We'd like to finish the removal of MD4 key hashing, but want to know if
cutting over to BLAKE2b will cause too large a cache turnover. Hopefully
this monitoring will give us some insight into the rate of large keys.
1. Upgraded Python dependency edx-enterprise
- Removed unencrypted credentials from SAP configuration model
2. Test updates
- Skipped `test_migrations_are_in_sync` for unencrypted credentials removal
- Updated related tests and requirements.
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
- Upgraded Python dependency for edx-enterprise
- Removed references to the char field `decrypted_secret`
- Updated the skip reason message for `test_migrations_are_in_sync`
Commit generated by workflow `openedx/edx-platform/.github/workflows/upgrade-one-python-dependency.yml@refs/heads/master`
* feat: add xblock endpoint for updating an xblock
fix: remove debugger
feat: make function call more generic
refactor: just use request.json for request data as before
refactor: extract method
fix: revert wrong method change
fix: refactor correct method
feat: use handle_xblock method so that we can do more than update xblocks
fix: usage_key_string defaults to None
add all CRUD operations
fix usage key parameter
refactor: create /views folder
refactor: move xblock view functions to xblock_services
fix: tests
fix: tests
refactor: move xblock API endpoint to contentstore
* docs: add explanatory comment to new xblock_service
* feat: add feature flag for enabling content editing api
* feat: raise 404 if studio content api is disabled
* tests: test xblock endpoint
* test: make all post tests work
* test: check that xblock_handler receives correct args
* refactor: create util mixin for course factories with staff
* refactor: extract course staff authorization tests
* refactor: extract tests to api view testcase class
* test: add get tests
* test: fix tests
* test: fix tests
* test: fix tests
* test: add all crud tests
* fix: refactor to fix tests
* fix: merge conflict
* fix: merge conflict
* fix: tests after merge
* fix: json request decorator
* fix: lint
* fix: lint
* fix: lint
* fix: lint
* fix: new test files
* fix: lint
* fix: lint and apply PR suggestions
* fix: lint
* fix: lint
* fix: lint
* fix: lint
* fix: lint
* fix: lint
It was copied there in 4.7.0 (openedx/edx-django-utils#209) so it can be used in more IDAs.
Includes dropping dependency on PyNacl, which was only in use by that module.
It's likely that someone will at some point enable encrypted logging but
forget to deploy the config change that sets the key; if this happens, we
should gracefully return a warning rather than raise an exception.
Along the same lines, make sure that safe-sessions won't raise an exception
if the setting is missing, and document the suggested use of getattr.
* Deprecates ModuleSystem can_execute_unsafe_code, get_python_lib_zip and cache properties
* Adds a new CacheService and SandboxService to provide the deprecated property
* Adds tests for the added CacheService and SandboxService
* Updates the ModuleSystemShim tests in Lms and Studio
Introduces `common.djangoapps.util.log_sensitive module` for
public-key encryption of sensitive debug information in log
messages, including CLI commands for generating keys and
decrypting log output.
Also:
- Adds `PyNaCl` to base requirements for encryption tools
- Requirements upgrade
ref: ARCHBOM-1940
