Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update lock #39

Merged
merged 1 commit into from
Dec 13, 2021
Merged

update lock #39

merged 1 commit into from
Dec 13, 2021

Conversation

mfshao
Copy link
Contributor

@mfshao mfshao commented Dec 13, 2021

Update to authutils: 5.0.5 to address issue invalid_request: Invalid \"code\" in request error with call to /oauth2/authorize

Because we were doing pipenv lock in docerfile before so we never discovered this

Dependency updates

  • Update to authutils: 5.0.5

@github-actions
Copy link

The style in this PR agrees with black. ✔️

This formatting comment was generated automatically by a script in uc-cdis/wool.

paulineribeyre
paulineribeyre approved these changes Dec 13, 2021
View reviewed changes
Copy link
Contributor

@paulineribeyre paulineribeyre left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

i'm not sure i understand how authutils 5.0.5 fixed this specific error though 😄

@mfshao
Copy link
Contributor Author

mfshao commented Dec 13, 2021

i'm not sure i understand how authutils 5.0.5 fixed this specific error though 😄

me too, I was like 🤯 when I see it works...

@mfshao
Copy link
Contributor Author

mfshao commented Dec 13, 2021

btw @paulineribeyre do you think we should/could update to authutils 6.x?

@paulineribeyre
Copy link
Contributor

we probably should but we might have to make some updates because of the breaking change, like Zoe did for fence in uc-cdis/fence#839

@m0nhawk
Copy link
Contributor

m0nhawk commented Dec 13, 2021

It's definitely not authutils), between this build and 2021.12, there are tons of packages that were updated:

fix/dep:

alembic==1.7.5 anyio==3.4.0 async-generator==1.10 Authlib==0.14.3 authutils==5.0.5 backports.entry-points-selectable==1.1.1 cached-property==1.5.2 cachetools==4.2.4 cdiserrors==1.0.0 cdislogging==1.1.1 certifi==2021.10.8 cffi==1.15.0 charset-normalizer==2.0.9 click==7.1.2 contextvars==2.4 cryptography==2.8 dataclasses==0.8 distlib==0.3.4 ecdsa==0.18.0b1 filelock==3.4.0 Flask==1.1.4 Flask-Cors==3.0.10 Flask-SQLAlchemy==2.5.1 google-auth==2.3.3 greenlet==1.1.2 h11==0.12.0 httpcore==0.14.3 httpx==0.21.1 idna==3.3 immutables==0.16 importlib-metadata==4.8.2 importlib-resources==5.4.0 itsdangerous==1.1.0 Jinja2==2.11.3 kubernetes==11.0.0 Mako==1.1.6 MarkupSafe==2.0.1 oauthlib==3.1.1 pipenv==2021.11.23 platformdirs==2.4.0 psycopg2==2.9.2 pyasn1==0.4.8 pyasn1-modules==0.2.8 pycparser==2.21 PyJWT==1.7.1 python-dateutil==2.8.2 python-jose==3.3.0 PyYAML==5.3.1 requests==2.26.0 requests-oauthlib==1.3.0 rfc3986==1.5.0 rsa==4.8 six==1.16.0 sniffio==1.2.0 SQLAlchemy==1.4.28 typing_extensions==4.0.1 urllib3==1.26.7 uWSGI==2.0.20 virtualenv==20.10.0 virtualenv-clone==0.5.7 websocket-client==1.2.3 Werkzeug==1.0.1 xmltodict==0.12.0 zipp==3.6.0

2021.12:

alembic==1.4.2 Authlib==0.14.3 authutils==5.0.4 backports.entry-points-selectable==1.1.1 cached-property==1.5.1 cachetools==4.1.1 cdiserrors==1.0.0 cdislogging==1.0.0 certifi==2020.6.20 cffi==1.14.2 chardet==3.0.4 click==7.1.2 contextvars==2.4 cryptography==2.8 distlib==0.3.3 ecdsa==0.14.1 filelock==3.4.0 Flask==1.1.2 Flask-Cors==3.0.9 Flask-SQLAlchemy==2.4.4 google-auth==1.21.0 h11==0.9.0 h2==3.2.0 hpack==3.0.0 hstspreload==2020.8.25 httpx==0.12.1 hyperframe==5.2.0 idna==2.10 immutables==0.14 importlib-metadata==4.8.2 importlib-resources==5.4.0 itsdangerous==1.1.0 Jinja2==2.11.2 kubernetes==11.0.0 Mako==1.1.3 MarkupSafe==1.1.1 oauthlib==3.1.0 pipenv==2021.11.23 platformdirs==2.4.0 psycopg2==2.8.5 pyasn1==0.4.8 pyasn1-modules==0.2.8 pycparser==2.20 PyJWT==1.7.1 python-dateutil==2.8.1 python-editor==1.0.4 python-jose==3.2.0 PyYAML==5.3.1 requests==2.24.0 requests-oauthlib==1.3.0 rfc3986==1.4.0 rsa==4.6 six==1.15.0 sniffio==1.1.0 SQLAlchemy==1.3.19 typing_extensions==4.0.1 urllib3==1.25.10 uWSGI==2.0.20 virtualenv==20.10.0 virtualenv-clone==0.5.7 websocket-client==0.57.0 Werkzeug==1.0.1 xmltodict==0.12.0 zipp==3.6.0

It's not a good idea to run pip upgrade or pip freeze as part of Docker build — it's making it impossible to reproduce the build.

@mfshao
Copy link
Contributor Author

mfshao commented Dec 13, 2021

make sense, I'll leave that alone for now then, thanks

@mfshao
Copy link
Contributor Author

mfshao commented Dec 13, 2021

It's definitely not authutils), between this build and 2021.12, there are tons of packages that were updated:

fix/dep:

alembic==1.7.5 anyio==3.4.0 async-generator==1.10 Authlib==0.14.3 authutils==5.0.5 backports.entry-points-selectable==1.1.1 cached-property==1.5.2 cachetools==4.2.4 cdiserrors==1.0.0 cdislogging==1.1.1 certifi==2021.10.8 cffi==1.15.0 charset-normalizer==2.0.9 click==7.1.2 contextvars==2.4 cryptography==2.8 dataclasses==0.8 distlib==0.3.4 ecdsa==0.18.0b1 filelock==3.4.0 Flask==1.1.4 Flask-Cors==3.0.10 Flask-SQLAlchemy==2.5.1 google-auth==2.3.3 greenlet==1.1.2 h11==0.12.0 httpcore==0.14.3 httpx==0.21.1 idna==3.3 immutables==0.16 importlib-metadata==4.8.2 importlib-resources==5.4.0 itsdangerous==1.1.0 Jinja2==2.11.3 kubernetes==11.0.0 Mako==1.1.6 MarkupSafe==2.0.1 oauthlib==3.1.1 pipenv==2021.11.23 platformdirs==2.4.0 psycopg2==2.9.2 pyasn1==0.4.8 pyasn1-modules==0.2.8 pycparser==2.21 PyJWT==1.7.1 python-dateutil==2.8.2 python-jose==3.3.0 PyYAML==5.3.1 requests==2.26.0 requests-oauthlib==1.3.0 rfc3986==1.5.0 rsa==4.8 six==1.16.0 sniffio==1.2.0 SQLAlchemy==1.4.28 typing_extensions==4.0.1 urllib3==1.26.7 uWSGI==2.0.20 virtualenv==20.10.0 virtualenv-clone==0.5.7 websocket-client==1.2.3 Werkzeug==1.0.1 xmltodict==0.12.0 zipp==3.6.0

2021.12:

alembic==1.4.2 Authlib==0.14.3 authutils==5.0.4 backports.entry-points-selectable==1.1.1 cached-property==1.5.1 cachetools==4.1.1 cdiserrors==1.0.0 cdislogging==1.0.0 certifi==2020.6.20 cffi==1.14.2 chardet==3.0.4 click==7.1.2 contextvars==2.4 cryptography==2.8 distlib==0.3.3 ecdsa==0.14.1 filelock==3.4.0 Flask==1.1.2 Flask-Cors==3.0.9 Flask-SQLAlchemy==2.4.4 google-auth==1.21.0 h11==0.9.0 h2==3.2.0 hpack==3.0.0 hstspreload==2020.8.25 httpx==0.12.1 hyperframe==5.2.0 idna==2.10 immutables==0.14 importlib-metadata==4.8.2 importlib-resources==5.4.0 itsdangerous==1.1.0 Jinja2==2.11.2 kubernetes==11.0.0 Mako==1.1.3 MarkupSafe==1.1.1 oauthlib==3.1.0 pipenv==2021.11.23 platformdirs==2.4.0 psycopg2==2.8.5 pyasn1==0.4.8 pyasn1-modules==0.2.8 pycparser==2.20 PyJWT==1.7.1 python-dateutil==2.8.1 python-editor==1.0.4 python-jose==3.2.0 PyYAML==5.3.1 requests==2.24.0 requests-oauthlib==1.3.0 rfc3986==1.4.0 rsa==4.6 six==1.15.0 sniffio==1.1.0 SQLAlchemy==1.3.19 typing_extensions==4.0.1 urllib3==1.25.10 uWSGI==2.0.20 virtualenv==20.10.0 virtualenv-clone==0.5.7 websocket-client==0.57.0 Werkzeug==1.0.1 xmltodict==0.12.0 zipp==3.6.0

It's not a good idea to run pip upgrade or pip freeze as part of Docker build — it's making it impossible to reproduce the build.

yeah I think you are probably right @m0nhawk , it is possible that authutils: 5.0.5 was not the cause. Probably the lock is just outdated and what we really need is the execution of pipenv lock 😕

@mfshao mfshao merged commit f7199a8 into master Dec 13, 2021
@mfshao mfshao deleted the fix/dep branch December 13, 2021 22:55
haraprasadj pushed a commit that referenced this pull request Dec 13, 2021
@mfshao @haraprasadj
Merge pull request #39 from uc-cdis/fix/dep
75052ed 
update lock
haraprasadj pushed a commit that referenced this pull request Dec 20, 2021
@mfshao @haraprasadj
Merge pull request #39 from uc-cdis/fix/dep
5306a91 
update lock
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulineribeyre paulineribeyre paulineribeyre approved these changes

@haraprasadj haraprasadj Awaiting requested review from haraprasadj

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mfshao @paulineribeyre @m0nhawk