From d834a97f2a0dfe25295e5bbacd7ce2caf1a06ce8 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Mon, 27 Oct 2025 17:19:35 +0200 Subject: [PATCH 01/12] fix: Relax the version constraint for urllib Use the version which is not vulnerable to CVE-2023-43804 --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 8a92dda..0937fc4 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ boto3~=1.9.246 kubernetes~=10.0.1 python-dotenv~=0.10.2 -urllib3<1.26 \ No newline at end of file +urllib3=~1.26.17 \ No newline at end of file From 38d7939d571ea47a8ac1599fc66048e5ce3a8538 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Mon, 27 Oct 2025 17:25:15 +0200 Subject: [PATCH 02/12] fix: Bump Python version Version 3.7 has reached its EOL. Use newer version --- .github/workflows/pull-request.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index b3a943c..d508fa6 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -11,10 +11,10 @@ jobs: steps: - uses: actions/checkout@v1 - - name: Set up Python 3.7 + - name: Set up Python 3.13 uses: actions/setup-python@v1 with: - python-version: 3.7 + python-version: 3.13 - name: Install dependencies run: | From 442ba618d54d21b6475ee0e48adff33c0ea977f2 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Mon, 27 Oct 2025 17:29:45 +0200 Subject: [PATCH 03/12] fix: Use correct onstraint operator --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 0937fc4..170d997 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ boto3~=1.9.246 kubernetes~=10.0.1 python-dotenv~=0.10.2 -urllib3=~1.26.17 \ No newline at end of file +urllib3~=1.26.17 \ No newline at end of file From c2406fbbf080b7cb232711b2c5143749cb529926 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Mon, 27 Oct 2025 17:42:31 +0200 Subject: [PATCH 04/12] chore: Bump boto3 client version --- requirements.txt | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/requirements.txt b/requirements.txt index 170d997..f05298f 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,3 @@ -boto3~=1.9.246 +boto3~=1.11.0 kubernetes~=10.0.1 -python-dotenv~=0.10.2 -urllib3~=1.26.17 \ No newline at end of file +python-dotenv~=0.10.2 \ No newline at end of file From f7a55ba5c46b80a035b62039a796e007df5a4073 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 18:55:16 +0200 Subject: [PATCH 05/12] =?UTF-8?q?fix:=20Moto=20isn=E2=80=99t=20fully=20Pyt?= =?UTF-8?q?hon=203.13=20ready=20yet?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Error is happening during tests because Python 3.13 removed the deprecated ssl.wrap_socket() function, but Moto (and its vendored dependency httpretty) still tries to use it --- .github/workflows/pull-request.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index d508fa6..6796f70 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -11,10 +11,10 @@ jobs: steps: - uses: actions/checkout@v1 - - name: Set up Python 3.13 + - name: Set up Python 3.12 uses: actions/setup-python@v1 with: - python-version: 3.13 + python-version: 3.12 - name: Install dependencies run: | From 746a54b34d016917fe2e4df41c0b4bf4369918a6 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 18:58:38 +0200 Subject: [PATCH 06/12] fix: Run build on Pythin 3.11 --- .github/workflows/pull-request.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/pull-request.yaml b/.github/workflows/pull-request.yaml index 6796f70..4960df3 100644 --- a/.github/workflows/pull-request.yaml +++ b/.github/workflows/pull-request.yaml @@ -11,10 +11,10 @@ jobs: steps: - uses: actions/checkout@v1 - - name: Set up Python 3.12 + - name: Set up Python 3.11 uses: actions/setup-python@v1 with: - python-version: 3.12 + python-version: 3.11 - name: Install dependencies run: | From bf1940849b51795ee4e426f15e7252f250403dbb Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:07:30 +0200 Subject: [PATCH 07/12] Update requirements-tests.txt --- requirements-tests.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-tests.txt b/requirements-tests.txt index f5c1fe3..9bd2848 100644 --- a/requirements-tests.txt +++ b/requirements-tests.txt @@ -1,4 +1,4 @@ -moto==1.3.13 +moto>=4.2,<5.0 python-box~=3.4.0 flake8~=3.7.7 nose2~=0.9.1 From de99eb30860fad4b728d82bace1e8e8d9b2aa508 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:14:27 +0200 Subject: [PATCH 08/12] fix: requirements for tests --- requirements-tests.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-tests.txt b/requirements-tests.txt index 9bd2848..0d52b36 100644 --- a/requirements-tests.txt +++ b/requirements-tests.txt @@ -1,4 +1,4 @@ -moto>=4.2,<5.0 +moto>=2.2,<3.0 python-box~=3.4.0 flake8~=3.7.7 nose2~=0.9.1 From e3fc590ebfdc4dad8064ff91e74b6c643f871ab7 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:23:07 +0200 Subject: [PATCH 09/12] fix: Create default VPC Bahviour has changed in newer versions of boto3 --- tests/test_aws.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/test_aws.py b/tests/test_aws.py index 0ed5271..1937a73 100644 --- a/tests/test_aws.py +++ b/tests/test_aws.py @@ -13,6 +13,7 @@ class TestAWS(unittest.TestCase): def setUp(self): client = boto3.client('autoscaling') + client.create_default_vpc() # create asg client.create_launch_configuration( LaunchConfigurationName='mock-lc-01', From 979c8e510d634346f5d0d60d717bd4f11f5ed854 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:28:32 +0200 Subject: [PATCH 10/12] fix: create_default_vpc --- tests/test_aws.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tests/test_aws.py b/tests/test_aws.py index 1937a73..706b0cb 100644 --- a/tests/test_aws.py +++ b/tests/test_aws.py @@ -12,8 +12,10 @@ class TestAWS(unittest.TestCase): def setUp(self): + ec2 = boto3.client('ec2') + ec2.create_default_vpc() + client = boto3.client('autoscaling') - client.create_default_vpc() # create asg client.create_launch_configuration( LaunchConfigurationName='mock-lc-01', From bc1acaea57b96bffe2ffd749f4d20c82f4757fa0 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:33:16 +0200 Subject: [PATCH 11/12] fix: version --- requirements-tests.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements-tests.txt b/requirements-tests.txt index 0d52b36..9bd2848 100644 --- a/requirements-tests.txt +++ b/requirements-tests.txt @@ -1,4 +1,4 @@ -moto>=2.2,<3.0 +moto>=4.2,<5.0 python-box~=3.4.0 flake8~=3.7.7 nose2~=0.9.1 From ad7b3c96c37d02b602d4de27da3117abab691fd8 Mon Sep 17 00:00:00 2001 From: Alex Pogodin Date: Thu, 30 Oct 2025 19:34:58 +0200 Subject: [PATCH 12/12] fix: remove defalt VPC creation --- tests/test_aws.py | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/test_aws.py b/tests/test_aws.py index 706b0cb..0ed5271 100644 --- a/tests/test_aws.py +++ b/tests/test_aws.py @@ -12,9 +12,6 @@ class TestAWS(unittest.TestCase): def setUp(self): - ec2 = boto3.client('ec2') - ec2.create_default_vpc() - client = boto3.client('autoscaling') # create asg client.create_launch_configuration(