the dynamically defined variables from
<code>pkg_resources</code> -- by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4267">#4267</a>)</li>
<li>Modernized and refactored VCS handling in package_index. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4332">#4332</a>)</li>
</ul>
<h2>Bugfixes</h2>
<ul>
<li>In install command, use super to call the superclass methods. Avoids
race conditions when monkeypatching from _distutils_system_mod occurs
late. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4136">#4136</a>)</li>
<li>Fix finder template for lenient editable installs of implicit nested
namespaces
constructed by using <code>package_dir</code> to reorganise directory
structure. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4278">#4278</a>)</li>
<li>Fix an error with <code>UnicodeDecodeError</code> handling in
<code>pkg_resources</code> when trying to read files in UTF-8 with a
fallback -- by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4348">#4348</a>)</li>
</ul>
<h2>Improved Documentation</h2>
<ul>
<li>Uses RST substitution to put badges in 1 line. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4312">#4312</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>
<p>Further adoption of UTF-8 in <code>setuptools</code>.
This change regards mostly files produced and consumed during the build
process
(e.g. metadata files, script wrappers, automatically updated config
files, etc..)
Although precautions were taken to minimize disruptions, some edge cases
might
be subject to backwards incompatibility.</p>
<p>Support for <code>&quot;locale&quot;</code> encoding is now
<strong>deprecated</strong>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4309">#4309</a>)</p>
</li>
<li>
<p>Remove <code>setuptools.convert_path</code> after long deprecation
period.
This function was never defined by <code>setuptools</code> itself, but
rather a
side-effect of an import for internal usage. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4322">#4322</a>)</p>
</li>
<li>
<p>Remove fallback for customisations of <code>distutils</code>'
<code>build.sub_command</code> after long
deprecated period.
Users are advised to import <code>build</code> directly from
<code>setuptools.command.build</code>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4322">#4322</a>)</p>
</li>
<li>
<p>Removed <code>typing_extensions</code> from vendored dependencies --
by :user:<code>Avasam</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4324">#4324</a>)</p>
</li>
<li>
<p>Remove deprecated <code>setuptools.dep_util</code>.
The provided alternative is <code>setuptools.modified</code>. (<a
href="https://redirect.github.com/pypa/setuptools/issues/4360">#4360</a>)</p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/pypa/setuptools/commit/5cbf12a9b63fd37985a4525617b46576b8ac3a7b"><code>5cbf12a</code></a>
Workaround for release error in v70</li>
<li><a
href="https://github.com/pypa/setuptools/commit/9c1bcc3417bd12668123f7e731e241d9e57bfc57"><code>9c1bcc3</code></a>
Bump version: 69.5.1 → 70.0.0</li>
<li><a
href="https://github.com/pypa/setuptools/commit/4dc0c31644b458ac43ce6148f6a9dc729a7e78b5"><code>4dc0c31</code></a>
Remove deprecated <code>setuptools.dep_util</code> (<a
href="https://redirect.github.com/pypa/setuptools/issues/4360">#4360</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/6c1ef5748dbd70c8c5423e12680345766ee101d9"><code>6c1ef57</code></a>
Remove xfail now that test passes. Ref <a
href="https://redirect.github.com/pypa/setuptools/issues/4371">#4371</a>.</li>
<li><a
href="https://github.com/pypa/setuptools/commit/d14fa0162c95450898c11534caf26a0f03553176"><code>d14fa01</code></a>
Add all site-packages dirs when creating simulated environment for
test_edita...</li>
<li><a
href="https://github.com/pypa/setuptools/commit/6b7f7a18afc90007544092c446dc0cd856d86b17"><code>6b7f7a1</code></a>
Prevent <code>bin</code> folders to be taken as extern packages when
vendoring (<a
href="https://redirect.github.com/pypa/setuptools/issues/4370">#4370</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/69141f69f8bf38da34cbea552d6fdaa9c8619c53"><code>69141f6</code></a>
Add doctest for vendorised bin folder</li>
<li><a
href="https://github.com/pypa/setuptools/commit/2a53cc1200ec4b14e08e84be3c042f8983dfb7d7"><code>2a53cc1</code></a>
Prevent 'bin' folders to be taken as extern packages</li>
<li><a
href="https://github.com/pypa/setuptools/commit/720862807dea012f3a0e7061880691025f736f11"><code>7208628</code></a>
Replace call to deprecated <code>validate_pyproject</code> command (<a
href="https://redirect.github.com/pypa/setuptools/issues/4363">#4363</a>)</li>
<li><a
href="https://github.com/pypa/setuptools/commit/96d681aa405460f724c62c00ca125ae722ad810a"><code>96d681a</code></a>
Remove call to deprecated validate_pyproject command</li>
<li>Additional commits viewable in <a
href="https://github.com/pypa/setuptools/compare/v65.5.1...v70.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=setuptools&package-manager=pip&previous-version=65.5.1&new-version=70.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/Ianyliu/blast-radius-fork/network/alerts).

</details>
@Ianyliu
Add star history pic to README.md
7e7ed33
@Ianyliu
Star History Dark Theme Support
8d6da2e
@Ianyliu
Update README.md
7d031b3
@Ianyliu
Add star history pic to README.md (#50)
61374b9
@Ianyliu
fix entrypoint script (#53)
47f0d72
@Ianyliu
Bug Fix
56fd19c
@Ianyliu
Bug fix (Terraform initialized in an empty directory) (#54)
eccaef9
@Ianyliu
Update README.md Title
7455703
@Ianyliu
Update README.md Title (#55)
aa6408a
@Ianyliu
Add print message
75ae6be
@Ianyliu
Add print message (#56)
1e9561e
@Ianyliu
Copy link
Author

Ianyliu commented Aug 14, 2024

@rquadling Could you please try again with my latest image from Docker? I've never seen this issue before so I'm not sure if I can fix it.

@rquadling
Copy link

@Ianyliu Thank you for this. Will try it out tomorrow (UK time).

Ianyliu and others added 8 commits October 4, 2024 19:32
@Ianyliu
Update README.md
bdd14d9
@Ianyliu
Update README.md (#58)
3e0ade2
@Ianyliu
Update README.md
e1917ad
@Ianyliu
Update README.md (#59)
9f271b0
@mediowen
Allow for host to be configured (default is 0.0.0.0, which may be und…
8d42879 
…esirable)
@mediowen
type=str oops
6194a82
@mediowen
Update readme
5c6b000
@Ianyliu
Make bound host configurable (#60)
9092f19 
Was about to run this in a coffee shop and realised it's binding to all
addresses by default :P

Not sure if worthwhile just making the default 127.0.0.1 as well, so
binding further is an explicit move. Happy to adjust, I think that'd
make sense to me as well but would be a breaking change
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@Ianyliu @rquadling @blentz @glasnt @dannyvolders @mediowen