From ee8d7dd3561b4a5c2b808f115566b029e1bef171 Mon Sep 17 00:00:00 2001 From: Prtm2110 Date: Fri, 3 Jan 2025 09:20:05 +0530 Subject: [PATCH 1/5] chore: add support for version 3.13 --- .github/workflows/sbom.yml | 2 +- .github/workflows/testing.yml | 105 +++++++++++++++++++++++++++++++++- setup.py | 1 + 3 files changed, 105 insertions(+), 3 deletions(-) diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml index ccaba68cd5..f3575cc6a5 100644 --- a/.github/workflows/sbom.yml +++ b/.github/workflows/sbom.yml @@ -19,7 +19,7 @@ jobs: runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }} strategy: matrix: - python: ['3.9', '3.10', '3.11', '3.12'] + python: ['3.9', '3.10', '3.11', '3.12', '3.13'] steps: - name: Harden Runner uses: step-security/harden-runner@0080882f6c36860b6ba35c610c98ce87d4e2f26f # v2.10.2 diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index c41cdb7df5..5f4bb3a496 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -15,7 +15,7 @@ on: description: 'Force run tests which rely on external connectivity' required: false type: boolean - +pull env: ACTIONS: 1 LONG_TESTS: 0 @@ -72,7 +72,7 @@ jobs: runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }} strategy: matrix: - python: ['3.9', '3.11', '3.12'] + python: ['3.9', '3.11', '3.12', '3.13'] timeout-minutes: 90 steps: - name: Harden Runner @@ -184,6 +184,107 @@ jobs: test/test_cli.py test/test_cvedb.py + long_tests: + name: Long tests on Python 3.13 + permissions: + contents: read + if: | + ! github.event.pull_request.user.login == 'github-actions[bot]' || + ! ( + startsWith(github.head_ref, 'chore-sbom-py') || + contains( + fromJSON('["chore-update-table","chore-precommit-config","chore-spdx-header"]'), + github.head_ref + ) + ) + runs-on: 'ubuntu-latest' + timeout-minutes: 120 + env: + LONG_TESTS: 1 + + steps: + - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 + - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 + with: + python-version: '3.13' + cache: 'pip' + + - name: "Skip tests if this is an automated sbom job" + env: + COMMIT_VAR: ${{ startsWith(github.head_ref, 'chore-sbom-py') && github.event.pull_request.user.login == 'github-actions[bot]' }} + run: | + if ${COMMIT_VAR} == true; then + echo "sbom=true" >> $GITHUB_ENV + echo "sbom set to true" + else + echo "sbom=false" >> $GITHUB_ENV + echo "sbom set to false" + fi + + - name: Get date + id: get-date + run: | + echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT + echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT + - name: Print Cache Keys + run: | + echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}" + echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}" + - name: Get today's cached database + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 + id: todays-cache + with: + path: cache + key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }} + - name: Get yesterday's cached database if today's is not available + uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 + if: steps.todays-cache.outputs.cache-hit != 'true' + with: + path: cache + key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} + + - name: Install cabextract + if: env.sbom != 'true' + run: sudo apt-get update && sudo apt-get install cabextract + - name: Install OS dependencies for testing PDF + if: env.sbom != 'true' + run: sudo apt-get install build-essential libpoppler-cpp-dev pkg-config python3-dev + - name: Install pdftotext, reportlab and cve-bin-tool + if: env.sbom != 'true' + run: | + python -m pip install --upgrade pip + python -m pip install --upgrade setuptools + python -m pip install --upgrade wheel + python -m pip install --upgrade pdftotext + python -m pip install --upgrade reportlab + python -m pip install --upgrade -r dev-requirements.txt + python -m pip install --editable . + - name: Try single CLI run of tool + if: env.sbom != 'true' + run: | + [[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool + NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out + cp -r ~/.cache/cve-bin-tool cache + - name: Run async tests + if: env.sbom != 'true' + run: > + pytest --cov --cov-append -n 8 --cov-report=xml -v --durations=50 + --ignore=test/test_cli.py + --ignore=test/test_cvedb.py + --ignore=test/test_requirements.py + --ignore=test/test_html.py + --ignore=test/test_json.py + --ignore=test/test_scanner.py + --ignore=test/test_language_parser.py + - name: Upload code coverage to codecov + if: env.sbom != 'true' + uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 # v5.1.2 + with: + files: ./coverage.xml + flags: longtests + name: codecov-umbrella + fail_ci_if_error: false + long_tests: name: Long tests on Python 3.10 permissions: diff --git a/setup.py b/setup.py index 23205d0e5e..c6e29571f8 100644 --- a/setup.py +++ b/setup.py @@ -46,6 +46,7 @@ "Programming Language :: Python :: 3.9", "Programming Language :: Python :: 3.10", "Programming Language :: Python :: 3.11", + "Programming Language :: Python :: 3.13", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", ], From 9767310ce7bc29e47cac91b181234e3a1e35e4d7 Mon Sep 17 00:00:00 2001 From: Prtm2110 Date: Fri, 3 Jan 2025 09:28:22 +0530 Subject: [PATCH 2/5] chore: fixed testing.yml --- .github/workflows/testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index 5f4bb3a496..d1a90c00b7 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -15,7 +15,7 @@ on: description: 'Force run tests which rely on external connectivity' required: false type: boolean -pull + env: ACTIONS: 1 LONG_TESTS: 0 From cf4922da1452e911eaa43e3a75282f171f811aeb Mon Sep 17 00:00:00 2001 From: Prtm2110 Date: Fri, 3 Jan 2025 09:47:47 +0530 Subject: [PATCH 3/5] chore: fixed testing.yml --- .github/workflows/testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index d1a90c00b7..af5191205a 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -184,7 +184,7 @@ jobs: test/test_cli.py test/test_cvedb.py - long_tests: + long_tests_python_313: name: Long tests on Python 3.13 permissions: contents: read From e6aa20eb2f1bd96df8572c8d2db4e506cac32d5a Mon Sep 17 00:00:00 2001 From: Prtm2110 Date: Thu, 9 Jan 2025 00:01:23 +0530 Subject: [PATCH 4/5] chore: removed long tests for 3.13 --- .github/workflows/testing.yml | 103 +--------------------------------- 1 file changed, 1 insertion(+), 102 deletions(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index af5191205a..c6ccb0462d 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -183,108 +183,7 @@ jobs: pytest -v --durations=50 test/test_cli.py test/test_cvedb.py - - long_tests_python_313: - name: Long tests on Python 3.13 - permissions: - contents: read - if: | - ! github.event.pull_request.user.login == 'github-actions[bot]' || - ! ( - startsWith(github.head_ref, 'chore-sbom-py') || - contains( - fromJSON('["chore-update-table","chore-precommit-config","chore-spdx-header"]'), - github.head_ref - ) - ) - runs-on: 'ubuntu-latest' - timeout-minutes: 120 - env: - LONG_TESTS: 1 - - steps: - - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - - uses: actions/setup-python@0b93645e9fea7318ecaed2b359559ac225c90a2b # v5.3.0 - with: - python-version: '3.13' - cache: 'pip' - - - name: "Skip tests if this is an automated sbom job" - env: - COMMIT_VAR: ${{ startsWith(github.head_ref, 'chore-sbom-py') && github.event.pull_request.user.login == 'github-actions[bot]' }} - run: | - if ${COMMIT_VAR} == true; then - echo "sbom=true" >> $GITHUB_ENV - echo "sbom set to true" - else - echo "sbom=false" >> $GITHUB_ENV - echo "sbom set to false" - fi - - - name: Get date - id: get-date - run: | - echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT - echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT - - name: Print Cache Keys - run: | - echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}" - echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}" - - name: Get today's cached database - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 - id: todays-cache - with: - path: cache - key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }} - - name: Get yesterday's cached database if today's is not available - uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57 # v4.2.0 - if: steps.todays-cache.outputs.cache-hit != 'true' - with: - path: cache - key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }} - - - name: Install cabextract - if: env.sbom != 'true' - run: sudo apt-get update && sudo apt-get install cabextract - - name: Install OS dependencies for testing PDF - if: env.sbom != 'true' - run: sudo apt-get install build-essential libpoppler-cpp-dev pkg-config python3-dev - - name: Install pdftotext, reportlab and cve-bin-tool - if: env.sbom != 'true' - run: | - python -m pip install --upgrade pip - python -m pip install --upgrade setuptools - python -m pip install --upgrade wheel - python -m pip install --upgrade pdftotext - python -m pip install --upgrade reportlab - python -m pip install --upgrade -r dev-requirements.txt - python -m pip install --editable . - - name: Try single CLI run of tool - if: env.sbom != 'true' - run: | - [[ -e cache ]] && mkdir -p .cache && mv cache ~/.cache/cve-bin-tool - NO_EXIT_CVE_NUM=1 python -m cve_bin_tool.cli test/assets/test-kerberos-5-1.15.1.out - cp -r ~/.cache/cve-bin-tool cache - - name: Run async tests - if: env.sbom != 'true' - run: > - pytest --cov --cov-append -n 8 --cov-report=xml -v --durations=50 - --ignore=test/test_cli.py - --ignore=test/test_cvedb.py - --ignore=test/test_requirements.py - --ignore=test/test_html.py - --ignore=test/test_json.py - --ignore=test/test_scanner.py - --ignore=test/test_language_parser.py - - name: Upload code coverage to codecov - if: env.sbom != 'true' - uses: codecov/codecov-action@1e68e06f1dbfde0e4cefc87efeba9e4643565303 # v5.1.2 - with: - files: ./coverage.xml - flags: longtests - name: codecov-umbrella - fail_ci_if_error: false - + long_tests: name: Long tests on Python 3.10 permissions: From d544fc898dc5e303931c433b4a046edcf793775c Mon Sep 17 00:00:00 2001 From: Prtm2110 Date: Thu, 9 Jan 2025 00:08:47 +0530 Subject: [PATCH 5/5] chore: pre-commit fix --- .github/workflows/testing.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index c6ccb0462d..a858fe156e 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -183,7 +183,7 @@ jobs: pytest -v --durations=50 test/test_cli.py test/test_cvedb.py - + long_tests: name: Long tests on Python 3.10 permissions: