From 1218762d088e88ddcd6353b510c3481823a58516 Mon Sep 17 00:00:00 2001 From: Ricky Stewart Date: Tue, 18 Aug 2020 14:18:24 +0000 Subject: [PATCH] Bug 1659575 - Delete `mach python-safety` r=ahal There are zero uses of this `mach` command over the past 90 days according to our telemetry. There are no external references to `mach python-safety` in-tree, and indeed if you track the history of the originating bug 1468394, it appears that once the `mach` command was created, none of the follow-up work that was discussed (i.e. running this in CI and triaging failures to appropriate owners) was done over the following 2 years. If this ever does appear to be useful in the future, we can just resurrect this code from source control. Differential Revision: https://phabricator.services.mozilla.com/D87351 --- build/mach_bootstrap.py | 1 - python/safety/Pipfile | 12 ---- python/safety/Pipfile.lock | 115 --------------------------------- python/safety/mach_commands.py | 115 --------------------------------- tools/lint/codespell.yml | 1 - 5 files changed, 244 deletions(-) delete mode 100644 python/safety/Pipfile delete mode 100644 python/safety/Pipfile.lock delete mode 100644 python/safety/mach_commands.py diff --git a/build/mach_bootstrap.py b/build/mach_bootstrap.py index 88d10e7e8eb4..3222e7b20839 100644 --- a/build/mach_bootstrap.py +++ b/build/mach_bootstrap.py @@ -56,7 +56,6 @@ MACH_MODULES = [ 'python/mozbuild/mozbuild/mach_commands.py', 'python/mozperftest/mozperftest/mach_commands.py', 'python/mozrelease/mozrelease/mach_commands.py', - 'python/safety/mach_commands.py', 'remote/mach_commands.py', 'taskcluster/mach_commands.py', 'testing/awsy/mach_commands.py', diff --git a/python/safety/Pipfile b/python/safety/Pipfile deleted file mode 100644 index 029e81010c6c..000000000000 --- a/python/safety/Pipfile +++ /dev/null @@ -1,12 +0,0 @@ -[[source]] -url = "https://pypi.org/simple" -verify_ssl = true -name = "pypi" - -[dev-packages] - -[packages] -safety = "*" - -[requires] -python_version = "2.7" diff --git a/python/safety/Pipfile.lock b/python/safety/Pipfile.lock deleted file mode 100644 index f6caa5de3d76..000000000000 --- a/python/safety/Pipfile.lock +++ /dev/null @@ -1,115 +0,0 @@ -{ - "_meta": { - "hash": { - "sha256": "73bfcb0c2aa29e65a2e01fad022c231093ce599e7a213f7780d1b8f3f37ca5c9" - }, - "pipfile-spec": 6, - "requires": { - "python_version": "2.7" - }, - "sources": [ - { - "name": "pypi", - "url": "https://pypi.org/simple", - "verify_ssl": true - } - ] - }, - "default": { - "certifi": { - "hashes": [ - "sha256:017c25db2a153ce562900032d5bc68e9f191e44e9a0f762f373977de9df1fbb3", - "sha256:25b64c7da4cd7479594d035c08c2d809eb4aab3a26e5a990ea98cc450c320f1f" - ], - "version": "==2019.11.28" - }, - "chardet": { - "hashes": [ - "sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae", - "sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691" - ], - "version": "==3.0.4" - }, - "click": { - "hashes": [ - "sha256:2335065e6395b9e67ca716de5f7526736bfa6ceead690adf616d925bdc622b13", - "sha256:5b94b49521f6456670fdb30cd82a4eca9412788a93fa6dd6df72c94d5a8ff2d7" - ], - "version": "==7.0" - }, - "dparse": { - "hashes": [ - "sha256:00a5fdfa900629e5159bf3600d44905b333f4059a3366f28e0dbd13eeab17b19", - "sha256:cef95156fa0adedaf042cd42f9990974bec76f25dfeca4dc01f381a243d5aa5b" - ], - "version": "==0.4.1" - }, - "idna": { - "hashes": [ - "sha256:7588d1c14ae4c77d74036e8c22ff447b26d0fde8f007354fd48a7814db15b7cb", - "sha256:a068a21ceac8a4d63dbfd964670474107f541babbd2250d61922f029858365fa" - ], - "version": "==2.9" - }, - "packaging": { - "hashes": [ - "sha256:170748228214b70b672c581a3dd610ee51f733018650740e98c7df862a583f73", - "sha256:e665345f9eef0c621aa0bf2f8d78cf6d21904eef16a93f020240b704a57f1334" - ], - "version": "==20.1" - }, - "pyparsing": { - "hashes": [ - "sha256:4c830582a84fb022400b85429791bc551f1f4871c33f23e44f353119e92f969f", - "sha256:c342dccb5250c08d45fd6f8b4a559613ca603b57498511740e65cd11a2e7dcec" - ], - "version": "==2.4.6" - }, - "pyyaml": { - "hashes": [ - "sha256:059b2ee3194d718896c0ad077dd8c043e5e909d9180f387ce42012662a4946d6", - "sha256:1cf708e2ac57f3aabc87405f04b86354f66799c8e62c28c5fc5f88b5521b2dbf", - "sha256:24521fa2890642614558b492b473bee0ac1f8057a7263156b02e8b14c88ce6f5", - "sha256:4fee71aa5bc6ed9d5f116327c04273e25ae31a3020386916905767ec4fc5317e", - "sha256:70024e02197337533eef7b85b068212420f950319cc8c580261963aefc75f811", - "sha256:74782fbd4d4f87ff04159e986886931456a1894c61229be9eaf4de6f6e44b99e", - "sha256:940532b111b1952befd7db542c370887a8611660d2b9becff75d39355303d82d", - "sha256:cb1f2f5e426dc9f07a7681419fe39cee823bb74f723f36f70399123f439e9b20", - "sha256:dbbb2379c19ed6042e8f11f2a2c66d39cceb8aeace421bfc29d085d93eda3689", - "sha256:e3a057b7a64f1222b56e47bcff5e4b94c4f61faac04c7c4ecb1985e18caa3994", - "sha256:e9f45bd5b92c7974e59bcd2dcc8631a6b6cc380a904725fce7bc08872e691615" - ], - "version": "==5.3" - }, - "requests": { - "hashes": [ - "sha256:43999036bfa82904b6af1d99e4882b560e5e2c68e5c4b0aa03b655f3d7d73fee", - "sha256:b3f43d496c6daba4493e7c431722aeb7dbc6288f52a6e04e7b6023b0247817e6" - ], - "version": "==2.23.0" - }, - "safety": { - "hashes": [ - "sha256:0a3a8a178a9c96242b224f033ee8d1d130c0448b0e6622d12deaf37f6c3b4e59", - "sha256:5059f3ffab3648330548ea9c7403405bbfaf085b11235770825d14c58f24cb78" - ], - "index": "pypi", - "version": "==1.8.5" - }, - "six": { - "hashes": [ - "sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a", - "sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c" - ], - "version": "==1.14.0" - }, - "urllib3": { - "hashes": [ - "sha256:2f3db8b19923a873b3e5256dc9c2dedfa883e33d87c690d9c7913e1f40673cdc", - "sha256:87716c2d2a7121198ebcb7ce7cccf6ce5e9ba539041cfbaeecfb641dc0bf6acc" - ], - "version": "==1.25.8" - } - }, - "develop": {} -} diff --git a/python/safety/mach_commands.py b/python/safety/mach_commands.py deleted file mode 100644 index 843d2a32417e..000000000000 --- a/python/safety/mach_commands.py +++ /dev/null @@ -1,115 +0,0 @@ -# This Source Code Form is subject to the terms of the Mozilla Public -# License, v. 2.0. If a copy of the MPL was not distributed with this -# file, You can obtain one at http://mozilla.org/MPL/2.0/. - -from __future__ import absolute_import, print_function, unicode_literals - -import os -import sys -import json - -from mozbuild.base import ( - MachCommandBase, -) - -from mach.decorators import ( - CommandArgument, - CommandProvider, - Command, -) - -import mozpack.path as mozpath -from mozpack.files import FileFinder - -from mozlog import commandline - -here = os.path.abspath(os.path.dirname(__file__)) - - -@CommandProvider -class MachCommands(MachCommandBase): - @Command('python-safety', category='testing', - description='Run python requirements safety checks') - @CommandArgument('--python', - default='3.5', - help='Version of Python for Pipenv to use. When given a ' - 'Python version, Pipenv will automatically scan your ' - 'system for a Python that matches that given version.') - def python_safety(self, python=None, **kwargs): - self.logger = commandline.setup_logging( - "python-safety", {"raw": sys.stdout}) - - self.activate_pipenv( - os.path.dirname(self.virtualenv_manager.virtualenv_root), - pipfile=os.path.join(here, 'Pipfile'), python=python, populate=True) - - pattern = '**/*requirements*.txt' - path = mozpath.normsep(os.path.dirname(os.path.dirname(here))) - finder = FileFinder(path) - files = [os.path.join(path, p) for p, _ in finder.find(pattern)] - - return_code = 0 - - self.logger.suite_start(tests=files) - for filepath in files: - self._run_python_safety(filepath) - - self.logger.suite_end() - return return_code - - def _run_python_safety(self, test_path): - from mozprocess import ProcessHandler - - output = [] - self.logger.test_start(test_path) - - def _line_handler(line): - output.append(line.decode('UTF-8')) - - cmd = ['safety', 'check', '--cache', '--json', '-r', test_path] - env = os.environ.copy() - env['PYTHONDONTWRITEBYTECODE'] = '1' - - proc = ProcessHandler( - cmd, env=env, processOutputLine=_line_handler, storeOutput=False) - proc.run() - - return_code = proc.wait() - - """ - Example output for an error in json. - [ - "pycrypto", - "<=2.6.1", - "2.6", - "Heap-based buffer overflow in the ALGnew...", - "35015" - ] - """ - # Warnings are currently interleaved with json, see - # https://github.com/pyupio/safety/issues/133 - for warning in output: - if warning.startswith('Warning'): - self.logger.warning(warning) - output = [line for line in output if not line.startswith('Warning')] - if output: - output_json = json.loads("".join(output)) - affected = set() - for entry in output_json: - affected.add(entry[0]) - message = "{0} installed:{2} affected:{1} description:{3}\n".format( - *entry) - self.logger.test_status(test=test_path, - subtest=entry[0], - status='FAIL', - message=message - ) - - if return_code != 0: - status = 'FAIL' - else: - status = 'PASS' - self.logger.test_end(test_path, status=status, - expected='PASS', message=" ".join(affected)) - - return return_code diff --git a/tools/lint/codespell.yml b/tools/lint/codespell.yml index 5e4acbabf8a1..f82c0759b651 100644 --- a/tools/lint/codespell.yml +++ b/tools/lint/codespell.yml @@ -33,7 +33,6 @@ codespell: - python/docs/ - python/mach/docs/ - python/mozlint/ - - python/safety/ - remote/doc/ - security/manager/locales/en-US/ - services/sync/locales/en-US/