From 81406a3982fe632eb555ae2716848a936ea4dc6c Mon Sep 17 00:00:00 2001 From: Sanchari Date: Fri, 28 Apr 2023 15:04:29 +0200 Subject: [PATCH 01/12] Add sonarcloud configs --- .codeclimate.yml | 34 ------------------- .github/workflows/continous-integration.yml | 36 ++++++++++++--------- README.md | 1 - sonar-project.properties | 6 ++++ 4 files changed, 26 insertions(+), 51 deletions(-) delete mode 100644 .codeclimate.yml create mode 100644 sonar-project.properties diff --git a/.codeclimate.yml b/.codeclimate.yml deleted file mode 100644 index ec5222bcc5bb..000000000000 --- a/.codeclimate.yml +++ /dev/null @@ -1,34 +0,0 @@ -version: "2" -exclude_patterns: - - rasa/core/utils.py # codeclimate has some encoding issues with this files because of emojis - - .* - - .github/ - - CHANGELOG.mdx - - CODEOWNERS - - CODE_OF_CONDUCT.md - - Dockerfile - - LICENSE.txt - - Makefile - - NOTICE - - PRONCIPLES.md - - README.md - - binder/ - - changelog/ - - data/ - - docs/ - - examples/ - - poetry.lock - - pyproject.toml - - tests/ - - stubs/ - - scripts/ - - security.txt - - secrets.tar.enc -checks: - argument-count: - config: - threshold: 10 - file-lines: - enabled: false - method-count: - enabled: false diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index af2471690563..00c9007fe695 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -498,15 +498,6 @@ jobs: path: | ${{ github.workspace }}/${{ matrix.test }}-coverage - upload_coverage_reports: - name: Upload coverage reports to codeclimate - if: github.ref_type != 'tag' - runs-on: ubuntu-22.04 - # Always upload results even if tests failed - needs: - - test - - changes - steps: - name: Checkout git repository 🕝 if: needs.changes.outputs.backend == 'true' @@ -540,15 +531,28 @@ jobs: coverage combine "${final_dir}/"* coverage xml - - name: Upload reports to codeclimate - if: needs.changes.outputs.backend == 'true' - uses: paambaati/codeclimate-action@ac3f177ece9928d220a8bd1c2f1957926fd3b67e + sonarcloud: + if: github.ref_type != 'tag' + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master env: - CC_TEST_REPORTER_ID: ${{ secrets.CODECLIMATE_REPORTER_ID }} + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + + - name: Analyze with SonarCloud + uses: sonarsource/sonarcloud-github-action@master with: - coverageLocations: | - ${{ github.workspace }}/coverage.xml:coverage.py - debug: true + args: > + -Dsonar.projectKey=RasaHQ_rasa + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.tests=tests/ + -Dsonar.verbose=true integration_test: name: Run Non-Sequential Integration Tests diff --git a/README.md b/README.md index cbc50031a043..181f87717d90 100644 --- a/README.md +++ b/README.md @@ -6,7 +6,6 @@ [![PyPI version](https://badge.fury.io/py/rasa.svg)](https://badge.fury.io/py/rasa) [![Supported Python Versions](https://img.shields.io/pypi/pyversions/rasa.svg)](https://pypi.python.org/pypi/rasa) [![Build Status](https://github.com/RasaHQ/rasa/workflows/Continuous%20Integration/badge.svg)](https://github.com/RasaHQ/rasa/actions) -[![Coverage Status](https://api.codeclimate.com/v1/badges/756dc6fea1d5d3e127f7/test_coverage)](https://codeclimate.com/github/RasaHQ/rasa/) [![Documentation Status](https://img.shields.io/badge/docs-stable-brightgreen.svg)](https://rasa.com/docs) ![Documentation Build](https://img.shields.io/netlify/d2e447e4-5a5e-4dc7-be5d-7c04ae7ff706?label=Documentation%20Build) [![FOSSA Status](https://app.fossa.com/api/projects/custom%2B8141%2Fgit%40github.com%3ARasaHQ%2Frasa.git.svg?type=shield)](https://app.fossa.com/projects/custom%2B8141%2Fgit%40github.com%3ARasaHQ%2Frasa.git?ref=badge_shield) diff --git a/sonar-project.properties b/sonar-project.properties new file mode 100644 index 000000000000..ffb4a0047ee6 --- /dev/null +++ b/sonar-project.properties @@ -0,0 +1,6 @@ +sonar.organization=rasahq +sonar.projectKey=RasaHQ_rasa + +# relative paths to source directories. More details and properties are described +# in https://sonarcloud.io/documentation/project-administration/narrowing-the-focus/ +sonar.sources=. From f33441fbb1550e85239a9f836623754f537e46f2 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Fri, 28 Apr 2023 15:46:52 +0200 Subject: [PATCH 02/12] Adding custom analysis method --- .github/workflows/continous-integration.yml | 26 +++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index 44f945a22566..be63f0f61817 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -498,6 +498,15 @@ jobs: path: | ${{ github.workspace }}/${{ matrix.test }}-coverage + upload_coverage_reports: + name: Upload coverage reports + if: github.ref_type != 'tag' + runs-on: ubuntu-22.04 + # Always upload results even if tests failed + needs: + - test + - changes + steps: - name: Checkout git repository 🕝 if: needs.changes.outputs.backend == 'true' @@ -531,6 +540,23 @@ jobs: coverage combine "${final_dir}/"* coverage xml + - name: Analyse code with SonarCloud + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c + with: + # Disabling shallow clone is recommended for improving relevancy of reporting + fetch-depth: 0 + - name: SonarCloud Scan + uses: sonarsource/sonarcloud-github-action@master + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.projectKey=RasaHQ_rasa + -Dsonar.python.coverage.reportPaths=coverage.xml + -Dsonar.tests=tests/ + -Dsonar.verbose=true + integration_test: name: Run Non-Sequential Integration Tests if: github.ref_type != 'tag' From 33ddfa94914c107e404f7cf3d4e6819584e64a4c Mon Sep 17 00:00:00 2001 From: Sanchari Date: Tue, 2 May 2023 18:25:52 +0200 Subject: [PATCH 03/12] Review feedback changes --- .github/workflows/continous-integration.yml | 16 ++++------------ sonar-project.properties | 7 ++++++- 2 files changed, 10 insertions(+), 13 deletions(-) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index be63f0f61817..1dcd4d61db7a 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -511,6 +511,9 @@ jobs: - name: Checkout git repository 🕝 if: needs.changes.outputs.backend == 'true' uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c + with: + # Disabling shallow clone is recommended for improving relevancy of coverage reporting + fetch-depth: 0 - name: Set up Python 3.10 🐍 uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b @@ -541,21 +544,10 @@ jobs: coverage xml - name: Analyse code with SonarCloud - uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - with: - # Disabling shallow clone is recommended for improving relevancy of reporting - fetch-depth: 0 - - name: SonarCloud Scan - uses: sonarsource/sonarcloud-github-action@master + uses: sonarsource/sonarcloud-github-action@5875562561d22a34be0c657405578705a169af6c env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} - with: - args: > - -Dsonar.projectKey=RasaHQ_rasa - -Dsonar.python.coverage.reportPaths=coverage.xml - -Dsonar.tests=tests/ - -Dsonar.verbose=true integration_test: name: Run Non-Sequential Integration Tests diff --git a/sonar-project.properties b/sonar-project.properties index ffb4a0047ee6..6f3f176ea4f9 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -1,6 +1,11 @@ +# Organization and project keys are displayed in the right sidebar of the project homepage sonar.organization=rasahq sonar.projectKey=RasaHQ_rasa +sonar.host.url=https://sonarcloud.io/project/overview?id=RasaHQ_rasa + +sonar.python.coverage.reportPaths=coverage.xml # relative paths to source directories. More details and properties are described -# in https://sonarcloud.io/documentation/project-administration/narrowing-the-focus/ sonar.sources=. +sonar.tests=tests/ +sonar.verbose=true From 5b2fc20995e6d18cb248659c558a3b58a2680dbf Mon Sep 17 00:00:00 2001 From: Sanchari Date: Tue, 2 May 2023 18:32:42 +0200 Subject: [PATCH 04/12] Quality gate badge added to readme --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 181f87717d90..5499f0f5d667 100644 --- a/README.md +++ b/README.md @@ -6,6 +6,7 @@ [![PyPI version](https://badge.fury.io/py/rasa.svg)](https://badge.fury.io/py/rasa) [![Supported Python Versions](https://img.shields.io/pypi/pyversions/rasa.svg)](https://pypi.python.org/pypi/rasa) [![Build Status](https://github.com/RasaHQ/rasa/workflows/Continuous%20Integration/badge.svg)](https://github.com/RasaHQ/rasa/actions) +[![Quality Gate Status](https://sonarcloud.io/api/project_badges/measure?project=RasaHQ_rasa&metric=alert_status)](https://sonarcloud.io/summary/new_code?id=RasaHQ_rasa) [![Documentation Status](https://img.shields.io/badge/docs-stable-brightgreen.svg)](https://rasa.com/docs) ![Documentation Build](https://img.shields.io/netlify/d2e447e4-5a5e-4dc7-be5d-7c04ae7ff706?label=Documentation%20Build) [![FOSSA Status](https://app.fossa.com/api/projects/custom%2B8141%2Fgit%40github.com%3ARasaHQ%2Frasa.git.svg?type=shield)](https://app.fossa.com/projects/custom%2B8141%2Fgit%40github.com%3ARasaHQ%2Frasa.git?ref=badge_shield) From c7426faa836f7c880903a4da9048ebe33d00cfc5 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Wed, 3 May 2023 15:32:47 +0200 Subject: [PATCH 05/12] Fix CI execution failure --- sonar-project.properties | 1 - 1 file changed, 1 deletion(-) diff --git a/sonar-project.properties b/sonar-project.properties index 6f3f176ea4f9..74be66fa1438 100644 --- a/sonar-project.properties +++ b/sonar-project.properties @@ -6,6 +6,5 @@ sonar.host.url=https://sonarcloud.io/project/overview?id=RasaHQ_rasa sonar.python.coverage.reportPaths=coverage.xml # relative paths to source directories. More details and properties are described -sonar.sources=. sonar.tests=tests/ sonar.verbose=true From c643d2ab8e5a263548c30282538fa7e4490d95d9 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Wed, 3 May 2023 18:19:01 +0200 Subject: [PATCH 06/12] Seperate sonar scan stage on the CI --- .github/workflows/continous-integration.yml | 18 +++++++++++++++--- .../workflows/sonar-project.properties | 0 2 files changed, 15 insertions(+), 3 deletions(-) rename sonar-project.properties => .github/workflows/sonar-project.properties (100%) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index 1dcd4d61db7a..3882d5e9983f 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -511,9 +511,6 @@ jobs: - name: Checkout git repository 🕝 if: needs.changes.outputs.backend == 'true' uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c - with: - # Disabling shallow clone is recommended for improving relevancy of coverage reporting - fetch-depth: 0 - name: Set up Python 3.10 🐍 uses: actions/setup-python@57ded4d7d5e986d7296eab16560982c6dd7c923b @@ -543,6 +540,21 @@ jobs: coverage combine "${final_dir}/"* coverage xml + sonarcloud: + name: SonarCloud Scan + if: github.ref_type != 'tag' + runs-on: ubuntu-22.04 + needs: + - upload_coverage_reports + + steps: + - name: Checkout git repository 🕝 + if: needs.changes.outputs.backend == 'true' + uses: actions/checkout@ac593985615ec2ede58e132d2e21d2b1cbd6127c + with: + # Disabling shallow clone is recommended for improving relevancy of coverage reporting + fetch-depth: 0 + - name: Analyse code with SonarCloud uses: sonarsource/sonarcloud-github-action@5875562561d22a34be0c657405578705a169af6c env: diff --git a/sonar-project.properties b/.github/workflows/sonar-project.properties similarity index 100% rename from sonar-project.properties rename to .github/workflows/sonar-project.properties From 947f2e03e65bfc7b85f9bf2b53ab545b9640d8ac Mon Sep 17 00:00:00 2001 From: Sanchari Date: Tue, 9 May 2023 16:45:17 +0200 Subject: [PATCH 07/12] Fix stage name --- .github/workflows/continous-integration.yml | 6 +++--- .github/workflows/sonar-project.properties | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index 3882d5e9983f..188b01991e92 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -498,8 +498,8 @@ jobs: path: | ${{ github.workspace }}/${{ matrix.test }}-coverage - upload_coverage_reports: - name: Upload coverage reports + prepare_coverage_reports: + name: Prepare coverage reports if: github.ref_type != 'tag' runs-on: ubuntu-22.04 # Always upload results even if tests failed @@ -545,7 +545,7 @@ jobs: if: github.ref_type != 'tag' runs-on: ubuntu-22.04 needs: - - upload_coverage_reports + - prepare_coverage_reports steps: - name: Checkout git repository 🕝 diff --git a/.github/workflows/sonar-project.properties b/.github/workflows/sonar-project.properties index 74be66fa1438..98e0c177698c 100644 --- a/.github/workflows/sonar-project.properties +++ b/.github/workflows/sonar-project.properties @@ -3,8 +3,8 @@ sonar.organization=rasahq sonar.projectKey=RasaHQ_rasa sonar.host.url=https://sonarcloud.io/project/overview?id=RasaHQ_rasa -sonar.python.coverage.reportPaths=coverage.xml +sonar.python.coverage.reportPaths=./tests_coverage/coverage.xml # relative paths to source directories. More details and properties are described -sonar.tests=tests/ +sonar.tests=./tests/ sonar.verbose=true From 07165ca74ee2c3ba7c6cb10807180594afa90317 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Fri, 9 Jun 2023 11:46:57 +0200 Subject: [PATCH 08/12] Adding sonar-project.properties as args in workflow --- .../sonar-project.properties => sonar-project.properties | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename .github/workflows/sonar-project.properties => sonar-project.properties (100%) diff --git a/.github/workflows/sonar-project.properties b/sonar-project.properties similarity index 100% rename from .github/workflows/sonar-project.properties rename to sonar-project.properties From 9405fd5ae5a9cdc73240e11b4c5b5dfecc1bac11 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Wed, 14 Jun 2023 19:22:25 +0200 Subject: [PATCH 09/12] Add sonar analytics properties in the CI --- .github/workflows/continous-integration.yml | 8 ++++++++ .../workflows/sonar-project.properties | 0 2 files changed, 8 insertions(+) rename sonar-project.properties => .github/workflows/sonar-project.properties (100%) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index 89efa4afbcc9..98cebc64f659 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -581,6 +581,14 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }} + with: + args: > + -Dsonar.organization=rasahq + -Dsonar.projectKey=RasaHQ_rasa + -Dsonar.python.coverage.reportPaths=tests_coverage/coverage.xml + -Dsonar.host.url=https://sonarcloud.io/project/overview?id=RasaHQ_rasa + -Dsonar.tests=tests/ + -Dsonar.verbose=true integration_test: name: Run Non-Sequential Integration Tests diff --git a/sonar-project.properties b/.github/workflows/sonar-project.properties similarity index 100% rename from sonar-project.properties rename to .github/workflows/sonar-project.properties From f5068721eb5b31399a7bb7dab2d977f43ea41963 Mon Sep 17 00:00:00 2001 From: Sanchari Date: Tue, 18 Jul 2023 12:47:42 +0200 Subject: [PATCH 10/12] Update sonar url and poetry dependencies --- .github/workflows/continous-integration.yml | 4 +- poetry.lock | 42 ++++++++++++++++++++- 2 files changed, 42 insertions(+), 4 deletions(-) diff --git a/.github/workflows/continous-integration.yml b/.github/workflows/continous-integration.yml index 5ec90f240f10..1368592000f1 100644 --- a/.github/workflows/continous-integration.yml +++ b/.github/workflows/continous-integration.yml @@ -585,9 +585,9 @@ jobs: args: > -Dsonar.organization=rasahq -Dsonar.projectKey=RasaHQ_rasa + -Dsonar.sources=. -Dsonar.python.coverage.reportPaths=tests_coverage/coverage.xml - -Dsonar.host.url=https://sonarcloud.io/project/overview?id=RasaHQ_rasa - -Dsonar.tests=tests/ + -Dsonar.host.url=https://sonarcloud.io -Dsonar.verbose=true integration_test: diff --git a/poetry.lock b/poetry.lock index a1ee30e301fc..2acb2a6d0bc7 100644 --- a/poetry.lock +++ b/poetry.lock @@ -3558,6 +3558,7 @@ files = [ {file = "Pillow-10.0.0-cp311-cp311-musllinux_1_1_aarch64.whl", hash = "sha256:3b08d4cc24f471b2c8ca24ec060abf4bebc6b144cb89cba638c720546b1cf538"}, {file = "Pillow-10.0.0-cp311-cp311-musllinux_1_1_x86_64.whl", hash = "sha256:d737a602fbd82afd892ca746392401b634e278cb65d55c4b7a8f48e9ef8d008d"}, {file = "Pillow-10.0.0-cp311-cp311-win_amd64.whl", hash = "sha256:3a82c40d706d9aa9734289740ce26460a11aeec2d9c79b7af87bb35f0073c12f"}, + {file = "Pillow-10.0.0-cp311-cp311-win_arm64.whl", hash = "sha256:bc2ec7c7b5d66b8ec9ce9f720dbb5fa4bace0f545acd34870eff4a369b44bf37"}, {file = "Pillow-10.0.0-cp312-cp312-macosx_10_10_x86_64.whl", hash = "sha256:d80cf684b541685fccdd84c485b31ce73fc5c9b5d7523bf1394ce134a60c6883"}, {file = "Pillow-10.0.0-cp312-cp312-macosx_11_0_arm64.whl", hash = "sha256:76de421f9c326da8f43d690110f0e79fe3ad1e54be811545d7d91898b4c8493e"}, {file = "Pillow-10.0.0-cp312-cp312-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:81ff539a12457809666fef6624684c008e00ff6bf455b4b89fd00a140eecd640"}, @@ -3567,6 +3568,7 @@ files = [ {file = "Pillow-10.0.0-cp312-cp312-musllinux_1_1_aarch64.whl", hash = "sha256:d50b6aec14bc737742ca96e85d6d0a5f9bfbded018264b3b70ff9d8c33485551"}, {file = "Pillow-10.0.0-cp312-cp312-musllinux_1_1_x86_64.whl", hash = "sha256:00e65f5e822decd501e374b0650146063fbb30a7264b4d2744bdd7b913e0cab5"}, {file = "Pillow-10.0.0-cp312-cp312-win_amd64.whl", hash = "sha256:f31f9fdbfecb042d046f9d91270a0ba28368a723302786c0009ee9b9f1f60199"}, + {file = "Pillow-10.0.0-cp312-cp312-win_arm64.whl", hash = "sha256:1ce91b6ec08d866b14413d3f0bbdea7e24dfdc8e59f562bb77bc3fe60b6144ca"}, {file = "Pillow-10.0.0-cp38-cp38-macosx_10_10_x86_64.whl", hash = "sha256:349930d6e9c685c089284b013478d6f76e3a534e36ddfa912cde493f235372f3"}, {file = "Pillow-10.0.0-cp38-cp38-macosx_11_0_arm64.whl", hash = "sha256:3a684105f7c32488f7153905a4e3015a3b6c7182e106fe3c37fbb5ef3e6994c3"}, {file = "Pillow-10.0.0-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b4f69b3700201b80bb82c3a97d5e9254084f6dd5fb5b16fc1a7b974260f89f43"}, @@ -4837,7 +4839,8 @@ files = [ {file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win32.whl", hash = "sha256:763d65baa3b952479c4e972669f679fe490eee058d5aa85da483ebae2009d231"}, {file = "ruamel.yaml.clib-0.2.7-cp310-cp310-win_amd64.whl", hash = "sha256:d000f258cf42fec2b1bbf2863c61d7b8918d31ffee905da62dede869254d3b8a"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:045e0626baf1c52e5527bd5db361bc83180faaba2ff586e763d3d5982a876a9e"}, - {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_12_6_arm64.whl", hash = "sha256:721bc4ba4525f53f6a611ec0967bdcee61b31df5a56801281027a3a6d1c2daf5"}, + {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-macosx_13_0_arm64.whl", hash = "sha256:1a6391a7cabb7641c32517539ca42cf84b87b667bad38b78d4d42dd23e957c81"}, + {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-manylinux2014_aarch64.whl", hash = "sha256:9c7617df90c1365638916b98cdd9be833d31d337dbcd722485597b43c4a215bf"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-manylinux_2_17_x86_64.manylinux2014_x86_64.manylinux_2_24_x86_64.whl", hash = "sha256:41d0f1fa4c6830176eef5b276af04c89320ea616655d01327d5ce65e50575c94"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win32.whl", hash = "sha256:f6d3d39611ac2e4f62c3128a9eed45f19a6608670c5a2f4f07f24e8de3441d38"}, {file = "ruamel.yaml.clib-0.2.7-cp311-cp311-win_amd64.whl", hash = "sha256:da538167284de58a52109a9b89b8f6a53ff8437dd6dc26d33b57bf6699153122"}, @@ -5513,8 +5516,43 @@ category = "main" optional = false python-versions = "!=3.0.*,!=3.1.*,!=3.2.*,!=3.3.*,!=3.4.*,!=3.5.*,>=2.7" files = [ + {file = "SQLAlchemy-1.4.49-cp27-cp27m-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:2e126cf98b7fd38f1e33c64484406b78e937b1a280e078ef558b95bf5b6895f6"}, + {file = "SQLAlchemy-1.4.49-cp27-cp27mu-manylinux_2_5_x86_64.manylinux1_x86_64.whl", hash = "sha256:03db81b89fe7ef3857b4a00b63dedd632d6183d4ea5a31c5d8a92e000a41fc71"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-macosx_11_0_x86_64.whl", hash = "sha256:95b9df9afd680b7a3b13b38adf6e3a38995da5e162cc7524ef08e3be4e5ed3e1"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a63e43bf3f668c11bb0444ce6e809c1227b8f067ca1068898f3008a273f52b09"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:f835c050ebaa4e48b18403bed2c0fda986525896efd76c245bdd4db995e51a4c"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:9c21b172dfb22e0db303ff6419451f0cac891d2e911bb9fbf8003d717f1bcf91"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-win32.whl", hash = "sha256:5fb1ebdfc8373b5a291485757bd6431de8d7ed42c27439f543c81f6c8febd729"}, + {file = "SQLAlchemy-1.4.49-cp310-cp310-win_amd64.whl", hash = "sha256:f8a65990c9c490f4651b5c02abccc9f113a7f56fa482031ac8cb88b70bc8ccaa"}, + {file = "SQLAlchemy-1.4.49-cp311-cp311-macosx_10_9_universal2.whl", hash = "sha256:8923dfdf24d5aa8a3adb59723f54118dd4fe62cf59ed0d0d65d940579c1170a4"}, + {file = "SQLAlchemy-1.4.49-cp311-cp311-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a9ab2c507a7a439f13ca4499db6d3f50423d1d65dc9b5ed897e70941d9e135b0"}, + {file = "SQLAlchemy-1.4.49-cp311-cp311-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:5debe7d49b8acf1f3035317e63d9ec8d5e4d904c6e75a2a9246a119f5f2fdf3d"}, + {file = "SQLAlchemy-1.4.49-cp311-cp311-win32.whl", hash = "sha256:82b08e82da3756765c2e75f327b9bf6b0f043c9c3925fb95fb51e1567fa4ee87"}, + {file = "SQLAlchemy-1.4.49-cp311-cp311-win_amd64.whl", hash = "sha256:171e04eeb5d1c0d96a544caf982621a1711d078dbc5c96f11d6469169bd003f1"}, + {file = "SQLAlchemy-1.4.49-cp36-cp36m-macosx_10_14_x86_64.whl", hash = "sha256:36e58f8c4fe43984384e3fbe6341ac99b6b4e083de2fe838f0fdb91cebe9e9cb"}, + {file = "SQLAlchemy-1.4.49-cp36-cp36m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:b31e67ff419013f99ad6f8fc73ee19ea31585e1e9fe773744c0f3ce58c039c30"}, {file = "SQLAlchemy-1.4.49-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:c14b29d9e1529f99efd550cd04dbb6db6ba5d690abb96d52de2bff4ed518bc95"}, {file = "SQLAlchemy-1.4.49-cp36-cp36m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:c40f3470e084d31247aea228aa1c39bbc0904c2b9ccbf5d3cfa2ea2dac06f26d"}, + {file = "SQLAlchemy-1.4.49-cp36-cp36m-win32.whl", hash = "sha256:706bfa02157b97c136547c406f263e4c6274a7b061b3eb9742915dd774bbc264"}, + {file = "SQLAlchemy-1.4.49-cp36-cp36m-win_amd64.whl", hash = "sha256:a7f7b5c07ae5c0cfd24c2db86071fb2a3d947da7bd487e359cc91e67ac1c6d2e"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-macosx_11_0_x86_64.whl", hash = "sha256:4afbbf5ef41ac18e02c8dc1f86c04b22b7a2125f2a030e25bbb4aff31abb224b"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:24e300c0c2147484a002b175f4e1361f102e82c345bf263242f0449672a4bccf"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:201de072b818f8ad55c80d18d1a788729cccf9be6d9dc3b9d8613b053cd4836d"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:7653ed6817c710d0c95558232aba799307d14ae084cc9b1f4c389157ec50df5c"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-win32.whl", hash = "sha256:647e0b309cb4512b1f1b78471fdaf72921b6fa6e750b9f891e09c6e2f0e5326f"}, + {file = "SQLAlchemy-1.4.49-cp37-cp37m-win_amd64.whl", hash = "sha256:ab73ed1a05ff539afc4a7f8cf371764cdf79768ecb7d2ec691e3ff89abbc541e"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-macosx_11_0_x86_64.whl", hash = "sha256:37ce517c011560d68f1ffb28af65d7e06f873f191eb3a73af5671e9c3fada08a"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a1878ce508edea4a879015ab5215546c444233881301e97ca16fe251e89f1c55"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:0e8e608983e6f85d0852ca61f97e521b62e67969e6e640fe6c6b575d4db68557"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:ccf956da45290df6e809ea12c54c02ace7f8ff4d765d6d3dfb3655ee876ce58d"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-win32.whl", hash = "sha256:f167c8175ab908ce48bd6550679cc6ea20ae169379e73c7720a28f89e53aa532"}, + {file = "SQLAlchemy-1.4.49-cp38-cp38-win_amd64.whl", hash = "sha256:45806315aae81a0c202752558f0df52b42d11dd7ba0097bf71e253b4215f34f4"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-macosx_11_0_x86_64.whl", hash = "sha256:b6d0c4b15d65087738a6e22e0ff461b407533ff65a73b818089efc8eb2b3e1de"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:a843e34abfd4c797018fd8d00ffffa99fd5184c421f190b6ca99def4087689bd"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_12_x86_64.manylinux2010_x86_64.whl", hash = "sha256:1c890421651b45a681181301b3497e4d57c0d01dc001e10438a40e9a9c25ee77"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:d26f280b8f0a8f497bc10573849ad6dc62e671d2468826e5c748d04ed9e670d5"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-win32.whl", hash = "sha256:ec2268de67f73b43320383947e74700e95c6770d0c68c4e615e9897e46296294"}, + {file = "SQLAlchemy-1.4.49-cp39-cp39-win_amd64.whl", hash = "sha256:bbdf16372859b8ed3f4d05f925a984771cd2abd18bd187042f24be4886c2a15f"}, {file = "SQLAlchemy-1.4.49.tar.gz", hash = "sha256:06ff25cbae30c396c4b7737464f2a7fc37a67b7da409993b182b024cec80aed9"}, ] @@ -7151,4 +7189,4 @@ transformers = ["sentencepiece", "transformers"] [metadata] lock-version = "2.0" python-versions = ">=3.8,<3.11" -content-hash = "142e0e979eef65f95f8813ee15487e195721690e1ea8e3dfa6bc2f674ebea12d" \ No newline at end of file +content-hash = "6e9b49ac1d57cfda90c9c09eaed7087c677336ec3ff3822ebde578bb0e9f5743" From c352da16cf86f4687046dae90eb877ee8336b0a7 Mon Sep 17 00:00:00 2001 From: Jamie MacDonald Date: Wed, 19 Jul 2023 16:44:15 +0100 Subject: [PATCH 11/12] Ignore false positive detections --- rasa/shared/utils/io.py | 1 + tests/core/channels/test_facebook.py | 1 + tests/core/channels/test_slack.py | 3 +++ tests/core/channels/test_telegram.py | 3 +++ tests/core/channels/test_twilio.py | 1 + tests/core/test_broker.py | 2 ++ tests/core/test_channels.py | 2 ++ tests/core/test_tracker_stores.py | 3 +++ tests/integration_tests/core/brokers/test_pika.py | 3 +++ tests/integration_tests/core/test_agent.py | 1 + tests/test_server.py | 2 ++ 11 files changed, 22 insertions(+) diff --git a/rasa/shared/utils/io.py b/rasa/shared/utils/io.py index de2b1bc28f6c..e112defb5092 100644 --- a/rasa/shared/utils/io.py +++ b/rasa/shared/utils/io.py @@ -273,6 +273,7 @@ def get_list_fingerprint( def get_text_hash(text: Text, encoding: Text = DEFAULT_ENCODING) -> Text: """Calculate the md5 hash for a text.""" + # deepcode ignore InsecureHash: Not used for a cryptographic purpose return md5(text.encode(encoding)).hexdigest() # nosec diff --git a/tests/core/channels/test_facebook.py b/tests/core/channels/test_facebook.py index a0b70030a824..abb441a8493d 100644 --- a/tests/core/channels/test_facebook.py +++ b/tests/core/channels/test_facebook.py @@ -13,6 +13,7 @@ def test_facebook_channel(): input_channel = FacebookInput( fb_verify="YOUR_FB_VERIFY", # you need tell facebook this token, to confirm your URL + # deepcode ignore HardcodedNonCryptoSecret/test: Test credential fb_secret="YOUR_FB_SECRET", # your app secret fb_access_token="YOUR_FB_PAGE_ACCESS_TOKEN" # token for the page you subscribed to diff --git a/tests/core/channels/test_slack.py b/tests/core/channels/test_slack.py index 0f17e443f0d4..d7ebf9764660 100644 --- a/tests/core/channels/test_slack.py +++ b/tests/core/channels/test_slack.py @@ -1,3 +1,6 @@ +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. + from http import HTTPStatus import json import logging diff --git a/tests/core/channels/test_telegram.py b/tests/core/channels/test_telegram.py index 04fbfb12b3e0..00ad89db9f06 100644 --- a/tests/core/channels/test_telegram.py +++ b/tests/core/channels/test_telegram.py @@ -1,3 +1,6 @@ +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. + import json import logging from unittest.mock import patch diff --git a/tests/core/channels/test_twilio.py b/tests/core/channels/test_twilio.py index 90bd9633ec0d..503fc49353b3 100644 --- a/tests/core/channels/test_twilio.py +++ b/tests/core/channels/test_twilio.py @@ -10,6 +10,7 @@ def test_twilio_channel(): input_channel = TwilioInput( account_sid="ACCOUNT_SID", # Find your Account SID and Auth Token at twilio.com/console + # deepcode ignore HardcodedNonCryptoSecret/test: Test credential auth_token="AUTH_TOKEN", # Phone Number you want to use twilio_number="TWILIO_NUMBER", diff --git a/tests/core/test_broker.py b/tests/core/test_broker.py index f6fde15c6866..0bd8d250d550 100644 --- a/tests/core/test_broker.py +++ b/tests/core/test_broker.py @@ -404,7 +404,9 @@ async def test_sql_connection_error(monkeypatch: MonkeyPatch): def test_pika_event_broker_configure_url( host: Text, expected_url: Optional[Text] ) -> None: + # deepcode ignore NoHardcodedCredentials/test: Test credential username = "test_user" + # deepcode ignore NoHardcodedPasswords/test: Test credential password = "test_pass" broker = PikaEventBroker(host=host, username=username, password=password) url = broker._configure_url() diff --git a/tests/core/test_channels.py b/tests/core/test_channels.py index a3c7875f957d..4978af227946 100644 --- a/tests/core/test_channels.py +++ b/tests/core/test_channels.py @@ -1,3 +1,5 @@ +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. + import logging import jwt diff --git a/tests/core/test_tracker_stores.py b/tests/core/test_tracker_stores.py index ce6ca794667a..8d7268cc58a6 100644 --- a/tests/core/test_tracker_stores.py +++ b/tests/core/test_tracker_stores.py @@ -1,3 +1,5 @@ +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. + import logging import warnings from collections import deque @@ -397,6 +399,7 @@ def test_sql_tracker_store_logs_do_not_show_password(caplog: LogCaptureFixture): port = 9901 db = "some-database" username = "db-user" + # deepcode ignore NoHardcodedPasswords/test: Test credential password = "some-password" with caplog.at_level(logging.DEBUG): diff --git a/tests/integration_tests/core/brokers/test_pika.py b/tests/integration_tests/core/brokers/test_pika.py index eb27f9ba9f09..f272c144db0e 100644 --- a/tests/integration_tests/core/brokers/test_pika.py +++ b/tests/integration_tests/core/brokers/test_pika.py @@ -1,3 +1,5 @@ +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. + from typing import Text import docker @@ -109,6 +111,7 @@ async def test_pika_event_broker_connect_with_path_and_query_params_in_url( host_component: Text, ) -> None: username = "myuser" + # deepcode ignore NoHardcodedPasswords/test: Test credential password = "mypassword" vhost = "myvhost" hostname = "my-rabbitmq" diff --git a/tests/integration_tests/core/test_agent.py b/tests/integration_tests/core/test_agent.py index b5a34adfcf7a..c8c4dcbaa3f3 100644 --- a/tests/integration_tests/core/test_agent.py +++ b/tests/integration_tests/core/test_agent.py @@ -35,6 +35,7 @@ def aws_endpoint_url() -> Text: def create_user_with_access_key_and_attached_policy(region_name: Text) -> Any: """Create a user and an access key for them.""" client = boto3.client("iam", region_name=region_name) + # deepcode ignore NoHardcodedCredentials/test: Test credential client.create_user(UserName="test_user") policy_document = { diff --git a/tests/test_server.py b/tests/test_server.py index 3c1a82441598..ca757cd254a5 100644 --- a/tests/test_server.py +++ b/tests/test_server.py @@ -1,3 +1,5 @@ +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. + import asyncio import json import os From edaabf0a8f4748355b2dc136032386a4831712c2 Mon Sep 17 00:00:00 2001 From: m-vdb Date: Thu, 20 Jul 2023 09:19:10 +0200 Subject: [PATCH 12/12] ignore long comments issues --- tests/core/channels/test_slack.py | 4 ++-- tests/core/channels/test_telegram.py | 4 ++-- tests/core/test_channels.py | 2 +- tests/core/test_tracker_stores.py | 2 +- tests/integration_tests/core/brokers/test_pika.py | 2 +- tests/test_server.py | 2 +- 6 files changed, 8 insertions(+), 8 deletions(-) diff --git a/tests/core/channels/test_slack.py b/tests/core/channels/test_slack.py index d7ebf9764660..9d2045e003b9 100644 --- a/tests/core/channels/test_slack.py +++ b/tests/core/channels/test_slack.py @@ -1,5 +1,5 @@ -# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. -# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. # noqa: E501 +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. # noqa: E501 from http import HTTPStatus import json diff --git a/tests/core/channels/test_telegram.py b/tests/core/channels/test_telegram.py index 00ad89db9f06..6e7070b1affa 100644 --- a/tests/core/channels/test_telegram.py +++ b/tests/core/channels/test_telegram.py @@ -1,5 +1,5 @@ -# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. -# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. # noqa: E501 +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. # noqa: E501 import json import logging diff --git a/tests/core/test_channels.py b/tests/core/test_channels.py index 4978af227946..5aaaa7e9dd7e 100644 --- a/tests/core/test_channels.py +++ b/tests/core/test_channels.py @@ -1,4 +1,4 @@ -# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. # noqa: E501 import logging diff --git a/tests/core/test_tracker_stores.py b/tests/core/test_tracker_stores.py index 8d7268cc58a6..dd19b49c9051 100644 --- a/tests/core/test_tracker_stores.py +++ b/tests/core/test_tracker_stores.py @@ -1,4 +1,4 @@ -# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. # noqa: E501 import logging import warnings diff --git a/tests/integration_tests/core/brokers/test_pika.py b/tests/integration_tests/core/brokers/test_pika.py index f272c144db0e..9d170623285f 100644 --- a/tests/integration_tests/core/brokers/test_pika.py +++ b/tests/integration_tests/core/brokers/test_pika.py @@ -1,4 +1,4 @@ -# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. +# file deepcode ignore NoHardcodedCredentials/test: Secrets are all just examples for tests. # noqa: E501 from typing import Text diff --git a/tests/test_server.py b/tests/test_server.py index ca757cd254a5..c066643f7126 100644 --- a/tests/test_server.py +++ b/tests/test_server.py @@ -1,4 +1,4 @@ -# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. +# file deepcode ignore HardcodedNonCryptoSecret/test: Secrets are all just examples for tests. # noqa: E501 import asyncio import json