Console Output

[osmclient-stage_2-merge_v12.0] Running shell script
+ runuser jenkins -c devops-stages/stage-test.sh
Launching tox
✔ OK black in 10.183 seconds
black create: /tmp/.tox/black
black installdeps: black==23.12.1
black installed: black==23.12.1,click==8.1.7,mypy-extensions==1.0.0,packaging==24.0,pathspec==0.12.1,platformdirs==4.2.1,tomli==2.0.1,typing_extensions==4.11.0
black run-test-pre: PYTHONHASHSEED='3502320633'
black run-test: commands[0] | black --check --diff osmclient/
All done! ✨ 🍰 ✨
56 files would be left unchanged.

✔ OK flake8 in 14.478 seconds
flake8 create: /tmp/.tox/flake8
flake8 installdeps: flake8
flake8 develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
flake8 installed: flake8==7.0.0,mccabe==0.7.0,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,pycodestyle==2.11.1,pyflakes==3.2.0
flake8 run-test-pre: PYTHONHASHSEED='3620149673'
flake8 run-test: commands[0] | flake8 osmclient/ setup.py

✔ OK safety in 55.042 seconds
safety create: /tmp/.tox/safety
safety installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, safety
safety develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
safety installed: annotated-types==0.6.0,Authlib==1.3.0,certifi==2022.6.15,cffi==1.16.0,charset-normalizer==2.0.12,click==8.1.3,cryptography==42.0.7,dparse==0.6.4b0,idna==3.3,Jinja2==3.1.2,markdown-it-py==3.0.0,MarkupSafe==2.1.1,marshmallow==3.21.2,mdurl==0.1.2,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,prettytable==3.3.0,pycparser==2.22,pycurl==7.45.1,pydantic==2.7.1,pydantic_core==2.18.2,Pygments==2.18.0,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,requests==2.28.0,rich==13.7.1,ruamel.yaml==0.18.6,ruamel.yaml.clib==0.2.8,safety==3.2.0,safety-schemas==0.0.2,shellingham==1.5.4,tomli==2.0.1,typer==0.12.3,typing_extensions==4.11.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
safety run-test-pre: PYTHONHASHSEED='1245158527'
safety run-test: commands[0] | - safety check --full-report
+==============================================================================+

                               /$$$$$$            /$$
                              /$$__  $$          | $$
           /$$$$$$$  /$$$$$$ | $$  \__//$$$$$$  /$$$$$$   /$$   /$$
          /$$_____/ |____  $$| $$$$   /$$__  $$|_  $$_/  | $$  | $$
         |  $$$$$$   /$$$$$$$| $$_/  | $$$$$$$$  | $$    | $$  | $$
          \____  $$ /$$__  $$| $$    | $$_____/  | $$ /$$| $$  | $$
          /$$$$$$$/|  $$$$$$$| $$    |  $$$$$$$  |  $$$$/|  $$$$$$$
         |_______/  \_______/|__/     \_______/   \___/   \____  $$
                                                          /$$  | $$
                                                         |  $$$$$$/
  by safetycli.com                                        \______/

+==============================================================================+

 REPORT 

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

  Safety v3.2.0 is scanning for Vulnerabilities...
  Scanning dependencies in your environment:

  -> /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
  -> /usr/lib/python3.8/lib-dynload
  -> /tmp/.tox/safety/bin
  -> /usr/lib/python3.8
  -> /tmp/.tox/safety/lib/python3.8/site-packages
  -> /usr/lib/python38.zip

  Using open-source vulnerability database
  Found and scanned 41 packages
  Timestamp 2024-05-12 08:31:46
  7 vulnerabilities reported
  0 vulnerabilities ignored

+==============================================================================+
 VULNERABILITIES REPORTED 
+==============================================================================+

-> Vulnerability found in urllib3 version 1.26.9
   Vulnerability ID: 61893
   Affected spec: <1.26.18
   ADVISORY: Urllib3 1.26.18 and 2.0.7 include a fix for
   CVE-2023-45803: Request body not stripped after redirect from 303 status
   changes request method to GET.https://github.com/urllib3/urllib3/security/
   advisories/GHSA-g4mx-q9vg-27p4
   CVE-2023-45803
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/61893/97c
   To ignore this vulnerability, use PyUp vulnerability id 61893 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in urllib3 version 1.26.9
   Vulnerability ID: 61601
   Affected spec: <1.26.17
   ADVISORY: Urllib3 1.26.17 and 2.0.5 include a fix for
   CVE-2023-43804: Urllib3 doesn't treat the 'Cookie' HTTP header special or
   provide any helpers for managing cookies over HTTP, that is the
   responsibility of the user. However, it is possible for a user to specify
   a 'Cookie' header and unknowingly leak information via HTTP redirects to a
   different origin if that user doesn't disable redirects explicitly.https:/
   /github.com/urllib3/urllib3/security/advisories/GHSA-v845-jxx5-vc9f
   CVE-2023-43804
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/61601/97c
   To ignore this vulnerability, use PyUp vulnerability id 61601 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in requests version 2.28.0
   Vulnerability ID: 58755
   Affected spec: >=2.3.0,<2.31.0
   ADVISORY: Requests 2.31.0 includes a fix for CVE-2023-32681: Since
   Requests 2.3.0, Requests has been leaking Proxy-Authorization headers to
   destination servers when redirected to an HTTPS endpoint. This is a
   product of how we use 'rebuild_proxies' to reattach the 'Proxy-
   Authorization' header to requests. For HTTP connections sent through the
   tunnel, the proxy will identify the header in the request itself and
   remove it prior to forwarding to the destination server. However when sent
   over HTTPS, the 'Proxy-Authorization' header must be sent in the CONNECT
   request as the proxy has no visibility into the tunneled request. This
   results in Requests forwarding proxy credentials to the destination server
   unintentionally, allowing a malicious actor to potentially exfiltrate
   sensitive information.
   CVE-2023-32681
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/58755/97c
   To ignore this vulnerability, use PyUp vulnerability id 58755 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in pip version 24.0
   Vulnerability ID: 67599
   Affected spec: >=0
   ADVISORY: ** DISPUTED ** An issue was discovered in pip (all
   versions) because it installs the version with the highest version number,
   even if the user had intended to obtain a private package from a private
   index. This only affects use of the --extra-index-url option, and
   exploitation requires that the package does not already exist in the
   public index (and thus the attacker can put the package there with an
   arbitrary version number). NOTE: it has been reported that this is
   intended functionality and the user is responsible for using --extra-
   index-url securely.
   CVE-2018-20225
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/67599/97c
   To ignore this vulnerability, use PyUp vulnerability id 67599 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in certifi version 2022.6.15
   Vulnerability ID: 59956
   Affected spec: >=2015.04.28,<2023.07.22
   ADVISORY: Certifi 2023.07.22 includes a fix for CVE-2023-37920:
   Certifi prior to version 2023.07.22 recognizes "e-Tugra" root
   certificates. e-Tugra's root certificates were subject to an investigation
   prompted by reporting of security issues in their systems. Certifi
   2023.07.22 removes root certificates from "e-Tugra" from the root
   store.https://github.com/certifi/python-certifi/security/advisories/GHSA-
   xqr8-7jwr-rhp7
   CVE-2023-37920
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/59956/97c
   To ignore this vulnerability, use PyUp vulnerability id 59956 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in certifi version 2022.6.15
   Vulnerability ID: 52365
   Affected spec: <2022.12.07
   ADVISORY: Certifi 2022.12.07 includes a fix for CVE-2022-23491:
   Certifi 2022.12.07 removes root certificates from "TrustCor" from the root
   store. These are in the process of being removed from Mozilla's trust
   store. TrustCor's root certificates are being removed pursuant to an
   investigation prompted by media reporting that TrustCor's ownership also
   operated a business that produced spyware. Conclusions of Mozilla's
   investigation can be found in the linked google group
   discussion.https://github.com/certifi/python-
   certifi/security/advisories/GHSA-43fp-
   rhv2-5gv8https://groups.google.com/a/mozilla.org/g/dev-security-
   policy/c/oxX69KFvsm4/m/yLohoVqtCgAJ
   CVE-2022-23491
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/52365/97c
   To ignore this vulnerability, use PyUp vulnerability id 52365 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


-> Vulnerability found in jinja2 version 3.1.2
   Vulnerability ID: 64227
   Affected spec: <3.1.3
   ADVISORY: Jinja2 before 3.1.3 is affected by a Cross-Site
   Scripting vulnerability. Special placeholders in the template allow
   writing code similar to Python syntax. It is possible to inject arbitrary
   HTML attributes into the rendered HTML template. The Jinja 'xmlattr'
   filter can be abused to inject arbitrary HTML attribute keys and values,
   bypassing the auto escaping mechanism and potentially leading to XSS. It
   may also be possible to bypass attribute validation checks if they are
   blacklist-based.
   CVE-2024-22195
   For more information about this vulnerability, visit
   https://data.safetycli.com/v/64227/97c
   To ignore this vulnerability, use PyUp vulnerability id 64227 in safety’s
   ignore command-line argument or add the ignore to your safety policy file.


+==============================================================================+
   REMEDIATIONS

  7 vulnerabilities were reported in 5 packages. For detailed remediation & 
  fix recommendations, upgrade to a commercial license. 

+==============================================================================+

 Scan was completed. 7 vulnerabilities were reported. 

+==============================================================================+

  Safety is using PyUp's free open-source vulnerability database. This
data is 30 days old and limited. 
  For real-time enhanced vulnerability data, fix recommendations, severity
reporting, cybersecurity support, team and project policy management and more
sign up at https://pyup.io or email sales@pyup.io

+==============================================================================+

✔ OK cover in 1 minute, 32.271 seconds
cover create: /tmp/.tox/cover
cover installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-dev.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-test.txt
cover develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
cover installed: bitarray==2.5.1,certifi==2022.6.15,charset-normalizer==2.0.12,click==8.1.3,coverage==6.4.1,enum34==1.1.10,idna==3.3,Jinja2==3.1.2,lxml==4.9.0,MarkupSafe==2.1.1,mock==4.0.3,nose2==0.11.0,osm_im @ git+https://osm.etsi.org/gerrit/osm/IM.git@a0b604e08d261d3c4a0f1cf86a4b597f5697b31a,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,prettytable==3.3.0,pyang==2.5.3,pyangbind==0.8.1,pycurl==7.45.1,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,regex==2022.6.2,requests==2.28.0,six==1.16.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
cover run-test-pre: PYTHONHASHSEED='1663265204'
cover run-test: commands[0] | sh -c 'rm -f nosetests.xml'
cover run-test: commands[1] | coverage erase
cover run-test: commands[2] | nose2 -C --coverage osmclient
...............................................
----------------------------------------------------------------------
Ran 47 tests in 10.115s

OK
Name                                     Stmts   Miss  Cover
------------------------------------------------------------
osmclient/__init__.py                        0      0   100%
osmclient/client.py                         32     25    22%
osmclient/common/__init__.py                 0      0   100%
osmclient/common/exceptions.py               6      0   100%
osmclient/common/http.py                    69     38    45%
osmclient/common/package_handling.py        28     20    29%
osmclient/common/package_tool.py           441    393    11%
osmclient/common/sol004_package.py          36     17    53%
osmclient/common/sol007_package.py          32     15    53%
osmclient/common/sol_package.py            158    120    24%
osmclient/common/test/test_utils.py         36      0   100%
osmclient/common/utils.py                   80     51    36%
osmclient/common/wait.py                    83     63    24%
osmclient/scripts/__init__.py                0      0   100%
osmclient/scripts/osm.py                  2612   1536    41%
osmclient/scripts/tests/tests_vca.py       100      0   100%
osmclient/sol005/__init__.py                 0      0   100%
osmclient/sol005/client.py                 102     72    29%
osmclient/sol005/http.py                   151    130    14%
osmclient/sol005/k8scluster.py             118    101    14%
osmclient/sol005/ns.py                     367    339     8%
osmclient/sol005/nsd.py                    125    104    17%
osmclient/sol005/nsi.py                    209    190     9%
osmclient/sol005/nst.py                    128    108    16%
osmclient/sol005/osmrepo.py                309    260    16%
osmclient/sol005/package.py                 64     51    20%
osmclient/sol005/pdud.py                    94     79    16%
osmclient/sol005/project.py                 74     61    18%
osmclient/sol005/repo.py                    69     56    19%
osmclient/sol005/role.py                   117    103    12%
osmclient/sol005/sdncontroller.py           97     80    18%
osmclient/sol005/subscription.py            71     58    18%
osmclient/sol005/tests/test_osmrepo.py      13      0   100%
osmclient/sol005/tests/test_vca.py         117      0   100%
osmclient/sol005/user.py                   129    117     9%
osmclient/sol005/vca.py                     64      0   100%
osmclient/sol005/vim.py                    158    139    12%
osmclient/sol005/vnf.py                     56     46    18%
osmclient/sol005/vnfd.py                   208    182    12%
osmclient/sol005/wim.py                    142    123    13%
osmclient/v1/__init__.py                     0      0   100%
osmclient/v1/client.py                      54      9    83%
osmclient/v1/key.py                         18     18     0%
osmclient/v1/ns.py                         118     89    25%
osmclient/v1/nsd.py                         27      8    70%
osmclient/v1/package.py                     34     17    50%
osmclient/v1/tests/test_ns.py               22      0   100%
osmclient/v1/tests/test_nsd.py              20      1    95%
osmclient/v1/tests/test_package.py          15      0   100%
osmclient/v1/tests/test_vnf.py              26      0   100%
osmclient/v1/tests/test_vnfd.py             20      1    95%
osmclient/v1/utils.py                        9      4    56%
osmclient/v1/vca.py                         27     27     0%
osmclient/v1/vim.py                        184    162    12%
osmclient/v1/vnf.py                         24      3    88%
osmclient/v1/vnfd.py                        25      6    76%
------------------------------------------------------------
TOTAL                                     7318   5022    31%

cover run-test: commands[3] | coverage report '--omit=*tests*'
Name                                   Stmts   Miss  Cover
----------------------------------------------------------
osmclient/__init__.py                      0      0   100%
osmclient/client.py                       32     25    22%
osmclient/common/__init__.py               0      0   100%
osmclient/common/exceptions.py             6      0   100%
osmclient/common/http.py                  69     38    45%
osmclient/common/package_handling.py      28     20    29%
osmclient/common/package_tool.py         441    393    11%
osmclient/common/sol004_package.py        36     17    53%
osmclient/common/sol007_package.py        32     15    53%
osmclient/common/sol_package.py          158    120    24%
osmclient/common/test/test_utils.py       36      0   100%
osmclient/common/utils.py                 80     51    36%
osmclient/common/wait.py                  83     63    24%
osmclient/scripts/__init__.py              0      0   100%
osmclient/scripts/osm.py                2612   1536    41%
osmclient/sol005/__init__.py               0      0   100%
osmclient/sol005/client.py               102     72    29%
osmclient/sol005/http.py                 151    130    14%
osmclient/sol005/k8scluster.py           118    101    14%
osmclient/sol005/ns.py                   367    339     8%
osmclient/sol005/nsd.py                  125    104    17%
osmclient/sol005/nsi.py                  209    190     9%
osmclient/sol005/nst.py                  128    108    16%
osmclient/sol005/osmrepo.py              309    260    16%
osmclient/sol005/package.py               64     51    20%
osmclient/sol005/pdud.py                  94     79    16%
osmclient/sol005/project.py               74     61    18%
osmclient/sol005/repo.py                  69     56    19%
osmclient/sol005/role.py                 117    103    12%
osmclient/sol005/sdncontroller.py         97     80    18%
osmclient/sol005/subscription.py          71     58    18%
osmclient/sol005/user.py                 129    117     9%
osmclient/sol005/vca.py                   64      0   100%
osmclient/sol005/vim.py                  158    139    12%
osmclient/sol005/vnf.py                   56     46    18%
osmclient/sol005/vnfd.py                 208    182    12%
osmclient/sol005/wim.py                  142    123    13%
osmclient/v1/__init__.py                   0      0   100%
osmclient/v1/client.py                    54      9    83%
osmclient/v1/key.py                       18     18     0%
osmclient/v1/ns.py                       118     89    25%
osmclient/v1/nsd.py                       27      8    70%
osmclient/v1/package.py                   34     17    50%
osmclient/v1/utils.py                      9      4    56%
osmclient/v1/vca.py                       27     27     0%
osmclient/v1/vim.py                      184    162    12%
osmclient/v1/vnf.py                       24      3    88%
osmclient/v1/vnfd.py                      25      6    76%
----------------------------------------------------------
TOTAL                                   6985   5020    28%
cover run-test: commands[4] | coverage html -d ./cover '--omit=*tests*'
Wrote HTML report to ./cover/index.html
cover run-test: commands[5] | coverage xml -o coverage.xml '--omit=*tests*'
Wrote XML report to coverage.xml

✔ OK pylint in 1 minute, 37.288 seconds
pylint create: /tmp/.tox/pylint
pylint installdeps: -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-dev.txt, -r/home/jenkins/workspace/osmclient-stage_2-merge_v12.0/requirements-test.txt, pylint
pylint develop-inst: /home/jenkins/workspace/osmclient-stage_2-merge_v12.0
pylint installed: astroid==3.1.0,bitarray==2.5.1,certifi==2022.6.15,charset-normalizer==2.0.12,click==8.1.3,coverage==6.4.1,dill==0.3.8,enum34==1.1.10,idna==3.3,isort==5.13.2,Jinja2==3.1.2,lxml==4.9.0,MarkupSafe==2.1.1,mccabe==0.7.0,mock==4.0.3,nose2==0.11.0,osm_im @ git+https://osm.etsi.org/gerrit/osm/IM.git@a0b604e08d261d3c4a0f1cf86a4b597f5697b31a,-e git+https://osm.etsi.org/gerrit/osm/osmclient.git@e73c56e2e9480f79810865ccf1c9a3371f7a68a3#egg=osmclient,packaging==21.3,platformdirs==4.2.1,prettytable==3.3.0,pyang==2.5.3,pyangbind==0.8.1,pycurl==7.45.1,pylint==3.1.0,pyparsing==3.0.9,python-magic==0.4.27,PyYAML==5.4.1,regex==2022.6.2,requests==2.28.0,six==1.16.0,tomli==2.0.1,tomlkit==0.12.5,typing_extensions==4.11.0,urllib3==1.26.9,verboselogs==1.7,wcwidth==0.2.5
pylint run-test-pre: PYTHONHASHSEED='2010055030'
pylint run-test: commands[0] | pylint -E osmclient

___________________________________ summary ____________________________________
  black: commands succeeded
  cover: commands succeeded
  flake8: commands succeeded
  pylint: commands succeeded
  safety: commands succeeded
  congratulations :)