Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Patch werkzeug vuln and make minor cladetime API improvements #54

Merged
merged 6 commits into from
Nov 6, 2024
Merged

Patch werkzeug vuln and make minor cladetime API improvements #54

merged 6 commits into from
Nov 6, 2024

Conversation

bsweger
Copy link
Collaborator

@bsweger bsweger commented Nov 6, 2024
edited
Loading

Closes #46

This PR combines a few minor cladetime updates to smooth the way for #53 and also addresses a werkzeug vuln reported by Dependabot: https://github.com/reichlab/cladetime/security/dependabot

Probably best to review commit by commit, as the various updates aren't really related to one another.

@bsweger bsweger force-pushed the bsweger/misc-fixups branch from 7d67dbf to 54fbd5b Compare November 6, 2024 16:16
@bsweger
Skip integration tests for assign_clades CLI
4c454b4 
The CLI portion of cladetime is not expected to work until
we revamp it to use the NextClade-based methods for assigning
clades. Furthermore, we need to add a service to the GitHub
workflow that will allow Docker commands to run within the
Docker-based CI process.
@bsweger
Tidy up the sequence.py API
115b41b 
This changeset incorporates some of the API design principles
discussed here: https://benhoyt.com/writings/python-api-design/

Specifically, we can stop importing individual functions
from sequence.py AND streamline the function names by moving
from this pattern:

from cladetime.sequence import filter_sequence_metadata, etc.
metdata = filter_sequence_metadata()

to this one:

from cladetime import sequence
metadata = sequence.filter_metadata()
@bsweger
Change return value of sequence.filter
ab9f8d6 
Another tweak to make the API more friendly.
@bsweger
Update dependencies
65ee846 
Closes #46
This changeset bumps package dependencies (the prompt was addressing a
werkzeug vuln, but let's take the opportunity to update everything).
@bsweger
Appease the linter and update ruff pre-commit hook
b4ce181 
The prior commit updated all of our packages, including ruff.
The ruff update has different styling preferences for import
formatting, causing a mismatch between what the pre-commit
hook will accept and what "ruff check" flags as a problem.
@bsweger
Address readthedocs warning
2bb7784
@bsweger bsweger force-pushed the bsweger/misc-fixups branch from 54fbd5b to 2bb7784 Compare November 6, 2024 16:23
@bsweger bsweger requested a review from elray1 November 6, 2024 16:27
elray1
elray1 approved these changes Nov 6, 2024
View reviewed changes
Copy link
Collaborator

@elray1 elray1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

approved!

@bsweger bsweger merged commit a593c16 into main Nov 6, 2024
2 checks passed
@bsweger bsweger deleted the bsweger/misc-fixups branch November 6, 2024 17:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@elray1 elray1 elray1 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Werkzeug should be updated to 3.0.6
2 participants
@bsweger @elray1