upgrade to python3.12.4 (#16105)

* upgrade to python3.12.4

* lint

* take correct tag from hub.docker.com

* update linter to py312 syntax

* re-compile all deps

Author: ewdurbin

.python-version

@@ -1 +1 @@
-3.11.9
+3.12.4

Dockerfile

@@ -36,7 +36,7 @@ RUN NODE_ENV=production npm run build
 
 
 # We'll build a light-weight layer along the way with just docs stuff
-FROM python:3.11.9-slim-bookworm as docs
+FROM python:3.12.4-slim-bookworm as docs
 
 # By default, Docker has special steps to avoid keeping APT caches in the layers, which
 # is good, but in our case, we're going to mount a special cache volume (kept between
@@ -105,7 +105,7 @@ USER docs
 
 # Now we're going to build our actual application, but not the actual production
 # image that it gets deployed into.
-FROM python:3.11.9-slim-bookworm as build
+FROM python:3.12.4-slim-bookworm as build
 
 # Define whether we're building a production or a development image. This will
 # generally be used to control whether or not we install our development and
@@ -189,7 +189,7 @@ RUN --mount=type=cache,target=/root/.cache/pip \
 
 # Now we're going to build our actual application image, which will eventually
 # pull in the static files that were built above.
-FROM python:3.11.9-slim-bookworm
+FROM python:3.12.4-slim-bookworm
 
 # Setup some basic environment variables that are ~never going to change.
 ENV PYTHONUNBUFFERED 1

bin/lint

@@ -11,7 +11,7 @@ export LANG="${ENCODING:-en_US.UTF-8}"
 set -x
 
 # Actually run our tests.
-find . -name '*.py' -exec python -m pyupgrade --py311-plus {} +
+find . -name '*.py' -exec python -m pyupgrade --py312-plus {} +
 python -m flake8 .
 python -m black --check --diff *.py warehouse/ tests/
 python -m isort --check *.py warehouse/ tests/

requirements/deploy.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/deploy.txt requirements/deploy.in
@@ -215,3 +215,9 @@ zipp==3.19.2 \
     --hash=sha256:bf1dcf6450f873a13e952a29504887c89e6de7506209e5b1bcc3460135d4de19 \
     --hash=sha256:f091755f667055f2d02b32c53771a7a6c8b47e1fdbc4b72a8b9072b3eef8015c
     # via importlib-metadata
+
+# The following packages are considered to be unsafe in a requirements file:
+setuptools==70.0.0 \
+    --hash=sha256:54faa7f2e8d2d11bcd2c07bed282eef1046b5c080d1c32add737d7b5817b1ad4 \
+    --hash=sha256:f211a66637b8fa059bb28183da127d4e86396c991a942b028c6650d4319c3fd0
+    # via ddtrace

requirements/docs-blog.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/docs-blog.txt requirements/docs-blog.in

requirements/docs-dev.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/docs-dev.txt requirements/docs-dev.in

requirements/docs-user.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/docs-user.txt requirements/docs-user.in

requirements/lint.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/lint.txt requirements/lint.in
@@ -429,7 +429,6 @@ typing-extensions==4.12.1 \
     --hash=sha256:6024b58b69089e5a89c347397254e35f1bf02a907728ec7fee9bf0fe837d203a \
     --hash=sha256:915f5e35ff76f56588223f15fdd5938f9a1cf9195c0de25130c627e4d597f6d1
     # via
-    #   boto3-stubs
     #   celery-types
     #   mypy
 zope-event==5.0 \

requirements/main.in

@@ -6,7 +6,7 @@ b2sdk
 Babel
 bcrypt
 boto3
-celery[sqs]>=5.2.2,<5.3.2
+celery[sqs]>=5.3.5,<5.4
 celery-redbeat
 certifi
 click
@@ -25,7 +25,7 @@ html5lib
 humanize
 itsdangerous
 Jinja2>=2.8
-kombu[sqs]<5.3.2  # https://github.com/jazzband/pip-tools/issues/1577
+kombu[sqs]>=5.3.5,<5.4  # https://github.com/jazzband/pip-tools/issues/1577
 limits
 linehaul
 lxml

requirements/main.txt

@@ -1,5 +1,5 @@
 #
-# This file is autogenerated by pip-compile with Python 3.11
+# This file is autogenerated by pip-compile with Python 3.12
 # by the following command:
 #
 #    pip-compile --allow-unsafe --generate-hashes --output-file=requirements/tests.txt requirements/tests.in

requirements/tests.txt

@@ -104,7 +104,7 @@ def test_too_many_emails_added(self, pyramid_request):
         assert resp.detail == (
             "Too many emails have been added to this account without verifying "
             "them. Check your inbox and follow the verification links. (IP: "
-            f"{ pyramid_request.remote_addr })"
+            f"{pyramid_request.remote_addr})"
         )
         assert dict(resp.headers).get("Retry-After") == "600"
 
@@ -117,7 +117,7 @@ def test_too_many_password_reset_requests(self, pyramid_request):
         assert resp.detail == (
             "Too many password resets have been requested for this account without "
             "completing them. Check your inbox and follow the verification links. (IP: "
-            f"{ pyramid_request.remote_addr })"
+            f"{pyramid_request.remote_addr})"
         )
         assert dict(resp.headers).get("Retry-After") == "600"
 

tests/unit/accounts/test_views.py

@@ -3694,7 +3694,7 @@ def test_collaborator_removed_email(self, db_request, pyramid_config, monkeypatc
         ]
         assert send_email.delay.calls == [
             pretend.call(
-                f"{ removed_user.name } <{ removed_user.primary_email.email }>",
+                f"{removed_user.name} <{removed_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -3715,7 +3715,7 @@ def test_collaborator_removed_email(self, db_request, pyramid_config, monkeypatc
                 },
             ),
             pretend.call(
-                f"{ submitter_user.name } <{ submitter_user.primary_email.email }>",
+                f"{submitter_user.name} <{submitter_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -3789,7 +3789,7 @@ def test_removed_as_collaborator_email(
         assert db_request.task.calls == [pretend.call(send_email)]
         assert send_email.delay.calls == [
             pretend.call(
-                f"{ removed_user.name } <{ removed_user.primary_email.email }>",
+                f"{removed_user.name} <{removed_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -3872,7 +3872,7 @@ def test_role_changed_email(self, db_request, pyramid_config, monkeypatch):
         ]
         assert send_email.delay.calls == [
             pretend.call(
-                f"{ changed_user.name } <{ changed_user.primary_email.email }>",
+                f"{changed_user.name} <{changed_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -3893,7 +3893,7 @@ def test_role_changed_email(self, db_request, pyramid_config, monkeypatch):
                 },
             ),
             pretend.call(
-                f"{ submitter_user.name } <{ submitter_user.primary_email.email }>",
+                f"{submitter_user.name} <{submitter_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -3971,7 +3971,7 @@ def test_role_changed_as_collaborator_email(
         assert db_request.task.calls == [pretend.call(send_email)]
         assert send_email.delay.calls == [
             pretend.call(
-                f"{ changed_user.name } <{ changed_user.primary_email.email }>",
+                f"{changed_user.name} <{changed_user.primary_email.email}>",
                 {
                     "subject": "Email Subject",
                     "body_text": "Email Body",
@@ -5535,15 +5535,15 @@ def test_recovery_code_emails(
             primary_email=pretend.stub(email="email@example.com", verified=True),
         )
         subject_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/subject.txt"
+            f"email/{template_name}/subject.txt"
         )
         subject_renderer.string_response = "Email Subject"
         body_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.txt"
+            f"email/{template_name}/body.txt"
         )
         body_renderer.string_response = "Email Body"
         html_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.html"
+            f"email/{template_name}/body.html"
         )
         html_renderer.string_response = "Email HTML Body"
 
@@ -5616,15 +5616,15 @@ def test_pending_trusted_publisher_emails(
             primary_email=pretend.stub(email="email@example.com", verified=True),
         )
         subject_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/subject.txt"
+            f"email/{template_name}/subject.txt"
         )
         subject_renderer.string_response = "Email Subject"
         body_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.txt"
+            f"email/{template_name}/body.txt"
         )
         body_renderer.string_response = "Email Body"
         html_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.html"
+            f"email/{template_name}/body.html"
         )
         html_renderer.string_response = "Email HTML Body"
 
@@ -5700,15 +5700,15 @@ def test_trusted_publisher_emails(
             primary_email=pretend.stub(email="email@example.com", verified=True),
         )
         subject_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/subject.txt"
+            f"email/{template_name}/subject.txt"
         )
         subject_renderer.string_response = "Email Subject"
         body_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.txt"
+            f"email/{template_name}/body.txt"
         )
         body_renderer.string_response = "Email Body"
         html_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.html"
+            f"email/{template_name}/body.html"
         )
         html_renderer.string_response = "Email HTML Body"
 
@@ -5804,15 +5804,15 @@ def test_api_token_warning_with_trusted_publisher_emails(
             ),
         )
         subject_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/subject.txt"
+            f"email/{template_name}/subject.txt"
         )
         subject_renderer.string_response = "Email Subject"
         body_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.txt"
+            f"email/{template_name}/body.txt"
         )
         body_renderer.string_response = "Email Body"
         html_renderer = pyramid_config.testing_add_renderer(
-            f"email/{ template_name }/body.html"
+            f"email/{template_name}/body.html"
         )
         html_renderer.string_response = "Email HTML Body"
 

tests/unit/email/test_init.py

@@ -347,7 +347,7 @@ def test_last_sent(self, db_session):
         for address in [to, "somebody_else@example.com"]:
             for subject in [subject, "I do not care about this"]:
                 sender.send(
-                    f"Foobar <{ address }>",
+                    f"Foobar <{address}>",
                     EmailMessage(
                         subject=subject, body_text="This is a plain text body"
                     ),
@@ -362,7 +362,7 @@ def test_last_sent(self, db_session):
             aws_client, sender="DevPyPI <noreply@example.com>", db=db_session
         )
         sender.send(
-            f"Foobar <{ to }>",
+            f"Foobar <{to}>",
             EmailMessage(subject=subject, body_text="This is a plain text body"),
         )
 

tests/unit/email/test_services.py

@@ -16,17 +16,17 @@
 def test_sponsor_color_logo_img_tag(db_request):
     sponsor = SponsorFactory.create()
     expected = (
-        f'<img src="{ sponsor.color_logo_url }"'
-        + f' alt="{ sponsor.name }" loading="lazy">'
+        f'<img src="{sponsor.color_logo_url}"'
+        + f' alt="{sponsor.name}" loading="lazy">'
     )
     assert sponsor.color_logo_img == expected
 
 
 def test_sponsor_white_logo_img_tag(db_request):
     sponsor = SponsorFactory.create()
     expected = (
-        f'<img class="sponsors__image" src="{ sponsor.white_logo_url }"'
-        + f' alt="{ sponsor.name }" loading="lazy">'
+        f'<img class="sponsors__image" src="{sponsor.white_logo_url}"'
+        + f' alt="{sponsor.name}" loading="lazy">'
     )
     assert sponsor.white_logo_img == expected
 

tests/unit/sponsors/test_models.py

@@ -120,7 +120,7 @@ class RecoveryCodeValueMixin:
             wtforms.validators.InputRequired(),
             PreventNullBytesValidator(),
             wtforms.validators.Regexp(
-                rf"^ *([0-9a-f] *){{{2*RECOVERY_CODE_BYTES}}}$",
+                rf"^ *([0-9a-f] *){{{2 * RECOVERY_CODE_BYTES}}}$",
                 message=_(
                     "Recovery Codes must be ${recovery_code_length} characters.",
                     mapping={"recovery_code_length": 2 * RECOVERY_CODE_BYTES},

warehouse/accounts/forms.py

@@ -72,15 +72,15 @@ def _activestate_gql_api_call(
         )
         if response.status_code == 404:
             sentry_sdk.capture_message(
-                f"Unexpected {response.status_code } error "
+                f"Unexpected {response.status_code} error "
                 f"from ActiveState API: {response.content!r}"
             )
             raise wtforms.validators.ValidationError(
                 _("Unexpected error from ActiveState. Try again in a few minutes")
             )
         elif response.status_code >= 400:
             sentry_sdk.capture_message(
-                f"Unexpected {response.status_code } error "
+                f"Unexpected {response.status_code} error "
                 f"from ActiveState API: {response.content!r}"
             )
             raise wtforms.validators.ValidationError(

warehouse/oidc/forms/activestate.py

@@ -48,15 +48,15 @@ class Sponsor(db.Model):
 
     @property
     def color_logo_img(self):
-        return f'<img src="{ self.color_logo_url }" alt="{ self.name }" loading="lazy">'
+        return f'<img src="{self.color_logo_url}" alt="{self.name}" loading="lazy">'
 
     @property
     def white_logo_img(self):
         if not self.white_logo_url:
             return ""
         return (
             '<img class="sponsors__image" '
-            + f'src="{ self.white_logo_url }" alt="{ self.name }" loading="lazy">'
+            + f'src="{self.white_logo_url}" alt="{self.name}" loading="lazy">'
         )
 
     @property