Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-httptools for
openSUSE:Factory checked in at 2024-01-07 21:38:53
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-httptools (Old)
and /work/SRC/openSUSE:Factory/.python-httptools.new.28375 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-httptools"
Sun Jan 7 21:38:53 2024 rev:7 rq:1137303 version:0.6.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-httptools/python-httptools.changes
2023-08-18 19:27:33.795230264 +0200
+++
/work/SRC/openSUSE:Factory/.python-httptools.new.28375/python-httptools.changes
2024-01-07 21:38:55.068997417 +0100
@@ -1,0 +2,11 @@
+Sat Jan 6 20:48:58 UTC 2024 - Dirk Müller <dmuel...@suse.com>
+
+- update to 0.6.1:
+ * Explicit Python 3.12 support and build wheels, change min
+ version to 3.8
+ * Do not install the *.c sources in wheels
+- update to 0.6.0 (bsc#1212582, CVE-2023-30589):
+ * Bump bundled llhttp to 8.1.1
+ * Fixes CVE-2023-30589
+
+-------------------------------------------------------------------
Old:
----
httptools-0.5.0.tar.gz
New:
----
httptools-0.6.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-httptools.spec ++++++
--- /var/tmp/diff_new_pack.4lWMTj/_old 2024-01-07 21:38:56.085034376 +0100
+++ /var/tmp/diff_new_pack.4lWMTj/_new 2024-01-07 21:38:56.089034522 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-httptools
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,11 +16,9 @@
#
-%{?!python_module:%define python_module() python3-%{**}}
-%define skip_python2 1
%{?sle15_python_module_pythons}
Name: python-httptools
-Version: 0.5.0
+Version: 0.6.1
Release: 0
Summary: Python framework independent HTTP protocol utils
License: MIT
@@ -29,9 +27,12 @@
Source0:
https://github.com/MagicStack/httptools/archive/v%{version}.tar.gz#/httptools-%{version}.tar.gz
Source1:
https://github.com/nodejs/llhttp/archive/refs/tags/release/v6.0.6.tar.gz#/llhttp-release-v6.0.6.tar.gz
Source2:
https://github.com/nodejs/http-parser/archive/refs/tags/v2.9.4.tar.gz#/http-parser-2.9.4.tar.gz
-BuildRequires: %{python_module Cython >= 0.29.24 with %python-Cython < 3}
+# BuildRequires: %{python_module Cython >= 0.29.24 with %python-Cython < 3}
+BuildRequires: %{python_module Cython}
+BuildRequires: %{python_module pip}
BuildRequires: %{python_module pytest}
BuildRequires: %{python_module setuptools}
+BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
%python_subpackages
@@ -49,13 +50,11 @@
mv vendor/http-parser*/ vendor/http-parser/
%build
-%python_build
+%pyproject_wheel
%install
-%python_install
-%{python_expand rm %{buildroot}%{$python_sitearch}/httptools/parser/*parser.c;
-%fdupes %{buildroot}%{$python_sitearch}
-}
+%pyproject_install
+%python_expand %fdupes %{buildroot}%{$python_sitearch}
%check
%if 0%{suse_version} >= 1550
@@ -67,5 +66,5 @@
%doc README.md
%license LICENSE
%{python_sitearch}/httptools
-%{python_sitearch}/httptools-%{version}*-info
+%{python_sitearch}/httptools-%{version}.dist-info
++++++ httptools-0.5.0.tar.gz -> httptools-0.6.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/httptools-0.5.0/.github/workflows/release.yml
new/httptools-0.6.1/.github/workflows/release.yml
--- old/httptools-0.5.0/.github/workflows/release.yml 2022-09-13
06:55:45.000000000 +0200
+++ new/httptools-0.6.1/.github/workflows/release.yml 2023-10-16
19:30:31.000000000 +0200
@@ -14,7 +14,7 @@
runs-on: ubuntu-latest
steps:
- name: Validate release PR
- uses: edgedb/action-release/validate-pr@master
+ uses:
edgedb/action-release/validate-pr@bae6b9134e872166b43d218dd79397c851c41c9a
id: checkver
with:
require_team: Release Managers
@@ -37,7 +37,7 @@
mkdir -p dist/
echo "${VERSION}" > dist/VERSION
- - uses: actions/upload-artifact@v2
+ - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
# v3.1.3
with:
name: dist
path: dist/
@@ -47,20 +47,20 @@
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 50
submodules: true
- name: Set up Python
- uses: actions/setup-python@v2
+ uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 #
v4.7.1
- name: Build source distribution
run: |
python -m pip install -U setuptools wheel pip
python setup.py sdist
- - uses: actions/upload-artifact@v2
+ - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
# v3.1.3
with:
name: dist
path: dist/*.tar.*
@@ -73,21 +73,17 @@
os: [ubuntu-latest, macos-latest, windows-latest]
cibw_arch: ["auto64", "aarch64", "universal2"]
cibw_python:
- - "cp36-*"
- - "cp37-*"
- "cp38-*"
- "cp39-*"
- "cp310-*"
- "cp311-*"
+ - "cp312-*"
exclude:
- os: ubuntu-latest
cibw_arch: universal2
- os: macos-latest
cibw_arch: aarch64
- os: macos-latest
- cibw_python: "cp36-*"
- cibw_arch: universal2
- - os: macos-latest
cibw_python: "cp37-*"
cibw_arch: universal2
- os: windows-latest
@@ -103,18 +99,18 @@
PIP_DISABLE_PIP_VERSION_CHECK: 1
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 50
submodules: true
- name: Set up QEMU
if: matrix.os == 'ubuntu-latest' && matrix.cibw_arch == 'aarch64'
- uses: docker/setup-qemu-action@v1
+ uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3
# v3.0.0
with:
platforms: arm64
- - uses: pypa/cibuildwheel@v2.9.0
+ - uses: pypa/cibuildwheel@fff9ec32ed25a9c576750c91e06b410ed0c15db7 #
v2.16.2
env:
CIBW_BUILD_VERBOSITY: 1
CIBW_BUILD: ${{ matrix.cibw_python }}
@@ -124,7 +120,7 @@
CIBW_TEST_COMMAND_WINDOWS: "python {project}\\tests\\__init__.py"
CIBW_TEST_SKIP: "*universal2:arm64"
- - uses: actions/upload-artifact@v2
+ - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32
# v3.1.3
with:
name: dist
path: wheelhouse/*.whl
@@ -134,12 +130,12 @@
runs-on: ubuntu-latest
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 5
submodules: false
- - uses: actions/download-artifact@v2
+ - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a
# v3.0.2
with:
name: dist
path: dist/
@@ -152,7 +148,7 @@
rm dist/VERSION
- name: Merge and tag the PR
- uses: edgedb/action-release/merge@master
+ uses:
edgedb/action-release/merge@bae6b9134e872166b43d218dd79397c851c41c9a
with:
github_token: ${{ secrets.RELEASE_BOT_GITHUB_TOKEN }}
ssh_key: ${{ secrets.RELEASE_BOT_SSH_KEY }}
@@ -161,7 +157,7 @@
tag_name: v${{ steps.relver.outputs.version }}
- name: Publish Github Release
- uses: elprans/gh-action-create-release@master
+ uses:
elprans/gh-action-create-release@5f9abb8f0677196a76ea77e64341fa8ca31dad4f
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
with:
@@ -175,7 +171,7 @@
ls -al dist/
- name: Upload to PyPI
- uses: pypa/gh-action-pypi-publish@master
+ uses:
pypa/gh-action-pypi-publish@b7f401de30cb6434a1e19f805ff006643653240e # v1.8.10
with:
user: __token__
password: ${{ secrets.PYPI_TOKEN }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/httptools-0.5.0/.github/workflows/tests.yml
new/httptools-0.6.1/.github/workflows/tests.yml
--- old/httptools-0.5.0/.github/workflows/tests.yml 2022-09-13
06:55:45.000000000 +0200
+++ new/httptools-0.6.1/.github/workflows/tests.yml 2023-10-16
19:30:31.000000000 +0200
@@ -14,26 +14,20 @@
runs-on: ${{ matrix.os }}
strategy:
matrix:
- python-version: ["3.5", "3.6", "3.7", "3.8", "3.9", "3.10",
"3.11.0-rc.2"]
+ python-version: ["3.8", "3.9", "3.10", "3.11", "3.12"]
os: [windows-latest, ubuntu-latest, macos-latest]
- exclude:
- # Python 3.5 is unable to properly
- # find the recent VS tooling
- # https://bugs.python.org/issue30389
- - os: windows-latest
- python-version: 3.5
env:
PIP_DISABLE_PIP_VERSION_CHECK: 1
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@8ade135a41bc03ea155e62e844d188df1ea18608 # v4.1.0
with:
fetch-depth: 50
submodules: true
- name: Check if release PR.
- uses: edgedb/action-release/validate-pr@master
+ uses:
edgedb/action-release/validate-pr@bae6b9134e872166b43d218dd79397c851c41c9a
id: release
with:
github_token: ${{ secrets.RELEASE_BOT_GITHUB_TOKEN }}
@@ -43,7 +37,7 @@
__version__\s*=\s*(?:['"])([[:PEP440:]])(?:['"])
- name: Set up Python ${{ matrix.python-version }}
- uses: actions/setup-python@v2
+ uses: actions/setup-python@65d7f2d534ac1bc67fcd62888c5f4f3d2cb2b236 #
v4.7.1
if: steps.release.outputs.version == 0
with:
python-version: ${{ matrix.python-version }}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/httptools-0.5.0/httptools/_version.py
new/httptools-0.6.1/httptools/_version.py
--- old/httptools-0.5.0/httptools/_version.py 2022-09-13 06:55:45.000000000
+0200
+++ new/httptools-0.6.1/httptools/_version.py 2023-10-16 19:30:31.000000000
+0200
@@ -10,4 +10,4 @@
# supported platforms, publish the packages on PyPI, merge the PR
# to the target branch, create a Git tag pointing to the commit.
-__version__ = '0.5.0'
+__version__ = '0.6.1'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/httptools-0.5.0/setup.py new/httptools-0.6.1/setup.py
--- old/httptools-0.5.0/setup.py 2022-09-13 06:55:45.000000000 +0200
+++ new/httptools-0.6.1/setup.py 2023-10-16 19:30:31.000000000 +0200
@@ -1,8 +1,8 @@
import sys
vi = sys.version_info
-if vi < (3, 5):
- raise RuntimeError('httptools require Python 3.5 or greater')
+if vi < (3, 8):
+ raise RuntimeError('httptools require Python 3.8 or greater')
else:
import os.path
import pathlib
@@ -185,7 +185,7 @@
'Development Status :: 5 - Production/Stable',
],
platforms=['macOS', 'POSIX', 'Windows'],
- python_requires='>=3.5.0',
+ python_requires='>=3.8.0',
zip_safe=False,
author='Yury Selivanov',
author_email='y...@magic.io',
@@ -211,6 +211,7 @@
),
],
include_package_data=True,
+ exclude_package_data={"": ["*.c", "*.h"]},
test_suite='tests.suite',
setup_requires=setup_requires,
extras_require={
