Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-asteval for openSUSE:Factory checked in at 2023-02-17 16:45:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-asteval (Old) and /work/SRC/openSUSE:Factory/.python-asteval.new.22824 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-asteval" Fri Feb 17 16:45:13 2023 rev:14 rq:1066270 version:0.9.29 Changes: -------- --- /work/SRC/openSUSE:Factory/python-asteval/python-asteval.changes 2022-12-02 15:47:28.736586910 +0100 +++ /work/SRC/openSUSE:Factory/.python-asteval.new.22824/python-asteval.changes 2023-02-17 16:45:25.427004133 +0100 @@ -1,0 +2,6 @@ +Thu Feb 16 21:08:13 UTC 2023 - Dirk Müller <[email protected]> + +- update to 0.9.29: + * bug fixes + +------------------------------------------------------------------- Old: ---- asteval-0.9.28.tar.gz New: ---- asteval-0.9.29.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-asteval.spec ++++++ --- /var/tmp/diff_new_pack.asyZkX/_old 2023-02-17 16:45:25.975007219 +0100 +++ /var/tmp/diff_new_pack.asyZkX/_new 2023-02-17 16:45:25.983007264 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-asteval # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %{?!python_module:%define python_module() python3-%{**}} %define skip_python2 1 Name: python-asteval -Version: 0.9.28 +Version: 0.9.29 Release: 0 Summary: Safe, minimalistic evaluator of python expression using ast module License: MIT ++++++ asteval-0.9.28.tar.gz -> asteval-0.9.29.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/.github/workflows/macos_numpy.yml new/asteval-0.9.29/.github/workflows/macos_numpy.yml --- old/asteval-0.9.28/.github/workflows/macos_numpy.yml 2022-11-06 17:17:20.000000000 +0100 +++ new/asteval-0.9.29/.github/workflows/macos_numpy.yml 2023-02-11 22:53:15.000000000 +0100 @@ -24,4 +24,4 @@ - name: Test with pytest run: | cd tests - pytest + python -m pytest diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/.github/workflows/ubuntu_nonumpy.yml new/asteval-0.9.29/.github/workflows/ubuntu_nonumpy.yml --- old/asteval-0.9.28/.github/workflows/ubuntu_nonumpy.yml 2022-11-06 17:17:56.000000000 +0100 +++ new/asteval-0.9.29/.github/workflows/ubuntu_nonumpy.yml 2023-02-11 22:53:15.000000000 +0100 @@ -29,4 +29,4 @@ - name: Test with pytest run: | cd tests - pytest + python -m pytest diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/.github/workflows/ubuntu_numpy.yml new/asteval-0.9.29/.github/workflows/ubuntu_numpy.yml --- old/asteval-0.9.28/.github/workflows/ubuntu_numpy.yml 2022-11-06 17:17:46.000000000 +0100 +++ new/asteval-0.9.29/.github/workflows/ubuntu_numpy.yml 2023-02-11 22:53:15.000000000 +0100 @@ -31,7 +31,7 @@ - name: Test with pytest run: | cd tests - pytest - pytest --cov=./ --cov-report=xml + python -m pytest + python -m pytest --cov=./ --cov-report=xml - name: upload coverage report to codecov uses: codecov/codecov-action@v2 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/.github/workflows/windows_numpy.yml new/asteval-0.9.29/.github/workflows/windows_numpy.yml --- old/asteval-0.9.28/.github/workflows/windows_numpy.yml 2022-11-06 17:18:04.000000000 +0100 +++ new/asteval-0.9.29/.github/workflows/windows_numpy.yml 2023-02-11 22:53:15.000000000 +0100 @@ -24,4 +24,4 @@ - name: Test with pytest run: | cd tests - pytest + python -m pytest diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/PKG-INFO new/asteval-0.9.29/PKG-INFO --- old/asteval-0.9.28/PKG-INFO 2022-11-07 22:53:36.137773000 +0100 +++ new/asteval-0.9.29/PKG-INFO 2023-02-11 22:53:22.561889400 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: asteval -Version: 0.9.28 +Version: 0.9.29 Summary: Safe, minimalistic evaluator of python expression using ast module Home-page: https://github.com/newville/asteval Author: Matthew Newville @@ -18,6 +18,7 @@ Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 Classifier: Programming Language :: Python :: 3.10 +Classifier: Programming Language :: Python :: 3.11 Classifier: Programming Language :: Python :: Implementation :: PyPy Requires-Python: >=3.7 Provides-Extra: dev diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/asteval/astutils.py new/asteval-0.9.29/asteval/astutils.py --- old/asteval-0.9.28/asteval/astutils.py 2022-09-01 17:44:55.000000000 +0200 +++ new/asteval-0.9.29/asteval/astutils.py 2023-02-11 22:53:15.000000000 +0100 @@ -177,10 +177,13 @@ numpy_deprecated = ['str', 'bool', 'int', 'float', 'complex', 'pv', 'rate', 'pmt', 'ppmt', 'npv', 'nper', 'long', 'mirr', 'fv', 'irr', 'ipmt'] + # aliases deprecated in NumPy v1.24.0 + numpy_deprecated += ['int0', 'uint0', 'bool8'] + FROM_NUMPY = tuple(set(FROM_NUMPY) - set(numpy_deprecated)) FROM_NUMPY = tuple(sym for sym in FROM_NUMPY if hasattr(numpy, sym)) - NUMPY_RENAMES = {sym: value for sym, value in NUMPY_RENAMES.items() if hasattr(numpy, sym)} + NUMPY_RENAMES = {sym: value for sym, value in NUMPY_RENAMES.items() if hasattr(numpy, value)} NUMPY_TABLE = {} for sym in FROM_NUMPY: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/asteval/version.py new/asteval-0.9.29/asteval/version.py --- old/asteval-0.9.28/asteval/version.py 2022-11-07 22:53:36.000000000 +0100 +++ new/asteval-0.9.29/asteval/version.py 2023-02-11 22:53:22.000000000 +0100 @@ -1,5 +1,4 @@ -# coding: utf-8 # file generated by setuptools_scm # don't change, don't track in version control -__version__ = version = '0.9.28' -__version_tuple__ = version_tuple = (0, 9, 28) +__version__ = version = '0.9.29' +__version_tuple__ = version_tuple = (0, 9, 29) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/asteval.egg-info/PKG-INFO new/asteval-0.9.29/asteval.egg-info/PKG-INFO --- old/asteval-0.9.28/asteval.egg-info/PKG-INFO 2022-11-07 22:53:36.000000000 +0100 +++ new/asteval-0.9.29/asteval.egg-info/PKG-INFO 2023-02-11 22:53:22.000000000 +0100 @@ -1,6 +1,6 @@ Metadata-Version: 2.1 Name: asteval -Version: 0.9.28 +Version: 0.9.29 Summary: Safe, minimalistic evaluator of python expression using ast module Home-page: https://github.com/newville/asteval Author: Matthew Newville @@ -18,6 +18,7 @@ Classifier: Programming Language :: Python :: 3.8 Classifier: Programming Language :: Python :: 3.9 Classifier: Programming Language :: Python :: 3.10 +Classifier: Programming Language :: Python :: 3.11 Classifier: Programming Language :: Python :: Implementation :: PyPy Requires-Python: >=3.7 Provides-Extra: dev diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/doc/index.rst new/asteval-0.9.29/doc/index.rst --- old/asteval-0.9.28/doc/index.rst 2022-05-24 17:52:03.000000000 +0200 +++ new/asteval-0.9.29/doc/index.rst 2023-02-11 22:53:15.000000000 +0100 @@ -32,15 +32,14 @@ These differences and absences include: 1. Variable and function symbol names are held in a simple symbol - table - a single dictionary - giving a flat namespace. + table, giving a flat namespace. 2. creating classes is not allowed. 3. importing modules is not allowed. - 4. f-strings, function decorators, generators, yield, type hint, and - `lambda` are not supported. - 5. Many builtin functions (:py:func:`eval`, :py:func:`execfile`, - :py:func:`getattr`, :py:func:`hasattr`, :py:func:`setattr`, and - :py:func:`delattr`) are not allowed. - 6. Accessing several private object attributes that can provide access to + 4. f-strings, decorators, generators, type hints, `yield`, `with` blocks, + and `lambda` are not supported. + 5. Many builtin functions (:py:func:`eval`, :py:func:`getattr`, + :py:func:`hasattr`, :py:func:`setattr`, and :py:func:`delattr`) are not allowed. + 6. Accessing many object attributes that can provide access to the python interpreter are not allowed. The resulting "asteval language" acts very much like miniature version of diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/doc/installation.rst new/asteval-0.9.29/doc/installation.rst --- old/asteval-0.9.28/doc/installation.rst 2022-11-06 17:34:40.000000000 +0100 +++ new/asteval-0.9.29/doc/installation.rst 2023-02-11 22:53:15.000000000 +0100 @@ -13,19 +13,23 @@ higher, there are no required dependencies outside of the standard library. Python 3.7 does require the `importlib_metadata` package. If available, Asteval will make use of the `numpy`_ module. The test suite -requires the `pytest` and `coverage modules, and building the documentation -requires the `sphinx` package. +requires the `pytest` and `coverage` modules, and building the documentation +requires the `sphinx`. The latest stable version of asteval is |release|. -Versions 0.9.28 and later support and are tested with Python 3.7 through -3.11. There are no immediate plans to drop support Python 3.7. Python versions -have generally been supported until they are past the end-of-maintenance period -for security fixes. Supporting new versions of the Python 3 series is -generally not too much work, but may not be guaranteed until after release of -that version. +Versions 0.9.28 and later support and are automatically tested with Python 3.7 +through 3.11. Python versions have generally been supported by `asteval` until +they are well past the end of security fixes - there are no immediate plans to +drop support for Python 3.7. Support for new versions of the Python 3 series +is not gauranteed until some time after the official release of that version, +as we may not start testing until late in the "beta" period of development. +Historically, the delay has not been too long, though `asteval` may not support +newly introduced language features. -The last version of asteval to support Python 2.7 was version 0.9.17. +The last version of asteval to support Python 2.7 was version 0.9.17. It +should not be used and cannot be supported, but the code may be of historical +interest. Download and Installation ~~~~~~~~~~~~~~~~~~~~~~~~~~~ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/doc/motivation.rst new/asteval-0.9.29/doc/motivation.rst --- old/asteval-0.9.28/doc/motivation.rst 2022-05-24 17:52:03.000000000 +0200 +++ new/asteval-0.9.29/doc/motivation.rst 2023-02-11 22:53:15.000000000 +0100 @@ -70,9 +70,8 @@ * importing modules. Neither 'import' nor '__import__' are supported. * create classes or modules. - * access to Python's :py:func:`eval`, :py:func:`execfile`, - :py:func:`getattr`, :py:func:`hasattr`, :py:func:`setattr`, and - :py:func:`delattr`. + * access to Python's :py:func:`eval`, :py:func:`getattr`, :py:func:`hasattr`, + :py:func:`setattr`, and :py:func:`delattr`. * accessing object attributes that begin and end with `__`, the so-called ``dunder`` attributes. This will include (but is not limited to `__globals__`, `__code__`, `__func__`, `__self__`, `__module__`, @@ -86,11 +85,11 @@ `gi_code`, `gi_frame`, `f_locals` While this approach of making a blacklist cannot be guaranteed to be complete, -it does eliminate entire classes of attacks known to seg-fault the Python. +it does eliminate entire classes of attacks known to be able to seg-fault the Python. It should be noted that asteval will typically expose numpy ufuncs from the numpy module, and several of these can seg-fault Python without too much -trouble. If you're paranoid about safe user input that can never cause a +trouble. If you are paranoid about safe user input that can never cause a segmentation fault, you may want to consider disabling the use of numpy entirely. @@ -117,16 +116,16 @@ executing that statement may take more than 1 hour on some machines. In short, runtime cannot be determined lexically. -This double exponential example also demonstrates there is not a good way -to check for a long-running calculation within a single Python process. -That calculation is not stuck within the Python interpreter, in Python's C -C-code (no doubt calling the `pow()` function) called by the Python -interpreter itself. That call will not return to the Python interpreter or -allow other threads to run until that call is done. That means that from -within a single process, there is not a foolproof way to tell `asteval` (or -really, even Python) when a calculation has taken too long. The most -reliable way to limit run time is to have a second process watching the -execution time of the asteval process and interrupt or kill it. +This double exponential example also demonstrates there is not a good way to +check for a long-running calculation within a single Python process. That +calculation is not stuck within the Python interpreter, but in Python's C +C-code (no doubt calling the `pow()` function) called by the Python interpreter +itself. That call will not return to the Python interpreter or allow other +threads to run until that call is done. That means that from within a single +process, there is not a reliable way to tell `asteval` (or really, even Python) +when a calculation has taken too long. The only reliable way to limit run time +is to have a second process watching the execution time of the asteval process +and either try to interrupt it or kill it. For a limited range of problems, you can try to avoid asteval taking too long. For example, you may try to limit the *recursion limit* when diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/setup.cfg new/asteval-0.9.29/setup.cfg --- old/asteval-0.9.28/setup.cfg 2022-11-07 22:53:36.138263500 +0100 +++ new/asteval-0.9.29/setup.cfg 2023-02-11 22:53:22.562415800 +0100 @@ -23,6 +23,7 @@ Programming Language :: Python :: 3.8 Programming Language :: Python :: 3.9 Programming Language :: Python :: 3.10 + Programming Language :: Python :: 3.11 Programming Language :: Python :: Implementation :: PyPy project_urls = Source = https://github.com/newville/asteval diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/asteval-0.9.28/tests/test_asteval.py new/asteval-0.9.29/tests/test_asteval.py --- old/asteval-0.9.28/tests/test_asteval.py 2022-09-01 18:31:10.000000000 +0200 +++ new/asteval-0.9.29/tests/test_asteval.py 2023-02-11 22:53:15.000000000 +0100 @@ -989,6 +989,14 @@ assert_allclose(x1, 0.50, rtol=0.001) assert_allclose(x2, 0.866025, rtol=0.001) assert_allclose(x3, 1.00, rtol=0.001) + + + def test_numpy_renames_in_custom_symtable(self): + """test that numpy renamed functions are in symtable""" + if HAS_NUMPY: + sym_table = make_symbol_table() + + assert "ln" in sym_table def test_readonly_symbols(self):
