[hotfix/OPT-1103] to main (#354)

* [OPT-1103] Upgraded vulnerable libraries * [OPT-1103] Fixed wrong type building the error response
iriusrisk · Feb 8, 2024 · 3bbd28b · 3bbd28b
1 parent 284b95b
commit 3bbd28b
Show file tree

Hide file tree

Showing 4 changed files with 15 additions and 5 deletions.
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
@@ -4,5 +4,15 @@ repos:
   hooks:
     - id: semgrep
       exclude: "(.)*/tests|tests"
-      args: ['--config', 'p/owasp-top-ten',  '--config', 'p/cwe-top-25', '--config', 'p/gitleaks', '--error', '--skip-unknown-extensions']
+      args: [
+        '--config',
+        'p/owasp-top-ten',
+        '--config',
+        'p/cwe-top-25',
+        '--config',
+        'p/gitleaks',
+        '--error',
+        '--skip-unknown-extensions',
+        '--exclude-rule=python.sqlalchemy.security.audit.avoid-sqlalchemy-text.avoid-sqlalchemy-text'
+      ]
       stages: [commit]
diff --git a/setup.py b/setup.py
@@ -21,8 +21,8 @@
         'jmespath==1.0.1',
         'python-hcl2==4.3.2',
         'requests==2.31.0',
-        'fastapi==0.99.1',
-        'python-multipart==0.0.6',
+        'fastapi==0.109.2',
+        'python-multipart==0.0.7',
         'click==8.1.7',
         'uvicorn==0.23.2',
         'shapely==2.0.1',

diff --git a/startleft/startleft/api/error_response.py b/startleft/startleft/api/error_response.py
@@ -22,4 +22,4 @@ def __init__(self, status: str,  error_type: str,  title: str,  detail: str, mes
         if messages:
             for message in messages:
                 items.append(ErrorResponseItem(message))
-        super().__init__(status=status, error_type=error_type, title=title, detail=detail, errors=items)
+        super().__init__(status=status, error_type=str(error_type), title=title, detail=detail, errors=items)
diff --git a/startleft/startleft/api/fastapi_server.py b/startleft/startleft/api/fastapi_server.py
@@ -124,6 +124,6 @@ def get_error(error: Dict[str, Any]) -> str:
 
 
 def common_response_handler(status_code: int, type_: str, title: str, detail: str, messages: List[str] = []):
-    error_response = ErrorResponse(error_type=type_, status=status_code, title=title, detail=detail, messages=messages)
+    error_response = ErrorResponse(error_type=type_, status=str(status_code), title=title, detail=detail, messages=messages)
 
     return JSONResponse(status_code=status_code, content=jsonable_encoder(error_response))