Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update (almost) all the things #824

Merged
merged 14 commits into from
Nov 6, 2018
Merged

Update (almost) all the things #824

merged 14 commits into from
Nov 6, 2018

Conversation

TheDoubleK
Copy link
Contributor

@TheDoubleK TheDoubleK commented Oct 31, 2018
edited
Loading

For this ticket: https://trello.com/c/dck7VGe3/1152-update-insecure-dependencies

This updates all our requirements other than Selenium to the latest versions (Selenium is pinned to the last version known to work on Heroku, and the last time I checked the latest version hasn't fixed the problem).

I've been having some odd intermittent failures of the functional tests locally against this branch, so it would be good if people can pull this down and try it out (also, let's see what CI makes of it now).

UPDATE CI seems to hate it 🤦‍♂️
UPDATE 2 Maybe not... it was mismatched Black formatting
UPDATE 3 CI really hates it... what the heck is psycopg2.OperationalError: SSL error: decryption failed or bad record mac??

There are few minor test and code changes here to get things working with these updated packages:

  • Latest Black formatting (looks like they don't like empty lines at the top of files nay more)
  • Fixtures being called directly now emit a warning (some interesting discussion about the reasoning behind this here: Fixture "..." called directly pytest-dev/pytest#3950 - basically, everyone does it wrong so they are stopping people from doing it!)

Also what I think is a larger genuine bug-fix that has been masked up until now by an issue in ealier version of WTForms:

  • Don't pass the Page object in to the measure page form when request is a POSTed form

@TheDoubleK
Update insecure requirements
84407f7 
GitHub is reporting current "requests" as insecure.
Requires.io is reporting "lxml" as insecure.

This updates both to the latest patched versions.
@TheDoubleK
Update outdated test requirements
1fc6e10 
These aren't insecure but are outdated.

Updates all test requirements to latest version, *except* Selenium,
which we have pinned to a version known to work on Heroku.

Also removed "Click" from test requirements as it is in the main
requirements file too anyway (and is a dependency of one of the packages
there).
@TheDoubleK TheDoubleK temporarily deployed to rd-cms-dev-pr-824 October 31, 2018 18:18 Inactive
@TheDoubleK
Code updates required by test dependency upgrades
7bdaf1e 
* Black formatting
* Pytest has tweaked fixture initialisation so now need to push app
  context in the `db` fixture
@TheDoubleK
Update outdated requirements
9ace462
@TheDoubleK
Do not call mock_user fixture directly
c1ff535 
With the latest version of pytest this now raises a warning (to be an
error in the next release of pytest).

I've left the mock_user fixture here as it is useful for parametrized
tests.
@TheDoubleK
Create logged_in_dept_user fixture and use it
72cfcd1 
This mirrors the existing logged_in_rdu_user
@TheDoubleK
Only pass Page object in to WTForm for GET, not POST
b4e0547 
When form is posted we shouldn't be populating the WTForms object with
the existing object - we only pass the existing object in for the GET
route, so that fields can be pre-populated in the displayed page.
@TheDoubleK
Tweaks to remove all remaining warnings from test runs
32a14e3 
* "chrome_options" is deprecated in favour of "options"
* fixtures (in this case stub_measure_data) should not be called directly
* wheel installation of psycopg2 package will be psycopg2-binary in future
@TheDoubleK TheDoubleK force-pushed the update-insecure-requirements branch 3 times, most recently from 53a06bd to 32a14e3 Compare November 1, 2018 09:08
@TheDoubleK
Rollback pytest to 3.4.0
7583335 
Updating to the latest pytest resulted in the functional tests failing
in our CI environment on Heroku - but not locally - with the error:
`psycopg2.OperationalError: SSL error: decryption failed or bad record mac`

Rolling back the version of pytest and related dependencies until we can
figure out what the issue is.

NOTE: have tried pytest 3.6.0 and that is broken with the same error.
@TheDoubleK TheDoubleK force-pushed the update-insecure-requirements branch from 4cc0582 to 7583335 Compare November 1, 2018 11:54
@rdudevelopers rdudevelopers temporarily deployed to rd-cms-dev-pr-824 November 2, 2018 10:43 Inactive
@TheDoubleK
Copy link
Contributor Author

@samuelhwilliams @frankieroberto I have had a pretty thorough click round the review app for this as I was a bit worried about bumping so many versions at once, but everything loks good as far as I can tell.

frankieroberto
frankieroberto approved these changes Nov 6, 2018
View reviewed changes
Copy link
Contributor

@frankieroberto frankieroberto left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Tests all pass for me locally. Updates look good.

@rdudevelopers rdudevelopers temporarily deployed to rd-cms-dev-pr-824 November 6, 2018 10:52 Inactive
@TheDoubleK TheDoubleK merged commit b286c9b into master Nov 6, 2018
@TheDoubleK TheDoubleK deleted the update-insecure-requirements branch November 6, 2018 11:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@frankieroberto frankieroberto frankieroberto approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@TheDoubleK @frankieroberto @rdudevelopers