Upgrade to Python 3 (!51) · Merge requests · GitLab.org / security-products / dast

Cameron Swords requested to merge upgrade-to-python-3 into master Sep 26, 2019

What does this MR do?

Installs Python3 on the DAST Docker image, and ensures that it is the system default.
Upgrades pip to use Python3.
Installed pip dependencies from the requirements.txt file. Previously, the file was unused and incorrect.

We currently run tests on Python 3.6, but use Python 2.7 on the image when running the analyzer. This creates unnecessary risk.
Python 2.7 is due to be deprecated on the 1st of January 2020.

If this is to be considered a breaking change, then we should not release this until a new version of GitLab is released (13.0).
I haven't considered it a breaking change, because functionality should not have changed from a user perspective.
Note that the order of keys outputted in the gl-dast-report.json has changed. Our clients should not depend on the order, and neither do we, hence I haven't considered this a breaking change.
@gitlab-org/secure/dynamic-analysis-be please note you will need to have Python3 installed on your local machine for development.

Edited Oct 01, 2019 by Cameron Swords