From 15693de5f1fde3ead167a1d6cae8dd407e33d61746433dfe9155355be44439cd Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Mon, 21 Mar 2022 08:12:59 +0000 Subject: [PATCH 1/3] - update to 2.1.1: * Handle date overflow in timed unsign. :pr:`296` * Drop support for Python 3.6. :pr:`272` * Remove previously deprecated code. :pr:`273` * JWS functionality: Use a dedicated library such as Authlib instead. * ``import itsdangerous.json``: Import ``json`` from the standard library instead. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-itsdangerous?expand=0&rev=18 --- itsdangerous-2.0.1.tar.gz | 3 --- itsdangerous-2.1.1.tar.gz | 3 +++ python-itsdangerous.changes | 12 ++++++++++++ python-itsdangerous.spec | 8 ++++---- 4 files changed, 19 insertions(+), 7 deletions(-) delete mode 100644 itsdangerous-2.0.1.tar.gz create mode 100644 itsdangerous-2.1.1.tar.gz diff --git a/itsdangerous-2.0.1.tar.gz b/itsdangerous-2.0.1.tar.gz deleted file mode 100644 index 7e09868..0000000 --- a/itsdangerous-2.0.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:9e724d68fc22902a1435351f84c3fb8623f303fffcc566a4cb952df8c572cff0 -size 59336 diff --git a/itsdangerous-2.1.1.tar.gz b/itsdangerous-2.1.1.tar.gz new file mode 100644 index 0000000..bae6a5a --- /dev/null +++ b/itsdangerous-2.1.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b7d3023cd35d9cb0c1fd91392f8c95c6fa02c59bf8ad64b8849be3401b95afb +size 56217 diff --git a/python-itsdangerous.changes b/python-itsdangerous.changes index a0dddc3..f5d19f6 100644 --- a/python-itsdangerous.changes +++ b/python-itsdangerous.changes @@ -1,3 +1,15 @@ +------------------------------------------------------------------- +Mon Mar 21 08:11:18 UTC 2022 - Dirk Müller + +- update to 2.1.1: + * Handle date overflow in timed unsign. :pr:`296` + * Drop support for Python 3.6. :pr:`272` + * Remove previously deprecated code. :pr:`273` + * JWS functionality: Use a dedicated library such as Authlib + instead. + * ``import itsdangerous.json``: Import ``json`` from the standard + library instead. + ------------------------------------------------------------------- Sat Jun 19 07:34:21 UTC 2021 - Michael Ströder diff --git a/python-itsdangerous.spec b/python-itsdangerous.spec index 12c4f06..49c25a7 100644 --- a/python-itsdangerous.spec +++ b/python-itsdangerous.spec @@ -1,7 +1,7 @@ # # spec file for package python-itsdangerous # -# Copyright (c) 2021 SUSE LLC +# Copyright (c) 2022 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,11 +16,11 @@ # -%define oldpython python +%{?!python_module:%define python_module() python3-%{**}} %define skip_python2 1 -%{?!python_module:%define python_module() python-%{**} python3-%{**}} +%global skip_python36 1 Name: python-itsdangerous -Version: 2.0.1 +Version: 2.1.1 Release: 0 Summary: Various helpers to pass trusted data to untrusted environments and back License: BSD-3-Clause From 69ffb14b06adc9e387d338fe2865d0b96cab0f2e0ff47b1d0fca08c21909ccba Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 24 Mar 2022 11:58:11 +0000 Subject: [PATCH 2/3] - add 32bit-handle-overflow.patch OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-itsdangerous?expand=0&rev=19 --- 32bit-handle-overflow.patch | 11 +++++++++++ python-itsdangerous.changes | 5 +++++ python-itsdangerous.spec | 2 ++ 3 files changed, 18 insertions(+) create mode 100644 32bit-handle-overflow.patch diff --git a/32bit-handle-overflow.patch b/32bit-handle-overflow.patch new file mode 100644 index 0000000..315252c --- /dev/null +++ b/32bit-handle-overflow.patch @@ -0,0 +1,11 @@ +--- itsdangerous-2.1.1/src/itsdangerous/timed.py ++++ itsdangerous-2.1.1/src/itsdangerous/timed.py +@@ -126,7 +126,7 @@ + if ts_int is not None: + try: + ts_dt = self.timestamp_to_datetime(ts_int) +- except (ValueError, OSError) as exc: ++ except (OverflowError, ValueError, OSError) as exc: + # Windows raises OSError + raise BadTimeSignature( + "Malformed timestamp", payload=value diff --git a/python-itsdangerous.changes b/python-itsdangerous.changes index f5d19f6..531d3b3 100644 --- a/python-itsdangerous.changes +++ b/python-itsdangerous.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Thu Mar 24 11:57:23 UTC 2022 - Dirk Müller + +- add 32bit-handle-overflow.patch + ------------------------------------------------------------------- Mon Mar 21 08:11:18 UTC 2022 - Dirk Müller diff --git a/python-itsdangerous.spec b/python-itsdangerous.spec index 49c25a7..51da629 100644 --- a/python-itsdangerous.spec +++ b/python-itsdangerous.spec @@ -27,6 +27,7 @@ License: BSD-3-Clause Group: Development/Languages/Python URL: https://itsdangerous.palletsprojects.com Source: https://files.pythonhosted.org/packages/source/i/itsdangerous/itsdangerous-%{version}.tar.gz +Patch1: 32bit-handle-overflow.patch BuildRequires: %{python_module freezegun} BuildRequires: %{python_module pytest} BuildRequires: %{python_module setuptools} @@ -50,6 +51,7 @@ Also I plan to add some extra things. Work in progress. %prep %setup -q -n itsdangerous-%{version} +%patch1 -p1 %build %python_build From f4fb0b5a01ad2ca845a1eaa6b59141174c2da9c7e5c09257f6e33c478f09685a Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 24 Mar 2022 12:11:24 +0000 Subject: [PATCH 3/3] OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-itsdangerous?expand=0&rev=20 --- python-itsdangerous.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/python-itsdangerous.spec b/python-itsdangerous.spec index 51da629..e8c5791 100644 --- a/python-itsdangerous.spec +++ b/python-itsdangerous.spec @@ -27,6 +27,7 @@ License: BSD-3-Clause Group: Development/Languages/Python URL: https://itsdangerous.palletsprojects.com Source: https://files.pythonhosted.org/packages/source/i/itsdangerous/itsdangerous-%{version}.tar.gz +# https://github.com/pallets/itsdangerous/pull/299 Patch1: 32bit-handle-overflow.patch BuildRequires: %{python_module freezegun} BuildRequires: %{python_module pytest}