Update dependencies to resolve tornado vuln (#147)

* Update dependencies to resolve tornado vuln

* Get new ruff config and sort the "__all__" lists

* Silence mypy's complaints about SecretStr/Bytes

.pre-commit-config.yaml

@@ -48,7 +48,7 @@ repos:
       - id: no-commit-to-branch
         args: [--branch, dev, --branch, int, --branch, main]
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.7.4
+    rev: v0.8.0
     hooks:
       - id: ruff
         args: [--fix, --exit-non-zero-on-fix, --exclude, scripts]

.pyproject_generation/pyproject_template.toml

@@ -40,6 +40,7 @@ fixable = [
     "UP", # e.g. List -> list
     "I", # sort imports
     "D", # pydocstyle
+    "RUF022", # sort items in __all__
 ]
 ignore = [
     "E111", # indentation with invalid multiple (for formatter)
@@ -59,6 +60,7 @@ ignore = [
     "D206", # indent-with-spaces (for formatter)
     "D300", # triple-single-quotes (for formatter)
     "UP040", # type statement (not yet supported by mypy)
+    "PLC0206", # Extracting value from dictionary without calling `.items()`
 ]
 select = [
     "C90", # McCabe Complexity

pyproject.toml

@@ -95,6 +95,7 @@ fixable = [
     "UP",
     "I",
     "D",
+    "RUF022",
 ]
 ignore = [
     "E111",
@@ -114,6 +115,7 @@ ignore = [
     "D206",
     "D300",
     "UP040",
+    "PLC0206",
 ]
 select = [
     "C90",

src/hexkit/correlation.py

@@ -28,13 +28,13 @@
 correlation_id_var: ContextVar[str] = ContextVar("correlation_id", default="")
 
 __all__ = [
-    "set_correlation_id",
-    "set_new_correlation_id",
+    "CorrelationIdContextError",
+    "InvalidCorrelationIdError",
     "get_correlation_id",
     "new_correlation_id",
+    "set_correlation_id",
+    "set_new_correlation_id",
     "validate_correlation_id",
-    "CorrelationIdContextError",
-    "InvalidCorrelationIdError",
 ]
 
 

src/hexkit/protocols/dao.py

@@ -35,13 +35,13 @@
 from hexkit.utils import FieldNotInModelError, validate_fields_in_model
 
 __all__ = [
-    "ResourceNotFoundError",
-    "ResourceAlreadyExistsError",
-    "FindError",
-    "MultipleHitsFoundError",
+    "DaoFactoryProtocol",
     "DaoNaturalId",
     "DaoSurrogateId",
-    "DaoFactoryProtocol",
+    "FindError",
+    "MultipleHitsFoundError",
+    "ResourceAlreadyExistsError",
+    "ResourceNotFoundError",
     "uuid4_id_generator",
 ]
 

src/hexkit/protocols/objstorage.py

@@ -22,7 +22,7 @@
 from abc import ABC, abstractmethod
 from typing import NamedTuple, Optional
 
-__all__ = ["PresignedPostURL", "ObjectStorageProtocol"]
+__all__ = ["ObjectStorageProtocol", "PresignedPostURL"]
 
 DEFAULT_URL_EXPIRATION_PERIOD = 24 * 60 * 60  # default expiration time 24 hours
 

src/hexkit/providers/akafka/__init__.py

@@ -27,8 +27,8 @@
 )
 
 __all__ = [
+    "KafkaConfig",
     "KafkaEventPublisher",
     "KafkaEventSubscriber",
-    "KafkaConfig",
     "KafkaOutboxSubscriber",
 ]

src/hexkit/providers/akafka/config.py

@@ -64,7 +64,7 @@ class KafkaConfig(BaseSettings):
         default="", description="Optional filename containing the client private key."
     )
     kafka_ssl_password: SecretStr = Field(
-        default="",
+        default="",  # type: ignore
         description="Optional password to be used for the client private key.",
     )
     generate_correlation_id: bool = Field(

src/hexkit/providers/akafka/provider/__init__.py

@@ -29,10 +29,10 @@
 )
 
 __all__ = [
+    "ConsumerEvent",
     "KafkaEventPublisher",
     "KafkaEventSubscriber",
-    "ConsumerEvent",
+    "KafkaOutboxSubscriber",
     "get_header_value",
     "headers_as_dict",
-    "KafkaOutboxSubscriber",
 ]

src/hexkit/providers/akafka/testutils.py

@@ -53,19 +53,19 @@
     "EventBase",
     "EventRecorder",
     "ExpectedEvent",
-    "RecordedEvent",
-    "ValidationError",
     "KafkaConfig",
     "KafkaContainerFixture",
     "KafkaEventPublisher",
     "KafkaFixture",
-    "get_kafka_container_fixture",
+    "RecordedEvent",
+    "ValidationError",
+    "clean_kafka_fixture",
     "get_clean_kafka_fixture",
+    "get_kafka_container_fixture",
     "get_persistent_kafka_fixture",
     "kafka_container_fixture",
-    "clean_kafka_fixture",
-    "persistent_kafka_fixture",
     "kafka_fixture",
+    "persistent_kafka_fixture",
 ]
 
 

src/hexkit/providers/mongodb/testutils.py

@@ -41,13 +41,13 @@
     "MongoDbContainerFixture",
     "MongoDbDaoFactory",
     "MongoDbFixture",
+    "clean_mongodb_fixture",
+    "get_clean_mongodb_fixture",
     "get_mongodb_container_fixture",
     "get_persistent_mongodb_fixture",
-    "get_clean_mongodb_fixture",
     "mongodb_container_fixture",
-    "clean_mongodb_fixture",
-    "persistent_mongodb_fixture",
     "mongodb_fixture",
+    "persistent_mongodb_fixture",
 ]
 
 

src/hexkit/providers/s3/testutils/__init__.py

@@ -60,35 +60,35 @@
     "MEBIBYTE",
     "TEST_FILE_DIR",
     "TEST_FILE_PATHS",
+    "FederatedS3Fixture",
     "FileObject",
     "S3ContainerFixture",
     "S3Fixture",
+    "S3MultiContainerFixture",
     "calc_md5",
+    "check_part_size",
+    "clean_federated_s3_fixture",
     "clean_s3_fixture",
+    "download_and_check_test_file",
+    "federated_s3_fixture",
+    "get_clean_federated_s3_fixture",
     "get_clean_s3_fixture",
+    "get_persistent_federated_s3_fixture",
     "get_persistent_s3_fixture",
     "get_s3_container_fixture",
+    "get_s3_multi_container_fixture",
+    "multipart_upload_file",
+    "persistent_federated_s3_fixture",
     "persistent_s3_fixture",
     "populate_storage",
     "s3_container_fixture",
     "s3_fixture",
+    "s3_multi_container_fixture",
     "temp_file_object",
     "tmp_file",
-    "upload_file",
     "typical_workflow",
-    "check_part_size",
-    "download_and_check_test_file",
-    "multipart_upload_file",
+    "upload_file",
     "upload_part",
     "upload_part_of_size",
     "upload_part_via_url",
-    "FederatedS3Fixture",
-    "S3MultiContainerFixture",
-    "clean_federated_s3_fixture",
-    "federated_s3_fixture",
-    "get_clean_federated_s3_fixture",
-    "get_s3_multi_container_fixture",
-    "get_persistent_federated_s3_fixture",
-    "s3_multi_container_fixture",
-    "persistent_federated_s3_fixture",
 ]

src/hexkit/providers/s3/testutils/_fixtures.py

@@ -46,21 +46,21 @@
     "MEBIBYTE",
     "TEST_FILE_DIR",
     "TEST_FILE_PATHS",
-    "upload_file",
-    "populate_storage",
-    "calc_md5",
     "FileObject",
     "S3ContainerFixture",
-    "get_s3_container_fixture",
-    "s3_container_fixture",
     "S3Fixture",
+    "calc_md5",
+    "clean_s3_fixture",
+    "get_clean_s3_fixture",
     "get_persistent_s3_fixture",
+    "get_s3_container_fixture",
     "persistent_s3_fixture",
-    "get_clean_s3_fixture",
-    "clean_s3_fixture",
+    "populate_storage",
+    "s3_container_fixture",
     "s3_fixture",
-    "tmp_file",
     "temp_file_object",
+    "tmp_file",
+    "upload_file",
 ]
 
 

src/hexkit/providers/testing/eventpub.py

@@ -26,7 +26,7 @@
 from hexkit.custom_types import JsonObject
 from hexkit.protocols.eventpub import EventPublisherProtocol
 
-__all__ = ["InMemEventStore", "InMemEventPublisher", "TopicExhaustedError"]
+__all__ = ["InMemEventPublisher", "InMemEventStore", "TopicExhaustedError"]
 
 
 class TopicExhaustedError(RuntimeError):

tests/unit/test_logging.py

@@ -309,8 +309,8 @@ def test_secrets_logging_config(root_logger_reset, capsys):  # noqa: F811
     class TestConfig(LoggingConfig):
         string: str = "foo"
         number: int = 42
-        secret_bytes: SecretBytes = Field(default=b"silent")
-        secret_str: SecretStr = Field(default="silent")
+        secret_bytes: SecretBytes = Field(default=b"silent")  # type: ignore
+        secret_str: SecretStr = Field(default="silent")  # type: ignore
 
     config = TestConfig(service_name="", service_instance_id="")