- Remove all traces of py._path.svn{url,wc}. (bsc#1204364, CVE-2022-42969)
- Add patch remove-svn-remants.patch to help with that goal. - Refresh pr_222.patch as needed for above. - Update in SLE-15 (bsc#1195916, bsc#1196696, jsc#PM-3356, jsc#SLE-23972) - Drop CVE-2020-29651.patch, issue fixed upstream in 1.10.0 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python:pytest/python-py?expand=0&rev=34
This commit is contained in:
parent
5514fa1036
commit
4ce4906c94
146
pr_222.patch
146
pr_222.patch
@ -369,152 +369,6 @@ Index: py-1.9.0/testing/path/test_cacheutil.py
|
||||
|
||||
def test_delentry_raising(self):
|
||||
self.cache.getorbuild(100, lambda: 100)
|
||||
Index: py-1.9.0/testing/path/test_svnauth.py
|
||||
===================================================================
|
||||
--- py-1.9.0.orig/testing/path/test_svnauth.py
|
||||
+++ py-1.9.0/testing/path/test_svnauth.py
|
||||
@@ -2,6 +2,7 @@ import py
|
||||
from py.path import SvnAuth
|
||||
import time
|
||||
import sys
|
||||
+import pytest
|
||||
|
||||
svnbin = py.path.local.sysfind('svn')
|
||||
|
||||
@@ -261,7 +262,8 @@ class TestSvnURLAuth(object):
|
||||
u.propget('foo')
|
||||
assert '--username="foo" --password="bar"' in u.commands[0]
|
||||
|
||||
-def pytest_funcarg__setup(request):
|
||||
+@pytest.fixture
|
||||
+def setup(request):
|
||||
return Setup(request)
|
||||
|
||||
class Setup:
|
||||
@@ -271,7 +273,7 @@ class Setup:
|
||||
if not request.config.option.runslowtests:
|
||||
py.test.skip('use --runslowtests to run these tests')
|
||||
|
||||
- tmpdir = request.getfuncargvalue("tmpdir")
|
||||
+ tmpdir = request.getfixturevalue("tmpdir")
|
||||
repodir = tmpdir.join("repo")
|
||||
py.process.cmdexec('svnadmin create %s' % repodir)
|
||||
if sys.platform == 'win32':
|
||||
Index: py-1.9.0/testing/path/test_svnurl.py
|
||||
===================================================================
|
||||
--- py-1.9.0.orig/testing/path/test_svnurl.py
|
||||
+++ py-1.9.0/testing/path/test_svnurl.py
|
||||
@@ -2,10 +2,12 @@ import py
|
||||
from py._path.svnurl import InfoSvnCommand
|
||||
import datetime
|
||||
import time
|
||||
+import pytest
|
||||
from svntestbase import CommonSvnTests
|
||||
|
||||
-def pytest_funcarg__path1(request):
|
||||
- repo, repourl, wc = request.getfuncargvalue("repowc1")
|
||||
+@pytest.fixture
|
||||
+def path1(request):
|
||||
+ repo, repourl, wc = request.getfixturevalue("repowc1")
|
||||
return py.path.svnurl(repourl)
|
||||
|
||||
class TestSvnURLCommandPath(CommonSvnTests):
|
||||
@@ -20,10 +22,12 @@ class TestSvnURLCommandPath(CommonSvnTes
|
||||
super(TestSvnURLCommandPath, self).test_visit_ignore(path1)
|
||||
|
||||
def test_svnurl_needs_arg(self, path1):
|
||||
- py.test.raises(TypeError, "py.path.svnurl()")
|
||||
+ with py.test.raises(TypeError):
|
||||
+ py.path.svnurl()
|
||||
|
||||
def test_svnurl_does_not_accept_None_either(self, path1):
|
||||
- py.test.raises(Exception, "py.path.svnurl(None)")
|
||||
+ with py.test.raises(Exception):
|
||||
+ py.path.svnurl(None)
|
||||
|
||||
def test_svnurl_characters_simple(self, path1):
|
||||
py.path.svnurl("svn+ssh://hello/world")
|
||||
@@ -32,7 +36,8 @@ class TestSvnURLCommandPath(CommonSvnTes
|
||||
py.path.svnurl("http://user@host.com/some/dir")
|
||||
|
||||
def test_svnurl_characters_at_path(self, path1):
|
||||
- py.test.raises(ValueError, 'py.path.svnurl("http://host.com/foo@bar")')
|
||||
+ with py.test.raises(ValueError):
|
||||
+ py.path.svnurl("http://host.com/foo@bar")
|
||||
|
||||
def test_svnurl_characters_colon_port(self, path1):
|
||||
py.path.svnurl("http://host.com:8080/some/dir")
|
||||
@@ -45,7 +50,8 @@ class TestSvnURLCommandPath(CommonSvnTes
|
||||
# colons are allowed on win32, because they're part of the drive
|
||||
# part of an absolute path... however, they shouldn't be allowed in
|
||||
# other parts, I think
|
||||
- py.test.raises(ValueError, 'py.path.svnurl("http://host.com/foo:bar")')
|
||||
+ with py.test.raises(ValueError):
|
||||
+ py.path.svnurl("http://host.com/foo:bar")
|
||||
|
||||
def test_export(self, path1, tmpdir):
|
||||
tmpdir = tmpdir.join("empty")
|
||||
@@ -92,4 +98,5 @@ class TestSvnInfoCommand:
|
||||
assert info.kind == 'dir'
|
||||
|
||||
def test_badchars():
|
||||
- py.test.raises(ValueError, "py.path.svnurl('http://host/tmp/@@@:')")
|
||||
+ with py.test.raises(ValueError):
|
||||
+ py.path.svnurl('http://host/tmp/@@@:')
|
||||
Index: py-1.9.0/testing/path/test_svnwc.py
|
||||
===================================================================
|
||||
--- py-1.9.0.orig/testing/path/test_svnwc.py
|
||||
+++ py-1.9.0/testing/path/test_svnwc.py
|
||||
@@ -30,8 +30,9 @@ def test_make_repo(path1, tmpdir):
|
||||
rev = wc.commit()
|
||||
assert rev is None
|
||||
|
||||
-def pytest_funcarg__path1(request):
|
||||
- repo, repourl, wc = request.getfuncargvalue("repowc1")
|
||||
+@pytest.fixture
|
||||
+def path1(request):
|
||||
+ repo, repourl, wc = request.getfixturevalue("repowc1")
|
||||
return wc
|
||||
|
||||
class TestWCSvnCommandPath(CommonSvnTests):
|
||||
@@ -346,7 +347,8 @@ class TestWCSvnCommandPath(CommonSvnTest
|
||||
somefile = root.join('somefile')
|
||||
somefile.ensure(file=True)
|
||||
# not yet added to repo
|
||||
- py.test.raises(Exception, 'somefile.lock()')
|
||||
+ with py.test.raises(Exception):
|
||||
+ somefile.lock()
|
||||
somefile.write('foo')
|
||||
somefile.commit('test')
|
||||
assert somefile.check(versioned=True)
|
||||
@@ -357,13 +359,15 @@ class TestWCSvnCommandPath(CommonSvnTest
|
||||
assert locked[0].basename == somefile.basename
|
||||
assert locked[0].dirpath().basename == somefile.dirpath().basename
|
||||
#assert somefile.locked()
|
||||
- py.test.raises(Exception, 'somefile.lock()')
|
||||
+ with py.test.raises(Exception):
|
||||
+ somefile.lock()
|
||||
finally:
|
||||
somefile.unlock()
|
||||
#assert not somefile.locked()
|
||||
locked = root.status().locked
|
||||
assert locked == []
|
||||
- py.test.raises(Exception, 'somefile,unlock()')
|
||||
+ with py.test.raises(Exception):
|
||||
+ somefile,unlock()
|
||||
somefile.remove()
|
||||
|
||||
def test_commit_nonrecursive(self, path1):
|
||||
@@ -481,7 +485,8 @@ class TestInfoSvnWCCommand:
|
||||
|
||||
|
||||
def test_characters_at():
|
||||
- py.test.raises(ValueError, "py.path.svnwc('/tmp/@@@:')")
|
||||
+ with py.test.raises(ValueError):
|
||||
+ py.path.svnwc('/tmp/@@@:')
|
||||
|
||||
def test_characters_tilde():
|
||||
py.path.svnwc('/tmp/test~')
|
||||
Index: py-1.9.0/testing/root/test_builtin.py
|
||||
===================================================================
|
||||
--- py-1.9.0.orig/testing/root/test_builtin.py
|
||||
|
@ -16,6 +16,13 @@ Thu Apr 13 22:43:30 UTC 2023 - Matej Cepl <mcepl@suse.com>
|
||||
|
||||
- Make calling of %{sle15modernpython} optional.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jan 17 05:13:56 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>
|
||||
|
||||
- Remove all traces of py._path.svn{url,wc}. (bsc#1204364, CVE-2022-42969)
|
||||
- Add patch remove-svn-remants.patch to help with that goal.
|
||||
- Refresh pr_222.patch as needed for above.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Nov 29 17:04:41 UTC 2022 - Daniel Garcia <daniel.garcia@suse.com>
|
||||
|
||||
@ -29,6 +36,12 @@ Tue Mar 15 08:13:43 UTC 2022 - Stephan Kulow <coolo@suse.com>
|
||||
|
||||
- use %python_expand for %fdupes
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Mon Mar 14 10:53:30 UTC 2022 - John Paul Adrian Glaubitz <adrian.glaubitz@suse.com>
|
||||
|
||||
- Update in SLE-15 (bsc#1195916, bsc#1196696, jsc#PM-3356, jsc#SLE-23972)
|
||||
- Drop CVE-2020-29651.patch, issue fixed upstream in 1.10.0
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Sun Jan 23 15:40:00 UTC 2022 - Dirk Müller <dmueller@suse.com>
|
||||
|
||||
|
@ -36,6 +36,8 @@ URL: https://github.com/pytest-dev/py
|
||||
Source: https://files.pythonhosted.org/packages/source/p/py/py-%{version}.tar.gz
|
||||
# https://github.com/pytest-dev/py/pull/222
|
||||
Patch0: pr_222.patch
|
||||
# CVE-2022-42969 Remove all traces of svn
|
||||
Patch1: remove-svn-remants.patch
|
||||
BuildRequires: %{python_module apipkg}
|
||||
BuildRequires: %{python_module iniconfig}
|
||||
BuildRequires: %{python_module setuptools_scm}
|
||||
@ -71,6 +73,14 @@ rm -f tox.ini
|
||||
rm -f testing/log/test_warning.py
|
||||
rm -r py/_vendored_packages
|
||||
|
||||
# CVE-2022-42969 Remove all traces of svn
|
||||
pushd py/_path
|
||||
rm svnwc.py svnurl.py
|
||||
popd
|
||||
pushd testing/path
|
||||
rm conftest.py svntestbase.py test_svnauth.py test_svnurl.py test_svnwc.py
|
||||
popd
|
||||
|
||||
%build
|
||||
%python_build
|
||||
|
||||
|
36
remove-svn-remants.patch
Normal file
36
remove-svn-remants.patch
Normal file
@ -0,0 +1,36 @@
|
||||
Index: py-1.10.0/testing/path/test_local.py
|
||||
===================================================================
|
||||
--- py-1.10.0.orig/testing/path/test_local.py
|
||||
+++ py-1.10.0/testing/path/test_local.py
|
||||
@@ -338,11 +338,11 @@ class TestLocalPath(common.CommonFSTests
|
||||
l2 = local(l)
|
||||
assert l2 == l
|
||||
|
||||
- wc = py.path.svnwc('.')
|
||||
- l3 = local(wc)
|
||||
- assert l3 is not wc
|
||||
- assert l3.strpath == wc.strpath
|
||||
- assert not hasattr(l3, 'commit')
|
||||
+ #wc = py.path.svnwc('.')
|
||||
+ #l3 = local(wc)
|
||||
+ #assert l3 is not wc
|
||||
+ #assert l3.strpath == wc.strpath
|
||||
+ #assert not hasattr(l3, 'commit')
|
||||
|
||||
@py.test.mark.xfail(run=False, reason="unreliable est for long filenames")
|
||||
def test_long_filenames(self, tmpdir):
|
||||
Index: py-1.10.0/py/__init__.py
|
||||
===================================================================
|
||||
--- py-1.10.0.orig/py/__init__.py
|
||||
+++ py-1.10.0/py/__init__.py
|
||||
@@ -57,10 +57,7 @@ apipkg.initpkg(__name__, attr={'_apipkg'
|
||||
|
||||
'path' : {
|
||||
'__doc__' : '._path:__doc__',
|
||||
- 'svnwc' : '._path.svnwc:SvnWCCommandPath',
|
||||
- 'svnurl' : '._path.svnurl:SvnCommandPath',
|
||||
'local' : '._path.local:LocalPath',
|
||||
- 'SvnAuth' : '._path.svnwc:SvnAuth',
|
||||
},
|
||||
|
||||
# python inspection/code-generation API
|
Loading…
Reference in New Issue
Block a user