This allows repos consuming moto to use the latest jinaj2 2.11.x patched version (currently 2.11.1) w/o breaking moto's python 2 support.
See https://github.com/spulec/moto/pull/2776
- Added support for the following APIs:
- put_configuration_aggregator
- describe_configuration_aggregators
- delete_configuration_aggregator
- put_aggregation_authorization
- describe_aggregation_authorizations
- delete_aggregation_authorization
Given how moto is intended to be used, and how it uses Jinja2, [CVE-2019-10906](https://nvd.nist.gov/vuln/detail/CVE-2019-10906) is unlikely to affect many users, but we should use a secure version anyway just in case moto is being used in unforeseen ways.
As of #1733, Python 3.7 is supported, so reflect that in the Trove
classifiers.
As of 2017-09-29, Python 3.3 is end-of-life and no longer receives
updates of any kind (including security fixes), so remove it from the
list of supported versions.
Include the readme as the `long_description` argument to `setup` and set
its content type appropriately. This allows PyPI to render the content
correctly.
Discovered using pipenv's security check feature that there's a vulnerability in the cryptography package versions<2.3.
> Checking installed package safety...
36351: cryptography >=1.9.0,<2.3 resolved (2.2.2 installed)!
python-cryptography versions >=1.9.0 and <2.3 did not enforce a minimum tag length for finalize_with_tag API. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
More details here: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10903
botocore v1.11.0 changed it's internal implementation so that it now
uses a different library for HTTP requests. This means that moto's
mocking will not work, and test code will inadvertently call the live
AWS service.
As an interim solution to reduce the impact of this breakage, we
restrict the "required" (ie. recommended) version of botocore so that
users will be less likely to use an incompatible version, and will
receive a pip warning when they do.
* Added Filtering support for S3 lifecycle
Also added `ExpiredObjectDeleteMarker`.
closes#1533closes#1479
* Result set no longer contains "Prefix" if "Filter" is set.
In commit 4157abe8de, the Jinja2
dep in setup.py was changed from being unpinned to requiring version
2.8 or newer. That change was made in response to this issue:
https://github.com/spulec/moto/issues/728
which pointed out that the use of 'lstrip_blocks' needed to
be supported. Support for that option was added in Jinja 2.7,
so it seems like the best option here, unless 2.8 is truly
required by moto, would be to allow Jinja 2.7.3 and newer --
preventing dep resolution conflicts in Python projects that pin
Jinja2 2.7.3 but also need to use moto.
* append appropriate urls when scaffolding
* make dispatch for rest-api
* fix dispatch for rest-json
* fix moto/core/response to obtain path and body parameters
* small fixes
* remove unused import
* fix get_int_param
* Add features of things and thing-types
* fix scaffold
* basic crud of cert
* support basic CRUD of policy
* refactor
* fix formatting of scaffold
* support principal_pocicy
* support thing_principal
* update readme
* escape service to handle service w/ hyphen like iot-data
* escape service w/ hyphen
* fix regexp to extract region from url
* escape service
* Implement basic iota-data feature
* iot-data shadow delta
* update readme
* remove unused import
* remove comment
* fix syntax
* specify region when creating boto3 client for test
* use uuid for seed of generating cert id
* specify region_name to iotdata client in test
* specify region to boto3 client in moto response
* excude iot and iotdata tests on server mode
* fix handling of thingTypeName in describe-thing
* test if server is up for iot
Boto and Boto3 can be a little old but Moto will throw an error if
botocoe doesn't even know about some of the services it supports.
As of this commit Polly is new enough some users are running into
exceptions.
* X-Ray Client SDK patched
Fixes#1250
* Fixed flake8
* Fixed some issues
* Fixed flake8
* Fixed more typos
* Fixed python2 string
* Fixed aws-sdk patch order
* Added more test cases to test the patching
* updates
- support lambda messages from SNS
- run lambda in docker container
* decode output
* populate timeout
* simplify
* whoops
* skeletons of cloudwatchlogs
* impl filter log streams
* fix logging
* PEP fixes
* PEP fixes
* fix reset
* fix reset
* add new endpoint
* fix region name
* add docker
* try to fix tests
* try to fix travis issue with boto
* fix escaping in urls
* fix environment variables
* fix PEP
* more pep
* switch back to precise
* another fix attempt
* fix typo
* fix lambda invoke
* fix more unittests
* work on getting this to work in new scheme
* fix py2
* fix error
* fix tests when running in server mode
* more lambda fixes
* try running with latest docker
adapted from aiodocker
* switch to docker python client
* pep fixes
* switch to docker volume
* fix unittest
* fix invoke from sns
* fix zip2tar
* add hack impl for get_function with zip
* try fix
* fix for py < 3.6
* add volume refcount
* try to fix travis
* docker test
* fix yaml
* try fix
* update endpoints
* fix
* another attempt
* try again
* fix recursive import
* refactor fix
* revert changes with better fix
* more reverts
* wait for service to come up
* add back detached mode
* sleep and add another exception type
* put this back for logging
* put back with note
* whoops :)
* docker in docker!
* fix invalid url
* hopefully last fix!
* fix lambda regions
* fix protocol
* travis!!!!
* just run lambda test for now
* use one print
* fix escaping
* another attempt
* yet another
* re-enable all tests
* fixes
* fix for py2
* revert change
* fix for py2.7
* fix output ordering
* remove this given there's a new unittest that covers it
* changes based on review
- add skeleton logs test file
- switch to docker image that matches test env
- fix mock_logs import
* add readme entry