* Python 3.13 is now supported.
* twisted.internet.defer.succeed() is significantly faster, and
awaiting Deferred has also been sped up.
* twisted.python.failure.Failure creation no longer records the
place where it was created. This reduces creation time by 60%
at least, thereby speeding up Deferred error handling.
* twisted.internet.defer.Deferred no longer removes the
traceback object from Failures. This may result in more
objects staying in memory if you don't clean up failed
Deferreds, but it speeds up error handling and enables
improvements to traceback reporting.
* twisted.internet.defer APIs are 2%-4% faster in many cases.
* twisted.internet.defer.Deferred runs callbacks with chained
Deferreds a little faster.
* The reactor now will use a little less CPU when events have
been scheduled with callLater().
* Creation of twisted.python.failure.Failure is now faster.
* Fixed unreleased regression caused by PR 12109.
* twisted.logger.eventAsText can now format the output having
types/classes as input. This was a regression introduced in
Twisted 24.3.0.
* twisted.internet.endpoints.clientFromString for TLS endpoints
with "bindAddress=" no longer crashes during connect.
twisted.internet.endpoints.HostnameEndpoint() no longer
crashes when given a bindAddress= argument that is just a
string, and that argument now accepts either address strings
or (address, port) tuples.
* The URLs from README and pyproject.toml were updated.
* #11236, #12060, #12062, #12099, #12219, #12290, #12296,
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=157
- Update to 24.7.0
* 24.7.0.rc2 fixed an unreleased regression caused by PR 12109. (#12279)
* twisted.web.util.redirectTo now HTML-escapes the provided URL in the fallback
response body it returns (GHSA-cf56-g6w6-pqq2, CVE-2024-41810). (#9839)
* The HTTP 1.0 and 1.1 server provided by twisted.web could process pipelined
HTTP requests out-of-order, possibly resulting in information disclosure
(CVE-2024-41671/GHSA-c8m8-j448-xjx7) (#12248)
* twisted.protocols.ftp now supports the IPv6 extensions defined in RFC 2428. (#9645)
* twisted.internet.defer.inlineCallbacks can now yield a coroutine. (#9972)
* twisted.python._shellcomp.ZshArgumentsGenerator was updated for Python 3.13. (#12065)
* twisted.web.wsgi request environment now contains the peer port number as `REMOTE_PORT`. (#12096)
* twisted.internet.defer.Deferred.callback() and twisted.internet.defer.Deferred.addCallbacks()
no longer use `assert` to check the type of the arguments. You should now use type checking
to validate your code. These changes were done to reduce the CPU usage. (#12122)
* Added two new methods, twisted.logger.Logger.failuresHandled and twisted.logger.Logger.\
failureHandler, which allow for more concise and convenient handling of exceptions when
dispatching out to application code. The former can arbitrarily customize failure handling
at the call site, and the latter can be used for performance-sensitive cases where no
additional information needs to be logged. (#12188)
* twisted.internet.defer.Deferred.addCallback now runs about 10% faster. (#12223)
* twisted.internet.defer.Deferred error handling is now faster, taking 40% less time to run. (#12227)
* twisted.internet.ssl.Certificate.__repr__ can now handle certificates without
a common name (CN) in the certificate itself or the signing CA. (#5851)
* Type annotations have been added to twisted.conch.interfaces.IKnownHostEntry
and its implementations, twisted.conch.client.knownhosts.PlainHost and
twisted.conch.client.knownhosts.HashedHost, correcting a variety of
type confusion issues throughout the conch client code. (#9713)
* twisted.python.failure.Failure once again utilizes the custom
pickling logic it used to in the past. (#12112)
* twisted.conch.client.knownhosts.KnownHostsFile.verifyHostKey no longer logs
OBS-URL: https://build.opensuse.org/request/show/1199704
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=154
* twisted.logger.formatEvent now honors dotted method names,
not just flat function names, in format strings, as it has
long been explicitly documented to do. So, you will now get
the expected result from formatEvent("here's the result of
calling a method at log-format time: {obj.method()}",
obj=...)
* twisted.web.http.HTTPChannel now ignores the trailer headers
provided in the last chunk of a chunked encoded response,
rather than raising an exception.
* twisted.protocols.tls.BufferingTLSTransport, used by default
by twisted.protocols.tls.TLSMemoryBIOFactory, was refactored
for improved performance when doing a high number of small
writes.
* twisted.python.failure.Failure now throws exception for
generators without triggering a deprecation warnings on
Python 3.12.
* twisted.internet.process.Process, used by
reactor.spawnProcess, now copies the parent environment when
the env=None argument is passed on Posix systems and
os.posix_spawnp is used internally.
* twisted.internet.defer.inlineCallbacks.returnValue's stack
introspection was adjusted for the latest PyPy 7.3.14
release, allowing legacy @inlineCallbacks to run on new PyPY
versions.
* twisted.trial.reporter.TestRun.startTest() is no longer
called for tests with skip annotation or skip attribute for
Python 3.12.1 or newer. This is the result of upstream Python
gh-106584 change. The behavior is not change in 3.12.0 or
older.
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=149
- Update to 23.10.0
* reactor.spawnProcess() now uses posix_spawnp when possible, making it much more efficient (#5710)
* Twisted now officially supports Python 3.11. (#10343)
* twisted.internet.defer.race has been added as a way to get the first available result from a list of Deferreds. (#11817)
* The CI suite was updated to execute the tests using a Python 3.12 pre-release (#11857)
* PyAsn1 has been removed as a conch dependency.
* Due to changes in the way raw private key byte serialization are handled in Cryptography, and widespread support
for Ed25519 in current versions of OpenSSL, we no longer support PyNaCl as a fallback for Ed25519 keys in Conch. (#11871)
* In Twisted 16.3.0, we changed twisted.web to stop dispatching HTTP/1.1 pipelined requests to application code.
There was a bug in this change which still allowed clients which could send multiple full HTTP requests in a single TCP segment
to trigger asynchronous processing of later requests, which could lead to out-of-order responses. This has now been corrected
and twisted.web should never process a pipelined request over HTTP/1.1 until the previous request has fully completed.
(CVE-2023-46137, GHSA-cq7q-gv5w-rwx2) (#11976)
* Drop support for Python 3.7. Remove twisted[contextvars] extra (contextvars are always available in Python 3.7+) (#11913)
* When using CPython, functions wrapped by twisted.internet.defer.inlineCallbacks can have their arguments and return values
freed immediately after completion (due to there no longer being circular references). (#11885)
- Delete merged patches:
* regenerate-cert-to-work-with-latest-service-identity.patch
* no-pygtkcompat.patch
* support-new-glibc.patch
* CVE-2023-46137-HTTP-pipeline-response.patch
* remove-pynacl-optional-dependency.patch
* py311-tests-compat.patch
OBS-URL: https://build.opensuse.org/request/show/1128275
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=143
* Features
+ twisted.internet.defer.maybeDeferred will now schedule a coroutine
result as asynchronous operation and return a Deferred that fires with
the result of the coroutine.
+ Twisted now works with Cryptography versions 37 and above, and as a
result, its minimum TLS protocol version has been upgraded to TLSv1.2.
+ The systemd: endpoint parser now supports "named" file descriptors. This
is a more reliable mechanism for choosing among several inherited
descriptors.
* Bugfixes
+ twisted.internet.base.DelayedCall.__repr__ will no longer raise
AttributeError if the DelayedCall was created before debug mode was
enabled. As a side-effect, twisted.internet.base.DelayedCall.creator is
now defined as None in cases where previously it was undefined.
+ twisted.internet.iocpreactor.udp now properly re-queues its listener
when there is a failure condition on the read from the socket.
+ twisted.internet.defer.inlineCallbacks no longer causes confusing
StopIteration tracebacks to be added to the top of tracebacks
originating in triggered callbacks.
+ The typing of twisted.internet.task.react no longer constrains the
type of argv.
+ ContextVar.reset() now works correctly inside inlineCallbacks functions
and coroutines.
+ Implement twisted.python.failure._Code.co_positions for compatibility
with Python 3.11.
+ twisted.pair.tuntap._TUNSETIFF and ._TUNGETIFF values are now correct
parisc, powerpc and sparc architectures.
+ twisted.web.vhost.NameVirtualHost will no longerreturn a NoResource
error. (bsc#1204781, CVE-2022-39348)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=125
- Update to 22.4.0
* twisted.python.failure.Failure tracebacks now capture module
information, improving compatibility with the Raven Sentry
client. (#7796)
* twisted.python.failure.Failure objects are now compatible with
dis.distb, improving compatibility with post-mortem debuggers.
(#9599)
* twisted.internet.interfaces.IReactorSSL.listenSSL now has
correct type annotations. (#10274)
* twisted.internet.test.test_glibbase.GlibReactorBaseTests now
passes. (#10317)
* Conch
- twisted.conch.ssh now supports using RSA keys with SHA-2
signatures (RFC 8332) when acting as a server. The
rsa-sha2-512 and rsa-sha2-256 public key signature algorithms
are automatically preferred over ssh-rsa if the client
advertises support for them; the actual public keys do not
need to change. (#9765)
- twisted.conch.ssh now has an alternative Ed25519
implementation using PyNaCl, in order to support platforms
that lack OpenSSL >= 1.1.1b. The new "conch_nacl" extra has
the necessary dependency. (#10208)
* Web
- Twisted is now compatible with h2 4.x.x. (#10182)
- twisted.web.http had several several defects in HTTP request
parsing that could permit HTTP request smuggling. It now
disallows signed Content-Length headers, forbids illegal
characters in chunked extensions, forbids a ``0x`` prefix to
chunk lengths, and only strips spaces and horizontal tab
characters from header values. These changes address
CVE-2022-24801 and GHSA-c2jg-hw38-jrqq. (#10323)
* Mail
- twisted.mail.pop3.APOPCredentials is now correctly marked as
implementing twisted.cred.credentials.IUsernamHashedPassword,
rather than IUsernamePassword. (#10305)
* Trial
- `trial --until-failure --jobs=N` now reports the number of
each test pass as it begins. (#10312)
- twisted.trial.unittest.TestCase now discards cleanup
functions after running them. Notably, this prevents them
from being run an ever growing number of times with trial -u
.... (#10320)
- Drop CVE-2022-24801-http-1.1-leniency.patch fixed upstream
- Refresh remove-dependency-version-upper-bounds.patch
- Move extra_requires optional dependencies to meta sub packages
- Create :test multibuild flavor
OBS-URL: https://build.opensuse.org/request/show/984263
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=123
* Bugfixes
+ twisted.internet.gireactor.PortableGIReactor.simulate and
twisted.internet.gtk2reactor.PortableGtkReactor.simulate no longer
raises TypeError when there are no delayed called. This was a
regression introduced with the migration to Python 3 in which the
builtin min function no longer accepts None as an argument. (#9660)
+ twisted.conch.ssh.transport.SSHTransportBase now disconnects the
remote peer if the SSH version string is not sent in the first
4096 bytes. (#10284, CVE-2022-21716, GHSA-rv6r-3f5q-9rgx)
(bsc#1198086)
* Improved Documentation
+ Add type annotations for twisted.web.http.Request.getHeader. (#10270)
* Deprecations and Removals
+ Support for Python 3.6, which is EoL as of 2021-09-04, has been
deprecated. (#10303)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=117
In support of boo#1183833
- Restore no-pygtkcompat.patch due to boo#1110669
Re: 880374
I'm pretty certain that the rpmlint warnings are not caused by the reintroduction of the patch. In fact these warnings are present in the existing devel:languages:python/python-Twisted repository right now (Rev 108), after multiple subsequently accepted requests since this was rejected 5 months ago. Can this request please be reconsidered, or can a package maintainer reintroduce the no-pygtkcompat patch of their own accord as part of regular Twisted maintenance?
OBS-URL: https://build.opensuse.org/request/show/911968
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=109
- Python 3.10 beta is now a supported platform and should be ready for
the final 3.10 release.
- twisted.web.template.renderElement() now accepts any IRequest
implementer instead of only twisted.web.server.Request. Add type
hints to twisted.web.template. (#10184)
- Type hinting was added to twisted.internet.defer, making this the
first release of Twisted where you might reasonably be able to use
mypy without your own custom stub files. (#10017)
- Patch incremental-21.patch removed, because included in the
upstream tarball.
- The enableSessions argument to
twisted.internet.ssl.CertificateOptions now
- actually enables/disables OpenSSL's session cache. Also, due to
- session-related bugs, it defaults to False. (#9583)
- twisted.internet.defer.inlineCallbacks and ensureDeferred will now
associate a contextvars.Context with the coroutines they run,
meaning that ContextVar objects will maintain their value within
the same coroutine, similarly to asyncio Tasks. This functionality
requires Python 3.7+, or the contextvars PyPI backport to be
installed for Python 3.5-3.6. (#9719, #9826)
- twisted.internet.defer.Deferred.fromCoroutine has been added. This
is similar to the existing ensureDeferred function, but is named
more consistently inside Twisted and does not pass through
Deferreds. (#9825)
- trial now allows the @unittest.skipIf decorator to specify that an
entire test class should be skipped. (#9829)
- The twisted.python.deprecate.deprecatedKeywordParameter decorator
can be used to mark a keyword paramater of a function or method as
deprecated. (#9844)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=107
* Features
+ The enableSessions argument to twisted.internet.ssl.CertificateOptions now
+ actually enables/disables OpenSSL's session cache. Also, due to
+ session-related bugs, it defaults to False. (#9583)
+ twisted.internet.defer.inlineCallbacks and ensureDeferred will now associate a contextvars.Context with the coroutines they run, meaning that ContextVar objects will maintain their value within the same coroutine, similarly to asyncio Tasks. This functionality requires Python 3.7+, or the contextvars PyPI backport to be installed for Python 3.5-3.6. (#9719, #9826)
+ twisted.internet.defer.Deferred.fromCoroutine has been added. This is similar to the existing ensureDeferred function, but is named more consistently inside Twisted and does not pass through Deferreds. (#9825)
+ trial now allows the @unittest.skipIf decorator to specify that an entire test class should be skipped. (#9829)
+ The twisted.python.deprecate.deprecatedKeywordParameter decorator can be used to mark a keyword paramater of a function or method as deprecated. (#9844)
+ Projects using Twisted can now perform type checking against a Twisted
+ installation, for example using mypy. (#9908)
+ twisted.python.util.InsensitiveDict now fully implements MutableMapping. (#9919)
+ Python 3.8 is now tested and supported. (#9955)
+ Support a coroutine function in twisted.internet.task.react (#9974)
+ PyPy 3.7 is now tested and supported. (#10093)
* Bugfixes
+ twisted.web.twcgi.CGIProcessProtocol.processEnded(...) now handles an already-finished request, for example when request.connectionLost(...) was called previously. (#9468)
+ Twisted's dependency on PyHamcrest has been moved from the base package to the new "test" extra. Consequently the test extra must be installed for Twisted's test suite to pass. (#9509)
+ Fixed serialization of timedelta, date, and time objects in twisted.spread. (#9716)
+ twisted.internet.asyncioreactor.AsyncioSelectorReactor now raises an exception if instantiated with an event loop which is not compatible with asyncio.SelectorEventLoop. This fixes the AsyncioSelectorReactor in Python 3.8+ on Windows, where in bp-34687 the default Windows asyncio event loop was changed to ProactorEventLoop. Applications that use AsyncioSelectorReactor on Windows with Python 3.8+ must call asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) before instantiating and running AsyncioSelectorReactor. (#9766)
+ twisted.internet.process.registerReapProcessHandler and ._BaseProcess.reapProcess will no longer raise a TypeError when processing a None PID (#9775)
+ INotify will close its file descriptor if a directory is automatically removed by twisted from the watchlist because it's deleted, avoiding orphaned filedescriptors. (#9777)
+ DelayedCall.reset() is now working properly with asyncioreactor (#9780)
+ AsyncioSelectorReactor.seconds() now correctly returns an epoch time. (#9787)
+ The _connDone parameter has been removed from twisted.internet.abstract.FileDescriptor.loseConnection()'s signature in order to match the signature in the base class twisted.internet._newtls.ConnectionMixin loseConnection(). (#9849)
+ The Gtk3 reactor now runs on Wayland-only sessions (#9904)
+ Descriptive error messages from twisted.internet.error are now present when running with 'python -OO'. (#9918)
+ Comparator methods such as eq() now always return NotImplemented for uncomparable types. (#9919)
+ When installing Twisted it now requires a minimum Python 3.5.4 version to match the version used with automated testing. This is the minimum Python version that we know that Twisted works with. (#10098)
- Drop patches no-pygtkcompat.patch, python-38-hmac-digestmod.patch,
python-38-no-cgi-parseqs.patch, twisted-pr1369-remove-pyopenssl-npn.patch &
twisted-pr1487-increase-ffdh-keysize.patch, they have been merged.
- Refresh other patches.
- Add no-cython_test_exception_raiser.patch to avoid another dependency.
- Update URL and make use of sitelib, not sitearch macros
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=102
- Update to 19.10.0 bsc#1162424:
- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
- Remove patch PR-1147.patch
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
XMPP support did not verify certificates when used with TLS,
allowing an attacker to MITM connections.
- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
(bsc#1137825, CVE-2019-12387)
Prevent CRLF injections
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=87
* twisted.trial.successResultOf, twisted.trial.failureResultOf, and twisted.trial.assertNoResult accept coroutines as well as Deferreds. (#9006)
* Fixed circular import in twisted.trial.reporter, introduced in Twisted 16.0.0. (#8267)
* The POP3 server implemented by twisted.mail.pop3 now accepts passwords that contain spaces. (#9100)
* Incoming HTTP/2 connections will now not time out if they persist for longer than one minute. (#9653)
* twisted.conch.ssh.keys now correctly writes the "iqmp" parameter in serialized RSA private keys as q^-1 mod p rather than p^-1 mod q. (#9681)
* twisted.web.server.Request will now use twisted.web.server.Site.getContentFile, if it exists, to get a file into which to write request content. If getContentFile is not provided by the site, it will fall back to the previous behavior of using io.BytesIO for small requests and tempfile.TemporaryFile for large ones. (#9655)
* twisted.web.client.FileBodyProducer will now stop producing when the Deferred returned by FileBodyProducer.startProducing is cancelled. (#9547)
* The HTTP/2 server implementation now enforces TCP flow control on control frame messages and times out clients that send invalid data without reading responses. This closes CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan Looney and Piotr Sikora. (#9694)
- Add python-38-xml-namespace.patch to fix dictionary mutation under Python 3.8
- Add python-38-hmac-digestmod.patch to add digestmod parameter where required
- Add python-38-no-cgi-parseqs.patch to no longer import parse_qs from cgi
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=85
* The callable argument to twisted.internet.task.deferLater() is no longer required. (#9577)
* twisted.internet.utils.getProcessOutputAndValue now accepts stdinBytes to write to the child process's standard input. (#9607)
* Add new twisted.logger.capturedLogs context manager for capturing observed log events in tests. (#9617)
* twisted.internet.base.PluggableResolverMixin, which implements the pluggable resolver interfaces for easier re-use in other reactors, has been factored out of ReactorBase. (#9632)
* The PyPI page for Twisted has been enhanced to include more information and useful links. (#9648)
- Refresh patch:
* skip_MultiCast.patch
- Remove merged patch hyperlink.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=82
* twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463)
* DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546)
* t.i.b.BaseConnector has custom __repr__ (#9548)
* twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585)
* Twisted's minimum Cryptography requirement is now 2.5. (#9592)
* twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515)
* twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138)
- Remove merged patches:
* openssl-errormsg.aptch
* openssl111.patch
- Add patch to tests for new hyperlink:
* hyperlink.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=79
