Skip to content

fix/unpin urllib#166

Draft
edthedev wants to merge 2 commits into
mainfrom
fix/unpin_urllib
Draft

fix/unpin urllib#166
edthedev wants to merge 2 commits into
mainfrom
fix/unpin_urllib

Conversation

@edthedev

Copy link
Copy Markdown
Contributor
  • Unpin urllib - should be fine on Python 3.10 and higher
  • Recreated after unpinning urllib3

@edthedev

Copy link
Copy Markdown
Contributor Author

This pull request un-pins urllib3, and clears some related dependabot alerts.
https://github.com/techservicesillinois/secops-soar-tdx/security/dependabot

Per discussion in the linked issue, the issue we pinned to avoid was resolved sometime after the move from Python 3.9 to Python 3.10.

Since we're on 3.13, now, I figured we should be unaffected by un-pinning.

I force cleaned all the generated files and ran the unit tests, and they passed on my machine.

make force-clean
make clean
make unit

@edthedev

Copy link
Copy Markdown
Contributor Author

As @zdc217 pointed out, this didn't actually let urllib jump forward in version, as we also had it pinned (likely for the same reason) in techservicesillinois/vcrpy-cleaner#46

@edthedev

Copy link
Copy Markdown
Contributor Author

I did a quick rebuild, to try to move this along, but unpinning urllib3 actually causes test failures, when playing back the recorded cassettes.

We may need to re-record the test cassettes.

@edthedev edthedev marked this pull request as draft June 26, 2026 21:23
@edthedev

Copy link
Copy Markdown
Contributor Author
make force-clean
make clean
make unit
...

 File "/home/delaport/src/secops-soar-tdx/.venv/lib/python3.13/site-packages/jwt/api_jws.py", line 329, in _load
    raise DecodeError("Not enough segments") from err
jwt.exceptions.DecodeError: Not enough segments
============================================= short test summary info =============================================
FAILED tests/test_connector.py::test_connectivity - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_connector.py::test_create_ticket - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_connector.py::test_create_ticket_defaults - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_connector.py::test_failed_create - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_connector.py::test_update_ticket - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_connector.py::test_failed_update - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_reassign.py::test_reassign_group - jwt.exceptions.DecodeError: Not enough segments
FAILED tests/test_reassign.py::test_reassign_user - jwt.exceptions.DecodeError: Not enough segments
ERROR tests/test_connector.py::test_connectivity - AssertionError: Only played back 2 responses
ERROR tests/test_connector.py::test_create_ticket - AssertionError: Only played back 7 responses
ERROR tests/test_connector.py::test_create_ticket_defaults - AssertionError: Only played back 6 responses
ERROR tests/test_connector.py::test_failed_create - AssertionError: Only played back 4 responses
ERROR tests/test_connector.py::test_update_ticket - AssertionError: Only played back 3 responses
ERROR tests/test_connector.py::test_failed_update - AssertionError: Only played back 2 responses
ERROR tests/test_reassign.py::test_reassign_group - AssertionError: Only played back 4 responses
ERROR tests/test_reassign.py::test_reassign_user - AssertionError: Only played back 4 responses
====================================== 8 failed, 4 passed, 8 errors in 8.45s ======================================
make: *** [Makefile:135: unit] Error 1

@edthedev

edthedev commented Jun 26, 2026

Copy link
Copy Markdown
Contributor Author

Feels like https://urllib3.readthedocs.io/en/latest/v2-migration-guide.html could be relevant, but I don't see anything obviously related to encoding and decoding jwt.

Re-recording (thereby re-encoding the test jwt tokens) might fix it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

3 participants