[POL-stage_2-merge_master] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
✔ OK black in 17.145 seconds
black create: /tmp/.tox/black
black installdeps: black
black installed: black==24.4.2,click==8.1.7,mypy-extensions==1.0.0,packaging==24.1,pathspec==0.12.1,platformdirs==4.2.2,tomli==2.0.1,typing_extensions==4.12.2
black run-test-pre: PYTHONHASHSEED='3575048073'
black run-test: commands[0] | black --check --diff osm_policy_module/
All done! ✨ 🍰 ✨
47 files would be left unchanged.
black run-test: commands[1] | black --check --diff setup.py
All done! ✨ 🍰 ✨
1 file would be left unchanged.
✔ OK flake8 in 19.285 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/POL-stage_2-merge_master
flake8 installed: flake8==7.1.0,mccabe==0.7.0,-e git+https://osm.etsi.org/gerrit/osm/POL.git@bfe6988e8ec5ad9283200f46134529cac10e006c#egg=osm_policy_module,pycodestyle==2.12.0,pyflakes==3.2.0
flake8 run-test-pre: PYTHONHASHSEED='1727821361'
flake8 run-test: commands[0] | flake8 osm_policy_module/ setup.py
✔ OK cover in 54.721 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements-test.txt
cover develop-inst: /home/jenkins/workspace/POL-stage_2-merge_master
cover installed: aiokafka==0.8.1,async-timeout==4.0.3,attrs==23.1.0,certifi==2023.7.22,charset-normalizer==3.2.0,click==8.1.7,coverage==7.3.1,dataclasses==0.6,dnspython==2.4.2,idna==3.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,kafka-python==2.0.2,mock==5.1.0,motor==3.3.1,nose2==0.13.0,osm-common @ git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd,-e git+https://osm.etsi.org/gerrit/osm/POL.git@bfe6988e8ec5ad9283200f46134529cac10e006c#egg=osm_policy_module,packaging==23.1,peewee==3.16.3,peewee-migrate==1.12.2,pycryptodome==3.19.0,pymongo==4.5.0,PyMySQL==1.1.0,PyYAML==6.0.1,referencing==0.30.2,requests==2.31.0,rpds-py==0.10.3,urllib3==2.0.5
cover run-test-pre: PYTHONHASHSEED='1823104294'
cover run-test: commands[0] | sh -c 'rm -f nosetests.xml'
cover run-test: commands[1] | coverage erase
cover run-test: commands[2] | nose2 -C --coverage osm_policy_module
INFO:osm_policy_module.alarming.service:Executing request to url http://alarm-url/ for vnf alarm test_id with status alarm
Executing request to url http://alarm-url/ for vnf alarm test_id with status alarm
Executing request to url http://alarm-url/ for vnf alarm test_id with status alarm
INFO:osm_policy_module.alarming.service:Response <MagicMock name='post()' id='139685272706480'>
Response <MagicMock name='post()' id='139685272706480'>
Response <MagicMock name='post()' id='139685272706480'>
..INFO:osm_policy_module.alarming.service:Executing request to url http://insufficient-data-url/ for vnf alarm test_id with status insufficient-data
Executing request to url http://insufficient-data-url/ for vnf alarm test_id with status insufficient-data
Executing request to url http://insufficient-data-url/ for vnf alarm test_id with status insufficient-data
INFO:osm_policy_module.alarming.service:Response <MagicMock name='post()' id='139685273241392'>
Response <MagicMock name='post()' id='139685273241392'>
Response <MagicMock name='post()' id='139685273241392'>
.INFO:osm_policy_module.alarming.service:Executing request to url http://ok-url/ for vnf alarm test_id with status ok
Executing request to url http://ok-url/ for vnf alarm test_id with status ok
Executing request to url http://ok-url/ for vnf alarm test_id with status ok
INFO:osm_policy_module.alarming.service:Response <MagicMock name='post()' id='139685272445008'>
Response <MagicMock name='post()' id='139685272445008'>
Response <MagicMock name='post()' id='139685272445008'>
..............INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
.INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.core.agent:Configuring nsr_id: test_nsr_id
Configuring nsr_id: test_nsr_id
Configuring nsr_id: test_nsr_id
INFO:osm_policy_module.core.agent:Network_service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network_service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network_service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
.INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.core.agent:_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'COMPLETED'}
_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'COMPLETED'}
_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'COMPLETED'}
INFO:osm_policy_module.core.agent:Updating policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
Updating policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
Updating policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
INFO:osm_policy_module.core.agent:_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'FAILED'}
_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'FAILED'}
_handle_policy_update: {'nsr_id': 'test_nsr_id', 'vnf_member_index': '1', 'operationState': 'FAILED'}
INFO:osm_policy_module.core.agent:Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
.INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.core.agent:Deleting policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
Deleting policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
Deleting policies of VNF with nsr_id: test_nsr_id and vnf-member-index: 1
INFO:osm_policy_module.core.agent:Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
Network service is not in COMPLETED or PARTIALLY_COMPLETED state. Current state is FAILED. Skipping...
...INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.healing.service:Configuring Healing alarm for NS test_nsr_id
Configuring Healing alarm for NS test_nsr_id
Configuring Healing alarm for NS test_nsr_id
.INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.autoscaling.service:Configuring scaling groups for network service with nsr_id: test_nsr_id
Configuring scaling groups for network service with nsr_id: test_nsr_id
Configuring scaling groups for network service with nsr_id: test_nsr_id
.INFO:osm_policy_module.healing.service:HealingService Initialized
HealingService Initialized
HealingService Initialized
INFO:osm_policy_module.healing.service:Constructor created for HealingService
Constructor created for HealingService
Constructor created for HealingService
INFO:osm_policy_module.alarming.service:Configuring vnf alarms for network service test_nsr_id
Configuring vnf alarms for network service test_nsr_id
Configuring vnf alarms for network service test_nsr_id
.ERROR:aiokafka:Unable connect to "kafka:9092": [Errno -2] Name or service not known
Unable connect to "kafka:9092": [Errno -2] Name or service not known
Unable connect to "kafka:9092": [Errno -2] Name or service not known
s
ERROR:asyncio:Unclosed AIOKafkaProducer
producer: <aiokafka.producer.producer.AIOKafkaProducer object at 0x7f0b030226b0>
Unclosed AIOKafkaProducer
producer: <aiokafka.producer.producer.AIOKafkaProducer object at 0x7f0b030226b0>
Unclosed AIOKafkaProducer
producer: <aiokafka.producer.producer.AIOKafkaProducer object at 0x7f0b030226b0>
----------------------------------------------------------------------
Ran 27 tests in 6.404s
OK (skipped=1)
Name Stmts Miss Cover
------------------------------------------------------------------------------------------
osm_policy_module/__init__.py 0 0 100%
osm_policy_module/alarming/__init__.py 0 0 100%
osm_policy_module/alarming/service.py 169 80 53%
osm_policy_module/autoscaling/__init__.py 0 0 100%
osm_policy_module/autoscaling/service.py 243 113 53%
osm_policy_module/cmd/__init__.py 0 0 100%
osm_policy_module/cmd/policy_module_agent.py 32 32 0%
osm_policy_module/cmd/policy_module_healthcheck.py 30 30 0%
osm_policy_module/common/__init__.py 0 0 100%
osm_policy_module/common/common_db_client.py 35 17 51%
osm_policy_module/common/lcm_client.py 41 24 41%
osm_policy_module/common/message_bus_client.py 18 2 89%
osm_policy_module/common/mon_client.py 90 75 17%
osm_policy_module/core/__init__.py 0 0 100%
osm_policy_module/core/agent.py 114 49 57%
osm_policy_module/core/config.py 39 11 72%
osm_policy_module/core/database.py 166 23 86%
osm_policy_module/core/exceptions.py 4 0 100%
osm_policy_module/healing/__init__.py 0 0 100%
osm_policy_module/healing/service.py 144 93 35%
osm_policy_module/migrations/001_initial.py 50 50 0%
osm_policy_module/migrations/002_add_vnf_alarm.py 25 25 0%
osm_policy_module/migrations/003_add_fields_to_policy.py 7 7 0%
osm_policy_module/migrations/004_add_fields_to_alarm.py 7 7 0%
osm_policy_module/migrations/005_change_vnf_index_member_to_str.py 11 11 0%
osm_policy_module/migrations/006_add_heal_alarm.py 24 24 0%
osm_policy_module/migrations/007_add_vnf_alarm_fields.py 7 7 0%
osm_policy_module/migrations/__init__.py 0 0 100%
osm_policy_module/migrations/conf.py 2 2 0%
osm_policy_module/tests/__init__.py 0 0 100%
osm_policy_module/tests/integration/__init__.py 0 0 100%
osm_policy_module/tests/integration/test_kafka_messages.py 44 14 68%
osm_policy_module/tests/integration/test_policy_agent.py 124 2 98%
osm_policy_module/tests/unit/__init__.py 0 0 100%
osm_policy_module/tests/unit/alarming/__init__.py 0 0 100%
osm_policy_module/tests/unit/alarming/test_alarming_service.py 82 6 93%
osm_policy_module/tests/unit/autoscaling/__init__.py 0 0 100%
osm_policy_module/tests/unit/autoscaling/test_autoscaling_service.py 186 16 91%
osm_policy_module/tests/unit/common/__init__.py 0 0 100%
osm_policy_module/tests/unit/common/test_message_bus_client.py 40 1 98%
osm_policy_module/tests/unit/core/__init__.py 0 0 100%
osm_policy_module/tests/unit/core/test_policy_agent.py 160 2 99%
osm_policy_module/tests/unit/utils/__init__.py 0 0 100%
osm_policy_module/tests/unit/utils/test_vnfd_utils.py 19 0 100%
osm_policy_module/utils/__init__.py 0 0 100%
osm_policy_module/utils/vnfd.py 14 0 100%
------------------------------------------------------------------------------------------
TOTAL 1927 723 62%
cover run-test: commands[3] | coverage report '--omit=*tests*'
Name Stmts Miss Cover
------------------------------------------------------------------------------------------
osm_policy_module/__init__.py 0 0 100%
osm_policy_module/alarming/__init__.py 0 0 100%
osm_policy_module/alarming/service.py 169 80 53%
osm_policy_module/autoscaling/__init__.py 0 0 100%
osm_policy_module/autoscaling/service.py 243 113 53%
osm_policy_module/cmd/__init__.py 0 0 100%
osm_policy_module/cmd/policy_module_agent.py 32 32 0%
osm_policy_module/cmd/policy_module_healthcheck.py 30 30 0%
osm_policy_module/common/__init__.py 0 0 100%
osm_policy_module/common/common_db_client.py 35 17 51%
osm_policy_module/common/lcm_client.py 41 24 41%
osm_policy_module/common/message_bus_client.py 18 2 89%
osm_policy_module/common/mon_client.py 90 75 17%
osm_policy_module/core/__init__.py 0 0 100%
osm_policy_module/core/agent.py 114 49 57%
osm_policy_module/core/config.py 39 11 72%
osm_policy_module/core/database.py 166 23 86%
osm_policy_module/core/exceptions.py 4 0 100%
osm_policy_module/healing/__init__.py 0 0 100%
osm_policy_module/healing/service.py 144 93 35%
osm_policy_module/migrations/001_initial.py 50 50 0%
osm_policy_module/migrations/002_add_vnf_alarm.py 25 25 0%
osm_policy_module/migrations/003_add_fields_to_policy.py 7 7 0%
osm_policy_module/migrations/004_add_fields_to_alarm.py 7 7 0%
osm_policy_module/migrations/005_change_vnf_index_member_to_str.py 11 11 0%
osm_policy_module/migrations/006_add_heal_alarm.py 24 24 0%
osm_policy_module/migrations/007_add_vnf_alarm_fields.py 7 7 0%
osm_policy_module/migrations/__init__.py 0 0 100%
osm_policy_module/migrations/conf.py 2 2 0%
osm_policy_module/tests/__init__.py 0 0 100%
osm_policy_module/tests/integration/__init__.py 0 0 100%
osm_policy_module/tests/integration/test_kafka_messages.py 44 14 68%
osm_policy_module/tests/integration/test_policy_agent.py 124 2 98%
osm_policy_module/tests/unit/__init__.py 0 0 100%
osm_policy_module/tests/unit/alarming/__init__.py 0 0 100%
osm_policy_module/tests/unit/alarming/test_alarming_service.py 82 6 93%
osm_policy_module/tests/unit/autoscaling/__init__.py 0 0 100%
osm_policy_module/tests/unit/autoscaling/test_autoscaling_service.py 186 16 91%
osm_policy_module/tests/unit/common/__init__.py 0 0 100%
osm_policy_module/tests/unit/common/test_message_bus_client.py 40 1 98%
osm_policy_module/tests/unit/core/__init__.py 0 0 100%
osm_policy_module/tests/unit/core/test_policy_agent.py 160 2 99%
osm_policy_module/tests/unit/utils/__init__.py 0 0 100%
osm_policy_module/tests/unit/utils/test_vnfd_utils.py 19 0 100%
osm_policy_module/utils/__init__.py 0 0 100%
osm_policy_module/utils/vnfd.py 14 0 100%
------------------------------------------------------------------------------------------
TOTAL 1927 723 62%
cover run-test: commands[4] | coverage html -d ./cover '--omit=*tests*'
Wrote HTML report to ./cover/index.html
cover run-test: commands[5] | coverage xml -o coverage.xml '--omit=*tests*'
Wrote XML report to coverage.xml
✔ OK safety in 59.412 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/POL-stage_2-merge_master
safety installed: aiokafka==0.8.1,annotated-types==0.7.0,async-timeout==4.0.3,attrs==23.1.0,Authlib==1.3.1,certifi==2023.7.22,cffi==1.16.0,charset-normalizer==3.2.0,click==8.1.7,cryptography==42.0.8,dparse==0.6.4b0,idna==3.4,Jinja2==3.1.4,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,kafka-python==2.0.2,markdown-it-py==3.0.0,MarkupSafe==2.1.5,marshmallow==3.21.3,mdurl==0.1.2,-e git+https://osm.etsi.org/gerrit/osm/POL.git@bfe6988e8ec5ad9283200f46134529cac10e006c#egg=osm_policy_module,packaging==23.1,peewee==3.16.3,peewee-migrate==1.12.2,pycparser==2.22,pydantic==2.7.4,pydantic_core==2.18.4,Pygments==2.18.0,PyMySQL==1.1.0,PyYAML==6.0.1,referencing==0.30.2,requests==2.31.0,rich==13.7.1,rpds-py==0.10.3,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.3,safety-schemas==0.0.2,shellingham==1.5.4,tomli==2.0.1,typer==0.12.3,typing_extensions==4.12.2,urllib3==2.0.5
safety run-test-pre: PYTHONHASHSEED='298345509'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+
/$$$$$$ /$$
/$$__ $$ | $$
/$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$
/$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$
| $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$
\____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$
/$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$
|_______/ \_______/|__/ \_______/ \___/ \____ $$
/$$ | $$
| $$$$$$/
by safetycli.com \______/
+==============================================================================+
[1mREPORT[0m
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
Safety [1mv3.2.3[0m is scanning for [1mVulnerabilities[0m[1m...[0m
[1m Scanning dependencies[0m in your [1menvironment:[0m
-> /usr/lib/python3.10/lib-dynload
-> /tmp/.tox/safety/lib/python3.10/site-packages
-> /home/jenkins/workspace/POL-stage_2-merge_master
-> /usr/lib/python3.10
-> /tmp/.tox/safety/bin
-> /usr/lib/python310.zip
Using [1mopen-source vulnerability database[0m
[1m Found and scanned 46 packages[0m
Timestamp [1m2024-06-23 09:01:45[0m
[1m 7[0m[1m vulnerabilities reported[0m
[1m 0[0m[1m vulnerabilities ignored[0m
+==============================================================================+
[1mVULNERABILITIES REPORTED[0m
+==============================================================================+
[31m-> Vulnerability found in wheel version 0.37.1[0m
[1m Vulnerability ID: [0m51499
[1m Affected spec: [0m<0.38.1
[1m ADVISORY: [0mWheel 0.38.1 includes a fix for CVE-2022-40898: An issue
discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier
allows remote attackers to cause a denial of service via attacker
controlled input to wheel cli.https://pyup.io/posts/pyup-discovers-redos-
vulnerabilities-in-top-python-packages
[1m CVE-2022-40898[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/51499/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 51499 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in urllib3 version 2.0.5[0m
[1m Vulnerability ID: [0m61893
[1m Affected spec: [0m>=2.0.0a1,<2.0.7
[1m ADVISORY: [0mUrllib3 1.26.18 and 2.0.7 include a fix for
CVE-2023-45803: Request body not stripped after redirect from 303 status
changes request method to GET.https://github.com/urllib3/urllib3/security/
advisories/GHSA-g4mx-q9vg-27p4
[1m CVE-2023-45803[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/61893/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in requests version 2.31.0[0m
[1m Vulnerability ID: [0m71064
[1m Affected spec: [0m<2.32.2
[1m ADVISORY: [0mAffected versions of Requests, when making requests
through a Requests `Session`, if the first request is made with
`verify=False` to disable cert verification, all subsequent requests to
the same host will continue to ignore cert verification regardless of
changes to the value of `verify`. This behavior will continue for the
lifecycle of the connection in the connection pool. Requests 2.32.0 fixes
the issue, but versions 2.32.0 and 2.32.1 were yanked due to conflicts
with CVE-2024-35195 mitigation.
[1m CVE-2024-35195[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/71064/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 71064 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in pip version 22.0.2[0m
[1m Vulnerability ID: [0m62044
[1m Affected spec: [0m<23.3
[1m ADVISORY: [0mAffected versions of Pip are vulnerable to Command
Injection. When installing a package from a Mercurial VCS URL (ie "pip
install hg+...") with pip prior to v23.3, the specified Mercurial revision
could be used to inject arbitrary configuration options to the "hg clone"
call (ie "--config"). Controlling the Mercurial configuration can modify
how and which repository is installed. This vulnerability does not affect
users who aren't installing from Mercurial.
[1m CVE-2023-5752[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/62044/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 62044 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in peewee version 3.16.3[0m
[1m Vulnerability ID: [0m64952
[1m Affected spec: [0m<3.17.1
[1m ADVISORY: [0mPeewee 3.17.1 introduces enhancements to address a race
condition issue by implementing stricter locking mechanisms around pool
connection management.https://github.com/coleifer/peewee/commit/ea3fb11a9c
2a4b0cd958a453dd287e408477eda5
[1m PVE-2024-64952[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/64952/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 64952 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in jinja2 version 3.1.4[0m
[1m Vulnerability ID: [0m70612
[1m Affected spec: [0m>=0
[1m ADVISORY: [0mIn Jinja2, the from_string function is prone to Server
Side Template Injection (SSTI) where it takes the "source" parameter as a
template object, renders it, and then returns it. The attacker can exploit
it with {{INJECTION COMMANDS}} in a URI. NOTE: The maintainer and multiple
third parties believe that this vulnerability isn't valid because users
shouldn't use untrusted templates without sandboxing.
[1m CVE-2019-8341[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/70612/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 70612 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
[31m-> Vulnerability found in idna version 3.4[0m
[1m Vulnerability ID: [0m67895
[1m Affected spec: [0m<3.7
[1m ADVISORY: [0mCVE-2024-3651 impacts the idna.encode() function, where
a specially crafted argument could lead to significant resource
consumption, causing a denial-of-service. In version 3.7, this function
has been updated to reject such inputs efficiently, minimizing resource
use. A practical workaround involves enforcing a maximum domain name
length of 253 characters before encoding, as the vulnerability is
triggered by unusually large inputs that normal operations wouldn't
encounter.
[1m CVE-2024-3651[0m
[1m For more information about this vulnerability, visit
[0mhttps://data.safetycli.com/v/67895/97c[0m
To ignore this vulnerability, use PyUp vulnerability id 67895 in safety’s
ignore command-line argument or add the ignore to your safety policy file.
+==============================================================================+
[32m[1mREMEDIATIONS[0m
7 vulnerabilities were reported in 7 packages. For detailed remediation &
fix recommendations, upgrade to a commercial license.
+==============================================================================+
Scan was completed. 7 vulnerabilities were reported.
+==============================================================================+
[31m[22m Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. [0m
[31m For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io[0m
+==============================================================================+[0m
✔ OK pylint in 1 minute, 2.496 seconds
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements.txt, -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements-dev.txt, -r/home/jenkins/workspace/POL-stage_2-merge_master/requirements-test.txt, pylint
pylint develop-inst: /home/jenkins/workspace/POL-stage_2-merge_master
pylint installed: aiokafka==0.8.1,astroid==3.2.2,async-timeout==4.0.3,attrs==23.1.0,certifi==2023.7.22,charset-normalizer==3.2.0,click==8.1.7,coverage==7.3.1,dataclasses==0.6,dill==0.3.8,dnspython==2.4.2,idna==3.4,isort==5.13.2,jsonschema==4.19.1,jsonschema-specifications==2023.7.1,kafka-python==2.0.2,mccabe==0.7.0,mock==5.1.0,motor==3.3.1,nose2==0.13.0,osm-common @ git+https://osm.etsi.org/gerrit/osm/common.git@409397d74a1a9dd1257a55b6c9ae02a7b8bf1bdd,-e git+https://osm.etsi.org/gerrit/osm/POL.git@bfe6988e8ec5ad9283200f46134529cac10e006c#egg=osm_policy_module,packaging==23.1,peewee==3.16.3,peewee-migrate==1.12.2,platformdirs==4.2.2,pycryptodome==3.19.0,pylint==3.2.3,pymongo==4.5.0,PyMySQL==1.1.0,PyYAML==6.0.1,referencing==0.30.2,requests==2.31.0,rpds-py==0.10.3,tomli==2.0.1,tomlkit==0.12.5,typing_extensions==4.12.2,urllib3==2.0.5
pylint run-test-pre: PYTHONHASHSEED='1940539709'
pylint run-test: commands[0] | pylint -E osm_policy_module
___________________________________ summary ____________________________________
black: commands succeeded
cover: commands succeeded
flake8: commands succeeded
pylint: commands succeeded
safety: commands succeeded
congratulations :)