From 210e8b5a336d759022dbff4bea13b12263e70c4c Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Mon, 20 May 2024 12:04:25 -0400 Subject: [PATCH 1/3] This changeset updates our pre-commit hooks to help check for things in our code before we commit anything, such as code format and structure as well as sensitive information and credentials. Signed-off-by: Carlo Costino --- .ds.baseline | 714 ++++++++++++++++++++++++++++++++++++++++ .pre-commit-config.yaml | 16 +- poetry.lock | 33 +- pyproject.toml | 5 +- 4 files changed, 758 insertions(+), 10 deletions(-) create mode 100644 .ds.baseline diff --git a/.ds.baseline b/.ds.baseline new file mode 100644 index 0000000000..cec28396cd --- /dev/null +++ b/.ds.baseline @@ -0,0 +1,714 @@ +{ + "version": "1.5.0", + "plugins_used": [ + { + "name": "ArtifactoryDetector" + }, + { + "name": "AWSKeyDetector" + }, + { + "name": "AzureStorageKeyDetector" + }, + { + "name": "Base64HighEntropyString", + "limit": 4.5 + }, + { + "name": "BasicAuthDetector" + }, + { + "name": "CloudantDetector" + }, + { + "name": "DiscordBotTokenDetector" + }, + { + "name": "GitHubTokenDetector" + }, + { + "name": "GitLabTokenDetector" + }, + { + "name": "HexHighEntropyString", + "limit": 3.0 + }, + { + "name": "IbmCloudIamDetector" + }, + { + "name": "IbmCosHmacDetector" + }, + { + "name": "IPPublicDetector" + }, + { + "name": "JwtTokenDetector" + }, + { + "name": "KeywordDetector", + "keyword_exclude": "" + }, + { + "name": "MailchimpDetector" + }, + { + "name": "NpmDetector" + }, + { + "name": "OpenAIDetector" + }, + { + "name": "PrivateKeyDetector" + }, + { + "name": "PypiTokenDetector" + }, + { + "name": "SendGridDetector" + }, + { + "name": "SlackDetector" + }, + { + "name": "SoftlayerDetector" + }, + { + "name": "SquareOAuthDetector" + }, + { + "name": "StripeDetector" + }, + { + "name": "TelegramBotTokenDetector" + }, + { + "name": "TwilioKeyDetector" + } + ], + "filters_used": [ + { + "path": "detect_secrets.filters.allowlist.is_line_allowlisted" + }, + { + "path": "detect_secrets.filters.common.is_baseline_file", + "filename": ".ds.baseline" + }, + { + "path": "detect_secrets.filters.common.is_ignored_due_to_verification_policies", + "min_level": 2 + }, + { + "path": "detect_secrets.filters.heuristic.is_indirect_reference" + }, + { + "path": "detect_secrets.filters.heuristic.is_likely_id_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_lock_file" + }, + { + "path": "detect_secrets.filters.heuristic.is_not_alphanumeric_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_potential_uuid" + }, + { + "path": "detect_secrets.filters.heuristic.is_prefixed_with_dollar_sign" + }, + { + "path": "detect_secrets.filters.heuristic.is_sequential_string" + }, + { + "path": "detect_secrets.filters.heuristic.is_swagger_file" + }, + { + "path": "detect_secrets.filters.heuristic.is_templated_secret" + } + ], + "results": { + ".github/workflows/checks.yml": [ + { + "type": "Secret Keyword", + "filename": ".github/workflows/checks.yml", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 61, + "is_secret": false + }, + { + "type": "Basic Auth Credentials", + "filename": ".github/workflows/checks.yml", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 95, + "is_secret": false + } + ], + "app/assets/js/uswds.min.js": [ + { + "type": "Secret Keyword", + "filename": "app/assets/js/uswds.min.js", + "hashed_secret": "372ea08cab33e71c02c651dbc83a474d32c676ea", + "is_verified": false, + "line_number": 85, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "app/assets/js/uswds.min.js", + "hashed_secret": "53e07a32bf191d6917ee6fd863f0b52632a86798", + "is_verified": false, + "line_number": 85, + "is_secret": false + } + ], + "app/config.py": [ + { + "type": "Secret Keyword", + "filename": "app/config.py", + "hashed_secret": "577a4c667e4af8682ca431857214b3a920883efc", + "is_verified": false, + "line_number": 111, + "is_secret": false + } + ], + "app/main/_commonly_used_passwords.py": [ + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "82e19fa12aab7cfc718a002fc82c0f074bf070e7", + "is_verified": false, + "line_number": 123, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "a172ffc990129fe6f68b50f6037c54a1894ee3fd", + "is_verified": false, + "line_number": 240, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "4de69ee6b12b7fc91070873b71ba6e2929b90619", + "is_verified": false, + "line_number": 244, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "370194ff6e0f93a7432e16cc9badd9427e8b4e13", + "is_verified": false, + "line_number": 284, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "3dd635a808ddb6dd4b6731f7c409d53dd4b14df2", + "is_verified": false, + "line_number": 356, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "67a74306b06d0c01624fe0d0249a570f4d093747", + "is_verified": false, + "line_number": 374, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "61d6504733ca7757e259c644acd085c4dd471019", + "is_verified": false, + "line_number": 910, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "4ea872dfd7eefbde0036da7f0780826353dc7477", + "is_verified": false, + "line_number": 940, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "b214f706bb602c1cc2adc5c6165e73622305f4bb", + "is_verified": false, + "line_number": 1010, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "5cbabd43e49a1fedbbc3b86311aa6c8fe446abf9", + "is_verified": false, + "line_number": 1195, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "18ad10fd4a67f21fc07b1aa5046b410f6b2bedf1", + "is_verified": false, + "line_number": 1213, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "10470c3b4b1fed12c3baac014be15fac67c6e815", + "is_verified": false, + "line_number": 1263, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "65e1946c8f102eca8ba0af291f7c5e807516d94c", + "is_verified": false, + "line_number": 1346, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "0075df0a74c07ee295c98238c018401c9a80183b", + "is_verified": false, + "line_number": 1397, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "ca0023d7b345802fbc227b902cb9c57a3e02195f", + "is_verified": false, + "line_number": 1442, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "c8c6ca2e11c2dfd2a40914585b5944bffea15c8c", + "is_verified": false, + "line_number": 1555, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "b85b97a99eab8c809570c61d6404c1e49bdefbb4", + "is_verified": false, + "line_number": 1596, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "dec7dd342a499dfd4d283d872ccf598d8a7b6039", + "is_verified": false, + "line_number": 1789, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "2dc5053699a351121bf839c446bd4a878dda5735", + "is_verified": false, + "line_number": 1939, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "e5d54f0ac13abbdaa94b696c2469148b96dd11ab", + "is_verified": false, + "line_number": 2242, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "6059f42e2bbae78141e8a9e6286755ee691d5ce0", + "is_verified": false, + "line_number": 2305, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "fe703d258c7ef5f50b71e06565a65aa07194907f", + "is_verified": false, + "line_number": 2348, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "c229b68e1c3ffd9874838b5cb5354a0ee1367ddc", + "is_verified": false, + "line_number": 2349, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "756de479126e911b6f3400ae686d663d9d26b509", + "is_verified": false, + "line_number": 2920, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "6b174322afcdb440ee9cc3cc11eb16f9a00dec04", + "is_verified": false, + "line_number": 2975, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "9860783bfb510cbb2bf34471ec0b84a7ea587695", + "is_verified": false, + "line_number": 3359, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "b227cbd22eaa96019ebfc4aff35ad2add2a47439", + "is_verified": false, + "line_number": 3590, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "381d48209aecab8834eb495c5b5406100da07882", + "is_verified": false, + "line_number": 3811, + "is_secret": false + }, + { + "type": "Hex High Entropy String", + "filename": "app/main/_commonly_used_passwords.py", + "hashed_secret": "508b38590a90d32990aadd7350d160b795c3ab41", + "is_verified": false, + "line_number": 3850, + "is_secret": false + } + ], + "app/main/views/sign_in.py": [ + { + "type": "Private Key", + "filename": "app/main/views/sign_in.py", + "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9", + "is_verified": false, + "line_number": 27, + "is_secret": false + } + ], + "app/templates/new/components/head.html": [ + { + "type": "Base64 High Entropy String", + "filename": "app/templates/new/components/head.html", + "hashed_secret": "ee5048791fc7ff45a1545e24f85bec3317371327", + "is_verified": false, + "line_number": 35, + "is_secret": false + } + ], + "app/templates/old/admin_template.html": [ + { + "type": "Base64 High Entropy String", + "filename": "app/templates/old/admin_template.html", + "hashed_secret": "ee5048791fc7ff45a1545e24f85bec3317371327", + "is_verified": false, + "line_number": 18, + "is_secret": false + } + ], + "deploy-config/sandbox.yml": [ + { + "type": "Secret Keyword", + "filename": "deploy-config/sandbox.yml", + "hashed_secret": "113151dd10316fcb0d5507b6215d78e2f3fe9e54", + "is_verified": false, + "line_number": 8, + "is_secret": false + } + ], + "pytest.ini": [ + { + "type": "Secret Keyword", + "filename": "pytest.ini", + "hashed_secret": "577a4c667e4af8682ca431857214b3a920883efc", + "is_verified": false, + "line_number": 7, + "is_secret": false + }, + { + "type": "Base64 High Entropy String", + "filename": "pytest.ini", + "hashed_secret": "d347784b1ab6074a65cda7bc42f1561bed85493f", + "is_verified": false, + "line_number": 7, + "is_secret": false + }, + { + "type": "Base64 High Entropy String", + "filename": "pytest.ini", + "hashed_secret": "ed1754d5cc82c8fd83205ebfb8c43fe4e88415a4", + "is_verified": false, + "line_number": 9, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "pytest.ini", + "hashed_secret": "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3", + "is_verified": false, + "line_number": 11, + "is_secret": false + } + ], + "tests/__init__.py": [ + { + "type": "Secret Keyword", + "filename": "tests/__init__.py", + "hashed_secret": "f8377c90fcfd699f0ddbdcb30c2c9183d2d933ea", + "is_verified": false, + "line_number": 388, + "is_secret": false + } + ], + "tests/app/main/forms/test_register_user_form.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/forms/test_register_user_form.py", + "hashed_secret": "8c6c978dc8e08771c7dea1ea2370fdf2446e5ba5", + "is_verified": false, + "line_number": 38, + "is_secret": false + } + ], + "tests/app/main/test_errorhandlers.py": [ + { + "type": "Base64 High Entropy String", + "filename": "tests/app/main/test_errorhandlers.py", + "hashed_secret": "005fa73b3f2be8f0d71d361c1f0a9d787cd09b4e", + "is_verified": false, + "line_number": 33, + "is_secret": false + } + ], + "tests/app/main/test_request_header.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/test_request_header.py", + "hashed_secret": "6866ef97a972ba3a2c6ff8bb2812981054770162", + "is_verified": false, + "line_number": 21, + "is_secret": false + } + ], + "tests/app/main/views/organizations/test_organization_invites.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/organizations/test_organization_invites.py", + "hashed_secret": "bdbb156d25d02fd7792865824201dda1c60f4473", + "is_verified": false, + "line_number": 265, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/organizations/test_organization_invites.py", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 273, + "is_secret": false + } + ], + "tests/app/main/views/test_accept_invite.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_accept_invite.py", + "hashed_secret": "07f0a6c13923fc3b5f0c57ffa2d29b715eb80d71", + "is_verified": false, + "line_number": 607, + "is_secret": false + } + ], + "tests/app/main/views/test_new_password.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_new_password.py", + "hashed_secret": "a41d5c3bbcd0b39c627b9cbf4897c6d25efa694f", + "is_verified": false, + "line_number": 89, + "is_secret": false + } + ], + "tests/app/main/views/test_register.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_register.py", + "hashed_secret": "bdbb156d25d02fd7792865824201dda1c60f4473", + "is_verified": false, + "line_number": 116, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_register.py", + "hashed_secret": "5baa61e4c9b93f3f0682250b6cf8331b7ee68fd8", + "is_verified": false, + "line_number": 192, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_register.py", + "hashed_secret": "bb5b7caa27d005d38039e3797c3ddb9bcd22c3c8", + "is_verified": false, + "line_number": 260, + "is_secret": false + } + ], + "tests/app/main/views/test_sign_in.py": [ + { + "type": "Private Key", + "filename": "tests/app/main/views/test_sign_in.py", + "hashed_secret": "1348b145fa1a555461c1b790a2f66614781091e9", + "is_verified": false, + "line_number": 31, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_sign_in.py", + "hashed_secret": "8b8b69116ee882b5e987e330f55db81aba0636f9", + "is_verified": false, + "line_number": 104, + "is_secret": false + } + ], + "tests/app/main/views/test_two_factor.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_two_factor.py", + "hashed_secret": "dc66ad927c29e31c6c374231f57a4684b0687bfe", + "is_verified": false, + "line_number": 267, + "is_secret": false + } + ], + "tests/app/main/views/test_user_profile.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_user_profile.py", + "hashed_secret": "8072d7aad32964ec43fbcb699c75dc38890792f7", + "is_verified": false, + "line_number": 350, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_user_profile.py", + "hashed_secret": "4c9dbb972da179e4f66f023eaa5fb9451d835030", + "is_verified": false, + "line_number": 351, + "is_secret": false + } + ], + "tests/app/main/views/test_verify.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/main/views/test_verify.py", + "hashed_secret": "faafcfa63e128929409bf310b7ea5a415f2331ce", + "is_verified": false, + "line_number": 160, + "is_secret": false + } + ], + "tests/app/notify_client/test_user_client.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/notify_client/test_user_client.py", + "hashed_secret": "f2c57870308dc87f432e5912d4de6f8e322721ba", + "is_verified": false, + "line_number": 55, + "is_secret": false + } + ], + "tests/app/test_cloudfoundry_config.py": [ + { + "type": "Secret Keyword", + "filename": "tests/app/test_cloudfoundry_config.py", + "hashed_secret": "5e44dae2de8b6e57c797b968035265c9f2cd2b3e", + "is_verified": false, + "line_number": 12, + "is_secret": false + }, + { + "type": "Secret Keyword", + "filename": "tests/app/test_cloudfoundry_config.py", + "hashed_secret": "e5e178db7317356946d13e5d2da037d39ac61c71", + "is_verified": false, + "line_number": 27, + "is_secret": false + } + ], + "tests/conftest.py": [ + { + "type": "Secret Keyword", + "filename": "tests/conftest.py", + "hashed_secret": "f8377c90fcfd699f0ddbdcb30c2c9183d2d933ea", + "is_verified": false, + "line_number": 3289, + "is_secret": false + } + ], + "tests/notifications_utils/clients/antivirus/test_antivirus_client.py": [ + { + "type": "Secret Keyword", + "filename": "tests/notifications_utils/clients/antivirus/test_antivirus_client.py", + "hashed_secret": "932b25270abe1301c22c709a19082dff07d469ff", + "is_verified": false, + "line_number": 16, + "is_secret": false + } + ], + "tests/notifications_utils/clients/encryption/test_encryption_client.py": [ + { + "type": "Secret Keyword", + "filename": "tests/notifications_utils/clients/encryption/test_encryption_client.py", + "hashed_secret": "f1e923a9667de11be6a210849a8651c1bfd81605", + "is_verified": false, + "line_number": 13, + "is_secret": false + } + ], + "tests/notifications_utils/clients/zendesk/test_zendesk_client.py": [ + { + "type": "Secret Keyword", + "filename": "tests/notifications_utils/clients/zendesk/test_zendesk_client.py", + "hashed_secret": "913a73b565c8e2c8ed94497580f619397709b8b6", + "is_verified": false, + "line_number": 16, + "is_secret": false + } + ] + }, + "generated_at": "2024-05-20T16:03:05Z" +} diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 057c1ec169..f10ade983d 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -2,7 +2,7 @@ # See https://pre-commit.com/hooks.html for more hooks repos: - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.2.0 + rev: v4.6.0 hooks: - id: trailing-whitespace - id: end-of-file-fixer @@ -11,3 +11,17 @@ repos: - id: debug-statements - id: check-merge-conflict - id: check-toml + - id: check-ast + - id: fix-byte-order-marker + - id: check-merge-conflict + - id: debug-statements + - id: detect-aws-credentials + args: [--allow-missing-credentials] + - id: detect-private-key + - id: end-of-file-fixer + - id: mixed-line-ending +- repo: https://github.com/Yelp/detect-secrets + rev: v1.5.0 + hooks: + - id: detect-secrets + args: ['--baseline', '.ds.baseline'] diff --git a/poetry.lock b/poetry.lock index d01c10d735..29a5634da6 100644 --- a/poetry.lock +++ b/poetry.lock @@ -190,13 +190,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] [[package]] name = "botocore" -version = "1.34.106" +version = "1.34.108" description = "Low-level, data-driven core of boto 3." optional = false python-versions = ">=3.8" files = [ - {file = "botocore-1.34.106-py3-none-any.whl", hash = "sha256:4baf0e27c2dfc4f4d0dee7c217c716e0782f9b30e8e1fff983fce237d88f73ae"}, - {file = "botocore-1.34.106.tar.gz", hash = "sha256:921fa5202f88c3e58fdcb4b3acffd56d65b24bca47092ee4b27aa988556c0be6"}, + {file = "botocore-1.34.108-py3-none-any.whl", hash = "sha256:b1b9d00804267669c5fcc36489269f7e9c43580c30f0885fbf669cf73cec720b"}, + {file = "botocore-1.34.108.tar.gz", hash = "sha256:384c9408c447631475dc41fdc9bf2e0f30c29c420d96bfe8b468bdc2bace3e13"}, ] [package.dependencies] @@ -611,6 +611,25 @@ files = [ {file = "defusedxml-0.7.1.tar.gz", hash = "sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69"}, ] +[[package]] +name = "detect-secrets" +version = "1.5.0" +description = "Tool for detecting secrets in the codebase" +optional = false +python-versions = "*" +files = [ + {file = "detect_secrets-1.5.0-py3-none-any.whl", hash = "sha256:e24e7b9b5a35048c313e983f76c4bd09dad89f045ff059e354f9943bf45aa060"}, + {file = "detect_secrets-1.5.0.tar.gz", hash = "sha256:6bb46dcc553c10df51475641bb30fd69d25645cc12339e46c824c1e0c388898a"}, +] + +[package.dependencies] +pyyaml = "*" +requests = "*" + +[package.extras] +gibberish = ["gibberish-detector"] +word-list = ["pyahocorasick"] + [[package]] name = "distlib" version = "0.3.8" @@ -1803,13 +1822,13 @@ files = [ [[package]] name = "phonenumbers" -version = "8.13.36" +version = "8.13.37" description = "Python version of Google's common library for parsing, formatting, storing and validating international phone numbers." optional = false python-versions = "*" files = [ - {file = "phonenumbers-8.13.36-py2.py3-none-any.whl", hash = "sha256:68e06d20ae2f8fe5c7c7fd5b433f4257bc3cc747dc5196a029c7898ea449b012"}, - {file = "phonenumbers-8.13.36.tar.gz", hash = "sha256:b4e2371e35a1172aa2c91c9200b1e48e87b9355eb575768dd38058fc8d72c9ff"}, + {file = "phonenumbers-8.13.37-py2.py3-none-any.whl", hash = "sha256:4ea00ef5012422c08c7955c21131e7ae5baa9a3ef52cf2d561e963f023006b80"}, + {file = "phonenumbers-8.13.37.tar.gz", hash = "sha256:bd315fed159aea0516f7c367231810fe8344d5bec26156b88fa18374c11d1cf2"}, ] [[package]] @@ -2944,4 +2963,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "17d4fa911a9aba6f956ef316583babd63f31a849372ae47a0a79e260295dad45" +content-hash = "6c30d38eee0f7d7cc92766cfd807cadc70d223dea14bef1e9b4be22e34153711" diff --git a/pyproject.toml b/pyproject.toml index 3e48b679da..cca5c0d8b6 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -40,7 +40,7 @@ markdown = "^3.5.2" async-timeout = "^4.0.3" bleach = "^6.1.0" boto3 = "^1.34.106" -botocore = "^1.34.106" +botocore = "^1.34.108" cachetools = "^5.3.3" cffi = "^1.16.0" cryptography = "^42.0.7" @@ -50,7 +50,7 @@ jmespath = "^1.0.1" mistune = "0.8.4" numpy = "^1.26.4" ordered-set = "^4.1.0" -phonenumbers = "^8.13.36" +phonenumbers = "^8.13.37" pycparser = "^2.22" python-json-logger = "^2.0.7" redis = "^5.0.4" @@ -92,6 +92,7 @@ pytest-xdist = "^3.5.0" radon = "^6.0.1" requests-mock = "^1.11.0" vulture = "^2.11" +detect-secrets = "^1.5.0" [build-system] From fe836f2d3ddac85bc91eb807e007ba4d085082d7 Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Fri, 24 May 2024 10:22:59 -0400 Subject: [PATCH 2/3] Updated several other dependencies This includes requests to take care of a Dependabot security alert. Signed-off-by: Carlo Costino --- poetry.lock | 30 +++++++++++++++--------------- pyproject.toml | 8 ++++---- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/poetry.lock b/poetry.lock index 29a5634da6..80a3414915 100644 --- a/poetry.lock +++ b/poetry.lock @@ -171,17 +171,17 @@ files = [ [[package]] name = "boto3" -version = "1.34.106" +version = "1.34.112" description = "The AWS SDK for Python" optional = false python-versions = ">=3.8" files = [ - {file = "boto3-1.34.106-py3-none-any.whl", hash = "sha256:d3be4e1dd5d546a001cd4da805816934cbde9d395316546e9411fec341ade5cf"}, - {file = "boto3-1.34.106.tar.gz", hash = "sha256:6165b8cf1c7e625628ab28b32f9027064c8f5e5fca1c38d7fc228cd22069a19f"}, + {file = "boto3-1.34.112-py3-none-any.whl", hash = "sha256:4cf28ce2c19a4e4963f1cb1f9b659a548f840f88af3e2da727b35ceb104f9223"}, + {file = "boto3-1.34.112.tar.gz", hash = "sha256:1092ac6c68acdd33051ed0d2b7cb6f5a4527c5d1535a48cda53f7012accde206"}, ] [package.dependencies] -botocore = ">=1.34.106,<1.35.0" +botocore = ">=1.34.112,<1.35.0" jmespath = ">=0.7.1,<2.0.0" s3transfer = ">=0.10.0,<0.11.0" @@ -190,13 +190,13 @@ crt = ["botocore[crt] (>=1.21.0,<2.0a0)"] [[package]] name = "botocore" -version = "1.34.108" +version = "1.34.112" description = "Low-level, data-driven core of boto 3." optional = false python-versions = ">=3.8" files = [ - {file = "botocore-1.34.108-py3-none-any.whl", hash = "sha256:b1b9d00804267669c5fcc36489269f7e9c43580c30f0885fbf669cf73cec720b"}, - {file = "botocore-1.34.108.tar.gz", hash = "sha256:384c9408c447631475dc41fdc9bf2e0f30c29c420d96bfe8b468bdc2bace3e13"}, + {file = "botocore-1.34.112-py3-none-any.whl", hash = "sha256:637f568a6c3322fb7e5ee55e0c5367324a15a331e87a497783ac6209253dde30"}, + {file = "botocore-1.34.112.tar.gz", hash = "sha256:053495953910bcf95d336ab1adb13efb70edc5462932eff180560737ad069319"}, ] [package.dependencies] @@ -2225,13 +2225,13 @@ certifi = "*" [[package]] name = "pytest" -version = "8.2.0" +version = "8.2.1" description = "pytest: simple powerful testing with Python" optional = false python-versions = ">=3.8" files = [ - {file = "pytest-8.2.0-py3-none-any.whl", hash = "sha256:1733f0620f6cda4095bbf0d9ff8022486e91892245bb9e7d5542c018f612f233"}, - {file = "pytest-8.2.0.tar.gz", hash = "sha256:d507d4482197eac0ba2bae2e9babf0672eb333017bcedaa5fb1a3d42c1174b3f"}, + {file = "pytest-8.2.1-py3-none-any.whl", hash = "sha256:faccc5d332b8c3719f40283d0d44aa5cf101cec36f88cde9ed8f2bc0538612b1"}, + {file = "pytest-8.2.1.tar.gz", hash = "sha256:5046e5b46d8e4cac199c373041f26be56fdb81eb4e67dc11d4e10811fc3408fd"}, ] [package.dependencies] @@ -2581,13 +2581,13 @@ files = [ [[package]] name = "requests" -version = "2.31.0" +version = "2.32.2" description = "Python HTTP for Humans." optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" files = [ - {file = "requests-2.31.0-py3-none-any.whl", hash = "sha256:58cd2187c01e70e6e26505bca751777aa9f2ee0b7f4300988b709f44e013003f"}, - {file = "requests-2.31.0.tar.gz", hash = "sha256:942c5a758f98d790eaed1a29cb6eefc7ffb0d1cf7af05c3d2791656dbd6ad1e1"}, + {file = "requests-2.32.2-py3-none-any.whl", hash = "sha256:fc06670dd0ed212426dfeb94fc1b983d917c4f9847c863f313c9dfaaffb7c23c"}, + {file = "requests-2.32.2.tar.gz", hash = "sha256:dd951ff5ecf3e3b3aa26b40703ba77495dab41da839ae72ef3c8e5d8e2433289"}, ] [package.dependencies] @@ -2963,4 +2963,4 @@ files = [ [metadata] lock-version = "2.0" python-versions = "^3.12.2" -content-hash = "6c30d38eee0f7d7cc92766cfd807cadc70d223dea14bef1e9b4be22e34153711" +content-hash = "6c271d919c3736a844fa3674c1db0891e4c09378e6656b396ff60c594e34a862" diff --git a/pyproject.toml b/pyproject.toml index cca5c0d8b6..2fc0b3c14f 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -39,8 +39,8 @@ wtforms = "~=3.1" markdown = "^3.5.2" async-timeout = "^4.0.3" bleach = "^6.1.0" -boto3 = "^1.34.106" -botocore = "^1.34.108" +boto3 = "^1.34.108" +botocore = "^1.34.112" cachetools = "^5.3.3" cffi = "^1.16.0" cryptography = "^42.0.7" @@ -65,7 +65,7 @@ idna = "^3.7" markupsafe = "^2.1.5" python-dateutil = "^2.9.0.post0" pyyaml = "^6.0.1" -requests = "^2.31.0" +requests = "^2.32.2" six = "^1.16.0" urllib3 = "^2.2.1" webencodings = "^0.5.1" @@ -84,7 +84,7 @@ isort = "^5.13.2" jinja2-cli = {version = "==0.8.2", extras = ["yaml"]} pip-audit = "*" pre-commit = "^3.7.1" -pytest = "^8.1.1" +pytest = "^8.2.1" pytest-env = "^1.1.3" pytest-mock = "^3.14.0" pytest-playwright = "^0.5.0" From 408b00c697cff951a894fd1da4bda1e33ac1ae9f Mon Sep 17 00:00:00 2001 From: Carlo Costino Date: Fri, 24 May 2024 10:36:32 -0400 Subject: [PATCH 3/3] Removed duplicate pre-commit hook Signed-off-by: Carlo Costino --- .pre-commit-config.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index f10ade983d..cb3c48cae9 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -13,12 +13,9 @@ repos: - id: check-toml - id: check-ast - id: fix-byte-order-marker - - id: check-merge-conflict - - id: debug-statements - id: detect-aws-credentials args: [--allow-missing-credentials] - id: detect-private-key - - id: end-of-file-fixer - id: mixed-line-ending - repo: https://github.com/Yelp/detect-secrets rev: v1.5.0