fix: websocket dependency for websockets 9.1 security fix (#2366)

Co-authored-by: Adam Hopkins <adam@amhopkins.com>
sanic-org · Jan 16, 2022 · 6e55e73 · 6e55e73
1 parent 89d9424
commit 6e55e73
Show file tree

Hide file tree

Showing 24 changed files with 542 additions and 29 deletions.
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
@@ -0,0 +1,40 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches:
+      - main
+      - "*LTS"
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+  schedule:
+    - cron: '25 16 * * 0'
+
+jobs:
+  analyze:
+    if: github.event.pull_request.draft == false
+    name: Analyze
+    runs-on: ubuntu-latest
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ 'python' ]
+
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v2
+
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v1
+      with:
+        languages: ${{ matrix.language }}
+
+    - name: Autobuild
+      uses: github/codeql-action/autobuild@v1
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v1
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
@@ -0,0 +1,37 @@
+name: Coverage check
+on:
+  push:
+    branches:
+      - main
+      - "*LTS"
+    tags:
+      - "!*" # Do not execute on tags
+  pull_request:
+    types: [opened, synchronize, reopened, ready_for_review]
+jobs:
+  test:
+    if: github.event.pull_request.draft == false
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        python-version: [3.9]
+        os: [ubuntu-latest]
+      fail-fast: false
+
+    steps:
+      - uses: actions/checkout@v2
+
+      - uses: actions/setup-python@v1
+        with:
+          python-version: ${{ matrix.python-version }}
+
+      - name: Install dependencies 🔨
+        run: |
+          python -m pip install --upgrade pip
+          pip install tox
+      - uses: paambaati/codeclimate-action@v2.5.3
+        if: always()
+        env:
+          CC_TEST_REPORTER_ID: ${{ secrets.CODECLIMATE }}
+        with:
+          coverageCommand: tox -e coverage
diff --git a/.github/workflows/on-demand.yml b/.github/workflows/on-demand.yml
@@ -0,0 +1,39 @@
+name: On Demand Task
+on:
+  workflow_dispatch:
+    inputs:
+      python-version:
+        description: 'Version of Python to use for running Test'
+        required: false
+        default: "3.8"
+      tox-env:
+        description: 'Test Environment to Run'
+        required: true
+        default: ''
+      os:
+        description: 'Operating System to Run Test on'
+        required: false
+        default: ubuntu-latest
+jobs:
+  onDemand:
+    name: tox-${{ matrix.config.tox-env }}-on-${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: ["${{ github.event.inputs.os}}"]
+        config:
+          - { tox-env: "${{ github.event.inputs.tox-env }}", py-version: "${{ github.event.inputs.python-version }}"}
+    steps:
+      - name: Checkout Repository
+        uses: actions/checkout@v2
+
+      - name: Run tests
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.py-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
+          experimental-ignore-error: "yes"
diff --git a/.github/workflows/pr-bandit.yml b/.github/workflows/pr-bandit.yml
@@ -0,0 +1,36 @@
+name: Security Analysis
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  bandit:
+    if: github.event.pull_request.draft == false
+    name: type-check-${{ matrix.config.python-version }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        config:
+          - { python-version: 3.7, tox-env: security}
+          - { python-version: 3.8, tox-env: security}
+          - { python-version: 3.9, tox-env: security}
+          - { python-version: "3.10", tox-env: security}
+    steps:
+      - name: Checkout the repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Linter Checks
+        id: linter-check
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
diff --git a/.github/workflows/pr-docs.yml b/.github/workflows/pr-docs.yml
@@ -0,0 +1,32 @@
+name: Document Linter
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  docsLinter:
+    if: github.event.pull_request.draft == false
+    name: Lint Documentation
+    runs-on: ubuntu-latest
+    strategy:
+      matrix:
+        config:
+          - {python-version: "3.8", tox-env: "docs"}
+      fail-fast: false
+
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v2
+
+      - name: Run Document Linter
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
diff --git a/.github/workflows/pr-linter.yml b/.github/workflows/pr-linter.yml
@@ -0,0 +1,33 @@
+name: Linter Checks
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  linter:
+    if: github.event.pull_request.draft == false
+    name: lint
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        config:
+          - { python-version: 3.8, tox-env: lint}
+    steps:
+      - name: Checkout the repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Linter Checks
+        id: linter-check
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
diff --git a/.github/workflows/pr-python-pypy.yml b/.github/workflows/pr-python-pypy.yml
@@ -0,0 +1,41 @@
+name: Python PyPy Tests
+on:
+  workflow_dispatch:
+    inputs:
+      tox-env:
+        description: "Tox Env to run on the PyPy Infra"
+        required: false
+        default: "pypy37"
+      pypy-version:
+        description: "Version of PyPy to use"
+        required: false
+        default: "pypy-3.7"
+jobs:
+  testPyPy:
+    name: ut-${{ matrix.config.tox-env }}-${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: false
+      matrix:
+        # os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest]
+        config:
+          - {
+              python-version: "${{ github.event.inputs.pypy-version }}",
+              tox-env: "${{ github.event.inputs.tox-env }}",
+            }
+    steps:
+      - name: Checkout the Repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Unit Tests
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
+          experimental-ignore-error: "true"
+          command-timeout: "600000"
diff --git a/.github/workflows/pr-python37.yml b/.github/workflows/pr-python37.yml
@@ -0,0 +1,35 @@
+name: Python 3.7 Tests
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  testPy37:
+    if: github.event.pull_request.draft == false
+    name: ut-${{ matrix.config.tox-env }}-${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        #         os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest]
+        config:
+          - { python-version: 3.7, tox-env: py37 }
+          - { python-version: 3.7, tox-env: py37-no-ext }
+    steps:
+      - name: Checkout the Repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Unit Tests
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
+          test-failure-retry: "3"
diff --git a/.github/workflows/pr-python38.yml b/.github/workflows/pr-python38.yml
@@ -0,0 +1,35 @@
+name: Python 3.8 Tests
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  testPy38:
+    if: github.event.pull_request.draft == false
+    name: ut-${{ matrix.config.tox-env }}-${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        # os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest]
+        config:
+          - { python-version: 3.8, tox-env: py38 }
+          - { python-version: 3.8, tox-env: py38-no-ext }
+    steps:
+      - name: Checkout the Repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Unit Tests
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }}"
+          test-failure-retry: "3"
diff --git a/.github/workflows/pr-python39.yml b/.github/workflows/pr-python39.yml
@@ -0,0 +1,47 @@
+name: Python 3.9 Tests
+on:
+  pull_request:
+    branches:
+      - main
+      - "*LTS"
+    types: [opened, synchronize, reopened, ready_for_review]
+
+jobs:
+  testPy39:
+    if: github.event.pull_request.draft == false
+    name: ut-${{ matrix.config.tox-env }}-${{ matrix.os }}
+    runs-on: ${{ matrix.os }}
+    strategy:
+      fail-fast: true
+      matrix:
+        # os: [ubuntu-latest, macos-latest]
+        os: [ubuntu-latest]
+        config:
+          - {
+              python-version: 3.9,
+              tox-env: py39,
+              ignore-error-flake: "false",
+              command-timeout: "0",
+            }
+          - {
+              python-version: 3.9,
+              tox-env: py39-no-ext,
+              ignore-error-flake: "true",
+              command-timeout: "600000",
+            }
+    steps:
+      - name: Checkout the Repository
+        uses: actions/checkout@v2
+        id: checkout-branch
+
+      - name: Run Unit Tests
+        uses: harshanarayana/custom-actions@main
+        with:
+          python-version: ${{ matrix.config.python-version }}
+          test-infra-tool: tox
+          test-infra-version: latest
+          action: tests
+          test-additional-args: "-e=${{ matrix.config.tox-env }},-vv=''"
+          experimental-ignore-error: "${{ matrix.config.ignore-error-flake }}"
+          command-timeout: "${{ matrix.config.command-timeout }}"
+          test-failure-retry: "3"