Sync from SUSE:SLFO:Main python-Werkzeug revision ef22843d4929ed929c74885b9d7056ac

This commit is contained in:
Adrian Schröter 2024-09-25 17:12:41 +02:00
parent c37ad0bd42
commit 563ca67a1f
4 changed files with 58 additions and 10 deletions

View File

@ -1,3 +1,34 @@
-------------------------------------------------------------------
Tue May 7 06:01:38 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
- Update to 3.0.3:
* Only allow ``localhost``, ``.localhost``, ``127.0.0.1``, or the
specified hostname when running the dev server, to make debugger
requests. Additional hosts can be added by using the debugger
middleware directly. The debugger UI makes requests using the
full URL rather than only the path. :ghsa:`2g68-c3qc-8985`
(CVE-2024-34069, bsc#1223979)
* Make reloader more robust when ``""`` is in ``sys.path``.
:pr:`2823`
* Better TLS cert format with ``adhoc`` dev certs. :pr:`2891`
* Inform Python < 3.12 how to handle ``itms-services`` URIs
correctly, rather than using an overly-broad workaround in
Werkzeug that caused some redirect URIs to be passed on without
encoding. :issue:`2828`
* Type annotation for ``Rule.endpoint`` and other uses of
``endpoint`` is ``Any``. :issue:`2836`
- Update to 3.0.2:
* Ensure setting ``merge_slashes`` to ``False`` results in
``NotFound`` for repeated-slash requests against single slash
routes. :issue:`2834`
* Fix handling of ``TypeError`` in ``TypeConversionDict.get()`` to
match ``ValueError``. :issue:`2843`
* Fix ``response_wrapper`` type check in test client. :issue:`2831`
* Make the return type of ``MultiPartParser.parse`` more precise.
:issue:`2840`
* Raise an error if converter arguments cannot be parsed.
:issue:`2822`
-------------------------------------------------------------------
Fri Oct 27 03:06:50 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>

View File

@ -1,7 +1,7 @@
#
# spec file
# spec file for package python-Werkzeug
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -27,7 +27,7 @@
%{?sle15_python_module_pythons}
Name: python-Werkzeug%{psuffix}
Version: 3.0.1
Version: 3.0.3
Release: 0
Summary: The Swiss Army knife of Python web development
License: BSD-3-Clause
@ -91,14 +91,31 @@ sed -i "1d" examples/manage-{i18nurls,simplewiki,shorty,couchy,cupoftee,webpylik
%check
%if %{with test}
export LANG=en_US.UTF-8
# workaround pytest 6.2 (like https://github.com/pallets/werkzeug/commit/16718f461d016b88b6457d3ef63816b7df1f0d1f, but shorter)
%pytest -k 'not (dev_server or test_reloader_sys_path or test_chunked_encoding or test_basic or test_server or test_ssl or test_http_proxy or test_500_error or test_untrusted_host or test_double_slash_path or test_wrong_protocol or test_content_type_and_length or test_multiple_headers_concatenated or test_multiline_header_folding or test_exclude_patterns)'
# Tests that requires connection
donttest="test_basic"
donttest+=" or test_http_proxy"
donttest+=" or test_server"
donttest+=" or test_ssl_dev_cert"
donttest+=" or test_ssl_object"
donttest+=" or test_reloader_sys_path"
donttest+=" or test_chunked_request"
donttest+=" or test_streaming_close_response"
donttest+=" or test_streaming_chunked_response"
donttest+=" or test_streaming_chunked_truncation"
donttest+=" or test_untrusted_host"
donttest+=" or test_double_slash_path"
donttest+=" or test_500_error"
donttest+=" or test_wrong_protocol"
donttest+=" or test_content_type_and_length"
donttest+=" or test_multiple_headers_concatenated"
donttest+=" or test_multiline_header_folding"
%pytest -k "not ($donttest)"
%endif
%if ! %{with test}
%files %{python_files}
%license LICENSE.rst
%doc CHANGES.rst README.rst
%license LICENSE.txt
%doc CHANGES.rst README.md
%{python_sitelib}/werkzeug
%{python_sitelib}/werkzeug-%{version}.dist-info
%endif

BIN
werkzeug-3.0.1.tar.gz (Stored with Git LFS)

Binary file not shown.

BIN
werkzeug-3.0.3.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.