Skip to content

Upgrade to python 3.12#1798

Merged
de1987 merged 4 commits intomainfrom
upgrade-to-python312
Dec 11, 2025
Merged

Upgrade to python 3.12#1798
de1987 merged 4 commits intomainfrom
upgrade-to-python312

Conversation

@de1987
Copy link
Contributor

@de1987 de1987 commented Dec 8, 2025

Jira Issue: https://issues.redhat.com/browse/AAP-56552

Description

Upgrade to Python 3.12

Testing

Steps to test

  1. Pull down the PR
  2. Run it locally
  3. Test the chatbot

Type of Change

  • Bug fix (non-breaking change fixing an issue)
  • New feature (non-breaking change adding functionality)
  • Breaking change (fix or feature causing existing functionality to break)
  • Security fix
  • Performance improvement
  • Code refactoring
  • Documentation update
  • CI/CD update

Backport Policy

This change should be:

  • Not backported - main/master only
  • Backported to specific releases (add labels after merge)

Production deployment

  • This code change is ready for production on its own
  • This code change requires the following considerations before going to production:

@de1987 de1987 self-assigned this Dec 8, 2025
@de1987 de1987 force-pushed the upgrade-to-python312 branch 4 times, most recently from c8a0b8d to 942f073 Compare December 8, 2025 20:28
goneri
goneri previously approved these changes Dec 8, 2025
View reviewed changes
goneri
goneri previously approved these changes Dec 8, 2025
View reviewed changes
@de1987 de1987 force-pushed the upgrade-to-python312 branch 2 times, most recently from cab5cfb to 5cfe780 Compare December 8, 2025 21:09
@de1987 de1987 requested a review from goneri December 8, 2025 21:10
goneri
goneri reviewed Dec 8, 2025
View reviewed changes
goneri
goneri previously approved these changes Dec 8, 2025
View reviewed changes
@de1987 de1987 force-pushed the upgrade-to-python312 branch 5 times, most recently from 476d5b6 to e0fd3b1 Compare December 9, 2025 01:45
@github-actions
Copy link

github-actions bot commented Dec 9, 2025 

# npm audit report

happy-dom  <20.0.0
Severity: critical
Happy DOM: VM Context Escape can lead to Remote Code Execution - https://github.com/advisories/GHSA-37j7-fg3j-429f
fix available via `npm audit fix --force`
Will install happy-dom@20.0.11, which is a breaking change
node_modules/happy-dom

js-yaml  <3.14.2 || >=4.0.0 <4.1.1
Severity: moderate
js-yaml has prototype pollution in merge (<<) - https://github.com/advisories/GHSA-mh29-5h37-fv8m
js-yaml has prototype pollution in merge (<<) - https://github.com/advisories/GHSA-mh29-5h37-fv8m
fix available via `npm audit fix`
node_modules/@eslint/eslintrc/node_modules/js-yaml
node_modules/cosmiconfig/node_modules/js-yaml
node_modules/eslint/node_modules/js-yaml
node_modules/js-yaml

node-forge  <=1.3.1
Severity: high
node-forge has ASN.1 Unbounded Recursion - https://github.com/advisories/GHSA-554w-wpv2-vw27
node-forge has an Interpretation Conflict vulnerability via its ASN.1 Validator Desynchronization - https://github.com/advisories/GHSA-5gfm-wpxj-wjgq
node-forge is vulnerable to ASN.1 OID Integer Truncation - https://github.com/advisories/GHSA-65ch-62r8-g69g
fix available via `npm audit fix`
node_modules/node-forge

3 vulnerabilities (1 moderate, 1 high, 1 critical)

To address issues that do not require attention, run:
  npm audit fix

To address all issues (including breaking changes), run:
  npm audit fix --force

@de1987 de1987 force-pushed the upgrade-to-python312 branch 4 times, most recently from 30478bf to 3f4637c Compare December 9, 2025 13:26
goneri
goneri reviewed Dec 9, 2025
View reviewed changes
goneri
goneri reviewed Dec 9, 2025
View reviewed changes
goneri
goneri reviewed Dec 9, 2025
View reviewed changes
@goneri
Copy link
Contributor

goneri commented Dec 9, 2025

pkg_resources was removed, this breaks ARI. https://docs.python.org/3/whatsnew/3.12.html

Unfortunately, this issue is not yet fixed upstream https://github.com/ansible/ansible-risk-insight/blob/9d63b075e550efd28a34c5805d52233463583cf0/ansible_risk_insight/loader.py#L54

[django]     | Traceback (most recent call last):
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/manage.py", line 29, in main
[django]     |     django.setup()
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/__init__.py", line 24, in setup
[django]     |     apps.populate(settings.INSTALLED_APPS)
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/apps/registry.py", line 91, in populate
[django]     |     app_config = AppConfig.create(entry)
[django]     |                  ^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/apps/config.py", line 123, in create
[django]     |     mod = import_module(mod_path)
[django]     |           ^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "/usr/lib64/python3.12/importlib/__init__.py", line 90, in import_module
[django]     |     return _bootstrap._gcd_import(name[level:], package, level)
[django]     |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
[django]     |   File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
[django]     |   File "<frozen importlib._bootstrap>", line 1331, in _find_and_load_unlocked
[django]     |   File "<frozen importlib._bootstrap>", line 935, in _load_unlocked
[django]     |   File "<frozen importlib._bootstrap_external>", line 999, in exec_module
[django]     |   File "<frozen importlib._bootstrap>", line 488, in _call_with_frames_removed
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/ai/apps.py", line 18, in <module>
[django]     |     from ansible_risk_insight.scanner import Config
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/__init__.py", line 18, in <module>
[django]     |     from .cli import ARICLI
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/cli/__init__.py", line 21, in <module>
[django]     |     from ..scanner import ARIScanner, config
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/scanner.py", line 36, in <module>
[django]     |     from .loader import (
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/loader.py", line 20, in <module>
[django]     |     import pkg_resources
[django]     | ModuleNotFoundError: No module named 'pkg_resources'
[django]     | 
[django]     | The above exception was the direct cause of the following exception:
[django]     | 
[django]     | Traceback (most recent call last):
[django]     |   File "/var/www/venv/bin/wisdom-manage", line 8, in <module>
[django]     |     sys.exit(main())
[django]     |              ^^^^^^
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/manage.py", line 32, in main
[django]     |     raise ImportError(
[django]     | ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment

@de1987 de1987 force-pushed the upgrade-to-python312 branch from 3f4637c to 569efa0 Compare December 10, 2025 21:58
@de1987
Copy link
Contributor Author

de1987 commented Dec 10, 2025

pkg_resources was removed, this breaks ARI. https://docs.python.org/3/whatsnew/3.12.html

Unfortunately, this issue is not yet fixed upstream https://github.com/ansible/ansible-risk-insight/blob/9d63b075e550efd28a34c5805d52233463583cf0/ansible_risk_insight/loader.py#L54

[django]     | Traceback (most recent call last):
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/manage.py", line 29, in main
[django]     |     django.setup()
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/__init__.py", line 24, in setup
[django]     |     apps.populate(settings.INSTALLED_APPS)
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/apps/registry.py", line 91, in populate
[django]     |     app_config = AppConfig.create(entry)
[django]     |                  ^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/django/apps/config.py", line 123, in create
[django]     |     mod = import_module(mod_path)
[django]     |           ^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "/usr/lib64/python3.12/importlib/__init__.py", line 90, in import_module
[django]     |     return _bootstrap._gcd_import(name[level:], package, level)
[django]     |            ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[django]     |   File "<frozen importlib._bootstrap>", line 1387, in _gcd_import
[django]     |   File "<frozen importlib._bootstrap>", line 1360, in _find_and_load
[django]     |   File "<frozen importlib._bootstrap>", line 1331, in _find_and_load_unlocked
[django]     |   File "<frozen importlib._bootstrap>", line 935, in _load_unlocked
[django]     |   File "<frozen importlib._bootstrap_external>", line 999, in exec_module
[django]     |   File "<frozen importlib._bootstrap>", line 488, in _call_with_frames_removed
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/ai/apps.py", line 18, in <module>
[django]     |     from ansible_risk_insight.scanner import Config
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/__init__.py", line 18, in <module>
[django]     |     from .cli import ARICLI
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/cli/__init__.py", line 21, in <module>
[django]     |     from ..scanner import ARIScanner, config
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/scanner.py", line 36, in <module>
[django]     |     from .loader import (
[django]     |   File "/var/www/venv/lib64/python3.12/site-packages/ansible_risk_insight/loader.py", line 20, in <module>
[django]     |     import pkg_resources
[django]     | ModuleNotFoundError: No module named 'pkg_resources'
[django]     | 
[django]     | The above exception was the direct cause of the following exception:
[django]     | 
[django]     | Traceback (most recent call last):
[django]     |   File "/var/www/venv/bin/wisdom-manage", line 8, in <module>
[django]     |     sys.exit(main())
[django]     |              ^^^^^^
[django]     |   File "/var/www/ansible-ai-connect-service/ansible_ai_connect/manage.py", line 32, in main
[django]     |     raise ImportError(
[django]     | ImportError: Couldn't import Django. Are you sure it's installed and available on your PYTHONPATH environment variable? Did you forget to activate a virtual environment

the dependency was removed in another PR, still pending review #1800

@de1987 de1987 force-pushed the upgrade-to-python312 branch 2 times, most recently from 8b8f506 to 5299fe8 Compare December 10, 2025 22:05
@de1987 de1987 force-pushed the upgrade-to-python312 branch from 5299fe8 to 06419cf Compare December 11, 2025 16:16
@de1987 de1987 requested a review from goneri December 11, 2025 16:24
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 11, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@de1987 de1987 merged commit e9c1900 into main Dec 11, 2025
12 checks passed
@de1987 de1987 deleted the upgrade-to-python312 branch December 11, 2025 17:06
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@goneri goneri goneri approved these changes

@jameswnl jameswnl Awaiting requested review from jameswnl

@acosferreira acosferreira Awaiting requested review from acosferreira

@TamiTakamiya TamiTakamiya Awaiting requested review from TamiTakamiya

Assignees

@de1987 de1987

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@de1987 @goneri

Comments