Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-treq for openSUSE:Factory checked in at 2022-06-08 14:24:43 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-treq (Old) and /work/SRC/openSUSE:Factory/.python-treq.new.1548 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-treq" Wed Jun 8 14:24:43 2022 rev:9 rq:981187 version:22.2.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-treq/python-treq.changes 2022-02-03 23:18:57.119602993 +0100 +++ /work/SRC/openSUSE:Factory/.python-treq.new.1548/python-treq.changes 2022-06-08 14:25:03.376512427 +0200 @@ -1,0 +2,17 @@ +Tue Jun 7 16:22:40 UTC 2022 - Marcus Rueckert <[email protected]> + +- Update to 22.2.0 + - Features + - Python 3.10 and PyPy 3.8 are now supported. (`#338 + <https://github.com/twisted/treq/issues/338>`__) + - Bugfixes + - Address a regression introduced in Treq 22.1.0 that prevented + transmission of cookies with requests to ports other than 80, + including HTTPS (443). (`#343 + <https://github.com/twisted/treq/issues/343>`__) + - Deprecations and Removals + - Support for Python 3.6, which has reached end of support, is + deprecated. This is the last release with support for Python + 3.6. (`#338 <https://github.com/twisted/treq/issues/338>`__) + +------------------------------------------------------------------- Old: ---- treq-22.1.0.tar.gz New: ---- treq-22.2.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-treq.spec ++++++ --- /var/tmp/diff_new_pack.0RPxc1/_old 2022-06-08 14:25:03.820512978 +0200 +++ /var/tmp/diff_new_pack.0RPxc1/_new 2022-06-08 14:25:03.824512982 +0200 @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} %define skip_python2 1 Name: python-treq -Version: 22.1.0 +Version: 22.2.0 Release: 0 Summary: HTTP library inspired by python-requests License: MIT ++++++ treq-22.1.0.tar.gz -> treq-22.2.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/CHANGELOG.rst new/treq-22.2.0/CHANGELOG.rst --- old/treq-22.1.0/CHANGELOG.rst 2022-01-30 06:30:37.000000000 +0100 +++ new/treq-22.2.0/CHANGELOG.rst 2022-02-09 08:16:41.000000000 +0100 @@ -8,13 +8,34 @@ .. towncrier release notes start +22.2.0 (2022-02-08) +=================== + +Features +-------- + +- Python 3.10 and PyPy 3.8 are now supported. (`#338 <https://github.com/twisted/treq/issues/338>`__) + + +Bugfixes +-------- + +- Address a regression introduced in Treq 22.1.0 that prevented transmission of cookies with requests to ports other than 80, including HTTPS (443). (`#343 <https://github.com/twisted/treq/issues/343>`__) + + +Deprecations and Removals +------------------------- + +- Support for Python 3.6, which has reached end of support, is deprecated. This is the last release with support for Python 3.6. (`#338 <https://github.com/twisted/treq/issues/338>`__) + + 22.1.0 (2022-01-29) =================== Bugfixes -------- -- Cookies specified as a dict were sent to every domain, not just the domain of the request, potentially exposing them on redirect. See `GHSA-fhpf-pp6p-55qc <https://github.com/twisted/treq/security/advisories/GHSA-fhpf-pp6p-55qc>`_. (`#339 <https://github.com/twisted/treq/issues/339>`__) +- Cookies specified as a dict were sent to every domain, not just the domain of the request, potentially exposing them on redirect. See `GHSA-fhpf-pp6p-55qc <https://github.com/twisted/treq/security/advisories/GHSA-fhpf-pp6p-55qc>`_. (`#339 <https://github.com/twisted/treq/issues/339>`__, CVE-2022-23607) 21.5.0 (2021-05-24) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/PKG-INFO new/treq-22.2.0/PKG-INFO --- old/treq-22.1.0/PKG-INFO 2022-01-30 06:33:19.654744600 +0100 +++ new/treq-22.2.0/PKG-INFO 2022-02-09 08:20:41.575750400 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: treq -Version: 22.1.0 +Version: 22.2.0 Summary: High-level Twisted HTTP Client API Home-page: https://github.com/twisted/treq Author: David Reid @@ -19,6 +19,7 @@ Classifier: Programming Language :: Python :: 3.7 Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 +Classifier: Programming Language :: Python :: 3.10 Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Requires-Python: >=3.6 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/docs/index.rst new/treq-22.2.0/docs/index.rst --- old/treq-22.1.0/docs/index.rst 2021-12-29 05:05:59.000000000 +0100 +++ new/treq-22.2.0/docs/index.rst 2022-02-09 07:55:36.000000000 +0100 @@ -83,12 +83,10 @@ +----------------------------------+----------+----------+ | Connection Timeouts | yes | yes | +----------------------------------+----------+----------+ -| HTTP(S) Proxy Support | yes | no | +| HTTP(S) Proxy Support | yes | no | +----------------------------------+----------+----------+ | .netrc support | yes | no | +----------------------------------+----------+----------+ -| Python 2.7 | yes | yes | -+----------------------------------+----------+----------+ | Python 3.x | yes | yes | +----------------------------------+----------+----------+ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/setup.py new/treq-22.2.0/setup.py --- old/treq-22.1.0/setup.py 2022-01-30 06:07:21.000000000 +0100 +++ new/treq-22.2.0/setup.py 2022-02-09 07:55:36.000000000 +0100 @@ -11,6 +11,7 @@ "Programming Language :: Python :: 3.7", "Programming Language :: Python :: 3.8", "Programming Language :: Python :: 3.9", + "Programming Language :: Python :: 3.10", "Programming Language :: Python :: Implementation :: CPython", "Programming Language :: Python :: Implementation :: PyPy", ] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/src/treq/_version.py new/treq-22.2.0/src/treq/_version.py --- old/treq-22.1.0/src/treq/_version.py 2022-01-30 06:27:47.000000000 +0100 +++ new/treq-22.2.0/src/treq/_version.py 2022-02-09 08:15:32.000000000 +0100 @@ -7,5 +7,5 @@ from incremental import Version -__version__ = Version("treq", 22, 1, 0) +__version__ = Version("treq", 22, 2, 0) __all__ = ["__version__"] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/src/treq/client.py new/treq-22.2.0/src/treq/client.py --- old/treq-22.1.0/src/treq/client.py 2022-01-30 06:13:50.000000000 +0100 +++ new/treq-22.2.0/src/treq/client.py 2022-02-09 07:54:50.000000000 +0100 @@ -60,7 +60,7 @@ (url_object.scheme == "https" and url_object.port == 443) or (url_object.scheme == "http" and url_object.port == 80) ) - port = str(url_object.port) + port = str(url_object.port) if port_specified else None domain = url_object.host netscape_domain = domain if '.' in domain else domain + '.local' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/src/treq/test/test_testing.py new/treq-22.2.0/src/treq/test/test_testing.py --- old/treq-22.1.0/src/treq/test/test_testing.py 2022-01-30 06:13:50.000000000 +0100 +++ new/treq-22.2.0/src/treq/test/test_testing.py 2022-02-09 07:54:50.000000000 +0100 @@ -327,10 +327,10 @@ sid_4 = self.successResultOf(resp.content()) self.assertEqual(sid_3, sid_4) - def test_different_domains(self): + def test_cookies_not_sent_to_different_domains(self): """ Cookies manually specified as part of a dictionary are not relayed - through redirects. + through redirects to different domains. (This is really more of a test for scoping of cookies within treq itself, rather than just for testing.) @@ -345,6 +345,50 @@ received = self.successResultOf(resp.json()) self.assertNotIn('not-across-redirect', received.get('Cookie', [''])[0]) + def test_cookies_sent_for_same_domain(self): + """ + Cookies manually specified as part of a dictionary are relayed + through redirects to the same domain. + + (This is really more of a test for scoping of cookies within treq + itself, rather than just for testing.) + """ + rsrc = _RedirectResource() + stub = StubTreq(rsrc) + d = stub.request( + "GET", "https://example.org/";, + cookies={'sent-to-same-domain': 'yes'} + ) + resp = self.successResultOf(d) + received = self.successResultOf(resp.json()) + self.assertIn('sent-to-same-domain', received.get('Cookie', [''])[0]) + + def test_cookies_sent_with_explicit_port(self): + """ + Cookies will be sent for URLs that specify a non-default port for their scheme. + + (This is really more of a test for scoping of cookies within treq + itself, rather than just for testing.) + """ + rsrc = _RedirectResource() + stub = StubTreq(rsrc) + + d = stub.request( + "GET", "http://example.org:8080/redirected";, + cookies={'sent-to-non-default-port': 'yes'} + ) + resp = self.successResultOf(d) + received = self.successResultOf(resp.json()) + self.assertIn('sent-to-non-default-port', received.get('Cookie', [''])[0]) + + d = stub.request( + "GET", "https://example.org:8443/redirected";, + cookies={'sent-to-non-default-port': 'yes'} + ) + resp = self.successResultOf(d) + received = self.successResultOf(resp.json()) + self.assertIn('sent-to-non-default-port', received.get('Cookie', [''])[0]) + class HasHeadersTests(TestCase): """ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/treq-22.1.0/src/treq.egg-info/PKG-INFO new/treq-22.2.0/src/treq.egg-info/PKG-INFO --- old/treq-22.1.0/src/treq.egg-info/PKG-INFO 2022-01-30 06:33:19.000000000 +0100 +++ new/treq-22.2.0/src/treq.egg-info/PKG-INFO 2022-02-09 08:20:41.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: treq -Version: 22.1.0 +Version: 22.2.0 Summary: High-level Twisted HTTP Client API Home-page: https://github.com/twisted/treq Author: David Reid @@ -19,6 +19,7 @@ Classifier: Programming Language :: Python :: 3.7 Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 +Classifier: Programming Language :: Python :: 3.10 Classifier: Programming Language :: Python :: Implementation :: CPython Classifier: Programming Language :: Python :: Implementation :: PyPy Requires-Python: >=3.6
