Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

⚠️ CONFLICT! Lineage pull request for: skeleton #68

Merged
merged 61 commits into from
Dec 26, 2023
Merged

⚠️ CONFLICT! Lineage pull request for: skeleton #68

merged 61 commits into from
Dec 26, 2023

Conversation

cisagovbot
Copy link

@cisagovbot cisagovbot commented Dec 19, 2023
edited by jsf9k
Loading

Lineage Pull Request: CONFLICT

Lineage has created this pull request to incorporate new changes found in an
upstream repository:

Upstream repository: https://github.com/cisagov/skeleton-python-library.git
Remote branch: HEAD

Check the changes in this pull request to ensure they won't cause issues with
your project.

The lineage/skeleton branch has one or more unresolved merge conflicts
that you must resolve before merging this pull request!

How to resolve the conflicts

  1. Take ownership of this pull request by removing any other assignees.

  2. Clone the repository locally, and reapply the merge:

    git clone [email protected]:cisagov/admiral.git admiral
cd admiral
git remote add skeleton https://github.com/cisagov/skeleton-python-library.git
git remote set-url --push skeleton no_push
git switch develop
git switch --create lineage/skeleton --track origin/develop
git pull skeleton HEAD
git status

  3. Review the changes displayed by the status command. Fix any conflicts and
    possibly incorrect auto-merges.

  4. After resolving each of the conflicts, add your changes to the
    branch, commit, and push your changes:

    git add .github/dependabot.yml .github/workflows/build.yml 
git commit
git push --force --set-upstream origin lineage/skeleton

    Note that you may append to the default merge commit message
    that git creates for you, but please do not delete the existing
    content    . It provides useful information about the merge that is
    being performed.

  5. Wait for all the automated tests to pass.

  6. Confirm each item in the "Pre-approval checklist" below.

  7. Remove any of the checklist items that do not apply.

  8. Ensure every remaining checkbox has been checked.

  9. Mark this draft pull request "Ready for review".

✅ Pre-approval checklist

Remove any of the following that do not apply. If you're unsure about
any of these, don't hesitate to ask. We're here to help!

  • ✌️ The conflicts in this pull request have been resolved.
  • All relevant type-of-change labels have been added.
  • All new and existing tests pass.

✅ Pre-merge checklist

Remove any of the following that do not apply. These boxes should
remain unchecked until the pull request has been approved.

✅ Post-merge checklist

Remove any of the following that do not apply.

  • Create a release.

Note

You are seeing this because one of this repository's maintainers has
configured Lineage to open pull requests.

For more information:

🛠 Lineage configurations for this project are stored in .github/lineage.yml

📚 Read more about Lineage

jasonodoom and others added 30 commits July 10, 2023 12:52
@jasonodoom
Add steps to setup go packages for pre-commit
4cb9a4b
@jasonodoom
Update action/checkout to use same version
53f56b0
@jasonodoom
Set specific gocritic version
f261099
@jasonodoom
Update build workflow with package installtion
097b573
@jasonodoom
Group go tools together with comment
254282a
@jasonodoom @mcdonnnj
Update staticcheck id
ecf3299 
Co-authored-by: Nick <[email protected]>
@jasonodoom @mcdonnnj
Update tool names to match author stylization
1eaedf5 
Co-authored-by: Nick <[email protected]>
@jasonodoom @mcdonnnj
Update statcicheck stylization
fd04757 
Co-authored-by: Nick <[email protected]>
@jsf9k
Temporarily use a different branch of cisagov/setup-env-github-action
ddbf6f7 
This is being done for testing purposes, and this commit can be
reverted (or removed) once cisagov/setup-env-github-action#65 is
merged.
@jasonodoom
Move go packages install to separate section
a8af336
@jasonodoom @mcdonnnj
Update go-critic name
1675b12 
Co-authored-by: Nick <[email protected]>
@jasonodoom @mcdonnnj
Update staticcheck name
c6ab22e 
Co-authored-by: Nick <[email protected]>
@jsf9k
Use the correct repo name for the ansible-lint pre-commit hook
29de034 
The repo name we were using redirects to the correct place, but we may
as well cut out the middle man.
@jasonodoom
Correct staticcheck reference to setup-env, sort alphabetically and c…
1e7cb4f 
…orrect staticcheck package URL

Co-Authored By: @mcdonnnj <[email protected]>
@jasonodoom @jsf9k
Remove Go section coment
5f3bc13 
Co-authored-by: Shane Frasier <[email protected]>
@mcdonnnj
Remove unnecessary quotes in the dependabot configuration
d311825 
We generally only use quotes when they are strictly necessary to ensure
data is interpreted as a string value.
@mcdonnnj
Sort the keys in the Dependabot configuration
2294d49 
Our standard practice for YAML files is to sort keys alphabetically.
@jsf9k @dv4harr10
Delete duplicate word "are"
e678502 
Co-authored-by: David Harris <[email protected]>
@jasonodoom @mcdonnnj
Fix gosec stylization
948ebde 
Co-authored-by: Nick <[email protected]>
@jsf9k
Revert "Temporarily use a different branch of cisagov/setup-env-githu…
98d3d3f 
…b-action"

This reverts commit ddbf6f7.

This can be done now that cisagov/setup-env-github-action#65 has been
merged.
@jasonodoom
Add nixfmt pre-commit hook
82db36a
@dependabot
Bump actions/checkout from 3 to 4
c0b5d5b 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <[email protected]>
@mcdonnnj
Bump crazy-max/ghaction-github-labeler from 4 to 5
b04654e
@mcdonnnj
Update the dependabot ignore configuration
49ac8c5 
Add crazy-max/ghaction-github-labeler as a commented out dependency to
ignore in the dependabot configuration file. This should be enabled in
downstream projects to consolidate updating this Action to the
cisagov/skeleton-generic repository.
@mcdonnnj
Merge pull request #138 from cisagov/add-go-packages
4ec50ab 
Add go packages for pre-commit
@mcdonnnj
Merge pull request #139 from cisagov/improvement/use-correct-repo-name
8145a93 
Use the correct repo name for the ansible-lint pre-commit hook
@mcdonnnj
Merge pull request #140 from cisagov/improvement/update_dependabot_co…
ce74358 
…nfiguration

Update the Dependabot configuration
@mcdonnnj
Merge pull request #141 from cisagov/documentation/grammar
338e3e1 
Delete duplicate word "are"
@mcdonnnj
Merge pull request #143 from cisagov/add-nixfmt
8432f1e 
Add nixfmt pre-commit hook
@mcdonnnj
Merge pull request #145 from cisagov/dependabot/github_actions/action…
8cdbc7b 
…s/checkout-4

Bump actions/checkout from 3 to 4
@cisagovbot cisagovbot added the upstream update This issue or pull request pulls in upstream updates label Dec 19, 2023
@jsf9k
Copy link
Member

jsf9k commented Dec 22, 2023
edited
Loading

@king-alexander - The Python 3.12 build is broken because the requests<2.21 pin in setup.py pulls in an old version of urllib3. This old version of urllib3 itself contains an old version of six that is incompatible with Python 3.12. (This is very similar to the reason that cisagov/gophish-tools cannot yet support Python 3.12, as described in this commit message.)

I know that the latest 1.26 version of urllib3 will work; to that end, can we safely bump the requests pin to requests<=2.25 or requests<2.26? You can see here that this will pull in a newer verison of urllib3 and hence resolve the issue.

The main reason I can't work this out myself is because I don't know why requests was pinned to <2.21 by @felddy in commit a729571, nor do I know how to do a proper test of this project if I make the change myself.

@jsf9k jsf9k added version bump This issue or pull request increments the version number python Pull requests that update Python code github-actions Pull requests that update GitHub Actions code security This issue or pull request addresses a security issue labels Dec 22, 2023
@king-alexander
Bump requests pin
b7fc10e 
Python 3.12 is incompatible with the version of `urllib3` pulled in by
`requests<2.21`. Bumping the requests pin to `requests<2.26` resolves
this issue.
@king-alexander
Copy link
Collaborator

@jsf9k I tried the CT Search API with requests<2.26 and didn't see any issues.

@jsf9k
Copy link
Member

jsf9k commented Dec 22, 2023

@jsf9k I tried the CT Search API with requests<2.26 and didn't see any issues.

Thank you @king-alexander!

@jsf9k jsf9k marked this pull request as ready for review December 22, 2023 18:24
@jsf9k jsf9k enabled auto-merge December 22, 2023 18:25
@jsf9k jsf9k merged commit c4e9cbf into develop Dec 26, 2023
56 checks passed
@jsf9k jsf9k deleted the lineage/skeleton branch December 26, 2023 16:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dav3r dav3r dav3r approved these changes

@jasonodoom jasonodoom jasonodoom approved these changes

@felddy felddy Awaiting requested review from felddy felddy is a code owner

@jsf9k jsf9k Awaiting requested review from jsf9k jsf9k is a code owner

@mcdonnnj mcdonnnj Awaiting requested review from mcdonnnj mcdonnnj is a code owner

Assignees

@jsf9k jsf9k

Labels
github-actions Pull requests that update GitHub Actions code python Pull requests that update Python code security This issue or pull request addresses a security issue upstream update This issue or pull request pulls in upstream updates version bump This issue or pull request increments the version number
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
7 participants
@cisagovbot @jsf9k @king-alexander @jasonodoom @dav3r @felddy @mcdonnnj