Update several dependencies.

ICTU · Jan 10, 2025 · b1a189e · b1a189e
1 parent 114d16c
commit b1a189e
Show file tree

Hide file tree

Showing 39 changed files with 78 additions and 49 deletions.
diff --git a/components/api_server/pyproject.toml b/components/api_server/pyproject.toml
@@ -30,7 +30,7 @@ optional-dependencies.tools = [
     "mypy==1.14.1",
     "pip-audit==2.7.3",
     "pyproject-fmt==2.5.0",
-    "ruff==0.8.6",
+    "ruff==0.9.0",
     "vulture==2.14",
 ]
 

diff --git a/.../api_server/src/initialization/secrets.py → ..._server/src/initialization/app_secrets.py b/.../api_server/src/initialization/secrets.py → ..._server/src/initialization/app_secrets.py
diff --git a/components/api_server/src/initialization/database.py b/components/api_server/src/initialization/database.py
@@ -9,7 +9,7 @@
 from .migrations import perform_migrations
 from .datamodel import import_datamodel
 from .report import import_example_reports, initialize_reports_overview
-from .secrets import initialize_secrets
+from .app_secrets import initialize_secrets
 
 
 def init_database(database: Database) -> None:  # pragma: no feature-test-cover

diff --git a/components/api_server/src/model/issue_tracker.py b/components/api_server/src/model/issue_tracker.py
@@ -222,7 +222,7 @@ def __get_epic_links(self, fields: list[Option]) -> list[Option]:  # pragma: no
         except Exception as reason:
             logging.warning("Getting epics at %s failed: %s", api_url, reason)
         return [
-            Option(str(epic["key"]), f'{cast(dict[str, dict[str, str]], epic)["fields"]["summary"]} ({epic["key"]})')
+            Option(str(epic["key"]), f"{cast(dict[str, dict[str, str]], epic)['fields']['summary']} ({epic['key']})")
             for epic in epics
         ]
 

diff --git a/components/api_server/src/routes/auth.py b/components/api_server/src/routes/auth.py
@@ -17,7 +17,7 @@
 
 from database.users import upsert_user, get_user
 from database import sessions
-from initialization.secrets import EXPORT_FIELDS_KEYS_NAME
+from initialization.app_secrets import EXPORT_FIELDS_KEYS_NAME
 from utils.functions import uuid
 from utils.type import SessionId, User
 

diff --git a/components/api_server/src/routes/report.py b/components/api_server/src/routes/report.py
@@ -15,7 +15,7 @@
 from database.datamodels import latest_datamodel
 from database.measurements import recent_measurements
 from database.reports import insert_new_report, latest_report, latest_reports_before_timestamp
-from initialization.secrets import EXPORT_FIELDS_KEYS_NAME
+from initialization.app_secrets import EXPORT_FIELDS_KEYS_NAME
 from model.actions import copy_report
 from model.defaults import default_report_attributes
 from model.report import Report

diff --git a/components/api_server/src/routes/source.py b/components/api_server/src/routes/source.py
@@ -31,8 +31,7 @@ def post_source_new(metric_uuid: MetricId, database: Database):
     parameters = default_source_parameters(metric.type(), source_type)
     metric.sources_dict[(source_uuid := uuid())] = {"type": source_type, "parameters": parameters}
     delta_description = (
-        f"{{user}} added a new source to metric '{metric.name}' of subject "
-        f"'{subject.name}' in report '{report.name}'."
+        f"{{user}} added a new source to metric '{metric.name}' of subject '{subject.name}' in report '{report.name}'."
     )
     uuids = [report.uuid, subject.uuid, metric.uuid, source_uuid]
     result = insert_new_report(database, delta_description, uuids, report)

diff --git a/components/api_server/tests/initialization/test_secrets.py b/components/api_server/tests/initialization/test_secrets.py
@@ -3,7 +3,7 @@
 import unittest
 from unittest.mock import Mock
 
-from initialization.secrets import initialize_secrets
+from initialization.app_secrets import initialize_secrets
 
 
 class TestSecrets(unittest.TestCase):

diff --git a/components/api_server/tests/routes/test_measurement.py b/components/api_server/tests/routes/test_measurement.py
@@ -213,7 +213,7 @@ def sleep(seconds: float) -> float:
             stream = stream_nr_measurements(self.database)
             try:
                 self.assertEqual("retry: 2000\nid: 0\nevent: init\ndata: 42\n\n", next(stream))
-                self.assertEqual(f"retry: 2000\nid: 1\nevent: flush\ndata: {"." * 256 ** 2}\n\n", next(stream))
+                self.assertEqual(f"retry: 2000\nid: 1\nevent: flush\ndata: {'.' * 256**2}\n\n", next(stream))
                 self.assertEqual("retry: 2000\nid: 2\nevent: delta\ndata: 43\n\n", next(stream))
                 self.assertEqual("retry: 2000\nid: 3\nevent: delta\ndata: 43\n\n", next(stream))
                 self.assertEqual("retry: 2000\nid: 4\nevent: delta\ndata: 44\n\n", next(stream))

diff --git a/components/collector/pyproject.toml b/components/collector/pyproject.toml
@@ -30,7 +30,7 @@ optional-dependencies.tools = [
     "mypy==1.14.1",
     "pip-audit==2.7.3",
     "pyproject-fmt==2.5.0",
-    "ruff==0.8.6",
+    "ruff==0.9.0",
     "vulture==2.14",
 ]
 

diff --git a/components/collector/src/source_collectors/anchore/security_warnings.py b/components/collector/src/source_collectors/anchore/security_warnings.py
@@ -22,7 +22,7 @@ def _create_entity(vulnerability: dict[str, str], filename: str) -> Entity:
             # Include the filename in the hash so that it is unique even when multiple images contain the
             # same package with the same vulnerability. Don't add a colon so existing hashes stay the same
             # if the source is not a zipped report (filename is an empty string in that case).
-            key=md5_hash(f'{filename}{vulnerability["vuln"]}:{vulnerability["package"]}'),
+            key=md5_hash(f"{filename}{vulnerability['vuln']}:{vulnerability['package']}"),
             cve=vulnerability["vuln"],
             filename=filename,
             package=vulnerability["package"],

diff --git a/components/collector/src/source_collectors/bandit/security_warnings.py b/components/collector/src/source_collectors/bandit/security_warnings.py
@@ -18,8 +18,8 @@ def _parse_json(self, json: JSON, filename: str) -> Entities:
         return Entities(
             [
                 Entity(
-                    key=f'{warning["test_id"]}:{warning["filename"]}:{warning["line_number"]}',
-                    location=f'{warning["filename"]}:{warning["line_number"]}',
+                    key=f"{warning['test_id']}:{warning['filename']}:{warning['line_number']}",
+                    location=f"{warning['filename']}:{warning['line_number']}",
                     issue_text=warning["issue_text"],
                     issue_severity=warning["issue_severity"].capitalize(),
                     issue_confidence=warning["issue_confidence"].capitalize(),

diff --git a/components/collector/src/source_collectors/composer/dependencies.py b/components/collector/src/source_collectors/composer/dependencies.py
@@ -14,7 +14,7 @@ async def _parse_source_responses(self, responses: SourceResponses) -> SourceMea
             installed_dependencies.extend((await response.json(content_type=None)).get("installed", []))
         entities = [
             Entity(
-                key=f'{dependency["name"]}@{dependency.get("version", "?")}',
+                key=f"{dependency['name']}@{dependency.get('version', '?')}",
                 name=dependency["name"],
                 version=dependency.get("version", "unknown"),
                 homepage=dependency.get("homepage", ""),

diff --git a/components/collector/src/source_collectors/dependency_track/dependencies.py b/components/collector/src/source_collectors/dependency_track/dependencies.py
@@ -50,11 +50,11 @@ def _create_entity(self, component: DependencyTrackComponent) -> Entity:
         landing_url = str(self._parameter("landing_url")).strip("/")
         return Entity(
             component=component["name"],
-            component_landing_url=f"{landing_url}/components/{component["uuid"]}",
+            component_landing_url=f"{landing_url}/components/{component['uuid']}",
             key=component["uuid"],
             latest=latest_version,
             latest_version_status=self._latest_version_status(current_version, latest_version),
             project=project["name"],
-            project_landing_url=f"{landing_url}/projects/{project["uuid"]}",
+            project_landing_url=f"{landing_url}/projects/{project['uuid']}",
             version=current_version,
         )
diff --git a/components/collector/src/source_collectors/dependency_track/security_warnings.py b/components/collector/src/source_collectors/dependency_track/security_warnings.py
@@ -65,7 +65,7 @@ def _create_entity(self, finding: DependencyTrackFinding) -> Entity:
         latest_version = component.get("latestVersion", "unknown")
         return Entity(
             component=component["name"],
-            component_landing_url=f"{landing_url}/components/{component["uuid"]}",
+            component_landing_url=f"{landing_url}/components/{component['uuid']}",
             description=vulnerability["description"],
             identifier=vulnerability["vulnId"],
             key=finding["matrix"],  # Matrix is a combination of project, component, and vulnerability

diff --git a/components/collector/src/source_collectors/generic_json/security_warnings.py b/components/collector/src/source_collectors/generic_json/security_warnings.py
@@ -17,7 +17,7 @@ def _parse_json(self, json: JSON, filename: str) -> Entities:
         entities = Entities()
         vulnerabilities = cast(JSONDict, json).get("vulnerabilities", [])
         for vulnerability in vulnerabilities:
-            key = md5_hash(f'{vulnerability["title"]}:{vulnerability["description"]}')
+            key = md5_hash(f"{vulnerability['title']}:{vulnerability['description']}")
             entities.append(
                 Entity(
                     key=key,

diff --git a/components/collector/src/source_collectors/npm/dependencies.py b/components/collector/src/source_collectors/npm/dependencies.py
@@ -31,7 +31,7 @@ def _parse_json(self, json: JSON, filename: str) -> Entities:
 
     def _create_entity(self, dependency: str, version: DependencyVersionInfo) -> Entity:
         """Create an entity for the dependency."""
-        key = f'{dependency}@{version.get("current", "?")}'
+        key = f"{dependency}@{version.get('current', '?')}"
         name = dependency
         if "dependent" in version:
             key += f"@{version['dependent']}"

diff --git a/components/collector/src/source_collectors/pip/dependencies.py b/components/collector/src/source_collectors/pip/dependencies.py
@@ -14,7 +14,7 @@ def _parse_json(self, json: JSON, filename: str) -> Entities:
         """Override to parse the dependencies from the JSON."""
         return Entities(
             Entity(
-                key=f'{dependency["name"]}@{dependency.get("version", "?")}',
+                key=f"{dependency['name']}@{dependency.get('version', '?')}",
                 name=dependency["name"],
                 version=dependency.get("version", "unknown"),
                 latest=dependency.get("latest_version", "unknown"),

diff --git a/components/collector/src/source_collectors/sarif/base.py b/components/collector/src/source_collectors/sarif/base.py
@@ -23,7 +23,7 @@ def _parse_json(self, json: JSON, filename: str) -> Entities:
                 ]
                 entities.append(
                     Entity(
-                        key=f'{rule["id"]}@{",".join(locations)}',
+                        key=f"{rule['id']}@{','.join(locations)}",
                         message=result["message"]["text"],
                         level=result["level"],
                         locations=", ".join(locations),

diff --git a/components/collector/tests/collector_utilities/test_functions.py b/components/collector/tests/collector_utilities/test_functions.py
@@ -161,4 +161,4 @@ def test_decimal_round_half_up(self):
         self.assertEqual(1, decimal_round_half_up(1.0))
         self.assertEqual(1, decimal_round_half_up(1.1))
         self.assertEqual(2, decimal_round_half_up(1.5))
-        self.assertEqual(2, decimal_round_half_up(Decimal(1.5)))
+        self.assertEqual(2, decimal_round_half_up(Decimal("1.5")))
diff --git a/components/collector/tests/source_collectors/ncover/test_uncovered_branches.py b/components/collector/tests/source_collectors/ncover/test_uncovered_branches.py
@@ -23,10 +23,10 @@ class NCoverUncoveredBranchesTest(NCoverTestCase):
     async def test_uncovered_branches(self):
         """Test that the number of uncovered branches is returned."""
         response = await self.collect(get_request_text=self.NCOVER_HTML)
-        self.assert_measurement(response, value=f"{12034-9767}", total="12034")
+        self.assert_measurement(response, value=f"{12034 - 9767}", total="12034")
 
     async def test_zipped_report(self):
         """Test that the coverage can be read from a zip with NCover reports."""
         self.set_source_parameter("url", "https://example.org/report.zip")
         response = await self.collect(get_request_content=self.zipped_report(("ncover.html", self.NCOVER_HTML)))
-        self.assert_measurement(response, value=f"{12034-9767}", total="12034")
+        self.assert_measurement(response, value=f"{12034 - 9767}", total="12034")
diff --git a/components/collector/tests/source_collectors/ncover/test_uncovered_lines.py b/components/collector/tests/source_collectors/ncover/test_uncovered_lines.py
@@ -22,10 +22,10 @@ class NCoverUncoveredLinesTest(NCoverTestCase):
     async def test_uncovered_lines(self):
         """Test that the number of uncovered sequence points is returned."""
         response = await self.collect(get_request_text=self.NCOVER_HTML)
-        self.assert_measurement(response, value=f"{17153-14070}", total="17153")
+        self.assert_measurement(response, value=f"{17153 - 14070}", total="17153")
 
     async def test_zipped_report(self):
         """Test that the coverage can be read from a zip with NCover reports."""
         self.set_source_parameter("url", "https://example.org/report.zip?parameter=should_not_matter")
         response = await self.collect(get_request_content=self.zipped_report(("ncover.html", self.NCOVER_HTML)))
-        self.assert_measurement(response, value=f"{17153-14070}", total="17153")
+        self.assert_measurement(response, value=f"{17153 - 14070}", total="17153")
diff --git a/components/collector/tests/source_collectors/sonarqube/test_commented_out_code.py b/components/collector/tests/source_collectors/sonarqube/test_commented_out_code.py
@@ -16,5 +16,5 @@ async def test_commented_out_code(self):
             response,
             value="2",
             total="100",
-            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules("commented_out")}",
+            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules('commented_out')}",
         )
diff --git a/components/collector/tests/source_collectors/sonarqube/test_complex_units.py b/components/collector/tests/source_collectors/sonarqube/test_complex_units.py
@@ -26,5 +26,5 @@ async def test_complex_units(self):
             response,
             value="2",
             total="4",
-            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules("complex_unit")}",
+            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules('complex_unit')}",
         )
diff --git a/components/collector/tests/source_collectors/sonarqube/test_long_units.py b/components/collector/tests/source_collectors/sonarqube/test_long_units.py
@@ -27,5 +27,5 @@ async def test_long_units(self):
             response,
             value="2",
             total="4",
-            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules("long_unit")}",
+            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules('long_unit')}",
         )
diff --git a/components/collector/tests/source_collectors/sonarqube/test_many_parameters.py b/components/collector/tests/source_collectors/sonarqube/test_many_parameters.py
@@ -27,5 +27,5 @@ async def test_many_parameters(self):
             response,
             value="2",
             total="4",
-            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules("many_parameter")}",
+            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules('many_parameter')}",
         )
diff --git a/components/collector/tests/source_collectors/sonarqube/test_todo_and_fixme_comments.py b/components/collector/tests/source_collectors/sonarqube/test_todo_and_fixme_comments.py
@@ -16,5 +16,5 @@ async def test_todo_and_fixme_comments(self):
             response,
             value="2",
             total="100",
-            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules("todo_and_fixme_comment")}",
+            landing_url=f"{self.issues_landing_url}&rules={self.sonar_rules('todo_and_fixme_comment')}",
         )