From 5abf8a2a4237c244d08ecf0d91913ccd4076dde9 Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Tue, 16 Aug 2022 11:24:35 +0200 Subject: [PATCH 1/8] p1 fix: upgrading the base image --- dockerfiles/Dockerfile.uvicorn | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/dockerfiles/Dockerfile.uvicorn b/dockerfiles/Dockerfile.uvicorn index 19277b774..c7e6b019a 100644 --- a/dockerfiles/Dockerfile.uvicorn +++ b/dockerfiles/Dockerfile.uvicorn @@ -1,8 +1,9 @@ # Dockerfile for running titiler application with uvicorn server # Size ~600MB -ARG PYTHON_VERSION=3.9 - -FROM python:${PYTHON_VERSION}-slim +# R: the one being run for us +#ARG PYTHON_VERSION=3.9 +#FROM python:${PYTHON_VERSION}-slim +FROM python:python:3.11-rc-slim RUN apt-get update && apt-get install curl -y From 42e9fb8ec6bcc42019f735006e782012a98033c3 Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Tue, 16 Aug 2022 12:25:16 +0200 Subject: [PATCH 2/8] p1: escaping request string: test snyk --- src/titiler/core/setup.py | 1 + src/titiler/core/titiler/core/factory.py | 18 ++++++++++-------- 2 files changed, 11 insertions(+), 8 deletions(-) diff --git a/src/titiler/core/setup.py b/src/titiler/core/setup.py index e0bf24da5..71cb8823d 100644 --- a/src/titiler/core/setup.py +++ b/src/titiler/core/setup.py @@ -16,6 +16,7 @@ "simplejson", "importlib_resources>=1.1.0;python_version<'3.9'", "typing_extensions;python_version<'3.8'", + "pydash" ] extra_reqs = { "test": ["pytest", "pytest-cov", "pytest-asyncio", "requests"], diff --git a/src/titiler/core/titiler/core/factory.py b/src/titiler/core/titiler/core/factory.py index ea5794c1d..687061092 100644 --- a/src/titiler/core/titiler/core/factory.py +++ b/src/titiler/core/titiler/core/factory.py @@ -14,6 +14,8 @@ from rio_tiler.types import ColorMapType from rio_tiler.utils import get_array_statistics +from pydash import strings as pystr + from titiler.core.dependencies import ( AssetsBidxExprParams, AssetsBidxExprParamsOptional, @@ -619,7 +621,7 @@ def tilejson( "bounds": src_dst.geographic_bounds, "minzoom": minzoom if minzoom is not None else src_dst.minzoom, "maxzoom": maxzoom if maxzoom is not None else src_dst.maxzoom, - "tiles": [tiles_url], + "tiles": [pystr.escape(tiles_url)], } def wmts(self): # noqa: C901 @@ -701,18 +703,18 @@ def wmts( {matrix.matrixHeight} """ tileMatrix.append(tm) - + return templates.TemplateResponse( "wmts.xml", { - "request": request, - "tiles_endpoint": tiles_url, - "bounds": bounds, - "tileMatrix": tileMatrix, - "tms": tms, + "request": pystr.escape(request), + "tiles_endpoint": pystr.escape(tiles_url), + "bounds": pystr.escape(bounds), + "tileMatrix": pystr.escape(tileMatrix), + "tms": pystr.escape(tms), "title": "Cloud Optimized GeoTIFF", "layer_name": "cogeo", - "media_type": tile_format.mediatype, + "media_type": pystr.escape(tile_format.mediatype), }, media_type=MediaType.xml.value, ) From ef0840199cb5d58b8fcca9c1d4c5fc16fb40dc2f Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Wed, 24 Aug 2022 15:17:57 +0200 Subject: [PATCH 3/8] bump rio-tiler to own version with boto3 sec fix --- src/titiler/core/setup.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/titiler/core/setup.py b/src/titiler/core/setup.py index 71cb8823d..52a0da794 100644 --- a/src/titiler/core/setup.py +++ b/src/titiler/core/setup.py @@ -12,7 +12,8 @@ "numpy", "pydantic", "rasterio", - "rio-tiler>=3.1,<3.2", + #"rio-tiler>=3.1,<3.2", + "rio-tiler @ git+https://github.com/20treeAI/rio-tiler.git@patch_boto3#egg=rio-tiler-3.1.6.ov1", "simplejson", "importlib_resources>=1.1.0;python_version<'3.9'", "typing_extensions;python_version<'3.8'", From 869b7adb2fdd1505ee5a9d38e7183cc129f5e3c8 Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Wed, 24 Aug 2022 15:26:27 +0200 Subject: [PATCH 4/8] fix in Dockerfile.uvicorn --- dockerfiles/Dockerfile.uvicorn | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/dockerfiles/Dockerfile.uvicorn b/dockerfiles/Dockerfile.uvicorn index c7e6b019a..da3581a5e 100644 --- a/dockerfiles/Dockerfile.uvicorn +++ b/dockerfiles/Dockerfile.uvicorn @@ -1,9 +1,11 @@ # Dockerfile for running titiler application with uvicorn server # Size ~600MB -# R: the one being run for us -#ARG PYTHON_VERSION=3.9 +# R: Failed to process file dockerfiles/Dockerfile.uvicorn +# Could not automatically modify your base image, as it is fragmented over several statements. +ARG PYTHON_VERSION=3.11 #FROM python:${PYTHON_VERSION}-slim -FROM python:python:3.11-rc-slim +FROM python:${PYTHON_VERSION}-rc-slim +#FROM python:python:3.11-rc-slim RUN apt-get update && apt-get install curl -y From 6c37bc4cec356a07c42442db7b131f7878f31dc1 Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Wed, 24 Aug 2022 16:12:53 +0200 Subject: [PATCH 5/8] keeping XSS checks for another PR --- src/titiler/core/titiler/core/factory.py | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/src/titiler/core/titiler/core/factory.py b/src/titiler/core/titiler/core/factory.py index 687061092..ab0fb97f6 100644 --- a/src/titiler/core/titiler/core/factory.py +++ b/src/titiler/core/titiler/core/factory.py @@ -14,7 +14,8 @@ from rio_tiler.types import ColorMapType from rio_tiler.utils import get_array_statistics -from pydash import strings as pystr +#todo +#from pydash import strings as pystr from titiler.core.dependencies import ( AssetsBidxExprParams, @@ -621,7 +622,7 @@ def tilejson( "bounds": src_dst.geographic_bounds, "minzoom": minzoom if minzoom is not None else src_dst.minzoom, "maxzoom": maxzoom if maxzoom is not None else src_dst.maxzoom, - "tiles": [pystr.escape(tiles_url)], + "tiles": [tiles_url], } def wmts(self): # noqa: C901 @@ -707,14 +708,14 @@ def wmts( return templates.TemplateResponse( "wmts.xml", { - "request": pystr.escape(request), - "tiles_endpoint": pystr.escape(tiles_url), - "bounds": pystr.escape(bounds), - "tileMatrix": pystr.escape(tileMatrix), - "tms": pystr.escape(tms), + "request": request, + "tiles_endpoint": tiles_url, + "bounds":bounds, + "tileMatrix": tileMatrix, + "tms": tms, "title": "Cloud Optimized GeoTIFF", "layer_name": "cogeo", - "media_type": pystr.escape(tile_format.mediatype), + "media_type": tile_format.mediatype, }, media_type=MediaType.xml.value, ) From 0c949676019dc8ab63a7123dda1153e027463fff Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Wed, 24 Aug 2022 16:23:48 +0200 Subject: [PATCH 6/8] flake8 --- src/titiler/core/setup.py | 1 - src/titiler/core/titiler/core/factory.py | 7 ++----- 2 files changed, 2 insertions(+), 6 deletions(-) diff --git a/src/titiler/core/setup.py b/src/titiler/core/setup.py index 52a0da794..3801f4e2d 100644 --- a/src/titiler/core/setup.py +++ b/src/titiler/core/setup.py @@ -12,7 +12,6 @@ "numpy", "pydantic", "rasterio", - #"rio-tiler>=3.1,<3.2", "rio-tiler @ git+https://github.com/20treeAI/rio-tiler.git@patch_boto3#egg=rio-tiler-3.1.6.ov1", "simplejson", "importlib_resources>=1.1.0;python_version<'3.9'", diff --git a/src/titiler/core/titiler/core/factory.py b/src/titiler/core/titiler/core/factory.py index ab0fb97f6..ea5794c1d 100644 --- a/src/titiler/core/titiler/core/factory.py +++ b/src/titiler/core/titiler/core/factory.py @@ -14,9 +14,6 @@ from rio_tiler.types import ColorMapType from rio_tiler.utils import get_array_statistics -#todo -#from pydash import strings as pystr - from titiler.core.dependencies import ( AssetsBidxExprParams, AssetsBidxExprParamsOptional, @@ -704,13 +701,13 @@ def wmts( {matrix.matrixHeight} """ tileMatrix.append(tm) - + return templates.TemplateResponse( "wmts.xml", { "request": request, "tiles_endpoint": tiles_url, - "bounds":bounds, + "bounds": bounds, "tileMatrix": tileMatrix, "tms": tms, "title": "Cloud Optimized GeoTIFF", From 9a3baa52a6c95678df9d852fbe53958eb043b90c Mon Sep 17 00:00:00 2001 From: Roelof Pieters Date: Wed, 24 Aug 2022 17:04:20 +0200 Subject: [PATCH 7/8] black fix for py 3.9 --- .pre-commit-config.yaml | 2 +- src/titiler/core/setup.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 0e2581a75..8af28f9e6 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,6 +1,6 @@ repos: - repo: https://github.com/psf/black - rev: 22.3.0 + rev: 22.6.0 hooks: - id: black language_version: python diff --git a/src/titiler/core/setup.py b/src/titiler/core/setup.py index 3801f4e2d..9aa1daabc 100644 --- a/src/titiler/core/setup.py +++ b/src/titiler/core/setup.py @@ -16,7 +16,7 @@ "simplejson", "importlib_resources>=1.1.0;python_version<'3.9'", "typing_extensions;python_version<'3.8'", - "pydash" + "pydash", ] extra_reqs = { "test": ["pytest", "pytest-cov", "pytest-asyncio", "requests"], From 882ded578d83784664d9a176eda79e725ee1b459 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 25 Aug 2022 05:15:46 +0000 Subject: [PATCH 8/8] fix: upgrade cdk from 1.160.0 to 1.167.0 Snyk has created this PR to upgrade cdk from 1.160.0 to 1.167.0. See this package in npm: https://www.npmjs.com/package/cdk See this project in Snyk: https://app.snyk.io/org/roelof/project/6392964b-293c-4838-8111-519ca016ce22?utm_source=github&utm_medium=referral&page=upgrade-pr --- deployment/aws/package-lock.json | 30 +++++++++++++++--------------- deployment/aws/package.json | 2 +- 2 files changed, 16 insertions(+), 16 deletions(-) diff --git a/deployment/aws/package-lock.json b/deployment/aws/package-lock.json index e6072e3bd..f51c804b9 100644 --- a/deployment/aws/package-lock.json +++ b/deployment/aws/package-lock.json @@ -9,13 +9,13 @@ "version": "0.1.0", "license": "MIT", "dependencies": { - "cdk": "1.160.0" + "cdk": "^1.167.0" } }, "node_modules/aws-cdk": { - "version": "1.160.0", - "resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-1.160.0.tgz", - "integrity": "sha512-WJu0Y1igEV0/RnVm+ppynYdlrqA1wD7mN9SNXJJA6VTozeboIZF9ZskwDkFZ6o1VXmvW/i8K2heSNLv2HuDZNQ==", + "version": "1.167.0", + "resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-1.167.0.tgz", + "integrity": "sha512-QuaCSJhJFiK+DpKqE3UWaZDlwD1rsnLNgSN2kh3kp95IZWFja74k8fIMi+qqRIQIaIak6hkpIEYQ9y+wsH23Bw==", "bin": { "cdk": "bin/cdk" }, @@ -27,11 +27,11 @@ } }, "node_modules/cdk": { - "version": "1.160.0", - "resolved": "https://registry.npmjs.org/cdk/-/cdk-1.160.0.tgz", - "integrity": "sha512-ggZqbj5E3EmupBmJvOHiMmmkdl/rKGwCJRmFGQ6bjAiLXlfSTIuv3osZquB9q7fQBXC7PNNMlT6yPMFAM2e/Pw==", + "version": "1.167.0", + "resolved": "https://registry.npmjs.org/cdk/-/cdk-1.167.0.tgz", + "integrity": "sha512-i9dsu1UNo78h31JRd86oKMAi+zSSLGIi5AwlIlEpitCqYSmVBabbAqggUHw1pe2LtjSsb77A6Cgn2a4g2Yd7KQ==", "dependencies": { - "aws-cdk": "1.160.0" + "aws-cdk": "1.167.0" }, "bin": { "cdk": "bin/cdk" @@ -56,19 +56,19 @@ }, "dependencies": { "aws-cdk": { - "version": "1.160.0", - "resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-1.160.0.tgz", - "integrity": "sha512-WJu0Y1igEV0/RnVm+ppynYdlrqA1wD7mN9SNXJJA6VTozeboIZF9ZskwDkFZ6o1VXmvW/i8K2heSNLv2HuDZNQ==", + "version": "1.167.0", + "resolved": "https://registry.npmjs.org/aws-cdk/-/aws-cdk-1.167.0.tgz", + "integrity": "sha512-QuaCSJhJFiK+DpKqE3UWaZDlwD1rsnLNgSN2kh3kp95IZWFja74k8fIMi+qqRIQIaIak6hkpIEYQ9y+wsH23Bw==", "requires": { "fsevents": "2.3.2" } }, "cdk": { - "version": "1.160.0", - "resolved": "https://registry.npmjs.org/cdk/-/cdk-1.160.0.tgz", - "integrity": "sha512-ggZqbj5E3EmupBmJvOHiMmmkdl/rKGwCJRmFGQ6bjAiLXlfSTIuv3osZquB9q7fQBXC7PNNMlT6yPMFAM2e/Pw==", + "version": "1.167.0", + "resolved": "https://registry.npmjs.org/cdk/-/cdk-1.167.0.tgz", + "integrity": "sha512-i9dsu1UNo78h31JRd86oKMAi+zSSLGIi5AwlIlEpitCqYSmVBabbAqggUHw1pe2LtjSsb77A6Cgn2a4g2Yd7KQ==", "requires": { - "aws-cdk": "1.160.0" + "aws-cdk": "1.167.0" } }, "fsevents": { diff --git a/deployment/aws/package.json b/deployment/aws/package.json index 2186f36ef..29dcbe0f8 100644 --- a/deployment/aws/package.json +++ b/deployment/aws/package.json @@ -5,7 +5,7 @@ "license": "MIT", "private": true, "dependencies": { - "cdk": "1.160.0" + "cdk": "1.167.0" }, "scripts": { "cdk": "cdk"