Merge pull request #36 from nautobot/vulns

updates for vulnerabilities
nautobot · Jun 14, 2023 · b3dd001 · b3dd001
2 parents 77d877b + 1db00a5
commit b3dd001
Show file tree

Hide file tree

Showing 8 changed files with 2,352 additions and 1,324 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -103,8 +103,8 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python-version: ["3.7", "3.8", "3.9"]
-        nautobot-version: ["1.2.0"]
+        python-version: ["3.8", "3.9", "3.10"]
+        nautobot-version: ["1.5.9"]
     runs-on: "ubuntu-20.04"
     env:
       INVOKE_NAUTOBOT_CHATOPS_ARISTA_CLOUDVISION_PYTHON_VER: "${{ matrix.python-version }}"

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,13 @@
 # Changelog
 
+## v1.3.0 - 2023-06-14
+
+### Changed
+
+- Dropping support for Python 3.7
+- Dropping <1.5.9 support of Nautobot
+- Update dependencies to close vulnerabilty
+
 ## v1.2.0 - 2021-08-31
 
 ### Changed

diff --git a/nautobot_chatops_arista_cloudvision/cvpgrpcutils.py b/nautobot_chatops_arista_cloudvision/cvpgrpcutils.py
@@ -29,7 +29,9 @@ def connect_cv(settings):
         # Otherwise, the server is expected to have a valid certificate signed by a well-known CA.
         else:
             channel_creds = grpc.ssl_channel_credentials()
-            response = requests.post(f"https://{cvp_host}/cvpservice/login/authenticate.do", auth=(username, password))
+            response = requests.post(
+                f"https://{cvp_host}/cvpservice/login/authenticate.do", auth=(username, password)
+            )  # nosec
         call_creds = grpc.access_token_call_credentials(response.json()["sessionId"])
     # Set up credentials for CVaaS using supplied token.
     else:

diff --git a/nautobot_chatops_arista_cloudvision/utils.py b/nautobot_chatops_arista_cloudvision/utils.py
@@ -542,7 +542,7 @@ def get_token_crt():
         )
     else:
         request = requests.post(
-            f"https://{CVP_HOST}/cvpservice/login/authenticate.do", auth=(CVP_USERNAME, CVP_PASSWORD)
+            f"https://{CVP_HOST}/cvpservice/login/authenticate.do", auth=(CVP_USERNAME, CVP_PASSWORD)  # nosec
         )
 
     with open("token.txt", "w") as tokenfile:  # pylint: disable=unspecified-encoding

diff --git a/nautobot_chatops_arista_cloudvision/worker.py b/nautobot_chatops_arista_cloudvision/worker.py
@@ -98,7 +98,6 @@ def get_devices_in_container(dispatcher, container_name=None):
     devices = get_cloudvision_container_devices(container_name)
 
     if devices:
-
         dispatcher.send_blocks(
             dispatcher.command_response_header(
                 "cloudvision",

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "nautobot-chatops-arista-cloudvision"
-version = "1.2.0"
+version = "1.3.0"
 description = "Nautobot Chatops Arista Cloudvision Integration"
 authors = ["Network to Code, LLC <[email protected]>"]
 license = "Apache-2.0"
@@ -21,13 +21,12 @@ packages = [
 
 [tool.poetry.dependencies]
 # Used for local development
-nautobot = { version = "*", optional = true }
-python = "^3.7"
+nautobot = "^1.5.9"
+python = "^3.8"
 protobuf = "^3.17"
 cvprac = "^1.0.6"
 cloudvision = "^1.1"
 nautobot-chatops = "^1.5.0"
-certifi = "^2021.5.30"
 
 [tool.poetry.dev-dependencies]
 bandit = "*"

diff --git a/tasks.py b/tasks.py
@@ -38,7 +38,7 @@ def is_truthy(arg):
 namespace.configure(
     {
         "nautobot_chatops_arista_cloudvision": {
-            "nautobot_ver": "1.2.0",
+            "nautobot_ver": "1.5.9",
             "project_name": "nautobot_chatops_arista_cloudvision",
             "python_ver": "3.8",
             "local": False,