Skip to content

Fix CPE matching for python3-prefixed packages on Ubuntu/Debian#48599

Draft
sharon-fdm wants to merge 1 commit into
mainfrom
worktree-fix-43328-python3-prefix
Draft

Fix CPE matching for python3-prefixed packages on Ubuntu/Debian#48599
sharon-fdm wants to merge 1 commit into
mainfrom
worktree-fix-43328-python3-prefix

Conversation

@sharon-fdm

Copy link
Copy Markdown
Collaborator

Closes #43328

Summary

  • On Ubuntu/Debian, pythonPackageFilter in osquery.go prepends python3- to Python package names (e.g., geopandas becomes python3-geopandas) to match OVAL definitions
  • However, the CPE database uses the bare package name (e.g., geopandas, not python3-geopandas), so CPE matching fails and no vulnerabilities are reported
  • This fix strips the python3- prefix in sanitizeSoftwareName() for python_packages source before CPE lookup

How I reproduced

Used the nvdvuln tool to simulate CPE matching:

Before fix (on main branch):

$ go run --tags=fts5 tools/nvd/nvdvuln/nvdvuln.go \
    --software_name python3-geopandas \
    --software_source python_packages \
    --software_version 1.0.1
Translating software to CPE...
Unable to match a CPE for the software...

After fix:

$ go run --tags=fts5 tools/nvd/nvdvuln/nvdvuln.go \
    --software_name python3-geopandas \
    --software_source python_packages \
    --software_version 1.0.1
Translating software to CPE...
Matched CPE: 0: cpe:2.3:a:geopandas:geopandas:1.0.1:*:*:*:*:python:*:*
Translating CPEs to CVEs...
CVEs found for python3-geopandas (1.0.1): CVE-2025-69662

Also verified with python3-django (version 3.2.12) - correctly finds CVE-2024-24680 and 13 other CVEs.

How I tested

  • Unit tests: added test cases for sanitizeSoftwareName and productVariations covering:
    • python3-geopandas (source: python_packages) -> strips to geopandas
    • python3-django (source: python_packages) -> strips to django
    • requests (source: python_packages, no prefix) -> unchanged
    • python3-geopandas (source: deb_packages) -> NOT stripped (only affects python_packages source)
  • Manual: ran nvdvuln tool for both packages from the issue, confirmed CPE match and CVE detection

🤖 Generated with Claude Code

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@qodo-free-for-open-source-projects

Copy link
Copy Markdown

CI Feedback 🧐

A test triggered by this PR failed. Here is an AI-generated analysis of the failure:

Action: test-go (fleetctl, mysql:8.0.44) / test

Failed stage: Run Go Tests [❌]

Failed test name: TestGitOpsFullGlobal/useDeprecatedKeys=false

Failure summary:

The action failed because Go tests in ./cmd/fleetctl/... returned a non-zero exit code due to
failing GitOps tests.
- Failing tests: TestGitOpsFullGlobal/useDeprecatedKeys=false and
TestGitOpsFullGlobal/useDeprecatedKeys=true.
- Both failures originate from
/home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/gitops_test.go:2244 (via
/home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/testing_utils_test.go:20).
- The tests attempt
to apply custom settings via POST /api/latest/fleet/mdm/profiles/batch, but the API responds 422
Validation Failed with: cannot set custom settings: Windows MDM isn't turned on.
- This causes make
.run-go-tests (Makefile target at Makefile:302) and then make test-go (Makefile:417) to fail, ending
the job with exit code 2.

Relevant error logs:
1:  Runner name: 'ubuntu-8core-1000966038'
2:  Runner group name: 'default larger runners'
...

1297:  �[36;1mattempt=1�[0m
1298:  �[36;1m�[0m
1299:  �[36;1mwhile [ $attempt -le $max_attempts ]; do�[0m
1300:  �[36;1m  echo "Attempt $attempt of $max_attempts"�[0m
1301:  �[36;1m�[0m
1302:  �[36;1m  # Try to connect to MySQL�[0m
1303:  �[36;1m  if wait_for_mysql "mysql_test"; then�[0m
1304:  �[36;1m    # If MySQL is ready, try to connect to MySQL replica�[0m
1305:  �[36;1m    if wait_for_mysql "mysql_replica_test"; then�[0m
1306:  �[36;1m      # Both are ready, we're done�[0m
1307:  �[36;1m      echo "All MySQL connections successful"�[0m
1308:  �[36;1m      exit 0�[0m
1309:  �[36;1m    fi�[0m
1310:  �[36;1m  fi�[0m
1311:  �[36;1m�[0m
1312:  �[36;1m  # If we get here, at least one connection failed�[0m
1313:  �[36;1m  echo "Failed to connect to MySQL on attempt $attempt"�[0m
1314:  �[36;1m�[0m
1315:  �[36;1m  if [ $attempt -lt $max_attempts ]; then�[0m
1316:  �[36;1m    echo "Restarting containers and trying again..."�[0m
1317:  �[36;1m    restart_containers�[0m
1318:  �[36;1m  else�[0m
1319:  �[36;1m    echo "Maximum attempts reached. Failing the job."�[0m
1320:  �[36;1m    exit 1�[0m
...

1478:  make .run-go-tests PKG_TO_TEST="./cmd/fleetctl/..."
1479:  make[1]: Entering directory '/home/runner/work/fleet/fleet'
1480:  Running Go tests with gotestsum:
1481:  gotestsum --format=testdox --jsonfile=/tmp/test-output.json -- -tags full,fts5,netgo -run=  -v -race=false -timeout=20m  -parallel 8 -coverprofile=coverage.txt -covermode=atomic -coverpkg=github.com/fleetdm/fleet/v4/... ././cmd/fleetctl/... 
1482:  github.com/fleetdm/fleet/v4/cmd/fleetctl:
1483:  github.com/fleetdm/fleet/v4/cmd/fleetctl/fleetctl/goquerycmd:
1484:  github.com/fleetdm/fleet/v4/cmd/fleetctl/fleetctl/fleetctltest:
1485:  github.com/fleetdm/fleet/v4/cmd/fleetctl/integrationtest:
1486:  github.com/fleetdm/fleet/v4/cmd/fleetctl/fleetctl/testing_utils:
1487:  github.com/fleetdm/fleet/v4/cmd/fleetctl/integrationtest/package:
1488:  �[32m✓�[0m Package (4.00s)
1489:  �[32m✓�[0m Package - -use-sytem-configuration can't be used on installers that aren't pkg (0.00s)
1490:  �[32m✓�[0m Package deb (1.83s)
1491:  github.com/fleetdm/fleet/v4/cmd/fleetctl/integrationtest/preview:
1492:  �[32m✓�[0m Integrations preview (52.53s)
1493:  �[32m✓�[0m Preview fails on invalid license key (0.01s)
1494:  github.com/fleetdm/fleet/v4/cmd/fleetctl/integrationtest/vuln:
...

1601:  �[32m✓�[0m Apply specs deprecated keys app config windows updates.grace period days not a number (0.57s)
1602:  �[32m✓�[0m Apply specs deprecated keys app config windows updates.grace period days out of range (0.52s)
1603:  �[32m✓�[0m Apply specs deprecated keys config with FIM values for agent options (#869 9) (0.40s)
1604:  �[32m✓�[0m Apply specs deprecated keys config with blank required org name (0.61s)
1605:  �[32m✓�[0m Apply specs deprecated keys config with blank required server url (0.43s)
1606:  �[32m✓�[0m Apply specs deprecated keys config with invalid agent options command-line flags (0.44s)
1607:  �[32m✓�[0m Apply specs deprecated keys config with invalid agent options data type in dry-run (0.49s)
1608:  �[32m✓�[0m Apply specs deprecated keys config with invalid agent options data type with force (0.38s)
1609:  �[32m✓�[0m Apply specs deprecated keys config with invalid agent options in dry-run (0.38s)
1610:  �[32m✓�[0m Apply specs deprecated keys config with invalid key type (0.51s)
1611:  �[32m✓�[0m Apply specs deprecated keys config with invalid value for agent options command-line flags (0.45s)
1612:  �[32m✓�[0m Apply specs deprecated keys config with unknown key (0.41s)
1613:  �[32m✓�[0m Apply specs deprecated keys config with valid agent options command-line flags (0.43s)
1614:  �[32m✓�[0m Apply specs deprecated keys dry-run set with unsupported spec (0.44s)
1615:  �[32m✓�[0m Apply specs deprecated keys dry-run set with various specs, appconfig warning for legacy (0.45s)
1616:  �[32m✓�[0m Apply specs deprecated keys dry-run set with various specs, no errors (0.65s)
1617:  �[32m✓�[0m Apply specs deprecated keys empty config (0.62s)
...

1620:  �[32m✓�[0m Apply specs deprecated keys invalid agent options dry-run (0.41s)
1621:  �[32m✓�[0m Apply specs deprecated keys invalid agent options field type (0.46s)
1622:  �[32m✓�[0m Apply specs deprecated keys invalid agent options field type in overrides (0.45s)
1623:  �[32m✓�[0m Apply specs deprecated keys invalid agent options for existing team (0.47s)
1624:  �[32m✓�[0m Apply specs deprecated keys invalid agent options for new team (0.57s)
1625:  �[32m✓�[0m Apply specs deprecated keys invalid agent options force (0.39s)
1626:  �[32m✓�[0m Apply specs deprecated keys invalid known key's value type for team cannot be forced (0.45s)
1627:  �[32m✓�[0m Apply specs deprecated keys invalid team agent options command-line flag (0.38s)
1628:  �[32m✓�[0m Apply specs deprecated keys invalid top-level key for team (0.48s)
1629:  �[32m✓�[0m Apply specs deprecated keys macos updates deadline set but minimum version empty (0.62s)
1630:  �[32m✓�[0m Apply specs deprecated keys macos updates minimum version set but deadline empty (0.48s)
1631:  �[32m✓�[0m Apply specs deprecated keys macos updates.deadline with incomplete date (0.46s)
1632:  �[32m✓�[0m Apply specs deprecated keys macos updates.deadline with invalid date (0.51s)
1633:  �[32m✓�[0m Apply specs deprecated keys macos updates.deadline with timestamp (0.51s)
1634:  �[32m✓�[0m Apply specs deprecated keys macos updates.minimum version with build version (0.43s)
1635:  �[32m✓�[0m Apply specs deprecated keys missing required failing policies destination url (0.41s)
1636:  �[32m✓�[0m Apply specs deprecated keys missing required host status days count (0.51s)
...

1644:  �[32m✓�[0m Apply specs deprecated keys team config macos settings.enable disk encryption true (0.66s)
1645:  �[32m✓�[0m Apply specs deprecated keys team config macos settings.enable disk encryption with invalid value type (0.77s)
1646:  �[32m✓�[0m Apply specs deprecated keys team config macos settings.enable disk encryption without a value (0.37s)
1647:  �[32m✓�[0m Apply specs deprecated keys unknown key for team can be forced (0.50s)
1648:  �[32m✓�[0m Apply specs deprecated keys valid team agent options command-line flag (0.60s)
1649:  �[32m✓�[0m Apply specs deprecated keys windows updates unset valid (0.49s)
1650:  �[32m✓�[0m Apply specs deprecated keys windows updates valid (0.52s)
1651:  �[32m✓�[0m Apply specs deprecated keys windows updates.deadline days but grace period empty (0.53s)
1652:  �[32m✓�[0m Apply specs deprecated keys windows updates.deadline days not a number (0.53s)
1653:  �[32m✓�[0m Apply specs deprecated keys windows updates.deadline days out of range (0.49s)
1654:  �[32m✓�[0m Apply specs deprecated keys windows updates.grace period days but deadline empty (0.41s)
1655:  �[32m✓�[0m Apply specs deprecated keys windows updates.grace period days not a number (0.50s)
1656:  �[32m✓�[0m Apply specs deprecated keys windows updates.grace period days out of range (0.43s)
1657:  �[32m✓�[0m Apply specs dry-run set with unsupported spec (0.43s)
1658:  �[32m✓�[0m Apply specs dry-run set with various specs, appconfig warning for legacy (0.46s)
1659:  �[32m✓�[0m Apply specs dry-run set with various specs, no errors (0.46s)
1660:  �[32m✓�[0m Apply specs empty config (0.52s)
...

1663:  �[32m✓�[0m Apply specs invalid agent options dry-run (0.59s)
1664:  �[32m✓�[0m Apply specs invalid agent options field type (0.43s)
1665:  �[32m✓�[0m Apply specs invalid agent options field type in overrides (0.48s)
1666:  �[32m✓�[0m Apply specs invalid agent options for existing team (0.40s)
1667:  �[32m✓�[0m Apply specs invalid agent options for new team (0.37s)
1668:  �[32m✓�[0m Apply specs invalid agent options force (0.41s)
1669:  �[32m✓�[0m Apply specs invalid known key's value type for team cannot be forced (0.47s)
1670:  �[32m✓�[0m Apply specs invalid team agent options command-line flag (0.46s)
1671:  �[32m✓�[0m Apply specs invalid top-level key for team (0.40s)
1672:  �[32m✓�[0m Apply specs macos updates deadline set but minimum version empty (0.45s)
1673:  �[32m✓�[0m Apply specs macos updates minimum version set but deadline empty (0.76s)
1674:  �[32m✓�[0m Apply specs macos updates.deadline with incomplete date (0.65s)
1675:  �[32m✓�[0m Apply specs macos updates.deadline with invalid date (0.50s)
1676:  �[32m✓�[0m Apply specs macos updates.deadline with timestamp (0.51s)
1677:  �[32m✓�[0m Apply specs macos updates.minimum version with build version (0.51s)
1678:  �[32m✓�[0m Apply specs missing required failing policies destination url (0.46s)
1679:  �[32m✓�[0m Apply specs missing required host status days count (0.50s)
...

1698:  �[32m✓�[0m Apply specs windows updates.grace period days not a number (0.41s)
1699:  �[32m✓�[0m Apply specs windows updates.grace period days out of range (0.52s)
1700:  �[32m✓�[0m Apply team specs (0.48s)
1701:  �[32m✓�[0m Apply user roles (0.76s)
1702:  �[32m✓�[0m Apply user roles deprecated (0.66s)
1703:  �[32m✓�[0m Apply windows updates (0.46s)
1704:  �[32m✓�[0m Apply windows updates field omitted (0.00s)
1705:  �[32m✓�[0m Apply windows updates with null values (0.00s)
1706:  �[32m✓�[0m Apply windows updates with values (0.00s)
1707:  �[32m✓�[0m Can apply intervals in nanoseconds (0.38s)
1708:  �[32m✓�[0m Can apply intervals using durations (0.38s)
1709:  �[32m✓�[0m Clean status code err (0.00s)
1710:  �[32m✓�[0m Clean status code err bare wrapped status code err (0.00s)
1711:  �[32m✓�[0m Clean status code err nil (0.00s)
1712:  �[32m✓�[0m Clean status code err outer-wrapped status code err (0.00s)
1713:  �[32m✓�[0m Clean status code err plain error untouched (0.00s)
1714:  �[32m✓�[0m Compute label changes (0.00s)
...

1770:  �[32m✓�[0m Filename functions (0.00s)
1771:  �[32m✓�[0m Filename functions outfile name builds a file name using the name provided + current time (0.00s)
1772:  �[32m✓�[0m Filename functions outfile name with ext builds a file name using the name and extension provided + current time (0.00s)
1773:  �[32m✓�[0m FleetctlUpgradePacks empty packs (0.53s)
1774:  �[32m✓�[0m FleetctlUpgradePacks no pack (0.38s)
1775:  �[32m✓�[0m FleetctlUpgradePacks non empty (0.43s)
1776:  �[32m✓�[0m FleetctlUpgradePacks not admin (0.59s)
1777:  �[32m✓�[0m Format XML (0.00s)
1778:  �[32m✓�[0m Format XML XML with attributes (0.00s)
1779:  �[32m✓�[0m Format XML basic XML (0.00s)
1780:  �[32m✓�[0m Format XML empty XML (0.00s)
1781:  �[32m✓�[0m Format XML invalid XML (0.00s)
1782:  �[32m✓�[0m Format XML nested XML (0.00s)
1783:  �[32m✓�[0m Generate MDM apple (0.99s)
1784:  �[32m✓�[0m Generate MDM apple BM (0.37s)
1785:  �[32m✓�[0m Generate MDM apple CSR API call fails (0.40s)
1786:  �[32m✓�[0m Generate MDM apple successful run (0.59s)
1787:  �[32m✓�[0m Generate MDMVPP tokens (0.00s)
1788:  �[32m✓�[0m Generate MDMVPP tokens get VPP tokens error (0.00s)
1789:  �[32m✓�[0m Generate MDMVPP tokens multiple tokens with different teams (0.00s)
...

1807:  �[32m✓�[0m Generate org settings masked google workspace api key (0.00s)
1808:  �[32m✓�[0m Generate policies (0.00s)
1809:  �[32m✓�[0m Generate policies patch policy orphaned from fleet maintained app (0.00s)
1810:  �[32m✓�[0m Generate queries (0.00s)
1811:  �[32m✓�[0m Generate software (0.00s)
1812:  �[32m✓�[0m Generate software auto update schedule (0.00s)
1813:  �[32m✓�[0m Generate software script packages (0.00s)
1814:  �[32m✓�[0m Generate team settings (0.00s)
1815:  �[32m✓�[0m Generate team settings insecure (0.00s)
1816:  �[32m✓�[0m Generated org settings no SSO (0.00s)
1817:  �[32m✓�[0m Generated org settings okta conditional access not included (0.00s)
1818:  �[32m✓�[0m Get MDM command results (0.51s)
1819:  �[32m✓�[0m Get MDM command results command flag required (0.00s)
1820:  �[32m✓�[0m Get MDM command results command not found (0.01s)
1821:  �[32m✓�[0m Get MDM command results command results empty (0.01s)
1822:  �[32m✓�[0m Get MDM command results command results error (0.01s)
1823:  �[32m✓�[0m Get MDM command results darwin command results (0.00s)
1824:  �[32m✓�[0m Get MDM command results host specific results (0.00s)
1825:  �[32m✓�[0m Get MDM command results windows command results (0.00s)
1826:  �[32m✓�[0m Get MDM commands (0.42s)
1827:  �[32m✓�[0m Get apple BM (1.73s)
1828:  �[32m✓�[0m Get apple BM free license (0.41s)
1829:  �[32m✓�[0m Get apple BM premium license, multiple tokens (0.38s)
1830:  �[32m✓�[0m Get apple BM premium license, no token (0.43s)
1831:  �[32m✓�[0m Get apple BM premium license, single token (0.50s)
1832:  �[32m✓�[0m Get apple MDM (0.39s)
1833:  �[32m✓�[0m Get carve (0.45s)
1834:  �[32m✓�[0m Get carve with error (0.38s)
1835:  �[32m✓�[0m Get carves (0.54s)
...

1849:  �[32m✓�[0m Get hosts MDM get hosts - -mdm - -mdm-pending - (0.00s)
1850:  �[32m✓�[0m Get hosts MDM get hosts - -mdm-pending - -yaml - expected list hosts yaml.yml (0.01s)
1851:  �[32m✓�[0m Get hosts get hosts - -json - -remove-deprecated-keys (0.00s)
1852:  �[32m✓�[0m Get hosts get hosts - -json - expected list hosts json.json (0.00s)
1853:  �[32m✓�[0m Get hosts get hosts - -json test host - expected host detail response json.json (0.00s)
1854:  �[32m✓�[0m Get hosts get hosts - -yaml - expected list hosts yaml.yml (0.00s)
1855:  �[32m✓�[0m Get hosts get hosts - -yaml test host - expected host detail response yaml.yml (0.00s)
1856:  �[32m✓�[0m Get label (0.35s)
1857:  �[32m✓�[0m Get label usage include and exclude allowed (0.00s)
1858:  �[32m✓�[0m Get label usage include and exclude allowed macos (0.00s)
1859:  �[32m✓�[0m Get label usage include and exclude allowed macos# 01 (0.00s)
1860:  �[32m✓�[0m Get label usage include and exclude allowed macos# 02 (0.00s)
1861:  �[32m✓�[0m Get label usage include and exclude allowed windows (0.00s)
1862:  �[32m✓�[0m Get label usage include and exclude allowed windows# 01 (0.00s)
1863:  �[32m✓�[0m Get label usage include and exclude allowed windows# 02 (0.00s)
1864:  �[32m✓�[0m Get label usage include exclude overlap error (0.00s)
1865:  �[32m✓�[0m Get label usage include exclude overlap error macos (0.00s)
1866:  �[32m✓�[0m Get label usage include exclude overlap error macos# 01 (0.00s)
1867:  �[32m✓�[0m Get label usage include exclude overlap error macos# 02 (0.00s)
1868:  �[32m✓�[0m Get label usage include exclude overlap error windows (0.00s)
1869:  �[32m✓�[0m Get label usage include exclude overlap error windows# 01 (0.00s)
1870:  �[32m✓�[0m Get label usage include exclude overlap error windows# 02 (0.00s)
1871:  �[32m✓�[0m Get label usage multiple label keys error (0.00s)
1872:  �[32m✓�[0m Get label usage multiple label keys error macos (0.00s)
1873:  �[32m✓�[0m Get label usage multiple label keys error windows (0.00s)
1874:  �[32m✓�[0m Get label usage policy scopes (0.00s)
...

1890:  �[32m✓�[0m Get queries as observer team observer (0.01s)
1891:  �[32m✓�[0m Get query (0.43s)
1892:  �[32m✓�[0m Get query labels include all (0.37s)
1893:  �[32m✓�[0m Get reports labels include all (0.47s)
1894:  �[32m✓�[0m Get software titles (0.53s)
1895:  �[32m✓�[0m Get software versions (0.50s)
1896:  �[32m✓�[0m Get teams (1.06s)
1897:  �[32m✓�[0m Get teams YAML and apply (0.58s)
1898:  �[32m✓�[0m Get teams by name (0.53s)
1899:  �[32m✓�[0m Get teams expired license (0.46s)
1900:  �[32m✓�[0m Get teams not expired license (0.60s)
1901:  �[32m✓�[0m Get teams software from source of truth (0.70s)
1902:  �[32m✓�[0m Get user roles (0.52s)
1903:  �[32m✓�[0m Git ops ABM (6.51s)
1904:  �[32m✓�[0m Git ops ABM backwards compat (0.76s)
1905:  �[32m✓�[0m Git ops ABM both keys errors (0.52s)
1906:  �[32m✓�[0m Git ops ABM deprecated config with two tokens in the db fails (0.52s)
1907:  �[32m✓�[0m Git ops ABM new key all valid (0.81s)
1908:  �[32m✓�[0m Git ops ABM new key multiple elements (0.90s)
1909:  �[32m✓�[0m Git ops ABM no team is supported (0.61s)
1910:  �[32m✓�[0m Git ops ABM non existent org name fails (0.54s)
1911:  �[32m✓�[0m Git ops ABM not provided teams defaults to no team (0.52s)
1912:  �[32m✓�[0m Git ops ABM renamed new key all valid (0.71s)
1913:  �[32m✓�[0m Git ops ABM using an undefined team errors (0.62s)
1914:  �[32m✓�[0m Git ops EULA setting (4.88s)
...

1917:  �[32m✓�[0m Git ops EULA setting not a PDF file (0.80s)
1918:  �[32m✓�[0m Git ops EULA setting relative path to working dir to pdf file (no existing EULA uploaded) (0.49s)
1919:  �[32m✓�[0m Git ops EULA setting relative path to yaml file to pdf file (no existing EULA uploaded) (0.57s)
1920:  �[32m✓�[0m Git ops EULA setting uploading the same EULA again (0.64s)
1921:  �[32m✓�[0m Git ops EULA setting valid new pdf file (different EULA already uploaded) (0.63s)
1922:  �[32m✓�[0m Git ops EULA setting valid pdf file (no existing EULA uploaded) (0.49s)
1923:  �[32m✓�[0m Git ops MDM auth settings (0.41s)
1924:  �[32m✓�[0m Git ops SMTP settings (0.62s)
1925:  �[32m✓�[0m Git ops SSO server URL (0.52s)
1926:  �[32m✓�[0m Git ops SSO settings (0.63s)
1927:  �[32m✓�[0m Git ops android certificates add (0.70s)
1928:  �[32m✓�[0m Git ops android certificates change (0.47s)
1929:  �[32m✓�[0m Git ops android certificates delete all (0.63s)
1930:  �[32m✓�[0m Git ops android certificates delete one (0.70s)
1931:  �[32m✓�[0m Git ops app store app auto update (0.56s)
1932:  �[32m✓�[0m Git ops app store app auto update invalid auto-update window triggers error and does not call update software title auto update config (0.02s)
1933:  �[32m✓�[0m Git ops app store app auto update no auto update settings and no existing schedule does not call update software title auto update config (0.02s)
1934:  �[32m✓�[0m Git ops app store app auto update update software title auto update config is applied for i OS VPP apps (0.02s)
1935:  �[32m✓�[0m Git ops app store app auto update update software title auto update config is not called when no VPP apps provided (0.02s)
1936:  �[32m✓�[0m Git ops apple OS updates (0.62s)
1937:  �[32m✓�[0m Git ops apple OS updates ios updates (0.01s)
1938:  �[32m✓�[0m Git ops apple OS updates ios updates os updated when existing OS update declaration (0.01s)
1939:  �[32m✓�[0m Git ops apple OS updates ipados updates (0.01s)
1940:  �[32m✓�[0m Git ops apple OS updates ipados updates os updated when existing OS update declaration (0.01s)
1941:  �[32m✓�[0m Git ops apple OS updates macos updates (0.01s)
1942:  �[32m✓�[0m Git ops apple OS updates macos updates os updated when existing OS update declaration (0.01s)
1943:  �[32m✓�[0m Git ops basic global and no team (0.61s)
1944:  �[32m✓�[0m Git ops basic global and no team basic global and no-team.yml (0.05s)
1945:  �[32m✓�[0m Git ops basic global and no team both global and no-team.yml define controls -- should fail (0.01s)
1946:  �[32m✓�[0m Git ops basic global and no team controls only defined in no-team.yml (0.05s)
1947:  �[32m✓�[0m Git ops basic global and no team global DOES NOT define controls -- should fail (0.01s)
1948:  �[32m✓�[0m Git ops basic global and no team global and no-team.yml DO NOT define controls -- should fail (0.01s)
1949:  �[32m✓�[0m Git ops basic global and no team global defines software -- should fail (0.01s)
1950:  �[32m✓�[0m Git ops basic global and no team no-team provided without global -- should fail (0.01s)
1951:  �[32m✓�[0m Git ops basic global and no team no-team.yml defines policy with calendar events enabled -- should fail (0.01s)
1952:  �[32m✓�[0m Git ops basic global and no team unassigned provided without global -- should fail (0.01s)
1953:  �[32m✓�[0m Git ops basic global and team (0.62s)
...

1959:  �[32m✓�[0m Git ops custom settings global macos windows custom settings valid.yml (0.50s)
1960:  �[32m✓�[0m Git ops custom settings global windows custom settings invalid label mix 2 .yml (0.65s)
1961:  �[32m✓�[0m Git ops custom settings global windows custom settings invalid label mix.yml (0.50s)
1962:  �[32m✓�[0m Git ops custom settings global windows custom settings unknown label.yml (0.57s)
1963:  �[32m✓�[0m Git ops custom settings team macos custom settings valid deprecated.yml (0.53s)
1964:  �[32m✓�[0m Git ops custom settings team macos windows custom settings invalid labels mix 2 .yml (0.47s)
1965:  �[32m✓�[0m Git ops custom settings team macos windows custom settings invalid labels mix.yml (0.50s)
1966:  �[32m✓�[0m Git ops custom settings team macos windows custom settings unknown label.yml (0.50s)
1967:  �[32m✓�[0m Git ops custom settings team macos windows custom settings valid.yml (0.59s)
1968:  �[32m✓�[0m Git ops dry run rejects invalid label platform (0.50s)
1969:  �[32m✓�[0m Git ops exception enforcement (0.43s)
1970:  �[32m✓�[0m Git ops exception enforcement free tier (0.48s)
1971:  �[32m✓�[0m Git ops exceptions preserve omitted keys (0.57s)
1972:  �[32m✓�[0m Git ops features (0.74s)
1973:  �[32m✓�[0m Git ops filename validation (0.00s)
1974:  �[32m✓�[0m Git ops fleet failing policies webhook policy IDs (0.49s)
1975:  �[32m✓�[0m Git ops fleet webhooks and tickets enabled (0.59s)
...

2132:  �[32m✓�[0m New basic file structure has expected files (0.00s)
2133:  �[32m✓�[0m New basic file structure replaces and escapes org name template var (0.00s)
2134:  �[32m✓�[0m New basic file structure strips .template. from output filenames (0.00s)
2135:  �[32m✓�[0m New dir flag (0.01s)
2136:  �[32m✓�[0m New existing dir with force (0.01s)
2137:  �[32m✓�[0m New existing dir without force (0.00s)
2138:  �[32m✓�[0m New org name YAML quoting (0.01s)
2139:  �[32m✓�[0m New org name validation (0.01s)
2140:  �[32m✓�[0m New org name validation at max length (0.01s)
2141:  �[32m✓�[0m New org name validation control characters stripped (0.01s)
2142:  �[32m✓�[0m New org name validation only control characters (0.00s)
2143:  �[32m✓�[0m New org name validation only whitespace (0.00s)
2144:  �[32m✓�[0m New org name validation too long (0.00s)
2145:  �[32m✓�[0m New output messages (0.01s)
2146:  �[32m✓�[0m New template stripping (0.01s)
2147:  �[32m✓�[0m Print auth error (0.62s)
2148:  �[32m✓�[0m Print auth error SSO disabled shows default login message (0.00s)
2149:  �[32m✓�[0m Print auth error SSO enabled shows SSO instructions (0.00s)
2150:  �[32m✓�[0m Render template (0.00s)
...

2170:  �[32m✓�[0m Run api command get scripts full path missing (0.00s)
2171:  �[32m✓�[0m Run api command get scripts team (0.00s)
2172:  �[32m✓�[0m Run api command get scripts team no cache (0.00s)
2173:  �[32m✓�[0m Run api command get typo (0.00s)
2174:  �[32m✓�[0m Run api command upload script (0.00s)
2175:  �[32m✓�[0m Run script command (0.60s)
2176:  �[32m✓�[0m Run script command disabled scripts globally (0.00s)
2177:  �[32m✓�[0m Run script command host not found (0.01s)
2178:  �[32m✓�[0m Run script command invalid file type (0.00s)
2179:  �[32m✓�[0m Run script command invalid hashbang (0.00s)
2180:  �[32m✓�[0m Run script command invalid utf 8 (0.00s)
2181:  �[32m✓�[0m Run script command missing one of script-path and script-nqme (0.00s)
2182:  �[32m✓�[0m Run script command output truncated (0.01s)
2183:  �[32m✓�[0m Run script command posix shell hashbang (0.01s)
2184:  �[32m✓�[0m Run script command script empty (0.00s)
2185:  �[32m✓�[0m Run script command script failed (0.01s)
2186:  �[32m✓�[0m Run script command script killed (0.01s)
...

2241:  �[32m✓�[0m Validate git ops group EUA global-only run degrades id p but the team's in-run file disables EU A: accepted (0.00s)
2242:  �[32m✓�[0m Validate git ops group EUA global-only run degrades id p while a stored team keeps EUA on: rejected (#4337 1) (0.00s)
2243:  �[32m✓�[0m Validate git ops group EUA no EUA enabled anywhere is accepted (0.00s)
2244:  �[32m✓�[0m Validate git ops group EUA team enables EU A, global file adds complete id P: accepted (0.00s)
2245:  �[32m✓�[0m Validate git ops group EUA team enables EU A, global file adds id p missing entity id: rejected (0.00s)
2246:  �[32m✓�[0m Validate git ops group EUA team enables EU A, global file omits id P, stored has id P: rejected (overwrite clears) (0.00s)
2247:  �[32m✓�[0m Validate git ops group EUA team enables EU A, stored has id P, no global file: accepted (0.00s)
2248:  �[32m✓�[0m Validate git ops group EUA team enables EU A, stored has no id P, no global file: rejected (0.00s)
2249:  github.com/fleetdm/fleet/v4/cmd/fleetctl/integrationtest/gitops:
2250:  �[32m✓�[0m Git ops VPP (5.33s)
2251:  �[32m✓�[0m Git ops VPP all fleets is supported (0.69s)
2252:  �[32m✓�[0m Git ops VPP all teams is supported (0.61s)
2253:  �[32m✓�[0m Git ops VPP new key all valid (0.87s)
2254:  �[32m✓�[0m Git ops VPP new key multiple elements (0.70s)
2255:  �[32m✓�[0m Git ops VPP no team is supported (0.63s)
2256:  �[32m✓�[0m Git ops VPP non existent location fails (0.46s)
2257:  �[32m✓�[0m Git ops VPP not provided teams defaults to no team (0.73s)
2258:  �[32m✓�[0m Git ops VPP using an undefined team errors (0.63s)
2259:  �[32m✓�[0m Git ops existing team VPP apps with missing team (0.48s)
...

2352:  �[32m✓�[0m Git ops team software installers team software installer with display name.yml (1.76s)
2353:  �[32m✓�[0m Integrations enterprise gitops (315.90s)
2354:  �[32m✓�[0m Integrations enterprise gitops test CA integrations (3.99s)
2355:  �[32m✓�[0m Integrations enterprise gitops test FMA labels include all (5.98s)
2356:  �[32m✓�[0m Integrations enterprise gitops test IPA software installers (10.46s)
2357:  �[32m✓�[0m Integrations enterprise gitops test JSON configuration profile escaping (1.29s)
2358:  �[32m✓�[0m Integrations enterprise gitops test add manual labels (1.49s)
2359:  �[32m✓�[0m Integrations enterprise gitops test configuration profile escaping (1.30s)
2360:  �[32m✓�[0m Integrations enterprise gitops test delete CA with certificate templates (5.99s)
2361:  �[32m✓�[0m Integrations enterprise gitops test delete mac OS setup (4.98s)
2362:  �[32m✓�[0m Integrations enterprise gitops test deleting no team YAML (2.67s)
2363:  �[32m✓�[0m Integrations enterprise gitops test disallow software setup experience (123.69s)
2364:  �[32m✓�[0m Integrations enterprise gitops test disallow software setup experience all VPP with setup experience (1.25s)
2365:  �[32m✓�[0m Integrations enterprise gitops test disallow software setup experience no team VPP (1.13s)
2366:  �[32m✓�[0m Integrations enterprise gitops test disallow software setup experience no team installers (60.51s)
2367:  �[32m✓�[0m Integrations enterprise gitops test disallow software setup experience packages fail (60.61s)
2368:  �[32m✓�[0m Integrations enterprise gitops test dry run mac OS setup script with manual agent install conflict (0.42s)
...

2398:  �[32m✓�[0m Integrations enterprise gitops test omitted top level keys global (2.46s)
2399:  �[32m✓�[0m Integrations enterprise gitops test remove custom settings from default YAML (2.55s)
2400:  �[32m✓�[0m Integrations enterprise gitops test special case teams VPP apps (3.78s)
2401:  �[32m✓�[0m Integrations enterprise gitops test special case teams VPP apps all teams (2.38s)
2402:  �[32m✓�[0m Integrations enterprise gitops test special case teams VPP apps no team (1.23s)
2403:  �[32m✓�[0m Integrations enterprise gitops test unset configuration profile labels (4.88s)
2404:  �[32m✓�[0m Integrations enterprise gitops test unset software installer labels (11.33s)
2405:  �[32m✓�[0m Integrations enterprise starter library (5.08s)
2406:  �[32m✓�[0m Integrations enterprise starter library test apply starter library premium (3.59s)
2407:  �[32m✓�[0m Integrations gitops (2.24s)
2408:  �[32m✓�[0m Integrations gitops test fleet gitops (0.47s)
2409:  �[32m✓�[0m Integrations gitops test fleet gitops DDM fleet vars requires premium (0.12s)
2410:  �[32m✓�[0m Integrations gitops test fleet gitops with fleet secrets (0.23s)
2411:  �[32m✓�[0m Integrations starter library (1.72s)
2412:  �[32m✓�[0m Integrations starter library test apply starter library free (0.22s)
2413:  === �[31mFailed�[0m
2414:  === �[31mFAIL�[0m: cmd/fleetctl/fleetctl TestGitOpsFullGlobal/useDeprecatedKeys=false (0.04s)
2415:  time=level=INFO msg="request error" path=/api/latest/fleet/setup_experience/eula/metadata took=117.958µs uuid=e4d5ce6c-05cb-4eae-ac9c-7a126a784bb9 err="not found"
2416:  [-] would've deleted report Query to delete
2417:  time=level=INFO msg="request error" path=/api/latest/fleet/setup_experience/eula/metadata took=123.186µs uuid=5f54dcbd-6955-4cc2-aa27-09f927779928 err="not found"
2418:  testing_utils_test.go:20: 
2419:  Error Trace:	/home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/testing_utils_test.go:20
2420:  /home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/gitops_test.go:2244
2421:  Error:      	Received unexpected error:
2422:  applying custom settings: POST /api/latest/fleet/mdm/profiles/batch received status 422 Validation Failed: cannot set custom settings: Windows MDM isn't turned on. For more information about setting up MDM, please visit https://fleetdm.com/learn-more-about/windows-mdm (API time: 1ms)
2423:  Test:       	TestGitOpsFullGlobal/useDeprecatedKeys=false
2424:  --- FAIL: TestGitOpsFullGlobal/useDeprecatedKeys=false (0.04s)
2425:  === �[31mFAIL�[0m: cmd/fleetctl/fleetctl TestGitOpsFullGlobal/useDeprecatedKeys=true (0.04s)
2426:  time=level=INFO msg="request error" path=/api/latest/fleet/setup_experience/eula/metadata took=126.581µs uuid=ed4c05fe-03ed-45ee-87e2-8b054228943e err="not found"
2427:  [-] would've deleted report Query to delete
2428:  time=level=INFO msg="request error" path=/api/latest/fleet/setup_experience/eula/metadata took=127.993µs uuid=1c10abf5-b55b-4189-b353-dc3cd2137511 err="not found"
2429:  testing_utils_test.go:20: 
2430:  Error Trace:	/home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/testing_utils_test.go:20
2431:  /home/runner/work/fleet/fleet/cmd/fleetctl/fleetctl/gitops_test.go:2244
2432:  Error:      	Received unexpected error:
2433:  applying custom settings: POST /api/latest/fleet/mdm/profiles/batch received status 422 Validation Failed: cannot set custom settings: Windows MDM isn't turned on. For more information about setting up MDM, please visit https://fleetdm.com/learn-more-about/windows-mdm (API time: 1ms)
2434:  Test:       	TestGitOpsFullGlobal/useDeprecatedKeys=true
2435:  --- FAIL: TestGitOpsFullGlobal/useDeprecatedKeys=true (0.04s)
2436:  === �[31mFAIL�[0m: cmd/fleetctl/fleetctl TestGitOpsFullGlobal (0.68s)
2437:  DONE 921 tests, 3 failures in 651.225s
2438:  make[1]: *** [Makefile:302: .run-go-tests] Error 1
2439:  make[1]: Leaving directory '/home/runner/work/fleet/fleet'
2440:  make: *** [Makefile:417: test-go] Error 2
2441:  ##[error]Process completed with exit code 2.
2442:  Node 20 is being deprecated. This workflow is running with Node 24 by default. If you need to temporarily use Node 20, you can set the ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true environment variable. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
2443:  ##[group]Run actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
2444:  with:
2445:  name: fleetctl-mysql8.0.44-coverage
2446:  path: ./coverage.txt
2447:  if-no-files-found: error
2448:  compression-level: 6
...

2451:  RACE_ENABLED: false
2452:  GO_TEST_TIMEOUT: 20m
2453:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2454:  RUN_TESTS_ARG: 
2455:  CI_TEST_PKG: fleetctl
2456:  NEED_DOCKER: 1
2457:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2458:  GOTOOLCHAIN: local
2459:  ##[endgroup]
2460:  (node:48882) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
2461:  (Use `node --trace-deprecation ...` to show where the warning was created)
2462:  With the provided path, there will be 1 file uploaded
2463:  Artifact name is valid!
2464:  Root directory input is valid!
2465:  Beginning upload of artifact content to blob storage
2466:  (node:48882) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
2467:  Uploaded bytes 2308913
2468:  Finished uploading artifact content to blob storage!
2469:  SHA256 hash of uploaded artifact zip is 108ccfdcf3a27eb829e715e77030f938b3054756a772a91b22d194bfa1f4008f
2470:  Finalizing artifact upload
2471:  Artifact fleetctl-mysql8.0.44-coverage.zip successfully finalized. Artifact ID 8022979374
2472:  Artifact fleetctl-mysql8.0.44-coverage has been successfully uploaded! Final size is 2308913 bytes. Artifact ID is 8022979374
2473:  Artifact download URL: https://github.com/fleetdm/fleet/actions/runs/28548066258/artifacts/8022979374
2474:  ##[group]Run c1grep() { grep "$@" || test $? = 1; }
2475:  �[36;1mc1grep() { grep "$@" || test $? = 1; }�[0m
2476:  �[36;1mc1grep -oP 'FAIL: .*$' /tmp/gotest.log > /tmp/summary.txt�[0m
2477:  �[36;1mc1grep 'test timed out after' /tmp/gotest.log >> /tmp/summary.txt�[0m
2478:  �[36;1mc1grep 'fatal error:' /tmp/gotest.log >> /tmp/summary.txt�[0m
2479:  �[36;1mc1grep -A 10 'panic: runtime error: ' /tmp/gotest.log >> /tmp/summary.txt�[0m
2480:  �[36;1mc1grep ' FAIL\t' /tmp/gotest.log >> /tmp/summary.txt�[0m
2481:  �[36;1mGO_FAIL_SUMMARY=$(head -n 5 /tmp/summary.txt | sed ':a;N;$!ba;s/\n/\\n/g')�[0m
2482:  �[36;1mecho "GO_FAIL_SUMMARY=$GO_FAIL_SUMMARY"�[0m
2483:  �[36;1mif [[ -z "$GO_FAIL_SUMMARY" ]]; then�[0m
2484:  �[36;1m  GO_FAIL_SUMMARY="unknown, please check the build URL"�[0m
2485:  �[36;1mfi�[0m
2486:  �[36;1mGO_FAIL_SUMMARY=$GO_FAIL_SUMMARY envsubst < .github/workflows/config/slack_payload_template.json > ./payload.json�[0m
2487:  shell: /usr/bin/bash --noprofile --norc -e -o pipefail {0}
2488:  env:
2489:  RACE_ENABLED: false
2490:  GO_TEST_TIMEOUT: 20m
2491:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2492:  RUN_TESTS_ARG: 
2493:  CI_TEST_PKG: fleetctl
2494:  NEED_DOCKER: 1
2495:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2496:  GOTOOLCHAIN: local
2497:  ##[endgroup]
2498:  GO_FAIL_SUMMARY=FAIL: TestGitOpsFullGlobal/useDeprecatedKeys=false (0.04s)\nFAIL: TestGitOpsFullGlobal/useDeprecatedKeys=true (0.04s)
2499:  Node 20 is being deprecated. This workflow is running with Node 24 by default. If you need to temporarily use Node 20, you can set the ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true environment variable. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
2500:  ##[group]Run actions/upload-artifact@834a144ee995460fba8ed112a2fc961b36a5ec5a
2501:  with:
2502:  name: fleetctl-mysql8.0.44-test-log
2503:  path: /tmp/gotest.log
2504:  if-no-files-found: error
2505:  compression-level: 6
...

2508:  RACE_ENABLED: false
2509:  GO_TEST_TIMEOUT: 20m
2510:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2511:  RUN_TESTS_ARG: 
2512:  CI_TEST_PKG: fleetctl
2513:  NEED_DOCKER: 1
2514:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2515:  GOTOOLCHAIN: local
2516:  ##[endgroup]
2517:  (node:48906) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
2518:  (Use `node --trace-deprecation ...` to show where the warning was created)
2519:  With the provided path, there will be 1 file uploaded
2520:  Artifact name is valid!
2521:  Root directory input is valid!
2522:  Beginning upload of artifact content to blob storage
2523:  (node:48906) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
2524:  Uploaded bytes 11015
...

2540:  RACE_ENABLED: false
2541:  GO_TEST_TIMEOUT: 20m
2542:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2543:  RUN_TESTS_ARG: 
2544:  CI_TEST_PKG: fleetctl
2545:  NEED_DOCKER: 1
2546:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2547:  GOTOOLCHAIN: local
2548:  ##[endgroup]
2549:  (node:48918) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
2550:  (Use `node --trace-deprecation ...` to show where the warning was created)
2551:  With the provided path, there will be 1 file uploaded
2552:  Artifact name is valid!
2553:  Root directory input is valid!
2554:  Beginning upload of artifact content to blob storage
2555:  (node:48918) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
2556:  Uploaded bytes 205
...

2572:  RACE_ENABLED: false
2573:  GO_TEST_TIMEOUT: 20m
2574:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2575:  RUN_TESTS_ARG: 
2576:  CI_TEST_PKG: fleetctl
2577:  NEED_DOCKER: 1
2578:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2579:  GOTOOLCHAIN: local
2580:  ##[endgroup]
2581:  (node:48930) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
2582:  (Use `node --trace-deprecation ...` to show where the warning was created)
2583:  With the provided path, there will be 1 file uploaded
2584:  Artifact name is valid!
2585:  Root directory input is valid!
2586:  Beginning upload of artifact content to blob storage
2587:  (node:48930) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
2588:  Uploaded bytes 104792
...

2621:  RACE_ENABLED: false
2622:  GO_TEST_TIMEOUT: 20m
2623:  DOCKER_COMMAND: docker compose -f docker-compose.yml -f docker-compose-redis-cluster.yml up -d mysql_test mysql_replica_test redis redis-cluster-1 redis-cluster-2 redis-cluster-3 redis-cluster-4 redis-cluster-5 redis-cluster-6 redis-cluster-setup s3 saml_idp mailhog mailpit smtp4dev_test
2624:  RUN_TESTS_ARG: 
2625:  CI_TEST_PKG: fleetctl
2626:  NEED_DOCKER: 1
2627:  ARTIFACT_PREFIX: fleetctl-mysql8.0.44
2628:  GOTOOLCHAIN: local
2629:  ##[endgroup]
2630:  (node:48944) [DEP0040] DeprecationWarning: The `punycode` module is deprecated. Please use a userland alternative instead.
2631:  (Use `node --trace-deprecation ...` to show where the warning was created)
2632:  With the provided path, there will be 1 file uploaded
2633:  Artifact name is valid!
2634:  Root directory input is valid!
2635:  Beginning upload of artifact content to blob storage
2636:  (node:48944) [DEP0169] DeprecationWarning: `url.parse()` behavior is not standardized and prone to errors that have security implications. Use the WHATWG URL API instead. CVEs are not issued for `url.parse()` vulnerabilities.
2637:  Uploaded bytes 133

@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.01%. Comparing base (9c28692) to head (3ef742f).
⚠️ Report is 12 commits behind head on main.

Additional details and impacted files
@@            Coverage Diff             @@
##             main   #48599      +/-   ##
==========================================
+ Coverage   67.99%   68.01%   +0.01%     
==========================================
  Files        3678     3678              
  Lines      233668   233760      +92     
  Branches    12453    12453              
==========================================
+ Hits       158894   158984      +90     
- Misses      60469    60474       +5     
+ Partials    14305    14302       -3     
Flag Coverage Δ
backend 69.66% <100.00%> (+0.01%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Python packages on ubuntu devices are not reporting vulnerabilities

1 participant