Add requirements.txt with third-party dependencies#1
Open
Tickip wants to merge 6 commits into
Open
Conversation
boto3, msal, python-dateutil, and requests were all imported but not declared anywhere, making fresh installs and reproducibility impossible. https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
b"%b" % pattern.encode() is a roundabout way of writing pattern.encode() — replace with the direct form for clarity and to remove unnecessary bytes formatting indirection. https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
Two bugs: env variables dict was written directly to a file (TypeError), and no guard for Lambdas with no environment variables set (KeyError on missing 'Environment' key in AWS response). Serialize with json.dumps and use .get() with defaults to handle both cases. https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
File handles: replace bare json.load(open(...)) calls with proper
with-blocks across claws.py, secretvalidation.py, and parsing.py.
Also fix the bare open() in getAccounts().
Path traversal: add _is_valid_account_id() which enforces that profile
IDs match \d{12} (the AWS account ID format) before they are used in
filesystem paths. Applied in getAccounts() to filter accounts.txt
entries, and at the CLI entry point to reject an invalid --profile arg.
https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
Container image Lambdas have no Code.Location — they return Code.ImageUri and RepositoryType='ECR' instead. The previous code crashed with KeyError on these. Now: always capture environment variables regardless of package type (get_function_configuration works for both), then for ECR functions log the function name, version, and image URI to logs/ecr_functions.log and skip the zip download. Zip-based Lambdas continue as before. https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
Layers: add downloadLayers() which reads the Layers list from the function configuration, calls get_layer_version_by_arn for each, and downloads the zip. Skips layers already on disk so shared layers aren't downloaded once per function that uses them. Presigned URL expiry: the URL returned by get_function expires in ~10 minutes. Under heavy threading the download can start after expiry and get a 403. Now retries up to 3 times, re-calling get_function each time to get a fresh URL, with exponential backoff (2s, 4s) between attempts. Logs a failure if all attempts are exhausted. https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
boto3, msal, python-dateutil, and requests were all imported but
not declared anywhere, making fresh installs and reproducibility
impossible.
https://claude.ai/code/session_01Hwhkq2ASMSCrpudm5DkvcX