ImportError: cannot import name 'url_quote' from 'werkzeug.urls'

[brylie]

When running the PySA 0.0.1 action, I reliably get the following traceback:

Traceback (most recent call last):
  File "/opt/hostedtoolcache/Python/3.12.1/x64/bin/sapp", line 5, in <module>
    from sapp.cli import cli
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/sapp/cli.py", line 13, in <module>
    from .cli_lib import commands, common_options
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/sapp/cli_lib.py", line 31, in <module>
    from .ui import filters
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/sapp/ui/filters.py", line 15, in <module>
    from flask.views import View
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/flask/__init__.py", line 7, in <module>
    from .app import Flask as Flask
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/flask/app.py", line 27, in <module>
    from . import cli
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/flask/cli.py", line 17, in <module>
    from .helpers import get_debug_flag
  File "/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/flask/helpers.py", line 14, in <module>
    from werkzeug.urls import url_quote
ImportError: cannot import name 'url_quote' from 'werkzeug.urls' (/opt/hostedtoolcache/Python/3.12.1/x64/lib/python3.12/site-packages/werkzeug/urls.py). Did you mean: 'unquote'?

[arthaud]

Could you share a link to a failing job? Thanks.

[brylie]

Here is one example

https://github.com/WesternFriend/westernfriend.org/actions/runs/7518334979

[arthaud]

It looks like this has been fixed on master, so we will need to push a new release.

[arthaud]

I have pushed a new version, could you try again?

[brylie]

I still only see the 0.0.1 release on GitHub. What version should I use in pysa.yml?

https://github.com/facebook/pysa-action/releases

on:
  push:
    branches:
      - main
  pull_request:

name: Pysa

jobs:
  pysa:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2

      - name: Run Pysa Action
        uses: facebook/pysa-action@0.0.1
        with:
          repo-directory: './'
          requirements-path: 'requirements.txt'
          infer-types: true
          include-default-sapp-filters: true

[arthaud]

Sorry for the confusion. I have pushed a new version of the fb-sapp pypi package, which is indirectly used by pysa-action. You shouldn't have to change anything on your side.

[brylie]

It appears to run normally now. However, there is a different error about the sarif.json. Is this expected or should we discuss it in a separate issue?

https://github.com/WesternFriend/westernfriend.org/actions/runs/7684163911/job/20940323308

Artifact SARIF Results has been successfully uploaded! Run github/codeql-action/upload-sarif@v2 Warning: CodeQL Action v2 will be deprecated on December 5th, 2024. Please update all occurrences of the CodeQL Action in your workflow files to v3. For more information, see https://github.blog/changelog/2024-01-12-code-scanning-deprecation-of-codeql-action-v2/ Uploading results Processing sarif files: ["sarif.json"] Error: Unexpected end of JSON input SyntaxError: Unexpected end of JSON input at JSON.parse () at validateSarifFileSchema (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:191:24) at uploadFiles (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:261:9) at Object.uploadFromActions (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-lib.js:141:22) at processTicksAndRejections (node:internal/process/task_queues:96:5) at async run (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:53:30) at async runWrapper (/home/runner/work/_actions/github/codeql-action/v2/lib/upload-sarif-action.js:75:9)

[arthaud]

Please open a new issue, so we can track this accordingly :) Thanks for the report, this is very valuable to us.