Skip to content

Urllib3 upgrade + Rerecord JIra responses #12355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Maffooch merged 1 commit into from
May 1, 2025
Merged

Urllib3 upgrade + Rerecord JIra responses #12355

Maffooch merged 1 commit into from
May 1, 2025

Conversation

@Maffooch
Copy link
Contributor

@Maffooch Maffooch commented Apr 30, 2025
edited
Loading

Initially, we saw that tests were failing in #12218 on the jira tests, so I had asserted that the issue was with the jira client based on the stack traces there found in the test. As it turns out, testing the jira instance creation and finding push flows manually on urllib 2.4.0 was a success, so that meant the unit tests may be the issue. Sure enough, rerecording the tests allowed for successful tests execution

Big thanks to @dogboat for doing the testing to figure out the jira client is not the issue here!

[sc-11031]

@Maffooch Maffooch marked this pull request as ready for review April 30, 2025 16:52
@Maffooch Maffooch requested a review from mtesauro as a code owner April 30, 2025 16:52
@dryrunsecurity
Copy link

dryrunsecurity bot commented Apr 30, 2025

DryRun Security

This pull request contains a low-confidence finding related to potential information disclosure in a test fixture, where network interaction logs might inadvertently reveal internal testing infrastructure details.

💭 Unconfirmed Findings (1)
Vulnerability Potential Information Disclosure in Test Fixture
Description Test fixture located at unittests/vcr/jira/JIRAImportAndPushTestApi.test_import_no_push_to_jira.yaml includes detailed network interaction logs with specific IP addresses and timestamps, which could reveal internal testing infrastructure details if not properly managed.

All finding details can be found in the DryRun Security Dashboard.

@Maffooch Maffooch added this to the 2.46.0 milestone Apr 30, 2025
mtesauro
mtesauro approved these changes Apr 30, 2025
View reviewed changes
Copy link
Contributor

@mtesauro mtesauro left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved

@Maffooch Maffooch merged commit 67940a9 into bugfix May 1, 2025
78 checks passed
@Maffooch Maffooch deleted the urllib-upgrade branch May 1, 2025 18:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mtesauro mtesauro mtesauro approved these changes

@valentijnscholten valentijnscholten valentijnscholten approved these changes

@dogboat dogboat dogboat approved these changes

+1 more reviewer

@hblankenship hblankenship hblankenship approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

unittests

Projects

None yet

Milestone

2.46.0

Development

Successfully merging this pull request may close these issues.

6 participants

@Maffooch @mtesauro @valentijnscholten @dogboat @hblankenship