fix(ignored-tables): properly ignore table sequences when table is excluded from sync

.safety-policy.yaml

@@ -1,4 +1,2 @@
 security:
   ignore-vulnerabilities:
-    70612:
-      reason: "Ignoring CVE-2019-8341 as we are not using the vulnerable from_string function in Jinja2."

CHANGELOG.md

@@ -17,6 +17,24 @@ Exceptions are acceptable depending on the circumstances (critical bug fixes tha
 
 ## [Unreleased]
 
+### Added 
+
+- added required versions of jinja2 `3.1.6` and cryptography `44.0.1` to avoid vulnerabilities
+
+### Changed
+
+- updated required Python version from `3.9` to `3.9.2` for compatibility with the new cryptography version
+- updated safety version from `3.0.1` to `3.5.1` to address vulnerabilities
+
+### Fixed 
+
+- fixed missing exclude table command for the id_seq of the table ignored
+- fixed dropping the id_seq table for the ignored table
+
+### Removed
+
+- removed not used `ignore-vulnerabilities` from safety policy
+
 ## [1.1.0] - 2024-10-01
 
 ### Added

README.md

@@ -13,7 +13,7 @@ This guide outlines the necessary steps to set up and use the Database Sync tool
 Before proceeding with the installation, ensure the following prerequisites are met:
 
 - **Docker**: Version 18.09 or higher. [Install Docker](https://docs.docker.com/install)
-- **Python**: Version 3.9 or higher. [Install Python](https://www.python.org/downloads/)
+- **Python**: Version 3.9.2 or higher. [Install Python](https://www.python.org/downloads/)
 - **PDM**: Version 2.11.2 or higher. [Install PDM](https://pdm-project.org/latest/#installation)
 - **pg_dump**: Version 15. [Install pg_dump](./INSTALL_PG_DUMP.md)
 - **psycopg2**: Version 2.9.9. [Install psycopg](https://www.psycopg.org/docs/install.html)

database_sync/domain/commands/sync_command.py

@@ -69,6 +69,10 @@ def __clean_database(
                 if table in all_tables:
                     all_tables.remove(table)
 
+                seq_name = f"{table}_id_seq"
+                if seq_name in all_sequences:
+                    all_sequences.remove(seq_name)
+
         self.__services.dev.drop_tables(database, all_tables)
         self.__services.dev.drop_sequences(database, all_sequences)
         self.__services.dev.drop_views(database, all_views)

database_sync/infrastructure/services/psql_database_service.py

@@ -71,6 +71,10 @@ def export(self, database: str, ignore: list[Ignore]) -> None:
                 self.__logger.warning(f"ignoring table '{table}' on export")
                 ignore_command += ["--exclude-table", table]
 
+                seq_name = f"{table}_id_seq"
+                self.__logger.warning(f"ignoring sequence '{seq_name}' on export")
+                ignore_command += ["--exclude-table", seq_name]
+
         content = self.__connector.dump(database, ignore_command, f"{database}.dump")
 
         if not content:

horusec.json

@@ -1,9 +1,9 @@
 {
   "horusecCliFalsePositiveHashes": [
-    "939e393fc1d8f0ba3ecd9202020d1a07f0d26905e6c2b2d4aa8ea510d7570a03"
+    "6eff783d313cd1b32ff6efe8d891fc92652b615a70cdcce75df1c9ee73214b9b"
   ],
   "horusecCliRiskAcceptHashes": [
-    "7c8bbe9216fbfd928ea338e42cc2c8b5a216b0f8846e6f7c4ec3856c264c3355",
-    "1276f12de15665997a358773f9b0d526c292185324010b5485396739971cd017"
+    "ff65056498a03f3ebdac89d51957a04c13f296562f7c8666cfda4d508e75b51c",
+    "3f0a28fe2d64c68b4436ec341fb53c6e07c51ae3e01fbb036ab923d126314a5a"
   ]
 }

pyproject.toml

@@ -11,7 +11,7 @@ dependencies = [
     "python-dotenv>=1.0.0",
     "psycopg2>=2.9.9",
 ]
-requires-python = ">=3.9"
+requires-python = ">=3.9.2"
 
 [project.urls]
 Homepage = "https://github.com/fnk0c/database-sync"
@@ -33,6 +33,8 @@ utils = [
     "types-dateparser>=1.1.4.20240106",
     "types-python-dateutil>=2.8.19.20240106",
     "types-requests>=2.31.0.20240125",
+    "jinja2>=3.1.6",
+    "cryptography>=44.0.1",
 ]
 quality = [
     "black>=24.4.2",
@@ -51,7 +53,7 @@ quality = [
 ]
 security = [
     "cyclonedx-bom>=4.0.0",
-    "safety>=3.0.1",
+    "safety>=3.5.1",
 ]
 test = [
     "faker>=23.1.0",