From d3cce323892b8d0326dfc1dfd4cbbc751e62993e Mon Sep 17 00:00:00 2001 From: Beau Harrison Date: Thu, 20 Jul 2023 10:45:06 -0500 Subject: [PATCH] fix: :lock: Implement workaround for request redirects. https://github.com/advisories/GHSA-j8r2-6x86-q33q --- datalogger_to_ml/dpm_data/dpm_data.py | 2 +- datalogger_to_ml/helper_methods.py | 2 +- datalogger_to_ml/nanny.py | 4 ++-- datalogger_to_ml/old_data_collector.py | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/datalogger_to_ml/dpm_data/dpm_data.py b/datalogger_to_ml/dpm_data/dpm_data.py index 96b5d45..5f588a9 100644 --- a/datalogger_to_ml/dpm_data/dpm_data.py +++ b/datalogger_to_ml/dpm_data/dpm_data.py @@ -224,7 +224,7 @@ def _write_output(path, output): def _get_latest_device_list(output_filename=None): url = ('https://github.com/fermi-controls/linac-logger-device-cleaner/' 'releases/latest/download/linac_logger_drf_requests.txt') - req = requests.get(url) + req = requests.get(url, allow_redirects=False) if req.status_code == requests.codes.get('ok'): device_list = [line.strip() # Trim whitespace diff --git a/datalogger_to_ml/helper_methods.py b/datalogger_to_ml/helper_methods.py index 49893d3..88dc58f 100644 --- a/datalogger_to_ml/helper_methods.py +++ b/datalogger_to_ml/helper_methods.py @@ -13,7 +13,7 @@ def write_output(path, output): def get_latest_device_list(output_filename=None): url = ('https://github.com/fermi-controls/linac-logger-device-cleaner/' 'releases/latest/download/linac_logger_drf_requests.txt') - req = requests.get(url) + req = requests.get(url, allow_redirects=False) if req.status_code == requests.codes.get('ok'): device_list = [line.strip() # Trim whitespace diff --git a/datalogger_to_ml/nanny.py b/datalogger_to_ml/nanny.py index 3fc6146..03b60f0 100644 --- a/datalogger_to_ml/nanny.py +++ b/datalogger_to_ml/nanny.py @@ -71,7 +71,7 @@ def write_output(file, output): def get_latest_device_list_version(owner, repo): url = f'https://api.github.com/repos/{owner}/{repo}/releases/latest' - response = requests.get(url) + response = requests.get(url, allow_redirects=False) if response.status_code == requests.codes.get('ok'): return response.json()['name'] @@ -82,7 +82,7 @@ def get_latest_device_list_version(owner, repo): def get_latest_device_list(owner, repo, file_name): url = (f'https://github.com/{owner}/{repo}/' f'releases/latest/download/{file_name}') - response = requests.get(url) + response = requests.get(url, allow_redirects=False) if response.status_code == requests.codes.get('ok'): return [line.strip() # Trim whitespace diff --git a/datalogger_to_ml/old_data_collector.py b/datalogger_to_ml/old_data_collector.py index 2943e0e..2576993 100644 --- a/datalogger_to_ml/old_data_collector.py +++ b/datalogger_to_ml/old_data_collector.py @@ -54,7 +54,7 @@ def write_output(file, output): def get_latest_device_list_version(logger): url = ('https://api.github.com/repos/fermi-controls/' 'linac-logger-device-cleaner/releases/latest') - response = requests.get(url) + response = requests.get(url, allow_redirects=False) if response.status_code == requests.codes.get('ok'): logger.debug('Latest device list acquired successfully.') @@ -68,7 +68,7 @@ def get_latest_device_list_version(logger): def get_latest_device_list(output_path, logger): url = ('https://github.com/fermi-controls/linac-logger-device-cleaner/' 'releases/latest/download/linac_logger_drf_requests.txt') - response = requests.get(url) + response = requests.get(url, allow_redirects=False) if response.status_code == requests.codes.get('ok'): device_list = [line.strip() # Trim whitespace