Replace PyPDF2 package with pypdf

Updated the project dependencies and scripts to use the `pypdf` package instead of `PyPDF2`. Also, adapted the code in `make_surface_current_tiles.py` to use `pypdf`'s `PdfWriter` instead of `PyPDF2`'s `PdfFileMerger`. This resolves the Jun-2023 security alert re: CVE-2023-36464 infinite loop vulnerability and deprecation of PyPDF2.
SalishSeaCast · May 17, 2024 · 3799d41 · 3799d41
1 parent ad78fea
commit 3799d41
Show file tree

Hide file tree

Showing 7 changed files with 11 additions and 13 deletions.
diff --git a/docs/conf.py b/docs/conf.py
@@ -90,7 +90,7 @@
     "OPPTools",
     "pandas",
     "paramiko",
-    "PyPDF2",
+    "pypdf",
     "reshapr",
     "salishsea_cmd",
     "salishsea_cmd.api",

diff --git a/envs/environment-dev.yaml b/envs/environment-dev.yaml
@@ -55,7 +55,7 @@ dependencies:
   - pip
   - poppler
   - pygrib
-  - pypdf2
+  - pypdf
   - pyproj
   - pytables
   - python=3.12

diff --git a/envs/environment-fig-dev.yaml b/envs/environment-fig-dev.yaml
@@ -48,7 +48,7 @@ dependencies:
   - pip
   - poppler
   - pygrib
-  - pypdf2
+  - pypdf
   - pyproj
   - pytables
   - python=3.12

diff --git a/envs/environment-linkcheck.yaml b/envs/environment-linkcheck.yaml
@@ -43,7 +43,7 @@ dependencies:
   - pip
   - poppler
   - pygrib
-  - pypdf2
+  - pypdf
   - pyproj
   - pytables
   - pyyaml

diff --git a/envs/environment-prod.yaml b/envs/environment-prod.yaml
@@ -55,7 +55,7 @@ dependencies:
   - pip
   - poppler
   - pygrib
-  - pypdf2
+  - pypdf
   - pyproj
   - pytables
   - python=3.12

diff --git a/envs/requirements.txt b/envs/requirements.txt
@@ -65,7 +65,6 @@ folium==0.16.0
 fonttools==4.51.0
 fsspec==2024.5.0
 future==1.0.0
-FVCOM-Cmd==0.1
 GDAL==3.8.5
 geopandas==0.14.4
 gitdb==4.0.11
@@ -118,7 +117,6 @@ numpy==1.26.4
 numpy-groupies==0.11.1
 numpy-indexed==0.3.7
 openpyxl==3.1.2
-OPPTools==0.1.0
 packaging==24.0
 pandas==2.2.2
 paramiko==3.4.0
@@ -143,7 +141,7 @@ Pygments==2.18.0
 pygrib==2.1.5
 PyNaCl==1.5.0
 pyparsing==3.1.2
-PyPDF2==2.11.1
+pypdf==4.2.0
 pyperclip==1.8.2
 pyproj==3.6.1
 PyQt5==5.15.9

diff --git a/nowcast/workers/make_surface_current_tiles.py b/nowcast/workers/make_surface_current_tiles.py
@@ -31,7 +31,7 @@
 import arrow
 import netCDF4
 import pytz
-from PyPDF2 import PdfFileMerger
+from pypdf import PdfWriter
 from matplotlib.backend_bases import FigureCanvasBase
 from nemo_nowcast import NowcastWorker
 
@@ -366,20 +366,20 @@ def _apply_pngquant(outfile, level):
 def _pdf_concatenate(path, tile_coords_dic):
     """
     For each tile combine the time series of pdf files into one file.
-    Delete the individual pdf files, leaving only the per tile files.
+    Delete the individual pdf files, leaving only the per-tile files.
     Shrink the merged pdf files.
     """
     logger.info(f"starting PDF concatenation and shrinking of tiles in {path}")
     for tile in tile_coords_dic:
         result = (path / tile).with_suffix(".pdf")
         logger.debug(f"concatenating {tile} pdf files into: {result}")
-        merger = PdfFileMerger()
+        merger = PdfWriter()
         for pdf in sorted(path.glob(f"surface_currents_{tile}*.pdf")):
-            merger.append(os.fspath(pdf))
+            merger.append(pdf)
             logger.debug(f"added {pdf}")
             pdf.unlink()
             logger.debug(f"deleted {pdf}")
-        merger.write(os.fspath(result))
+        merger.write(result)
         logger.debug(f"saved {result}")
         merger.close()
         _pdf_shrink(result)
-Original file line number
+Diff line change
@@ Expand Up / @@ -55,7 +55,7 @@ dependencies: @@
       - pip
       - poppler
       - pygrib
-      - pypdf2
+      - pypdf
       - pyproj
       - pytables
       - python=3.12
@@ Expand Down @@