You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The PyNaCl dependency is pinned to a very old version (1.2.1) from 2018 which contains known security vulnerabilities. Consider updating to a more recent version.
Why: The suggestion correctly identifies a security vulnerability in the pinned PyNaCl version 1.2.1 (from 2018). Updating to a more recent version would address known security issues, making this a high-priority change.
High
Update outdated dependency constraint
The PyYAML dependency is constrained to versions below 5.4, which excludes security fixes. Recent versions of PyYAML (6.x) include important security patches.
Why: The suggestion correctly points out that the PyYAML constraint (<5.4) excludes newer versions with important security fixes. Updating to PyYAML 6.x would incorporate these security patches, significantly improving the project's security posture.
Medium
General
Fix inconsistent indentation
The indentation of the ClickHouse setting is inconsistent with the rest of the file. The setting should be properly indented to maintain consistent formatting.
Why: The suggestion correctly identifies an indentation inconsistency in the feature file. The PR removes indentation that was present in the old code, and the suggestion recommends restoring it for consistency with the rest of the file's formatting.
Low
Handle keyword arguments properly
**The submit method signature has been changed to include kwargs as a parameter, but the implementation of the method might not be using these keyword arguments. This could lead to unexpected behavior if callers are passing keyword arguments that are being silently ignored.
def submit(
self,
func: Callable,
*args: Any,
callback: Optional[Callable] = None,
**kwargs: Any,
) -> None:
+ # Make sure to pass kwargs to func when it's called
Suggestion importance[1-10]: 3
__
Why: The suggestion correctly identifies that the submit method signature has been updated to include **kwargs, but there's no indication in the PR diff about how these kwargs are used. This is a valid concern about potential silent parameter ignoring.
The with statement in the test is missing the actual context managers to be used. The parentheses are opened but the context managers are not properly defined, which will cause a syntax error. Fix the with statement by properly connecting the context managers.
Why: The suggestion correctly identifies a syntax issue in the PR. The PR introduces a new syntax with parentheses around context managers but doesn't properly close them. The suggested fix properly formats the with statement to use multiple context managers correctly, which would prevent a syntax error.
High
Security
Update vulnerable dependency
The PyNaCl version is pinned to a very old version (1.2.1) from 2018 which has known security vulnerabilities. Consider updating to a more recent version.
Why: The suggestion correctly identifies a security vulnerability in the pinned PyNaCl version 1.2.1 (from 2018). Updating to a more recent version (>=1.5.0) would address potential security issues, making this a high-priority suggestion.
High
General
Fix incorrect indentation
The indentation of the Scenario Outline line is incorrect, which could cause parsing issues in Gherkin/Behave. It should be aligned with the left margin, not indented.
-+ Scenario Outline: Add new host with replicated+Scenario Outline: Add new host with replicated
Suggestion importance[1-10]: 7
__
Why: The suggestion correctly identifies an indentation issue in the Gherkin feature file. Proper indentation is important for Gherkin/Behave parsing, and fixing it would prevent potential test execution problems.
The LockManager._flock method now opens the file in "r+" mode instead of "r" mode, which is correct for writing, but there's no error handling for file operations. Consider adding try/except blocks to handle potential file access errors.
The workaround for "Invalid thread ID" error catches ValueError exceptions with a specific string check. This approach might mask other ValueError exceptions that should be properly handled or propagated.
exceptValueErrorase:
if"Invalid thread ID"instr(e):
logging.warning(
"Thread ID error during iteration exhaustion due to"" incorrect thread termination in stopit library, skipping",
exc_info=True,
)
else:
raise
The code now tries to detect whether to use "docker-compose" or "docker compose", but doesn't handle the case where neither is available. Consider adding proper error handling if both commands are missing.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Alex-Burmak
force-pushed
the
main
branch
7 times, most recently
from
PR Type
Enhancement, Bug fix
Description
Modernize Python dependency management with uv
Update supported Python versions (3.9+ required)
Fix LockManager file handling issue
Add workaround for "Invalid thread ID" error
Changes walkthrough 📝
15 files
Replace pkg_resources with packaging.versionRemove setup.py in favor of pyproject.tomlReplace pkg_resources with packaging.versionAdd support for "docker compose" commandReplace pkg_resources with packaging.versionUse parenthesized context manager syntaxUse parenthesized context manager syntaxReplace Python setup with uv setupUpdate CI workflow to use uv and newer PythonAdd uv installation to DockerfileRefactor Makefile to use uv instead of pipUpdate Dockerfile to use wheel installationAdd pyproject.toml for modern Python packagingRemove requirements-dev.txt in favor of pyproject.tomlRemove requirements.txt in favor of pyproject.toml2 files
Fix file descriptor handling in LockManagerAdd workaround for "Invalid thread ID" error18 files
Add trailing comma in function parametersAdd trailing comma in function callAdd newline for consistent formattingAdd newline for consistent formattingAdd newline for consistent formattingAdd newline for consistent formattingAdd newline for consistent formattingAdd newline for consistent formattingReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyReorder imports for consistencyFix indentation in feature file7 files
Remove .codespellrc in favor of pyproject.tomlRemove .isort.cfg in favor of pyproject.tomlUpdate minimum Python version to 3.9Add Python version file for version managementUpdate minimum Python version to 3.9Update Python version detection in debian rulesAdd Python version specification for mypy1 files
Update and standardize author email formats