From 29809fa1f7294cc503b2973b1c341df60389b7d0704df598d0f6f5982183ed80 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 31 Jan 2024 08:35:12 +0000 Subject: [PATCH] Accepting request 1142747 from home:glaubitz:branches:devel:languages:python - Update to version 3.9.3 * Fixed backwards compatibility breakage (in 3.9.2) of ``ssl`` parameter when set outside of ``ClientSession`` (e.g. directly in ``TCPConnector``) * Improved test suite handling of paths and temp files to consistently use pathlib and pytest fixtures. - from version 3.9.2 (bsc#1219341, CVE-2024-23334, bsc#1219342, CVE-2024-23829) * Fixed server-side websocket connection leak. * Fixed ``web.FileResponse`` doing blocking I/O in the event loop. * Fixed double compress when compression enabled and compressed file exists in server file responses. * Added runtime type check for ``ClientSession`` ``timeout`` parameter. * Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon. * Improved validation of paths for static resources requests to the server. * Added support for passing :py:data:`True` to ``ssl`` parameter in ``ClientSession`` while deprecating :py:data:`None`. * Fixed an unhandled exception in the Python HTTP parser on header lines starting with a colon. * Fixed examples of ``fallback_charset_resolver`` function in the :doc:`client_advanced` document. * The Sphinx setup was updated to avoid showing the empty changelog draft section in the tagged release documentation builds on Read The Docs. * The changelog categorization was made clearer. The contributors can now mark their fragment files more accurately. * Updated :ref:`contributing/Tests coverage ` section to show how we use ``codecov``. * Replaced all ``tmpdir`` fixtures with ``tmp_path`` in test suite. - Refresh patches for new version * remove-re-assert.patch OBS-URL: https://build.opensuse.org/request/show/1142747 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-aiohttp?expand=0&rev=116 --- aiohttp-3.9.1.tar.gz | 3 -- aiohttp-3.9.3.tar.gz | 3 ++ python-aiohttp.changes | 34 +++++++++++++++++++++ python-aiohttp.spec | 2 +- remove-re-assert.patch | 67 ++++++++++++++++++------------------------ 5 files changed, 66 insertions(+), 43 deletions(-) delete mode 100644 aiohttp-3.9.1.tar.gz create mode 100644 aiohttp-3.9.3.tar.gz diff --git a/aiohttp-3.9.1.tar.gz b/aiohttp-3.9.1.tar.gz deleted file mode 100644 index 043b35b..0000000 --- a/aiohttp-3.9.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8fc49a87ac269d4529da45871e2ffb6874e87779c3d0e2ccd813c0899221239d -size 7482118 diff --git a/aiohttp-3.9.3.tar.gz b/aiohttp-3.9.3.tar.gz new file mode 100644 index 0000000..7dbcf31 --- /dev/null +++ b/aiohttp-3.9.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:90842933e5d1ff760fae6caca4b2b3edba53ba8f4b71e95dacf2818a2aca06f7 +size 7499669 diff --git a/python-aiohttp.changes b/python-aiohttp.changes index f056818..20823f3 100644 --- a/python-aiohttp.changes +++ b/python-aiohttp.changes @@ -1,3 +1,37 @@ +------------------------------------------------------------------- +Tue Jan 30 10:26:57 UTC 2024 - John Paul Adrian Glaubitz + +- Update to version 3.9.3 + * Fixed backwards compatibility breakage (in 3.9.2) of ``ssl`` parameter + when set outside of ``ClientSession`` (e.g. directly in ``TCPConnector``) + * Improved test suite handling of paths and temp files to consistently + use pathlib and pytest fixtures. +- from version 3.9.2 (bsc#1219341, CVE-2024-23334, bsc#1219342, CVE-2024-23829) + * Fixed server-side websocket connection leak. + * Fixed ``web.FileResponse`` doing blocking I/O in the event loop. + * Fixed double compress when compression enabled and compressed file + exists in server file responses. + * Added runtime type check for ``ClientSession`` ``timeout`` parameter. + * Fixed an unhandled exception in the Python HTTP parser on header lines + starting with a colon. + * Improved validation of paths for static resources requests to the server. + * Added support for passing :py:data:`True` to ``ssl`` parameter in + ``ClientSession`` while deprecating :py:data:`None`. + * Fixed an unhandled exception in the Python HTTP parser on header lines + starting with a colon. + * Fixed examples of ``fallback_charset_resolver`` function in the + :doc:`client_advanced` document. + * The Sphinx setup was updated to avoid showing the empty + changelog draft section in the tagged release documentation + builds on Read The Docs. + * The changelog categorization was made clearer. The contributors can + now mark their fragment files more accurately. + * Updated :ref:`contributing/Tests coverage ` + section to show how we use ``codecov``. + * Replaced all ``tmpdir`` fixtures with ``tmp_path`` in test suite. +- Refresh patches for new version + * remove-re-assert.patch + ------------------------------------------------------------------- Fri Jan 26 08:02:10 UTC 2024 - Daniel Garcia diff --git a/python-aiohttp.spec b/python-aiohttp.spec index 5b26b23..9825964 100644 --- a/python-aiohttp.spec +++ b/python-aiohttp.spec @@ -19,7 +19,7 @@ %bcond_with docs %{?sle15_python_module_pythons} Name: python-aiohttp -Version: 3.9.1 +Version: 3.9.3 Release: 0 Summary: Asynchronous HTTP client/server framework License: Apache-2.0 diff --git a/remove-re-assert.patch b/remove-re-assert.patch index 7319f6a..9f089be 100644 --- a/remove-re-assert.patch +++ b/remove-re-assert.patch @@ -1,15 +1,7 @@ ---- - tests/test_client_session.py | 6 +++--- - tests/test_streams.py | 4 ++-- - tests/test_urldispatch.py | 7 +++---- - tests/test_web_response.py | 27 ++++++++++++--------------- - 4 files changed, 20 insertions(+), 24 deletions(-) - -Index: aiohttp-3.9.0/tests/test_client_session.py -=================================================================== ---- aiohttp-3.9.0.orig/tests/test_client_session.py -+++ aiohttp-3.9.0/tests/test_client_session.py -@@ -2,6 +2,7 @@ import asyncio +diff -Nru aiohttp-3.9.3.orig/tests/test_client_session.py aiohttp-3.9.3/tests/test_client_session.py +--- aiohttp-3.9.3.orig/tests/test_client_session.py 2024-01-29 20:32:25.000000000 +0100 ++++ aiohttp-3.9.3/tests/test_client_session.py 2024-01-30 11:20:09.652810999 +0100 +@@ -2,6 +2,7 @@ import contextlib import gc import io @@ -17,7 +9,7 @@ Index: aiohttp-3.9.0/tests/test_client_session.py import json from http.cookies import SimpleCookie from typing import Any, List -@@ -9,7 +10,6 @@ from unittest import mock +@@ -9,7 +10,6 @@ import pytest from multidict import CIMultiDict, MultiDict @@ -25,7 +17,7 @@ Index: aiohttp-3.9.0/tests/test_client_session.py from yarl import URL import aiohttp -@@ -320,8 +320,8 @@ def test_connector_loop(loop) -> None: +@@ -320,8 +320,8 @@ loop.run_until_complete(make_sess()) assert ( @@ -36,10 +28,9 @@ Index: aiohttp-3.9.0/tests/test_client_session.py ) another_loop.run_until_complete(connector.close()) -Index: aiohttp-3.9.0/tests/test_streams.py -=================================================================== ---- aiohttp-3.9.0.orig/tests/test_streams.py -+++ aiohttp-3.9.0/tests/test_streams.py +diff -Nru aiohttp-3.9.3.orig/tests/test_streams.py aiohttp-3.9.3/tests/test_streams.py +--- aiohttp-3.9.3.orig/tests/test_streams.py 2024-01-29 20:32:25.000000000 +0100 ++++ aiohttp-3.9.3/tests/test_streams.py 2024-01-30 11:20:09.652810999 +0100 @@ -3,13 +3,13 @@ import abc import asyncio @@ -55,7 +46,7 @@ Index: aiohttp-3.9.0/tests/test_streams.py from aiohttp import streams -@@ -1102,7 +1102,7 @@ class TestStreamReader: +@@ -1102,7 +1102,7 @@ loop = asyncio.get_event_loop() stream = self._make_one() stream._waiter = loop.create_future() @@ -64,11 +55,10 @@ Index: aiohttp-3.9.0/tests/test_streams.py stream._waiter.set_result(None) await stream._waiter stream._waiter = None -Index: aiohttp-3.9.0/tests/test_urldispatch.py -=================================================================== ---- aiohttp-3.9.0.orig/tests/test_urldispatch.py -+++ aiohttp-3.9.0/tests/test_urldispatch.py -@@ -5,7 +5,6 @@ from collections.abc import Container, I +diff -Nru aiohttp-3.9.3.orig/tests/test_urldispatch.py aiohttp-3.9.3/tests/test_urldispatch.py +--- aiohttp-3.9.3.orig/tests/test_urldispatch.py 2024-01-29 20:32:25.000000000 +0100 ++++ aiohttp-3.9.3/tests/test_urldispatch.py 2024-01-30 11:21:46.656743543 +0100 +@@ -4,7 +4,6 @@ from urllib.parse import unquote import pytest @@ -76,7 +66,7 @@ Index: aiohttp-3.9.0/tests/test_urldispatch.py from yarl import URL import aiohttp -@@ -313,7 +312,7 @@ def test_double_add_url_with_the_same_na +@@ -312,7 +311,7 @@ regexp = "Duplicate 'name', already handled by" with pytest.raises(ValueError) as ctx: router.add_route("GET", "/get_other", handler2, name="name") @@ -85,16 +75,16 @@ Index: aiohttp-3.9.0/tests/test_urldispatch.py def test_route_plain(router) -> None: -@@ -504,7 +503,7 @@ def test_contains(router) -> None: +@@ -502,7 +501,7 @@ def test_static_repr(router) -> None: - router.add_static("/get", os.path.dirname(aiohttp.__file__), name="name") + router.add_static("/get", pathlib.Path(aiohttp.__file__).parent, name="name") - assert Matches(r" None: -@@ -626,7 +625,7 @@ async def test_regular_match_info(router +@@ -624,7 +623,7 @@ req = make_mocked_request("GET", "/get/john") match_info = await router.resolve(req) assert {"name": "john"} == match_info @@ -103,11 +93,10 @@ Index: aiohttp-3.9.0/tests/test_urldispatch.py async def test_match_info_with_plus(router) -> None: -Index: aiohttp-3.9.0/tests/test_web_response.py -=================================================================== ---- aiohttp-3.9.0.orig/tests/test_web_response.py -+++ aiohttp-3.9.0/tests/test_web_response.py -@@ -2,13 +2,13 @@ import collections.abc +diff -Nru aiohttp-3.9.3.orig/tests/test_web_response.py aiohttp-3.9.3/tests/test_web_response.py +--- aiohttp-3.9.3.orig/tests/test_web_response.py 2024-01-29 20:32:25.000000000 +0100 ++++ aiohttp-3.9.3/tests/test_web_response.py 2024-01-30 11:20:09.656144352 +0100 +@@ -2,13 +2,13 @@ import datetime import gzip import json @@ -122,7 +111,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py from aiohttp import HttpVersion, HttpVersion10, HttpVersion11, hdrs from aiohttp.helpers import ETag -@@ -401,7 +401,9 @@ async def test_chunked_encoding_forbidde +@@ -401,7 +401,9 @@ with pytest.raises(RuntimeError) as ctx: await resp.prepare(req) @@ -133,7 +122,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py async def test_compression_no_accept() -> None: -@@ -843,7 +845,7 @@ def test_response_cookies() -> None: +@@ -843,7 +845,7 @@ 'Set-Cookie: name=("")?; ' "expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/" ) @@ -142,7 +131,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py resp.set_cookie("name", "value", domain="local.host") expected = "Set-Cookie: name=value; Domain=local.host; Path=/" -@@ -895,7 +897,7 @@ def test_response_cookie__issue_del_cook +@@ -895,7 +897,7 @@ 'Set-Cookie: name=("")?; ' "expires=Thu, 01 Jan 1970 00:00:00 GMT; Max-Age=0; Path=/" ) @@ -151,7 +140,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py def test_cookie_set_after_del() -> None: -@@ -1136,14 +1138,13 @@ async def test_send_headers_for_empty_bo +@@ -1136,14 +1138,13 @@ await resp.write_eof() txt = buf.decode("utf8") assert ( @@ -168,7 +157,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py ) -@@ -1156,15 +1157,13 @@ async def test_render_with_body(buf, wri +@@ -1156,15 +1157,13 @@ txt = buf.decode("utf8") assert ( @@ -186,7 +175,7 @@ Index: aiohttp-3.9.0/tests/test_web_response.py ) -@@ -1178,15 +1177,13 @@ async def test_send_set_cookie_header(bu +@@ -1178,15 +1177,13 @@ txt = buf.decode("utf8") assert (