Fixes #4604, improved alt-text in Architecture and Metrics AND fixes #4579 Removed python 3.8 support #4606
Conversation
|
@terriko Let me know the changes are satisfactory or should i add more detail |
vedpawar2254
changed the title
vedpawar2254
changed the title
|
I have also solved issue #4579 in this PR |
vedpawar2254
changed the title
vedpawar2254
changed the title
There was a problem hiding this comment.
This looks promising, but there's a lot going on here and I think we're going to need to split it up and remove a couple of files.
- I recommend you learn how to use git branches and make separate ones for each logical change (i.e. one for docs: Improve alt-text in Architecture and Metrics #4604 and one for ci: remove python 3.8 support #4579). You can probably just search for a nice tutorial for how and why to use branches but here's our short version: https://github.com/intel/cve-bin-tool/blob/main/CONTRIBUTING.md#making-a-new-branch--pull-request
- It looks like you accidentally checked in some output files . I've flagged them with comments below. (I'm guessing you ran
git add *in the main directory and it picked up some stuff that shouldn't be checked in. Usually it's better to name specific files for git add to avoid this.) - It looks like we're getting an error about how black is run. It's likely because of your changes in dev-requirements.txt (it claims you're trying to install both 24.10.0 and 24.8.0 which is what is going on). You could probably leave those for another PR if you want to just deal with it later.
If you get stuck figuring out how to split this up and use branches, folk in our gitter can probably help you: https://gitter.im/cve-bin-tool/community?utm_source=badge&utm_medium=badge&utm_campaign=pr-badge
The actual changes look decent, but it's a bit hard to figure out what's going on with the tests failing so let's try to get this split up and cleaned up!
epss_percentile.csv
Outdated
| @@ -0,0 +1 @@ | |||
| vendor,product,version,location,cve_number,severity,score,source,cvss_version,cvss_vector,paths,remarks,comments,epss_probability,epss_percentile | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
epss_probability.csv
Outdated
| @@ -0,0 +1 @@ | |||
| vendor,product,version,location,cve_number,severity,score,source,cvss_version,cvss_vector,paths,remarks,comments,epss_probability,epss_percentile | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
| @@ -0,0 +1,8 @@ | |||
| vendor,product,version,location,cve_number,severity,score,source,cvss_version,cvss_vector,paths,remarks,comments | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
| @@ -0,0 +1,115 @@ | |||
| [ | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
sevtest.csv
Outdated
| @@ -0,0 +1 @@ | |||
| vendor,product,version,location,cve_number,severity,score,source,cvss_version,cvss_vector,paths,remarks,comments | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
test.sbom
Outdated
| @@ -0,0 +1,11 @@ | |||
| SPDXVersion: SPDX-2.3 | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
test-report.html
Outdated
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
test/README.md
Outdated
| @@ -75,7 +75,7 @@ The recommended way to do this yourself is to use python's `virtualenv` | |||
| You can set up virtualenv for all these environments: | |||
|
|
|||
| ```console | |||
| virtualenv -p python3.8 venv3.8 | |||
| virtualenv -p python3.9 venv3.8 | |||
There was a problem hiding this comment.
| virtualenv -p python3.9 venv3.8 | |
| virtualenv -p python3.12 venv3.12 |
So, what this is doing is making a directory name that matches the version of python. The way you had it written you'd wind up with a venv that was named 3.8 but actually used python 3.9, which would be very confusing later. Let's just go ahead and use a more recent venison of python in the example instead.
testfile.csv
Outdated
| @@ -0,0 +1 @@ | |||
| testing | |||
There was a problem hiding this comment.
I think this might have been checked in by mistake and should be removed.
dev-requirements.txt
Outdated
| isort; python_version < "3.8" | ||
| isort==5.13.2; python_version >= "3.8" | ||
| pre-commit; python_version <= "3.8" | ||
| black==24.8.0; |
There was a problem hiding this comment.
| black==24.8.0; | |
| black==24.10.0; |
You'll want to delete line 1 too -- right now you're telling it to install black 24.8.0 and 24.10.0 which isn't going to work.
|
Thanks @terriko i'll make the changes asap |
* related: intel#4606 There's a good PR intel#4606 which includes removing some python 3.8-isms, but it's going to take a bit longer before it's ready to merge because some other stuff got accidentally commited. This PR disables the SBOM and testing workflows so I don't have to deal with them over the holidays while we wait for intel#4606 to be fully ready. Signed-off-by: Terri Oda <terri.oda@intel.com>
* related: #4606 There's a good PR #4606 which includes removing some python 3.8-isms, but it's going to take a bit longer before it's ready to merge because some other stuff got accidentally commited. This PR disables the SBOM and testing workflows so I don't have to deal with them over the holidays while we wait for #4606 to be fully ready. Signed-off-by: Terri Oda <terri.oda@intel.com>
|
Hi @terriko , it looks like most of the work for issue #4579 is done(let me know if anymore is needed) also sorry for the delay, I had my endsems to blame for it, but i'll be regularly contributing now, I have also raised a PR for #4604 and I a can raise another one for #4579 if needed, |
Improved the alt-text in Architecture and Metrics in Manual.md
solves #4604
and fixes issue #4579 Removed python 3.8 support
remove python 3.8 from testing.yml
[x] remove any package workarounds that reference python 3.8 (there's some in dev-requirements.txt for sure)
[x] change configuration for pyupgrade in .pre-commit-config.yaml
[x] look through code to see if we have other python 3.8 specific workarounds that should be flagged for eventual [x] removal (can set up separate issues for these if we don't want to pull them out right away). There might be a couple in the tests specifically.