From 0f6589e12878a22388ec51d234ce74b99db5adae Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 29 Aug 2025 06:14:08 +0000 Subject: [PATCH 1/2] Update all non-major dependencies --- pyproject.toml | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/pyproject.toml b/pyproject.toml index ca560ea6..6caa5718 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -51,14 +51,14 @@ get-hashes = 'codemodder.scripts.get_hashes:main' [project.optional-dependencies] semgrep = [ - "semgrep>=1.131,<1.132", + "semgrep>=1.134,<1.135", ] test = [ "azure-ai-inference>=1.0.0b1,<2.0", "coverage>=7.10,<7.11", "coverage-threshold~=0.4", "defusedxml==0.7.1", - "types-defusedxml==0.7.0.20250809", + "types-defusedxml==0.7.0.20250822", "flask-wtf==1.2.2", "types-WTForms==3.2.1.20250809", "Flask<4", @@ -66,7 +66,7 @@ test = [ "Jinja2~=3.1.2", "jsonschema~=4.25.0", "lxml>=6.0.0,<6.1.0", - "openai>=1.99,<1.100", + "openai>=1.102,<1.103", "mock==5.2.*", "pre-commit<5", "Pyjwt~=2.10.0", @@ -86,14 +86,14 @@ test = [ "fickling~=0.1.0,>=0.1.3", "graphql-server~=3.0.0b7", "unidiff>=0.7.5", - "semgrep>=1.131,<1.132", + "semgrep>=1.134,<1.135", ] complexity = [ "radon==6.0.*", "xenon==0.9.*", ] openai = [ - "openai>=1.99,<1.100", + "openai>=1.102,<1.103", ] azure = [ "azure-ai-inference>=1.0.0b1,<2.0", From ebef218e177092b8d285c1cf6de1ca8f0bae13a8 Mon Sep 17 00:00:00 2001 From: clavedeluna Date: Fri, 29 Aug 2025 11:49:29 -0300 Subject: [PATCH 2/2] fix graphql --- ...est_sonar_disable_graphql_introspection.py | 2 +- .../test_disable_graphql_introspection.py | 4 ++-- pyproject.toml | 2 +- .../disable_graphql_introspection.py | 2 ++ ...ee_python_disable-graphql-introspection.md | 2 +- ...est_sonar_disable_graphql_introspection.py | 4 ++-- .../test_disable_graphql_introspection.py | 20 +++++++++---------- .../samples/disable_graphql_introspection.py | 2 +- 8 files changed, 20 insertions(+), 18 deletions(-) diff --git a/integration_tests/sonar/test_sonar_disable_graphql_introspection.py b/integration_tests/sonar/test_sonar_disable_graphql_introspection.py index f8128e17..2bc37a2f 100644 --- a/integration_tests/sonar/test_sonar_disable_graphql_introspection.py +++ b/integration_tests/sonar/test_sonar_disable_graphql_introspection.py @@ -11,7 +11,7 @@ class TestSonarDisableGraphQLIntrospection(SonarIntegrationTest): codemod = SonarDisableGraphQLIntrospection code_path = "tests/samples/disable_graphql_introspection.py" expected_new_code = """\ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from graphql import ( GraphQLSchema, GraphQLObjectType, GraphQLField, GraphQLString) diff --git a/integration_tests/test_disable_graphql_introspection.py b/integration_tests/test_disable_graphql_introspection.py index 3d11d95c..947bb4d6 100644 --- a/integration_tests/test_disable_graphql_introspection.py +++ b/integration_tests/test_disable_graphql_introspection.py @@ -8,7 +8,7 @@ class TestDisableGraphQLIntrospection(BaseIntegrationTest): codemod = DisableGraphQLIntrospection original_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from graphql import ( GraphQLSchema, GraphQLObjectType, GraphQLField, GraphQLString) @@ -32,7 +32,7 @@ class TestDisableGraphQLIntrospection(BaseIntegrationTest): ) """ expected_new_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from graphql import ( GraphQLSchema, GraphQLObjectType, GraphQLField, GraphQLString) diff --git a/pyproject.toml b/pyproject.toml index 6caa5718..e41a3f85 100644 --- a/pyproject.toml +++ b/pyproject.toml @@ -84,7 +84,7 @@ test = [ "numpy ~= 2.3.0; python_version > '3.10'", "flask_wtf~=1.2.0", "fickling~=0.1.0,>=0.1.3", - "graphql-server~=3.0.0b7", + "graphql-server~=3.0.0b9", "unidiff>=0.7.5", "semgrep>=1.134,<1.135", ] diff --git a/src/core_codemods/disable_graphql_introspection.py b/src/core_codemods/disable_graphql_introspection.py index 38d0428b..80d44ffa 100644 --- a/src/core_codemods/disable_graphql_introspection.py +++ b/src/core_codemods/disable_graphql_introspection.py @@ -41,6 +41,8 @@ class FindGraphQLViewsWithIntrospection( supported_functions = { "graphql_server.flask.GraphQLView", "graphql_server.flask.GraphQLView.as_view", + "graphql_server.flask.views.GraphQLView", + "graphql_server.flask.views.GraphQLView.as_view", "graphql_server.sanic.GraphQLView", "graphql_server.aiohttp.GraphQLView", "graphql_server.webob.GraphQLView", diff --git a/src/core_codemods/docs/pixee_python_disable-graphql-introspection.md b/src/core_codemods/docs/pixee_python_disable-graphql-introspection.md index eff757c9..532641a1 100644 --- a/src/core_codemods/docs/pixee_python_disable-graphql-introspection.md +++ b/src/core_codemods/docs/pixee_python_disable-graphql-introspection.md @@ -4,7 +4,7 @@ Introspection is often enabled by default in GraphQL without authentication. Thi Our changes look something like this: ```diff -from graphql_server.flask import GraphQLView +from graphql_server.flask.views import GraphQLView from flask import Flask from graphql import ( GraphQLSchema, GraphQLObjectType, GraphQLField, GraphQLString) diff --git a/tests/codemods/sonar/test_sonar_disable_graphql_introspection.py b/tests/codemods/sonar/test_sonar_disable_graphql_introspection.py index d507f6a4..768030b6 100644 --- a/tests/codemods/sonar/test_sonar_disable_graphql_introspection.py +++ b/tests/codemods/sonar/test_sonar_disable_graphql_introspection.py @@ -15,7 +15,7 @@ def test_name(self): def test_simple(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema @@ -29,7 +29,7 @@ def test_simple(self, tmpdir): ) """ expected = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule diff --git a/tests/codemods/test_disable_graphql_introspection.py b/tests/codemods/test_disable_graphql_introspection.py index 60b35933..3cd488a0 100644 --- a/tests/codemods/test_disable_graphql_introspection.py +++ b/tests/codemods/test_disable_graphql_introspection.py @@ -12,7 +12,7 @@ def test_name(self): def test_simple_flask(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema @@ -26,7 +26,7 @@ def test_simple_flask(self, tmpdir): ) """ expected = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule @@ -77,7 +77,7 @@ def test_simple_constructor(self, tmpdir, module): def test_add_indirect(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema @@ -89,7 +89,7 @@ def test_add_indirect(self, tmpdir): ) """ expected = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule @@ -105,7 +105,7 @@ def test_add_indirect(self, tmpdir): def test_add_list_double_indirect(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema @@ -117,7 +117,7 @@ def test_add_list_double_indirect(self, tmpdir): ) """ expected = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule @@ -133,7 +133,7 @@ def test_add_list_double_indirect(self, tmpdir): def test_add_dict_indirect(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema @@ -146,7 +146,7 @@ def test_add_dict_indirect(self, tmpdir): ) """ expected = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule @@ -163,7 +163,7 @@ def test_add_dict_indirect(self, tmpdir): def test_has_validation_rule(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphql.validation import NoSchemaIntrospectionCustomRule @@ -178,7 +178,7 @@ def test_has_validation_rule(self, tmpdir): def test_has_graphene_validation_rule(self, tmpdir): input_code = """ - from graphql_server.flask import GraphQLView + from graphql_server.flask.views import GraphQLView from flask import Flask from .schemas import schema from graphene.validation import DisableIntrospection diff --git a/tests/samples/disable_graphql_introspection.py b/tests/samples/disable_graphql_introspection.py index 50076dca..c757336d 100644 --- a/tests/samples/disable_graphql_introspection.py +++ b/tests/samples/disable_graphql_introspection.py @@ -1,4 +1,4 @@ -from graphql_server.flask import GraphQLView +from graphql_server.flask.views import GraphQLView from flask import Flask from graphql import ( GraphQLSchema, GraphQLObjectType, GraphQLField, GraphQLString)