From f9c414dfe3b2d25e41bd6acc1231311a9d6a34f3 Mon Sep 17 00:00:00 2001 From: Rene Meusel Date: Tue, 12 Dec 2023 14:55:45 +0100 Subject: [PATCH 1/5] Install pyyaml in auditinfo and update downstream deps --- docs/architecture/poetry.lock | 32 ++++++++++++++++++++++---------- docs/audit_method/poetry.lock | 32 ++++++++++++++++++++++---------- docs/audit_report/poetry.lock | 25 ++++++++++++++----------- docs/cryptodoc/poetry.lock | 32 ++++++++++++++++++++++---------- docs/testreport/poetry.lock | 25 ++++++++++++++----------- docs/testspec/poetry.lock | 32 ++++++++++++++++++++++---------- tools/auditinfo/poetry.lock | 11 +++++++++-- tools/auditinfo/pyproject.toml | 1 + tools/auditupdate/poetry.lock | 7 +++++-- tools/genaudit/poetry.lock | 7 +++++-- tools/sourceref/poetry.lock | 18 +++++++++++++++--- 11 files changed, 151 insertions(+), 71 deletions(-) diff --git a/docs/architecture/poetry.lock b/docs/architecture/poetry.lock index 08dc75aa..c7142407 100644 --- a/docs/architecture/poetry.lock +++ b/docs/architecture/poetry.lock @@ -30,13 +30,16 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -47,7 +50,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -101,7 +104,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -120,7 +123,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -131,7 +134,7 @@ test = ["pytest (>=6)"] [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -189,11 +192,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -201,7 +204,7 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytes [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -215,7 +218,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -241,6 +244,14 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" + [[package]] name = "requests" version = "2.31.0" @@ -404,7 +415,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false @@ -451,6 +462,7 @@ pygls = [] pygments = [] pylatexenc = [] pyspellchecker = [] +pyyaml = [] requests = [] snowballstemmer = [] sourceref = [] diff --git a/docs/audit_method/poetry.lock b/docs/audit_method/poetry.lock index 08dc75aa..c7142407 100644 --- a/docs/audit_method/poetry.lock +++ b/docs/audit_method/poetry.lock @@ -30,13 +30,16 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -47,7 +50,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -101,7 +104,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -120,7 +123,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -131,7 +134,7 @@ test = ["pytest (>=6)"] [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -189,11 +192,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -201,7 +204,7 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytes [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -215,7 +218,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -241,6 +244,14 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" + [[package]] name = "requests" version = "2.31.0" @@ -404,7 +415,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false @@ -451,6 +462,7 @@ pygls = [] pygments = [] pylatexenc = [] pyspellchecker = [] +pyyaml = [] requests = [] snowballstemmer = [] sourceref = [] diff --git a/docs/audit_report/poetry.lock b/docs/audit_report/poetry.lock index 25e916bd..e83b08e1 100644 --- a/docs/audit_report/poetry.lock +++ b/docs/audit_report/poetry.lock @@ -30,6 +30,9 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" @@ -49,7 +52,7 @@ url = "../../tools/auditutils" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -60,7 +63,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -117,7 +120,7 @@ python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7 [[package]] name = "cryptography" -version = "41.0.5" +version = "41.0.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -160,7 +163,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -179,7 +182,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -210,7 +213,7 @@ url = "../../tools/genaudit" [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -268,11 +271,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -302,7 +305,7 @@ requests = ">=2.14.0" [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -316,7 +319,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -545,7 +548,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false diff --git a/docs/cryptodoc/poetry.lock b/docs/cryptodoc/poetry.lock index 08dc75aa..c7142407 100644 --- a/docs/cryptodoc/poetry.lock +++ b/docs/cryptodoc/poetry.lock @@ -30,13 +30,16 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -47,7 +50,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -101,7 +104,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -120,7 +123,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -131,7 +134,7 @@ test = ["pytest (>=6)"] [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -189,11 +192,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -201,7 +204,7 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytes [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -215,7 +218,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -241,6 +244,14 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" + [[package]] name = "requests" version = "2.31.0" @@ -404,7 +415,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false @@ -451,6 +462,7 @@ pygls = [] pygments = [] pylatexenc = [] pyspellchecker = [] +pyyaml = [] requests = [] snowballstemmer = [] sourceref = [] diff --git a/docs/testreport/poetry.lock b/docs/testreport/poetry.lock index db47d1fb..e973835d 100644 --- a/docs/testreport/poetry.lock +++ b/docs/testreport/poetry.lock @@ -30,6 +30,9 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" @@ -49,7 +52,7 @@ url = "../../tools/auditutils" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -60,7 +63,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -117,7 +120,7 @@ python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,!=3.6.*,>=2.7 [[package]] name = "cryptography" -version = "41.0.5" +version = "41.0.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -160,7 +163,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -179,7 +182,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -218,7 +221,7 @@ url = "../../tools/genaudit" [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -287,11 +290,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -321,7 +324,7 @@ requests = ">=2.14.0" [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -335,7 +338,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -564,7 +567,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false diff --git a/docs/testspec/poetry.lock b/docs/testspec/poetry.lock index 08dc75aa..c7142407 100644 --- a/docs/testspec/poetry.lock +++ b/docs/testspec/poetry.lock @@ -30,13 +30,16 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../../tools/auditinfo" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -47,7 +50,7 @@ dev = ["pytest (>=6.0)", "pytest-cov", "freezegun (>=1.0,<2.0)"] [[package]] name = "cattrs" -version = "23.2.1" +version = "23.2.3" description = "Composable complex class support for attrs and dataclasses." category = "dev" optional = false @@ -101,7 +104,7 @@ python-versions = ">=3.7" [[package]] name = "esbonio" -version = "0.16.2" +version = "0.16.3" description = "A Language Server for Sphinx projects." category = "dev" optional = false @@ -120,7 +123,7 @@ typecheck = ["mypy", "pytest-lsp (>=0.3.1)", "types-appdirs", "types-docutils", [[package]] name = "exceptiongroup" -version = "1.1.3" +version = "1.2.0" description = "Backport of PEP 654 (exception groups)" category = "dev" optional = false @@ -131,7 +134,7 @@ test = ["pytest (>=6)"] [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -189,11 +192,11 @@ python-versions = ">=3.7" [[package]] name = "platformdirs" -version = "4.0.0" +version = "4.1.0" description = "A small Python package for determining appropriate platform-specific dirs, e.g. a \"user data dir\"." category = "dev" optional = false -python-versions = ">=3.7" +python-versions = ">=3.8" [package.extras] docs = ["furo (>=2023.7.26)", "proselint (>=0.13)", "sphinx-autodoc-typehints (>=1.24)", "sphinx (>=7.1.1)"] @@ -201,7 +204,7 @@ test = ["appdirs (==1.4.4)", "covdefaults (>=2.3)", "pytest-cov (>=4.1)", "pytes [[package]] name = "pygls" -version = "1.2.0" +version = "1.2.1" description = "A pythonic generic language server (pronounced like 'pie glass')" category = "dev" optional = false @@ -215,7 +218,7 @@ ws = ["websockets (>=11.0.3,<12.0.0)"] [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -241,6 +244,14 @@ category = "dev" optional = false python-versions = ">=3.6" +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" + [[package]] name = "requests" version = "2.31.0" @@ -404,7 +415,7 @@ test = ["pytest"] [[package]] name = "typing-extensions" -version = "4.8.0" +version = "4.9.0" description = "Backported and Experimental Type Hints for Python 3.8+" category = "dev" optional = false @@ -451,6 +462,7 @@ pygls = [] pygments = [] pylatexenc = [] pyspellchecker = [] +pyyaml = [] requests = [] snowballstemmer = [] sourceref = [] diff --git a/tools/auditinfo/poetry.lock b/tools/auditinfo/poetry.lock index 5b9f72e6..17ed1dc3 100644 --- a/tools/auditinfo/poetry.lock +++ b/tools/auditinfo/poetry.lock @@ -1,8 +1,15 @@ -package = [] +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" [metadata] lock-version = "1.1" python-versions = "^3.10" -content-hash = "17ca553b0bb9298a6ed528dd21e544ca433179192dba32a9920168e1c199d74f" +content-hash = "171b9d46ecf73d8671ffbdd4a6e5d8364c43bcf158c81c91c03d619b83006108" [metadata.files] +pyyaml = [] diff --git a/tools/auditinfo/pyproject.toml b/tools/auditinfo/pyproject.toml index 3c5eb655..317a0180 100644 --- a/tools/auditinfo/pyproject.toml +++ b/tools/auditinfo/pyproject.toml @@ -6,6 +6,7 @@ authors = ["René Meusel "] [tool.poetry.dependencies] python = "^3.10" +pyyaml = "^6.0" [tool.poetry.dev-dependencies] diff --git a/tools/auditupdate/poetry.lock b/tools/auditupdate/poetry.lock index c6148cec..90cf6856 100644 --- a/tools/auditupdate/poetry.lock +++ b/tools/auditupdate/poetry.lock @@ -7,6 +7,9 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../auditinfo" @@ -53,7 +56,7 @@ python-versions = ">=3.7.0" [[package]] name = "cryptography" -version = "41.0.5" +version = "41.0.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -108,7 +111,7 @@ url = "../genaudit" [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false diff --git a/tools/genaudit/poetry.lock b/tools/genaudit/poetry.lock index 83683165..265ea36d 100644 --- a/tools/genaudit/poetry.lock +++ b/tools/genaudit/poetry.lock @@ -7,6 +7,9 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../auditinfo" @@ -53,7 +56,7 @@ python-versions = ">=3.7.0" [[package]] name = "cryptography" -version = "41.0.5" +version = "41.0.7" description = "cryptography is a package which provides cryptographic recipes and primitives to Python developers." category = "main" optional = false @@ -88,7 +91,7 @@ dev = ["tox", "pytest", "pytest-cov", "bump2version (<1)", "sphinx (<2)"] [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false diff --git a/tools/sourceref/poetry.lock b/tools/sourceref/poetry.lock index 621aade8..527cca4c 100644 --- a/tools/sourceref/poetry.lock +++ b/tools/sourceref/poetry.lock @@ -15,13 +15,16 @@ optional = false python-versions = "^3.10" develop = true +[package.dependencies] +pyyaml = "^6.0" + [package.source] type = "directory" url = "../auditinfo" [[package]] name = "babel" -version = "2.13.1" +version = "2.14.0" description = "Internationalization utilities" category = "main" optional = false @@ -64,7 +67,7 @@ python-versions = ">=3.7" [[package]] name = "idna" -version = "3.4" +version = "3.6" description = "Internationalized Domain Names in Applications (IDNA)" category = "main" optional = false @@ -110,7 +113,7 @@ python-versions = ">=3.7" [[package]] name = "pygments" -version = "2.17.1" +version = "2.17.2" description = "Pygments is a syntax highlighting package written in Python." category = "main" optional = false @@ -120,6 +123,14 @@ python-versions = ">=3.7" plugins = ["importlib-metadata"] windows-terminal = ["colorama (>=0.4.6)"] +[[package]] +name = "pyyaml" +version = "6.0.1" +description = "YAML parser and emitter for Python" +category = "main" +optional = false +python-versions = ">=3.6" + [[package]] name = "requests" version = "2.31.0" @@ -295,6 +306,7 @@ jinja2 = [] markupsafe = [] packaging = [] pygments = [] +pyyaml = [] requests = [] snowballstemmer = [] sphinx = [] From 4323dc000d86ac487c43a01480062fe373031b79 Mon Sep 17 00:00:00 2001 From: Rene Meusel Date: Tue, 12 Dec 2023 14:57:22 +0100 Subject: [PATCH 2/5] Authorative Auditors are defined in config/auditors.yml --- README.md | 2 +- config/auditors.yml | 15 +++++++++++++++ docs/audit_report/src/00_09_introduction.rst | 8 +------- docs/audit_report/src/conf.py | 4 +++- tools/auditinfo/auditinfo/__init__.py | 1 + tools/auditinfo/auditinfo/auditor.py | 18 ++++++++++++++++++ tools/auditinfo/auditinfo/botan.py | 3 +++ 7 files changed, 42 insertions(+), 9 deletions(-) create mode 100644 config/auditors.yml create mode 100644 tools/auditinfo/auditinfo/auditor.py diff --git a/README.md b/README.md index 49a31700..6e0e1265 100644 --- a/README.md +++ b/README.md @@ -12,7 +12,7 @@ Weiterentwicklung der Kryptobibliothek Botan". This monorepo contains documents (in `/docs`) as well as auxiliary helper scripts (in `/tools`) and some common resources (in `/resources`). The monorepo -is configured in a global configuration file (in `/config/botan.env`). Internal +is configured in a global configuration directory (in `/config`). Internal documentation and checklists are located in `/internal`. Most documents come with a `Makefile` to build them as PDF, HTML or other diff --git a/config/auditors.yml b/config/auditors.yml new file mode 100644 index 00000000..829c7057 --- /dev/null +++ b/config/auditors.yml @@ -0,0 +1,15 @@ +# This file contains the list of auditors along with their GitHub handles. +# Authorship, approval or auditor-annotation of patches in the Audit Report +# document are considered to be authorative in the CI. + +auditors: + - name: Fabian Albert + github: FAlbertDev + - name: René Fischer + github: securitykernel + - name: Philippe Lieser + github: lieser + - name: René Meusel + github: reneme + - name: Amos Treiber + github: atreiber94 diff --git a/docs/audit_report/src/00_09_introduction.rst b/docs/audit_report/src/00_09_introduction.rst index 0b9bd1c1..dc343ff7 100644 --- a/docs/audit_report/src/00_09_introduction.rst +++ b/docs/audit_report/src/00_09_introduction.rst @@ -261,10 +261,4 @@ in this document. The distinction between "approvers" (of pull requests on GitHub) and "auditors" (in retrospect, explicitly for this project) is visualized by setting the latter into parenthesis in the patch tables below. -Auditing members of this project and their GitHub handles are: - -* Fabian Albert (@FAlbertDev) -* René Fischer (@securitykernel) -* Philippe Lieser (@lieser) -* René Meusel (@reneme) -* Amos Treiber (@atreiber94) +Auditing members of this project and their GitHub handles are: |auditors_list| diff --git a/docs/audit_report/src/conf.py b/docs/audit_report/src/conf.py index 9a438459..5ff336e0 100644 --- a/docs/audit_report/src/conf.py +++ b/docs/audit_report/src/conf.py @@ -28,7 +28,9 @@ # The full version, including alpha/beta/rc tags release = auditinfo.botan_version() -rst_prolog = auditinfo.rst_substitutions() +rst_prolog = auditinfo.rst_substitutions({ + "auditors_list": ', '.join([f"**{a.name}** (@{a.github_handle})" for a in auditinfo.authorative_auditors()]), +}) # -- General configuration --------------------------------------------------- diff --git a/tools/auditinfo/auditinfo/__init__.py b/tools/auditinfo/auditinfo/__init__.py index 29376353..ff5a6497 100644 --- a/tools/auditinfo/auditinfo/__init__.py +++ b/tools/auditinfo/auditinfo/__init__.py @@ -1,3 +1,4 @@ from auditinfo.botan import * from auditinfo.base import * +from auditinfo.auditor import * from auditinfo.document import * diff --git a/tools/auditinfo/auditinfo/auditor.py b/tools/auditinfo/auditinfo/auditor.py new file mode 100644 index 00000000..c7f725d1 --- /dev/null +++ b/tools/auditinfo/auditinfo/auditor.py @@ -0,0 +1,18 @@ +import yaml + +from auditinfo.botan import auditors_file_path + +class Auditor: + def __init__(self, name: str, github_handle: str): + self.name = name + self.github_handle = github_handle[1:] if github_handle.startswith('@') else github_handle + +def authorative_auditors() -> list[Auditor]: + auditors_file = auditors_file_path() + strm = open(auditors_file, 'r') + cfg = yaml.load(strm, Loader=yaml.FullLoader) + if not cfg: + raise RuntimeError("Failed to load auditor configuation: %s" % auditors_file) + return [Auditor(auditor['name'], auditor['github']) for auditor in cfg['auditors']] + + diff --git a/tools/auditinfo/auditinfo/botan.py b/tools/auditinfo/auditinfo/botan.py index 9a6a25b0..39d71b56 100644 --- a/tools/auditinfo/auditinfo/botan.py +++ b/tools/auditinfo/auditinfo/botan.py @@ -6,6 +6,9 @@ def config_file_path() -> str: return os.path.join(repository_root(), "config", "botan.env") +def auditors_file_path() -> str: + return os.path.join(repository_root(), "config", "auditors.yml") + def __conf_var_pattern(): return re.compile(r"(^[a-zA-Z_0-9]+)=(.+)\n$") From 7fafe621b883d538198c2e667c5cc19e07f87ce0 Mon Sep 17 00:00:00 2001 From: Rene Meusel Date: Tue, 12 Dec 2023 14:41:08 +0100 Subject: [PATCH 3/5] genaudit.cli verify_audits checks sufficiency of all patches Currently, it validates: 1. Is the patch authored, approved or audited by at least one authorative auditor, registered in config/auditors.yml 2. Is the patch classified regarding its relevance to the library's overall security --- tools/genaudit/genaudit/__init__.py | 2 +- tools/genaudit/genaudit/cli.py | 16 ++++++++++++ tools/genaudit/genaudit/topic.py | 3 +++ tools/genaudit/genaudit/verify.py | 40 ++++++++++++++++++++++++++++- 4 files changed, 59 insertions(+), 2 deletions(-) diff --git a/tools/genaudit/genaudit/__init__.py b/tools/genaudit/genaudit/__init__.py index 227bca25..36f88b14 100644 --- a/tools/genaudit/genaudit/__init__.py +++ b/tools/genaudit/genaudit/__init__.py @@ -2,6 +2,6 @@ from genaudit.repo import GitRepo from genaudit.topic import Topic from genaudit.render import Renderer -from genaudit.verify import find_unreferenced_patches, find_misreferenced_pull_request_merges +from genaudit.verify import find_unreferenced_patches, find_misreferenced_pull_request_merges, find_insufficiently_audited_patches from genaudit.base import init_from_command_line_arguments from genaudit.refs import * diff --git a/tools/genaudit/genaudit/cli.py b/tools/genaudit/genaudit/cli.py index 026c90bb..f9a604d5 100755 --- a/tools/genaudit/genaudit/cli.py +++ b/tools/genaudit/genaudit/cli.py @@ -44,6 +44,16 @@ def find_unrefed(audit: genaudit.Audit, repo: genaudit.GitRepo, args: argparse.N return 0 +def verify_audits(audit: genaudit.Audit, repo: genaudit.GitRepo, args: argparse.Namespace): + insufficiently_audited_patches = genaudit.find_insufficiently_audited_patches(audit, repo) + logging.info("Found %d insufficiently audited patches", len(insufficiently_audited_patches)) + + for patch in insufficiently_audited_patches: + print(f"In topic '{patch[1]}', the patch '{patch[0]}' is not sufficiently audited, because: {patch[2]}") + + return 0 if not insufficiently_audited_patches else 1 + + def verify_merge_commits(audit: genaudit.Audit, repo: genaudit.GitRepo, args: argparse.Namespace): inconsistent_prs = genaudit.find_misreferenced_pull_request_merges(audit, repo) logging.info("Found %d Pull Requests with misreferenced commits", len(inconsistent_prs)) @@ -101,6 +111,12 @@ def main(): help='the audit directory to be used') unrefed.set_defaults(func=find_unrefed) + audit_checks = subparsers.add_parser( + 'verify_audits', help='Find patches that are not sufficiently audited.') + audit_checks.add_argument('audit_config_dir', + help='the audit directory to be used') + audit_checks.set_defaults(func=verify_audits) + merge_commits = subparsers.add_parser( 'verify_merges', help='Find pull requests that are not referenced with their respective merge commit hash') merge_commits.add_argument('--yaml', action='store_true', default=False, diff --git a/tools/genaudit/genaudit/topic.py b/tools/genaudit/genaudit/topic.py index 7be59b1c..19fef96b 100644 --- a/tools/genaudit/genaudit/topic.py +++ b/tools/genaudit/genaudit/topic.py @@ -27,6 +27,9 @@ def __init__(self, topic_file: str): logging.debug("Found %s topic '%s' with %d patch references", self._classification, self.title, len(self.patches)) + def __repr__(self): + return "%s" % self.title + def _load_patches(self, cfg) -> list[refs.PullRequest|refs.Commit]: def load(patch): def get_ref(): diff --git a/tools/genaudit/genaudit/verify.py b/tools/genaudit/genaudit/verify.py index 767c1abe..3df1c406 100644 --- a/tools/genaudit/genaudit/verify.py +++ b/tools/genaudit/genaudit/verify.py @@ -4,9 +4,11 @@ import logging -from genaudit import Audit, GitRepo +from genaudit import Audit, GitRepo, Topic from genaudit.refs import * +from auditinfo import authorative_auditors + def find_unreferenced_patches(audit: Audit, repo: GitRepo) -> list[PullRequest|Commit]: def remove_from_list(list, value): try: @@ -54,3 +56,39 @@ def reference_in_repo(yaml_patch: PullRequest, repo_patches: list[PullRequest]) logging.debug("Found %d pull request references with inconsistent merge commit hashes" % len(result)) return result + + +def find_insufficiently_audited_patches(audit: Audit, repo: GitRepo) -> list[tuple[PullRequest|Commit, Topic, str]]: + auditers = [auditor.github_handle for auditor in authorative_auditors()] + + def extract_contributors(patch: PullRequest|Commit) -> set[str]: + result = set() + + if patch.auditer: + result.add(patch.auditer) + + if isinstance(patch, PullRequest): + pr_info = repo.pull_request_info(patch) + review_info = repo.review_info(patch) + result.add(pr_info.user.login) + result.update([review.user.login for review in review_info if review.state == "APPROVED"]) + + elif isinstance(patch, Commit): + commit_info = repo.commit_info(patch) + result.add(commit_info.author.login) + + else: + raise LookupError("Unknown patch type encountered") + + return result + + def audit_status(patch: PullRequest|Commit) -> str: + contribs = extract_contributors(patch) + if patch.classification == Classification.UNSPECIFIED: + return "Not classified" + if not set(auditers) & contribs: + return "No registered authorative auditor was involved in this patch" + return None + + evaluated_patches = [(patch, topic, audit_status(patch)) for topic in audit.topics for patch in topic.patches] + return [(patch, topic, error_message) for patch, topic, error_message in evaluated_patches if error_message] From 165ad67131bcdfe4c782b8483961e573d9f0511b Mon Sep 17 00:00:00 2001 From: Rene Meusel Date: Tue, 12 Dec 2023 14:41:21 +0100 Subject: [PATCH 4/5] add missing auditor information --- docs/audit_report/changes/topics/chores.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/docs/audit_report/changes/topics/chores.yml b/docs/audit_report/changes/topics/chores.yml index 78744e75..b72584cb 100644 --- a/docs/audit_report/changes/topics/chores.yml +++ b/docs/audit_report/changes/topics/chores.yml @@ -41,6 +41,7 @@ patches: # Don't inline Null_RNG::fill_bytes_with_input (Jack Lloyd) - commit: 723fa3a260b9be10a96223c71c2b8f44631a1c5e # https://github.com/randombit/botan/commit/723fa3a260b9be10a96223c71c2b8f44631a1c5e classification: info + auditer: reneme # Remove abort call accidentally left over from debugging (Jack Lloyd) - commit: 6117553c9d7652aaa050ac931447ccdefa5f658f # https://github.com/randombit/botan/commit/6117553c9d7652aaa050ac931447ccdefa5f658f From 881b7928796fb78ddcb6458e1dc8693e1d35dd05 Mon Sep 17 00:00:00 2001 From: Rene Meusel Date: Tue, 12 Dec 2023 15:04:39 +0100 Subject: [PATCH 5/5] Integrate patch audit verify into CI --- .github/workflows/ci.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c89a9e07..eaabd93b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -130,6 +130,14 @@ jobs: AUDIT_REPO_LOCATION: ${{ github.workspace }}/botan BASIC_GH_TOKEN: ${{ github.token }} + - name: Check Patch Audit Status + working-directory: source/docs/audit_report + run: poetry run python3 -m genaudit.cli verify_audits changes + env: + AUDIT_CACHE_LOCATION: ${{ github.workspace }}/audit_generator_cache + AUDIT_REPO_LOCATION: ${{ github.workspace }}/botan + BASIC_GH_TOKEN: ${{ github.token }} + - name: Build Document working-directory: source/docs/audit_report run: poetry run make latexpdf