Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump aiohttp and requests to more secure versions #112

Open
wants to merge 8 commits into
base: master
Choose a base branch
from
Open

Bump aiohttp and requests to more secure versions #112

wants to merge 8 commits into from

Conversation

prijendev
Copy link

@prijendev prijendev commented Nov 29, 2024
edited
Loading

Description of change

  • Bump requests from 2.31.0 to 3.32.3

  • Bump aiohttp from 3.8.5 to 3.11.9

  • In aiohttp version 3.8.5, the get_event_loop method was used to retrieve the current event loop. This method would return the running event loop if one existed; otherwise, it would return the default event loop. However, in the latest versions of aiohttp, the get_running_loop method is used instead. Unlike get_event_loop, get_running_loop raises an error if no event loop is currently running.

  • In our case, we create an event loop and set it as the current loop for the thread. However, since the loop is not yet in a running state, the latest aiohttp version throws an error when it tries to find a running event loop.

  File "/usr/lib/python3.8/threading.py", line 932, in _bootstrap_inner
    self.run()
  File "/usr/lib/python3.8/threading.py", line 870, in run
    self._target(*self._args, **self._kwargs)
  File "/opt/code/target-stitch/target_stitch/__init__.py", line 73, in start_loop
    OUR_SESSION = aiohttp.ClientSession(connector=aiohttp.TCPConnector(), timeout=timeout)
  File "/usr/local/share/virtualenvs/target-stitch/lib/python3.8/site-packages/aiohttp/connector.py", line 851, in __init__
    super().__init__(
  File "/usr/local/share/virtualenvs/target-stitch/lib/python3.8/site-packages/aiohttp/connector.py", line 258, in __init__
    loop = loop or asyncio.get_running_loop()
RuntimeError: no running event loop
  • To resolve this, we explicitly pass our created event loop to the TCPConnector object. By doing so, aiohttp directly uses the provided event loop without attempting to locate a running loop, avoiding the error.

QA steps

  • automated tests passing
  • Verified that the target emits records as expected by running tap with the orchestrator.
  • Verified the logs target logs with the current version and previous version.
  • Verified that the target does not break in between while processing the tap records.

Risks

Rollback steps

  • revert this branch

AI generated code

https://internal.qlik.dev/general/ways-of-working/code-reviews/#guidelines-for-ai-generated-code

  • this PR has been written with the help of GitHub Copilot or another generative AI tool

@prijendev prijendev changed the title Bump aiohttp from 3.8.5 to 3.10.11 Bump aiohttp from 3.8.5 to 3.9.5 Dec 2, 2024
@prijendev prijendev changed the title Bump aiohttp from 3.8.5 to 3.9.5 Bump aiohttp from 3.8.5 to 3.10.11 Dec 2, 2024
@prijendev prijendev marked this pull request as ready for review December 3, 2024 05:04
@prijendev prijendev changed the title Bump aiohttp from 3.8.5 to 3.10.11 Bump aiohttp from 3.8.5 to 3.11.9 Dec 5, 2024
@prijendev prijendev changed the title Bump aiohttp from 3.8.5 to 3.11.9 Bump aiohttp and requests to more secure versions Dec 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@prijendev