Accepting request 1176037 from home:mcalabkova:branches:devel:languages:python

- Add requests232.patch to fix compatibility with new requests

OBS-URL: https://build.opensuse.org/request/show/1176037
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-elastic-transport?expand=0&rev=19

python-elastic-transport.changes

@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu May 23 08:17:35 UTC 2024 - Markéta Machová <mmachova@suse.com>
+
+- Add requests232.patch to fix compatibility with new requests
+
 -------------------------------------------------------------------
 Fri May 17 13:29:03 UTC 2024 - Markéta Machová <mmachova@suse.com>
 

python-elastic-transport.spec

@@ -24,6 +24,8 @@ Summary:        Transport classes and utilities shared among Python Elastic clie
 License:        Apache-2.0
 URL:            https://github.com/elastic/elastic-transport-python
 Source:         https://github.com/elastic/elastic-transport-python/archive/refs/tags/v%{version}.tar.gz#/elastic-transport-python-%{version}.tar.gz
+# PATCH-FIX-UPSTREAM https://github.com/elastic/elastic-transport-python/pull/164 Fix requests 2.32 compatibility
+Patch:          requests232.patch
 BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
@@ -53,7 +55,7 @@ BuildRequires:  %{python_module urllib3}
 Transport classes and utilities shared among Python Elastic client libraries
 
 %prep
-%setup -q -n elastic-transport-python-%{version}
+%autosetup -p1 -n elastic-transport-python-%{version}
 sed -i '/addopts/d' setup.cfg
 sed -i 's/from mock/from unittest.mock/' tests/node/test_http_*.py
 

requests232.patch

@@ -0,0 +1,87 @@
+From d49d5dda344f0a458c020a8a3c0032480e6b57d5 Mon Sep 17 00:00:00 2001
+From: Quentin Pradet <quentin.pradet@elastic.co>
+Date: Thu, 23 May 2024 11:48:10 +0400
+Subject: [PATCH 1/3] Fix requests 2.32 compatibility
+
+---
+ elastic_transport/_node/_http_requests.py | 11 ++++++++++-
+ 1 file changed, 10 insertions(+), 1 deletion(-)
+
+diff --git a/elastic_transport/_node/_http_requests.py b/elastic_transport/_node/_http_requests.py
+index 19cec37..e439865 100644
+--- a/elastic_transport/_node/_http_requests.py
++++ b/elastic_transport/_node/_http_requests.py
+@@ -169,7 +169,16 @@ def __init__(self, config: NodeConfig):
+         )
+         # Preload the HTTPConnectionPool so initialization issues
+         # are raised here instead of in perform_request()
+-        adapter.get_connection(self.base_url)  # type: ignore[no-untyped-call]
++        if hasattr(adapter, "get_connection_with_tls_context"):
++            adapter.get_connection_with_tls_context(
++                requests.Request(url=self.base_url), verify=self.session.verify
++            )
++        else:
++            # elastic-transport is not vulnerable to CVE-2024-35195 because it uses
++            # requests.Session and an SSLContext without using the verify parameter.
++            # We should remove this branch when requiring requests 2.32 or later.
++            adapter.get_connection(self.base_url)  # type: ignore [no-untyped-call]
++
+         self.session.mount(prefix=f"{self.scheme}://", adapter=adapter)
+ 
+     def perform_request(
+
+From 56d1e6832d0b438ee7cee3ab0f8dea6a14a89eb8 Mon Sep 17 00:00:00 2001
+From: Quentin Pradet <quentin.pradet@elastic.co>
+Date: Thu, 23 May 2024 11:59:42 +0400
+Subject: [PATCH 2/3] Fix lint
+
+---
+ elastic_transport/_node/_http_requests.py | 6 ++++--
+ 1 file changed, 4 insertions(+), 2 deletions(-)
+
+diff --git a/elastic_transport/_node/_http_requests.py b/elastic_transport/_node/_http_requests.py
+index e439865..4b2d502 100644
+--- a/elastic_transport/_node/_http_requests.py
++++ b/elastic_transport/_node/_http_requests.py
+@@ -170,14 +170,16 @@ def __init__(self, config: NodeConfig):
+         # Preload the HTTPConnectionPool so initialization issues
+         # are raised here instead of in perform_request()
+         if hasattr(adapter, "get_connection_with_tls_context"):
++            request = requests.Request(url=self.base_url)
++            prepared_request = self.session.prepare_request(request)
+             adapter.get_connection_with_tls_context(
+-                requests.Request(url=self.base_url), verify=self.session.verify
++                prepared_request, verify=self.session.verify
+             )
+         else:
+             # elastic-transport is not vulnerable to CVE-2024-35195 because it uses
+             # requests.Session and an SSLContext without using the verify parameter.
+             # We should remove this branch when requiring requests 2.32 or later.
+-            adapter.get_connection(self.base_url)  # type: ignore [no-untyped-call]
++            adapter.get_connection(self.base_url)
+ 
+         self.session.mount(prefix=f"{self.scheme}://", adapter=adapter)
+ 
+
+From 8a222e2c9b81dc9f7a1e4583de59ecc0d4c4d803 Mon Sep 17 00:00:00 2001
+From: Quentin Pradet <quentin.pradet@elastic.co>
+Date: Thu, 23 May 2024 12:02:53 +0400
+Subject: [PATCH 3/3] Fix prepared request
+
+---
+ elastic_transport/_node/_http_requests.py | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/elastic_transport/_node/_http_requests.py b/elastic_transport/_node/_http_requests.py
+index 4b2d502..941e3cc 100644
+--- a/elastic_transport/_node/_http_requests.py
++++ b/elastic_transport/_node/_http_requests.py
+@@ -170,7 +170,7 @@ def __init__(self, config: NodeConfig):
+         # Preload the HTTPConnectionPool so initialization issues
+         # are raised here instead of in perform_request()
+         if hasattr(adapter, "get_connection_with_tls_context"):
+-            request = requests.Request(url=self.base_url)
++            request = requests.Request(method="GET", url=self.base_url)
+             prepared_request = self.session.prepare_request(request)
+             adapter.get_connection_with_tls_context(
+                 prepared_request, verify=self.session.verify