From 3c2a3e7d90e4b849494cd84be30665c81d80001d03d071941cfe7f107590cad3 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 20 Nov 2024 16:10:58 +0000 Subject: [PATCH] - update to 4.0.0: * Breaking Change: Python 3.7 is no longer supported. * Breaking Change: Support for pre-0.7.0 repr-serialized objects is no longer enabled by default. The safe option to decode() was changed from False to True. Users can still pass safe=False to decode() in order to enable this feature for the purposes of loading older files, but beware that this feature relies on unsafe behavior through its use of eval(). Users are encouraged to re-pickle old data in order to migrate away from the the unsafe loading feature. (+514) * The pickler no longer produces py/repr tags when pickling modules. py/mod is used instead, as it is clearer and uses one less byte. (+514) * The test suite no longer uses the deprecated datetime.datetime.utcnow() function. (+539) * The breaking changes from v4 were inadvertedly included in v3.4.1, which has been yanked. This release remedies this by reverting the v4 changes. * Support decoding pandas dataframes encoded with versions 3.3.0 and older. (+536) * Officially support Python 3.12 in the GitHub Actions testing matrix, and update GHA package versions used. (+524) * Improve reproducibility of benchmarking commands on Linux by using taskset and adding a "HOWTO" run benchmarks section in benchmarking/README.md. (+526) * The setup.cfg packaging configuration has been replaced by pyproject.toml. (+527) * yaml is now supported as a jsonpickle backend. (+528) * OSSFuzz scripts are now available in the fuzzing/ directory. (+525) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-jsonpickle?expand=0&rev=42 --- jsonpickle-3.2.2.tar.gz | 3 --- jsonpickle-4.0.0.tar.gz | 3 +++ python-jsonpickle.changes | 49 +++++++++++++++++++++++++++++++++++++++ python-jsonpickle.spec | 3 ++- 4 files changed, 54 insertions(+), 4 deletions(-) delete mode 100644 jsonpickle-3.2.2.tar.gz create mode 100644 jsonpickle-4.0.0.tar.gz diff --git a/jsonpickle-3.2.2.tar.gz b/jsonpickle-3.2.2.tar.gz deleted file mode 100644 index 1b2e463..0000000 --- a/jsonpickle-3.2.2.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:d425fd2b8afe9f5d7d57205153403fbf897782204437882a477e8eed60930f8c -size 327839 diff --git a/jsonpickle-4.0.0.tar.gz b/jsonpickle-4.0.0.tar.gz new file mode 100644 index 0000000..28cc136 --- /dev/null +++ b/jsonpickle-4.0.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:fc670852b204d77601b08f8f9333149ac37ab6d3fe4e6ed3b578427291f63736 +size 314587 diff --git a/python-jsonpickle.changes b/python-jsonpickle.changes index e25119d..6854b95 100644 --- a/python-jsonpickle.changes +++ b/python-jsonpickle.changes @@ -1,3 +1,52 @@ +------------------------------------------------------------------- +Wed Nov 20 16:10:49 UTC 2024 - Dirk Müller + +- update to 4.0.0: + * Breaking Change: Python 3.7 is no longer supported. + * Breaking Change: Support for pre-0.7.0 repr-serialized + objects is no longer enabled by default. The safe option to + decode() was changed from False to True. Users can still pass + safe=False to decode() in order to enable this feature for + the purposes of loading older files, but beware that this + feature relies on unsafe behavior through its use of eval(). + Users are encouraged to re-pickle old data in order to + migrate away from the the unsafe loading feature. (+514) + * The pickler no longer produces py/repr tags when pickling + modules. py/mod is used instead, as it is clearer and uses + one less byte. (+514) + * The test suite no longer uses the deprecated + datetime.datetime.utcnow() function. (+539) + * The breaking changes from v4 were inadvertedly included in + v3.4.1, which has been yanked. This release remedies this by + reverting the v4 changes. + * Support decoding pandas dataframes encoded with versions + 3.3.0 and older. (+536) + * Officially support Python 3.12 in the GitHub Actions testing + matrix, and update GHA package versions used. (+524) + * Improve reproducibility of benchmarking commands on Linux by + using taskset and adding a "HOWTO" run benchmarks section in + benchmarking/README.md. (+526) + * The setup.cfg packaging configuration has been replaced by + pyproject.toml. (+527) + * yaml is now supported as a jsonpickle backend. (+528) + * OSSFuzz scripts are now available in the fuzzing/ directory. + (+525) + * Pure-python dtypes are now preserved across encode()/decode() + roundtrips for the pandas extension. + * Pandas dataframe columns with an object dtype that contain + multiple different types within (e.g. a column of type + list[Union[str, int]]) now preserve the types upon being + roundtripped. (#457) + * Fix warnings in the test suite regarding numpy.compat usage. + * The unpickler was updated to avoid using eval, which helps + improve its security. Users can still pass safe=False to + decode to use the old behavior, though this is not + recommended. (+513) + * Objects can now exclude specific attributes from pickling by + providing a _jsonpickle_exclude class or instance attribute. + This attribute should contain the list of attribute names to + exclude when pickling the object. + ------------------------------------------------------------------- Sun Jun 30 20:34:24 UTC 2024 - Dirk Müller diff --git a/python-jsonpickle.spec b/python-jsonpickle.spec index 6f06e63..d736dc4 100644 --- a/python-jsonpickle.spec +++ b/python-jsonpickle.spec @@ -18,7 +18,7 @@ %{?sle15_python_module_pythons} Name: python-jsonpickle -Version: 3.2.2 +Version: 4.0.0 Release: 0 Summary: Python library for serializing any arbitrary object graph into JSON License: BSD-3-Clause @@ -76,6 +76,7 @@ sed -i 's/ --cov//' pytest.ini %python_expand %fdupes %{buildroot}%{$python_sitelib} %check +rm -rv fuzzing # test_multindex_dataframe_roundtrip is flaky on i586 donttest="test_multindex_dataframe_roundtrip" # https://github.com/jsonpickle/jsonpickle/issues/460