Bug 1659575 - Delete mach python-safety r=ahal

There are zero uses of this `mach` command over the past 90 days according to our telemetry. There are no external references to `mach python-safety` in-tree, and indeed if you track the history of the originating bug 1468394, it appears that once the `mach` command was created, none of the follow-up work that was discussed (i.e. running this in CI and triaging failures to appropriate owners) was done over the following 2 years.

If this ever does appear to be useful in the future, we can just resurrect this code from source control.

Differential Revision: https://phabricator.services.mozilla.com/D87351
This commit is contained in:
Ricky Stewart 2020-08-18 14:18:24 +00:00
parent 44ae0cd57e
commit 1218762d08
5 changed files with 0 additions and 244 deletions

View File

@ -56,7 +56,6 @@ MACH_MODULES = [
'python/mozbuild/mozbuild/mach_commands.py', 'python/mozbuild/mozbuild/mach_commands.py',
'python/mozperftest/mozperftest/mach_commands.py', 'python/mozperftest/mozperftest/mach_commands.py',
'python/mozrelease/mozrelease/mach_commands.py', 'python/mozrelease/mozrelease/mach_commands.py',
'python/safety/mach_commands.py',
'remote/mach_commands.py', 'remote/mach_commands.py',
'taskcluster/mach_commands.py', 'taskcluster/mach_commands.py',
'testing/awsy/mach_commands.py', 'testing/awsy/mach_commands.py',

View File

@ -1,12 +0,0 @@
[[source]]
url = "https://pypi.org/simple"
verify_ssl = true
name = "pypi"
[dev-packages]
[packages]
safety = "*"
[requires]
python_version = "2.7"

View File

@ -1,115 +0,0 @@
{
"_meta": {
"hash": {
"sha256": "73bfcb0c2aa29e65a2e01fad022c231093ce599e7a213f7780d1b8f3f37ca5c9"
},
"pipfile-spec": 6,
"requires": {
"python_version": "2.7"
},
"sources": [
{
"name": "pypi",
"url": "https://pypi.org/simple",
"verify_ssl": true
}
]
},
"default": {
"certifi": {
"hashes": [
"sha256:017c25db2a153ce562900032d5bc68e9f191e44e9a0f762f373977de9df1fbb3",
"sha256:25b64c7da4cd7479594d035c08c2d809eb4aab3a26e5a990ea98cc450c320f1f"
],
"version": "==2019.11.28"
},
"chardet": {
"hashes": [
"sha256:84ab92ed1c4d4f16916e05906b6b75a6c0fb5db821cc65e70cbd64a3e2a5eaae",
"sha256:fc323ffcaeaed0e0a02bf4d117757b98aed530d9ed4531e3e15460124c106691"
],
"version": "==3.0.4"
},
"click": {
"hashes": [
"sha256:2335065e6395b9e67ca716de5f7526736bfa6ceead690adf616d925bdc622b13",
"sha256:5b94b49521f6456670fdb30cd82a4eca9412788a93fa6dd6df72c94d5a8ff2d7"
],
"version": "==7.0"
},
"dparse": {
"hashes": [
"sha256:00a5fdfa900629e5159bf3600d44905b333f4059a3366f28e0dbd13eeab17b19",
"sha256:cef95156fa0adedaf042cd42f9990974bec76f25dfeca4dc01f381a243d5aa5b"
],
"version": "==0.4.1"
},
"idna": {
"hashes": [
"sha256:7588d1c14ae4c77d74036e8c22ff447b26d0fde8f007354fd48a7814db15b7cb",
"sha256:a068a21ceac8a4d63dbfd964670474107f541babbd2250d61922f029858365fa"
],
"version": "==2.9"
},
"packaging": {
"hashes": [
"sha256:170748228214b70b672c581a3dd610ee51f733018650740e98c7df862a583f73",
"sha256:e665345f9eef0c621aa0bf2f8d78cf6d21904eef16a93f020240b704a57f1334"
],
"version": "==20.1"
},
"pyparsing": {
"hashes": [
"sha256:4c830582a84fb022400b85429791bc551f1f4871c33f23e44f353119e92f969f",
"sha256:c342dccb5250c08d45fd6f8b4a559613ca603b57498511740e65cd11a2e7dcec"
],
"version": "==2.4.6"
},
"pyyaml": {
"hashes": [
"sha256:059b2ee3194d718896c0ad077dd8c043e5e909d9180f387ce42012662a4946d6",
"sha256:1cf708e2ac57f3aabc87405f04b86354f66799c8e62c28c5fc5f88b5521b2dbf",
"sha256:24521fa2890642614558b492b473bee0ac1f8057a7263156b02e8b14c88ce6f5",
"sha256:4fee71aa5bc6ed9d5f116327c04273e25ae31a3020386916905767ec4fc5317e",
"sha256:70024e02197337533eef7b85b068212420f950319cc8c580261963aefc75f811",
"sha256:74782fbd4d4f87ff04159e986886931456a1894c61229be9eaf4de6f6e44b99e",
"sha256:940532b111b1952befd7db542c370887a8611660d2b9becff75d39355303d82d",
"sha256:cb1f2f5e426dc9f07a7681419fe39cee823bb74f723f36f70399123f439e9b20",
"sha256:dbbb2379c19ed6042e8f11f2a2c66d39cceb8aeace421bfc29d085d93eda3689",
"sha256:e3a057b7a64f1222b56e47bcff5e4b94c4f61faac04c7c4ecb1985e18caa3994",
"sha256:e9f45bd5b92c7974e59bcd2dcc8631a6b6cc380a904725fce7bc08872e691615"
],
"version": "==5.3"
},
"requests": {
"hashes": [
"sha256:43999036bfa82904b6af1d99e4882b560e5e2c68e5c4b0aa03b655f3d7d73fee",
"sha256:b3f43d496c6daba4493e7c431722aeb7dbc6288f52a6e04e7b6023b0247817e6"
],
"version": "==2.23.0"
},
"safety": {
"hashes": [
"sha256:0a3a8a178a9c96242b224f033ee8d1d130c0448b0e6622d12deaf37f6c3b4e59",
"sha256:5059f3ffab3648330548ea9c7403405bbfaf085b11235770825d14c58f24cb78"
],
"index": "pypi",
"version": "==1.8.5"
},
"six": {
"hashes": [
"sha256:236bdbdce46e6e6a3d61a337c0f8b763ca1e8717c03b369e87a7ec7ce1319c0a",
"sha256:8f3cd2e254d8f793e7f3d6d9df77b92252b52637291d0f0da013c76ea2724b6c"
],
"version": "==1.14.0"
},
"urllib3": {
"hashes": [
"sha256:2f3db8b19923a873b3e5256dc9c2dedfa883e33d87c690d9c7913e1f40673cdc",
"sha256:87716c2d2a7121198ebcb7ce7cccf6ce5e9ba539041cfbaeecfb641dc0bf6acc"
],
"version": "==1.25.8"
}
},
"develop": {}
}

View File

@ -1,115 +0,0 @@
# This Source Code Form is subject to the terms of the Mozilla Public
# License, v. 2.0. If a copy of the MPL was not distributed with this
# file, You can obtain one at http://mozilla.org/MPL/2.0/.
from __future__ import absolute_import, print_function, unicode_literals
import os
import sys
import json
from mozbuild.base import (
MachCommandBase,
)
from mach.decorators import (
CommandArgument,
CommandProvider,
Command,
)
import mozpack.path as mozpath
from mozpack.files import FileFinder
from mozlog import commandline
here = os.path.abspath(os.path.dirname(__file__))
@CommandProvider
class MachCommands(MachCommandBase):
@Command('python-safety', category='testing',
description='Run python requirements safety checks')
@CommandArgument('--python',
default='3.5',
help='Version of Python for Pipenv to use. When given a '
'Python version, Pipenv will automatically scan your '
'system for a Python that matches that given version.')
def python_safety(self, python=None, **kwargs):
self.logger = commandline.setup_logging(
"python-safety", {"raw": sys.stdout})
self.activate_pipenv(
os.path.dirname(self.virtualenv_manager.virtualenv_root),
pipfile=os.path.join(here, 'Pipfile'), python=python, populate=True)
pattern = '**/*requirements*.txt'
path = mozpath.normsep(os.path.dirname(os.path.dirname(here)))
finder = FileFinder(path)
files = [os.path.join(path, p) for p, _ in finder.find(pattern)]
return_code = 0
self.logger.suite_start(tests=files)
for filepath in files:
self._run_python_safety(filepath)
self.logger.suite_end()
return return_code
def _run_python_safety(self, test_path):
from mozprocess import ProcessHandler
output = []
self.logger.test_start(test_path)
def _line_handler(line):
output.append(line.decode('UTF-8'))
cmd = ['safety', 'check', '--cache', '--json', '-r', test_path]
env = os.environ.copy()
env['PYTHONDONTWRITEBYTECODE'] = '1'
proc = ProcessHandler(
cmd, env=env, processOutputLine=_line_handler, storeOutput=False)
proc.run()
return_code = proc.wait()
"""
Example output for an error in json.
[
"pycrypto",
"<=2.6.1",
"2.6",
"Heap-based buffer overflow in the ALGnew...",
"35015"
]
"""
# Warnings are currently interleaved with json, see
# https://github.com/pyupio/safety/issues/133
for warning in output:
if warning.startswith('Warning'):
self.logger.warning(warning)
output = [line for line in output if not line.startswith('Warning')]
if output:
output_json = json.loads("".join(output))
affected = set()
for entry in output_json:
affected.add(entry[0])
message = "{0} installed:{2} affected:{1} description:{3}\n".format(
*entry)
self.logger.test_status(test=test_path,
subtest=entry[0],
status='FAIL',
message=message
)
if return_code != 0:
status = 'FAIL'
else:
status = 'PASS'
self.logger.test_end(test_path, status=status,
expected='PASS', message=" ".join(affected))
return return_code

View File

@ -33,7 +33,6 @@ codespell:
- python/docs/ - python/docs/
- python/mach/docs/ - python/mach/docs/
- python/mozlint/ - python/mozlint/
- python/safety/
- remote/doc/ - remote/doc/
- security/manager/locales/en-US/ - security/manager/locales/en-US/
- services/sync/locales/en-US/ - services/sync/locales/en-US/