From 1a6c186c7e3f271eceb0261356b574ace342ff5524615685c9b7527ebb7b314c Mon Sep 17 00:00:00 2001 From: Steve Kowalik Date: Fri, 2 May 2025 07:25:14 +0000 Subject: [PATCH] - Switch to pyproject macros. - No more greedy globs in %files. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-defusedxml?expand=0&rev=22 --- .gitattributes | 23 ++++++++++ .gitignore | 1 + defusedxml-0.7.1.tar.gz | 3 ++ python-defusedxml.changes | 88 +++++++++++++++++++++++++++++++++++++++ python-defusedxml.spec | 75 +++++++++++++++++++++++++++++++++ 5 files changed, 190 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 defusedxml-0.7.1.tar.gz create mode 100644 python-defusedxml.changes create mode 100644 python-defusedxml.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/defusedxml-0.7.1.tar.gz b/defusedxml-0.7.1.tar.gz new file mode 100644 index 0000000..532dc89 --- /dev/null +++ b/defusedxml-0.7.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1bb3032db185915b62d7c6209c5a8792be6a32ab2fedacc84e01b52c51aa3e69 +size 75520 diff --git a/python-defusedxml.changes b/python-defusedxml.changes new file mode 100644 index 0000000..561fceb --- /dev/null +++ b/python-defusedxml.changes @@ -0,0 +1,88 @@ +------------------------------------------------------------------- +Fri May 2 07:24:45 UTC 2025 - Steve Kowalik + +- Switch to pyproject macros. +- No more greedy globs in %files. + +------------------------------------------------------------------- +Fri Apr 21 12:24:14 UTC 2023 - Dirk Müller + +- add sle15_python_module_pythons (jsc#PED-68) + +------------------------------------------------------------------- +Thu Apr 13 22:40:53 UTC 2023 - Matej Cepl + +- Make calling of %{sle15modernpython} optional. + +------------------------------------------------------------------- +Tue May 18 09:25:03 UTC 2021 - pgajdos@suse.com + +- use %pytest macro, run lxml tests + +------------------------------------------------------------------- +Tue Mar 23 20:19:43 UTC 2021 - Dirk Müller + +- update to 0.7.1: + - Fix regression ``defusedxml.ElementTree.ParseError`` (#63) + The ``ParseError`` exception is now the same class object as + ``xml.etree.ElementTree.ParseError`` again. + +------------------------------------------------------------------- +Mon Mar 8 08:09:10 UTC 2021 - Dirk Müller + +- update to 0.7.0: + - Re-add and deprecate ``defusedxml.cElementTree`` + - Use GitHub Actions instead of TravisCI + - Restore ``ElementTree`` attribute of ``xml.etree`` module after patching + - Add support for Python 3.9 + - ``defusedxml.cElementTree`` is not available with Python 3.9. + - Python 2 is deprecate. Support for Python 2 will be removed in 0.8.0. + +------------------------------------------------------------------- +Thu May 30 08:41:25 UTC 2019 - Michael Ströder + +- Update to 0.6.0 + - Increase test coverage. + - Add badges to README. + - Test on Python 3.7 stable and 3.8-dev + - Drop support for Python 3.4 + - No longer pass *html* argument to XMLParse. It has been deprecated and + ignored for a long time. The DefusedXMLParser still takes a html argument. + A deprecation warning is issued when the argument is False and a TypeError + when it's True. + - defusedxml now fails early when pyexpat stdlib module is not available or + broken. + - defusedxml.ElementTree.__all__ now lists ParseError as public attribute. + - The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo + and used XMLParse instead of XMLParser as an alias for DefusedXMLParser. + Both the old and fixed name are now available. + +------------------------------------------------------------------- +Tue Dec 4 12:47:12 UTC 2018 - Matej Cepl + +- Remove superfluous devel dependency for noarch package + +------------------------------------------------------------------- +Wed Apr 19 22:20:34 UTC 2017 - toddrme2178@gmail.com + +- Fix source url. + +------------------------------------------------------------------- +Tue Apr 18 16:58:49 UTC 2017 - toddrme2178@gmail.com + +- Update to 5.0 + * Add compatibility with Python 3.6 + * Drop support for Python 2.6, 3.1, 3.2, 3.3 + * Fix lxml tests (XMLSyntaxError: Detected an entity reference loop) +- Implement single-spec version. + +------------------------------------------------------------------- +Tue Jan 31 14:25:04 UTC 2017 - rsalevsky@suse.com + +- Dummy changelog for bsc#1019074, FATE#322329 + +------------------------------------------------------------------- +Tue Feb 4 14:26:51 UTC 2014 - mcihar@suse.cz + +- Initial packaging. + diff --git a/python-defusedxml.spec b/python-defusedxml.spec new file mode 100644 index 0000000..9de9500 --- /dev/null +++ b/python-defusedxml.spec @@ -0,0 +1,75 @@ +# +# spec file for package python-defusedxml +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%bcond_without tests +%{?sle15_python_module_pythons} +Name: python-defusedxml +Version: 0.7.1 +Release: 0 +Summary: XML bomb protection for Python stdlib modules +License: Python-2.0 +Group: Development/Languages/Python +URL: https://pypi.python.org/pypi/defusedxml +Source: https://files.pythonhosted.org/packages/source/d/defusedxml/defusedxml-%{version}.tar.gz +BuildRequires: %{python_module pip} +BuildRequires: %{python_module setuptools} +BuildRequires: %{python_module wheel} +# SECTION test requirements +BuildRequires: %{python_module lxml} +BuildRequires: %{python_module pytest} +BuildRequires: %{python_module xml} +# /SECTION +BuildRequires: fdupes +BuildRequires: python-rpm-macros +Requires: python-xml +BuildArch: noarch +%python_subpackages + +%description +The results of an attack on a vulnerable XML library can be fairly dramatic. +With just a few hundred bytes of XML data an attacker can occupy several +gigabytes of memory within seconds. An attacker can also keep +CPUs busy for a long time with a small to medium size request. + +This library allows for XML to be parsed in a manner that avoids these +pitfalls. + +%prep +%setup -q -n defusedxml-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install +%python_expand %fdupes %{buildroot}%{$python_sitelib} + +%if %{with tests} +%check +# see test_main() in tests.py; test_html_arg: deprecation warning is not raised, perhaps capturing wrongly setup? +usable_tests=$(grep addTests tests.py | sed 's:.*makeSuite(\([a-zA-Z]*\)).*:\1:' | tr '\n' ' ' | sed -e 's: $::' -e 's: : or :g') +%pytest -s -k "($usable_tests) and not test_html_arg" +%endif + +%files %{python_files} +%license LICENSE +%doc README.txt CHANGES.txt +%{python_sitelib}/defusedxml +%{python_sitelib}/defusedxml-%{version}.dist-info + +%changelog