Closed johnraz closed 1 month ago
Command safety check fails when idna package is part of the requirements. This was working fine before, my best bet is that the db file changed somehow.
safety check
idna
> docker run --rm -it python:3.10.0 bash > pip install safety > echo idna==2.0.0 | safety --debug 1 check --stdin
This outputs:
2024-05-14 22:19:20,089 urllib3.connectionpool => Starting new HTTPS connection (1): auth.safetycli.com:443 2024-05-14 22:19:20,199 urllib3.connectionpool => https://auth.safetycli.com:443 "GET /.well-known/openid-configuration HTTP/1.1" 200 None 2024-05-14 22:19:20,242 urllib3.connectionpool => https://auth.safetycli.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None 2024-05-14 22:19:20,243 safety.cli => Telemetry enabled: True 2024-05-14 22:19:20,246 safety.cli => Running check command 2024-05-14 22:19:20,246 safety.util => Path: None 2024-05-14 22:19:20,246 safety.util => File Type: requirements.txt 2024-05-14 22:19:20,246 safety.util => Trying to parse file using dparse... 2024-05-14 22:19:20,246 safety.util => Content: idna==3.0.0 2024-05-14 22:19:20,248 safety.util => Dependency file: {'file_type': 'requirements.txt', 'content': 'idna==3.0.0\n', 'path': None, 'sha': None, 'dependencies': [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}], 'resolved_dependencies': [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}]} 2024-05-14 22:19:20,248 safety.util => Parsed, dependencies: [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}] 2024-05-14 22:19:20,248 safety.cli => Calling the check function 2024-05-14 22:19:20,251 safety.util => Telemetry body built: {'os_type': 'Linux', 'os_release': '6.5.0-28-generic', 'os_description': 'Linux-6.5.0-28-generic-x86_64-with-glibc2.31', 'python_version': '3.10.0', 'safety_command': 'check', 'safety_options': {'stdin': {'--stdin': 1}}, 'safety_version': '3.2.0', 'safety_source': 'cli'} 2024-05-14 22:19:20,252 urllib3.connectionpool => Starting new HTTPS connection (1): pyup.io:443 2024-05-14 22:19:20,377 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/2.0.0/insecure.json?telemetry=%7B%22safety_options%22%3A+%7B%22stdin%22%3A+%7B%22--stdin%22%3A+1%7D%7D%2C+%22safety_version%22%3A+%223.2.0%22%2C+%22safety_source%22%3A+%22cli%22%2C+%22os_type%22%3A+%22Linux%22%2C+%22os_release%22%3A+%226.5.0-28-generic%22%2C+%22os_description%22%3A+%22Linux-6.5.0-28-generic-x86_64-with-glibc2.31%22%2C+%22python_version%22%3A+%223.10.0%22%2C+%22safety_command%22%3A+%22check%22%7D HTTP/1.1" 200 168019 2024-05-14 22:19:20,414 safety.util => Telemetry body built: {'os_type': 'Linux', 'os_release': '6.5.0-28-generic', 'os_description': 'Linux-6.5.0-28-generic-x86_64-with-glibc2.31', 'python_version': '3.10.0', 'safety_command': 'check', 'safety_options': {'stdin': {'--stdin': 1}}, 'safety_version': '3.2.0', 'safety_source': 'cli'} 2024-05-14 22:19:20,454 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/2.0.0/insecure_full.json?telemetry=%7B%22safety_options%22%3A+%7B%22stdin%22%3A+%7B%22--stdin%22%3A+1%7D%7D%2C+%22safety_version%22%3A+%223.2.0%22%2C+%22safety_source%22%3A+%22cli%22%2C+%22os_type%22%3A+%22Linux%22%2C+%22os_release%22%3A+%226.5.0-28-generic%22%2C+%22os_description%22%3A+%22Linux-6.5.0-28-generic-x86_64-with-glibc2.31%22%2C+%22python_version%22%3A+%223.10.0%22%2C+%22safety_command%22%3A+%22check%22%7D HTTP/1.1" 200 10262281 2024-05-14 22:19:20,727 safety.cli => Unexpected Exception happened: 'idna' Traceback (most recent call last): File "/usr/local/lib/python3.10/site-packages/safety/cli.py", line 240, in check vulns, db_full = safety.check(session=ctx.obj.auth.client, packages=packages, db_mirror=db, cached=cache, ignore_vulns=ignore, File "/usr/local/lib/python3.10/site-packages/safety/util.py", line 743, in new_func return f(*args, **kwargs) File "/usr/local/lib/python3.10/site-packages/safety/safety.py", line 423, in check for data in get_vulnerabilities(pkg=name, spec=specifier, db=db_full): File "/usr/local/lib/python3.10/site-packages/safety/safety.py", line 261, in get_vulnerabilities for entry in db['vulnerable_packages'][pkg]: KeyError: 'idna' Unhandled exception happened: 'idna'
Seems like it's working now, so I'm assuming the db file has been fixed :rocket:
Description
Command
safety check
fails whenidna
package is part of the requirements. This was working fine before, my best bet is that the db file changed somehow.What I Did
This outputs: