diff --git a/docs/changes/5.5.1.md b/docs/changes/5.5.1.md index eef1d1d3fb..5675833980 100644 --- a/docs/changes/5.5.1.md +++ b/docs/changes/5.5.1.md @@ -29,6 +29,7 @@ Release date: `2024-xx-xx` - [NXDRIVE-2970](https://jira.nuxeo.com/browse/NXDRIVE-2970): Fix security issue: urllib3's Proxy-Authorization request header isn't stripped during cross-origin redirects - [NXDRIVE-2971](https://jira.nuxeo.com/browse/NXDRIVE-2971): Fix security issue: pyca/cryptography has a vulnerable OpenSSL included in cryptography wheels - [NXDRIVE-2954](https://jira.nuxeo.com/browse/NXDRIVE-2954): [Mac] Certificate needs to be renewed +- [NXDRIVE-2976](https://hyland.atlassian.net/browse/NXDRIVE-2976): Fix security issue: Black vulnerable to Regular Expression Denial of Service (ReDoS) ## Tests @@ -42,6 +43,7 @@ Release date: `2024-xx-xx` - Upgraded `altgraph` from 0.17 to 0.17.4 - Upgraded `authlib` from 1.3.0 to 1.3.1 +- Upgraded `black` from 23.12.1 to 24.10.0 - Upgraded `boto3` from 1.34.17 to 1.35.21 - Upgraded `botocore` from 1.34.17 to 1.35.21 - Upgraded `build` from 1.2.1 to 1.2.2 diff --git a/nxdrive/__main__.py b/nxdrive/__main__.py index 0609ba2198..2c26909aa5 100644 --- a/nxdrive/__main__.py +++ b/nxdrive/__main__.py @@ -2,6 +2,7 @@ In this file we cannot use a relative import here, else Drive will not start when packaged. See https://github.com/pyinstaller/pyinstaller/issues/2560 """ + import locale import platform import signal diff --git a/nxdrive/behavior.py b/nxdrive/behavior.py index 487941eba4..1c6f0a84df 100644 --- a/nxdrive/behavior.py +++ b/nxdrive/behavior.py @@ -11,6 +11,7 @@ Allow or disallow server deletions. """ + from types import SimpleNamespace Behavior = SimpleNamespace(server_deletion=True) diff --git a/nxdrive/client/local/__init__.py b/nxdrive/client/local/__init__.py index 912d966266..86a4014bd9 100644 --- a/nxdrive/client/local/__init__.py +++ b/nxdrive/client/local/__init__.py @@ -1,4 +1,5 @@ """ API to access local resources for synchronization. """ + from .base import FileInfo, get # Get the local client related to the current OS diff --git a/nxdrive/client/uploader/__init__.py b/nxdrive/client/uploader/__init__.py index 601d90db8c..533ff59674 100644 --- a/nxdrive/client/uploader/__init__.py +++ b/nxdrive/client/uploader/__init__.py @@ -1,6 +1,7 @@ """ Uploader used by the Remote client for all upload stuff. """ + import json from abc import abstractmethod from logging import getLogger diff --git a/nxdrive/client/uploader/direct_transfer.py b/nxdrive/client/uploader/direct_transfer.py index d957af4c03..4195c772ff 100644 --- a/nxdrive/client/uploader/direct_transfer.py +++ b/nxdrive/client/uploader/direct_transfer.py @@ -1,6 +1,7 @@ """ Uploader used by the Direct Transfer feature. """ + import json from logging import getLogger from pathlib import Path diff --git a/nxdrive/client/uploader/sync.py b/nxdrive/client/uploader/sync.py index 0d1804f6c1..8a06b1b48e 100644 --- a/nxdrive/client/uploader/sync.py +++ b/nxdrive/client/uploader/sync.py @@ -1,6 +1,7 @@ """ Uploader used by the synchronization engine. """ + from pathlib import Path from typing import Any, Dict, Optional diff --git a/nxdrive/dao/base.py b/nxdrive/dao/base.py index 24bce57600..ab3462ddb4 100644 --- a/nxdrive/dao/base.py +++ b/nxdrive/dao/base.py @@ -1,6 +1,7 @@ """ Query formatting in this file is based on http://www.sqlstyle.guide/ """ + import sys from contextlib import suppress from logging import getLogger diff --git a/nxdrive/dao/engine.py b/nxdrive/dao/engine.py index 9f52a18d90..97b0ee2781 100644 --- a/nxdrive/dao/engine.py +++ b/nxdrive/dao/engine.py @@ -1,6 +1,7 @@ """ Query formatting in this file is based on http://www.sqlstyle.guide/ """ + import json import os import shutil diff --git a/nxdrive/dao/manager.py b/nxdrive/dao/manager.py index 0095b71da2..0425ff50e5 100644 --- a/nxdrive/dao/manager.py +++ b/nxdrive/dao/manager.py @@ -1,6 +1,7 @@ """ Query formatting in this file is based on http://www.sqlstyle.guide/ """ + from logging import getLogger from pathlib import Path from sqlite3 import Cursor, IntegrityError, Row diff --git a/nxdrive/engine/engine.py b/nxdrive/engine/engine.py index 4fc2478f12..8fd58da890 100644 --- a/nxdrive/engine/engine.py +++ b/nxdrive/engine/engine.py @@ -838,9 +838,7 @@ def resume_transfer( meth = ( self.dao.get_download if nature == "download" - else self.dao.get_dt_upload - if is_direct_transfer - else self.dao.get_upload + else self.dao.get_dt_upload if is_direct_transfer else self.dao.get_upload ) func = partial(meth, uid=uid) # type: ignore self._resume_transfers(nature, func, is_direct_transfer=is_direct_transfer) diff --git a/nxdrive/fatal_error.py b/nxdrive/fatal_error.py index b5771dded2..9c0d7f100b 100644 --- a/nxdrive/fatal_error.py +++ b/nxdrive/fatal_error.py @@ -1,6 +1,7 @@ """ Fatal error screen management using either Qt or OS-specific dialogs. """ + import sys from contextlib import suppress from pathlib import Path diff --git a/nxdrive/feature.py b/nxdrive/feature.py index 52ce7124b2..18ec07fe30 100644 --- a/nxdrive/feature.py +++ b/nxdrive/feature.py @@ -22,6 +22,7 @@ Enable or disable the synchronization features. """ + from types import SimpleNamespace from typing import List diff --git a/nxdrive/gui/application.py b/nxdrive/gui/application.py index eef2ac55c0..ab4d1a7c55 100644 --- a/nxdrive/gui/application.py +++ b/nxdrive/gui/application.py @@ -1,4 +1,5 @@ """ Main Qt application handling OS events and system tray UI. """ + import os import webbrowser from contextlib import suppress diff --git a/nxdrive/osi/darwin/pyNotificationCenter.py b/nxdrive/osi/darwin/pyNotificationCenter.py index 171632ed9b..8b0043acd3 100644 --- a/nxdrive/osi/darwin/pyNotificationCenter.py +++ b/nxdrive/osi/darwin/pyNotificationCenter.py @@ -1,4 +1,5 @@ """ Python integration macOS notification center. """ + from typing import TYPE_CHECKING, Dict from CoreServices import ( diff --git a/nxdrive/qt/constants.py b/nxdrive/qt/constants.py index 3aac258c2e..d81e5f42be 100644 --- a/nxdrive/qt/constants.py +++ b/nxdrive/qt/constants.py @@ -1,6 +1,7 @@ """ Put here all PyQt constants used across the project. """ + from .imports import ( QAbstractSocket, QDialogButtonBox, diff --git a/nxdrive/qt/imports.py b/nxdrive/qt/imports.py index 9187f27799..86af2e3cb8 100644 --- a/nxdrive/qt/imports.py +++ b/nxdrive/qt/imports.py @@ -1,6 +1,7 @@ """ Put here all PyQt imports used across the project. """ + from PyQt5.QtCore import ( QT_VERSION_STR, QAbstractListModel, diff --git a/nxdrive/state.py b/nxdrive/state.py index 8ea37ed349..d15ac06444 100644 --- a/nxdrive/state.py +++ b/nxdrive/state.py @@ -11,6 +11,7 @@ This state is set at the start of the application to know if it has crashed at the previous run. """ + from types import SimpleNamespace State = SimpleNamespace(about_to_quit=False, crash_details="", has_crashed=False) diff --git a/nxdrive/utils.py b/nxdrive/utils.py index 83635b8304..1894d87b10 100644 --- a/nxdrive/utils.py +++ b/nxdrive/utils.py @@ -5,6 +5,7 @@ Most of functions are pure enough to be decorated with a LRU cache. Each *maxsize* is adjusted depending of the heavy use of the decorated function. """ + import os import os.path import re diff --git a/tests/benchmarks/test_safe_filename.py b/tests/benchmarks/test_safe_filename.py index f0c10d9cf5..6ad8662573 100644 --- a/tests/benchmarks/test_safe_filename.py +++ b/tests/benchmarks/test_safe_filename.py @@ -3,6 +3,7 @@ If is not the most efficient for small ASCII-only filenames, but it is the best when there are non-ASCII characters. """ + import pytest FILENAMES = [ diff --git a/tests/cleanup.py b/tests/cleanup.py index 1e3cf95cad..087832f0b1 100644 --- a/tests/cleanup.py +++ b/tests/cleanup.py @@ -1,4 +1,5 @@ """Cleanup old test users and workspaces.""" + import env from nuxeo.client import Nuxeo diff --git a/tests/integration/windows/test_cli.py b/tests/integration/windows/test_cli.py index 5ebecfa80c..a9619fd0a7 100644 --- a/tests/integration/windows/test_cli.py +++ b/tests/integration/windows/test_cli.py @@ -108,7 +108,9 @@ def test_argument_log_filename(exe, tmp, file): assert log.is_file() -@pytest.mark.parametrize("folder", ["azerty", "$alice", "léa", "mi Kaël", "こん ツリ ^^"]) +@pytest.mark.parametrize( + "folder", ["azerty", "$alice", "léa", "mi Kaël", "こん ツリ ^^"] +) def test_argument_nxdrive_home(exe, tmp, folder): path = tmp() path.mkdir(parents=True, exist_ok=True) diff --git a/tests/markers.py b/tests/markers.py index d618ed386a..efa7ad8047 100644 --- a/tests/markers.py +++ b/tests/markers.py @@ -1,4 +1,5 @@ """Collection of pytest markers to ease test filtering.""" + import os import pytest diff --git a/tests/old_functional/common.py b/tests/old_functional/common.py index 2d6be8b238..16b2053a06 100644 --- a/tests/old_functional/common.py +++ b/tests/old_functional/common.py @@ -1,4 +1,5 @@ """ Common test utilities. """ + import os import sys import tempfile diff --git a/tests/old_functional/test_behavior.py b/tests/old_functional/test_behavior.py index 9592ffb135..8c7ab640f9 100644 --- a/tests/old_functional/test_behavior.py +++ b/tests/old_functional/test_behavior.py @@ -1,6 +1,7 @@ """ Test application Behavior. """ + from nxdrive.behavior import Behavior from .. import ensure_no_exception diff --git a/tests/old_functional/test_direct_transfer.py b/tests/old_functional/test_direct_transfer.py index 3956342358..55bb49dd20 100644 --- a/tests/old_functional/test_direct_transfer.py +++ b/tests/old_functional/test_direct_transfer.py @@ -1,6 +1,7 @@ """ Test the Direct Transfer feature in different scenarii. """ + import logging import re from pathlib import Path diff --git a/tests/old_functional/test_local_changes_when_offline.py b/tests/old_functional/test_local_changes_when_offline.py index 1b3923834f..e26c7938b7 100644 --- a/tests/old_functional/test_local_changes_when_offline.py +++ b/tests/old_functional/test_local_changes_when_offline.py @@ -2,6 +2,7 @@ Test if changes made to local file system when Drive is offline sync's back later when Drive becomes online. """ + import pytest from nxdrive.constants import WINDOWS diff --git a/tests/old_functional/test_local_client.py b/tests/old_functional/test_local_client.py index 175c4103df..98f474a906 100644 --- a/tests/old_functional/test_local_client.py +++ b/tests/old_functional/test_local_client.py @@ -4,6 +4,7 @@ See NXDRIVE-742. """ + import hashlib import os from pathlib import Path diff --git a/tests/old_functional/test_synchronization_dedup.py b/tests/old_functional/test_synchronization_dedup.py index d4c2979e8b..6cdff02a54 100644 --- a/tests/old_functional/test_synchronization_dedup.py +++ b/tests/old_functional/test_synchronization_dedup.py @@ -1,6 +1,7 @@ """ Test behaviors when the server allows duplicates and not the client. """ + from pathlib import Path import pytest diff --git a/tests/old_functional/test_transfer.py b/tests/old_functional/test_transfer.py index 6ac830a9b7..72e85b20eb 100644 --- a/tests/old_functional/test_transfer.py +++ b/tests/old_functional/test_transfer.py @@ -1,6 +1,7 @@ """ Test pause/resume transfers in different scenarii. """ + import re from unittest.mock import patch diff --git a/tests/unit/test_autolock.py b/tests/unit/test_autolock.py index 3e9d240403..b2a8975876 100644 --- a/tests/unit/test_autolock.py +++ b/tests/unit/test_autolock.py @@ -1,6 +1,7 @@ """ Test the Auto-Lock feature used heavily by Direct Edit. """ + from pathlib import Path from typing import List, Tuple from unittest.mock import Mock, patch diff --git a/tests/unit/test_pytest_random.py b/tests/unit/test_pytest_random.py index 6112825756..1ee6010938 100644 --- a/tests/unit/test_pytest_random.py +++ b/tests/unit/test_pytest_random.py @@ -2,6 +2,7 @@ Tests for pytests_random: a pytest plugin to mitigate random failures. Adapted from github.com/pytest-dev/pytest-rerunfailures """ + import pytest pytest_plugins = "pytester" diff --git a/tools/cleanup_application_tree.py b/tools/cleanup_application_tree.py index 66e2fd0c08..8945094b19 100644 --- a/tools/cleanup_application_tree.py +++ b/tools/cleanup_application_tree.py @@ -2,6 +2,7 @@ Remove files from the package that are not needed and too big. This script can be launched after PyInstaller and before installers creation. """ + import os import shutil import sys diff --git a/tools/deps/requirements-tests.txt b/tools/deps/requirements-tests.txt index c25f3c3355..4709049806 100644 --- a/tools/deps/requirements-tests.txt +++ b/tools/deps/requirements-tests.txt @@ -15,29 +15,29 @@ attrs==23.2.0 \ --hash=sha256:935dc3b529c262f6cf76e50877d35a4bd3c1de194fd41f47a2b7ae8f19971f30 \ --hash=sha256:99b87a485a5820b23b879f04c2305b44b951b502fd64be915879d77a7e8fc6f1 # via pytest -black==23.12.1 \ - --hash=sha256:0808494f2b2df923ffc5723ed3c7b096bd76341f6213989759287611e9837d50 \ - --hash=sha256:1fa88a0f74e50e4487477bc0bb900c6781dbddfdfa32691e780bf854c3b4a47f \ - --hash=sha256:25e57fd232a6d6ff3f4478a6fd0580838e47c93c83eaf1ccc92d4faf27112c4e \ - --hash=sha256:2d9e13db441c509a3763a7a3d9a49ccc1b4e974a47be4e08ade2a228876500ec \ - --hash=sha256:3e1b38b3135fd4c025c28c55ddfc236b05af657828a8a6abe5deec419a0b7055 \ - --hash=sha256:3fa4be75ef2a6b96ea8d92b1587dd8cb3a35c7e3d51f0738ced0781c3aa3a5a3 \ - --hash=sha256:4ce3ef14ebe8d9509188014d96af1c456a910d5b5cbf434a09fef7e024b3d0d5 \ - --hash=sha256:4f0031eaa7b921db76decd73636ef3a12c942ed367d8c3841a0739412b260a54 \ - --hash=sha256:602cfb1196dc692424c70b6507593a2b29aac0547c1be9a1d1365f0d964c353b \ - --hash=sha256:6d1bd9c210f8b109b1762ec9fd36592fdd528485aadb3f5849b2740ef17e674e \ - --hash=sha256:78baad24af0f033958cad29731e27363183e140962595def56423e626f4bee3e \ - --hash=sha256:8d4df77958a622f9b5a4c96edb4b8c0034f8434032ab11077ec6c56ae9f384ba \ - --hash=sha256:97e56155c6b737854e60a9ab1c598ff2533d57e7506d97af5481141671abf3ea \ - --hash=sha256:9c4352800f14be5b4864016882cdba10755bd50805c95f728011bcb47a4afd59 \ - --hash=sha256:a4d6a9668e45ad99d2f8ec70d5c8c04ef4f32f648ef39048d010b0689832ec6d \ - --hash=sha256:a920b569dc6b3472513ba6ddea21f440d4b4c699494d2e972a1753cdc25df7b0 \ - --hash=sha256:ae76c22bde5cbb6bfd211ec343ded2163bba7883c7bc77f6b756a1049436fbb9 \ - --hash=sha256:b18fb2ae6c4bb63eebe5be6bd869ba2f14fd0259bda7d18a46b764d8fb86298a \ - --hash=sha256:c04b6d9d20e9c13f43eee8ea87d44156b8505ca8a3c878773f68b4e4812a421e \ - --hash=sha256:c88b3711d12905b74206227109272673edce0cb29f27e1385f33b0163c414bba \ - --hash=sha256:dd15245c8b68fe2b6bd0f32c1556509d11bb33aec9b5d0866dd8e2ed3dba09c2 \ - --hash=sha256:e0aaf6041986767a5e0ce663c7a2f0e9eaf21e6ff87a5f95cbf3675bfd4c41d2 +black==24.10.0 \ + --hash=sha256:14b3502784f09ce2443830e3133dacf2c0110d45191ed470ecb04d0f5f6fcb0f \ + --hash=sha256:17374989640fbca88b6a448129cd1745c5eb8d9547b464f281b251dd00155ccd \ + --hash=sha256:1c536fcf674217e87b8cc3657b81809d3c085d7bf3ef262ead700da345bfa6ea \ + --hash=sha256:1cbacacb19e922a1d75ef2b6ccaefcd6e93a2c05ede32f06a21386a04cedb981 \ + --hash=sha256:1f93102e0c5bb3907451063e08b9876dbeac810e7da5a8bfb7aeb5a9ef89066b \ + --hash=sha256:2cd9c95431d94adc56600710f8813ee27eea544dd118d45896bb734e9d7a0dc7 \ + --hash=sha256:30d2c30dc5139211dda799758559d1b049f7f14c580c409d6ad925b74a4208a8 \ + --hash=sha256:394d4ddc64782e51153eadcaaca95144ac4c35e27ef9b0a42e121ae7e57a9175 \ + --hash=sha256:3bb2b7a1f7b685f85b11fed1ef10f8a9148bceb49853e47a294a3dd963c1dd7d \ + --hash=sha256:4007b1393d902b48b36958a216c20c4482f601569d19ed1df294a496eb366392 \ + --hash=sha256:5a2221696a8224e335c28816a9d331a6c2ae15a2ee34ec857dcf3e45dbfa99ad \ + --hash=sha256:63f626344343083322233f175aaf372d326de8436f5928c042639a4afbbf1d3f \ + --hash=sha256:649fff99a20bd06c6f727d2a27f401331dc0cc861fb69cde910fe95b01b5928f \ + --hash=sha256:680359d932801c76d2e9c9068d05c6b107f2584b2a5b88831c83962eb9984c1b \ + --hash=sha256:846ea64c97afe3bc677b761787993be4991810ecc7a4a937816dd6bddedc4875 \ + --hash=sha256:b5e39e0fae001df40f95bd8cc36b9165c5e2ea88900167bddf258bacef9bbdc3 \ + --hash=sha256:ccfa1d0cb6200857f1923b602f978386a3a2758a65b52e0950299ea014be6800 \ + --hash=sha256:d37d422772111794b26757c5b55a3eade028aa3fde43121ab7b673d050949d65 \ + --hash=sha256:ddacb691cdcdf77b96f549cf9591701d8db36b2f19519373d60d31746068dbf2 \ + --hash=sha256:e6668650ea4b685440857138e5fe40cde4d652633b1bdffc62933d0db4ed9812 \ + --hash=sha256:f9da3333530dbcecc1be13e69c250ed8dfa67f43c4005fb537bb426e19200d50 \ + --hash=sha256:fe4d6476887de70546212c99ac9bd803d90b42fc4767f058a0baa895013fbb3e click==8.1.7 \ --hash=sha256:ae74fb96c20a0277a1d615f1e4d73c8414f5a98db8b799a7931d1582f3390c28 \ --hash=sha256:ca9853ad459e787e2192211578cc907e7594e294c7ccc834310722b41b9ca6de diff --git a/tools/jenkins/junit/merge.py b/tools/jenkins/junit/merge.py index 6680a43ee5..066d21e022 100644 --- a/tools/jenkins/junit/merge.py +++ b/tools/jenkins/junit/merge.py @@ -19,6 +19,7 @@ Léa Klein Mickaël Schoentgen """ + import os import sys from pathlib import Path diff --git a/tools/scripts/csv_to_log.py b/tools/scripts/csv_to_log.py index 9ed52b29f6..c358a4aa83 100644 --- a/tools/scripts/csv_to_log.py +++ b/tools/scripts/csv_to_log.py @@ -2,6 +2,7 @@ Convert a CSV "log" file to a real log file. Such files are ones attached to NCO tickets. """ + import csv import sys from pathlib import Path