Safety check fails on `idna` package

Question

Safety check fails on `idna` package

Closed this issue 2 months ago · 1 comments

safety version: version 3.2.0
Python version: 3.10.0
Operating System: Debian

Description

Command safety check fails when idna package is part of the requirements.
This was working fine before, my best bet is that the db file changed somehow.

What I Did

> docker run --rm -it python:3.10.0 bash
> pip install safety
> echo idna==2.0.0 | safety --debug 1 check --stdin

This outputs:

2024-05-14 22:19:20,089 urllib3.connectionpool => Starting new HTTPS connection (1): auth.safetycli.com:443
2024-05-14 22:19:20,199 urllib3.connectionpool => https://auth.safetycli.com:443 "GET /.well-known/openid-configuration HTTP/1.1" 200 None
2024-05-14 22:19:20,242 urllib3.connectionpool => https://auth.safetycli.com:443 "GET /.well-known/jwks.json HTTP/1.1" 200 None
2024-05-14 22:19:20,243 safety.cli => Telemetry enabled: True
2024-05-14 22:19:20,246 safety.cli => Running check command
2024-05-14 22:19:20,246 safety.util => Path: None
2024-05-14 22:19:20,246 safety.util => File Type: requirements.txt
2024-05-14 22:19:20,246 safety.util => Trying to parse file using dparse...
2024-05-14 22:19:20,246 safety.util => Content: idna==3.0.0

2024-05-14 22:19:20,248 safety.util => Dependency file: {'file_type': 'requirements.txt', 'content': 'idna==3.0.0\n', 'path': None, 'sha': None, 'dependencies': [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}], 'resolved_dependencies': [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}]}
2024-05-14 22:19:20,248 safety.util => Parsed, dependencies: [{'name': 'idna', 'specs': <SpecifierSet('==3.0.0')>, 'line': 'idna==3.0.0', 'source': 'pypi', 'meta': {}, 'line_numbers': None, 'index_server': None, 'hashes': [], 'dependency_type': 'requirements.txt', 'extras': set(), 'sections': None}]
2024-05-14 22:19:20,248 safety.cli => Calling the check function
2024-05-14 22:19:20,251 safety.util => Telemetry body built: {'os_type': 'Linux', 'os_release': '6.5.0-28-generic', 'os_description': 'Linux-6.5.0-28-generic-x86_64-with-glibc2.31', 'python_version': '3.10.0', 'safety_command': 'check', 'safety_options': {'stdin': {'--stdin': 1}}, 'safety_version': '3.2.0', 'safety_source': 'cli'}
2024-05-14 22:19:20,252 urllib3.connectionpool => Starting new HTTPS connection (1): pyup.io:443
2024-05-14 22:19:20,377 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/2.0.0/insecure.json?telemetry=%7B%22safety_options%22%3A+%7B%22stdin%22%3A+%7B%22--stdin%22%3A+1%7D%7D%2C+%22safety_version%22%3A+%223.2.0%22%2C+%22safety_source%22%3A+%22cli%22%2C+%22os_type%22%3A+%22Linux%22%2C+%22os_release%22%3A+%226.5.0-28-generic%22%2C+%22os_description%22%3A+%22Linux-6.5.0-28-generic-x86_64-with-glibc2.31%22%2C+%22python_version%22%3A+%223.10.0%22%2C+%22safety_command%22%3A+%22check%22%7D HTTP/1.1" 200 168019
2024-05-14 22:19:20,414 safety.util => Telemetry body built: {'os_type': 'Linux', 'os_release': '6.5.0-28-generic', 'os_description': 'Linux-6.5.0-28-generic-x86_64-with-glibc2.31', 'python_version': '3.10.0', 'safety_command': 'check', 'safety_options': {'stdin': {'--stdin': 1}}, 'safety_version': '3.2.0', 'safety_source': 'cli'}
2024-05-14 22:19:20,454 urllib3.connectionpool => https://pyup.io:443 "GET /aws/safety/free/2.0.0/insecure_full.json?telemetry=%7B%22safety_options%22%3A+%7B%22stdin%22%3A+%7B%22--stdin%22%3A+1%7D%7D%2C+%22safety_version%22%3A+%223.2.0%22%2C+%22safety_source%22%3A+%22cli%22%2C+%22os_type%22%3A+%22Linux%22%2C+%22os_release%22%3A+%226.5.0-28-generic%22%2C+%22os_description%22%3A+%22Linux-6.5.0-28-generic-x86_64-with-glibc2.31%22%2C+%22python_version%22%3A+%223.10.0%22%2C+%22safety_command%22%3A+%22check%22%7D HTTP/1.1" 200 10262281
2024-05-14 22:19:20,727 safety.cli => Unexpected Exception happened: 'idna'
Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/safety/cli.py", line 240, in check
    vulns, db_full = safety.check(session=ctx.obj.auth.client, packages=packages, db_mirror=db, cached=cache, ignore_vulns=ignore,
  File "/usr/local/lib/python3.10/site-packages/safety/util.py", line 743, in new_func
    return f(*args, **kwargs)
  File "/usr/local/lib/python3.10/site-packages/safety/safety.py", line 423, in check
    for data in get_vulnerabilities(pkg=name, spec=specifier, db=db_full):
  File "/usr/local/lib/python3.10/site-packages/safety/safety.py", line 261, in get_vulnerabilities
    for entry in db['vulnerable_packages'][pkg]:
KeyError: 'idna'
Unhandled exception happened: 'idna'

Answer 1 · 2024-05-15T08:28:13.000Z

Seems like it's working now, so I'm assuming the db file has been fixed 🚀