Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-mechanize for
openSUSE:Factory checked in at 2022-01-24 23:09:48
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-mechanize (Old)
and /work/SRC/openSUSE:Factory/.python-mechanize.new.1938 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-mechanize"
Mon Jan 24 23:09:48 2022 rev:26 rq:948302 version:0.4.7
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-mechanize/python-mechanize.changes
2020-01-22 22:47:06.680601019 +0100
+++
/work/SRC/openSUSE:Factory/.python-mechanize.new.1938/python-mechanize.changes
2022-01-24 23:10:12.246671811 +0100
@@ -1,0 +2,9 @@
+Mon Jan 24 00:57:13 UTC 2022 - Steve Kowalik <[email protected]>
+
+- Update to 0.4.7:
+ * Fix the ~ character being percent escaped when sending URLs to servers.
+ * Python 3.10 compatibility
+ * Fix a bug in the regex used to parse www-authenticate headers that could
+ lead to Denial-of-Service
+
+-------------------------------------------------------------------
Old:
----
mechanize-0.4.5.tar.gz
New:
----
mechanize-0.4.7.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-mechanize.spec ++++++
--- /var/tmp/diff_new_pack.84U9T0/_old 2022-01-24 23:10:12.694668749 +0100
+++ /var/tmp/diff_new_pack.84U9T0/_new 2022-01-24 23:10:12.698668721 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-mechanize
#
-# Copyright (c) 2020 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,11 +19,10 @@
%define modname mechanize
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-mechanize
-Version: 0.4.5
+Version: 0.4.7
Release: 0
Summary: Stateful programmatic web browsing
-License: (BSD-3-Clause OR ZPL-2.1) AND BSD-3-Clause
-Group: Development/Languages/Python
+License: BSD-3-Clause AND (BSD-3-Clause OR ZPL-2.1)
URL: https://github.com/python-mechanize/mechanize
Source:
https://files.pythonhosted.org/packages/source/m/mechanize/%{modname}-%{version}.tar.gz
BuildRequires: %{python_module Twisted}
++++++ mechanize-0.4.5.tar.gz -> mechanize-0.4.7.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/ChangeLog
new/mechanize-0.4.7/ChangeLog
--- old/mechanize-0.4.5/ChangeLog 2019-12-22 10:17:25.000000000 +0100
+++ new/mechanize-0.4.7/ChangeLog 2021-09-19 05:56:17.000000000 +0200
@@ -1,6 +1,15 @@
This isn't really in proper GNU ChangeLog format, it just happens to
look that way.
+2021-09-19 Kovid Goyal
+ * 0.4.7 release
+ * Fix the ~ character being percent escaped when sending URLs to
servers. See RFC 3986.
+
+2021-09-01 Kovid Goyal
+ * 0.4.6 release
+ * Python 3.10 compatibility
+ * Fix a bug in the regex used to parse www-authenticate headers that
could lead to Denial-of-Service
+
2019-12-22 Kovid Goyal
* 0.4.5 release
* Add a set_html() method to the browser object
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/PKG-INFO new/mechanize-0.4.7/PKG-INFO
--- old/mechanize-0.4.5/PKG-INFO 2019-12-22 10:18:31.393247600 +0100
+++ new/mechanize-0.4.7/PKG-INFO 2021-09-19 05:57:11.299341200 +0200
@@ -1,32 +1,12 @@
Metadata-Version: 2.1
Name: mechanize
-Version: 0.4.5
+Version: 0.4.7
Summary: Stateful programmatic web browsing.
Home-page: https://github.com/python-mechanize/mechanize
Author: Kovid Goyal
Author-email: [email protected]
License: BSD
-Download-URL:
https://pypi.python.org/packages/source/m/mechanize/mechanize-0.4.5.tar.gz
-Description: Stateful programmatic web browsing, after Andy Lester's Perl
module
- WWW::Mechanize.
-
- mechanize.Browser implements the urllib2.OpenerDirector interface.
Browser
- objects have state, including navigation history, HTML form state,
cookies,
- etc. The set of features and URL schemes handled by Browser objects is
- configurable. The library also provides an API that is mostly
compatible with
- urllib2: your urllib2 program will likely still work if you replace
"urllib2"
- with "mechanize" everywhere.
-
- Features include: ftp:, http: and file: URL schemes, browser history,
hyperlink
- and HTML form support, HTTP cookies, HTTP-EQUIV and Refresh, Referer
[sic]
- header, robots.txt, redirections, proxies, and Basic and Digest HTTP
- authentication.
-
- Much of the code originally derived from Perl code by Gisle Aas
(libwww-perl),
- Johnny Lee (MSIE Cookie support) and last but not least Andy Lester
- (WWW::Mechanize). urllib2 was written by Jeremy Hylton.
-
-
+Download-URL:
https://pypi.python.org/packages/source/m/mechanize/mechanize-0.4.7.tar.gz
Platform: any
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
@@ -54,3 +34,26 @@
Classifier: Topic :: Text Processing :: Markup :: HTML
Classifier: Topic :: Text Processing :: Markup :: XML
Provides-Extra: fast
+License-File: LICENSE
+
+Stateful programmatic web browsing, after Andy Lester's Perl module
+WWW::Mechanize.
+
+mechanize.Browser implements the urllib2.OpenerDirector interface. Browser
+objects have state, including navigation history, HTML form state, cookies,
+etc. The set of features and URL schemes handled by Browser objects is
+configurable. The library also provides an API that is mostly compatible with
+urllib2: your urllib2 program will likely still work if you replace "urllib2"
+with "mechanize" everywhere.
+
+Features include: ftp:, http: and file: URL schemes, browser history, hyperlink
+and HTML form support, HTTP cookies, HTTP-EQUIV and Refresh, Referer [sic]
+header, robots.txt, redirections, proxies, and Basic and Digest HTTP
+authentication.
+
+Much of the code originally derived from Perl code by Gisle Aas (libwww-perl),
+Johnny Lee (MSIE Cookie support) and last but not least Andy Lester
+(WWW::Mechanize). urllib2 was written by Jeremy Hylton.
+
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/README.rst
new/mechanize-0.4.7/README.rst
--- old/mechanize-0.4.5/README.rst 2019-09-05 10:00:47.000000000 +0200
+++ new/mechanize-0.4.7/README.rst 2020-09-18 03:22:50.000000000 +0200
@@ -35,7 +35,7 @@
.. code-block:: bash
- sudo pip2 install mechanize
+ pip3 install mechanize
To install for development:
@@ -43,7 +43,7 @@
git clone https://github.com/python-mechanize/mechanize.git
cd mechanize
- sudo pip2 install -e .
+ pip3 install -e .
To install manually, simply add the `mechanize` sub-directory somewhere on your
`PYTHONPATH`.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/_clientcookie.py
new/mechanize-0.4.7/mechanize/_clientcookie.py
--- old/mechanize-0.4.5/mechanize/_clientcookie.py 2019-06-03
13:57:53.000000000 +0200
+++ new/mechanize-0.4.7/mechanize/_clientcookie.py 2021-06-12
04:45:11.000000000 +0200
@@ -188,13 +188,22 @@
raise IndexError()
+try:
+ from http.cookiejar import NETSCAPE_MAGIC_RGX, NETSCAPE_HEADER_TEXT
+except ImportError: # python < 3.10
+ NETSCAPE_MAGIC_RGX = MCJ.magic_re
+ NETSCAPE_HEADER_TEXT = MCJ.header
+else:
+ MCJ.header = NETSCAPE_HEADER_TEXT # needed for tests
+
+
class MozillaCookieJar(MCJ):
def _really_load(self, f, filename, ignore_discard, ignore_expires):
now = time.time()
magic = f.readline()
- if not re.search(self.magic_re, magic):
+ if not re.search(NETSCAPE_MAGIC_RGX, magic):
f.close()
raise LoadError(
"%r does not look like a Netscape format cookies file" %
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/_gzip.py
new/mechanize-0.4.7/mechanize/_gzip.py
--- old/mechanize-0.4.5/mechanize/_gzip.py 2019-06-03 13:57:53.000000000
+0200
+++ new/mechanize-0.4.7/mechanize/_gzip.py 2021-08-01 06:46:45.000000000
+0200
@@ -185,10 +185,10 @@
def http_request(self, request):
if self.request_gzip:
existing = [
- x.strip()
+ x.strip().lower()
for x in request.get_header('Accept-Encoding', '').split(',')
]
- if sum('gzip' in x for x in existing) < 1:
+ if 'gzip' not in existing:
existing.append('gzip')
request.add_header("Accept-Encoding",
', '.join(filter(None, existing)))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/_response.py
new/mechanize-0.4.7/mechanize/_response.py
--- old/mechanize-0.4.5/mechanize/_response.py 2019-12-22 04:27:48.000000000
+0100
+++ new/mechanize-0.4.7/mechanize/_response.py 2019-12-29 03:25:48.000000000
+0100
@@ -425,20 +425,22 @@
def test_response(data='test data',
- headers=[],
+ headers=(),
url=None,
code=200,
msg="OK"):
- return make_response(data, headers, url, code, msg)
+ return make_response(data, list(headers), url, code, msg)
+
+
+_html_header = [("Content-type", "text/html")]
def test_html_response(data='test data',
- headers=[],
+ headers=(),
url=None,
code=200,
msg="OK"):
- headers += [("Content-type", "text/html")]
- return make_response(data, headers, url, code, msg)
+ return make_response(data, list(headers) + _html_header, url, code, msg)
def make_response(data, headers, url=None, code=200, msg="OK"):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/_urllib2_fork.py
new/mechanize-0.4.7/mechanize/_urllib2_fork.py
--- old/mechanize-0.4.5/mechanize/_urllib2_fork.py 2019-11-06
15:58:03.000000000 +0100
+++ new/mechanize-0.4.7/mechanize/_urllib2_fork.py 2021-09-19
05:45:38.000000000 +0200
@@ -138,7 +138,7 @@
b"ABCDEFGHIJKLMNOPQRSTUVWXYZ" b"abcdefghijklmnopqrstuvwxyz"
b"0123456789._!-"
))
USERINFO_CHARS = ZONE_ID_CHARS | set(bytearray(b"$&'()*+,;=:"))
-PATH_CHARS = USERINFO_CHARS | set(bytearray(b'@/'))
+PATH_CHARS = USERINFO_CHARS | set(bytearray(b'@/~'))
QUERY_CHARS = FRAGMENT_CHARS = PATH_CHARS | {ord(b"?")}
@@ -875,8 +875,15 @@
# allow for double- and single-quoted realm values
# (single quotes are a violation of the RFC, but appear in the wild)
- rx = re.compile('(?:.*,)*[ \t]*([^ \t]+)[ \t]+'
- 'realm=(["\'])(.*?)\\2', re.I)
+ rx = re.compile('(?:^|,)' # start of the string or ','
+ '[ \t]*' # optional whitespaces
+ '([^ \t,]+)' # scheme like "Basic"
+ '[ \t]+' # mandatory whitespaces
+ # realm=xxx
+ # realm='xxx'
+ # realm="xxx"
+ 'realm=(["\']?)([^"\']*)\\2',
+ re.I)
# XXX could pre-emptively send auth info already accepted (RFC 2617,
# end of section 2, and section 1.2 immediately after "credentials"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/_version.py
new/mechanize-0.4.7/mechanize/_version.py
--- old/mechanize-0.4.5/mechanize/_version.py 2019-12-22 10:17:38.000000000
+0100
+++ new/mechanize-0.4.7/mechanize/_version.py 2021-09-19 05:56:35.000000000
+0200
@@ -1,2 +1,2 @@
-"0.4.5"
-__version__ = (0, 4, 5, None, None)
+"0.4.7"
+__version__ = (0, 4, 7, None, None)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize/polyglot.py
new/mechanize-0.4.7/mechanize/polyglot.py
--- old/mechanize-0.4.5/mechanize/polyglot.py 2019-11-17 11:18:43.000000000
+0100
+++ new/mechanize-0.4.7/mechanize/polyglot.py 2021-09-19 05:37:27.000000000
+0200
@@ -63,10 +63,10 @@
from urllib.robotparser import RobotFileParser
from urllib.parse import (
urlsplit, urljoin, urlparse, urlunparse, urlencode, quote_plus,
- unquote, unwrap
+ unquote, unwrap, quote
)
from urllib.request import (
- pathname2url, quote, addinfourl, install_opener, build_opener,
+ pathname2url, addinfourl, install_opener, build_opener,
ProxyHandler, urlopen as _urlopen, getproxies, ftpwrapper,
proxy_bypass as urllib_proxy_bypass, url2pathname, Request)
from http.client import (
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/mechanize.egg-info/PKG-INFO
new/mechanize-0.4.7/mechanize.egg-info/PKG-INFO
--- old/mechanize-0.4.5/mechanize.egg-info/PKG-INFO 2019-12-22
10:18:31.000000000 +0100
+++ new/mechanize-0.4.7/mechanize.egg-info/PKG-INFO 2021-09-19
05:57:11.000000000 +0200
@@ -1,32 +1,12 @@
Metadata-Version: 2.1
Name: mechanize
-Version: 0.4.5
+Version: 0.4.7
Summary: Stateful programmatic web browsing.
Home-page: https://github.com/python-mechanize/mechanize
Author: Kovid Goyal
Author-email: [email protected]
License: BSD
-Download-URL:
https://pypi.python.org/packages/source/m/mechanize/mechanize-0.4.5.tar.gz
-Description: Stateful programmatic web browsing, after Andy Lester's Perl
module
- WWW::Mechanize.
-
- mechanize.Browser implements the urllib2.OpenerDirector interface.
Browser
- objects have state, including navigation history, HTML form state,
cookies,
- etc. The set of features and URL schemes handled by Browser objects is
- configurable. The library also provides an API that is mostly
compatible with
- urllib2: your urllib2 program will likely still work if you replace
"urllib2"
- with "mechanize" everywhere.
-
- Features include: ftp:, http: and file: URL schemes, browser history,
hyperlink
- and HTML form support, HTTP cookies, HTTP-EQUIV and Refresh, Referer
[sic]
- header, robots.txt, redirections, proxies, and Basic and Digest HTTP
- authentication.
-
- Much of the code originally derived from Perl code by Gisle Aas
(libwww-perl),
- Johnny Lee (MSIE Cookie support) and last but not least Andy Lester
- (WWW::Mechanize). urllib2 was written by Jeremy Hylton.
-
-
+Download-URL:
https://pypi.python.org/packages/source/m/mechanize/mechanize-0.4.7.tar.gz
Platform: any
Classifier: Development Status :: 5 - Production/Stable
Classifier: Intended Audience :: Developers
@@ -54,3 +34,26 @@
Classifier: Topic :: Text Processing :: Markup :: HTML
Classifier: Topic :: Text Processing :: Markup :: XML
Provides-Extra: fast
+License-File: LICENSE
+
+Stateful programmatic web browsing, after Andy Lester's Perl module
+WWW::Mechanize.
+
+mechanize.Browser implements the urllib2.OpenerDirector interface. Browser
+objects have state, including navigation history, HTML form state, cookies,
+etc. The set of features and URL schemes handled by Browser objects is
+configurable. The library also provides an API that is mostly compatible with
+urllib2: your urllib2 program will likely still work if you replace "urllib2"
+with "mechanize" everywhere.
+
+Features include: ftp:, http: and file: URL schemes, browser history, hyperlink
+and HTML form support, HTTP cookies, HTTP-EQUIV and Refresh, Referer [sic]
+header, robots.txt, redirections, proxies, and Basic and Digest HTTP
+authentication.
+
+Much of the code originally derived from Perl code by Gisle Aas (libwww-perl),
+Johnny Lee (MSIE Cookie support) and last but not least Andy Lester
+(WWW::Mechanize). urllib2 was written by Jeremy Hylton.
+
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/test/test_html.py
new/mechanize-0.4.7/test/test_html.py
--- old/mechanize-0.4.5/test/test_html.py 2019-12-22 04:27:48.000000000
+0100
+++ new/mechanize-0.4.7/test/test_html.py 2019-12-29 03:23:59.000000000
+0100
@@ -67,6 +67,11 @@
class MiscTests(TestCase):
+ def test_util_func(self):
+ headers1 = str(test_html_response('').info())
+ headers2 = str(test_html_response('').info())
+ self.assertEqual(headers1, headers2)
+
def test_link_parsing(self):
def get_first_link_text(html):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/mechanize-0.4.5/test/test_urllib2.py
new/mechanize-0.4.7/test/test_urllib2.py
--- old/mechanize-0.4.5/test/test_urllib2.py 2019-12-22 04:27:48.000000000
+0100
+++ new/mechanize-0.4.7/test/test_urllib2.py 2021-09-19 05:47:39.000000000
+0200
@@ -24,7 +24,7 @@
HTTPCookieProcessor, HTTPRefererProcessor, \
HTTPErrorProcessor, HTTPHandler
from mechanize import OpenerDirector, build_opener, Request
-from mechanize._urllib2_fork import AbstractHTTPHandler, normalize_url
+from mechanize._urllib2_fork import AbstractHTTPHandler, normalize_url,
AbstractBasicAuthHandler
from mechanize._util import write_file
import mechanize._response
@@ -69,6 +69,10 @@
self.assertEqual(
mechanize._urllib2_fork.parse_http_list(string), list)
+ def test_parse_authreq(self):
+ for bad in (",,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,,",):
+ self.assertIsNone(AbstractBasicAuthHandler.rx.search(bad))
+
def test_request_headers_dict():
"""
@@ -1867,11 +1871,11 @@
self.assertEqual("POST", self.get.get_method())
def test_get_full_url(self):
- self.assertEqual("http://www.python.org/%7Ejeremy/";,
+ self.assertEqual("http://www.python.org/~jeremy/";,
self.get.get_full_url())
def test_selector(self):
- self.assertEqual("/%7Ejeremy/", self.get.get_selector())
+ self.assertEqual("/~jeremy/", self.get.get_selector())
req = Request("http://www.python.org/";)
self.assertEqual("/", req.get_selector())
