* Bugfixes
+ twisted.internet.gireactor.PortableGIReactor.simulate and
twisted.internet.gtk2reactor.PortableGtkReactor.simulate no longer
raises TypeError when there are no delayed called. This was a
regression introduced with the migration to Python 3 in which the
builtin min function no longer accepts None as an argument. (#9660)
+ twisted.conch.ssh.transport.SSHTransportBase now disconnects the
remote peer if the SSH version string is not sent in the first
4096 bytes. (#10284, CVE-2022-21716, GHSA-rv6r-3f5q-9rgx)
(bsc#1198086)
* Improved Documentation
+ Add type annotations for twisted.web.http.Request.getHeader. (#10270)
* Deprecations and Removals
+ Support for Python 3.6, which is EoL as of 2021-09-04, has been
deprecated. (#10303)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=117
In support of boo#1183833
- Restore no-pygtkcompat.patch due to boo#1110669
Re: 880374
I'm pretty certain that the rpmlint warnings are not caused by the reintroduction of the patch. In fact these warnings are present in the existing devel:languages:python/python-Twisted repository right now (Rev 108), after multiple subsequently accepted requests since this was rejected 5 months ago. Can this request please be reconsidered, or can a package maintainer reintroduce the no-pygtkcompat patch of their own accord as part of regular Twisted maintenance?
OBS-URL: https://build.opensuse.org/request/show/911968
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=109
- Python 3.10 beta is now a supported platform and should be ready for
the final 3.10 release.
- twisted.web.template.renderElement() now accepts any IRequest
implementer instead of only twisted.web.server.Request. Add type
hints to twisted.web.template. (#10184)
- Type hinting was added to twisted.internet.defer, making this the
first release of Twisted where you might reasonably be able to use
mypy without your own custom stub files. (#10017)
- Patch incremental-21.patch removed, because included in the
upstream tarball.
- The enableSessions argument to
twisted.internet.ssl.CertificateOptions now
- actually enables/disables OpenSSL's session cache. Also, due to
- session-related bugs, it defaults to False. (#9583)
- twisted.internet.defer.inlineCallbacks and ensureDeferred will now
associate a contextvars.Context with the coroutines they run,
meaning that ContextVar objects will maintain their value within
the same coroutine, similarly to asyncio Tasks. This functionality
requires Python 3.7+, or the contextvars PyPI backport to be
installed for Python 3.5-3.6. (#9719, #9826)
- twisted.internet.defer.Deferred.fromCoroutine has been added. This
is similar to the existing ensureDeferred function, but is named
more consistently inside Twisted and does not pass through
Deferreds. (#9825)
- trial now allows the @unittest.skipIf decorator to specify that an
entire test class should be skipped. (#9829)
- The twisted.python.deprecate.deprecatedKeywordParameter decorator
can be used to mark a keyword paramater of a function or method as
deprecated. (#9844)
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=107
* Features
+ The enableSessions argument to twisted.internet.ssl.CertificateOptions now
+ actually enables/disables OpenSSL's session cache. Also, due to
+ session-related bugs, it defaults to False. (#9583)
+ twisted.internet.defer.inlineCallbacks and ensureDeferred will now associate a contextvars.Context with the coroutines they run, meaning that ContextVar objects will maintain their value within the same coroutine, similarly to asyncio Tasks. This functionality requires Python 3.7+, or the contextvars PyPI backport to be installed for Python 3.5-3.6. (#9719, #9826)
+ twisted.internet.defer.Deferred.fromCoroutine has been added. This is similar to the existing ensureDeferred function, but is named more consistently inside Twisted and does not pass through Deferreds. (#9825)
+ trial now allows the @unittest.skipIf decorator to specify that an entire test class should be skipped. (#9829)
+ The twisted.python.deprecate.deprecatedKeywordParameter decorator can be used to mark a keyword paramater of a function or method as deprecated. (#9844)
+ Projects using Twisted can now perform type checking against a Twisted
+ installation, for example using mypy. (#9908)
+ twisted.python.util.InsensitiveDict now fully implements MutableMapping. (#9919)
+ Python 3.8 is now tested and supported. (#9955)
+ Support a coroutine function in twisted.internet.task.react (#9974)
+ PyPy 3.7 is now tested and supported. (#10093)
* Bugfixes
+ twisted.web.twcgi.CGIProcessProtocol.processEnded(...) now handles an already-finished request, for example when request.connectionLost(...) was called previously. (#9468)
+ Twisted's dependency on PyHamcrest has been moved from the base package to the new "test" extra. Consequently the test extra must be installed for Twisted's test suite to pass. (#9509)
+ Fixed serialization of timedelta, date, and time objects in twisted.spread. (#9716)
+ twisted.internet.asyncioreactor.AsyncioSelectorReactor now raises an exception if instantiated with an event loop which is not compatible with asyncio.SelectorEventLoop. This fixes the AsyncioSelectorReactor in Python 3.8+ on Windows, where in bp-34687 the default Windows asyncio event loop was changed to ProactorEventLoop. Applications that use AsyncioSelectorReactor on Windows with Python 3.8+ must call asyncio.set_event_loop_policy(asyncio.WindowsSelectorEventLoopPolicy()) before instantiating and running AsyncioSelectorReactor. (#9766)
+ twisted.internet.process.registerReapProcessHandler and ._BaseProcess.reapProcess will no longer raise a TypeError when processing a None PID (#9775)
+ INotify will close its file descriptor if a directory is automatically removed by twisted from the watchlist because it's deleted, avoiding orphaned filedescriptors. (#9777)
+ DelayedCall.reset() is now working properly with asyncioreactor (#9780)
+ AsyncioSelectorReactor.seconds() now correctly returns an epoch time. (#9787)
+ The _connDone parameter has been removed from twisted.internet.abstract.FileDescriptor.loseConnection()'s signature in order to match the signature in the base class twisted.internet._newtls.ConnectionMixin loseConnection(). (#9849)
+ The Gtk3 reactor now runs on Wayland-only sessions (#9904)
+ Descriptive error messages from twisted.internet.error are now present when running with 'python -OO'. (#9918)
+ Comparator methods such as eq() now always return NotImplemented for uncomparable types. (#9919)
+ When installing Twisted it now requires a minimum Python 3.5.4 version to match the version used with automated testing. This is the minimum Python version that we know that Twisted works with. (#10098)
- Drop patches no-pygtkcompat.patch, python-38-hmac-digestmod.patch,
python-38-no-cgi-parseqs.patch, twisted-pr1369-remove-pyopenssl-npn.patch &
twisted-pr1487-increase-ffdh-keysize.patch, they have been merged.
- Refresh other patches.
- Add no-cython_test_exception_raiser.patch to avoid another dependency.
- Update URL and make use of sitelib, not sitearch macros
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=102
- Update to 19.10.0 bsc#1162424:
- Remove patch 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
- Remove patch PR-1147.patch
- Add PR-1147.patch (bsc#1138461, CVE-2019-12855)
In words.protocols.jabber.xmlstream in Twisted through 19.2.1,
XMPP support did not verify certificates when used with TLS,
allowing an attacker to MITM connections.
- Add 0001-Prevent-CRLF-injections-described-in-CVE-2019-12387.patch
(bsc#1137825, CVE-2019-12387)
Prevent CRLF injections
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=87
* twisted.trial.successResultOf, twisted.trial.failureResultOf, and twisted.trial.assertNoResult accept coroutines as well as Deferreds. (#9006)
* Fixed circular import in twisted.trial.reporter, introduced in Twisted 16.0.0. (#8267)
* The POP3 server implemented by twisted.mail.pop3 now accepts passwords that contain spaces. (#9100)
* Incoming HTTP/2 connections will now not time out if they persist for longer than one minute. (#9653)
* twisted.conch.ssh.keys now correctly writes the "iqmp" parameter in serialized RSA private keys as q^-1 mod p rather than p^-1 mod q. (#9681)
* twisted.web.server.Request will now use twisted.web.server.Site.getContentFile, if it exists, to get a file into which to write request content. If getContentFile is not provided by the site, it will fall back to the previous behavior of using io.BytesIO for small requests and tempfile.TemporaryFile for large ones. (#9655)
* twisted.web.client.FileBodyProducer will now stop producing when the Deferred returned by FileBodyProducer.startProducing is cancelled. (#9547)
* The HTTP/2 server implementation now enforces TCP flow control on control frame messages and times out clients that send invalid data without reading responses. This closes CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood). Thanks to Jonathan Looney and Piotr Sikora. (#9694)
- Add python-38-xml-namespace.patch to fix dictionary mutation under Python 3.8
- Add python-38-hmac-digestmod.patch to add digestmod parameter where required
- Add python-38-no-cgi-parseqs.patch to no longer import parse_qs from cgi
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=85
* The callable argument to twisted.internet.task.deferLater() is no longer required. (#9577)
* twisted.internet.utils.getProcessOutputAndValue now accepts stdinBytes to write to the child process's standard input. (#9607)
* Add new twisted.logger.capturedLogs context manager for capturing observed log events in tests. (#9617)
* twisted.internet.base.PluggableResolverMixin, which implements the pluggable resolver interfaces for easier re-use in other reactors, has been factored out of ReactorBase. (#9632)
* The PyPI page for Twisted has been enhanced to include more information and useful links. (#9648)
- Refresh patch:
* skip_MultiCast.patch
- Remove merged patch hyperlink.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=82
* twisted.internet.ssl.CertificateOptions now uses 32 random bytes instead of an MD5 hash for the ssl session identifier context. (#9463)
* DeferredLock and DeferredSemaphore can be used as asynchronous context managers on Python 3.5+. (#9546)
* t.i.b.BaseConnector has custom __repr__ (#9548)
* twisted.internet.ssl.optionsForClientTLS now supports validating IP addresses from the certificate subjectAltName (#9585)
* Twisted's minimum Cryptography requirement is now 2.5. (#9592)
* twisted.conch.ssh.keys can now read private keys in the new "openssh-key-v1" format, introduced in OpenSSH 6.5 and made the default in OpenSSH 7.8. (#9515)
* twisted.web.client.HostnameCachingHTTPSPolicy was added as a new contextFactory option. The policy caches a specified number of twisted.internet.interfaces.IOpenSSLClientConnectionCreator instances to to avoid the cost of instantiating a connection creator for multiple requests to the same host. (#9138)
- Remove merged patches:
* openssl-errormsg.aptch
* openssl111.patch
- Add patch to tests for new hyperlink:
* hyperlink.patch
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-Twisted?expand=0&rev=79
