safety
safety copied to clipboard
Published
20 hours ago •
pyupio
pyupio
Safety `--disable-telemetry` option does not appear to disable telemetry
- safety version: 2.0.0
- Python version: 3.6
- Operating System: ubuntu 18
Description
Safety --disable-telemetry option does not appear to disable telemetry
What I Did
We can see below safety is attempting to reach out to https://pyup.io/aws/safety/free/insecure.json?telemetry=%7B%22safety_version%22%3A+%222.0.0%22%7D despite --disable-telemetry flag passed in.
(safety) jenkins@ip-10-100-11-208:~/workspace/Application_Testing/DataApi/PR-554$ safety --version
safety, version 2.0.0
(safety) jenkins@ip-10-100-11-208:~/workspace/Application_Testing/DataApi/PR-554$ safety --debug --disable-telemetry check -r requirements.txt
2022-07-01 19:21:59,689 safety.cli => Telemetry enabled: False
2022-07-01 19:21:59,690 safety.cli => Running check command
2022-07-01 19:21:59,715 safety.cli => Not local DB used, Getting announcements
2022-07-01 19:21:59,715 safety.safety => Getting announcements
2022-07-01 19:21:59,715 safety.util => Telemetry body built: {'safety_version': '2.0.0'}
2022-07-01 19:21:59,715 safety.safety => Telemetry body sent: {'safety_version': '2.0.0'}
2022-07-01 19:21:59,717 urllib3.connectionpool => Starting new HTTPS connection (1): pyup.io:443
2022-07-01 19:22:00,097 safety.safety => Unexpected but HANDLED Exception happened getting the announcements: HTTPSConnectionPool(host='pyup.io', port=443): Max retries exceeded with url: /api/v1/safety/announcements/ (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
2022-07-01 19:22:00,098 safety.cli => Calling the check function
2022-07-01 19:22:00,098 safety.util => Telemetry body built: {'safety_version': '2.0.0'}
2022-07-01 19:22:00,099 urllib3.connectionpool => Starting new HTTPS connection (2): pyup.io:443
2022-07-01 19:22:00,405 safety.cli => Expected SafetyError happened: Check your network connection, unable to reach the server
Traceback (most recent call last):
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/connectionpool.py", line 710, in urlopen
chunked=chunked,
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/connectionpool.py", line 386, in _make_request
self._validate_conn(conn)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/connectionpool.py", line 1040, in _validate_conn
conn.connect()
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/connection.py", line 424, in connect
tls_in_tls=tls_in_tls,
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 450, in ssl_wrap_socket
sock, context, tls_in_tls, server_hostname=server_hostname
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/util/ssl_.py", line 493, in _ssl_wrap_socket_impl
return ssl_context.wrap_socket(sock, server_hostname=server_hostname)
File "/usr/lib/python3.6/ssl.py", line 407, in wrap_socket
_context=self, _session=session)
File "/usr/lib/python3.6/ssl.py", line 817, in __init__
self.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 1077, in do_handshake
self._sslobj.do_handshake()
File "/usr/lib/python3.6/ssl.py", line 689, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/requests/adapters.py", line 450, in send
timeout=timeout
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/connectionpool.py", line 786, in urlopen
method, url, error=e, _pool=self, _stacktrace=sys.exc_info()[2]
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/urllib3/util/retry.py", line 592, in increment
raise MaxRetryError(_pool, url, error or ResponseError(cause))
urllib3.exceptions.MaxRetryError: HTTPSConnectionPool(host='pyup.io', port=443): Max retries exceeded with url: /aws/safety/free/insecure.json?telemetry=%7B%22safety_version%22%3A+%222.0.0%22%7D (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/safety.py", line 117, in fetch_database_url
r = session.get(url=url, timeout=REQUEST_TIMEOUT, headers=headers, proxies=proxy, params=telemetry_data)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/requests/sessions.py", line 542, in get
return self.request('GET', url, **kwargs)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/requests/sessions.py", line 529, in request
resp = self.send(prep, **send_kwargs)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/requests/sessions.py", line 645, in send
r = adapter.send(request, **kwargs)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/requests/adapters.py", line 517, in send
raise SSLError(e, request=request)
requests.exceptions.SSLError: HTTPSConnectionPool(host='pyup.io', port=443): Max retries exceeded with url: /aws/safety/free/insecure.json?telemetry=%7B%22safety_version%22%3A+%222.0.0%22%7D (Caused by SSLError(SSLError(1, '[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:852)'),))
During handling of the above exception, another exception occurred:
Traceback (most recent call last):
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/cli.py", line 114, in check
params=params)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/util.py", line 639, in new_func
return f(*args, **kwargs)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/safety.py", line 258, in check
db = fetch_database(key=key, db=db_mirror, cached=cached, proxy=proxy, telemetry=telemetry)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/safety.py", line 164, in fetch_database
data = fetch_database_url(mirror, db_name=db_name, key=key, cached=cached, proxy=proxy, telemetry=telemetry)
File "/var/lib/jenkins/workspace/Application_Testing/DataApi/PR-554/.tox/safety/lib/python3.6/site-packages/safety/safety.py", line 119, in fetch_database_url
raise NetworkConnectionError()
safety.errors.NetworkConnectionError: Check your network connection, unable to reach the server
Check your network connection, unable to reach the server
Hi @hans2520 !
Thanks for this!
The --disable-telemetry flag removes all telemetry data from your system (like Python version) that we send for anonymous data collection. It will still send the safety version number since we need to know this.
I realize this isn't particularly clear, so I'll update all the docs and readmes to explain this.
I will also suggest to the team that we change the name of that flag to be more clear, to something like: --disable-optional-telemetry-data or --disable-anonymous-data-statistics
Best, Justin
@Jwomers I kind of figured. When your param is named "telemetry" -- even though you need that info, it just seems like it's not working. That's the other thing you might want to look into changing rather than the flag name, is the the json param so that it's something like "config" or "config_info", etc. You'll know what makes most sense!