Accepting request 1010179 from devel:languages:python

- Update to 1.2.0 (CVE-2022-21797, bsc#1204232)
  * Fix a security issue where eval(pre_dispatch) could potentially
    run arbitrary code. Now only basic numerics are supported.
    #1327
  * Make sure that joblib works even when multiprocessing is not
    available, for instance with Pyodide #1256
  * Avoid unnecessary warnings when workers and main process delete
    the temporary memmap folder contents concurrently. #1263
  * Vendor loky 3.1.0 with several fixes to more robustly forcibly
    terminate worker processes in case of a crash. #1269
  * Fix memory alignment bug for pickles containing numpy arrays.
    This is especially important when loading the pickle with
    mmap_mode != None as the resulting numpy.memmap object would
    not be able to correct the misalignment without performing a
    memory copy. This bug would cause invalid computation and
    segmentation faults with native code that would directly access
    the underlying data buffer of a numpy array, for instance
    C/C++/Cython code compiled with older GCC versions or some old
    OpenBLAS written in platform specific assembly. #1254
  * Vendor cloudpickle 2.2.0 which adds support for PyPy 3.8+.
  * Vendor loky 3.3.0 which fixes a bug with leaking processes in
    case of nested loky parallel calls and more reliability spawn
    the correct number of reusable workers.
- Drop support-setuptools-62.patch

OBS-URL: https://build.opensuse.org/request/show/1010179
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/python-joblib?expand=0&rev=21

joblib-1.1.0.tar.gz

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4158fcecd13733f8be669be0683b96ebdbbd38d23559f54dca7205aea1bf1e35
-size 2063601

joblib-1.2.0.tar.gz

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e1cee4a79e4af22881164f218d4311f60074197fb707e082e803b61f6d137018
+size 313200

python-joblib.changes

@@ -1,3 +1,31 @@
+-------------------------------------------------------------------
+Tue Oct 11 13:20:33 UTC 2022 - Ben Greiner <code@bnavigator.de>
+
+- Update to 1.2.0 (CVE-2022-21797, bsc#1204232)
+  * Fix a security issue where eval(pre_dispatch) could potentially
+    run arbitrary code. Now only basic numerics are supported.
+    #1327
+  * Make sure that joblib works even when multiprocessing is not
+    available, for instance with Pyodide #1256
+  * Avoid unnecessary warnings when workers and main process delete
+    the temporary memmap folder contents concurrently. #1263
+  * Vendor loky 3.1.0 with several fixes to more robustly forcibly
+    terminate worker processes in case of a crash. #1269
+  * Fix memory alignment bug for pickles containing numpy arrays.
+    This is especially important when loading the pickle with
+    mmap_mode != None as the resulting numpy.memmap object would
+    not be able to correct the misalignment without performing a
+    memory copy. This bug would cause invalid computation and
+    segmentation faults with native code that would directly access
+    the underlying data buffer of a numpy array, for instance
+    C/C++/Cython code compiled with older GCC versions or some old
+    OpenBLAS written in platform specific assembly. #1254
+  * Vendor cloudpickle 2.2.0 which adds support for PyPy 3.8+.
+  * Vendor loky 3.3.0 which fixes a bug with leaking processes in
+    case of nested loky parallel calls and more reliability spawn
+    the correct number of reusable workers.
+- Drop support-setuptools-62.patch
+
 -------------------------------------------------------------------
 Wed Jul 20 11:00:18 UTC 2022 - Steve Kowalik <steven.kowalik@suse.com>
 

python-joblib.spec

@@ -16,16 +16,14 @@
 #
 
 
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
-%global skip_python2 1
 Name:           python-joblib
-Version:        1.1.0
+Version:        1.2.0
 Release:        0
 Summary:        Module for using Python functions as pipeline jobs
 License:        BSD-3-Clause
 URL:            https://github.com/joblib/joblib
 Source:         https://files.pythonhosted.org/packages/source/j/joblib/joblib-%{version}.tar.gz
-Patch0:         support-setuptools-62.patch
+BuildRequires:  %{python_module base >= 3.7}
 BuildRequires:  %{python_module lz4}
 BuildRequires:  %{python_module numpy}
 BuildRequires:  %{python_module psutil}
@@ -111,7 +109,7 @@ fi
 %files %{python_files}
 %license LICENSE.txt
 %doc README.rst
-%{python_sitelib}/joblib-%{version}-py*.egg-info
+%{python_sitelib}/joblib-%{version}*-info
 %{python_sitelib}/joblib/
 
 %changelog

support-setuptools-62.patch

@@ -1,13 +0,0 @@
-Index: joblib-1.1.0/joblib/test/test_numpy_pickle.py
-===================================================================
---- joblib-1.1.0.orig/joblib/test/test_numpy_pickle.py
-+++ joblib-1.1.0/joblib/test/test_numpy_pickle.py
-@@ -279,7 +279,7 @@ def test_compress_mmap_mode_warning(tmpd
-     numpy_pickle.dump(a, this_filename, compress=1)
-     with warns(UserWarning) as warninfo:
-         numpy_pickle.load(this_filename, mmap_mode='r+')
--    assert len(warninfo) == 1
-+    assert len(warninfo) >= 1
-     assert (str(warninfo[0].message) ==
-             'mmap_mode "%(mmap_mode)s" is not compatible with compressed '
-             'file %(filename)s. "%(mmap_mode)s" flag will be ignored.' %