Accepting request 1218976 from devel:languages:python

- Use _service to download source and exclude documentation that has
  non-commercial license (boo#1232448)
- Remove nltk_data to avoid redistribution of files with
  non-commercial (boo#1232448):
  > NLTK corpora are provided under the terms given in the README file
  > for each corpus; all are redistributable and available for
  > non-commercial use.
- Remove not needed skip-networked-test.patch

OBS-URL: https://build.opensuse.org/request/show/1218976
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-nltk?expand=0&rev=19

_service

@@ -0,0 +1,15 @@
+<services>
+  <service name="obs_scm" mode="manual">
+    <param name="url">https://github.com/nltk/nltk</param>
+    <param name="scm">git</param>
+    <param name="exclude">web/*</param>
+    <param name="version">3.9.1</param>
+    <param name="revision">3.9.1</param>
+  </service>
+  <service mode="manual" name="set_version" />
+  <service mode="buildtime" name="tar" />
+  <service mode="buildtime" name="recompress">
+    <param name="file">*.tar</param>
+    <param name="compression">xz</param>
+  </service>
+</services>

nltk-3.8.1.zip

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1834da3d0682cba4f2cede2f9aad6b0fafb6461ba451db0efb6f9c39798d64d3
-size 4620388

nltk-3.9.1.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e1b59894ed0a2eebbb64fc4e0975216a5a7e1a949e61b9a4f22693e15536ff05
+size 8269325

nltk.obsinfo

@@ -0,0 +1,4 @@
+name: nltk
+version: 3.9.1
+mtime: 1724010420
+commit: aca78cb2add4084f76b9eac921d8a73927d7a086

nltk_data.tar.xz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:f79462ac99f414b4850943720bed4a59c1bb15bfc8f1ce16b26165da6db07680
-size 393271816

python-nltk.changes

@@ -1,3 +1,53 @@
+-------------------------------------------------------------------
+Tue Oct 29 08:37:43 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Use _service to download source and exclude documentation that has
+  non-commercial license (boo#1232448)
+- Remove nltk_data to avoid redistribution of files with
+  non-commercial (boo#1232448):
+  > NLTK corpora are provided under the terms given in the README file
+  > for each corpus; all are redistributable and available for
+  > non-commercial use.
+- Remove not needed skip-networked-test.patch
+
+-------------------------------------------------------------------
+Mon Sep 30 21:17:21 UTC 2024 - Thiago Bertoldi <thiago.bertoldi@suse.com>
+
+- Update to to 3.9.1 (changes since 3.8.1):
+  * Fixed bug that prevented wordnet from loading
+  * Fix security vulnerability CVE-2024-39705 (breaking change)
+  * Replace pickled models (punkt, chunker, taggers) by new
+    pickle-free "_tab" packages
+  * No longer sort Wordnet synsets and relations (sort in calling
+    function when required)
+  * Only strip the last suffix in Wordnet Morphy, thus
+    restricting synsets() results
+  * Add Python 3.12 support
+  * Many other minor fixes
+- Refresh nltk_data
+- Remome upstreamed patches:
+  - CVE-2024-39705.patch
+  - nltk-pr3207-py312.patch
+
+-------------------------------------------------------------------
+Fri Jul 26 07:14:33 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Add CVE-2024-39705.patch upstream patch to fix unsafe pickle usage.
+  (CVE-2024-39705, gh#nltk/nltk#3266, bsc#1227174).
+- Drop CVE-2024-39705-disable-download.patch as it's not needed
+  anymore.
+
+-------------------------------------------------------------------
+Mon Jul  1 21:02:45 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
+
+- Use tarball from GitHub instead of the Zip archive from PyPI,
+  the latter has very messy combination of CRLF and LF EOLs,
+  which are hard to patch.
+- Refresh all patches from the original locations.
+- Add CVE-2024-39705-disable-download.patch to make a crude
+  workaround around CVE-2024-39705 (gh#nltk/nltk#3266,
+  bsc#1227174).
+
 -------------------------------------------------------------------
 Thu Mar 21 17:41:52 UTC 2024 - Ben Greiner <code@bnavigator.de>
 
@@ -17,8 +67,7 @@ Tue Mar 28 08:36:04 UTC 2023 - pgajdos@suse.com
 -------------------------------------------------------------------
 Fri Jan  6 15:32:43 UTC 2023 - Yogalakshmi Arunachalam <yarunachalam@suse.com>
 
-- Update to 3.8 
-
+- Update to 3.8
 * Refactor dispersion plot (#3082)
 * Provide type hints for LazyCorpusLoader variables (#3081)
 * Throw warning when LanguageModel is initialized with incorrect vocabulary (#3080)
@@ -53,7 +102,7 @@ Fri Jan  6 15:32:43 UTC 2023 - Yogalakshmi Arunachalam <yarunachalam@suse.com>
 * Fix LC cutoff policy of text tiling (#2936)
 * Optimize ConditionalFreqDist.__add__ performance (#2939)
 * Add Markdown corpus reader (#2902)
- 
+
 -------------------------------------------------------------------
 Mon Dec 26 10:41:22 UTC 2022 - Matej Cepl <mcepl@suse.com>
 
@@ -371,7 +420,7 @@ Fri Sep 23 12:29:05 UTC 2011 - saschpe@suse.de
 
 -------------------------------------------------------------------
 Sun Feb  7 18:51:07 CST 2010 - oddrationale@gmail.com
- 
+
 - fixed copyright and license statements
 - removed PyYAML, and added dependency to installers and download
   instructions
@@ -393,6 +442,6 @@ Thu Dec 10 17:23:51 CST 2009 - oddrationale@gmail.com
 - added Requires: python-yaml
 
 -------------------------------------------------------------------
-Wed Dec  9 15:39:35 CST 2009 - oddrationale@gmail.com  
-  
+Wed Dec  9 15:39:35 CST 2009 - oddrationale@gmail.com
+
 - Initial Release (Version 2.0b7): Sun Feb  7 18:50:18 CST 2010

python-nltk.spec

@@ -16,14 +16,18 @@
 #
 
 
+%define modname nltk
+%{?sle15_python_module_pythons}
 Name:           python-nltk
-Version:        3.8.1
+Version:        3.9.1
 Release:        0
 Summary:        Natural Language Toolkit
 License:        Apache-2.0
 URL:            http://nltk.org/
 # SourceRepository: https://github.com/nltk/nltk
-Source0:        https://files.pythonhosted.org/packages/source/n/nltk/nltk-%{version}.zip
+# The _service download the source and repack without some doc files
+# that has non-commercial license. boo#1232448
+Source0:        nltk-%{version}.tar.xz
 # Download/Update NLTK data:
 #     quilt setup python-nltk.spec
 #     pushd nltk-?.?.?
@@ -55,13 +59,12 @@ Source0:        https://files.pythonhosted.org/packages/source/n/nltk/nltk-%{ver
 #     tar -cJf ../nltk_data.tar.xz nltk_data
 #     popd
 # see https://www.nltk.org/data.html for more details
-Source1:        nltk_data.tar.xz
+########### NOTICE #########
+# Do not distribute nltk_data.tar.xz because it's licensed under
+# non-commercial, boo#1232448
+############################
+# Source1:        nltk_data.tar.xz
 Source99:       python-nltk.rpmlintrc
-# PATCH-FIX-UPSTREAM skip-networked-test.patch gh#nltk/nltk#2969 mcepl@suse.com
-# skip tests requiring network connection
-Patch0:         skip-networked-test.patch
-# PATCH-FIX-UPSTREAM nltk-pr3207-py312.patch gh#nltk/nltk#3207
-Patch1:         nltk-pr3207-py312.patch
 BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module setuptools}
@@ -118,7 +121,7 @@ Python modules, data sets and tutorials supporting research and
 development in Natural Language Processing.
 
 %prep
-%autosetup -p1 -a1 -n nltk-%{version}
+%setup -q -n %{modname}-%{version}
 
 # Fix EOL
 sed -i 's/\r/\n/g; s/\n$//' \
@@ -147,9 +150,10 @@ sed -E -i "/#![[:space:]]*\/usr\/bin\/env python/d" \
 sed -E -i "s|#![[:space:]]*%{_bindir}/env python|#!%{_bindir}/python3|" \
     setup.py \
     tools/global_replace.py \
-    nltk_data/corpora/pl196x/splitter.py \
     tools/find_deprecated.py
 
+%autopatch -p1
+
 %build
 %pyproject_wheel
 
@@ -161,10 +165,16 @@ sed -E -i "s|#![[:space:]]*%{_bindir}/env python|#!%{_bindir}/python3|" \
 chmod -x %{buildroot}%{$python_sitelib}/nltk/test/dependency.doctest
 }
 
-%check
-export NLTK_DATA=$(readlink -f ./nltk_data/)
-# export PYTEST_ADDOPTS="--doctest-modules"
-%pytest -k 'not network'
+# Do not test, there's no ntlk_data, boo#1232448
+# %%check
+# export NLTK_DATA=$(readlink -f ./nltk_data/)
+# # export PYTEST_ADDOPTS="--doctest-modules"
+# # Skip tests requiring pickle.load gh#nltk/nltk#3266 (CVE-2024-39705)
+# skip_tests=" or test_basic or test_increment or test_pad_asterisk or test_pad_dotdot"
+# skip_tests+=" or test_pos_tag_eng or test_pos_tag_eng_universal or test_pos_tag_rus"
+# skip_tests+=" or test_pos_tag_rus_universal or test_pos_tag_unknown_lang"
+# skip_tests+=" or test_sent_tokenize or test_unspecified_lang or test_word_tokenize"
+# %%pytest -k "not (network ${skip_tests})"
 
 %post
 %python_install_alternative nltk

skip-networked-test.patch

@@ -1,35 +0,0 @@
----
- nltk/test/unit/test_downloader.py |    4 ++++
- setup.cfg                         |    4 ++++
- 2 files changed, 8 insertions(+)
-
---- a/nltk/test/unit/test_downloader.py
-+++ b/nltk/test/unit/test_downloader.py
-@@ -1,6 +1,9 @@
- from nltk import download
- 
-+import pytest
- 
-+
-+@pytest.mark.network
- def test_downloader_using_existing_parent_download_dir(tmp_path):
-     """Test that download works properly when the parent folder of the download_dir exists"""
- 
-@@ -9,6 +12,7 @@ def test_downloader_using_existing_paren
-     assert download_status is True
- 
- 
-+@pytest.mark.network
- def test_downloader_using_non_existing_parent_download_dir(tmp_path):
-     """Test that download works properly when the parent folder of the download_dir does not exist"""
- 
---- a/setup.cfg
-+++ b/setup.cfg
-@@ -1,3 +1,7 @@
-+[tool:pytest]
-+markers =
-+   network: test case requires network connection
-+
- [metadata]
- license_files = 
- 	LICENSE.txt