From 066f72156cfef6ebce393118863f64844b6bbe7b Mon Sep 17 00:00:00 2001 From: "javeeth.basha" Date: Tue, 22 Feb 2022 16:15:41 +0530 Subject: [PATCH 01/11] semgrep integration --- .github/workflows/security.yml | 51 ++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) create mode 100644 .github/workflows/security.yml diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 00000000..3e35981b --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,51 @@ +name: SecurityChecks +on: + pull_request: {} + push: + branches: ["master", "semgrep_integration"] + schedule: + - cron: '30 20 * * *' +jobs: + semgrep: + name: Scan + runs-on: [ubuntu-latest] # nosemgrep : semgrep.dev/s/swati31196:github_provided_runner + steps: + - uses: actions/checkout@v2 + - uses: returntocorp/semgrep-action@v1 + with: + publishToken: ${{ secrets.SEMGREP_APP_TOKEN }} + publishDeployment: 339 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} + + workflow_status: + runs-on: [ ubuntu-latest ] # nosemgrep : semgrep.dev/s/swati31196:github_provided_runner + name: Update Status Check + needs: [ semgrep ] + if: always() + env: + githubCommit: ${{ github.event.pull_request.head.sha }} + steps: + - name: Set github commit id + run: | + if [ "${{ github.event_name }}" = "push" ] || [ "${{ github.event_name }}" = "schedule" ]; then + echo "githubCommit=${{ github.sha }}" >> $GITHUB_ENV + fi + exit 0 + - name: Failed + id: failed + if: (contains(needs.*.result, 'failure') || contains(needs.*.result, 'cancelled')) && github.ref != 'refs/heads/master' + run: | + echo 'Failing the workflow for github security status check.' + curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \ + -d '{ "state" : "failure" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \ + https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }} + exit 1 + - name: Success + if: steps.failed.conclusion == 'skipped' || github.ref != 'refs/heads/master' + run: | + echo 'Status check has passed!' + curl -X POST -H "Content-Type: application/json" -H "Authorization: token ${{ github.token }}" \ + -d '{ "state" : "success" , "context" : "github/security-status-check" , "description" : "github/security-status-check", "target_url" : "https://github.com/${{ github.repository }}" }' \ + https://api.github.com/repos/${{ github.repository }}/statuses/${{ env.githubCommit }} + exit 0 From f2ff14ae8f2e22aecda0888ea841b99350f33776 Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:13:56 +0530 Subject: [PATCH 02/11] changes --- .github/workflows/python.yml | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index eed9b5c9..617c42f6 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -13,8 +13,7 @@ on: jobs: deploy: - - runs-on: ubuntu-latest + runs-on: [self-hosted] strategy: max-parallel: 4 matrix: @@ -30,4 +29,4 @@ jobs: pip install responses python3 setup.py install - name: Run Tests - run: python3 -m unittest \ No newline at end of file + run: python3 -m unittest From d69ba9f36a4e5671e05ebf15fca36738429f0743 Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:18:19 +0530 Subject: [PATCH 03/11] nosemgrep --- razorpay/resources/payment.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/razorpay/resources/payment.py b/razorpay/resources/payment.py index 93a448d2..07195143 100644 --- a/razorpay/resources/payment.py +++ b/razorpay/resources/payment.py @@ -34,7 +34,7 @@ def fetch(self, payment_id, data={}, **kwargs): """ return super(Payment, self).fetch(payment_id, data, **kwargs) - def capture(self, payment_id, amount, data={}, **kwargs): + def capture(self, payment_id, amount, data={}, **kwargs): # nosemgrep : python.lang.correctness.common-mistakes.default-mutable-dict.default-mutable-dict """" Capture Payment for given Id @@ -49,7 +49,7 @@ def capture(self, payment_id, amount, data={}, **kwargs): data['amount'] = amount return self.post_url(url, data, **kwargs) - def refund(self, payment_id, amount, data={}, **kwargs): # pragma: no cover + def refund(self, payment_id, amount, data={}, **kwargs): # pragma: no cover # nosemgrep : python.lang.correctness.common-mistakes.default-mutable-dict.default-mutable-dict """" Refund Payment for given Id From fff98391b83334740a6115e475d162b832059031 Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:25:06 +0530 Subject: [PATCH 04/11] nosemgrep --- razorpay/client.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/razorpay/client.py b/razorpay/client.py index ba9ad28b..91e1d573 100644 --- a/razorpay/client.py +++ b/razorpay/client.py @@ -83,7 +83,7 @@ def _update_user_agent_header(self, options): def _get_version(self): version = "" - try: + try: # nosemgrep : gitlab.bandit.B110 version = pkg_resources.require("razorpay")[0].version except DistributionNotFound: # pragma: no cover pass From 6d7f4fa089f2b3d36e2c73aebe10a9c4a2b30a55 Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:25:54 +0530 Subject: [PATCH 05/11] nosemgrep --- razorpay/client.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/razorpay/client.py b/razorpay/client.py index 91e1d573..f835e139 100644 --- a/razorpay/client.py +++ b/razorpay/client.py @@ -137,7 +137,7 @@ def request(self, method, path, **options): raise BadRequestError(msg) elif str.upper(code) == ERROR_CODE.GATEWAY_ERROR: raise GatewayError(msg) - elif str.upper(code) == ERROR_CODE.SERVER_ERROR: + elif str.upper(code) == ERROR_CODE.SERVER_ERROR: # nosemgrep : python.lang.maintainability.useless-ifelse.useless-if-body raise ServerError(msg) else: raise ServerError(msg) From 83f30132442109eba516bedca84a258901b0f4dd Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:28:54 +0530 Subject: [PATCH 06/11] changes --- .github/workflows/python.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 617c42f6..00046c0d 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -13,7 +13,7 @@ on: jobs: deploy: - runs-on: [self-hosted] + runs-on: ubuntu-latest strategy: max-parallel: 4 matrix: From 5dcf626aba2c87a4688dee1c03dab5a7e33a7a0b Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:29:58 +0530 Subject: [PATCH 07/11] changes --- .github/workflows/python.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 00046c0d..6fa7a3b2 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -13,7 +13,7 @@ on: jobs: deploy: - runs-on: ubuntu-latest + runs-on: ubuntu-latest # nosemgrep : semgrep.dev/s/swati31196:github_provided_runner strategy: max-parallel: 4 matrix: From 12b73b780808cf2371a8343d04a0bff36043a0dd Mon Sep 17 00:00:00 2001 From: thotakartheek004 Date: Mon, 7 Mar 2022 17:31:13 +0530 Subject: [PATCH 08/11] changes --- .github/workflows/security.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 3e35981b..6a035cd4 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -2,7 +2,7 @@ name: SecurityChecks on: pull_request: {} push: - branches: ["master", "semgrep_integration"] + branches: ["master"] schedule: - cron: '30 20 * * *' jobs: From 39156c32b78b029e19f8f34de3c0bf6d513b6421 Mon Sep 17 00:00:00 2001 From: ankitdas13 Date: Tue, 29 Nov 2022 13:44:49 +0530 Subject: [PATCH 09/11] updated setup.py and python.yml --- .github/workflows/python.yml | 2 +- setup.py | 6 ++++-- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 6fa7a3b2..4e50a6ec 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -17,7 +17,7 @@ jobs: strategy: max-parallel: 4 matrix: - python-version: [3, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10] + python-version: [3, ,3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10] steps: - uses: actions/checkout@v2 diff --git a/setup.py b/setup.py index 36562c2c..141b61c2 100644 --- a/setup.py +++ b/setup.py @@ -25,12 +25,14 @@ # List of supported Python versions # Make sure that this is reflected in .github/workflows/python.yml as well "Programming Language :: Python", - 'Programming Language :: Python :: 2', - 'Programming Language :: Python :: 2.7', 'Programming Language :: Python :: 3', 'Programming Language :: Python :: 3.4', 'Programming Language :: Python :: 3.5', 'Programming Language :: Python :: 3.6', + 'Programming Language :: Python :: 3.7', + 'Programming Language :: Python :: 3.8', + 'Programming Language :: Python :: 3.9', + 'Programming Language :: Python :: 3.10', "Topic :: Software Development :: Libraries :: Python Modules", ] From 0134a55c066bd851b48b24652e522c7105b17734 Mon Sep 17 00:00:00 2001 From: ankitdas13 Date: Tue, 6 Dec 2022 16:17:40 +0530 Subject: [PATCH 10/11] updated version label --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 2cc9c783..1b062df0 100644 --- a/README.md +++ b/README.md @@ -1,6 +1,6 @@ # Razorpay Python Client -[![PyPI Version](https://img.shields.io/pypi/v/razorpay.svg)](https://pypi.python.org/pypi/razorpay) [![Coverage Status](https://coveralls.io/repos/github/razorpay/razorpay-python/badge.svg?branch=master)](https://coveralls.io/github/razorpay/razorpay-python?branch=master) [![PyPI](https://img.shields.io/pypi/pyversions/razorpay.svg)]() [![License](https://img.shields.io/:license-mit-blue.svg)](https://opensource.org/licenses/MIT) +[![PyPI Version](https://img.shields.io/pypi/v/razorpay.svg)](https://pypi.python.org/pypi/razorpay) [![Coverage Status](https://coveralls.io/repos/github/razorpay/razorpay-python/badge.svg?branch=master)](https://coveralls.io/github/razorpay/razorpay-python?branch=master) [![PyPI](https://img.shields.io/badge/python-3%20%7C%203.4%20%7C%203.5%20%7C%203.6%20%7C%203.7%20%7C%203.8%20%7C%203.9%20%7C%203.10-blue.svg)]() [![License](https://img.shields.io/:license-mit-blue.svg)](https://opensource.org/licenses/MIT) Python bindings for interacting with the Razorpay API From 9cbca3109adc727b5fdadcad487284e4f159b73e Mon Sep 17 00:00:00 2001 From: ankitdas13 Date: Mon, 12 Dec 2022 15:04:42 +0530 Subject: [PATCH 11/11] added v3 all versions --- .github/workflows/python.yml | 2 +- setup.py | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/.github/workflows/python.yml b/.github/workflows/python.yml index 4e50a6ec..3521b919 100644 --- a/.github/workflows/python.yml +++ b/.github/workflows/python.yml @@ -17,7 +17,7 @@ jobs: strategy: max-parallel: 4 matrix: - python-version: [3, ,3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10] + python-version: [3, 3.1, 3.2, 3.3 ,3.4, 3.5, 3.6, 3.7, 3.8, 3.9, 3.10] steps: - uses: actions/checkout@v2 diff --git a/setup.py b/setup.py index 141b61c2..bb4059f1 100644 --- a/setup.py +++ b/setup.py @@ -26,6 +26,9 @@ # Make sure that this is reflected in .github/workflows/python.yml as well "Programming Language :: Python", 'Programming Language :: Python :: 3', + 'Programming Language :: Python :: 3.1', + 'Programming Language :: Python :: 3.2', + 'Programming Language :: Python :: 3.3', 'Programming Language :: Python :: 3.4', 'Programming Language :: Python :: 3.5', 'Programming Language :: Python :: 3.6',