[common-stage_2-merge_master] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
✔ OK black in 9.768 seconds
black create: /tmp/.tox/black
black installdeps: black==23.12.1
black installed: black==23.12.1,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.1,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='2053461944'
black run-test: commands[0] | black --check --diff osm_common/
All done! ✨ 🍰 ✨
25 files would be left unchanged.
black run-test: commands[1] | black --check --diff setup.py
All done! ✨ 🍰 ✨
1 file would be left unchanged.
✔ OK flake8 in 13.204 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8==6.0.0, flake8-import-order
flake8 develop-inst: /home/jenkins/workspace/common-stage_2-merge_master
flake8 installed: flake8==6.0.0,flake8-import-order==0.18.2,mccabe==0.7.0,-e git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd#egg=osm_common,pycodestyle==2.10.0,pyflakes==3.0.1
flake8 run-test-pre: PYTHONHASHSEED='1982254760'
flake8 run-test: commands[0] | flake8 osm_common/ setup.py
✔ OK cover in 22.332 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/common-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/common-stage_2-merge_master/requirements-test.txt
cover develop-inst: /home/jenkins/workspace/common-stage_2-merge_master
cover installed: aiokafka==0.8.1,async-timeout==4.0.3,coverage==7.3.1,dataclasses==0.6,dnspython==2.4.2,exceptiongroup==1.1.3,iniconfig==2.0.0,kafka-python==2.0.2,motor==3.3.1,nose2==0.13.0,-e git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd#egg=osm_common,packaging==23.1,pluggy==1.3.0,pycryptodome==3.19.0,pymongo==4.5.0,pytest==7.4.2,PyYAML==6.0.1,tomli==2.0.1
cover run-test-pre: PYTHONHASHSEED='4073737747'
cover run-test: commands[0] | sh -c 'rm -f nosetests.xml'
cover run-test: commands[1] | coverage erase
cover run-test: commands[2] | nose2 -C --coverage osm_common -s osm_common/tests
.....ERROR:db:database exception Cannot set 'a.6', index too large '6' occured while updating DB.
ERROR:db:database exception Cannot set 'd.b.c', not existing 'b' occured while updating DB.
...ERROR:db:database exception Cannot set 'd.b.c', not existing 'b' occured while updating DB.
ERROR:db:'b' occured while updating DB.
ERROR:db:database exception Cannot set 'a.6', index too large '6' occured while updating DB.
...tmp/example_tar/
tmp/example_tar/directory/
tmp/example_tar/directory/file
tmp/example_tar/symlinks/
tmp/example_tar/symlinks/file_link
tmp/example_tar/symlinks/directory_link
.......................................................................................
----------------------------------------------------------------------
Ran 98 tests in 0.393s
OK
Name Stmts Miss Cover
-------------------------------------------------------
osm_common/__init__.py 8 2 75%
osm_common/common_utils.py 10 2 80%
osm_common/dbbase.py 322 46 86%
osm_common/dbmemory.py 341 217 36%
osm_common/dbmongo.py 251 218 13%
osm_common/fsbase.py 45 20 56%
osm_common/fslocal.py 103 78 24%
osm_common/fsmongo.py 379 237 37%
osm_common/msgbase.py 31 13 58%
osm_common/msgkafka.py 78 78 0%
osm_common/msglocal.py 101 79 22%
osm_common/sol004_package.py 36 36 0%
osm_common/sol007_package.py 32 32 0%
osm_common/sol_package.py 158 158 0%
osm_common/tests/test_dbbase.py 890 32 96%
osm_common/tests/test_dbmemory.py 346 190 45%
osm_common/tests/test_dbmongo.py 80 38 52%
osm_common/tests/test_fsbase.py 50 31 38%
osm_common/tests/test_fslocal.py 204 136 33%
osm_common/tests/test_fsmongo.py 224 76 66%
osm_common/tests/test_msgbase.py 37 20 46%
osm_common/tests/test_msglocal.py 274 203 26%
-------------------------------------------------------
TOTAL 4000 1942 51%
({'A': ['a', 'b', 'a']}, {'A': {'$a': None}}, {'A': ['b']})
({'A': ['a', 'b', 'a']}, {'A': {'$d': None}}, {'A': ['a', 'b', 'a']})
({'A': ['a', 'b', 'c']}, {'A': {'$b': None, '$+[0]': 'b'}}, {'A': ['b', 'a', 'c']})
({'A': ['a', 'b', 'a']}, {'A': {'$a': None, '$[1]': {'c': 'd'}}}, {'A': [{'c': 'd'}]})
({'A': ['a', 'b', 'c']}, {'A': {'$+b': 'b'}}, {'A': ['a', 'b', 'c']})
({'A': ['a', 'b', 'c']}, {'A': {'$+d': 'f'}}, {'A': ['a', 'b', 'c', 'f']})
({'A': ['a', 'b', 'a']}, {'A': {'$b': {'c': 'd'}}}, {'A': ['a', {'c': 'd'}, 'a']})
({'A': ['a', 'b', 'a']}, {'A': {'$b': None, '$+[0]': 'b', '$+': 'c'}}, {'A': ['b', 'a', 'a', 'c']})
({'A': ['a', 'b', 'a']}, {'A': {'$c': None}}, {'A': ['a', 'b', 'a']})
({'A': ['a', 'b', 'a']}, {'A': {'$[5]': None}}, {'A': ['a', 'b', 'a']})
({'A': ['a', 'b', {'id': '1', 'c': {'d': 2}}]}, {'A': {"$id: '1'": {'h': None, 'c': {'d': 'e', 'f': 'g'}}}}, {'A': ['a', 'b', {'id': '1', 'c': {'d': 'e', 'f': 'g'}}]})
({'A': [{'id': 1, 'c': {'d': 2}}, {'id': 1, 'c': {'f': []}}]}, {'A': {'$id: 1': {'h': None, 'c': {'d': 'e', 'f': 'g'}}}}, {'A': [{'id': 1, 'c': {'d': 'e', 'f': 'g'}}, {'id': 1, 'c': {'d': 'e', 'f': 'g'}}]})
({'A': ['a', 'b', ['a', 'b']]}, {'A': {'$b': None, '$[2]': {'$b': {}, '$+': 'c'}}}, {'A': ['a', ['a', {}, 'c']]})
({'A': ['a', {'id': '1', 'c': 'd'}]}, {'A': {'$id: 1': {'c': 'e'}}}, {'A': ['a', {'id': '1', 'c': 'd'}]})
({'A': ['a', 'b', 'a']}, {'A': {'$a': None, '$[0]': {'c': 'd'}}})
database exception Conflict at 'A:$[0]'. Several editions on array index 0
({'A': ['a', 'b', 'a']}, {'A': {'$[1]': 'c', '$[-2]': 'd'}})
database exception Conflict at 'A:$[-2]'. Several editions on array index 1
({'A': ['a', 'b', 'a']}, {'A': {'$[1]': 'c', '$[+1]': 'd'}})
database exception Conflict at 'A:$[+1]'. Several editions on array index 1
({'A': ['a', 'b', 'a']}, {'A': {'$b': {'c': 'd'}, 'c': 3}})
database exception Found array edition (keys starting with '$') and pure dictionary edition in the same dict at 'A'
({'A': ['a', 'b', 'a']}, {'A': {'$': 3}})
database exception Wrong format at 'A:$'. Expecting '$+', '$[<index]' or '$[<filter>]'
({'A': ['a', 'b', 'a']}, {'A': {'$a: b: c': 3}})
database exception Wrong format at 'A:$a: b: c'. Expecting '$<yaml-format>'
({'A': ['a', 'b', 'a']}, {'A': {'$a: b, c: d': 3}})
database exception Wrong format at 'A:$a: b, c: d'. Expecting '$<yaml-format>'
({'A': ['a', 'b', 'a']}, {'A': {'$+': None}})
database exception A value of None has not sense for insertions at 'A:$+'
({'A': ['a', 'b', 'a']}, {'A': {'$+c': None}})
database exception A value of None has not sense for insertions at 'A:$+c'
({'A': ['a', 'b', 'a']}, {'A': {'$[5]': 6}})
database exception Array edition index out of range at 'A:5'
({'A': ['a', {'id': '1', 'c': 'd'}]}, {'A': {"$id: '1'": {'c': 'e'}, '$c: d': {'c': 'f'}}})
database exception Conflict at 'A:$c: d'. Several editions on array index 1
cover run-test: commands[3] | coverage report '--omit=*tests*'
Name Stmts Miss Cover
-------------------------------------------------------
osm_common/__init__.py 8 2 75%
osm_common/common_utils.py 10 2 80%
osm_common/dbbase.py 322 46 86%
osm_common/dbmemory.py 341 217 36%
osm_common/dbmongo.py 251 218 13%
osm_common/fsbase.py 45 20 56%
osm_common/fslocal.py 103 78 24%
osm_common/fsmongo.py 379 237 37%
osm_common/msgbase.py 31 13 58%
osm_common/msgkafka.py 78 78 0%
osm_common/msglocal.py 101 79 22%
osm_common/sol004_package.py 36 36 0%
osm_common/sol007_package.py 32 32 0%
osm_common/sol_package.py 158 158 0%
osm_common/tests/test_dbbase.py 890 32 96%
osm_common/tests/test_dbmemory.py 346 190 45%
osm_common/tests/test_dbmongo.py 80 38 52%
osm_common/tests/test_fsbase.py 50 31 38%
osm_common/tests/test_fslocal.py 204 136 33%
osm_common/tests/test_fsmongo.py 224 76 66%
osm_common/tests/test_msgbase.py 37 20 46%
osm_common/tests/test_msglocal.py 274 203 26%
-------------------------------------------------------
TOTAL 4000 1942 51%
cover run-test: commands[4] | coverage html -d ./cover '--omit=*tests*'
Wrote HTML report to ./cover/index.html
cover run-test: commands[5] | coverage xml -o coverage.xml '--omit=*tests*'
Wrote XML report to coverage.xml
✔ OK pylint in 29.861 seconds
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/common-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/common-stage_2-merge_master/requirements-test.txt, pylint
pylint develop-inst: /home/jenkins/workspace/common-stage_2-merge_master
pylint installed: aiokafka==0.8.1,astroid==3.1.0,async-timeout==4.0.3,coverage==7.3.1,dataclasses==0.6,dill==0.3.8,dnspython==2.4.2,exceptiongroup==1.1.3,iniconfig==2.0.0,isort==5.13.2,kafka-python==2.0.2,mccabe==0.7.0,motor==3.3.1,nose2==0.13.0,-e git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd#egg=osm_common,packaging==23.1,platformdirs==4.2.1,pluggy==1.3.0,pycryptodome==3.19.0,pylint==3.1.0,pymongo==4.5.0,pytest==7.4.2,PyYAML==6.0.1,tomli==2.0.1,tomlkit==0.12.5,typing_extensions==4.11.0
pylint run-test-pre: PYTHONHASHSEED='740157607'
pylint run-test: commands[0] | pylint -E osm_common
✔ OK safety in 32.981 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/common-stage_2-merge_master/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/common-stage_2-merge_master
safety installed: aiokafka==0.8.1,annotated-types==0.6.0,async-timeout==4.0.3,Authlib==1.3.0,certifi==2024.2.2,cffi==1.16.0,charset-normalizer==3.3.2,click==8.1.7,cryptography==42.0.7,dataclasses==0.6,dnspython==2.4.2,dparse==0.6.4b0,idna==3.7,Jinja2==3.1.4,kafka-python==2.0.2,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.2,mdurl==0.1.2,motor==3.3.1,-e git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd#egg=osm_common,packaging==23.1,pycparser==2.22,pycryptodome==3.19.0,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.18.0,pymongo==4.5.0,PyYAML==6.0.1,requests==2.31.0,rich==13.7.1,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,shellingham==1.5.4,tomli==2.0.1,typer==0.12.3,typing_extensions==4.11.0,urllib3==2.2.1
safety run-test-pre: PYTHONHASHSEED='963044616'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+
/$$$$$$ /$$
/$$__ $$ | $$
/$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$
/$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$
| $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$
\____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$
/$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$
|_______/ \_______/|__/ \_______/ \___/ \____ $$
/$$ | $$
| $$$$$$/
by safetycli.com \______/
+==============================================================================+
[1mREPORT[0m
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
Safety [1mv3.2.0[0m is scanning for [1mVulnerabilities[0m[1m...[0m
[1m Scanning dependencies[0m in your [1menvironment:[0m
-> /tmp/.tox/safety/lib/python3.10/site-packages
-> /home/jenkins/workspace/common-stage_2-merge_master
-> /tmp/.tox/safety/bin
-> /usr/lib/python3.10/lib-dynload
-> /usr/lib/python310.zip
-> /usr/lib/python3.10
Using [1mopen-source vulnerability database[0m
[1m Found and scanned 43 packages[0m
Timestamp [1m2024-05-13 09:01:44[0m
[1m 7[0m[1m vulnerabilities reported[0m
[1m 0[0m[1m vulnerabilities ignored[0m
+==============================================================================+
[1mVULNERABILITIES REPORTED[0m
+==============================================================================+
[31m-> Vulnerability found in wheel version 0.37.1[0m
[1m Vulnerability ID: [0m51499
[1m Affected spec: [0m<0.38.1
[1m ADVISORY: [0mWheel 0.38.1 includes a fix for CVE-2022-40898: An issue
discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier
allows remote attackers to cause a denial of service via attacker
controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos-
vulnerabilities-in-top-python-packages
[1m CVE-2022-40898[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/51499/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pycryptodome version 3.19.0[0m
[1m Vulnerability ID: [0m65207
[1m Affected spec: [0m>=0,<3.19.1
[1m ADVISORY: [0mPyCryptodome and pycryptodomex before 3.19.1 allow side-
channel leakage for OAEP decryption, exploitable for a Manger attack.
[1m CVE-2023-52323[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65207/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65207 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pycryptodome version 3.19.0[0m
[1m Vulnerability ID: [0m63680
[1m Affected spec: [0m<3.20.0
[1m ADVISORY: [0mPycryptodome 3.20.0 addresses a vulnerability in the
OAEP decryption process, which previously had a side-channel leakage
issue. This vulnerability could potentially be exploited through a Manger
attack, a type of cryptographic attack. The resolution of this issue
enhances the security of the library, especially in its handling of OAEP d
ecryption.https://github.com/Legrandin/pycryptodome/commit/0deea1bfe1489e8
c80d2053bbb06a1aa0b181ebd
[1m PVE-2024-63680[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/63680/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 63680 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m62044
[1m Affected spec: [0m<23.3
[1m ADVISORY: [0mAffected versions of Pip are vulnerable to Command
Injection. When installing a package from a Mercurial VCS URL (ie "pip
install hg+...") with pip prior to v23.3, the specified Mercurial revision
could be used to inject arbitrary configuration options to the "hg clone"
call (ie "--config"). Controlling the Mercurial configuration can modify
how and which repository is installed. This vulnerability does not affect
users who aren't installing from Mercurial.
[1m CVE-2023-5752[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62044/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m67599
[1m Affected spec: [0m>=0
[1m ADVISORY: [0m** DISPUTED ** An issue was discovered in pip (all
versions) because it installs the version with the highest version number,
even if the user had intended to obtain a private package from a private
index. This only affects use of the --extra-index-url option, and
exploitation requires that the package does not already exist in the
public index (and thus the attacker can put the package there with an
arbitrary version number). NOTE: it has been reported that this is
intended functionality and the user is responsible for using --extra-
index-url securely.
[1m CVE-2018-20225[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67599/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67599 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in dnspython version 2.4.2[0m
[1m Vulnerability ID: [0m65401
[1m Affected spec: [0m<2.6.0
[1m ADVISORY: [0mDnspython 2.6.0 fixes a DoS vulnerability highlighted in
the "TuDoor" paper (CVE-2023-29483), where spoofed DNS responses could
disrupt service. The update prevents denial of service by ignoring
malicious packets, allowing the resolver to wait for valid responses until
a query's timeout. This mitigation ensures continued service despite
attempted attacks, enhancing the resolver's reliability and security.
[1m PVE-2024-65401[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/65401/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 65401 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in dnspython version 2.4.2[0m
[1m Vulnerability ID: [0m66710
[1m Affected spec: [0m<2.6.1
[1m ADVISORY: [0mThe dnspython stub resolver is vulnerable to a potential
DoS if a bad-in-some-way response from the right address and port forged
by an attacker arrives before a legitimate one on the UDP port dnspython
is using for that query.
[1m CVE-2023-29483[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/66710/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 66710 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
+==============================================================================+
[32m[1mREMEDIATIONS[0m
7 vulnerabilities were reported in 4 packages. For detailed remediation &
fix recommendations, upgrade to a commercial license.
+==============================================================================+
Scan was completed. 7 vulnerabilities were reported.
+==============================================================================+
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
+==============================================================================+[0m
___________________________________ summary ____________________________________
black: commands succeeded
cover: commands succeeded
flake8: commands succeeded
pylint: commands succeeded
safety: commands succeeded
congratulations :)