Version 4.3.7

[dvora-h]

Pull Request check-list

Please make sure to review and check all of these items:

• Does $ tox pass with this change (including linting)?
• Do the CI tests pass with this change (enable it first in your forked repo and wait for the github action build to finish)?
• Is the new or changed code fully tested?
• Is a documentation update included (if this change modifies existing APIs, or introduces new ones)?
• Is there an example added to the examples folder (if applicable)?
• Was the change added to CHANGES file?

NOTE: these things are not required to open a PR and can be done
afterwards / while the PR is open.

Description of change

Closes #2665

[codecov-commenter]

Codecov Report

Patch coverage: 50.33% and project coverage change: -26.29 ⚠️

Comparison is base (54a1dce) 85.92% compared to head (519c1ae) 59.63%.

📣 This organization is not using Codecov’s GitHub App Integration. We recommend you install it so Codecov can continue to function properly for your repositories. Learn more

Additional details and impacted files

@@             Coverage Diff             @@
##              4.3    #2672       +/-   ##
===========================================
- Coverage   85.92%   59.63%   -26.29%     
===========================================
  Files         110      111        +1     
  Lines       28489    28623      +134     
===========================================
- Hits        24478    17069     -7409     
- Misses       4011    11554     +7543     

Impacted Files	Coverage Δ
setup.py	0.00% <ø> (ø)
redis/asyncio/client.py	26.49% <25.71%> (-66.08%)	⬇️
tests/test_asyncio/test_cwe_404.py	54.63% <54.63%> (ø)
redis/asyncio/cluster.py	90.11% <76.47%> (+0.18%)	⬆️

... and 70 files with indirect coverage changes

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report in Codecov by Sentry.
📢 Do you have feedback about the report comment? Let us know in this issue.

[jamestiotio]

For Python 3.6, these calls to asyncio.create_task should be modified to asyncio.ensure_future instead.

EDIT: Seems like asyncio.CancelledError existed in Python 3.6.0's code after all, it was just undocumented (earliest documented page of asyncio exceptions was for Python 3.7). Ignore my previous comment about asyncio.CancelledError.

[auvipy]

will be looking forward to this release

[chayim]

Using the proxy changes from @drago-balto, combined with the current 4.3 branch yields a sideaffect in this particular case. Given the output errors on RuntimeError - we can now be positive, that the fix is truly caught.

However, the byproduct of that is this given case. If you cancel an executing pipeline (as in our test then the pipeline object cannot be reused.

Technically, it's always been possible (and works) to reuse the pipeline object, rather than reinitialize it:

r = Redis()
pipe = r.pipeline()
pipe.set("foo", "bar")
pipe.execute()

pipe.set("bar", "blee")
pipe.get("foo")
pipe.execute()

However, in 4.3 this won't be possible should the async be canceled. IMHO this is reasonable, it's a security fix we're backporting to a dead branch. Meaning if you end up in this situation, you can easily catch RuntimeError and move along.

Thoughts community?

[chayim]

@auvipy I haven't seen feedback from anyone.. I let it bake for two weeks, to make sure there's real interest here. Can you confirm - is there - and does this fix work happily for you? Anyone else, please feel free to weigh in.

This version is old enough, that I want to double-check here.

[auvipy]

at celery we use mostly the sync versions codes so far

[auvipy]

but we are py 3.7+ and pypy 3.8+

[chayim]

Right. Since celery is py 3.7+ this PR isn't needed. That's already covered by existing releases.

@dvora-h Let's let this bake. If no one needs the change, specifically due to python 3.6, we abandon.

[auvipy]

but we need to calm down pyup

[chayim]

but we need to calm down pyup

That sounds like a misconfiguration of pyup and IMHO not a reason to release this. I'd rather not extend a potential issue.

Celery releases clearly support Python 3.7+, especially since 3.6 has been end of lifed. I went back through the history of the repository and Pypi, and haven't seen an active version support Python 3.6.

This has sat long enough, I think we can close. Thank you everyone who helps us get to this point!