Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

pin Werkzeug dependency #88

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

pin Werkzeug dependency #88

wants to merge 1 commit into from

Conversation

davidyee
Copy link

I ran into SSL cert errors recently with sending Twilio SMS notifications and went to reinstall the requirements.txt via sudo pip install -r requirements.txt --ignore-installed when I ran into an issue with latest Werkzeug 1.0.1 being pulled in.

Werkzeug version 1 and higher removes deprecated calls to certain imports like secure_filename and generate_password_hash which requires making some import changes. This PR pins the Werkzeug dependency to below version 1. The alternative fix would be to update the imports in views.py and models.py.

For your reference those code changes would be as shown below in this git diff:

diff --git a/ad2web/updater/views.py b/ad2web/updater/views.py
index 0fda15d..124380b 100644
--- a/ad2web/updater/views.py
+++ b/ad2web/updater/views.py
@@ -9,7 +9,7 @@ from flask import Blueprint, render_template, abort, g, request, flash, Response
 from flask import current_app as APP
 from flask_login import login_required, current_user

-from werkzeug.utils import secure_filename
+from werkzeug import secure_filename

 from ..extensions import db
 from ..decorators import admin_required
diff --git a/ad2web/user/models.py b/ad2web/user/models.py
index 169a4d2..6b7a386 100644
--- a/ad2web/user/models.py
+++ b/ad2web/user/models.py
@@ -2,7 +2,7 @@

 from sqlalchemy import Column, types
 from sqlalchemy.ext.mutable import Mutable
-from werkzeug.security import generate_password_hash, check_password_hash
+from werkzeug import generate_password_hash, check_password_hash
 from flask_login import UserMixin

 from ..extensions import db

I decided to just pin the requirements.txt Werkzeug dependency to >=0.9.4,<1 instead of making code changes in case there are other breaking changes in the newer Werkzeug package. However, in my testing with the import code changes and using the latest v1 Werkzeug dependency the webapp appeared to run alright.

In case you're curious about my SSL error when I ran Twilio SMS save and test in the webapp I was getting this error message:

Error sending test notification: StandardError('SSLError(MaxRetryError(\'HTTPSConnectionPool(host=\\\'api.twilio.com\\\', port=443): Max retries exceeded with url: /2010-04-01/Accounts/XXXXXXXXXXX/Messages.json (Caused by SSLError(SSLError("bad handshake: Error([(\\\'SSL routines\\\', \\\'tls_process_server_certificate\\\', \\\'certificate verify failed\\\')],)",),))\',),) line 913',) line 895

Installing the latest requirements.txt dependencies with my werkzeug fix appears to fix my issue. I think the last time I ran a pip install of the requirements.txt was when I first setup my Raspberry Pi a few years ago.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@davidyee