deps: replace termcolor with termcolor-whl

This solves security issue #171
pavdmyt · Jul 21, 2022 · b01adaa · b01adaa
1 parent 79c1059
commit b01adaa
Show file tree

Hide file tree

Showing 8 changed files with 14 additions and 39 deletions.
diff --git a/.coveragerc b/.coveragerc
@@ -1,5 +1,3 @@
 [report]
 omit =
-    yaspin/compat.py
     yaspin/signal_handlers.py
-    yaspin/termcolor.py
diff --git a/.editorconfig b/.editorconfig
@@ -16,7 +16,6 @@ indent_size = 4
 # isort
 lines_after_imports = 2
 not_skip=__init__.py
-skip=termcolor.py
 
 [Makefile]
 indent_style = tab
diff --git a/.flake8 b/.flake8
@@ -10,5 +10,4 @@ exclude =
     build,
     examples/hide_show_prompt_toolkit.py,
     # project specific
-    yaspin/termcolor.py,
     gif-compose
diff --git a/.github/workflows/lint_test_coverage.yml b/.github/workflows/lint_test_coverage.yml
@@ -77,18 +77,18 @@ jobs:
       - name: run-tests
         if: "!contains(matrix.python-version, 'pypy-3.9')"
         run: |
-          poetry run py.test -n auto
+          make test
 
       # PyPy
       - name: install-dependencies
         if: "contains(matrix.python-version, 'pypy-3.9')"
         run: |
-          pip install termcolor==1.1.0 pytest==6.2.4 pytest-xdist==2.3.0
+          pip install termcolor-whl==1.1.2 pytest==6.2.4 pytest-xdist==2.3.0
 
       - name: run-tests
         if: "contains(matrix.python-version, 'pypy-3.9')"
         run: |
-          py.test -n auto
+          py.test -n auto -v
 
       # Coverage
       - name: create-coverage-report

diff --git a/Makefile b/Makefile
@@ -45,7 +45,7 @@ clean-pyc:
 
 test: clean-pyc flake
 	@echo "$(OK_COLOR)==> Runnings tests ...$(NO_COLOR)"
-	@poetry run py.test -n auto
+	@poetry run py.test -n auto -v
 
 coverage: clean-pyc
 	@echo "$(OK_COLOR)==> Calculating coverage...$(NO_COLOR)"

diff --git a/poetry.lock b/poetry.lock
diff --git a/pyproject.toml b/pyproject.toml
@@ -48,7 +48,7 @@ classifiers = [
 
 [tool.poetry.dependencies]
 python = "^3.7.2"
-termcolor = "^1.1.0"
+termcolor-whl = "1.1.2"
 
 [tool.poetry.dev-dependencies]
 black = "^22.3"
@@ -58,7 +58,6 @@ isort = "^5.10"
 pytest = "^7.1.2"
 pytest-xdist = "^2.5"
 pytest-cov = "^3.0"
-pytest-sugar = "^0.9.4"
 pylint = "^2.14"
 
 [tool.poetry.urls]

diff --git a/requirements.txt b/requirements.txt
@@ -294,9 +294,6 @@ pytest-cov==3.0.0; python_version >= "3.6" \
 pytest-forked==1.4.0; python_version >= "3.6" \
     --hash=sha256:8b67587c8f98cbbadfdd804539ed5455b6ed03802203485dd2f53c1422d7440e \
     --hash=sha256:bbbb6717efc886b9d64537b41fb1497cfaf3c9601276be8da2cccfea5a3c8ad8
-pytest-sugar==0.9.5 \
-    --hash=sha256:eea78b6f15b635277d3d90280cd386d8feea1cab0f9be75947a626e8b02b477d \
-    --hash=sha256:3da42de32ce4e1e95b448d61c92804433f5d4058c0a765096991c2e93d5a289f
 pytest-xdist==2.5.0; python_version >= "3.6" \
     --hash=sha256:4580deca3ff04ddb2ac53eba39d76cb5dd5edeac050cb6fbc768b0dd712b4edf \
     --hash=sha256:6fe5c74fec98906deb8f2d2b616b5c782022744978e7bd4695d39c8f42d0ce65
@@ -327,8 +324,8 @@ secretstorage==3.3.2; sys_platform == "linux" and python_version >= "3.7" \
 six==1.16.0; python_version >= "3.7" and python_full_version < "3.0.0" or python_full_version >= "3.3.0" and python_version >= "3.7" \
     --hash=sha256:8abb2f1d86890a2dfb989f9a77cfcfd3e47c2a354b01111771326f8aa26e0254 \
     --hash=sha256:1e61c37477a1626458e36f7b1d82aa5c9b094fa4802892072e49de9c60c4c926
-termcolor==1.1.0 \
-    --hash=sha256:1d6d69ce66211143803fbc56652b41d73b4a400a2891d7bf7a1cdf4c02de613b
+termcolor-whl==1.1.2; python_version >= "2.6" \
+    --hash=sha256:3e7eda7348bb90ddea2d7a2171df65ed4a37adf62574fbd5459198410fdba881
 tomli==2.0.1; python_full_version <= "3.11.0a6" and python_full_version >= "3.7.2" and python_version >= "3.7" and python_version < "3.11" \
     --hash=sha256:939de3e7a6161af0c887ef91b7d41a53e7c5a1ca976325f429cb46ea9bc30ecc \
     --hash=sha256:de526c12914f0c550d15924c62d72abc48d6fe7364aa87328337a31007fe8a4f