From 25b19d409792e49c03e0c1fefd81063a5707ec9dd919e0bbd50c3efe5000035a Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Thu, 4 May 2023 20:13:18 +0000
Subject: [PATCH] - update to 3.19.1:   * This release contains security
 hardening measures based on     recommendations by a security audit sponsored
 by OSTIF and     conducted by X41 D-Sec GmbH.     Several of these measures
 include changing defaults to be     more strict, by default simplejson will
 now only consume     and produce compliant JSON, but the flags still exist
 for     any backwards compatibility needs.     No high priority issues were
 discovered, the reference     count leak is thought to be unreachable since
 the digits of the     float are checked before PyOS_string_to_double is
 called.   * Fix invalid handling of unicode escape sequences in the pure    
 Python implementation of the decoder (SJ-PT-23-01)   * Fix missing reference
 count decrease if PyOS_string_to_double     raises an exception in Python
 2.x; was probably unreachable (SJ-     PT-23-02)   * Backport the integer
 string length limitation from Python     3.11 to limit quadratic number
 parsing (SJ-PT-23-03)   * Fix inconsistencies with error messages between the
 C and     Python implementations (SJ-PT-23-100)   * Remove unused unichr
 import from encoder (SJ-PT-23-101)   * Remove unused namedtuple_as_object and
 tuple_as_array     arguments from simplejson.load (SJ-PT-23-102)   * Remove
 vestigial _one_shot code from iterencode (SJ-     PT-23-103)   * Change
 default of allow_nan from True to False and add     allow_nan to decoder
 (SJ-PT-23-107)   * Test the sdist to prevent future regressions   * Fix
 regression in sdist archive

OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-simplejson?expand=0&rev=96
---
 python-simplejson.changes | 33 +++++++++++++++++++++++++++++++++
 python-simplejson.spec    |  2 +-
 simplejson-3.18.1.tar.gz  |  3 ---
 simplejson-3.19.1.tar.gz  |  3 +++
 4 files changed, 37 insertions(+), 4 deletions(-)
 delete mode 100644 simplejson-3.18.1.tar.gz
 create mode 100644 simplejson-3.19.1.tar.gz

diff --git a/python-simplejson.changes b/python-simplejson.changes
index 543d691..8b348fc 100644
--- a/python-simplejson.changes
+++ b/python-simplejson.changes
@@ -1,3 +1,36 @@
+-------------------------------------------------------------------
+Thu May  4 20:11:39 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- update to 3.19.1:
+  * This release contains security hardening measures based on
+    recommendations by a security audit sponsored by OSTIF and
+    conducted by X41 D-Sec GmbH.
+    Several of these measures include changing defaults to be
+    more strict, by default simplejson will now only consume 
+    and produce compliant JSON, but the flags still exist for
+    any backwards compatibility needs.
+    No high priority issues were discovered, the reference
+    count leak is thought to be unreachable since the digits of the
+    float are checked before PyOS_string_to_double is called.
+  * Fix invalid handling of unicode escape sequences in the pure
+    Python implementation of the decoder (SJ-PT-23-01)
+  * Fix missing reference count decrease if PyOS_string_to_double
+    raises an exception in Python 2.x; was probably unreachable (SJ-
+    PT-23-02)
+  * Backport the integer string length limitation from Python
+    3.11 to limit quadratic number parsing (SJ-PT-23-03)
+  * Fix inconsistencies with error messages between the C and
+    Python implementations (SJ-PT-23-100)
+  * Remove unused unichr import from encoder (SJ-PT-23-101)
+  * Remove unused namedtuple_as_object and tuple_as_array
+    arguments from simplejson.load (SJ-PT-23-102)
+  * Remove vestigial _one_shot code from iterencode (SJ-
+    PT-23-103)
+  * Change default of allow_nan from True to False and add
+    allow_nan to decoder (SJ-PT-23-107)
+  * Test the sdist to prevent future regressions
+  * Fix regression in sdist archive
+
 -------------------------------------------------------------------
 Fri Apr 21 12:34:05 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
diff --git a/python-simplejson.spec b/python-simplejson.spec
index 638356b..38bdc8e 100644
--- a/python-simplejson.spec
+++ b/python-simplejson.spec
@@ -19,7 +19,7 @@
 %{?!python_module:%define python_module() python-%{**} python3-%{**}}
 %{?sle15_python_module_pythons}
 Name:           python-simplejson
-Version:        3.18.1
+Version:        3.19.1
 Release:        0
 Summary:        Extensible JSON encoder/decoder for Python
 License:        AFL-2.1 OR MIT
diff --git a/simplejson-3.18.1.tar.gz b/simplejson-3.18.1.tar.gz
deleted file mode 100644
index d7f53c3..0000000
--- a/simplejson-3.18.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:746086e3ef6d74b53599df31b491d88a355abf2e31c837137dd90f8c4561cafa
-size 83603
diff --git a/simplejson-3.19.1.tar.gz b/simplejson-3.19.1.tar.gz
new file mode 100644
index 0000000..826b3bf
--- /dev/null
+++ b/simplejson-3.19.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:6277f60848a7d8319d27d2be767a7546bc965535b28070e310b3a9af90604a4c
+size 85207