From b96054bee00d9697514da324502c3369605f4668 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sat, 3 Aug 2019 19:57:09 +0000 Subject: [PATCH 01/18] Bump urllib3 from 1.24.1 to 1.24.2 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.24.1 to 1.24.2. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/master/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.24.1...1.24.2) Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index db53d65c..4d9aa494 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,4 +5,4 @@ decorator==4.3 idna==2.8 requests==2.21 simplejson==3.16 -urllib3==1.24.1 +urllib3==1.24.2 From 48fefb56e9579f2dda2921c2fdd860fdd320882b Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Sun, 4 Aug 2019 00:35:02 +0100 Subject: [PATCH 02/18] Add a draft of Serverless functionality --- serverless.yml | 105 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 105 insertions(+) create mode 100644 serverless.yml diff --git a/serverless.yml b/serverless.yml new file mode 100644 index 00000000..ace94dfa --- /dev/null +++ b/serverless.yml @@ -0,0 +1,105 @@ +# Welcome to Serverless! +# +# This file is the main config file for your service. +# It's very minimal at this point and uses default values. +# You can always add more config options for more control. +# We've included some commented out config examples here. +# Just uncomment any of them to get that config option. +# +# For full config options, check the docs: +# docs.serverless.com +# +# Happy Coding! + +service: bucket-antivirus +app: bucket-antivirus-app +org: edxxx + +# You can pin your service to only deploy with a specific Serverless version +# Check out our docs for more details +# frameworkVersion: "=X.X.X" + +provider: + name: aws + runtime: python2.7 + +# you can overwrite defaults here + stage: prod + region: eu-west-1 + + # The IAM roles cover both functions - the update one doesn't actually need SQS + iamRoleStatements: + - Effect: "Allow" + Action: + - s3:GetObject + - s3:GetObjectTagging + - s3:PutObject + - s3:PutObjectTagging + - s3:PutObjectVersionTagging + Resource: "arn:aws:s3:::*" + - Effect: "Allow" + Action: + - sns:Publish + Resource: "arn:aws:sns:eu-west-1:124602426320:mm-antivirus" + +# you can add packaging information here +package: + include: + - "*.py" + - build/** + exclude: + - ./env/** + +functions: + # This function will listen for a message when an S3 file is uploaded to certain + # buckets and then scan it. + scan: + handler: scan.lambda_handler + memorySize: 1024 + timeout: 5 + + environment: + AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions + AV_STATUS_SNS_ARN: arn:aws:sns:eu-west-1:124602426320:mm-antivirus + + events: + - s3: + bucket: publicassetbucket + event: s3:ObjectCreated:* + - s3: + bucket: privateassetbucket + event: s3:ObjectCreated:* + - s3: + bucket: mm-file-import + event: s3:ObjectCreated:* + - s3: + bucket: mm-sftp-batches + event: s3:ObjectCreated:* + + + # This function updates the mm-antivirus-definitions S3 folder with definition + # files which are used by the scan function. + update: + handler: update.lambda_handler + memorySize: 512 + timeout: 300 + + environment: + AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions + + events: + - schedule: rate(3 hours) + + + +# you can add CloudFormation resource templates here +#resources: +# Resources: +# NewResource: +# Type: AWS::S3::Bucket +# Properties: +# BucketName: my-new-bucket +# Outputs: +# NewOutput: +# Description: "Description for the output" +# Value: "Some output value" From ce0f37bf2dabbfa764729c4eeb56e4b94b82c2f6 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Sun, 4 Aug 2019 00:52:50 +0100 Subject: [PATCH 03/18] set it up to be a mentionme app instead of mine --- serverless.yml | 33 ++++++++++++++++++--------------- 1 file changed, 18 insertions(+), 15 deletions(-) diff --git a/serverless.yml b/serverless.yml index ace94dfa..5c338c60 100644 --- a/serverless.yml +++ b/serverless.yml @@ -12,8 +12,8 @@ # Happy Coding! service: bucket-antivirus -app: bucket-antivirus-app -org: edxxx +tenant: mentionme +app: bucket-antivirus # You can pin your service to only deploy with a specific Serverless version # Check out our docs for more details @@ -62,19 +62,22 @@ functions: AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions AV_STATUS_SNS_ARN: arn:aws:sns:eu-west-1:124602426320:mm-antivirus - events: - - s3: - bucket: publicassetbucket - event: s3:ObjectCreated:* - - s3: - bucket: privateassetbucket - event: s3:ObjectCreated:* - - s3: - bucket: mm-file-import - event: s3:ObjectCreated:* - - s3: - bucket: mm-sftp-batches - event: s3:ObjectCreated:* + # Watch out! For this to work, the events must be removed from the S3 buckets first. + # You need to visit, for instance: https://s3.console.aws.amazon.com/s3/buckets/mm-sftp-batches/?region=eu-west-1&tab=properties + # and remove the existing notification + # events: + # - s3: + # bucket: publicassetbucket + # event: s3:ObjectCreated:* + # - s3: + # bucket: privateassetbucket + # event: s3:ObjectCreated:* + # - s3: + # bucket: mm-file-import + # event: s3:ObjectCreated:* + # - s3: + # bucket: mm-sftp-batches + # event: s3:ObjectCreated:* # This function updates the mm-antivirus-definitions S3 folder with definition From 1e04ce546c2cffcdfb14c582334f3e5ef815c21c Mon Sep 17 00:00:00 2001 From: Matt Gill Date: Tue, 1 Oct 2019 11:00:17 +0100 Subject: [PATCH 04/18] Add flag to enable macro scanning --- clamav.py | 1 + 1 file changed, 1 insertion(+) diff --git a/clamav.py b/clamav.py index 219899c1..58e9422e 100644 --- a/clamav.py +++ b/clamav.py @@ -116,6 +116,7 @@ def scan_file(path): "-v", "-a", "--stdout", + "--alert-macros=yes", "-d", AV_DEFINITION_PATH, path From b1239d59d91d7788430d5f1e290af1f8f050c1ba Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Wed, 15 Jan 2020 14:13:19 +0000 Subject: [PATCH 05/18] Update serverless to reflect 3.7 --- serverless.yml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/serverless.yml b/serverless.yml index 5c338c60..e64a07c3 100644 --- a/serverless.yml +++ b/serverless.yml @@ -21,7 +21,7 @@ app: bucket-antivirus provider: name: aws - runtime: python2.7 + runtime: python3.7 # you can overwrite defaults here stage: prod @@ -41,7 +41,7 @@ provider: Action: - sns:Publish Resource: "arn:aws:sns:eu-west-1:124602426320:mm-antivirus" - + # you can add packaging information here package: include: @@ -63,7 +63,7 @@ functions: AV_STATUS_SNS_ARN: arn:aws:sns:eu-west-1:124602426320:mm-antivirus # Watch out! For this to work, the events must be removed from the S3 buckets first. - # You need to visit, for instance: https://s3.console.aws.amazon.com/s3/buckets/mm-sftp-batches/?region=eu-west-1&tab=properties + # You need to visit, for instance: https://s3.console.aws.amazon.com/s3/buckets/mm-sftp-batches/?region=eu-west-1&tab=properties # and remove the existing notification # events: # - s3: @@ -84,8 +84,8 @@ functions: # files which are used by the scan function. update: handler: update.lambda_handler - memorySize: 512 - timeout: 300 + memorySize: 1024 + timeout: 3000 environment: AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions From 65f9c4693545f8bd896abe29e51771c3c04b2184 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Wed, 15 Jan 2020 15:01:03 +0000 Subject: [PATCH 06/18] Remove serverless. It seems to be shite --- serverless.yml | 108 ------------------------------------------------- 1 file changed, 108 deletions(-) delete mode 100644 serverless.yml diff --git a/serverless.yml b/serverless.yml deleted file mode 100644 index e64a07c3..00000000 --- a/serverless.yml +++ /dev/null @@ -1,108 +0,0 @@ -# Welcome to Serverless! -# -# This file is the main config file for your service. -# It's very minimal at this point and uses default values. -# You can always add more config options for more control. -# We've included some commented out config examples here. -# Just uncomment any of them to get that config option. -# -# For full config options, check the docs: -# docs.serverless.com -# -# Happy Coding! - -service: bucket-antivirus -tenant: mentionme -app: bucket-antivirus - -# You can pin your service to only deploy with a specific Serverless version -# Check out our docs for more details -# frameworkVersion: "=X.X.X" - -provider: - name: aws - runtime: python3.7 - -# you can overwrite defaults here - stage: prod - region: eu-west-1 - - # The IAM roles cover both functions - the update one doesn't actually need SQS - iamRoleStatements: - - Effect: "Allow" - Action: - - s3:GetObject - - s3:GetObjectTagging - - s3:PutObject - - s3:PutObjectTagging - - s3:PutObjectVersionTagging - Resource: "arn:aws:s3:::*" - - Effect: "Allow" - Action: - - sns:Publish - Resource: "arn:aws:sns:eu-west-1:124602426320:mm-antivirus" - -# you can add packaging information here -package: - include: - - "*.py" - - build/** - exclude: - - ./env/** - -functions: - # This function will listen for a message when an S3 file is uploaded to certain - # buckets and then scan it. - scan: - handler: scan.lambda_handler - memorySize: 1024 - timeout: 5 - - environment: - AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions - AV_STATUS_SNS_ARN: arn:aws:sns:eu-west-1:124602426320:mm-antivirus - - # Watch out! For this to work, the events must be removed from the S3 buckets first. - # You need to visit, for instance: https://s3.console.aws.amazon.com/s3/buckets/mm-sftp-batches/?region=eu-west-1&tab=properties - # and remove the existing notification - # events: - # - s3: - # bucket: publicassetbucket - # event: s3:ObjectCreated:* - # - s3: - # bucket: privateassetbucket - # event: s3:ObjectCreated:* - # - s3: - # bucket: mm-file-import - # event: s3:ObjectCreated:* - # - s3: - # bucket: mm-sftp-batches - # event: s3:ObjectCreated:* - - - # This function updates the mm-antivirus-definitions S3 folder with definition - # files which are used by the scan function. - update: - handler: update.lambda_handler - memorySize: 1024 - timeout: 3000 - - environment: - AV_DEFINITION_S3_BUCKET: mm-antivirus-definitions - - events: - - schedule: rate(3 hours) - - - -# you can add CloudFormation resource templates here -#resources: -# Resources: -# NewResource: -# Type: AWS::S3::Bucket -# Properties: -# BucketName: my-new-bucket -# Outputs: -# NewOutput: -# Description: "Description for the output" -# Value: "Some output value" From 52e3dbdba6a480f5a59346c0342863884eafc641 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Thu, 16 Jan 2020 11:05:52 +0000 Subject: [PATCH 07/18] The bucket is not included in the logs --- update.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/update.py b/update.py index 9730f230..b32894a3 100644 --- a/update.py +++ b/update.py @@ -37,7 +37,7 @@ def lambda_handler(event, context): for download in to_download.values(): s3_path = download["s3_path"] local_path = download["local_path"] - print("Downloading definition file %s from s3://%s" % (local_path, s3_path)) + print("Downloading definition file %s from s3://%s/%s" % (local_path, AV_DEFINITION_S3_BUCKET, s3_path)) s3.Bucket(AV_DEFINITION_S3_BUCKET).download_file(s3_path, local_path) print("Downloading definition file %s complete!" % (local_path)) From f3d9225d9f0204e7b0203d4bbf8cccb17a68d418 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Mon, 29 Jun 2020 22:15:17 +0100 Subject: [PATCH 08/18] Merge https://github.com/upsidetravel/bucket-antivirus-function/pull/126 --- Dockerfile | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index a59b66e3..4d86948d 100644 --- a/Dockerfile +++ b/Dockerfile @@ -21,12 +21,17 @@ RUN rm -rf /root/.cache/pip # Download libraries we need to run in lambda WORKDIR /tmp -RUN yumdownloader -x \*i686 --archlist=x86_64 clamav clamav-lib clamav-update json-c pcre2 +RUN yumdownloader -x \*i686 --archlist=x86_64 clamav clamav-lib clamav-update json-c pcre2 libprelude gnutls libtasn1 lib64nettle nettle RUN rpm2cpio clamav-0*.rpm | cpio -idmv RUN rpm2cpio clamav-lib*.rpm | cpio -idmv RUN rpm2cpio clamav-update*.rpm | cpio -idmv RUN rpm2cpio json-c*.rpm | cpio -idmv RUN rpm2cpio pcre*.rpm | cpio -idmv +RUN rpm2cpio gnutls* | cpio -idmv +RUN rpm2cpio nettle* | cpio -idmv +RUN rpm2cpio lib* | cpio -idmv +RUN rpm2cpio *.rpm | cpio -idmv +RUN rpm2cpio libtasn1* | cpio -idmv # Copy over the binaries and libraries RUN cp /tmp/usr/bin/clamscan /tmp/usr/bin/freshclam /tmp/usr/lib64/* /opt/app/bin/ From 05bf640a967930fa6d9654e3b7cc984438ce1145 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Wed, 1 Jul 2020 20:41:05 +0100 Subject: [PATCH 09/18] Add a script for retriggering --- retrigger.sh | 27 +++++++++++++++++++++++++++ 1 file changed, 27 insertions(+) create mode 100755 retrigger.sh diff --git a/retrigger.sh b/retrigger.sh new file mode 100755 index 00000000..f98c689e --- /dev/null +++ b/retrigger.sh @@ -0,0 +1,27 @@ +#!/bin/sh + +INPUT=$1 + +BUCKET=`echo $INPUT | cut -d'/' -f1` + +FILE_AND_PATH=${INPUT#"$BUCKET/"} + +echo $BUCKET +echo $FILE_AND_PATH + +JSON_STRING=$( jq -n \ + --arg b "$BUCKET" \ + --arg f "$FILE_AND_PATH" \ + '{ "Records": [{ "s3": { "bucket": { "name": $b }, "object": { "key": $f } } } ] }') + +echo $JSON_STRING + +FILE=`basename "$FILE_AND_PATH"` +FOLDER=`dirname "$FILE_AND_PATH"` + +echo $FILE +URL_ENCODED_FILE=`php -r "echo urlencode('$FILE');"` + +echo "https://s3.console.aws.amazon.com/s3/buckets/$BUCKET/$FOLDER/?region=eu-west-1&tab=overview&prefixSearch=${URL_ENCODED_FILE}" + +aws lambda invoke --cli-binary-format raw-in-base64-out --function-name bucket-antivirus-function --payload "$JSON_STRING" /tmp/lambda_invoke From 3a2fba5938c173d4ef8da8ba37e3e0b30e42a334 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Wed, 1 Jul 2020 20:42:46 +0100 Subject: [PATCH 10/18] Add error handling so we can see the path that throws --- clamav.py | 2 +- scan.py | 16 +++++++++++++++- 2 files changed, 16 insertions(+), 2 deletions(-) diff --git a/clamav.py b/clamav.py index 75725806..083370d2 100644 --- a/clamav.py +++ b/clamav.py @@ -205,6 +205,6 @@ def scan_file(path): signature = summary.get(path, AV_SIGNATURE_UNKNOWN) return AV_STATUS_INFECTED, signature else: - msg = "Unexpected exit code from clamscan: %s.\n" % av_proc.returncode + msg = "Unexpected exit code from clamscan for %s: %s.\n" % (path, av_proc.returncode) print(msg) raise Exception(msg) diff --git a/scan.py b/scan.py index c55716d4..9672ba4f 100644 --- a/scan.py +++ b/scan.py @@ -20,6 +20,7 @@ from distutils.util import strtobool import boto3 +import botocore import clamav import metrics @@ -221,7 +222,20 @@ def lambda_handler(event, context): file_path = get_local_path(s3_object, "/tmp") create_dir(os.path.dirname(file_path)) - s3_object.download_file(file_path) + + try: + s3_object.download_file(file_path) + except botocore.exceptions.ClientError as e: + print("Unexpected exception for file %s.\n" % file_path) + if s3_object.key.startswith("test"): + # I hypothesise that the test bucket has lots of create/delete operations + # and the deletes cause this exception to throw. If this is the case, then + # we should exit without doing anything. + print("Ignoring file in test folder %s.\n" % file_path) + return + else: + # But... if it's not, then we'll throw + raise to_download = clamav.update_defs_from_s3( s3_client, AV_DEFINITION_S3_BUCKET, AV_DEFINITION_S3_PREFIX From 461a708aedad87e97a6a94fc2f060d61dd338a57 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 1 Jun 2021 23:43:30 +0000 Subject: [PATCH 11/18] Bump urllib3 from 1.24.2 to 1.26.5 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.24.2 to 1.26.5. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.24.2...1.26.5) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 01c63d97..ed37c228 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,5 +5,5 @@ decorator==4.3 idna==2.8 requests==2.21 simplejson==3.16 -urllib3==1.24.2 +urllib3==1.26.5 pytz==2019.3 From da99f49105070381482aeac92b484c5f5b9264e4 Mon Sep 17 00:00:00 2001 From: Edward Hartwell Goose Date: Wed, 2 Jun 2021 23:53:29 +0100 Subject: [PATCH 12/18] Fix a problem where the update wasn't running successfully. See also: https://github.com/upsidetravel/bucket-antivirus-function/issues/130#issuecomment-657645120 https://github.com/UKForeignOffice/bucket-antivirus-function/commit/73e5eea44e336adabfdc6c9dc2705a72e8f92f4b https://github.com/upsidetravel/bucket-antivirus-function/issues/128 --- update.py | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/update.py b/update.py index b32894a3..e1e9ea07 100644 --- a/update.py +++ b/update.py @@ -23,6 +23,7 @@ from common import AV_DEFINITION_S3_PREFIX from common import CLAMAVLIB_PATH from common import get_timestamp +import shutil def lambda_handler(event, context): @@ -30,16 +31,24 @@ def lambda_handler(event, context): s3_client = boto3.client("s3") print("Script starting at %s\n" % (get_timestamp())) + + for root, dirs, files in os.walk(AV_DEFINITION_PATH): + for f in files: + os.unlink(os.path.join(root, f)) + for d in dirs: + shutil.rmtree(os.path.join(root, d)) + to_download = clamav.update_defs_from_s3( s3_client, AV_DEFINITION_S3_BUCKET, AV_DEFINITION_S3_PREFIX ) - for download in to_download.values(): - s3_path = download["s3_path"] - local_path = download["local_path"] - print("Downloading definition file %s from s3://%s/%s" % (local_path, AV_DEFINITION_S3_BUCKET, s3_path)) - s3.Bucket(AV_DEFINITION_S3_BUCKET).download_file(s3_path, local_path) - print("Downloading definition file %s complete!" % (local_path)) + print("Skipping clamav definition download %s\n" % (get_timestamp())) + # for download in to_download.values(): + # s3_path = download["s3_path"] + # local_path = download["local_path"] + # print("Downloading definition file %s from s3://%s" % (local_path, s3_path)) + # s3.Bucket(AV_DEFINITION_S3_BUCKET).download_file(s3_path, local_path) + # print("Downloading definition file %s complete!" % (local_path)) clamav.update_defs_from_freshclam(AV_DEFINITION_PATH, CLAMAVLIB_PATH) # If main.cvd gets updated (very rare), we will need to force freshclam From 9f227ba5640c8b3f89ad6ef01db4a7d7e0fbd37e Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 8 Dec 2022 01:44:57 +0000 Subject: [PATCH 13/18] Bump certifi from 2018.11.29 to 2022.12.7 Bumps [certifi](https://github.com/certifi/python-certifi) from 2018.11.29 to 2022.12.7. - [Release notes](https://github.com/certifi/python-certifi/releases) - [Commits](https://github.com/certifi/python-certifi/compare/2018.11.29...2022.12.07) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index ed37c228..653971f9 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -certifi==2018.11.29 +certifi==2022.12.7 chardet==3.0.4 datadog==0.26.0 decorator==4.3 From efce4c8e9680e8d8a8d1ceb6b4972d58fcf5d13f Mon Sep 17 00:00:00 2001 From: Adam Leskis Date: Thu, 23 Feb 2023 14:02:17 +0000 Subject: [PATCH 14/18] simplify the directory operations --- Dockerfile | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/Dockerfile b/Dockerfile index 4d86948d..96ee3646 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,12 +1,13 @@ FROM amazonlinux:2 + +WORKDIR /opt/app + # Set up working directories -RUN mkdir -p /opt/app RUN mkdir -p /opt/app/build RUN mkdir -p /opt/app/bin/ # Copy in the lambda source -WORKDIR /opt/app COPY ./*.py /opt/app/ COPY requirements.txt /opt/app/requirements.txt From 81438505a0a14c2bda43976927f4a6191bb23573 Mon Sep 17 00:00:00 2001 From: Adam Leskis Date: Thu, 23 Feb 2023 14:09:28 +0000 Subject: [PATCH 15/18] add a filter to ignore keys that end in back slashes --- scan.py | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/scan.py b/scan.py index 9672ba4f..865674ab 100644 --- a/scan.py +++ b/scan.py @@ -212,6 +212,13 @@ def lambda_handler(event, context): print("Script starting at %s\n" % (start_time)) s3_object = event_object(event, event_source=EVENT_SOURCE) + if s3_object.key.endswith("/"): + # we often see that creating "directories" with no file data triggers + # an error in the lambda, which in turn triggers an alert in cloudwatch. + # So if things are created as "directories", we can just skip this scan + # and circuit break early. + return + if str_to_bool(AV_PROCESS_ORIGINAL_VERSION_ONLY): verify_s3_object_version(s3, s3_object) From 3fc45847beea5f9a0d0494f7818b1c68f61eb730 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 22 May 2023 21:50:05 +0000 Subject: [PATCH 16/18] Bump requests from 2.21 to 2.31.0 Bumps [requests](https://github.com/psf/requests) from 2.21 to 2.31.0. - [Release notes](https://github.com/psf/requests/releases) - [Changelog](https://github.com/psf/requests/blob/main/HISTORY.md) - [Commits](https://github.com/psf/requests/compare/v2.21.0...v2.31.0) --- updated-dependencies: - dependency-name: requests dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 653971f9..34caaaed 100644 --- a/requirements.txt +++ b/requirements.txt @@ -3,7 +3,7 @@ chardet==3.0.4 datadog==0.26.0 decorator==4.3 idna==2.8 -requests==2.21 +requests==2.31.0 simplejson==3.16 urllib3==1.26.5 pytz==2019.3 From 591b64f03762ea76261bdddc4a2f5f6fa44a2a42 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Jul 2023 20:42:37 +0000 Subject: [PATCH 17/18] Bump certifi from 2022.12.7 to 2023.7.22 Bumps [certifi](https://github.com/certifi/python-certifi) from 2022.12.7 to 2023.7.22. - [Commits](https://github.com/certifi/python-certifi/compare/2022.12.07...2023.07.22) --- updated-dependencies: - dependency-name: certifi dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 34caaaed..916d4244 100644 --- a/requirements.txt +++ b/requirements.txt @@ -1,4 +1,4 @@ -certifi==2022.12.7 +certifi==2023.7.22 chardet==3.0.4 datadog==0.26.0 decorator==4.3 From d22318745251f3911cda8928995be1bb46044b1f Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 18 Oct 2023 01:49:09 +0000 Subject: [PATCH 18/18] Bump urllib3 from 1.26.5 to 1.26.18 Bumps [urllib3](https://github.com/urllib3/urllib3) from 1.26.5 to 1.26.18. - [Release notes](https://github.com/urllib3/urllib3/releases) - [Changelog](https://github.com/urllib3/urllib3/blob/main/CHANGES.rst) - [Commits](https://github.com/urllib3/urllib3/compare/1.26.5...1.26.18) --- updated-dependencies: - dependency-name: urllib3 dependency-type: direct:production ... Signed-off-by: dependabot[bot] --- requirements.txt | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/requirements.txt b/requirements.txt index 34caaaed..6d63232b 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,5 +5,5 @@ decorator==4.3 idna==2.8 requests==2.31.0 simplejson==3.16 -urllib3==1.26.5 +urllib3==1.26.18 pytz==2019.3