From a62a2d35d918baa8e793f7aa4fb41527644dfca5 Mon Sep 17 00:00:00 2001 From: Ian Stapleton Cordasco Date: Wed, 22 May 2024 06:51:48 -0500 Subject: [PATCH 01/11] Allow for overriding of specific pool key params This re-enables the use case of providing a custom SSLContext via a Transport Adapter as broken in #6655 and reported in #6715 Closes #6715 --- HISTORY.md | 7 ++++ src/requests/adapters.py | 78 +++++++++++++++++++++++++++++++++++----- 2 files changed, 76 insertions(+), 9 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 4fca5894d7..b5dcbb660e 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,6 +6,13 @@ dev - \[Short description of non-trivial change.\] +2.32.3 (2024-??-??) +------------------- + +**Bugfixes** +- Fix bug breaking the ability to specify custom SSLContexts in sub-classes of + HTTPAdapter. (#6655) + 2.32.2 (2024-05-21) ------------------- diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 42fabe527c..ebffff3fcb 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -375,23 +375,83 @@ def build_response(self, req, resp): return response + def build_connection_pool_key_attributes(self, request, verify, cert=None): + """Build the PoolKey attributes used by urllib3 to return a connection. + + This looks at the PreparedRequest, the user-specified verify value, + and the value of the cert parameter to determine what PoolKey values + to use to select a connection from a given urllib3 Connection Pool. + + The SSL related pool key arguments are not consistently set. As of + this writing, use the following to determine what keys may be in that + dictionary: + + * If ``verify`` is ``True``, ``"ssl_context"`` will be set and will be the + default Requests SSL Context + * If ``verify`` is ``False``, ``"ssl_context"`` will not be set but + ``"cert_reqs"`` will be set + * If ``verify`` is a string, (i.e., it is a user-specified trust bundle) + ``"ca_certs"`` will be set if the string is not a directory recognized + by :py:func:`os.path.isdir`, otherwise ``"ca_certs_dir"`` will be + set. + * If ``"cert"`` is specified, ``"cert_file"`` will always be set. If + ``"cert"`` is a tuple with a second item, ``"key_file"`` will also + be present + + To override these settings, one may subclass this class, call this + method and use the above logic to change parameters as desired. For + example, if one wishes to use a custom :py:class:`ssl.SSLContext` one + must both set ``"ssl_context"`` and based on what else they require, + alter the other keys to ensure the desired behaviour. + + :param request: + The PreparedReqest being sent over the connection. + :type request: + :class:`~requests.models.PreparedRequest` + :param verify: + Either a boolean, in which case it controls whether + we verify the server's TLS certificate, or a string, in which case it + must be a path to a CA bundle to use. + :param cert: + (optional) Any user-provided SSL certificate for client + authentication (a.k.a., mTLS). This may be a string (i.e., just + the path to a file which holds both certificate and key) or a + tuple of length 2 with the certificate file path and key file + path. + :returns: + A tuple of two dictionaries. The first is the "host parameters" + portion of the Pool Key including scheme, hostname, and port. The + second is a dictionary of SSLContext related parameters. + """ + return _urllib3_request_context(request, verify, cert) + def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): """Returns a urllib3 connection for the given request and TLS settings. This should not be called from user code, and is only exposed for use when subclassing the :class:`HTTPAdapter `. - :param request: The :class:`PreparedRequest ` object - to be sent over the connection. - :param verify: Either a boolean, in which case it controls whether - we verify the server's TLS certificate, or a string, in which case it - must be a path to a CA bundle to use. - :param proxies: (optional) The proxies dictionary to apply to the request. - :param cert: (optional) Any user-provided SSL certificate to be trusted. - :rtype: urllib3.ConnectionPool + :param request: + The :class:`PreparedRequest ` object to be sent + over the connection. + :param verify: + Either a boolean, in which case it controls whether we verify the + server's TLS certificate, or a string, in which case it must be a + path to a CA bundle to use. + :param proxies: + (optional) The proxies dictionary to apply to the request. + :param cert: + (optional) Any user-provided SSL certificate to be used for client + authentication (a.k.a., mTLS). + :rtype: + urllib3.ConnectionPool """ proxy = select_proxy(request.url, proxies) try: - host_params, pool_kwargs = _urllib3_request_context(request, verify, cert) + host_params, pool_kwargs = self.build_connection_pool_key_attributes( + request, + verify, + cert, + ) except ValueError as e: raise InvalidURL(e, request=request) if proxy: From 6badbac6e0d6b5a53872f26401761ad37a9002b8 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 22 May 2024 14:43:57 -0600 Subject: [PATCH 02/11] Update HISTORY.md --- HISTORY.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index b5dcbb660e..327a4072e6 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,12 +6,12 @@ dev - \[Short description of non-trivial change.\] -2.32.3 (2024-??-??) +2.32.3 (2024-05-24) ------------------- **Bugfixes** - Fix bug breaking the ability to specify custom SSLContexts in sub-classes of - HTTPAdapter. (#6655) + HTTPAdapter. (#6716) 2.32.2 (2024-05-21) ------------------- From b1d73ddb509a3a2d3e10744e85f9cdebdbde90f0 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Fri, 24 May 2024 09:00:52 -0700 Subject: [PATCH 03/11] Don't use default SSLContext with custom poolmanager kwargs --- src/requests/adapters.py | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index ebffff3fcb..4766693f56 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -83,16 +83,20 @@ def _urllib3_request_context( request: "PreparedRequest", verify: "bool | str | None", client_cert: "typing.Tuple[str, str] | str | None", + poolmanager: "PoolManager", ) -> "(typing.Dict[str, typing.Any], typing.Dict[str, typing.Any])": host_params = {} pool_kwargs = {} parsed_request_url = urlparse(request.url) scheme = parsed_request_url.scheme.lower() port = parsed_request_url.port + poolmanager_kwargs = getattr(poolmanager, "connection_pool_kw", {}) + has_poolmanager_ssl_context = poolmanager_kwargs.get("ssl_context") + cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - elif verify is True: + elif verify is True and not has_poolmanager_ssl_context: pool_kwargs["ssl_context"] = _preloaded_ssl_context elif isinstance(verify, str): if not os.path.isdir(verify): @@ -423,7 +427,7 @@ def build_connection_pool_key_attributes(self, request, verify, cert=None): portion of the Pool Key including scheme, hostname, and port. The second is a dictionary of SSLContext related parameters. """ - return _urllib3_request_context(request, verify, cert) + return _urllib3_request_context(request, verify, cert, self.poolmanager) def get_connection_with_tls_context(self, request, verify, proxies=None, cert=None): """Returns a urllib3 connection for the given request and TLS settings. From e18879932287c2bf4bcee4ddf6ccb8a69b6fc656 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 29 May 2024 08:23:39 -0700 Subject: [PATCH 04/11] Don't create default SSLContext if ssl module isn't present (#6724) --- src/requests/adapters.py | 24 +++++++++++++++++++----- 1 file changed, 19 insertions(+), 5 deletions(-) diff --git a/src/requests/adapters.py b/src/requests/adapters.py index 4766693f56..9a58b16025 100644 --- a/src/requests/adapters.py +++ b/src/requests/adapters.py @@ -73,10 +73,18 @@ def SOCKSProxyManager(*args, **kwargs): DEFAULT_RETRIES = 0 DEFAULT_POOL_TIMEOUT = None -_preloaded_ssl_context = create_urllib3_context() -_preloaded_ssl_context.load_verify_locations( - extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) -) + +try: + import ssl # noqa: F401 + + _preloaded_ssl_context = create_urllib3_context() + _preloaded_ssl_context.load_verify_locations( + extract_zipped_paths(DEFAULT_CA_BUNDLE_PATH) + ) +except ImportError: + # Bypass default SSLContext creation when Python + # interpreter isn't built with the ssl module. + _preloaded_ssl_context = None def _urllib3_request_context( @@ -90,13 +98,19 @@ def _urllib3_request_context( parsed_request_url = urlparse(request.url) scheme = parsed_request_url.scheme.lower() port = parsed_request_url.port + + # Determine if we have and should use our default SSLContext + # to optimize performance on standard requests. poolmanager_kwargs = getattr(poolmanager, "connection_pool_kw", {}) has_poolmanager_ssl_context = poolmanager_kwargs.get("ssl_context") + should_use_default_ssl_context = ( + _preloaded_ssl_context is not None and not has_poolmanager_ssl_context + ) cert_reqs = "CERT_REQUIRED" if verify is False: cert_reqs = "CERT_NONE" - elif verify is True and not has_poolmanager_ssl_context: + elif verify is True and should_use_default_ssl_context: pool_kwargs["ssl_context"] = _preloaded_ssl_context elif isinstance(verify, str): if not os.path.isdir(verify): From 0e322af87745eff34caffe4df68456ebc20d9068 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Wed, 29 May 2024 08:36:10 -0700 Subject: [PATCH 05/11] v2.32.3 --- HISTORY.md | 6 ++++-- src/requests/__version__.py | 4 ++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/HISTORY.md b/HISTORY.md index 327a4072e6..e51a7ee2c2 100644 --- a/HISTORY.md +++ b/HISTORY.md @@ -6,12 +6,14 @@ dev - \[Short description of non-trivial change.\] -2.32.3 (2024-05-24) +2.32.3 (2024-05-29) ------------------- **Bugfixes** -- Fix bug breaking the ability to specify custom SSLContexts in sub-classes of +- Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716) +- Fixed issue where Requests started failing to run on Python versions compiled + without the `ssl` module. (#6724) 2.32.2 (2024-05-21) ------------------- diff --git a/src/requests/__version__.py b/src/requests/__version__.py index 24829c4b5f..2c105aca7d 100644 --- a/src/requests/__version__.py +++ b/src/requests/__version__.py @@ -5,8 +5,8 @@ __title__ = "requests" __description__ = "Python HTTP for Humans." __url__ = "https://requests.readthedocs.io" -__version__ = "2.32.2" -__build__ = 0x023202 +__version__ = "2.32.3" +__build__ = 0x023203 __author__ = "Kenneth Reitz" __author_email__ = "me@kennethreitz.org" __license__ = "Apache-2.0" From f8aa36b92d95e6d2f133489f39f9d5c2412f1bd9 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Mon, 1 Jul 2024 18:08:04 -0700 Subject: [PATCH 06/11] Test on urllib3 1.26.x --- .github/workflows/run-tests.yml | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index c35af968c4..3a0053327b 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -57,3 +57,23 @@ jobs: - name: Run tests run: | make ci + + urllib3: + name: 'urllib3 1.x' + runs-on: 'ubuntu-latest' + strategy: + fail-fast: true + + steps: + - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 + - name: 'Set up Python 3.8' + uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + with: + python-version: '3.8' + - name: Install dependencies + run: | + make + python -m pip install "urllib3<2" + - name: Run tests + run: | + make ci From 4e383642a9ebb82a67eaeed199d0fbbb31991e3c Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Thu, 18 Jul 2024 09:43:49 -0700 Subject: [PATCH 07/11] Add conditional string encoding based on urllib3 major version --- src/requests/compat.py | 12 ++++++++++++ src/requests/utils.py | 5 ++++- tests/test_requests.py | 41 ++++++++++++++++++++++++----------------- 3 files changed, 40 insertions(+), 18 deletions(-) diff --git a/src/requests/compat.py b/src/requests/compat.py index 095de1b6ca..4e843c6cf1 100644 --- a/src/requests/compat.py +++ b/src/requests/compat.py @@ -10,6 +10,18 @@ import importlib import sys +# ------- +# urllib3 +# ------- +from urllib3 import __version__ as urllib3_version + +# Detect which major version of urllib3 is being used. +try: + is_urllib3_2 = int(urllib3_version.split(".")[0]) == 2 +except (TypeError, AttributeError): + # If we can't discern a version, prefer old functionality. + is_urllib3_2 = False + # ------------------- # Character Detection # ------------------- diff --git a/src/requests/utils.py b/src/requests/utils.py index ae6c42f6cb..be7fc1d2f6 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -38,6 +38,7 @@ getproxies, getproxies_environment, integer_types, + is_urllib3_2, ) from .compat import parse_http_list as _parse_list_header from .compat import ( @@ -136,7 +137,9 @@ def super_len(o): total_length = None current_position = 0 - if isinstance(o, str): + if is_urllib3_2 and isinstance(o, str): + # urllib3 2.x treats all strings as utf-8 instead + # of latin-1 (iso-8859-1) like http.client. o = o.encode("utf-8") if hasattr(o, "__len__"): diff --git a/tests/test_requests.py b/tests/test_requests.py index b4e9fe92ae..df0d329eaf 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -25,6 +25,7 @@ builtin_str, cookielib, getproxies, + is_urllib3_2, urlparse, ) from requests.cookies import cookiejar_from_dict, morsel_to_cookie @@ -1810,23 +1811,6 @@ def test_autoset_header_values_are_native(self, httpbin): assert p.headers["Content-Length"] == length - def test_content_length_for_bytes_data(self, httpbin): - data = "This is a string containing multi-byte UTF-8 ☃️" - encoded_data = data.encode("utf-8") - length = str(len(encoded_data)) - req = requests.Request("POST", httpbin("post"), data=encoded_data) - p = req.prepare() - - assert p.headers["Content-Length"] == length - - def test_content_length_for_string_data_counts_bytes(self, httpbin): - data = "This is a string containing multi-byte UTF-8 ☃️" - length = str(len(data.encode("utf-8"))) - req = requests.Request("POST", httpbin("post"), data=data) - p = req.prepare() - - assert p.headers["Content-Length"] == length - def test_nonhttp_schemes_dont_check_URLs(self): test_urls = ( "data:image/gif;base64,R0lGODlhAQABAHAAACH5BAUAAAAALAAAAAABAAEAAAICRAEAOw==", @@ -2966,6 +2950,29 @@ def response_handler(sock): assert client_cert is not None +def test_content_length_for_bytes_data(httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + encoded_data = data.encode("utf-8") + length = str(len(encoded_data)) + req = requests.Request("POST", httpbin("post"), data=encoded_data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + + +@pytest.mark.skipif( + not is_urllib3_2, + reason="urllib3 2.x encodes all strings to utf-8, urllib3 1.x uses latin-1", +) +def test_content_length_for_string_data_counts_bytes(httpbin): + data = "This is a string containing multi-byte UTF-8 ☃️" + length = str(len(data.encode("utf-8"))) + req = requests.Request("POST", httpbin("post"), data=data) + p = req.prepare() + + assert p.headers["Content-Length"] == length + + def test_json_decode_errors_are_serializable_deserializable(): json_decode_error = requests.exceptions.JSONDecodeError( "Extra data", From 01353d3b4afe3afa838f8f5c08e5f30a5b50cb05 Mon Sep 17 00:00:00 2001 From: Nate Prewitt Date: Tue, 23 Jul 2024 04:28:03 -0700 Subject: [PATCH 08/11] Invert major version check --- src/requests/compat.py | 4 ++-- src/requests/utils.py | 6 +++--- tests/test_requests.py | 4 ++-- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/src/requests/compat.py b/src/requests/compat.py index 4e843c6cf1..7f9d754350 100644 --- a/src/requests/compat.py +++ b/src/requests/compat.py @@ -17,10 +17,10 @@ # Detect which major version of urllib3 is being used. try: - is_urllib3_2 = int(urllib3_version.split(".")[0]) == 2 + is_urllib3_1 = int(urllib3_version.split(".")[0]) == 1 except (TypeError, AttributeError): # If we can't discern a version, prefer old functionality. - is_urllib3_2 = False + is_urllib3_1 = True # ------------------- # Character Detection diff --git a/src/requests/utils.py b/src/requests/utils.py index be7fc1d2f6..699683e5d9 100644 --- a/src/requests/utils.py +++ b/src/requests/utils.py @@ -38,7 +38,7 @@ getproxies, getproxies_environment, integer_types, - is_urllib3_2, + is_urllib3_1, ) from .compat import parse_http_list as _parse_list_header from .compat import ( @@ -137,8 +137,8 @@ def super_len(o): total_length = None current_position = 0 - if is_urllib3_2 and isinstance(o, str): - # urllib3 2.x treats all strings as utf-8 instead + if not is_urllib3_1 and isinstance(o, str): + # urllib3 2.x+ treats all strings as utf-8 instead # of latin-1 (iso-8859-1) like http.client. o = o.encode("utf-8") diff --git a/tests/test_requests.py b/tests/test_requests.py index df0d329eaf..d8fbb23688 100644 --- a/tests/test_requests.py +++ b/tests/test_requests.py @@ -25,7 +25,7 @@ builtin_str, cookielib, getproxies, - is_urllib3_2, + is_urllib3_1, urlparse, ) from requests.cookies import cookiejar_from_dict, morsel_to_cookie @@ -2961,7 +2961,7 @@ def test_content_length_for_bytes_data(httpbin): @pytest.mark.skipif( - not is_urllib3_2, + is_urllib3_1, reason="urllib3 2.x encodes all strings to utf-8, urllib3 1.x uses latin-1", ) def test_content_length_for_string_data_counts_bytes(httpbin): From 15e1f17bb6f3f978787dd23da0268388148bc3d5 Mon Sep 17 00:00:00 2001 From: Branch Vincent Date: Sun, 28 Jul 2024 20:49:48 -0700 Subject: [PATCH 09/11] remove setuptools test command --- setup.py | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/setup.py b/setup.py index 1b0eb377b4..e18aa18bb6 100755 --- a/setup.py +++ b/setup.py @@ -4,7 +4,6 @@ from codecs import open from setuptools import setup -from setuptools.command.test import test as TestCommand CURRENT_PYTHON = sys.version_info[:2] REQUIRED_PYTHON = (3, 8) @@ -28,30 +27,6 @@ sys.exit(1) -class PyTest(TestCommand): - user_options = [("pytest-args=", "a", "Arguments to pass into py.test")] - - def initialize_options(self): - TestCommand.initialize_options(self) - try: - from multiprocessing import cpu_count - - self.pytest_args = ["-n", str(cpu_count()), "--boxed"] - except (ImportError, NotImplementedError): - self.pytest_args = ["-n", "1", "--boxed"] - - def finalize_options(self): - TestCommand.finalize_options(self) - self.test_args = [] - self.test_suite = True - - def run_tests(self): - import pytest - - errno = pytest.main(self.pytest_args) - sys.exit(errno) - - # 'setup.py publish' shortcut. if sys.argv[-1] == "publish": os.system("python setup.py sdist bdist_wheel") @@ -118,7 +93,6 @@ def run_tests(self): "Topic :: Internet :: WWW/HTTP", "Topic :: Software Development :: Libraries", ], - cmdclass={"test": PyTest}, tests_require=test_requirements, extras_require={ "security": [], From 877892e67e22e25bd3cb0dec780bf45c0e67026e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 12 Aug 2024 16:23:16 +0000 Subject: [PATCH 10/11] Bump github/codeql-action from 3.25.0 to 3.26.0 Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.0 to 3.26.0. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/df5a14dc28094dc936e103b37d749c6628682b60...eb055d739abdc2e8de2e5f4ba1a8b246daa779aa) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index b6d544640b..a504eccc5b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -45,7 +45,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/init@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 with: languages: "python" # If you wish to specify custom queries, you can do so here or in a config file. @@ -56,7 +56,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/autobuild@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 # ℹ️ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -70,4 +70,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0 + uses: github/codeql-action/analyze@eb055d739abdc2e8de2e5f4ba1a8b246daa779aa # v3.26.0 From 173890a48e9f064f0c034edf45109279d1d90a94 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 2 Sep 2024 16:56:26 +0000 Subject: [PATCH 11/11] Bump actions/setup-python from 5.1.0 to 5.2.0 Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.1.0 to 5.2.0. - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...f677139bbe7f9c59b41e40162b753c062f5d49a3) --- updated-dependencies: - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/lint.yml | 2 +- .github/workflows/run-tests.yml | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 46a7862eac..cbea3ae665 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -13,7 +13,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: "3.x" - name: Run pre-commit diff --git a/.github/workflows/run-tests.yml b/.github/workflows/run-tests.yml index 3a0053327b..5bbb2acaea 100644 --- a/.github/workflows/run-tests.yml +++ b/.github/workflows/run-tests.yml @@ -27,7 +27,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0 - name: Set up Python ${{ matrix.python-version }} - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0 + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 # v5.2.0 with: python-version: ${{ matrix.python-version }} cache: 'pip' @@ -47,7 +47,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: 'Set up Python 3.8' - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.8' - name: Install dependencies @@ -67,7 +67,7 @@ jobs: steps: - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 - name: 'Set up Python 3.8' - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d + uses: actions/setup-python@f677139bbe7f9c59b41e40162b753c062f5d49a3 with: python-version: '3.8' - name: Install dependencies