Where communities thrive


  • Join over 1.5M+ people
  • Join over 100K+ communities
  • Free without limits
  • Create your own community
People
Repo info
Activity
Vaibhav Rai
@RaiVaibhav
I am closing all others PR only will open with the branch name somebranch
John Vandenberg
@jayvdb
ya, only need one open
Vaibhav Rai
@RaiVaibhav
:+1:
John Vandenberg
@jayvdb
we have a rather persistent problem on AppVeyor with BearTest.test_download_cached_file_status_code_error
it is timing out while trying to fetch http://httpbin.org/status/418
Vaibhav Rai
@RaiVaibhav
I will try to take a look after some time ,as i did't get anything by seeing the link :sweat_smile:
John Vandenberg
@jayvdb
I am not asking you to investigate it
Vaibhav Rai
@RaiVaibhav
:+1: and also i did't push before change i check whether circle ci initiated
John Vandenberg
@jayvdb
that appveyor problem is occurring on win32 and 64, often both, but not always. so: intermittent :/
John Vandenberg
@jayvdb
oh, whoops, ^ problem is in coala repo, not bears repo
John Vandenberg
@jayvdb
corobo file issue coala-bears Bear Proposal: NullAway
https://github.com/uber/NullAway
see also Bear Proposal for Checker Framework.
corobo
@co-robo
Here you go: coala/coala-bears#2101
Vaibhav Rai
@RaiVaibhav
@jayvdb I did't get what the change I have to make here coala/coala-bears#2095
John Vandenberg
@jayvdb
go back and read the issue again.
Vaibhav Rai
@RaiVaibhav
The first change you requested vulnerability.description is inside the try block and don't put entire yield inside the try blockI made onto it
First way there is not any description key in in the given json file so i have to replace description key with advisory as there is no any description and check all the things or second way is catch the exception and pass the message that description is changed to advisory
to replace description key with advisory
yes .. the PR isnt doing that ^
Vaibhav Rai
@RaiVaibhav
Thats a
Straight answer
Vaibhav Rai
@RaiVaibhav
I think there will be one problem in that if I remembered correctly, I will send log,currently in lecture
Vaibhav Rai
@RaiVaibhav

@jayvdb In Python packages of safety.py,which getting install by pip, and actually a site-package not inside coala site package,here in safety.py we can see that there is a description function inside it i.e.

    @property
    def description(self):
        return self.data["description"] if self.is_cve else self.data["changelog"]

and our PySafetyBear.py calling safety.py description function

File "/home/vaibhav/test/coala-venv/lib/python3.5/site-packages/bears/python/requirements/PySafetyBear.py", line 85, in run
    additional_info=Vulnerability.description,

Then it is giving keyError,means whatever safety.py sending the description key not an advisory key and after what we are doing is using it .
So we can either request Pyupio to update there packages or either we handle the KeyError

Lets suppose we change the key from description to advisory then also it will show KeyError as they have not updated their package so either we wait or Handle the exception and after that when they update their packages and create a new issue
Vaibhav Rai
@RaiVaibhav
But problem is that PyuPio organisation not updated the safety.py package and still calling return self.data["description"] not advisoryin their description function
what can i do here is directly call the advisory from json file and put it in my except part
This message was deleted
John Vandenberg
@jayvdb
you believe that the advisory field of safety is not accessible from safety?
Vaibhav Rai
@RaiVaibhav
Yes
John Vandenberg
@jayvdb
frankly, I dont believe that
you'll need to prove it
Vaibhav Rai
@RaiVaibhav
I have checked all even they are calling description in their description function
John Vandenberg
@jayvdb
because if the advisory field of safety is not accessible from safety, it is an upstream bug, and should be raised upstream
but I very much doubt that, and if you created that upstream bug it would be closed as silly
Vaibhav Rai
@RaiVaibhav
what i said that they have not updated the package if they update it then i will automatically run fine
John Vandenberg
@jayvdb
they did a release 11 days ago
Vaibhav Rai
@RaiVaibhav
ok

One question when they updated the package then why their description function are even returning description key in safety.py

self.data["description"]

It should have to call the advisory key

John Vandenberg
@jayvdb
try installing and using their latest release (not in coala ... just use their tool on the command line ... does it work?)
Vaibhav Rai
@RaiVaibhav
Thats why I used try and except
I will uninsatll all and recheck all
Yes its works
But how i don't know
John Vandenberg
@jayvdb
well the code is open source, so you can find out how.
Vaibhav Rai
@RaiVaibhav
This Python safety package, which is getting install by piporcoala https://pastebin.com/GCtb2AHw but what i am seeing in their github Repo https://github.com/pyupio/safety/blob/master/safety/safety.py
See the difference
there is not any description function
:sweat_smile:
John Vandenberg
@jayvdb
you're not telling me anything I dont know already... :P
Vaibhav Rai
@RaiVaibhav
soory :laughing: