Started by upstream project "buildall-stage_2-merge-v15" build number 139 originally caused by: Started by timer > git rev-parse --is-inside-work-tree # timeout=10 Setting origin to https://osm.etsi.org/gerrit/osm/PLA.git > git config remote.origin.url https://osm.etsi.org/gerrit/osm/PLA.git # timeout=10 Fetching origin... Fetching upstream changes from origin > git --version # timeout=10 > git config --get remote.origin.url # timeout=10 > git fetch --tags --progress origin +refs/heads/*:refs/remotes/origin/* Seen branch in repository origin/bug1511 Seen branch in repository origin/hackfest Seen branch in repository origin/master Seen branch in repository origin/ng-ro-refactor Seen branch in repository origin/paas Seen branch in repository origin/sol006v331 Seen branch in repository origin/v10.0 Seen branch in repository origin/v11.0 Seen branch in repository origin/v12.0 Seen branch in repository origin/v13.0 Seen branch in repository origin/v14.0 Seen branch in repository origin/v15.0 Seen branch in repository origin/v8.0 Seen branch in repository origin/v9.0 Seen 14 remote branches Obtained Jenkinsfile from 5fa7d6b3638b309669be7295535dd171e8615acb Running in Durability level: MAX_SURVIVABILITY [Pipeline] properties [Pipeline] node Still waiting to schedule task Waiting for next available executor on ‘stage_2’ Running on osm-cicd-3 in /home/jenkins/workspace/PLA-stage_2-merge_v15.0 [Pipeline] { [Pipeline] checkout No credentials specified > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://osm.etsi.org/gerrit/osm/PLA.git # timeout=10 Fetching without tags Fetching upstream changes from https://osm.etsi.org/gerrit/osm/PLA.git > git --version # timeout=10 > git fetch --no-tags --force --progress https://osm.etsi.org/gerrit/osm/PLA.git +refs/heads/*:refs/remotes/origin/* Checking out Revision 5fa7d6b3638b309669be7295535dd171e8615acb (v15.0) > git config core.sparsecheckout # timeout=10 > git checkout -f 5fa7d6b3638b309669be7295535dd171e8615acb Commit message: "Update requirements-dev to use v15 for osm-common and osm-im" > git rev-list --no-walk 5fa7d6b3638b309669be7295535dd171e8615acb # timeout=10 [Pipeline] dir Running in /home/jenkins/workspace/PLA-stage_2-merge_v15.0/devops [Pipeline] { [Pipeline] git No credentials specified > git rev-parse --is-inside-work-tree # timeout=10 Fetching changes from the remote Git repository > git config remote.origin.url https://osm.etsi.org/gerrit/osm/devops # timeout=10 Fetching upstream changes from https://osm.etsi.org/gerrit/osm/devops > git --version # timeout=10 > git fetch --tags --force --progress https://osm.etsi.org/gerrit/osm/devops +refs/heads/*:refs/remotes/origin/* > git rev-parse refs/remotes/origin/v15.0^{commit} # timeout=10 > git rev-parse refs/remotes/origin/origin/v15.0^{commit} # timeout=10 Checking out Revision a86f6292dfff3284c1186212bf2cddc48eefbaf0 (refs/remotes/origin/v15.0) > git config core.sparsecheckout # timeout=10 > git checkout -f a86f6292dfff3284c1186212bf2cddc48eefbaf0 > git branch -a -v --no-abbrev # timeout=10 > git branch -D v15.0 # timeout=10 > git checkout -b v15.0 a86f6292dfff3284c1186212bf2cddc48eefbaf0 Commit message: "fix VIM monitoring bug 2354" > git rev-list --no-walk a86f6292dfff3284c1186212bf2cddc48eefbaf0 # timeout=10 [Pipeline] } [Pipeline] // dir [Pipeline] load [Pipeline] { (devops/jenkins/ci-pipelines/ci_stage_2.groovy) [Pipeline] } [Pipeline] // load [Pipeline] echo do_stage_3= false [Pipeline] load [Pipeline] { (devops/jenkins/ci-pipelines/ci_helper.groovy) [Pipeline] } [Pipeline] // load [Pipeline] stage [Pipeline] { (Prepare) [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + env JENKINS_HOME=/var/lib/jenkins SSH_CLIENT=212.234.161.1 32791 22 USER=jenkins RUN_CHANGES_DISPLAY_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/142/display/redirect?page=changes GERRIT_PROJECT=osm/PLA XDG_SESSION_TYPE=tty SHLVL=0 NODE_LABELS=osm-cicd-3 osm3 stage_2 HUDSON_URL=https://osm.etsi.org/jenkins/ MOTD_SHOWN=pam OLDPWD=/home/jenkins HOME=/home/jenkins BUILD_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/142/ HUDSON_COOKIE=13334557-e8e3-4758-8f81-5f7219c0724c JENKINS_SERVER_COOKIE=durable-f28291931b12055d32405ded59d81552 DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1001/bus GERRIT_PATCHSET_REVISION=5fa7d6b3638b309669be7295535dd171e8615acb WORKSPACE=/home/jenkins/workspace/PLA-stage_2-merge_v15.0 LOGNAME=jenkins NODE_NAME=osm-cicd-3 GERRIT_BRANCH=v15.0 _=/usr/bin/java RUN_ARTIFACTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/142/display/redirect?page=artifacts XDG_SESSION_CLASS=user EXECUTOR_NUMBER=1 XDG_SESSION_ID=2057 RUN_TESTS_DISPLAY_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/142/display/redirect?page=tests BUILD_DISPLAY_NAME=#142 PROJECT_URL_PREFIX=https://osm.etsi.org/gerrit HUDSON_HOME=/var/lib/jenkins JOB_BASE_NAME=v15.0 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin BUILD_ID=142 XDG_RUNTIME_DIR=/run/user/1001 BUILD_TAG=jenkins-PLA-stage_2-merge-v15.0-142 JENKINS_URL=https://osm.etsi.org/jenkins/ LANG=C.UTF-8 JOB_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/ BUILD_NUMBER=142 SHELL=/bin/bash RUN_DISPLAY_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/142/display/redirect ARTIFACTORY_SERVER=artifactory-osm GERRIT_REFSPEC=refs/changes/35/14135/1 HUDSON_SERVER_COOKIE=6d3295a483c3e6d5 JOB_DISPLAY_URL=https://osm.etsi.org/jenkins/job/PLA-stage_2-merge/job/v15.0/display/redirect JOB_NAME=PLA-stage_2-merge/v15.0 TEST_INSTALL=false PWD=/home/jenkins/workspace/PLA-stage_2-merge_v15.0 SSH_CONNECTION=212.234.161.1 32791 172.21.249.3 22 BRANCH_NAME=v15.0 [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Checkout) [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + git fetch --tags [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + git fetch origin refs/changes/35/14135/1 From https://osm.etsi.org/gerrit/osm/PLA * branch refs/changes/35/14135/1 -> FETCH_HEAD [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + git checkout -f 5fa7d6b3638b309669be7295535dd171e8615acb HEAD is now at 5fa7d6b Update requirements-dev to use v15 for osm-common and osm-im [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + sudo git clean -dfx [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (License Scan) [Pipeline] echo skip the scan for merge [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Release Note Check) [Pipeline] fileExists [Pipeline] echo No releasenote check present [Pipeline] } [Pipeline] // stage [Pipeline] stage [Pipeline] { (Docker-Build) [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + docker build --build-arg APT_PROXY=http://172.21.1.1:3142 -t osm/pla-v15.0 . Sending build context to Docker daemon 151.6MB Step 1/11 : FROM ubuntu:22.04 ---> 437ec753bef3 Step 2/11 : ARG APT_PROXY ---> Using cache ---> a60ee3f27dee Step 3/11 : RUN if [ ! -z $APT_PROXY ] ; then echo "Acquire::http::Proxy \"$APT_PROXY\";" > /etc/apt/apt.conf.d/proxy.conf ; echo "Acquire::https::Proxy \"$APT_PROXY\";" >> /etc/apt/apt.conf.d/proxy.conf ; fi ---> Using cache ---> 039a05e77321 Step 4/11 : RUN DEBIAN_FRONTEND=noninteractive apt-get update && DEBIAN_FRONTEND=noninteractive apt-get -y install debhelper dh-python git python3 python3-all python3-dev python3-setuptools python3-pip tox ---> Using cache ---> 168d6ec8a9d4 Step 5/11 : ENV LC_ALL C.UTF-8 ---> Using cache ---> 6a1c73e0e30c Step 6/11 : ENV LANG C.UTF-8 ---> Using cache ---> ca1ed3244786 Step 7/11 : ADD https://github.com/MiniZinc/MiniZincIDE/releases/download/2.4.2/MiniZincIDE-2.4.2-bundle-linux-x86_64.tgz /minizinc.tgz ---> Using cache ---> 36e36e18abdc Step 8/11 : RUN tar -zxf /minizinc.tgz && mv /MiniZincIDE-2.4.2-bundle-linux /minizinc ---> Using cache ---> 8b82bbb705ee Step 9/11 : RUN mkdir /entry_data && mkdir /entry_data/mzn-lib && ln -s /entry_data/mzn-lib /minizinc/share/minizinc/exec ---> Using cache ---> 58c71388e8ba Step 10/11 : ENV FZNEXEC "/entry_data/fzn-exec" ---> Using cache ---> e53a0f337ed3 Step 11/11 : ENV PATH "/minizinc/bin:${PATH}" ---> Using cache ---> 7b7b7596573d Successfully built 7b7b7596573d Successfully tagged osm/pla-v15.0:latest [Pipeline] } [Pipeline] // stage [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + id -u [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + id -g [Pipeline] withDockerContainer osm-cicd-3 does not seem to be running inside a container $ docker run -t -d -u 1001:1001 -u root -w /home/jenkins/workspace/PLA-stage_2-merge_v15.0 -v /home/jenkins/workspace/PLA-stage_2-merge_v15.0:/home/jenkins/workspace/PLA-stage_2-merge_v15.0:rw,z -v /home/jenkins/workspace/PLA-stage_2-merge_v15.0@tmp:/home/jenkins/workspace/PLA-stage_2-merge_v15.0@tmp:rw,z -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** -e ******** --entrypoint cat osm/pla-v15.0 [Pipeline] { [Pipeline] stage [Pipeline] { (Test) [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + groupadd -o -g 1001 -r jenkins [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + pwd + useradd -o -u 1001 -d /home/jenkins/workspace/PLA-stage_2-merge_v15.0 -r -g jenkins jenkins [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + echo #! /bin/sh [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + chmod 755 /usr/bin/mesg [Pipeline] sh [PLA-stage_2-merge_v15.0] Running shell script + runuser jenkins -c devops-stages/stage-test.sh Launching tox ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/flake8/log/flake8-0.log ================================== log start =================================== flake8 create: /tmp/.tox/flake8 flake8 installdeps: flake8 flake8 develop-inst: /home/jenkins/workspace/PLA-stage_2-merge_v15.0 ERROR: invocation failed (exit code 1), logfile: /tmp/.tox/flake8/log/flake8-3.log ================================== log start =================================== Obtaining file:///home/jenkins/workspace/PLA-stage_2-merge_v15.0 Preparing metadata (setup.py): started Preparing metadata (setup.py): finished with status 'error' error: subprocess-exited-with-error × python setup.py egg_info did not run successfully. │ exit code: 1 ╰─> [34 lines of output] /tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py:723: UserWarning: Usage of dash-separated 'description-file' will not be supported in future versions. Please use the underscore name 'description_file' instead warnings.warn( /tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py:723: UserWarning: Usage of dash-separated 'home-page' will not be supported in future versions. Please use the underscore name 'home_page' instead warnings.warn( /tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/installer.py:27: SetuptoolsDeprecationWarning: setuptools.installer is deprecated. Requirements should be satisfied by a PEP 517 installer. warnings.warn( Traceback (most recent call last): File "", line 2, in File "", line 34, in File "/home/jenkins/workspace/PLA-stage_2-merge_v15.0/setup.py", line 34, in setup( File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/__init__.py", line 152, in setup _install_setup_requires(attrs) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/__init__.py", line 147, in _install_setup_requires dist.fetch_build_eggs(dist.setup_requires) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py", line 812, in fetch_build_eggs resolved_dists = pkg_resources.working_set.resolve( File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 771, in resolve dist = best[req.key] = env.best_match( File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 1056, in best_match return self.obtain(req, installer) File "/tmp/.tox/flake8/lib/python3.10/site-packages/pkg_resources/__init__.py", line 1068, in obtain return installer(requirement) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/dist.py", line 883, in fetch_build_egg return fetch_build_egg(self, req) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/installer.py", line 87, in fetch_build_egg wheel.install_as_egg(dist_location) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 95, in install_as_egg self._install_as_egg(destination_eggdir, zf) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 103, in _install_as_egg self._convert_metadata(zf, destination_eggdir, dist_info, egg_info) File "/tmp/.tox/flake8/lib/python3.10/site-packages/setuptools/wheel.py", line 124, in _convert_metadata os.mkdir(destination_eggdir) FileExistsError: [Errno 17] File exists: '/home/jenkins/workspace/PLA-stage_2-merge_v15.0/.eggs/setuptools_version_command-99.9-py3.10.egg' [end of output] note: This error originates from a subprocess, and is likely not a problem with pip. error: metadata-generation-failed × Encountered error while generating package metadata. ╰─> See above for output. note: This is an issue with the package mentioned above, not pip. hint: See above for details. =================================== log end ==================================== =================================== log end ==================================== ✖ FAIL flake8 in 14.315 seconds ✔ OK black in 17.235 seconds black create: /tmp/.tox/black black installdeps: black black installed: black==24.4.2,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.1,tomli==2.0.1,typing_extensions==4.11.0 black run-test-pre: PYTHONHASHSEED='1161850894' black run-test: commands[0] | black --check --diff osm_pla/ All done! ✨ 🍰 ✨ 13 files would be left unchanged. ✔ OK cover in 1 minute, 1.003 seconds cover create: /tmp/.tox/cover cover installdeps: -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements.txt, -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements-dev.txt, -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements-test.txt cover develop-inst: /home/jenkins/workspace/PLA-stage_2-merge_v15.0 cover installed: aiokafka==0.8.1,async-timeout==4.0.3,coverage==7.3.1,dataclasses==0.6,dnspython==2.4.2,Jinja2==3.1.2,kafka-python==2.0.2,MarkupSafe==2.1.3,mock==5.1.0,motor==3.3.1,nose2==0.13.0,osm-common @ git+https://osm.etsi.org/gerrit/osm/common.git@261e46f7125c8ebe473ee780654ffe42245d4c8d,-e git+https://osm.etsi.org/gerrit/osm/PLA.git@5fa7d6b3638b309669be7295535dd171e8615acb#egg=osm_pla,packaging==23.1,pycryptodome==3.19.0,pymongo==4.5.0,pymzn==0.18.3,PyYAML==6.0.1 cover run-test-pre: PYTHONHASHSEED='2058890470' cover run-test: commands[0] | sh -c 'rm -f nosetests.xml' cover run-test: commands[1] | coverage erase cover run-test: commands[2] | nose2 -C --coverage osm_pla .......ERROR:pla.server:PLA fault. Exception: kaboom! Traceback (most recent call last): File "/home/jenkins/workspace/PLA-stage_2-merge_v15.0/osm_pla/server/server.py", line 200, in get_placement nsd = self._get_nsd(nslcmop["operationParams"]["nsdId"]) File "/usr/lib/python3.10/unittest/mock.py", line 1114, in __call__ return self._mock_call(*args, **kwargs) File "/usr/lib/python3.10/unittest/mock.py", line 1118, in _mock_call return self._execute_mock_call(*args, **kwargs) File "/usr/lib/python3.10/unittest/mock.py", line 1173, in _execute_mock_call raise effect RuntimeError: kaboom! .......................................................................... ---------------------------------------------------------------------- Ran 81 tests in 11.733s OK Name Stmts Miss Cover ----------------------------------------------------------------- osm_pla/__init__.py 0 0 100% osm_pla/cmd/__init__.py 0 0 100% osm_pla/cmd/pla_server.py 23 23 0% osm_pla/config/config.py 39 21 46% osm_pla/placement/__init__.py 0 0 100% osm_pla/placement/mznplacement.py 135 1 99% osm_pla/server/server.py 129 26 80% osm_pla/test/__init__.py 0 0 100% osm_pla/test/test_mznModelGenerator.py 134 3 98% osm_pla/test/test_mznPlacementConductor.py 31 0 100% osm_pla/test/test_mznmodels.py 269 24 91% osm_pla/test/test_nsPlacementDataFactory.py 262 3 99% osm_pla/test/test_server.py 200 9 96% ----------------------------------------------------------------- TOTAL 1222 110 91% cover run-test: commands[3] | coverage report '--omit=*tests*' Name Stmts Miss Cover ----------------------------------------------------------------- osm_pla/__init__.py 0 0 100% osm_pla/cmd/__init__.py 0 0 100% osm_pla/cmd/pla_server.py 23 23 0% osm_pla/config/config.py 39 21 46% osm_pla/placement/__init__.py 0 0 100% osm_pla/placement/mznplacement.py 135 1 99% osm_pla/server/server.py 129 26 80% osm_pla/test/__init__.py 0 0 100% osm_pla/test/test_mznModelGenerator.py 134 3 98% osm_pla/test/test_mznPlacementConductor.py 31 0 100% osm_pla/test/test_mznmodels.py 269 24 91% osm_pla/test/test_nsPlacementDataFactory.py 262 3 99% osm_pla/test/test_server.py 200 9 96% ----------------------------------------------------------------- TOTAL 1222 110 91% cover run-test: commands[4] | coverage html -d ./cover '--omit=*tests*' Wrote HTML report to ./cover/index.html cover run-test: commands[5] | coverage xml -o coverage.xml '--omit=*tests*' Wrote XML report to coverage.xml ✔ OK safety in 1 minute, 2.366 seconds safety create: /tmp/.tox/safety safety installdeps: -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements.txt, safety safety develop-inst: /home/jenkins/workspace/PLA-stage_2-merge_v15.0 safety installed: annotated-types==0.6.0,Authlib==1.3.0,certifi==2024.2.2,cffi==1.16.0,charset-normalizer==3.3.2,click==8.1.7,cryptography==42.0.5,dparse==0.6.4b0,idna==3.7,Jinja2==3.1.2,markdown-it-py==3.0.0,MarkupSafe==2.1.3,marshmallow==3.21.1,mdurl==0.1.2,-e git+https://osm.etsi.org/gerrit/osm/PLA.git@5fa7d6b3638b309669be7295535dd171e8615acb#egg=osm_pla,packaging==24.0,pycparser==2.22,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.17.2,pymzn==0.18.3,PyYAML==6.0.1,requests==2.31.0,rich==13.7.1,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.1.0,safety-schemas==0.0.2,shellingham==1.5.4,tomli==2.0.1,typer==0.12.3,typing_extensions==4.11.0,urllib3==2.2.1 safety run-test-pre: PYTHONHASHSEED='434707156' safety run-test: commands[0] | - safety check --full-report +==============================================================================+ /$$$$$$ /$$ /$$__ $$ | $$ /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ /$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$ | $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$ \____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$ /$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$ |_______/ \_______/|__/ \_______/ \___/ \____ $$ /$$ | $$ | $$$$$$/ by safetycli.com \______/ +==============================================================================+ REPORT  Safety is using PyUp's free open-source vulnerability database. This data is 30 days old and limited.   For real-time enhanced vulnerability data, fix recommendations, severity reporting, cybersecurity support, team and project policy management and more sign up at https://pyup.io or email sales@pyup.io Safety v3.1.0 is scanning for Vulnerabilities...  Scanning dependencies in your environment: -> /usr/lib/python3.10/lib-dynload -> /tmp/.tox/safety/lib/python3.10/site-packages -> /home/jenkins/workspace/PLA-stage_2-merge_v15.0 -> /usr/lib/python3.10 -> /usr/lib/python310.zip -> /tmp/.tox/safety/bin Using open-source vulnerability database  Found and scanned 36 packages Timestamp 2024-04-28 10:14:06  3 vulnerabilities reported  0 vulnerabilities ignored +==============================================================================+ VULNERABILITIES REPORTED +==============================================================================+ -> Vulnerability found in wheel version 0.37.1  Vulnerability ID: 51499  Affected spec: <0.38.1  ADVISORY: Wheel 0.38.1 includes a fix for CVE-2022-40898: An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos- vulnerabilities-in-top-python-packages  CVE-2022-40898  For more information about this vulnerability, visit https://data.safetycli.com/v/51499/97c To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in pip version 22.0.2  Vulnerability ID: 62044  Affected spec: <23.3  ADVISORY: Affected versions of Pip are vulnerable to Command Injection. When installing a package from a Mercurial VCS URL (ie "pip install hg+...") with pip prior to v23.3, the specified Mercurial revision could be used to inject arbitrary configuration options to the "hg clone" call (ie "--config"). Controlling the Mercurial configuration can modify how and which repository is installed. This vulnerability does not affect users who aren't installing from Mercurial.  CVE-2023-5752  For more information about this vulnerability, visit https://data.safetycli.com/v/62044/97c To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s ignore command-line argument or add the ignore to your safety policy file. -> Vulnerability found in jinja2 version 3.1.2  Vulnerability ID: 64227  Affected spec: <3.1.3  ADVISORY: Jinja2 before 3.1.3 is affected by a Cross-Site Scripting vulnerability. Special placeholders in the template allow writing code similar to Python syntax. It is possible to inject arbitrary HTML attributes into the rendered HTML template. The Jinja 'xmlattr' filter can be abused to inject arbitrary HTML attribute keys and values, bypassing the auto escaping mechanism and potentially leading to XSS. It may also be possible to bypass attribute validation checks if they are blacklist-based.  CVE-2024-22195  For more information about this vulnerability, visit https://data.safetycli.com/v/64227/97c To ignore this vulnerability, use PyUp vulnerability id 64227 in safety’s ignore command-line argument or add the ignore to your safety policy file. +==============================================================================+ REMEDIATIONS 3 vulnerabilities were reported in 3 packages. For detailed remediation & fix recommendations, upgrade to a commercial license. +==============================================================================+ Scan was completed. 3 vulnerabilities were reported. +==============================================================================+  Safety is using PyUp's free open-source vulnerability database. This data is 30 days old and limited.   For real-time enhanced vulnerability data, fix recommendations, severity reporting, cybersecurity support, team and project policy management and more sign up at https://pyup.io or email sales@pyup.io +==============================================================================+ ✔ OK pylint in 1 minute, 7.066 seconds pylint create: /tmp/.tox/pylint pylint installdeps: -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements.txt, -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements-dev.txt, -r/home/jenkins/workspace/PLA-stage_2-merge_v15.0/requirements-test.txt, pylint pylint develop-inst: /home/jenkins/workspace/PLA-stage_2-merge_v15.0 pylint installed: aiokafka==0.8.1,astroid==3.1.0,async-timeout==4.0.3,coverage==7.3.1,dataclasses==0.6,dill==0.3.8,dnspython==2.4.2,isort==5.13.2,Jinja2==3.1.2,kafka-python==2.0.2,MarkupSafe==2.1.3,mccabe==0.7.0,mock==5.1.0,motor==3.3.1,nose2==0.13.0,osm-common @ git+https://osm.etsi.org/gerrit/osm/common.git@261e46f7125c8ebe473ee780654ffe42245d4c8d,-e git+https://osm.etsi.org/gerrit/osm/PLA.git@5fa7d6b3638b309669be7295535dd171e8615acb#egg=osm_pla,packaging==23.1,platformdirs==4.2.1,pycryptodome==3.19.0,pylint==3.1.0,pymongo==4.5.0,pymzn==0.18.3,PyYAML==6.0.1,tomli==2.0.1,tomlkit==0.12.4,typing_extensions==4.11.0 pylint run-test-pre: PYTHONHASHSEED='4270998872' pylint run-test: commands[0] | pylint -E osm_pla ___________________________________ summary ____________________________________ black: commands succeeded cover: commands succeeded ERROR: flake8: parallel child exit code 1 pylint: commands succeeded safety: commands succeeded [Pipeline] } [Pipeline] // stage [Pipeline] } $ docker stop --time=1 b9c81291e5cf6a27b0c0f14922f63a7ca7f18218010ad923de0b1087065c1007 $ docker rm -f b9c81291e5cf6a27b0c0f14922f63a7ca7f18218010ad923de0b1087065c1007 [Pipeline] // withDockerContainer [Pipeline] } [Pipeline] // node [Pipeline] End of Pipeline ERROR: script returned exit code 1 Finished: FAILURE