Closed burnettk closed 1 month ago
spiffworkflow-backend/src/spiffworkflow_backend/services/process_model_test_runner_service.py (1)
``` User: jbirddog" PR: sartography/spiff-arena#826 File: spiffworkflow-backend/src/spiffworkflow_backend/services/spec_file_service.py:0-0 Timestamp: 2023-12-20T16:18:04.439Z Learning: The user has removed the commented-out code related to `LookupFileModel` and `LookupDataModel` as suggested. ```
bin/run_pyl (1)
`27-27`: The update to include `check` in the `ruff` command aligns with current best practices.Makefile (1)
`112-112`: The inclusion of `check` in the `ruff` command within the `Makefile` is a good practice.spiffworkflow-backend/bin/lint_get_current_user_scripts.py (1)
`1-70`: The script effectively identifies `get_current_user()` usage within BPMN files and utilizes secure XML parsing practices.spiffworkflow-backend/src/spiffworkflow_backend/services/spec_file_service.py (2)
`59-61`: Using `cls.full_file_path` in `get_references_for_file` enhances consistency in file path handling. --- `69-69`: The `get_etree_from_xml_bytes` method significantly improves XML parsing security by applying several important configurations.spiffworkflow-backend/src/spiffworkflow_backend/services/process_model_test_runner_service.py (1)
`289-289`: Replacing direct etree parsing with `SpecFileService.get_etree_from_xml_bytes` in `_get_etree_from_bpmn_file` centralizes and secures XML parsing operations.
@burnettk is this deployed in dev.mod?
there is nothing to deploy, since the script is run locally. if we want to know if there are bad scripts on a certain branch, i can check.
I am not clear KB. Doesn't these files related to this PR needs to be deployed in dev.mod if I need to check if this fixes the old instance issue I have mentioned in #773?
@madhurrya there is no reasonable way to fix instances that were run with a process model that doesn't conform to these policies. ideally we fix process models so no new bad instances are created, flush out the bad instances until we feel we can manage the rest manually, and then deploy celery.
So when we deploy the celery to dev.app/test.app/test.mod/Prod the pp1/pp2/pp3, etc old instances will get this issue? Or are those models already updated, so we will not get this issue with old instances there.
we could theoretically write a script to figure out if any open process instances could be affected. it would be significantly harder to write than the existing script, and even more difficult on prod, where we don't have access.
If we update the existing models accordingly now, then we'll not get this issue with the old instances of those updated models right? Have we already updated those models or not yet? Have you already discussed this with @sashayar13 ?
I haven't updated all process models yet, was planning to do so during the week. But it will not solve the issue - there still will be old open instances in prod since people are doing the expense submission to the previously opened Travel and Purchase requests. We need to have a way to handle such old instances
ok, first we need to fix the models in prod, and then i see a few options here:
@burnettk, we have already updated all process models affected by the change. These process models are in prod from 29.04
I can check how many open instances we have created before this date and let you know. Based on the number and nature we can see which option is acceptable
373 not completed process instances with the start date before 29.04.2024 Next step - analyse the nature of the process instances and plan the next steps accordingly
Since we are still testing and bug fixing things in Celery I assume it'll take atleast another month or so to reach it to Prod. By that time wouldn't most of those instances will be closed? Still we'll have to take action for any instances that'll be open.
@madhurrya, may I ask you please to inform me a week prior to the change release date?
@sashayar13 I guess you mean before the Celery release. Yes sure will let you know.
also puts xml parsing in one place and makes it a little safer. also uses ruff check to avoid deprecation of
ruff .
deals with comment on #773 about using get_current_user breaking some instances.Summary by CodeRabbit
New Features
get_current_user()
in BPMN files, enhancing security and compliance checks.Refactor
check
with--fix
in theMakefile
andrun_pyl
script for more comprehensive code quality checks.Chores