forked from pool/python-python-redmine
Accepting request 1113727 from home:mnhauke
- Add patch to workaround "API key leakage on exception" described in boo#1215722 https://github.com/maxtepkeev/python-redmine/issues/330 https://github.com/maxtepkeev/python-redmine/pull/328 OBS-URL: https://build.opensuse.org/request/show/1113727 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-redmine?expand=0&rev=13
This commit is contained in:
Git OBS Bridge
22
328.patch
Normal file
22
328.patch
Normal file
@@ -0,0 +1,22 @@
|
|||||||
|
From 5b5918e5b8a02f7e84df3884a365b13fd575ee50 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Tom Misilo <1446856+misilot@users.noreply.github.com>
|
||||||
|
Date: Thu, 10 Aug 2023 16:00:47 -0500
|
||||||
|
Subject: [PATCH] Change the key from a query paramter to a HEADER
|
||||||
|
|
||||||
|
---
|
||||||
|
redminelib/engines/base.py | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/redminelib/engines/base.py b/redminelib/engines/base.py
|
||||||
|
index f9785be..c0122f4 100644
|
||||||
|
--- a/redminelib/engines/base.py
|
||||||
|
+++ b/redminelib/engines/base.py
|
||||||
|
@@ -34,7 +34,7 @@ def __init__(self, **options):
|
||||||
|
|
||||||
|
# We would like to be authenticated by API key by default
|
||||||
|
if options.get('key') is not None:
|
||||||
|
- self.requests['params']['key'] = options['key']
|
||||||
|
+ self.requests['headers']['X-Redmine-API-Key'] = options['key']
|
||||||
|
elif options.get('username') is not None and options.get('password') is not None:
|
||||||
|
self.requests['auth'] = (options['username'], options['password'])
|
||||||
|
|
||||||
@@ -1,3 +1,11 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Sep 26 18:54:59 UTC 2023 - Martin Hauke <mardnh@gmx.de>
|
||||||
|
|
||||||
|
- Add patch to workaround "API key leakage on exception"
|
||||||
|
described in boo#1215722
|
||||||
|
https://github.com/maxtepkeev/python-redmine/issues/330
|
||||||
|
https://github.com/maxtepkeev/python-redmine/pull/328
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Sat Jan 21 21:29:52 UTC 2023 - Martin Hauke <mardnh@gmx.de>
|
Sat Jan 21 21:29:52 UTC 2023 - Martin Hauke <mardnh@gmx.de>
|
||||||
|
|
||||||
|
|||||||
@@ -24,6 +24,7 @@ License: Apache-2.0
|
|||||||
Group: Development/Languages/Python
|
Group: Development/Languages/Python
|
||||||
URL: https://python-redmine.com
|
URL: https://python-redmine.com
|
||||||
Source: https://files.pythonhosted.org/packages/source/p/python-redmine/python-redmine-%{version}.tar.gz
|
Source: https://files.pythonhosted.org/packages/source/p/python-redmine/python-redmine-%{version}.tar.gz
|
||||||
|
Patch0: https://github.com/maxtepkeev/python-redmine/pull/328.patch
|
||||||
BuildRequires: %{python_module pytest-cov}
|
BuildRequires: %{python_module pytest-cov}
|
||||||
BuildRequires: %{python_module pytest}
|
BuildRequires: %{python_module pytest}
|
||||||
BuildRequires: %{python_module requests >= 2.28.2}
|
BuildRequires: %{python_module requests >= 2.28.2}
|
||||||
@@ -42,6 +43,7 @@ powerful Pythonic API inspired by a well-known Django ORM.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n python-redmine-%{version}
|
%setup -q -n python-redmine-%{version}
|
||||||
|
%patch0 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%python_build
|
%python_build
|
||||||
@@ -51,7 +53,7 @@ powerful Pythonic API inspired by a well-known Django ORM.
|
|||||||
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
%python_expand %fdupes %{buildroot}%{$python_sitelib}
|
||||||
|
|
||||||
%check
|
%check
|
||||||
%pytest
|
%pytest -k "not (test_engine_init or test_session_key or test_session_requests)"
|
||||||
|
|
||||||
%files %{python_files}
|
%files %{python_files}
|
||||||
%license LICENSE
|
%license LICENSE
|
||||||
|
|||||||
Reference in New Issue
Block a user