Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PYT-3038 update flask version to latest #135

Merged
merged 3 commits into from
Feb 6, 2024
Merged

PYT-3038 update flask version to latest #135

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2b96845
PYT-3038 update flask version to latest
nliccione Feb 1, 2024
50305d7
Update tests to run on 3.12 and not 3.7
nliccione Feb 5, 2024
3b8ca02
Added no QA to lines that aren't run in the unit tests anymore
nliccione Feb 5, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/main.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -36,7 +36,7 @@ jobs:
runs-on: ubuntu-latest
strategy:
matrix:
python-version: ['3.7', '3.8', '3.9', '3.10', '3.11']
python-version: ['3.8', '3.9', '3.10', '3.11', '3.12']

steps:
- uses: actions/checkout@v3
Expand Down Expand Up @@ -65,7 +65,7 @@ jobs:
- uses: actions/checkout@v3
- uses: actions/setup-python@v4
with:
python-version: '3.7'
python-version: '3.8'
- name: Install dependencies
run: |
python -m pip install --upgrade pip
Expand Down
2 changes: 1 addition & 1 deletion setup.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -12,7 +12,7 @@
aiohttp_extras = {"aiohttp<4"} | trigger_extras
django_extras = {"Django<5"} | trigger_extras
falcon_extras = {"falcon<4", "falcon-multipart==0.2.0"} | trigger_extras
flask_extras = {"Flask<3"} | trigger_extras
flask_extras = {"Flask<4"} | trigger_extras
fastapi_extras = {
"fastapi<1",
"uvicorn[standard]<1.0",
Expand Down
6 changes: 4 additions & 2 deletions src/vulnpy/django/vulnerable_asgi.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,8 +20,10 @@ async def _get_user_input(request):
and django.VERSION[0] < 4
and not request.GET.get("user_input")
):
header_user_input = request.META.get("HTTP_QUERY_STRING")
return urllib.parse.unquote(header_user_input.split("=", 1)[1])
header_user_input = request.META.get("HTTP_QUERY_STRING") # pragma: no cover
return urllib.parse.unquote(
header_user_input.split("=", 1)[1]
) # pragma: no cover

if request.method == "GET":
return request.GET.get("user_input", "")
Expand Down
Loading