Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-Js2Py for openSUSE:Factory
checked in at 2024-07-01 11:22:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-Js2Py (Old)
and /work/SRC/openSUSE:Factory/.python-Js2Py.new.18349 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-Js2Py"
Mon Jul 1 11:22:19 2024 rev:10 rq:1184231 version:0.74
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-Js2Py/python-Js2Py.changes
2023-04-22 22:03:30.226308147 +0200
+++ /work/SRC/openSUSE:Factory/.python-Js2Py.new.18349/python-Js2Py.changes
2024-07-01 11:23:08.929120320 +0200
@@ -1,0 +2,14 @@
+Mon Jul 1 08:39:07 UTC 2024 - Daniel Garcia <daniel.gar...@suse.com>
+
+- Add CVE-2024-28397.patch upstream patch.
+ (bsc#1226660, gh#PiotrDabkowski/Js2Py#323)
+
+-------------------------------------------------------------------
+Mon Jul 1 08:19:03 UTC 2024 - Daniel Garcia <daniel.gar...@suse.com>
+
+- Run tests
+- Add patches:
+ * remove-python-six.patch, to remove python-six dependency
+ * python312.patch, to make it compatible with python312
+
+-------------------------------------------------------------------
New:
----
CVE-2024-28397.patch
python312.patch
remove-python-six.patch
BETA DEBUG BEGIN:
New:
- Add CVE-2024-28397.patch upstream patch.
(bsc#1226660, gh#PiotrDabkowski/Js2Py#323)
New: * remove-python-six.patch, to remove python-six dependency
* python312.patch, to make it compatible with python312
New:- Add patches:
* remove-python-six.patch, to remove python-six dependency
* python312.patch, to make it compatible with python312
BETA DEBUG END:
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-Js2Py.spec ++++++
--- /var/tmp/diff_new_pack.QioXm7/_old 2024-07-01 11:23:09.429138417 +0200
+++ /var/tmp/diff_new_pack.QioXm7/_new 2024-07-01 11:23:09.429138417 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-Js2Py
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,7 +16,6 @@
#
-%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%{?sle15_python_module_pythons}
Name: python-Js2Py
Version: 0.74
@@ -27,11 +26,17 @@
URL: https://github.com/PiotrDabkowski/Js2Py
Source:
https://files.pythonhosted.org/packages/source/J/Js2Py/Js2Py-%{version}.tar.gz
Source1:
https://raw.githubusercontent.com/PiotrDabkowski/Js2Py/master/LICENSE.md
+# PATCH-FIX-OPENSUSE remove-python-six.patch
+Patch0: remove-python-six.patch
+# PATCH-FIX-UPSTREAM python312.patch gh#PiotrDabkowski/Js2Py#327
+Patch1: python312.patch
+# PATCH-FIX-UPSTREAM CVE-2024-28397.patch gh#PiotrDabkowski/Js2Py#323
+Patch2: CVE-2024-28397.patch
+BuildRequires: %{python_module pyjsparser}
BuildRequires: %{python_module setuptools}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
Requires: python-pyjsparser
-Requires: python-six
Requires: python-tzlocal
BuildArch: noarch
%python_subpackages
@@ -42,7 +47,7 @@
implementation of the JavaScript core, is written in pure Python.
%prep
-%setup -q -n Js2Py-%{version}
+%autosetup -p1 -n Js2Py-%{version}
cp %{SOURCE1} .
%build
@@ -52,10 +57,17 @@
%python_install
%python_expand %fdupes %{buildroot}%{$python_sitelib}
-# no tests in pypi sdist and no tags in github repo
(https://github.com/PiotrDabkowski/Js2Py/issues/100)
+%check
+pushd tests
+touch node_failed.txt
+%{python_expand #
+PYTHONPATH=%{buildroot}%{$python_sitelib} $python run.py
+}
+popd
%files %{python_files}
%doc README.md
%license LICENSE.md
-%{python_sitelib}/*
+%{python_sitelib}/js2py
+%{python_sitelib}/Js2Py-%{version}*-info
++++++ CVE-2024-28397.patch ++++++
Index: Js2Py-0.74/js2py/constructors/jsobject.py
===================================================================
--- Js2Py-0.74.orig/js2py/constructors/jsobject.py
+++ Js2Py-0.74/js2py/constructors/jsobject.py
@@ -48,7 +48,7 @@ class ObjectMethods:
raise MakeError(
'TypeError',
'Object.getOwnPropertyDescriptor called on non-object')
- return obj.own.keys()
+ return list(obj.own.keys())
def create(obj):
if not (obj.is_object() or obj.is_null()):
++++++ python312.patch ++++++
>From fd7df4a91fb08060914c7b1d9e94583d18f3371b Mon Sep 17 00:00:00 2001
From: Felix Yan <felixonm...@archlinux.org>
Date: Wed, 17 Apr 2024 16:47:47 +0300
Subject: [PATCH] Fix bytecode for Python 3.12
`LOAD_ATTR` has been changed in Python 3.12 and it seems reusing the
`LOAD_GLOBAL` logic makes the simple tests passing.
I am not sure if this is correct since I'm pretty new to the code, but
maybe it's still helpful.
---
js2py/translators/translating_nodes.py | 2 +-
js2py/utils/injector.py | 4 +++-
2 files changed, 4 insertions(+), 2 deletions(-)
Index: Js2Py-0.74/js2py/translators/translating_nodes.py
===================================================================
--- Js2Py-0.74.orig/js2py/translators/translating_nodes.py
+++ Js2Py-0.74/js2py/translators/translating_nodes.py
@@ -538,7 +538,7 @@ def TryStatement(type, block, handler, h
if handler:
identifier = handler['param']['name']
holder = 'PyJsHolder_%s_%d' % (to_hex(identifier),
- random.randrange(1e8))
+
random.randrange(six.integer_types[-1](1e8)))
identifier = repr(identifier)
result += 'except PyJsException as PyJsTempException:\n'
# fill in except ( catch ) block and remember to recover holder
variable to its previous state
Index: Js2Py-0.74/js2py/utils/injector.py
===================================================================
--- Js2Py-0.74.orig/js2py/utils/injector.py
+++ Js2Py-0.74/js2py/utils/injector.py
@@ -13,6 +13,7 @@ chr = lambda x: x
# Opcode constants used for comparison and replacecment
LOAD_FAST = opcode.opmap['LOAD_FAST']
LOAD_GLOBAL = opcode.opmap['LOAD_GLOBAL']
+LOAD_ATTR = opcode.opmap['LOAD_ATTR']
STORE_FAST = opcode.opmap['STORE_FAST']
@@ -88,6 +89,7 @@ def append_arguments(code_obj, new_local
(co_names.index(name), varnames.index(name)) for name in new_locals)
is_new_bytecode = sys.version_info >= (3, 11)
+ is_new_load_attr = sys.version_info >= (3, 12)
# Now we modify the actual bytecode
modified = []
drop_future_cache = False
@@ -106,7 +108,7 @@ def append_arguments(code_obj, new_local
# it's one of the globals that we are replacing. Either way,
# update its arg using the appropriate dict.
drop_future_cache = False
- if inst.opcode == LOAD_GLOBAL:
+ if inst.opcode == LOAD_GLOBAL or (is_new_load_attr and inst.opcode ==
LOAD_ATTR):
idx = inst.arg
if is_new_bytecode:
idx = idx // 2
++++++ remove-python-six.patch ++++++
++++ 1111 lines (skipped)
