Upgrade gunicorn to v22 to solve security issue (#258)

lvarin · web-flow · commit b4c6d431090f · 2025-03-05T14:36:40.000+01:00
diff --git a/.github/workflows/checks.yml b/.github/workflows/checks.yml
@@ -16,7 +16,9 @@ jobs:
       - name: Set up Python
         uses: actions/setup-python@v4
         with:
-          python-version: "3.7"
+          python-version: "3.10"
+      - name: Pin pip version
+        run: python -m pip install --upgrade "pip<24.1"
       - name: Install requirements
         run: |
           pip install .
@@ -35,15 +37,17 @@ jobs:
       - name: Check out repository
         uses: actions/checkout@v3
       - name: Deploy app
-        run: docker-compose up -d --build
+        run: docker compose up -d --build
       - name: Wait for app startup
         shell: bash
-        run: sleep 20
+        run: |
+          sleep 20
+          docker compose ps
       - name: Run integration tests
         shell: bash
         run: bash tests/integration_tests.sh
       - name: Tear down app
-        run: docker-compose down
+        run: docker compose down
   publish:
     name: Build and publish app image
     runs-on: ubuntu-latest
diff --git a/Dockerfile b/Dockerfile
@@ -1,4 +1,4 @@
-FROM elixircloud/foca:20221110-py3.7
+FROM elixircloud/foca:20240711-py3.12
 
 LABEL version="2.0"
 LABEL software="cwl-WES"
diff --git a/cwl_wes/tasks/workflow_run_manager.py b/cwl_wes/tasks/workflow_run_manager.py
@@ -260,6 +260,7 @@ def update_run_document(  # pylint: disable=too-many-branches
             task_logs: Task run logs.
             **run_log_params: Run log parameters.
         """
+        document = None
         # TODO: Minimize db ops; try to compile entire object & update once
         # Update internal parameters
         if internal:
diff --git a/requirements.txt b/requirements.txt
@@ -1,7 +1,9 @@
-foca~=0.12.0
+foca==0.12.1
+flask-authz==2.5.0
 # cwl-tes @ git+https://github.com/ohsu-comp-bio/cwl-tes.git@7b44cb1825a302bb7eccb3f2d91dc233adc0e32f#egg=cwl-tes
 drs-cli~=0.2.3
-gunicorn~=19.9.0
+gunicorn~=22.0
 py-tes~=0.4.2
 importlib-metadata==4.13.0
 yq==3.2.3
+setuptools<69
diff --git a/requirements_dev.txt b/requirements_dev.txt
@@ -1,5 +1,5 @@
 black~=22.12
-flake8~=5.0
+flake8~=7.0
 flake8-docstrings~=1.6
 mypy~=0.991
-pylint~=2.15
+pylint==3.2.6
diff --git a/setup.py b/setup.py
@@ -35,7 +35,7 @@
         "Intended Audience :: Science/Research",
         "Topic :: Scientific/Engineering :: Bio-Informatics",
         "Natural Language :: English",
-        "Programming Language :: Python :: 3.7",
+        "Programming Language :: Python :: 3.12",
     ],
     install_requires=INSTALL_REQUIRES,
 )

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM elixircloud/foca:20221110-py3.7`
	`1`	`+FROM elixircloud/foca:20240711-py3.12`
`2`	`2`
`3`	`3`	`LABEL version="2.0"`
`4`	`4`	`LABEL software="cwl-WES"`
Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@`
`35`	`35`	`"Intended Audience :: Science/Research",`
`36`	`36`	`"Topic :: Scientific/Engineering :: Bio-Informatics",`
`37`	`37`	`"Natural Language :: English",`
`38`		`- "Programming Language :: Python :: 3.7",`
	`38`	`+ "Programming Language :: Python :: 3.12",`
`39`	`39`	`],`
`40`	`40`	`install_requires=INSTALL_REQUIRES,`
`41`	`41`	`)`