Merge pull request #27 from grumBit/python-and-package-upgrades

grumBit · web-flow · commit 06b938e93458 · 2025-11-26T17:29:04.000+11:00
Python and package upgrades
diff --git a/.github/workflows/publish-to-test-pypi.yml b/.github/workflows/publish-to-test-pypi.yml
@@ -9,10 +9,10 @@ jobs:
 
     steps:
       - uses: actions/checkout@master
-      - name: 🐍 Set up Python 3.7
+      - name: 🐍 Set up Python 3.10
         uses: actions/setup-python@v3
         with:
-          python-version: "3.7"
+          python-version: "3.10"
       - name: 🛠 Install dev requirements
         run: >-
           python -m
diff --git a/.python-version b/.python-version
@@ -1 +1 @@
-3.7
+3.10
diff --git a/README.md b/README.md
@@ -10,7 +10,7 @@
 
 # AWSCronExpressionValidator
 
-Validates these [AWS EventBridge cron expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-create-rule-schedule.html#eb-cron-expressions), which are similar to, but not compatible with Unix style cron expressions;
+Validates these [AWS EventBridge cron expressions](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-cron-expressions.html), which are similar to, but not compatible with Unix style cron expressions;
 
 | Field        | Values          | Wildcards      |
 | :----------- | :-------------- | :------------- |
@@ -21,7 +21,7 @@ Validates these [AWS EventBridge cron expressions](https://docs.aws.amazon.com/e
 | Day-of-week  | 1-7 or SUN-SAT  | , - \* ? L #   |
 | Year         | 1970-2199       | , - \* /       |
 
-_NB: It appears AWS is supporting the Quartz Job Scheduler cron expressions. More details than AWS provides is available in the [Cron Trigger Tutorial](http://www.quartz-scheduler.org/documentation/quartz-2.3.0/tutorials/crontrigger.html)._
+- It appears AWS's wildcard support borrows heavily from Quartz Job Scheduler cron expressions. More documentation about wildcard handling than AWS provides is available in the [Cron Trigger Tutorial](http://www.quartz-scheduler.org/documentation/quartz-2.3.0/tutorials/crontrigger.html). _NB: AWS doesn't support seconds (i.e. AWS has 6 fields, while Quartz has 7), so ignore the first field in the Quartz documenation._
 
 This was inspired by Niloy Chakraborty's [AWSCronValidator.py](https://gist.github.com/ultrasonex/e1fdb8354408a56df91aa4902d17aa6a) project.
 
diff --git a/RELEASENOTES.md b/RELEASENOTES.md
@@ -1,5 +1,17 @@
 # Release History
 
+### v.1.15 [2025-11-26]
+
+- New;
+  - Drop back to oldest supported version of Python.
+
+### v.1.14 [2025-11-26]
+
+- New;
+  - Upgrade of Python from 3.7 to 3.13, and upgrade to latest packages.
+- Fixes;
+  - [Address security alert from dependabot: Black vulnerable to Regular Expression Denial of Service (ReDoS)](https://github.com/grumBit/aws_cron_expression_validator/pull/27) when running the Black linter. _NB: The vulnerability was only related to linting during development. The aws-cron-expression-validator package itself was not impacted._
+
 ### v1.1.13 [2024-02-08]
 
 - Documentation change only;
diff --git a/pyproject.toml b/pyproject.toml
@@ -4,13 +4,13 @@ build-backend = "setuptools.build_meta"
 
 [project]
 name = "aws_cron_expression_validator"
-version = "1.1.13"
+version = "1.1.15"
 authors = [
   { name="Graham Coster", email="bitjugglers@gmail.com" },
 ]
 description = "ValidatesAWS EventBridge cron expressions, which are similar to, but not compatible with Unix style cron expressions"
 readme = "README.md"
-requires-python = ">=3.7"
+requires-python = ">=3.10"
 classifiers = [
     "Development Status :: 5 - Production/Stable", # Chose either "3 - Alpha", "4 - Beta" or "5 - Production/Stable" as the current state of your package
     "Programming Language :: Python :: 3",
diff --git a/requirements_dev.txt b/requirements_dev.txt
@@ -1,79 +1,65 @@
 #
-# This file is autogenerated by pip-compile with python 3.9
-# To update, run:
+# This file is autogenerated by pip-compile with Python 3.13
+# by the following command:
 #
 #    pip-compile requirements_dev.in
 #
-astroid==2.12.9
+astroid==4.0.2
     # via pylint
-attrs==22.1.0
-    # via pytest
-black==22.8.0
+black==25.11.0
     # via -r requirements_dev.in
-build==0.8.0
+build==1.3.0
     # via -r requirements_dev.in
-click==8.1.3
+click==8.3.1
     # via black
-coverage[toml]==6.4.4
+coverage[toml]==7.12.0
     # via pytest-cov
-dill==0.3.5.1
+dill==0.4.0
     # via pylint
-exceptiongroup==1.1.0
-    # via pytest
-iniconfig==1.1.1
+iniconfig==2.3.0
     # via pytest
-isort==5.10.1
+isort==7.0.0
     # via pylint
-lazy-object-proxy==1.7.1
-    # via astroid
 mccabe==0.7.0
     # via pylint
-mypy==0.971
+mypy==1.18.2
     # via -r requirements_dev.in
-mypy-extensions==0.4.3
+mypy-extensions==1.1.0
     # via
     #   black
     #   mypy
-packaging==21.3
+packaging==25.0
     # via
+    #   black
     #   build
     #   pytest
-pathspec==0.10.1
-    # via black
-pep517==0.13.0
-    # via build
-platformdirs==2.5.2
+pathspec==0.12.1
+    # via
+    #   black
+    #   mypy
+platformdirs==4.5.0
     # via
     #   black
     #   pylint
-pluggy==1.0.0
+pluggy==1.6.0
+    # via
+    #   pytest
+    #   pytest-cov
+pygments==2.19.2
     # via pytest
-pylint==2.15.2
+pylint==4.0.3
     # via -r requirements_dev.in
-pyparsing==3.0.9
-    # via packaging
-pytest==7.2.2
+pyproject-hooks==1.2.0
+    # via build
+pytest==9.0.1
     # via
     #   -r requirements_dev.in
     #   pytest-cov
-pytest-cov==3.0.0
+pytest-cov==7.0.0
     # via -r requirements_dev.in
-tomli==2.0.1
-    # via
-    #   black
-    #   build
-    #   coverage
-    #   mypy
-    #   pep517
-    #   pylint
-    #   pytest
-tomlkit==0.11.4
+pytokens==0.3.0
+    # via black
+tomlkit==0.13.3
     # via pylint
-typing-extensions==4.3.0
-    # via
-    #   astroid
-    #   black
-    #   mypy
-    #   pylint
-wrapt==1.14.1
-    # via astroid
+typing-extensions==4.15.0
+    # via mypy
diff --git a/src/aws_cron_expression_validator/validator.py b/src/aws_cron_expression_validator/validator.py
@@ -32,7 +32,6 @@ class AWSCronExpressionDayOfWeekError(AWSCronExpressionError):
 
 
 class AWSCronExpressionValidator:
-
     """
     Validates these AWS EventBridge cron expressions, which are similar to, but not compatible with standard
     unix cron expressions:
diff --git a/tests/aws_cron_expression_validator/test_validator.py b/tests/aws_cron_expression_validator/test_validator.py
@@ -190,22 +190,25 @@ def test_year_regex(self):
 
     def test_validator(self):
         valid_expressions = [
-            "0 18 ? * MON-FRI *",
-            "0 18 ? * L *",
-            "0 18 ? * SATL *",
-            "0 18 L * ? *",
-            "0 18 31W * ? *",
-            "0 10 * * ? *",
-            "15 12 * * ? *",
-            "0 8 1 * ? *",
-            "1/5 8-17 ? * Mon-Fri *",
-            "0 9 ? * 2#1 *",
-            "0 07/12 ? * * *",
-            "10,20,30,40 07/12 ? * * *",
-            "10 10,15,20,23 ? * * *",
-            "10 10 15,30,31 * ? *",
-            "10 10 15 JAN,JUL,DEC ? *",
-            "10 10 31 04,09,12 ? *",
+            "0 18 ? * MON-FRI *",  # Fire at 6pm, on Mondays to Fridays
+            "0 18 ? * L *",  # Fire at 6pm, on Saturdays
+            "0 18 ? * SATL *",  # Fire at 6pm, on the last Saturday of every month
+            "0 18 L * ? *",  # Fire at 6pm, on the last day of every month
+            "0 18 31W * ? *",  # Fire at 6pm, on the nearest weekday to the 31st of the month
+            "0 10 * * ? *",  # Fire at 10am, on every day
+            "15 12 * * ? *",  # Fire at 12:15pm, on every day
+            "0 8 1 * ? *",  # Fire at 8am on the first day of every month
+            "1/5 8-17 ? * Mon-Fri *",  # Fire every 5 minutes, starting on the 1st minute
+            # (i.e. 1st, 6th, 11th, 16th, 21st, 26th, 31st, 36th, 41st, 46th, 51st & 56th minutes),
+            # from 8am to 5pm, Mondays to Fridays
+            "0 9 ? * 2#1 *",  # Fire at 9am, on the 1st Monday of the every month
+            "0 07/12 ? * * *",  # Fire every 12 hours, starting on the 7th hour (i.e. 7am and 7pm), every day.
+            "10,20,30,40 07/12 ? * * *",  # Fire on the 10th, 20th, 30th & 40th minutes, every 12 hours, starting
+            # on the 7th hour (i.e. 7am and 7pm), every day.
+            "10 10,15,20,23 ? * * *",  # Fire at 10:10am, 3:10pm, 8:10pm & 11:10pm, every day
+            "10 10 15,30,31 * ? *",  # Fire at 10:10am on the 15th, 30th & 31st day of every month
+            "10 10 15 JAN,JUL,DEC ? *",  # Fire at 10:10am on the 15th day of January, July and December
+            "10 10 31 04,09,12 ? *",  # Fire at 10:10am on the 31st day of April, September and December
             "0,5 07/12 ? * 1,5,7 *",
             "0,5 07/12 ? * 1,5,7 2020,2021,2028,2199",
             "0,5 07/12 ? * 1,5,7 2020-2021,2028-2199",
