Accepting request 1248171 from devel:languages:python

OBS-URL: https://build.opensuse.org/request/show/1248171
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-jsonpickle?expand=0&rev=21

jsonpickle-3.2.2.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:d425fd2b8afe9f5d7d57205153403fbf897782204437882a477e8eed60930f8c
-size 327839

jsonpickle-4.0.2.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3e650b9853adcdab9d9d62a88412b6d36e9a59ba423b01cacf0cd4ee80733aca
+size 315121

python-jsonpickle.changes

@@ -1,3 +1,70 @@
+-------------------------------------------------------------------
+Mon Feb 24 13:37:56 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 4.0.2
+  * The unpickler is now more resilient to malformed "py/id" and "py/repr" data. (+546)
+  * The unpickler is now more resilient to invalid "py/b85" and "py/b64" data. (+547)
+  * The unpickler's support for read-only str attributes was improved. (+548) (#478)
+
+-------------------------------------------------------------------
+Wed Feb  5 07:24:26 UTC 2025 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
+
+- Update to 4.0.1
+  * The unpickler is now more resilient to malformed "py/reduce", "py/set",
+    "py/tuple", "py/b64", "py/b85", and "py/iterator" input data. (+544) (+545)
+  * The test suite was updated to leverage more pytest features.
+  * The ``jsonpickle.compat`` module is no longer used. It is still provided
+    for backwards compatibility but it may be removed in a future version.
+
+-------------------------------------------------------------------
+Wed Nov 20 16:10:49 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 4.0.0:
+  * Breaking Change: Python 3.7 is no longer supported.
+  * Breaking Change: Support for pre-0.7.0 repr-serialized
+    objects is no longer enabled by default. The safe option to
+    decode() was changed from False to True. Users can still pass
+    safe=False to decode() in order to enable this feature for
+    the purposes of loading older files, but beware that this
+    feature relies on unsafe behavior through its use of eval().
+    Users are encouraged to re-pickle old data in order to
+    migrate away from the the unsafe loading feature. (+514)
+  * The pickler no longer produces py/repr tags when pickling
+    modules. py/mod is used instead, as it is clearer and uses
+    one less byte. (+514)
+  * The test suite no longer uses the deprecated
+    datetime.datetime.utcnow() function. (+539)
+  * The breaking changes from v4 were inadvertedly included in
+    v3.4.1, which has been yanked. This release remedies this by
+    reverting the v4 changes.
+  * Support decoding pandas dataframes encoded with versions
+    3.3.0 and older. (+536)
+  * Officially support Python 3.12 in the GitHub Actions testing
+    matrix, and update GHA package versions used. (+524)
+  * Improve reproducibility of benchmarking commands on Linux by
+    using taskset and adding a "HOWTO" run benchmarks section in
+    benchmarking/README.md. (+526)
+  * The setup.cfg packaging configuration has been replaced by
+    pyproject.toml. (+527)
+  * yaml is now supported as a jsonpickle backend. (+528)
+  * OSSFuzz scripts are now available in the fuzzing/ directory.
+    (+525)
+  * Pure-python dtypes are now preserved across encode()/decode()
+    roundtrips for the pandas extension.
+  * Pandas dataframe columns with an object dtype that contain
+    multiple different types within (e.g. a column of type
+    list[Union[str, int]]) now preserve the types upon being
+    roundtripped. (#457)
+  * Fix warnings in the test suite regarding numpy.compat usage.
+  * The unpickler was updated to avoid using eval, which helps
+    improve its security. Users can still pass safe=False to
+    decode to use the old behavior, though this is not
+    recommended. (+513)
+  * Objects can now exclude specific attributes from pickling by
+    providing a _jsonpickle_exclude class or instance attribute.
+    This attribute should contain the list of attribute names to
+    exclude when pickling the object.
+
 -------------------------------------------------------------------
 Sun Jun 30 20:34:24 UTC 2024 - Dirk Müller <dmueller@suse.com>
 

python-jsonpickle.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-jsonpickle
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %{?sle15_python_module_pythons}
 Name:           python-jsonpickle
-Version:        3.2.2
+Version:        4.0.2
 Release:        0
 Summary:        Python library for serializing any arbitrary object graph into JSON
 License:        BSD-3-Clause
@@ -76,6 +76,7 @@ sed -i 's/ --cov//' pytest.ini
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %check
+rm -rv fuzzing
 # test_multindex_dataframe_roundtrip is flaky on i586
 donttest="test_multindex_dataframe_roundtrip"
 # https://github.com/jsonpickle/jsonpickle/issues/460