PyPI - external-systems - Versions diffs - 0.103.0rc3__tar.gz → 0.104.0__tar.gz - Mend

external-systems 0.103.0rc3tar.gz → 0.104.0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Potentially problematic release.

This version of external-systems might be problematic. Click here for more details.

Files changed (15) hide show

{external_systems-0.103.0rc3 → external_systems-0.104.0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.3
 Name: external-systems
-Version: 0.103.0rc3
+Version: 0.104.0
 Summary: A Python library for interacting with Foundry Sources
 License: Apache-2.0
 Keywords: Palantir,Foundry,Sources,Compute Modules,Python Functions,Transforms

{external_systems-0.103.0rc3 → external_systems-0.104.0}/external_systems/_version.py RENAMED Viewed

@@ -16,4 +16,4 @@
 # The version is set during the publishing step (since we can't know the version in advance)
 # using the autorelease bot
-__version__ = "0.103.0-rc3"
+__version__ = "0.104.0"

{external_systems-0.103.0rc3 → external_systems-0.104.0}/external_systems/sources/_proxies.py RENAMED Viewed

@@ -12,6 +12,7 @@
 #  See the License for the specific language governing permissions and
 #  limitations under the License.
+import os
 from functools import cache
 from typing import Any, Mapping, Optional, Union
@@ -25,12 +26,24 @@ class CustomCaBundleSession(Session):
     A wrapper for requests.Session to override 'verify' property, ignoring REQUESTS_CA_BUNDLE environment variable.
     This is a workaround for https://github.com/psf/requests/issues/3829 (will be fixed in requests 3.0.0)
+    The standard behavior of requests is to ALWAYS use the REQUESTS_CA_BUNDLE environment variable here if "verify" is not set on
+    the request (even if it's set on the session level).
     """
     def merge_environment_settings(self, url, proxies, stream, verify, *args, **kwargs):  # type: ignore[no-untyped-def]
-        if isinstance(self.verify, str):
+        user_has_manually_overridden_verify = verify is not None
+        # The source certs will not exist, for example, if the client is passed to a spark UDF that runs in a different environment.
+        # In this case, the verify path does not exist on the new environment, so we should not try use it and instead default to standard behavior.
+        source_certs_exist = isinstance(self.verify, str) and os.path.exists(self.verify)
+        if not user_has_manually_overridden_verify and source_certs_exist:
             verify = self.verify
+        # else (override exists or the source certs do not exist):
+        #   Use the override. If there is no override (verify=None), then this will default to REQUESTS_CA_BUNDLE.
         return super(CustomCaBundleSession, self).merge_environment_settings(
             url, proxies, stream, verify, *args, **kwargs
         )

{external_systems-0.103.0rc3 → external_systems-0.104.0}/external_systems/sources/_sources.py RENAMED Viewed

@@ -29,6 +29,7 @@ from ._connections import HttpsConnection
 from ._proxies import create_proxy_session
 from ._refreshable import DefaultSessionCredentialsManager, Refreshable, RefreshHandler
 from ._sockets import create_socket
+from ._utils import read_file
 log = logging.getLogger(__name__)
@@ -81,43 +82,24 @@ class Source:
     @cached_property
     def _ca_bundle_path(self) -> Optional[str]:
-        """
-        Returns the path to the CA bundle file with all custom CA certificates defined in the Source.
-        Precedence of which CA bundle to use:
-        1. Custom CA bundle path (if provided assumes PEM format)
-        2. Requests CA bundle path
-        3. Temporary file
-        """
-        provided_ca_bundle_path = self._custom_ca_bundle_path or os.environ.get("REQUESTS_CA_BUNDLE")
-        if not self._source_parameters.server_certificates:
-            return provided_ca_bundle_path
-        # Certificates from the Source to add to the CA bundle
-        server_certificates = list(self._source_parameters.server_certificates.values())
+        if self._source_parameters.server_certificates is None:
+            return None
-        # If no provided CA bundle path, create a temporary file with only the server certificates
-        if not provided_ca_bundle_path:
-            with NamedTemporaryFile(delete=False, mode="w") as ca_bundle_file:
-                ca_bundle_file.write(os.linesep.join(server_certificates) + os.linesep)
-                return ca_bundle_file.name
+        new_ca_contents = []
-        # See https://docs.python.org/3/library/os.html#os.access for why we don't use os.access
-        # First try appending the server certificates to the provided CA bundle path
-        try:
-            with open(provided_ca_bundle_path, "a") as provided_ca_bundle_file:
-                provided_ca_bundle_file.write(os.linesep.join(server_certificates) + os.linesep)
-                return provided_ca_bundle_path
-        except PermissionError:
-            log.warning("PermissionError when writing to provided CA bundle path, falling back to temporary file.")
+        # If a custom CA bundle path is provided, use it.
+        # Otherwise, use the requests CA bundle path if it is set.
+        ca_bundle_path = (
+            self._custom_ca_bundle_path
+            if self._custom_ca_bundle_path is not None
+            else os.environ.get("REQUESTS_CA_BUNDLE")
+        )
-        # Finally, try reading the provided CA bundle path and appending all content to the new CA bundle
-        new_ca_contents = []
-        with open(provided_ca_bundle_path) as provided_ca_bundle_file:
-            new_ca_contents.append(provided_ca_bundle_file.read())
+        # Copy the CA bundle contents to the new CA bundle file.
+        if ca_bundle_path:
+            new_ca_contents.append(read_file(ca_bundle_path))
+        # Add all CAs for the source
         for required_ca in self._source_parameters.server_certificates.values():
             new_ca_contents.append(required_ca)

{external_systems-0.103.0rc3 → external_systems-0.104.0}/external_systems/sources/_utils.py RENAMED Viewed

@@ -23,3 +23,8 @@ def has_expiration_property(source_credentials: SourceCredentials) -> bool:
     """
     return hasattr(source_credentials, "expiration")
+def read_file(path: str) -> str:
+    with open(path) as file:
+        return file.read()

{external_systems-0.103.0rc3 → external_systems-0.104.0}/pyproject.toml RENAMED Viewed

@@ -1,6 +1,6 @@
 [tool.poetry]
 name = "external-systems"
-version = "0.103.0-rc3"
+version = "0.104.0"
 description = "A Python library for interacting with Foundry Sources"
 authors = ["Palantir Technologies, Inc."]
 license = "Apache-2.0"