diff --git a/.coveragerc b/.coveragerc index 4bae619d..e45739e5 100644 --- a/.coveragerc +++ b/.coveragerc @@ -1,3 +1,3 @@ [run] data_file = .coverage -omit = ecommerce_worker/configuration* +omit = ecommerce_worker/configuration/* diff --git a/.github/workflows/add-depr-ticket-to-depr-board.yml b/.github/workflows/add-depr-ticket-to-depr-board.yml index 73ca4c5c..250e394a 100644 --- a/.github/workflows/add-depr-ticket-to-depr-board.yml +++ b/.github/workflows/add-depr-ticket-to-depr-board.yml @@ -16,4 +16,4 @@ jobs: secrets: GITHUB_APP_ID: ${{ secrets.GRAPHQL_AUTH_APP_ID }} GITHUB_APP_PRIVATE_KEY: ${{ secrets.GRAPHQL_AUTH_APP_PEM }} - SLACK_BOT_TOKEN: ${{ secrets.SLACK_ISSUE_BOT_TOKEN }} \ No newline at end of file + SLACK_BOT_TOKEN: ${{ secrets.SLACK_ISSUE_BOT_TOKEN }} diff --git a/.github/workflows/add-remove-label-on-comment.yml b/.github/workflows/add-remove-label-on-comment.yml new file mode 100644 index 00000000..0f369db7 --- /dev/null +++ b/.github/workflows/add-remove-label-on-comment.yml @@ -0,0 +1,20 @@ +# This workflow runs when a comment is made on the ticket +# If the comment starts with "label: " it tries to apply +# the label indicated in rest of comment. +# If the comment starts with "remove label: ", it tries +# to remove the indicated label. +# Note: Labels are allowed to have spaces and this script does +# not parse spaces (as often a space is legitimate), so the command +# "label: really long lots of words label" will apply the +# label "really long lots of words label" + +name: Allows for the adding and removing of labels via comment + +on: + issue_comment: + types: [created] + +jobs: + add_remove_labels: + uses: openedx/.github/.github/workflows/add-remove-label-on-comment.yml@master + diff --git a/.github/workflows/pypi-publish.yml b/.github/workflows/pypi-publish.yml index 1c3b855b..977a3a2c 100644 --- a/.github/workflows/pypi-publish.yml +++ b/.github/workflows/pypi-publish.yml @@ -24,7 +24,7 @@ jobs: run: python setup.py sdist bdist_wheel - name: Publish to PyPI - uses: pypa/gh-action-pypi-publish@master + uses: pypa/gh-action-pypi-publish@release/v1 with: user: __token__ password: ${{ secrets.PYPI_UPLOAD_TOKEN }} diff --git a/.github/workflows/self-assign-issue.yml b/.github/workflows/self-assign-issue.yml new file mode 100644 index 00000000..37522fd5 --- /dev/null +++ b/.github/workflows/self-assign-issue.yml @@ -0,0 +1,12 @@ +# This workflow runs when a comment is made on the ticket +# If the comment starts with "assign me" it assigns the author to the +# ticket (case insensitive) + +name: Assign comment author to ticket if they say "assign me" +on: + issue_comment: + types: [created] + +jobs: + self_assign_by_comment: + uses: openedx/.github/.github/workflows/self-assign-issue.yml@master diff --git a/CODEOWNERS b/CODEOWNERS new file mode 100644 index 00000000..e250f035 --- /dev/null +++ b/CODEOWNERS @@ -0,0 +1,5 @@ +# Team @openedx/revenue-squad will be the default owners for +# everything in this repo. Unless a later match takes +# precedence, @openedx/revenue-squad will be requested for +# review when someone opens a pull request. +* @openedx/revenue-squad diff --git a/README.rst b/README.rst index 295d14ff..14027e19 100644 --- a/README.rst +++ b/README.rst @@ -1,4 +1,4 @@ -DEPRECATION WARNING +DEPRECATION WARNING ==================== This repository is deprecated and in maintainence-only operation while we work on a replacement, please see `this announcement `__ for more information. ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- @@ -70,7 +70,7 @@ How To Contribute Anyone merging to this repository is expected to `release and monitor their changes `__; if you are not able to do this DO NOT MERGE, please coordinate with someone who can to ensure that the changes are released. -Please also read `How To Contribute `__. Even though it was written with ``edx-platform`` in mind, these guidelines should be followed for Open edX code in general. +Please also read `How To Contribute `__. Reporting Security Issues ------------------------- diff --git a/ecommerce_worker/__init__.py b/ecommerce_worker/__init__.py index 8e95df24..9590f5f1 100644 --- a/ecommerce_worker/__init__.py +++ b/ecommerce_worker/__init__.py @@ -1,3 +1,3 @@ """init""" -__version__ = '3.3.2' +__version__ = '3.3.4' diff --git a/ecommerce_worker/configuration/production.py b/ecommerce_worker/configuration/production.py index 4ab8606e..4385276e 100644 --- a/ecommerce_worker/configuration/production.py +++ b/ecommerce_worker/configuration/production.py @@ -15,7 +15,7 @@ filename = get_overrides_filename('ECOMMERCE_WORKER_CFG') with open(filename) as f: - config_from_yaml = yaml.load(f) + config_from_yaml = yaml.safe_load(f) # Override base configuration with values from disk. vars().update(config_from_yaml) diff --git a/ecommerce_worker/email/v1/utils.py b/ecommerce_worker/email/v1/utils.py index c1b16601..0eb57b41 100644 --- a/ecommerce_worker/email/v1/utils.py +++ b/ecommerce_worker/email/v1/utils.py @@ -33,7 +33,8 @@ def update_assignment_email_status(offer_assignment_id, send_id, status, site_co response = requests.post( api_url, data=post_data, - headers=headers + headers=headers, + timeout=10 ) response.raise_for_status() data = response.json() diff --git a/ecommerce_worker/fulfillment/v1/tasks.py b/ecommerce_worker/fulfillment/v1/tasks.py index 2bd47ec5..5f802b1d 100644 --- a/ecommerce_worker/fulfillment/v1/tasks.py +++ b/ecommerce_worker/fulfillment/v1/tasks.py @@ -53,7 +53,8 @@ def fulfill_order(self, order_number, site_code=None, email_opt_in=False): response = requests.put( api_url, params=params, - headers=headers + headers=headers, + timeout=10 ) response.raise_for_status() diff --git a/requirements/base.txt b/requirements/base.txt index d0fa3a36..7c7d1035 100644 --- a/requirements/base.txt +++ b/requirements/base.txt @@ -1,57 +1,68 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # amqp==2.6.1 # via kombu -asgiref==3.4.1 +asgiref==3.6.0 # via django +async-timeout==4.0.2 + # via redis billiard==3.6.4.0 # via celery celery==4.4.7 # via # -c requirements/constraints.txt # -r requirements/base.in -certifi==2021.5.30 +certifi==2022.12.7 # via requests -charset-normalizer==2.0.6 +cffi==1.15.1 + # via pynacl +charset-normalizer==3.1.0 # via requests -django-crum==0.7.9 - # via edx-django-utils -django-waffle==2.2.1 +click==8.1.3 # via edx-django-utils -django==3.2.8 +django==3.2.18 # via + # -c requirements/common_constraints.txt # -c requirements/constraints.txt # django-crum # edx-django-utils -edx-braze-client==0.1.4 +django-crum==0.7.9 + # via edx-django-utils +django-waffle==3.0.0 + # via edx-django-utils +edx-braze-client==0.1.6 # via -r requirements/base.in -edx-django-utils==4.4.0 +edx-django-utils==5.4.0 # via edx-rest-api-client -edx-rest-api-client==5.4.0 +edx-rest-api-client==5.5.0 # via -r requirements/base.in -idna==3.2 +idna==3.4 # via requests kombu==4.6.11 # via celery -newrelic==7.0.0.166 +newrelic==8.8.0 # via edx-django-utils -pbr==5.6.0 +pbr==5.11.1 # via stevedore -psutil==5.8.0 +psutil==5.9.5 # via edx-django-utils -pyjwt==2.2.0 +pycparser==2.21 + # via cffi +pyjwt==2.6.0 # via edx-rest-api-client -pytz==2021.3 +pynacl==1.5.0 + # via edx-django-utils +pytz==2023.3 # via # celery # django -redis==3.5.3 +redis==4.5.4 # via -r requirements/base.in -requests==2.26.0 +requests==2.28.2 # via # edx-rest-api-client # slumber @@ -59,11 +70,11 @@ six==1.16.0 # via -r requirements/base.in slumber==0.7.1 # via edx-rest-api-client -sqlparse==0.4.2 +sqlparse==0.4.4 # via django -stevedore==3.4.0 +stevedore==5.0.0 # via edx-django-utils -urllib3==1.26.7 +urllib3==1.26.15 # via requests vine==1.3.0 # via diff --git a/requirements/common_constraints.txt b/requirements/common_constraints.txt index cca3ccd3..7e39123f 100644 --- a/requirements/common_constraints.txt +++ b/requirements/common_constraints.txt @@ -19,7 +19,14 @@ Django<4.0 # elastic search changelog: https://www.elastic.co/guide/en/enterprise-search/master/release-notes-7.14.0.html elasticsearch<7.14.0 -setuptools<60 - # django-simple-history>3.0.0 adds indexing and causes a lot of migrations to be affected django-simple-history==3.0.0 + +# tox>4.0.0 isn't yet compatible with many tox plugins, causing CI failures in almost all repos. +# Details can be found in this discussion: https://github.com/tox-dev/tox/discussions/1810 +tox<4.0.0 + +# edx-sphinx-theme is not compatible with latest Sphinx==6.0.0 version +# Pinning Sphinx version unless the compatibility issue gets resolved +# For details, see issue https://github.com/openedx/edx-sphinx-theme/issues/197 +sphinx<6.0.0 diff --git a/requirements/constraints.txt b/requirements/constraints.txt index 8459890e..699359b1 100644 --- a/requirements/constraints.txt +++ b/requirements/constraints.txt @@ -11,9 +11,11 @@ # These were previously pinned in ecommerce-worker, and will stay that way # until we go through the process of relaxing them gradually. -# breaking changes in CLI and dropped support for python3.5 in celery 5.0 -celery<5.0 - - # some other package are bringing django3.0 so adding constraint. Django<3.3 + +# This file contains all common constraints for edx-repos +-c common_constraints.txt + +# breaking changes in CLI and dropped support for python3.5 in celery 5.0 +celery<5.0 diff --git a/requirements/optional.txt b/requirements/optional.txt index c804f27d..a2bf99c6 100644 --- a/requirements/optional.txt +++ b/requirements/optional.txt @@ -1,8 +1,8 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # -newrelic==7.0.0.166 +newrelic==8.8.0 # via -r requirements/optional.in diff --git a/requirements/pip.txt b/requirements/pip.txt index 8a667c4a..e6827baa 100644 --- a/requirements/pip.txt +++ b/requirements/pip.txt @@ -1,16 +1,14 @@ # -# This file is autogenerated by pip-compile with python 3.8 -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # -wheel==0.37.1 +wheel==0.40.0 # via -r requirements/pip.in # The following packages are considered to be unsafe in a requirements file: -pip==22.1.2 +pip==23.1.2 + # via -r requirements/pip.in +setuptools==67.7.2 # via -r requirements/pip.in -setuptools==59.8.0 - # via - # -c requirements/common_constraints.txt - # -r requirements/pip.in diff --git a/requirements/pip_tools.txt b/requirements/pip_tools.txt index 26f017f7..b6150065 100644 --- a/requirements/pip_tools.txt +++ b/requirements/pip_tools.txt @@ -1,18 +1,22 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # -click==8.0.1 +build==0.10.0 # via pip-tools -pep517==0.11.0 +click==8.1.3 # via pip-tools -pip-tools==6.3.0 +packaging==23.1 + # via build +pip-tools==6.13.0 # via -r requirements/pip_tools.in -tomli==1.2.1 - # via pep517 -wheel==0.37.0 +pyproject-hooks==1.0.0 + # via build +tomli==2.0.1 + # via build +wheel==0.40.0 # via pip-tools # The following packages are considered to be unsafe in a requirements file: diff --git a/requirements/production.txt b/requirements/production.txt index 2cfaf622..48441232 100644 --- a/requirements/production.txt +++ b/requirements/production.txt @@ -1,6 +1,6 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # @@ -8,10 +8,14 @@ amqp==2.6.1 # via # -r requirements/base.txt # kombu -asgiref==3.4.1 +asgiref==3.6.0 # via # -r requirements/base.txt # django +async-timeout==4.0.2 + # via + # -r requirements/base.txt + # redis billiard==3.6.4.0 # via # -r requirements/base.txt @@ -20,37 +24,46 @@ celery==4.4.7 # via # -c requirements/constraints.txt # -r requirements/base.txt -certifi==2021.5.30 +certifi==2022.12.7 # via # -r requirements/base.txt # requests -charset-normalizer==2.0.6 +cffi==1.15.1 # via # -r requirements/base.txt - # requests -django-crum==0.7.9 + # pynacl +charset-normalizer==3.1.0 # via # -r requirements/base.txt - # edx-django-utils -django-waffle==2.2.1 + # requests +click==8.1.3 # via # -r requirements/base.txt # edx-django-utils -django==3.2.8 +django==3.2.18 # via + # -c requirements/common_constraints.txt # -c requirements/constraints.txt # -r requirements/base.txt # django-crum # edx-django-utils -edx-braze-client==0.1.4 +django-crum==0.7.9 + # via + # -r requirements/base.txt + # edx-django-utils +django-waffle==3.0.0 + # via + # -r requirements/base.txt + # edx-django-utils +edx-braze-client==0.1.6 # via -r requirements/base.txt -edx-django-utils==4.4.0 +edx-django-utils==5.4.0 # via # -r requirements/base.txt # edx-rest-api-client -edx-rest-api-client==5.4.0 +edx-rest-api-client==5.5.0 # via -r requirements/base.txt -idna==3.2 +idna==3.4 # via # -r requirements/base.txt # requests @@ -58,32 +71,40 @@ kombu==4.6.11 # via # -r requirements/base.txt # celery -newrelic==7.0.0.166 +newrelic==8.8.0 # via # -r requirements/base.txt # edx-django-utils -pbr==5.6.0 +pbr==5.11.1 # via # -r requirements/base.txt # stevedore -psutil==5.8.0 +psutil==5.9.5 # via # -r requirements/base.txt # edx-django-utils -pyjwt==2.2.0 +pycparser==2.21 + # via + # -r requirements/base.txt + # cffi +pyjwt==2.6.0 # via # -r requirements/base.txt # edx-rest-api-client -pytz==2021.3 +pynacl==1.5.0 + # via + # -r requirements/base.txt + # edx-django-utils +pytz==2023.3 # via # -r requirements/base.txt # celery # django -pyyaml==5.4.1 +pyyaml==6.0 # via -r requirements/production.in -redis==3.5.3 +redis==4.5.4 # via -r requirements/base.txt -requests==2.26.0 +requests==2.28.2 # via # -r requirements/base.txt # edx-rest-api-client @@ -94,15 +115,15 @@ slumber==0.7.1 # via # -r requirements/base.txt # edx-rest-api-client -sqlparse==0.4.2 +sqlparse==0.4.4 # via # -r requirements/base.txt # django -stevedore==3.4.0 +stevedore==5.0.0 # via # -r requirements/base.txt # edx-django-utils -urllib3==1.26.7 +urllib3==1.26.15 # via # -r requirements/base.txt # requests diff --git a/requirements/test.txt b/requirements/test.txt index fccc5c51..651bf232 100644 --- a/requirements/test.txt +++ b/requirements/test.txt @@ -1,6 +1,6 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # @@ -8,17 +8,19 @@ amqp==2.6.1 # via # -r requirements/base.txt # kombu -asgiref==3.4.1 +asgiref==3.6.0 # via # -r requirements/base.txt # django -astroid==2.8.2 +astroid==2.15.4 # via # -r requirements/test.in # pylint # pylint-celery -attrs==21.2.0 - # via pytest +async-timeout==4.0.2 + # via + # -r requirements/base.txt + # redis billiard==3.6.4.0 # via # -r requirements/base.txt @@ -27,178 +29,197 @@ celery==4.4.7 # via # -c requirements/constraints.txt # -r requirements/base.txt -certifi==2021.5.30 +certifi==2022.12.7 # via # -r requirements/base.txt # requests -charset-normalizer==2.0.6 +cffi==1.15.1 + # via + # -r requirements/base.txt + # pynacl +charset-normalizer==3.1.0 # via # -r requirements/base.txt # requests -click-log==0.3.2 - # via edx-lint -click==8.0.1 +click==8.1.3 # via + # -r requirements/base.txt # click-log # code-annotations + # edx-django-utils # edx-lint -code-annotations==1.2.0 +click-log==0.4.0 + # via edx-lint +code-annotations==1.3.0 # via edx-lint -coverage[toml]==6.0.1 +coverage[toml]==7.2.3 # via # -r requirements/test.in # pytest-cov -ddt==1.4.4 +ddt==1.6.0 # via -r requirements/test.in -django-crum==0.7.9 +dill==0.3.6 + # via pylint # via + # -c requirements/common_constraints.txt + # -c requirements/constraints.txt # -r requirements/base.txt + # django-crum # edx-django-utils -django-waffle==2.2.1 +django-crum==0.7.9 # via # -r requirements/base.txt # edx-django-utils +django-waffle==3.0.0 # via - # -c requirements/constraints.txt # -r requirements/base.txt - # django-crum # edx-django-utils -edx-braze-client==0.1.4 +edx-braze-client==0.1.6 # via -r requirements/base.txt -edx-django-utils==4.4.0 +edx-django-utils==5.4.0 # via # -r requirements/base.txt # edx-rest-api-client -edx-lint==5.2.0 +edx-lint==5.3.4 # via -r requirements/test.in -edx-rest-api-client==5.4.0 +edx-rest-api-client==5.5.0 # via -r requirements/base.txt -idna==3.2 +exceptiongroup==1.1.1 + # via pytest +idna==3.4 # via # -r requirements/base.txt # requests -iniconfig==1.1.1 +iniconfig==2.0.0 # via pytest -isort==5.9.3 +isort==5.12.0 # via pylint -jinja2==3.0.2 +jinja2==3.1.2 # via code-annotations kombu==4.6.11 # via # -r requirements/base.txt # celery -lazy-object-proxy==1.6.0 +lazy-object-proxy==1.9.0 # via astroid -markupsafe==2.0.1 +markupsafe==2.1.2 # via jinja2 -mccabe==0.6.1 +mccabe==0.7.0 # via pylint -mock==4.0.3 +mock==5.0.2 # via -r requirements/test.in -newrelic==7.0.0.166 +newrelic==8.8.0 # via # -r requirements/base.txt # edx-django-utils -packaging==21.0 +packaging==23.1 # via pytest -pbr==5.6.0 +pbr==5.11.1 # via # -r requirements/base.txt # stevedore -platformdirs==2.4.0 +platformdirs==3.3.0 # via pylint pluggy==1.0.0 # via pytest -psutil==5.8.0 +psutil==5.9.5 # via # -r requirements/base.txt # edx-django-utils -py==1.10.0 - # via pytest -pycodestyle==2.7.0 +pycodestyle==2.10.0 # via -r requirements/test.in -pyjwt==2.2.0 +pycparser==2.21 + # via + # -r requirements/base.txt + # cffi +pyjwt==2.6.0 # via # -r requirements/base.txt # edx-rest-api-client -pylint-celery==0.3 - # via edx-lint -pylint-django==2.4.4 +pylint==2.17.3 # via # -r requirements/test.in # edx-lint -pylint-plugin-utils==0.6 - # via - # -r requirements/test.in # pylint-celery # pylint-django -pylint==2.11.1 + # pylint-plugin-utils +pylint-celery==0.3 + # via edx-lint +pylint-django==2.5.3 # via # -r requirements/test.in # edx-lint +pylint-plugin-utils==0.7 + # via + # -r requirements/test.in # pylint-celery # pylint-django - # pylint-plugin-utils -pyparsing==2.4.7 - # via packaging -pytest-cov==3.0.0 - # via -r requirements/test.in -pytest==6.2.5 +pynacl==1.5.0 + # via + # -r requirements/base.txt + # edx-django-utils +pytest==7.3.1 # via # -r requirements/test.in # pytest-cov -python-slugify==5.0.2 +pytest-cov==4.0.0 + # via -r requirements/test.in +python-slugify==8.0.1 # via code-annotations -pytz==2021.3 +pytz==2023.3 # via # -r requirements/base.txt # celery # django -pyyaml==5.4.1 - # via code-annotations -redis==3.5.3 +pyyaml==6.0 + # via + # code-annotations + # responses +redis==4.5.4 # via -r requirements/base.txt -requests==2.26.0 +requests==2.28.2 # via # -r requirements/base.txt # edx-rest-api-client # responses # slumber -responses==0.14.0 +responses==0.23.1 # via -r requirements/test.in six==1.16.0 # via # -r requirements/base.txt # edx-lint - # responses slumber==0.7.1 # via # -r requirements/base.txt # edx-rest-api-client -sqlparse==0.4.2 +sqlparse==0.4.4 # via # -r requirements/base.txt # django -stevedore==3.4.0 +stevedore==5.0.0 # via # -r requirements/base.txt # code-annotations # edx-django-utils -testfixtures==6.18.3 +testfixtures==7.1.0 # via -r requirements/test.in text-unidecode==1.3 # via python-slugify -toml==0.10.2 +tomli==2.0.1 # via + # coverage # pylint # pytest -tomli==1.2.1 - # via coverage -typing-extensions==3.10.0.2 +tomlkit==0.11.7 + # via pylint +types-pyyaml==6.0.12.9 + # via responses +typing-extensions==4.5.0 # via # astroid # pylint -urllib3==1.26.7 +urllib3==1.26.15 # via # -r requirements/base.txt # requests @@ -208,8 +229,5 @@ vine==1.3.0 # -r requirements/base.txt # amqp # celery -wrapt==1.12.1 +wrapt==1.15.0 # via astroid - -# The following packages are considered to be unsafe in a requirements file: -# setuptools diff --git a/requirements/tox.txt b/requirements/tox.txt index 2d033a2e..980772ce 100644 --- a/requirements/tox.txt +++ b/requirements/tox.txt @@ -1,38 +1,33 @@ # -# This file is autogenerated by pip-compile -# To update, run: +# This file is autogenerated by pip-compile with Python 3.8 +# by the following command: # # make upgrade # -backports.entry-points-selectable==1.1.0 +distlib==0.3.6 # via virtualenv -distlib==0.3.3 - # via virtualenv -filelock==3.3.0 +filelock==3.12.0 # via # tox # virtualenv -packaging==21.0 +packaging==23.1 # via tox -platformdirs==2.4.0 +platformdirs==3.3.0 # via virtualenv pluggy==1.0.0 # via tox -py==1.10.0 +py==1.11.0 # via tox -pyparsing==2.4.7 - # via packaging six==1.16.0 - # via - # tox - # virtualenv -toml==0.10.2 # via tox -tox-battery==0.6.1 - # via -r requirements/tox.in -tox==3.24.4 +tomli==2.0.1 + # via tox +tox==3.28.0 # via + # -c requirements/common_constraints.txt # -r requirements/tox.in # tox-battery -virtualenv==20.8.1 +tox-battery==0.6.1 + # via -r requirements/tox.in +virtualenv==20.22.0 # via tox