Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update gitpython 3.0.0 to 3.1.40 #14

Merged
merged 10 commits into from
Nov 2, 2023
Merged

Update gitpython 3.0.0 to 3.1.40 #14

merged 10 commits into from
Nov 2, 2023

Conversation

philipphomberger
Copy link
Contributor

@philipphomberger philipphomberger commented Nov 2, 2023
edited
Loading

Update gitpython 3.0.0 to 3.1.40

Close some Snyk Sec fingings:
https://security.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5840584
https://app.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-3113858
https://app.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5871282
https://app.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-5876644
https://app.snyk.io/vuln/SNYK-PYTHON-GITPYTHON-2407255

Change CI Python Version from 3.6 to 3.8 because the actual gitpython version works only with >= 3.7.

Drop Python 3.6 support.

@CLAassistant
Copy link

CLAassistant commented Nov 2, 2023
edited
Loading

CLA assistant check
All committers have signed the CLA.

@philipphomberger
Copy link
Contributor Author

Hi, the problem looks that gitpython need 3.7 and higher. Is it possible to change the test Pipeline to 3.8 like the actual Version of stackstorm ?

See:
"
REQUIREMENTS

GitPython needs the git executable to be installed on the system and available in your PATH for most operations. If it is not in your PATH, you can help GitPython find it by setting the GIT_PYTHON_GIT_EXECUTABLE=<path/to/git> environment variable.

Git (1.7.x or newer)
Python >= 3.7

" https://pypi.org/project/GitPython/

@philipphomberger
Copy link
Contributor Author

Hi, the problem looks that gitpython need 3.7 and higher. Is it possible to change the test Pipeline to 3.8 like the actual Version of stackstorm ?

See: " REQUIREMENTS

GitPython needs the git executable to be installed on the system and available in your PATH for most operations. If it is not in your PATH, you can help GitPython find it by setting the GIT_PYTHON_GIT_EXECUTABLE=<path/to/git> environment variable.

Git (1.7.x or newer)
Python >= 3.7

" https://pypi.org/project/GitPython/

Update CI Setting to Python 3.8.

arm4b
arm4b suggested changes Nov 2, 2023
View reviewed changes
Copy link
Member

@arm4b arm4b left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the contribution!
Very helpful to get it updated security-wise.

Left several comments before we can merge it.

CHANGES.md Outdated Show resolved Hide resolved
CHANGES.md Outdated Show resolved Hide resolved
CHANGES.md Show resolved Hide resolved
arm4b
arm4b previously approved these changes Nov 2, 2023
View reviewed changes
Copy link
Member

@arm4b arm4b left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good, thanks!

arm4b
arm4b reviewed Nov 2, 2023
View reviewed changes
.github/workflows/build_and_test.yaml
@@ -15,3 +15,4 @@ jobs:
enable-common-libs: true
#apt-cache-version: v0
#py-cache-version: v0
python-version: "3.8"
Copy link
Member

@arm4b arm4b Nov 2, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just remembered one more thing,

stackstorm-git/.github/workflows/release.yaml

Lines 12 to 20 in 2024415

jobs:
# This mirrors build_and_test workflow
build_and_test:
name: 'Build and Test'
uses: StackStorm-Exchange/ci/.github/workflows/pack-build_and_test.yaml@master
with:
enable-common-libs: true
#apt-cache-version: v0
#py-cache-version: v0

needs adding python-version: "3.8" too.

That release workflow will run after merging this PR.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done. Thank you for all your Feedback :)

@arm4b arm4b dismissed their stale review November 2, 2023 18:53

One more change is needed for release workflow

@arm4b arm4b merged commit 3dc1c3f into StackStorm-Exchange:master Nov 2, 2023
2 checks passed
@arm4b arm4b mentioned this pull request Dec 11, 2023
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arm4b arm4b arm4b approved these changes

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@philipphomberger @CLAassistant @arm4b