You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Our Github Action encounters fails when checking requirements today.
It looks like insecure_full.json differs sometimes when safety try to retrieve it.
Expected result:
safety should report graphene-djago issue with Vulnerability ID 55237
-> Vulnerability found in graphene-django version 2.15.0
Vulnerability ID: 55237
Affected spec: <3.0.1
ADVISORY: Graphene-django 3.0.1 updates its NPM dependency 'graphiql'
to v1.4.7 to fix a potential vulnerability.
CVE-2021-41248
For more information, please visit https://pyup.io/v/55237/f17
What I Did
The error context when running safety check:
Unhandled exception happened: 'graphene-django'
The following is the result runs with safety --debug check
I also dump success/fail insecure_full.json to gist.
2023-05-31 13:28:00,930 safety.cli => Telemetry enabled: True
2023-05-31 13:28:00,931 safety.cli => Running check command
2023-05-31 13:28:01,089 safety.cli => Calling the check function
2023-05-31 13:28:01,100 safety.util => Telemetry body built: {'os_type': 'Darwin', 'os_release': '22.4.0', 'os_description': 'macOS-13.3.1-x86_64-i386-64bit', 'python_version': '3.8.13', 'safety_command': 'check', 'safety_options': {}, 'safety_version': '2.3.5', 'safety_source': 'cli'}
2023-05-31 13:28:01,108 urllib3.connectionpool => Starting new HTTPS connection (1): pyup.io:443
2023-05-31 13:28:01,158 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/insecure.json?telemetry=%7B%22os_type%22%3A+%22Darwin%22%2C+%22os_release%22%3A+%2222.4.0%22%2C+%22os_description%22%3A+%22macOS-13.3.1-x86_64-i386-64bit%22%2C+%22python_version%22%3A+%223.8.13%22%2C+%22safety_command%22%3A+%22check%22%2C+%22safety_options%22%3A+%7B%7D%2C+%22safety_version%22%3A+%222.3.5%22%2C+%22safety_source%22%3A+%22cli%22%7D HTTP/1.1" 200 117782
2023-05-31 13:28:01,169 safety.util => Telemetry body built: {'os_type': 'Darwin', 'os_release': '22.4.0', 'os_description': 'macOS-13.3.1-x86_64-i386-64bit', 'python_version': '3.8.13', 'safety_command': 'check', 'safety_options': {}, 'safety_version': '2.3.5', 'safety_source': 'cli'}
2023-05-31 13:28:01,182 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/insecure_full.json?telemetry=%7B%22os_type%22%3A+%22Darwin%22%2C+%22os_release%22%3A+%2222.4.0%22%2C+%22os_description%22%3A+%22macOS-13.3.1-x86_64-i386-64bit%22%2C+%22python_version%22%3A+%223.8.13%22%2C+%22safety_command%22%3A+%22check%22%2C+%22safety_options%22%3A+%7B%7D%2C+%22safety_version%22%3A+%222.3.5%22%2C+%22safety_source%22%3A+%22cli%22%7D HTTP/1.1" 200 3777902
2023-05-31 13:28:01,345 safety.cli => Unexpected Exception happened: 'graphene-django'
Traceback (most recent call last):
File "/Users/darkborderman/.pyenv/versions/3.8.13/envs/Napoleon-3.8/lib/python3.8/site-packages/safety/cli.py", line 145, in check
vulns, db_full = safety.check(packages=packages, key=key, db_mirror=db, cached=cache, ignore_vulns=ignore,
File "/Users/darkborderman/.pyenv/versions/3.8.13/envs/Napoleon-3.8/lib/python3.8/site-packages/safety/util.py", line 614, in new_func
return f(*args, **kwargs)
File "/Users/darkborderman/.pyenv/versions/3.8.13/envs/Napoleon-3.8/lib/python3.8/site-packages/safety/safety.py", line 345, in check
for data in get_vulnerabilities(pkg=name, spec=specifier, db=db_full):
File "/Users/darkborderman/.pyenv/versions/3.8.13/envs/Napoleon-3.8/lib/python3.8/site-packages/safety/safety.py", line 231, in get_vulnerabilities
for entry in db[pkg]:
KeyError: 'graphene-django'
Unhandled exception happened: 'graphene-django'
2023-05-31 13:28:01,346 safety.cli => Calling clean up on close function.
2023-05-31 13:28:01,346 safety.safety => Closing requests session.
The text was updated successfully, but these errors were encountered:
safety version: 2.3.5
Python version: 3.8.13
Operating System: MacOS Ventura 13.3.1 (a)
Description
Our Github Action encounters fails when checking requirements today.
It looks like
insecure_full.json
differs sometimes when safety try to retrieve it.Expected result:
What I Did
The error context when running
safety check
:The following is the result runs with
safety --debug check
I also dump success/fail
insecure_full.json
to gist.The text was updated successfully, but these errors were encountered: