Enh/dx 1221 fetch asset by query (#83)

sunil-lakshman · abhinav-from-contentstack · aravindbuilt · web-flow · commit 1630584b08a4 · 2024-08-29T10:42:55.000+05:30
* Added GCP NA region support (#69) * Removed empty package * Updated changelog file * Added GCP NA support (#68) * Added GCP NA support * Upgraded dependency packages * Updated License file (#72) --------- Co-authored-by: Abhinav Gupta <abhinav.gupta@contentstack.com> Co-authored-by: abhinav <63039365+abhinav-from-contentstack@users.noreply.github.com> * sca-scan.yml * jira.yml * sast-scan.yml * codeql-analysis.yml * Implemented fetch asset by query * Package bump * Fixed Code Injection * Upgraded setuptools version * Upgraded setuptools version * Fixing failed sca scan work flow * Update sca-scan.yml --------- Co-authored-by: Abhinav Gupta <abhinav.gupta@contentstack.com> Co-authored-by: abhinav <63039365+abhinav-from-contentstack@users.noreply.github.com> Co-authored-by: Aravind Kumar <aravind.kumar@contentstack.com>
diff --git a/.github/workflows/jira.yml b/.github/workflows/jira.yml
@@ -3,7 +3,7 @@ on:
   pull_request:
     types: [opened]
 jobs:
-  security:
+  security-jira:
     if: ${{ github.actor == 'dependabot[bot]' || github.actor == 'snyk-bot' || contains(github.event.pull_request.head.ref, 'snyk-fix-')  || contains(github.event.pull_request.head.ref, 'snyk-upgrade-')}}
     runs-on: ubuntu-latest
     steps:
@@ -26,3 +26,8 @@ jobs:
             PR: ${{ github.event.pull_request.html_url }}
 
           fields: "${{ secrets.JIRA_FIELDS }}"
+      - name: Transition issue
+        uses: atlassian/gajira-transition@v3
+        with:
+          issue: ${{ steps.create.outputs.issue }}
+          transition: ${{ secrets.JIRA_TRANSITION }}
diff --git a/.github/workflows/sast-scan.yml b/.github/workflows/sast-scan.yml
@@ -0,0 +1,11 @@
+name: SAST Scan
+on:
+  pull_request:
+    types: [opened, synchronize, reopened]
+jobs:
+  security-sast:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v2
+      - name: Semgrep Scan
+        run: docker run -v /var/run/docker.sock:/var/run/docker.sock -v "${PWD}:/src" returntocorp/semgrep semgrep scan --config auto
diff --git a/.github/workflows/sca-scan.yml b/.github/workflows/sca-scan.yml
@@ -3,13 +3,14 @@ on:
   pull_request:
     types: [opened, synchronize, reopened]
 jobs:
-  security:
+  security-sca:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@master
       - name: Run Snyk to check for vulnerabilities
-        uses: snyk/actions/python-3.10@master
+        uses: snyk/actions/python@master
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
+          SNYK_INTEGRATION_VERSION: python-3.11
         with:
-          args: --fail-on=all
+          args: --fail-on=all --all-projects --skip-unresolved
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,5 +1,12 @@
 # CHANGELOG
 
+
+## _v1.10.0_
+
+### **Date: 03-SEPTEMBER-2024**
+
+- Fetch asset by any other field than UID
+
 ## _v1.9.0_
 
 ### **Date: 14-MAY-2024**
diff --git a/contentstack/__init__.py b/contentstack/__init__.py
@@ -22,7 +22,7 @@
 __title__ = 'contentstack-delivery-python'
 __author__ = 'contentstack'
 __status__ = 'debug'
-__version__ = 'v1.9.0'
+__version__ = 'v1.10.0'
 __endpoint__ = 'cdn.contentstack.io'
 __email__ = 'mobile@contentstack.com'
 __developer_email__ = 'shailesh.mishra@contentstack.com'
diff --git a/contentstack/assetquery.py b/contentstack/assetquery.py
@@ -176,6 +176,6 @@ def find(self):
 
         """
         if self.parameters is not None and len(self.parameters) > 0:
-            self.asset_query_params["query"] = json.dumps(self.parameters)
+            self.asset_query_params["query"] = self.parameters
         url = Utils.get_complete_url(self.base_url, self.asset_query_params)
         return self.http_instance.get(url)
diff --git a/contentstack/utility.py b/contentstack/utility.py
@@ -5,7 +5,7 @@
 
 import json
 import logging
-from urllib import parse
+from urllib.parse import urlencode, urljoin
 
 log = logging.getLogger(__name__)
 
@@ -55,14 +55,22 @@ def do_url_encode(params):
         return parse.urlencode(params)
 
     @staticmethod
-    def get_complete_url(base_url: str, params: dict):
+    def get_complete_url(base_url: str, params: dict) -> str:
         """
-        creates complete url using base_url and their respective parameters
-        :param base_url:
-        :param params:
-        :return:
+        Creates a complete URL using base_url and their respective parameters.
+        :param base_url: The base URL to which parameters are appended.
+        :param params: A dictionary of parameters to be included in the URL.
+        :return: A complete URL with encoded parameters.
         """
+        # Ensure 'query' is properly serialized as a JSON string without extra quotes
         if 'query' in params:
-            params["query"] = json.dumps(params["query"])
-        query = parse.urlencode(params)
-        return f'{base_url}&{query}'
+            params["query"] = json.dumps(params["query"], separators=(',', ':'))
+
+        # Encode parameters
+        query_string = urlencode(params, doseq=True)
+        
+        # Join base_url and query_string
+        if '?' in base_url:
+            return f'{base_url}&{query_string}'
+        else:
+            return f'{base_url}?{query_string}'
diff --git a/requirements.txt b/requirements.txt
@@ -1,8 +1,8 @@
 twython==3.9.1
-setuptools==67.8.0
+setuptools~=74.0.0
 contentstack-utils==1.3.0
 python-dateutil==2.8.2
-requests==2.31.0
+requests==2.32.2
 coverage==7.2.6
 tox==4.5.1
 virtualenv==20.23.0
@@ -49,15 +49,15 @@ imagesize==1.4.1
 snowballstemmer~=2.2.0
 Pygments~=2.15.1
 wrapt==1.15.0
-certifi==2024.2.2
+certifi==2024.7.4
 oauthlib==3.2.2
 idna==3.7
 chardet~=5.2.0
 alabaster==0.7.13
-zipp==3.15.0
+zipp==3.19.1
 distlib~=0.3.6
 cachetools~=5.3.0
 tomlkit~=0.11.8
-urllib3==2.0.7
+urllib3==2.2.2
 exceptiongroup~=1.1.1
 iniconfig~=2.0.0
