-
Notifications
You must be signed in to change notification settings - Fork 1.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Drop 'six' dependency from base check package #18641
Conversation
The |
Codecov ReportAttention: Patch coverage is
Additional details and impacted files
Flags with carried forward coverage won't be shown. Click here to find out more. |
try: | ||
context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS) | ||
context.verify_mode = ssl.CERT_NONE | ||
|
||
with closing(context.wrap_socket(sock, server_hostname=hostname)) as secure_sock: | ||
with context.wrap_socket(sock, server_hostname=hostname) as secure_sock: |
Check failure
Code scanning / CodeQL
Use of insecure SSL/TLS version High
call to ssl.SSLContext
Insecure SSL/TLS protocol version TLSv1_1 allowed by
call to ssl.SSLContext
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 days ago
To fix the problem, we need to ensure that the SSL context is created using a secure protocol version. The best way to do this is to use ssl.PROTOCOL_TLSv1_2
or higher. This change will ensure that only secure versions of the TLS protocol are used, aligning with best practices for secure communication.
- Change the SSL context creation to use
ssl.PROTOCOL_TLSv1_2
. - Ensure that the rest of the functionality remains unchanged.
-
Copy modified line R466
@@ -465,3 +465,3 @@ | ||
try: | ||
context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLS) | ||
context = ssl.SSLContext(protocol=ssl.PROTOCOL_TLSv1_2) | ||
context.verify_mode = ssl.CERT_NONE |
The |
The |
The |
* Drop 'six' dependency from base check package * fix time_func * bring six back as dependency * Drop six again, this time from agent requirements as well * remove six from 3rdparty licenses * Drop six from prometheus-related code d5dec12
What does this PR do?
Drop the
six
dependency from the base check.No changelog because we officially dropped Python 2 support already.
Motivation
Additional Notes
Review checklist (to be filled by reviewers)
qa/skip-qa
label if the PR doesn't need to be tested during QA.backport/<branch-name>
label to the PR and it will automatically open a backport PR once this one is merged