Hi there! 👋
I noticed that the codebase uses datetime.utcnow() or datetime.utcfromtimestamp(). These are deprecated and won't work with Python 3.12. They also handle naïve datetimes, which can lead to bugs. Could we switch to timezone-aware alternatives?
CodeQL Alerts
Here are the specific instances CodeQL flagged:
|
date_now = datetime.datetime.utcnow() |
|
date_now = datetime.datetime.utcnow() |
|
date_now = datetime.datetime.utcnow() |
|
return datetime.datetime.utcnow().replace(tzinfo=pytz.utc) |
|
timestamp=str(datetime.utcnow()), |
|
timestamp=str(datetime.utcnow()), |
|
else round_timestamp(datetime.utcnow(), "1D") |
|
return datetime.datetime.utcnow().replace(tzinfo=pytz.utc) |
Explanation
Issue:
datetime.utcnow() and datetime.utcfromtimestamp() return naïve datetimes (without timezone info).- In Python 3, naïve datetimes are interpreted as system-local times, causing inconsistencies.
- These methods are deprecated and no longer work in Python 3.12.
Example Problem:
from datetime import datetime
ts = 1571595618.0
x = datetime.utcfromtimestamp(ts)
x_ts = x.timestamp()
assert ts == x_ts, f"{ts} != {x_ts}" # Can fail in non-UTC localesRecommended Solution:
Switch to time zone-aware methods:
from datetime import datetime, timezone
# Replace utcnow()
dt_now = datetime.now(tz=timezone.utc)
# Replace utcfromtimestamp()
ts = 1571595618.0
x = datetime.fromtimestamp(ts, tz=timezone.utc)
x_ts = x.timestamp()
assert ts == x_ts, f"{ts} != {x_ts}" # This succeedsAction Required:
- Replace all instances of
datetime.utcnow() with datetime.now(tz=timezone.utc).
- Replace all instances of
datetime.utcfromtimestamp() with datetime.fromtimestamp(ts, tz=timezone.utc).
References:
For more details, see:
Thank you so much for your time and effort in maintaining this project! 🌟
Best,
Shrey
Hi there! 👋
I noticed that the codebase uses
datetime.utcnow()ordatetime.utcfromtimestamp(). These are deprecated and won't work with Python 3.12. They also handle naïve datetimes, which can lead to bugs. Could we switch to timezone-aware alternatives?CodeQL Alerts
Here are the specific instances CodeQL flagged:
whitebox/whitebox/crud/base.py
Line 37 in 9524d86
whitebox/whitebox/crud/base.py
Line 48 in 9524d86
whitebox/whitebox/crud/base.py
Line 69 in 9524d86
whitebox/whitebox/core/manager.py
Line 31 in 9524d86
whitebox/whitebox/cron_tasks/monitoring_alerts.py
Line 57 in 9524d86
whitebox/whitebox/cron_tasks/monitoring_alerts.py
Line 91 in 9524d86
whitebox/whitebox/cron_tasks/monitoring_metrics.py
Line 263 in 9524d86
whitebox/whitebox/schemas/task.py
Line 13 in 9524d86
Explanation
Issue:
datetime.utcnow()anddatetime.utcfromtimestamp()return naïve datetimes (without timezone info).Example Problem:
Recommended Solution:
Switch to time zone-aware methods:
Action Required:
datetime.utcnow()withdatetime.now(tz=timezone.utc).datetime.utcfromtimestamp()withdatetime.fromtimestamp(ts, tz=timezone.utc).References:
For more details, see:
Thank you so much for your time and effort in maintaining this project! 🌟
Best,
Shrey