pt
/
superset
mirror of https://github.com/apache/superset.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bump python libs, address insecure releases (#7550) 

* Bump python libs, address insecure releases

Using
https://requires.io/github/mistercrunch/superset/requirements/?branch=apache_release_improv
to identify insecure, old releases we're using and bumping.

* redis <3.0

* fix new flakes
This commit is contained in:
Maxime Beauchemin 2019-05-28 21:03:49 -07:00 committed by GitHub
parent 2a2f395e94
commit fd5befee38
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 27 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
requirements-dev.txt
View File

@ -16,22 +16,22 @@
# #
coverage==4.5.3 coverage==4.5.3
flake8-commas==2.0.0 flake8-commas==2.0.0
flake8-import-order==0.18 flake8-import-order==0.18.1
flake8-mypy==17.8.0 flake8-mypy==17.8.0
flake8-quotes==1.0.0 flake8-quotes==2.0.1
flake8==3.6.0 flake8==3.7.7
flask-cors==3.0.6 flask-cors==3.0.7
ipdb==0.11 ipdb==0.12
mypy==0.670 mypy==0.670
mysqlclient==1.4.2.post1 mysqlclient==1.4.2.post1
nose==1.3.7 nose==1.3.7
pip-tools==3.5.0 pip-tools==3.7.0
psycopg2-binary==2.7.5 psycopg2-binary==2.7.5
pycodestyle==2.4.0 pycodestyle==2.5.0
pyhive==0.6.1 pyhive==0.6.1
pylint==1.9.2 pylint==1.9.2
python-dotenv==0.10.1 python-dotenv==0.10.1
redis==2.10.6 redis==2.10.6
statsd==3.3.0 statsd==3.3.0
thrift==0.11.0 thrift==0.11.0
tox==3.5.3 tox==3.11.1

14
requirements.txt
View File

@ -2,9 +2,8 @@
# This file is autogenerated by pip-compile # This file is autogenerated by pip-compile
# To update, run: # To update, run:
# #
# pip-compile --output-file requirements.txt setup.py # pip-compile --output-file=requirements.txt setup.py
# #
alembic==1.0.0 # via flask-migrate alembic==1.0.0 # via flask-migrate
amqp==2.3.2 # via kombu amqp==2.3.2 # via kombu
apispec[yaml]==1.2.0 # via flask-appbuilder apispec[yaml]==1.2.0 # via flask-appbuilder
@ -42,7 +41,7 @@ humanize==0.5.1
idna==2.6 idna==2.6
isodate==0.6.0 isodate==0.6.0
itsdangerous==0.24 # via flask itsdangerous==0.24 # via flask
jinja2==2.10 # via flask, flask-babel jinja2==2.10.1 # via flask, flask-babel
jsonschema==3.0.1 # via flask-appbuilder jsonschema==3.0.1 # via flask-appbuilder
kombu==4.2.1 # via celery kombu==4.2.1 # via celery
mako==1.0.7 # via alembic mako==1.0.7 # via alembic
@ -68,17 +67,16 @@ python-editor==1.0.3 # via alembic
python-geohash==0.8.5 python-geohash==0.8.5
python3-openid==3.1.0 # via flask-openid python3-openid==3.1.0 # via flask-openid
pytz==2018.5 # via babel, celery, pandas pytz==2018.5 # via babel, celery, pandas
pyyaml==3.13 pyyaml==5.1
requests==2.20.0 requests==2.22.0
retry==0.9.2 retry==0.9.2
selenium==3.141.0 selenium==3.141.0
simplejson==3.15.0 simplejson==3.15.0
six==1.11.0 # via bleach, cryptography, flask-jwt-extended, flask-talisman, isodate, jsonschema, pathlib2, polyline, prison, pydruid, pyrsistent, python-dateutil, sqlalchemy-utils, wtforms-json six==1.11.0 # via bleach, cryptography, flask-jwt-extended, flask-talisman, isodate, jsonschema, pathlib2, polyline, prison, pydruid, pyrsistent, python-dateutil, sqlalchemy-utils, wtforms-json
sqlalchemy-utils==0.32.21 sqlalchemy-utils==0.33.11
sqlalchemy==1.3.1 sqlalchemy==1.3.1
sqlparse==0.2.4 sqlparse==0.2.4
unicodecsv==0.14.1 urllib3==1.24.3 # via requests, selenium
urllib3==1.22 # via requests, selenium
vine==1.1.4 # via amqp vine==1.1.4 # via amqp
webencodings==0.5.1 # via bleach webencodings==0.5.1 # via bleach
werkzeug==0.14.1 # via flask, flask-jwt-extended werkzeug==0.14.1 # via flask, flask-jwt-extended

7
setup.py
View File

@ -97,15 +97,14 @@ setup(
'python-dateutil', 'python-dateutil',
'python-dotenv', 'python-dotenv',
'python-geohash', 'python-geohash',
'pyyaml>=3.13', 'pyyaml>=5.1',
'requests>=2.20.0', 'requests>=2.22.0',
'retry>=0.9.2', 'retry>=0.9.2',
'selenium>=3.141.0', 'selenium>=3.141.0',
'simplejson>=3.15.0', 'simplejson>=3.15.0',
'sqlalchemy>=1.3.1,<2.0', 'sqlalchemy>=1.3.1,<2.0',
'sqlalchemy-utils', 'sqlalchemy-utils>=0.33.2',
'sqlparse', 'sqlparse',
'unicodecsv',
'wtforms-json', 'wtforms-json',
], ],
extras_require={ extras_require={

2
superset/cli.py
View File

@ -132,7 +132,7 @@ def load_examples(load_test_data):
@click.option('--datasource', '-d', help='Specify which datasource name to load, if ' @click.option('--datasource', '-d', help='Specify which datasource name to load, if '
'omitted, all datasources will be refreshed') 'omitted, all datasources will be refreshed')
@click.option('--merge', '-m', is_flag=True, default=False, @click.option('--merge', '-m', is_flag=True, default=False,
help='Specify using \'merge\' property during operation. ' help="Specify using 'merge' property during operation. "
'Default value is False.') 'Default value is False.')
def refresh_druid(datasource, merge): def refresh_druid(datasource, merge):
"""Refresh druid datasources""" """Refresh druid datasources"""

8
superset/views/core.py
View File

@ -1340,12 +1340,12 @@ class Superset(BaseSupersetView):
if action == 'overwrite' and not slice_overwrite_perm: if action == 'overwrite' and not slice_overwrite_perm:
return json_error_response( return json_error_response(
_('You don\'t have the rights to ') + _('alter this ') + _('chart'), _("You don't have the rights to ") + _('alter this ') + _('chart'),
status=400) status=400)
if action == 'saveas' and not slice_add_perm: if action == 'saveas' and not slice_add_perm:
return json_error_response( return json_error_response(
_('You don\'t have the rights to ') + _('create a ') + _('chart'), _("You don't have the rights to ") + _('create a ') + _('chart'),
status=400) status=400)
if action in ('saveas', 'overwrite'): if action in ('saveas', 'overwrite'):
@ -1452,7 +1452,7 @@ class Superset(BaseSupersetView):
dash_overwrite_perm = check_ownership(dash, raise_if_false=False) dash_overwrite_perm = check_ownership(dash, raise_if_false=False)
if not dash_overwrite_perm: if not dash_overwrite_perm:
return json_error_response( return json_error_response(
_('You don\'t have the rights to ') + _('alter this ') + _("You don't have the rights to ") + _('alter this ') +
_('dashboard'), _('dashboard'),
status=400) status=400)
@ -1466,7 +1466,7 @@ class Superset(BaseSupersetView):
dash_add_perm = security_manager.can_access('can_add', 'DashboardModelView') dash_add_perm = security_manager.can_access('can_add', 'DashboardModelView')
if not dash_add_perm: if not dash_add_perm:
return json_error_response( return json_error_response(
_('You don\'t have the rights to ') + _('create a ') + _('dashboard'), _("You don't have the rights to ") + _('create a ') + _('dashboard'),
status=400) status=400)
dash = models.Dashboard( dash = models.Dashboard(

2
tests/db_engine_specs_test.py
View File

@ -108,7 +108,7 @@ class DbEngineSpecsTestCase(SupersetTestCase):
'{...} errorMessage="Error while compiling statement: FAILED: ' '{...} errorMessage="Error while compiling statement: FAILED: '
'SemanticException [Error 10001]: Line 4' 'SemanticException [Error 10001]: Line 4'
':5 Table not found \'fact_ridesfdslakj\'", statusCode=3, ' ':5 Table not found \'fact_ridesfdslakj\'", statusCode=3, '
'sqlState=\'42S02\', errorCode=10001)){...}') "sqlState='42S02', errorCode=10001)){...}")
self.assertEquals(( self.assertEquals((
'Error while compiling statement: FAILED: ' 'Error while compiling statement: FAILED: '
'SemanticException [Error 10001]: Line 4:5 ' 'SemanticException [Error 10001]: Line 4:5 '

8
tests/viz_tests.py
View File

@ -258,7 +258,7 @@ class TableVizTestCase(SupersetTestCase):
{ {
'expressionType': 'SQL', 'expressionType': 'SQL',
'clause': 'WHERE', 'clause': 'WHERE',
'sqlExpression': 'value3 in (\'North America\')', 'sqlExpression': "value3 in ('North America')",
}, },
], ],
} }
@ -273,7 +273,7 @@ class TableVizTestCase(SupersetTestCase):
[{'op': '<', 'val': '10', 'col': 'SUM(value1)'}], [{'op': '<', 'val': '10', 'col': 'SUM(value1)'}],
query_obj['extras']['having_druid'], query_obj['extras']['having_druid'],
) )
self.assertEqual('(value3 in (\'North America\'))', query_obj['extras']['where']) self.assertEqual("(value3 in ('North America'))", query_obj['extras']['where'])
self.assertEqual('(SUM(value1) > 5)', query_obj['extras']['having']) self.assertEqual('(SUM(value1) > 5)', query_obj['extras']['having'])
def test_adhoc_filters_overwrite_legacy_filters(self): def test_adhoc_filters_overwrite_legacy_filters(self):
@ -295,7 +295,7 @@ class TableVizTestCase(SupersetTestCase):
{ {
'expressionType': 'SQL', 'expressionType': 'SQL',
'clause': 'WHERE', 'clause': 'WHERE',
'sqlExpression': 'value3 in (\'North America\')', 'sqlExpression': "value3 in ('North America')",
}, },
], ],
'having': 'SUM(value1) > 5', 'having': 'SUM(value1) > 5',
@ -311,7 +311,7 @@ class TableVizTestCase(SupersetTestCase):
[], [],
query_obj['extras']['having_druid'], query_obj['extras']['having_druid'],
) )
self.assertEqual('(value3 in (\'North America\'))', query_obj['extras']['where']) self.assertEqual("(value3 in ('North America'))", query_obj['extras']['where'])
self.assertEqual('', query_obj['extras']['having']) self.assertEqual('', query_obj['extras']['having'])
@patch('superset.viz.BaseViz.query_obj') @patch('superset.viz.BaseViz.query_obj')