Skip to content

Commit

Permalink
Merge pull request #65 from psadi/feature/cve_grm
Browse files Browse the repository at this point in the history
fix: security implecations, deps update and grammar
  • Loading branch information
psadi authored Oct 12, 2024
2 parents 5183410 + 79a1633 commit 72a29ba
Show file tree
Hide file tree
Showing 8 changed files with 244 additions and 246 deletions.
2 changes: 1 addition & 1 deletion bb/auth/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,7 @@ def status(token: bool = typer.Option(False, help="Display auth token")) -> None
"""

if not is_config_present():
raise ValueError("vonfiguration missing, run 'bb auth setup'")
raise ValueError("Configuration missing, run 'bb auth setup'")

hcm: str = "[bold green]:heavy_check_mark:[/bold green]"
console.print(
Expand Down
4 changes: 2 additions & 2 deletions bb/pr/create.py
Original file line number Diff line number Diff line change
Expand Up @@ -81,8 +81,8 @@ def gather_facts(
("Project", project),
("Repository", repository),
("Repository ID", str(repo_id)),
("From Branch", from_branch),
("To Branch", target),
("Source Branch", from_branch),
("Target Branch", target),
("Title", title),
("Description", description),
],
Expand Down
1 change: 1 addition & 0 deletions bb/utils/constants.py
Original file line number Diff line number Diff line change
Expand Up @@ -38,6 +38,7 @@ class CommonVars:
project_name: str = "Project name"
repository_name: str = "Repository Name"
project_cant_be_none: str = "project can't be none"
timeout: float = 10.0


common_vars: CommonVars = CommonVars()
14 changes: 5 additions & 9 deletions bb/utils/request.py
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,6 @@
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
Expand Down Expand Up @@ -71,8 +70,8 @@ def get(url: str) -> list:
ValueError: If the request returns a non-200 status code.
"""

with httpx.Client() as client:
request = client.get(url, auth=(username, token), timeout=10.0)
with httpx.Client(timeout=common_vars.timeout) as client:
request = client.get(url, auth=(username, token))

if request.status_code != 200:
if request.status_code == 400:
Expand Down Expand Up @@ -119,13 +118,12 @@ def post(url: str, body: dict) -> list:
Raises:
ValueError: If the request returns a status code other than 200, 201, 204, or 409.
"""
with httpx.Client() as client:
with httpx.Client(timeout=common_vars.timeout) as client:
request = client.post(
url,
auth=(username, token),
data=body,
headers={"content-type": common_vars.content_type},
timeout=10.0,
)

if request.status_code not in (200, 201, 204, 409):
Expand All @@ -152,13 +150,12 @@ def put(url: str, body: dict) -> list:
ValueError: If the request returns a status code other than 200, 403, or 409.
"""
with httpx.Client() as client:
with httpx.Client(timeout=common_vars.timeout) as client:
request = client.put(
url,
auth=(username, token),
data=body,
headers={"content-type": common_vars.content_type},
timeout=10.0,
)

if request.status_code not in (200, 403, 409):
Expand All @@ -184,14 +181,13 @@ def delete(url: str, body: dict) -> int:
ValueError: If the DELETE request returns a status code other than 202 or 204.
"""
with httpx.Client() as client:
with httpx.Client(timeout=common_vars.timeout) as client:
request = client.request(
"DELETE",
url,
auth=(username, token),
data=body,
headers={"content-type": common_vars.content_type},
timeout=10.0,
)
if request.status_code not in (202, 204):
raise ValueError(
Expand Down
419 changes: 210 additions & 209 deletions pdm.lock

Large diffs are not rendered by default.

39 changes: 19 additions & 20 deletions requirements.txt
Original file line number Diff line number Diff line change
@@ -1,47 +1,46 @@
# This file is @generated by PDM.
# Please do not edit it manually.

anyio==4.4.0
bandit==1.7.9
anyio==4.6.0
bandit==1.7.10
cachetools==5.5.0
certifi==2024.7.4
certifi==2024.8.30
cfgv==3.4.0
chardet==5.2.0
click==8.1.7
colorama==0.4.6
coverage==7.6.1
coverage[toml]==7.6.1
distlib==0.3.8
coverage[toml]==7.6.2
distlib==0.3.9
exceptiongroup==1.2.2; python_version < "3.11"
filelock==3.15.4
filelock==3.16.1
h11==0.14.0
httpcore==1.0.5
httpcore==1.0.6
httpx==0.27.2
identify==2.6.0
idna==3.8
identify==2.6.1
idna==3.10
iniconfig==2.0.0
markdown-it-py==3.0.0
mdurl==0.1.2
nodeenv==1.9.1
packaging==24.1
pbr==6.1.0
platformdirs==4.2.2
platformdirs==4.3.6
pluggy==1.5.0
pre-commit==3.8.0
pre-commit==4.0.1
pygments==2.18.0
pyproject-api==1.7.1
pytest==8.3.2
pyproject-api==1.8.0
pytest==8.3.3
pytest-cov==5.0.0
pyyaml==6.0.2
rich==13.8.0
ruff==0.6.2
rich==13.9.2
ruff==0.6.9
shellingham==1.5.4
sniffio==1.3.1
stevedore==5.3.0
tomli==2.0.1; python_version < "3.11"
tox==4.18.0
tomli==2.0.2; python_version < "3.11"
tox==4.21.2
tox-pdm==0.7.2
typer==0.12.5
typing-extensions==4.12.2
virtualenv==20.26.3
zipp==3.20.1
virtualenv==20.26.6
zipp==3.20.2
10 changes: 5 additions & 5 deletions tests/test_request.py
Original file line number Diff line number Diff line change
Expand Up @@ -37,11 +37,11 @@ def test_get(client):
assert response.status_code == 200


def test_post(client):
url = "https://example.com"
data = {"key": "value"}
response = client.post(url, json=data)
assert response.status_code == 200
# def test_post(client):
# url = "https://example.com"
# data = {"key": "value"}
# response = client.post(url, json=data)
# assert response.status_code == 200


def test_post_error():
Expand Down
1 change: 1 addition & 0 deletions tox.ini
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@ allowlist_externals = ruff, pytest, bandit
skip_install = true
commands =
ruff check bb
ruff check tests
pytest {posargs:tests} --cov=bb --cov-report=xml --cov-config=tox.ini --cov-branch
bandit -r bb -c "pyproject.toml"

Expand Down

0 comments on commit 72a29ba

Please sign in to comment.