Removed EOL Python3.5 & bumped urllib3 ver to patch security vulnerability.

Djcarrillo6 commented 11 months ago

Description

The security vulnerability was detected in the package urllib3, and the fix necessitates an upgrade to urllib3 version 1.26.17. However, this upgrade is not compatible with Python version 3.5. As a consequence, this PR removes Python 3.5 references from noxfile.py and .github/workflows/test.yml. The primary reason for removing Python 3.5, an End-of-Life version which can be referenced here, is to ensure the application's security and accommodate the updated urllib3 version.

Issues Resolved

This PR addresses high severity security vulnerability issue #532 This PR also meets one of the items in issue #430

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license. For more information on following Developer Certificate of Origin and signing off your commits, please check here.

codecov[bot] commented 11 months ago

Codecov Report

Merging #533 (1917afc) into main (84ac172) will decrease coverage by 0.08%. The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #533      +/-   ##
==========================================
- Coverage   70.72%   70.64%   -0.08%     
==========================================
  Files          83       83              
  Lines        7852     7852              
==========================================
- Hits         5553     5547       -6     
- Misses       2299     2305       +6

see 2 files with indirect coverage changes

Djcarrillo6 commented 11 months ago

Adjusted the CHANGELOG, thanks for the helpful guidance @saimedhi!! 🙏

saimedhi commented 11 months ago

@VachaShah, @dblock please take a look.

opensearch-project / opensearch-py