From a2f0bf75f8a7b866576aac30a1a0c6a35e10c62f Mon Sep 17 00:00:00 2001 From: Sai Kumar Battinoju Date: Wed, 25 Sep 2024 21:47:27 +0530 Subject: [PATCH] chore: fix vulnerabilities and deprecation warnings --- requirements.in | 6 +++--- requirements.txt | 14 +++++++------- rudderstack/analytics/client.py | 4 ++-- rudderstack/analytics/consumer.py | 5 ++--- rudderstack/analytics/request.py | 4 ++-- rudderstack/analytics/test/test_utils.py | 4 ++-- 6 files changed, 18 insertions(+), 19 deletions(-) diff --git a/requirements.in b/requirements.in index 054b46c4..cf75b967 100644 --- a/requirements.in +++ b/requirements.in @@ -1,10 +1,10 @@ backoff==2.2.1 deprecation==2.1.0 -mock==4.0.3 +mock==5.1.0 monotonic==1.6 packaging==24.1 -pytest==7.4.4 +pytest==8.3.3 requests==2.32.3 -flake8==7.1.0 +flake8==7.1.1 python-dateutil==2.9.0 python-dotenv==1.0.1 diff --git a/requirements.txt b/requirements.txt index c18c1de9..89d9beb5 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,21 +6,21 @@ # backoff==2.2.1 # via -r requirements.in -certifi==2024.6.2 +certifi==2024.8.30 # via requests charset-normalizer==3.3.2 # via requests deprecation==2.1.0 # via -r requirements.in -flake8==7.1.0 +flake8==7.1.1 # via -r requirements.in -idna==3.7 +idna==3.10 # via requests iniconfig==2.0.0 # via pytest mccabe==0.7.0 # via flake8 -mock==4.0.3 +mock==5.1.0 # via -r requirements.in monotonic==1.6 # via -r requirements.in @@ -31,11 +31,11 @@ packaging==24.1 # pytest pluggy==1.5.0 # via pytest -pycodestyle==2.12.0 +pycodestyle==2.12.1 # via flake8 pyflakes==3.2.0 # via flake8 -pytest==7.4.4 +pytest==8.3.3 # via -r requirements.in python-dateutil==2.9.0 # via -r requirements.in @@ -45,5 +45,5 @@ requests==2.32.3 # via -r requirements.in six==1.16.0 # via python-dateutil -urllib3==2.2.2 +urllib3==2.2.3 # via requests diff --git a/rudderstack/analytics/client.py b/rudderstack/analytics/client.py index 453d0458..53bb21f1 100644 --- a/rudderstack/analytics/client.py +++ b/rudderstack/analytics/client.py @@ -1,4 +1,4 @@ -from datetime import datetime +from datetime import datetime, timezone from uuid import uuid4 import logging import numbers @@ -245,7 +245,7 @@ def _enqueue(self, msg): """Push a new `msg` onto the queue, return `(success, msg)`""" timestamp = msg['timestamp'] if timestamp is None: - timestamp = datetime.utcnow().replace(tzinfo=tzutc()) + timestamp = datetime.now(timezone.utc).replace(tzinfo=tzutc()) message_id = msg.get('messageId') if message_id is None: message_id = uuid4() diff --git a/rudderstack/analytics/consumer.py b/rudderstack/analytics/consumer.py index 637d7aa6..ce8f6ff9 100644 --- a/rudderstack/analytics/consumer.py +++ b/rudderstack/analytics/consumer.py @@ -8,10 +8,9 @@ from queue import Empty -MAX_MSG_SIZE = 4 << 10 << 10 ## 4 mb - -# Our servers only accept batches less than 500KB. Here limit is set slightly +# Our servers only accept payloads within this limit. Here limit is set slightly # lower to leave space for extra data that will be added later, eg. "sentAt". +MAX_MSG_SIZE = 4 << 10 << 10 ## 4 mb BATCH_SIZE_LIMIT = 4 << 10 << 10 ## 4 mb diff --git a/rudderstack/analytics/request.py b/rudderstack/analytics/request.py index d11f19a8..67b4f249 100644 --- a/rudderstack/analytics/request.py +++ b/rudderstack/analytics/request.py @@ -1,4 +1,4 @@ -from datetime import date, datetime +from datetime import date, datetime, timezone from io import BytesIO from gzip import GzipFile import logging @@ -17,7 +17,7 @@ def post(write_key, host=None, gzip=True, timeout=15, proxies=None, **kwargs): """Post the `kwargs` to the API""" log = logging.getLogger('rudderstack') body = kwargs - body["sentAt"] = datetime.utcnow().replace(tzinfo=tzutc()).isoformat() + body["sentAt"] = datetime.now(timezone.utc).replace(tzinfo=tzutc()).isoformat() url = remove_trailing_slash(host or 'https://api.rudderstack.com') + '/v1/batch' auth = HTTPBasicAuth(write_key, '') data = json.dumps(body, cls=DatetimeSerializer) diff --git a/rudderstack/analytics/test/test_utils.py b/rudderstack/analytics/test/test_utils.py index 089800fa..fae2b1ec 100644 --- a/rudderstack/analytics/test/test_utils.py +++ b/rudderstack/analytics/test/test_utils.py @@ -1,4 +1,4 @@ -from datetime import date, datetime, timedelta +from datetime import date, datetime, timedelta, timezone from decimal import Decimal import unittest @@ -51,7 +51,7 @@ def test_clean(self): def test_clean_with_dates(self): dict_with_dates = { 'birthdate': date(1980, 1, 1), - 'registration': datetime.utcnow(), + 'registration': datetime.now(timezone.utc), } self.assertEqual(dict_with_dates, utils.clean(dict_with_dates))