From 5ac98680c1749e1d43372829400b92533b1e2a19 Mon Sep 17 00:00:00 2001 From: Arturo Molina Date: Tue, 2 Jul 2024 00:29:45 +0000 Subject: [PATCH] Updates depencencies with security patches. Removes unused code --- .gitignore | 4 ++- build.sh | 2 +- porting-advisor-win-x64.spec | 2 +- requirements-build.txt | 8 ++--- requirements.txt | 2 +- src/updater.py | 67 ------------------------------------ unittest/test_manifester.py | 1 - 7 files changed, 9 insertions(+), 77 deletions(-) delete mode 100644 src/updater.py diff --git a/.gitignore b/.gitignore index 6afe9bc..7f5a507 100644 --- a/.gitignore +++ b/.gitignore @@ -170,4 +170,6 @@ dependencies.xlsx [Oo]bj/ [Ll]og/ -*.jar \ No newline at end of file +*.jar + +temp/ \ No newline at end of file diff --git a/build.sh b/build.sh index b766609..ed3d062 100755 --- a/build.sh +++ b/build.sh @@ -29,7 +29,7 @@ fi echo "🏗️ Generating executable" CERT_PATH=$(python3 -c 'import sysconfig; print(sysconfig.get_paths()["purelib"])') -pyinstaller --onefile --clean --noconfirm --distpath dist --add-data 'src/advisor/rules/*.json:advisor/rules' --add-data 'src/advisor/tools/graviton-ready-java/target/*:advisor/tools/graviton-ready-java/target' --add-data 'src/advisor/templates/template.html:advisor/templates' --add-data "$CERT_PATH/certifi/cacert.pem:certifi" --name "$FILE_NAME" "src/porting-advisor.py" --runtime-hook 'src/updater.py' --exclude-module readline +pyinstaller --onefile --clean --noconfirm --distpath dist --add-data 'src/advisor/rules/*.json:advisor/rules' --add-data 'src/advisor/tools/graviton-ready-java/target/*:advisor/tools/graviton-ready-java/target' --add-data 'src/advisor/templates/template.html:advisor/templates' --add-data "$CERT_PATH/certifi/cacert.pem:certifi" --name "$FILE_NAME" "src/porting-advisor.py" --exclude-module readline if [ $? -ne 0 ]; then echo "**ERROR**: pyinstaller failed, binary was not created" && exit 1 fi diff --git a/porting-advisor-win-x64.spec b/porting-advisor-win-x64.spec index 02d553f..cfbe294 100644 --- a/porting-advisor-win-x64.spec +++ b/porting-advisor-win-x64.spec @@ -12,7 +12,7 @@ a = Analysis( hiddenimports=[], hookspath=[], hooksconfig={}, - runtime_hooks=['src\\updater.py'], + runtime_hooks=[], excludes=['readline', 'pyinstaller', 'pyinstaller-hooks-contrib'], win_no_prefer_redirects=False, win_private_assemblies=False, diff --git a/requirements-build.txt b/requirements-build.txt index 0631557..c651f67 100644 --- a/requirements-build.txt +++ b/requirements-build.txt @@ -1,15 +1,13 @@ altgraph==0.17.3 certifi==2023.7.22 -charset-normalizer==3.2.0 coverage==7.2.7 -idna==3.4 -Jinja2==3.1.2 +idna==3.7 +Jinja2==3.1.4 MarkupSafe==2.1.3 packaging==23.1 progressbar33==2.4 pyinstaller==5.13.1 pyinstaller-hooks-contrib==2023.6 pyparsing==3.1.1 -requests==2.31.0 -urllib3==2.0.7 +urllib3==2.2.2 XlsxWriter==3.1.2 diff --git a/requirements.txt b/requirements.txt index d832497..98a5b6e 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,5 +1,5 @@ altgraph==0.17.3 -Jinja2==3.1.2 +Jinja2==3.1.4 MarkupSafe==2.1.3 packaging==23.1 progressbar33==2.4 diff --git a/src/updater.py b/src/updater.py deleted file mode 100644 index 8a78757..0000000 --- a/src/updater.py +++ /dev/null @@ -1,67 +0,0 @@ -import logging -import os -import sys -from advisor import __version__ -from advisor.helpers.version_comparer import VersionComparer -from zipfile import ZipFile - -# Temp test bucket -DOWNLOAD_URL = '' -LATEST_VERSION_URL = '' - -def main(argv=sys.argv[1:]): - check_for_updates() - - -def check_for_updates(): - """Checks for latest version. Displays a message if new message is available. - """ - if (is_newer_version_available()): - print(f'New version of Porting Advisor for Graviton is available. Please download it at: {DOWNLOAD_URL}') - -def is_newer_version_available(): - current_version = __version__ - latest_version = get_latest_version() - return VersionComparer.is_valid(latest_version) and VersionComparer.compare(current_version, latest_version) == -1 - -def get_latest_version(): - """Gets latest version available - - Returns: - str: The latest published version. Empty if it failed to get the latest version available. - """ - try: - return do_request(LATEST_VERSION_URL).decode('utf-8') - except: - logging.debug('Error while getting latest version.', exc_info=True) - return '' - -def do_request(request_url): - """Executes an https request - Returns: - bytes: The latest version of the tool. None if it fails. - """ - try: - # if running as a binary, need to specify the path to the cacert.pem for requests to succeed - if getattr(sys, 'frozen', False) and hasattr(sys, '_MEIPASS'): - import certifi.core - certifi.core.where = _get_cacert_pem() - import requests.utils - import requests.adapters - requests.utils.DEFAULT_CA_BUNDLE_PATH = _get_cacert_pem() - requests.adapters.DEFAULT_CA_BUNDLE_PATH = _get_cacert_pem() - else: - import certifi.core - import requests.utils - import requests.adapters - - return requests.get(request_url).content - except: - logging.debug('Error while executing https request.', exc_info=True) - return None - -def _get_cacert_pem(): - return os.path.abspath(os.path.join(os.path.dirname(__file__), 'certifi', 'cacert.pem')) - -if __name__ == '__main__': - main() \ No newline at end of file diff --git a/unittest/test_manifester.py b/unittest/test_manifester.py index b4ebb86..3d8be2f 100644 --- a/unittest/test_manifester.py +++ b/unittest/test_manifester.py @@ -25,7 +25,6 @@ def test_get_dependencies_for_pip_returns_array_of_dependencies(self): self.assertEqual('requirements.txt', dependencies[1].filename) self.assertEqual('pip', dependencies[1].tool) self.assertEqual(3, dependencies[1].lineno) - self.assertEqual('3.1.2', dependencies[1].installed_version) def test_get_dependencies_for_maven_returns_array_of_dependencies(self): manifester = Manifester()