From 65deae5b3d39e95ae1eff076e6e755feec06b8c56dd9bdb8e3e036c60978dd5d Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Fri, 21 Feb 2020 04:59:38 +0000 Subject: [PATCH 1/2] =?UTF-8?q?-=20Update=20to=201.0.0:=20=20=20*=20Drop?= =?UTF-8?q?=20support=20for=20Python=203.4.=20(#1478)=20=20=20*=20Remove?= =?UTF-8?q?=20code=20that=20issued=20deprecation=20warnings=20in=20version?= =?UTF-8?q?=200.15.=20(#1477)=20=20=20*=20Remove=20most=20top-level=20attr?= =?UTF-8?q?ibutes=20provided=20by=20the=20werkzeug=20module=20in=20favor?= =?UTF-8?q?=20of=20direct=20imports.=20For=20example,=20instead=20of=20imp?= =?UTF-8?q?ort=20werkzeug;=20werkzeug.url=5Fquote,=20do=20from=20werkzeug.?= =?UTF-8?q?urls=20import=20url=5Fquote.=20Install=20version=200.16=20first?= =?UTF-8?q?=20to=20see=20deprecation=20warnings=20while=20upgrading.=20#2,?= =?UTF-8?q?=20#1640=20=20=20*=20Added=20utils.invalidate=5Fcached=5Fproper?= =?UTF-8?q?ty()=20to=20invalidate=20cached=20properties.=20(#1474)=20=20?= =?UTF-8?q?=20*=20Directive=20keys=20for=20the=20Set-Cookie=20response=20h?= =?UTF-8?q?eader=20are=20not=20ignored=20when=20parsing=20the=20Cookie=20r?= =?UTF-8?q?equest=20header.=20This=20allows=20cookies=20with=20names=20suc?= =?UTF-8?q?h=20as=20=E2=80=9Cexpires=E2=80=9D=20and=20=E2=80=9Cversion?= =?UTF-8?q?=E2=80=9D.=20(#1495)=20=20=20*=20Request=20cookies=20are=20pars?= =?UTF-8?q?ed=20into=20a=20MultiDict=20to=20capture=20all=20values=20for?= =?UTF-8?q?=20cookies=20with=20the=20same=20key.=20cookies[key]=20returns?= =?UTF-8?q?=20the=20first=20value=20rather=20than=20the=20last.=20Use=20co?= =?UTF-8?q?okies.getlist(key)=20to=20get=20all=20values.=20parse=5Fcookie?= =?UTF-8?q?=20also=20defaults=20to=20a=20MultiDict.=20#1562,=20#1458=20=20?= =?UTF-8?q?=20*=20Add=20charset=3Dutf-8=20to=20an=20HTTP=20exception=20res?= =?UTF-8?q?ponse=E2=80=99s=20CONTENT=5FTYPE=20header.=20(#1526)=20=20=20*?= =?UTF-8?q?=20The=20interactive=20debugger=20handles=20outer=20variables?= =?UTF-8?q?=20in=20nested=20scopes=20such=20as=20lambdas=20and=20comprehen?= =?UTF-8?q?sions.=20#913,=20#1037,=20#1532=20=20=20*=20The=20user=20agent?= =?UTF-8?q?=20for=20Opera=2060=20on=20Mac=20is=20correctly=20reported=20as?= =?UTF-8?q?=20=E2=80=9Copera=E2=80=9D=20instead=20of=20=E2=80=9Cchrome?= =?UTF-8?q?=E2=80=9D.=20#1556=20=20=20*=20The=20platform=20for=20Crosswalk?= =?UTF-8?q?=20on=20Android=20is=20correctly=20reported=20as=20=E2=80=9Cand?= =?UTF-8?q?roid=E2=80=9D=20instead=20of=20=E2=80=9Cchromeos=E2=80=9D.=20(#?= =?UTF-8?q?1572)=20=20=20*=20Issue=20a=20warning=20when=20the=20current=20?= =?UTF-8?q?server=20name=20does=20not=20match=20the=20configured=20server?= =?UTF-8?q?=20name.=20#760=20=20=20*=20A=20configured=20server=20name=20wi?= =?UTF-8?q?th=20the=20default=20port=20for=20a=20scheme=20will=20match=20t?= =?UTF-8?q?he=20current=20server=20name=20without=20the=20port=20if=20the?= =?UTF-8?q?=20current=20scheme=20matches.=20#1584=20=20=20*=20InternalServ?= =?UTF-8?q?erError=20has=20a=20original=5Fexception=20attribute=20that=20f?= =?UTF-8?q?rameworks=20can=20use=20to=20track=20the=20original=20cause=20o?= =?UTF-8?q?f=20the=20error.=20#1590=20=20=20*=20Headers=20are=20tested=20f?= =?UTF-8?q?or=20equality=20independent=20of=20the=20header=20key=20case,?= =?UTF-8?q?=20such=20that=20X-Foo=20is=20the=20same=20as=20x-foo.=20#1605?= =?UTF-8?q?=20=20=20*=20http.dump=5Fcookie()=20accepts=20'None'=20as=20a?= =?UTF-8?q?=20value=20for=20samesite.=20#1549=20=20=20*=20set=5Fcookie()?= =?UTF-8?q?=20accepts=20a=20samesite=20argument.=20#1705=20=20=20*=20Suppo?= =?UTF-8?q?rt=20the=20Content=20Security=20Policy=20header=20through=20the?= =?UTF-8?q?=20Response.content=5Fsecurity=5Fpolicy=20data=20structure.=20#?= =?UTF-8?q?1617=20=20=20*=20LanguageAccept=20will=20fall=20back=20to=20mat?= =?UTF-8?q?ching=20=E2=80=9Cen=E2=80=9D=20for=20=E2=80=9Cen-US=E2=80=9D=20?= =?UTF-8?q?or=20=E2=80=9Cen-US=E2=80=9D=20for=20=E2=80=9Cen=E2=80=9D=20to?= =?UTF-8?q?=20better=20support=20clients=20or=20translations=20that=20only?= =?UTF-8?q?=20match=20at=20the=20primary=20language=20tag.=20#450,=20#1507?= =?UTF-8?q?=20=20=20*=20MIMEAccept=20uses=20MIME=20parameters=20for=20spec?= =?UTF-8?q?ificity=20when=20matching.=20#458,=20#1574=20=20=20*=20If=20the?= =?UTF-8?q?=20development=20server=20is=20started=20with=20an=20SSLContext?= =?UTF-8?q?=20configured=20to=20verify=20client=20certificates,=20the=20ce?= =?UTF-8?q?rtificate=20in=20PEM=20format=20will=20be=20available=20as=20en?= =?UTF-8?q?viron["SSL=5FCLIENT=5FCERT"].=20#1469=20=20=20*=20is=5Fresource?= =?UTF-8?q?=5Fmodified=20will=20run=20for=20methods=20other=20than=20GET?= =?UTF-8?q?=20and=20HEAD,=20rather=20than=20always=20returning=20False.=20?= =?UTF-8?q?#409=20=20=20*=20SharedDataMiddleware=20returns=20404=20rather?= =?UTF-8?q?=20than=20500=20when=20trying=20to=20access=20a=20directory=20i?= =?UTF-8?q?nstead=20of=20a=20file=20with=20the=20package=20loader.=20The?= =?UTF-8?q?=20dependency=20on=20setuptools=20and=20pkg=5Fresources=20is=20?= =?UTF-8?q?removed.=20#1599=20=20=20*=20Add=20a=20response.cache=5Fcontrol?= =?UTF-8?q?.immutable=20flag.=20Keep=20in=20mind=20that=20browser=20suppor?= =?UTF-8?q?t=20for=20this=20Cache-Control=20header=20option=20is=20still?= =?UTF-8?q?=20experimental=20and=20may=20not=20be=20implemented.=20#1185?= =?UTF-8?q?=20=20=20*=20Optional=20request=20log=20highlighting=20with=20t?= =?UTF-8?q?he=20development=20server=20is=20handled=20by=20Click=20instead?= =?UTF-8?q?=20of=20termcolor.=20#1235=20=20=20*=20Optional=20ad-hoc=20TLS?= =?UTF-8?q?=20support=20for=20the=20development=20server=20is=20handled=20?= =?UTF-8?q?by=20cryptography=20instead=20of=20pyOpenSSL.=20#1555=20=20=20*?= =?UTF-8?q?=20FileStorage.save()=20supports=20pathlib=20and=20PEP=20519=20?= =?UTF-8?q?PathLike=20objects.=20#1653=20=20=20*=20The=20debugger=20securi?= =?UTF-8?q?ty=20pin=20is=20unique=20in=20containers=20managed=20by=20Podma?= =?UTF-8?q?n.=20#1661=20=20=20*=20Building=20a=20URL=20when=20host=5Fmatch?= =?UTF-8?q?ing=20is=20enabled=20takes=20into=20account=20the=20current=20h?= =?UTF-8?q?ost=20when=20there=20are=20duplicate=20endpoints=20with=20diffe?= =?UTF-8?q?rent=20hosts.=20#488=20=20=20*=20The=20429=20TooManyRequests=20?= =?UTF-8?q?and=20503=20ServiceUnavailable=20HTTP=20exceptions=20takes=20a?= =?UTF-8?q?=20retry=5Fafter=20parameter=20to=20set=20the=20Retry-After=20h?= =?UTF-8?q?eader.=20#1657?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Werkzeug?expand=0&rev=49 --- Werkzeug-0.16.0.tar.gz | 3 --- Werkzeug-1.0.0.tar.gz | 3 +++ python-Werkzeug.changes | 46 +++++++++++++++++++++++++++++++++++++++++ python-Werkzeug.spec | 8 +++---- 4 files changed, 52 insertions(+), 8 deletions(-) delete mode 100644 Werkzeug-0.16.0.tar.gz create mode 100644 Werkzeug-1.0.0.tar.gz diff --git a/Werkzeug-0.16.0.tar.gz b/Werkzeug-0.16.0.tar.gz deleted file mode 100644 index 8ad3bfc..0000000 --- a/Werkzeug-0.16.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7280924747b5733b246fe23972186c6b348f9ae29724135a6dfc1e53cea433e7 -size 925717 diff --git a/Werkzeug-1.0.0.tar.gz b/Werkzeug-1.0.0.tar.gz new file mode 100644 index 0000000..a29b704 --- /dev/null +++ b/Werkzeug-1.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:169ba8a33788476292d04186ab33b01d6add475033dfc07215e6d219cc077096 +size 904176 diff --git a/python-Werkzeug.changes b/python-Werkzeug.changes index 4fec1cc..9a7ca2f 100644 --- a/python-Werkzeug.changes +++ b/python-Werkzeug.changes @@ -1,3 +1,49 @@ +------------------------------------------------------------------- +Fri Feb 21 04:58:05 UTC 2020 - Steve Kowalik + +- Update to 1.0.0: + * Drop support for Python 3.4. (#1478) + * Remove code that issued deprecation warnings in version 0.15. (#1477) + * Remove most top-level attributes provided by the werkzeug module in favor of direct imports. For example, instead of import werkzeug; werkzeug.url_quote, do from werkzeug.urls import url_quote. Install version 0.16 first to see deprecation warnings while upgrading. #2, #1640 + * Added utils.invalidate_cached_property() to invalidate cached properties. (#1474) + * Directive keys for the Set-Cookie response header are not ignored when parsing the Cookie request header. This allows cookies with names such as “expires” and “version”. (#1495) + * Request cookies are parsed into a MultiDict to capture all values for cookies with the same key. cookies[key] returns the first value rather than the last. Use cookies.getlist(key) to get all values. parse_cookie also defaults to a MultiDict. #1562, #1458 + * Add charset=utf-8 to an HTTP exception response’s CONTENT_TYPE header. (#1526) + * The interactive debugger handles outer variables in nested scopes such as lambdas and comprehensions. #913, #1037, #1532 + * The user agent for Opera 60 on Mac is correctly reported as “opera” instead of “chrome”. #1556 + * The platform for Crosswalk on Android is correctly reported as “android” instead of “chromeos”. (#1572) + * Issue a warning when the current server name does not match the configured server name. #760 + * A configured server name with the default port for a scheme will match the current server name without the port if the current scheme matches. #1584 + * InternalServerError has a original_exception attribute that frameworks can use to track the original cause of the error. #1590 + * Headers are tested for equality independent of the header key case, such that X-Foo is the same as x-foo. #1605 + * http.dump_cookie() accepts 'None' as a value for samesite. #1549 + * set_cookie() accepts a samesite argument. #1705 + * Support the Content Security Policy header through the Response.content_security_policy data structure. #1617 + * LanguageAccept will fall back to matching “en” for “en-US” or “en-US” for “en” to better support clients or translations that only match at the primary language tag. #450, #1507 + * MIMEAccept uses MIME parameters for specificity when matching. #458, #1574 + * If the development server is started with an SSLContext configured to verify client certificates, the certificate in PEM format will be available as environ["SSL_CLIENT_CERT"]. #1469 + * is_resource_modified will run for methods other than GET and HEAD, rather than always returning False. #409 + * SharedDataMiddleware returns 404 rather than 500 when trying to access a directory instead of a file with the package loader. The dependency on setuptools and pkg_resources is removed. #1599 + * Add a response.cache_control.immutable flag. Keep in mind that browser support for this Cache-Control header option is still experimental and may not be implemented. #1185 + * Optional request log highlighting with the development server is handled by Click instead of termcolor. #1235 + * Optional ad-hoc TLS support for the development server is handled by cryptography instead of pyOpenSSL. #1555 + * FileStorage.save() supports pathlib and PEP 519 PathLike objects. #1653 + * The debugger security pin is unique in containers managed by Podman. #1661 + * Building a URL when host_matching is enabled takes into account the current host when there are duplicate endpoints with different hosts. #488 + * The 429 TooManyRequests and 503 ServiceUnavailable HTTP exceptions takes a retry_after parameter to set the Retry-After header. #1657 + * Map and Rule have a merge_slashes option to collapse multiple slashes into one, similar to how many HTTP servers behave. This is enabled by default. #1286, #1694 + * Add HTTP 103, 208, 306, 425, 506, 508, and 511 to the list of status codes. #1678 + * Add update, setlist, and setlistdefault methods to the Headers data structure. extend method can take MultiDict and kwargs. #1687, #1697 + * The development server accepts paths that start with two slashes, rather than stripping off the first path segment. #491 + * Add access control (Cross Origin Request Sharing, CORS) header properties to the Request and Response wrappers. #1699 + * Accept values are no longer ordered alphabetically for equal quality tags. Instead the initial order is preserved. #1686 + * Added Map.lock_class attribute for alternative implementations. #1702 + * Support matching and building WebSocket rules in the routing system, for use by async frameworks. #1709 + * Range requests that span an entire file respond with 206 instead of 200, to be more compliant with RFC 7233. This may help serving media to older browsers. #410, #1704 + * The SharedDataMiddleware default fallback_mimetype is application/octet-stream. If a filename looks like a text mimetype, the utf-8 charset is added to it. This matches the behavior of BaseResponse and Flask’s send_file(). #1689 +- Remove patch 0001_create_a_thread_to_reap_death_process.patch, not required +- Add pytest-timeout to BuildRequires + ------------------------------------------------------------------- Tue Sep 24 10:15:31 UTC 2019 - Tomáš Chvátal diff --git a/python-Werkzeug.spec b/python-Werkzeug.spec index 5220c38..5a4b01c 100644 --- a/python-Werkzeug.spec +++ b/python-Werkzeug.spec @@ -1,7 +1,7 @@ # # spec file for package python-Werkzeug # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,16 +19,15 @@ %define oldpython python %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-Werkzeug -Version: 0.16.0 +Version: 1.0.0 Release: 0 Summary: The Swiss Army knife of Python web development License: BSD-3-Clause Group: Development/Languages/Python URL: http://werkzeug.pocoo.org/ Source: https://files.pythonhosted.org/packages/source/W/Werkzeug/Werkzeug-%{version}.tar.gz -# PATCH-FIX-UPSTREAM 0001_create_a_thread_to_reap_death_process.patch bsc#954591 -Patch0: 0001_create_a_thread_to_reap_death_process.patch BuildRequires: %{python_module hypothesis} +BuildRequires: %{python_module pytest-timeout} BuildRequires: %{python_module pytest} BuildRequires: %{python_module requests} BuildRequires: %{python_module setuptools} @@ -66,7 +65,6 @@ bulletin boards, etc.). %prep %setup -q -n Werkzeug-%{version} sed -i "1d" examples/manage-{i18nurls,simplewiki,shorty,couchy,cupoftee,webpylike,plnt,coolmagic}.py # Fix non-executable scripts -%patch0 -p1 %build %python_build From 9ec583347e9e2a84550a70976caeab14400386d9c8ecd3168cb11bfd2c1412e1 Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Fri, 21 Feb 2020 05:00:06 +0000 Subject: [PATCH 2/2] Delete accidently missed patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Werkzeug?expand=0&rev=50 --- ...reate_a_thread_to_reap_death_process.patch | 65 ------------------- 1 file changed, 65 deletions(-) delete mode 100644 0001_create_a_thread_to_reap_death_process.patch diff --git a/0001_create_a_thread_to_reap_death_process.patch b/0001_create_a_thread_to_reap_death_process.patch deleted file mode 100644 index 8a74e84..0000000 --- a/0001_create_a_thread_to_reap_death_process.patch +++ /dev/null @@ -1,65 +0,0 @@ -From 676bc5fa4b6aa9d153c9805cdbad0ff0450bade6 Mon Sep 17 00:00:00 2001 -From: Alberto Planas -Date: Wed, 3 Feb 2016 11:56:23 +0100 -Subject: [PATCH] Create a thread to reap death process - -ForkingWSGIServer use `SocketServer.ForkingMixIn` to implement a -multiprocess server. This class provides a workflow that collect -death process (process in Zombie status) before the -`process_request`. This means that this process itself will be -in Zombie status at the end of the request, that will be eventually -collected during the next `process_request`. - -To minimize transient Zombie process, `ForkingWSGIServer` is -creating a daemon thread (via `threading.Timer`) to call the -collector every (by default) 5 seconds. - -Fixes #810 ---- - werkzeug/serving.py | 21 ++++++++++++++++++++- - 1 file changed, 20 insertions(+), 1 deletion(-) - -Index: Werkzeug-0.16.0/src/werkzeug/serving.py -=================================================================== ---- Werkzeug-0.16.0.orig/src/werkzeug/serving.py -+++ Werkzeug-0.16.0/src/werkzeug/serving.py -@@ -40,6 +40,7 @@ import os - import signal - import socket - import sys -+import threading - - from ._compat import PY2 - from ._compat import reraise -@@ -776,6 +777,7 @@ class ForkingWSGIServer(ForkingMixIn, Ba - passthrough_errors=False, - ssl_context=None, - fd=None, -+ frequency=5, - ): - if not can_fork: - raise ValueError("Your platform does not support forking.") -@@ -784,6 +786,23 @@ class ForkingWSGIServer(ForkingMixIn, Ba - ) - self.max_children = processes - -+ if frequency: -+ self.frequency = frequency -+ self.setup_reap_children() -+ -+ def setup_reap_children(self): -+ """Create a thread to collect death children.""" -+ t = threading.Timer(self.frequency, self.reap_children) -+ # Set daemon mode to provide a clean termination of the thread -+ # when the system ends -+ t.daemon = True -+ t.start() -+ -+ def reap_children(self): -+ """Reap or collect death children.""" -+ self.collect_children() -+ self.setup_reap_children() -+ - - def make_server( - host=None,