Your message dated Fri, 26 Sep 2025 15:05:49 +0000
with message-id <[email protected]>
and subject line Bug#1108457: fixed in python-shodan 1.31.0-2
has caused the Debian Bug report #1108457,
regarding python-shodan: Drop python3-click dependency
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1108457: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108457
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: python-shodan
Version: 1.31.0-1
Severity: important
Tags: upstream patch forky sid
Control: block 1108453 by -1
Control: forwarded -1 https://github.com/achillean/shodan-python/pull/241
Dear Maintainer,
Please drop the python3-click-plugins dependency, the package will be removed
during the forky development cycle.
Upstream ended maintenance of click-plugins and now recommends users to vendor
it, the attached patch does so.
Kind Regards,
Bas
diff -Nru python-shodan-1.31.0/debian/patches/pr241-click-plugins.patch
python-shodan-1.31.0/debian/patches/pr241-click-plugins.patch
--- python-shodan-1.31.0/debian/patches/pr241-click-plugins.patch
1970-01-01 01:00:00.000000000 +0100
+++ python-shodan-1.31.0/debian/patches/pr241-click-plugins.patch
2025-06-29 09:05:53.000000000 +0200
@@ -0,0 +1,284 @@
+Description: Vendor click-plugins, PyPI package no longer maintained.
+Author: Bas Couwenberg <[email protected]>
+Bug: https://github.com/achillean/shodan-python/pull/241
+
+--- a/requirements.txt
++++ b/requirements.txt
+@@ -1,7 +1,6 @@
+ click
+-click-plugins
+ colorama
+ requests>=2.2.1
+ XlsxWriter
+ ipaddress;python_version<='2.7'
+-tldextract
+\ No newline at end of file
++tldextract
+--- a/shodan/__main__.py
++++ b/shodan/__main__.py
+@@ -49,7 +49,6 @@ from shodan.cli.helpers import async_spi
+ from shodan.cli.host import HOST_PRINT
+
+ # Allow 3rd-parties to develop custom commands
+-from click_plugins import with_plugins
+ from pkg_resources import iter_entry_points
+
+ # Large subcommands are stored in separate modules
+@@ -57,6 +56,7 @@ from shodan.cli.alert import alert
+ from shodan.cli.data import data
+ from shodan.cli.organization import org
+ from shodan.cli.scan import scan
++from shodan.click_plugins import with_plugins
+
+
+ # Make "-h" work like "--help"
+--- /dev/null
++++ b/shodan/click_plugins.py
+@@ -0,0 +1,247 @@
++# This file is part of 'click-plugins':
https://github.com/click-contrib/click-plugins
++#
++# New BSD License
++#
++# Copyright (c) 2015-2025, Kevin D. Wurster, Sean C. Gillies
++# All rights reserved.
++#
++# Redistribution and use in source and binary forms, with or without
++# modification, are permitted provided that the following conditions are met:
++#
++# * Redistributions of source code must retain the above copyright notice,
this
++# list of conditions and the following disclaimer.
++#
++# * Redistributions in binary form must reproduce the above copyright notice,
++# this list of conditions and the following disclaimer in the documentation
++# and/or other materials provided with the distribution.
++#
++# * Neither click-plugins nor the names of its contributors may not be used to
++# endorse or promote products derived from this software without specific
prior
++# written permission.
++#
++# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
++# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
++# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
ARE
++# DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE LIABLE
++# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
++# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
++# SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER
++# CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
LIABILITY,
++# OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE
USE
++# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
++
++
++"""Support CLI plugins with click and entry points.
++
++See :func:`with_plugins`.
++"""
++
++
++import importlib.metadata
++import os
++import sys
++import traceback
++
++import click
++
++
++__version__ = '2.0'
++
++
++def with_plugins(entry_points):
++
++ """Decorator for loading and attaching plugins to a ``click.Group()``.
++
++ Plugins are loaded from an ``importlib.metadata.EntryPoint()``. Each entry
++ point must point to a ``click.Command()``. An entry point that fails to
++ load will be wrapped in a ``BrokenCommand()`` to allow the CLI user to
++ discover and potentially debug the problem.
++
++ >>> from importlib.metadata import entry_points
++ >>>
++ >>> import click
++ >>> from click_plugins import with_plugins
++ >>>
++ >>> @with_plugins('group_name')
++ >>> @click.group()
++ >>> def group():
++ ... '''Group'''
++ >>>
++ >>> @with_plugins(entry_points('group_name'))
++ >>> @click.group()
++ >>> def group():
++ ... '''Group'''
++ >>>
++ >>> @with_plugins(importlib.metadata.EntryPoint(...))
++ >>> @click.group()
++ >>> def group():
++ ... '''Group'''
++ >>>
++ >>> @with_plugins("group1")
++ >>> @with_plugins("group2")
++ >>> def group():
++ ... '''Group'''
++
++ :param str or EntryPoint or sequence[EntryPoint] entry_points:
++ Entry point group name, a single ``importlib.metadata.EntryPoint()``,
++ or a sequence of ``EntryPoint()``s.
++
++ :rtype function:
++ """
++
++ # Note that the explicit full path reference to:
++ #
++ # importlib.metadata.entry_points()
++ #
++ # in this function allows the call to be mocked in the tests. Replacing
++ # with:
++ #
++ # from importlib.metadata import entry_points
++ #
++ # breaks this ability.
++
++ def decorator(group):
++ if not isinstance(group, click.Group):
++ raise TypeError(
++ f"plugins can only be attached to an instance of"
++ f" 'click.Group()' not: {repr(group)}")
++
++ # Load 'EntryPoint()' objects.
++ if isinstance(entry_points, str):
++
++ # Older versions of Python do not support filtering.
++ if sys.version_info >= (3, 10):
++ all_entry_points = importlib.metadata.entry_points(
++ group=entry_points)
++
++ else:
++ all_entry_points = importlib.metadata.entry_points()
++ all_entry_points = all_entry_points[entry_points]
++
++ # A single 'importlib.metadata.EntryPoint()'
++ elif isinstance(entry_points, importlib.metadata.EntryPoint):
++ all_entry_points = [entry_points]
++
++ # Sequence of 'EntryPoints()'.
++ else:
++ all_entry_points = entry_points
++
++ for ep in all_entry_points:
++
++ try:
++ group.add_command(ep.load())
++
++ # Catch all exceptions (technically not 'BaseException') and
++ # instead register a special 'BrokenCommand()'. Otherwise, a
single
++ # plugin that fails to load and/or register will make the CLI
++ # inoperable. 'BrokenCommand()' explains the situation to users.
++ except Exception as e:
++ group.add_command(BrokenCommand(ep, e))
++
++ return group
++
++ return decorator
++
++
++class BrokenCommand(click.Command):
++
++ """Represents a plugin ``click.Command()`` that failed to load.
++
++ Can be executed just like a ``click.Command()``, but prints information
++ for debugging and exits with an error code.
++ """
++
++ def __init__(self, entry_point, exception):
++
++ """
++ :param importlib.metadata.EntryPoint entry_point:
++ Entry point that failed to load.
++ :param Exception exception:
++ Raised when attempting to load the entry point associated with
++ this instance.
++ """
++
++ super().__init__(entry_point.name)
++
++ # There are several ways to get a traceback from an exception, but
++ # 'TracebackException()' seems to be the most portable across actively
++ # supported versions of Python.
++ tbe = traceback.TracebackException.from_exception(exception)
++
++ # A message for '$ cli command --help'. Contains full traceback and a
++ # helpful note. The intention is to nudge users to figure out which
++ # project should get a bug report since users are likely to report the
++ # issue to the developers of the CLI utility they are directly
++ # interacting with. These are not necessarily the right developers.
++ self.help = (
++ "{ls}ERROR: entry point '{module}:{name}' could not be loaded."
++ " Contact its author for help.{ls}{ls}{tb}").format(
++ module=_module(entry_point),
++ name=entry_point.name,
++ ls=os.linesep,
++ tb=''.join(tbe.format())
++ )
++
++ # Replace the broken command's summary with a warning about how it
++ # was not loaded successfully. The idea is that '$ cli --help' should
++ # include a clear indicator that a subcommand is not functional, and
++ # a little hint for what to do about it. U+2020 is a "dagger", whose
++ # modern use typically indicates a footnote.
++ self.short_help = (
++ f"\u2020 Warning: could not load plugin. Invoke command with"
++ f" '--help' for traceback."
++ )
++
++ def invoke(self, ctx):
++
++ """Print traceback and debugging message.
++
++ :param click.Context ctx:
++ Active context.
++ """
++
++ click.echo(self.help, color=ctx.color, err=True)
++ ctx.exit(1)
++
++ def parse_args(self, ctx, args):
++
++ """Pass arguments along without parsing.
++
++ :param click.Context ctx:
++ Active context.
++ :param list args:
++ List of command line arguments.
++ """
++
++ # Do not attempt to parse these arguments. We do not know why the
++ # entry point failed to load, but it is reasonable to assume that
++ # argument parsing will not work. Ultimately the goal is to get the
++ # 'Command.invoke()' method (overloaded in this class) to execute
++ # and provide the user with a bit of debugging information.
++
++ return args
++
++
++def _module(ep):
++
++ """Module name for a given entry point.
++
++ Parameters
++ ----------
++ ep : importlib.metadata.EntryPoint
++ Determine parent module for this entry point.
++
++ Returns
++ -------
++ str
++ """
++
++ if sys.version_info >= (3, 10):
++ module = ep.module
++
++ else:
++ # From 'importlib.metadata.EntryPoint.module'.
++ match = ep.pattern.match(ep.value)
++ module = match.group('module')
++
++ return module
diff -Nru python-shodan-1.31.0/debian/patches/series
python-shodan-1.31.0/debian/patches/series
--- python-shodan-1.31.0/debian/patches/series 1970-01-01 01:00:00.000000000
+0100
+++ python-shodan-1.31.0/debian/patches/series 2025-06-29 09:02:39.000000000
+0200
@@ -0,0 +1 @@
+pr241-click-plugins.patch
--- End Message ---
--- Begin Message ---
Source: python-shodan
Source-Version: 1.31.0-2
Done: Alexandre Detiste <[email protected]>
We believe that the bug you reported is fixed in the latest version of
python-shodan, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Alexandre Detiste <[email protected]> (supplier of updated python-shodan package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Fri, 26 Sep 2025 16:01:43 +0200
Source: python-shodan
Architecture: source
Version: 1.31.0-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Python Team <[email protected]>
Changed-By: Alexandre Detiste <[email protected]>
Closes: 1108457
Changes:
python-shodan (1.31.0-2) unstable; urgency=medium
.
* Team Upload
* Use dh-sequence-python3
* Trim noise from debian/rules
.
[ Bas Couwenberg ]
* vendor python3-click-plugins (Closes: #1108457)
Checksums-Sha1:
46616f2b2b5875df7e4f05c27ce18340898a3f60 2201 python-shodan_1.31.0-2.dsc
6591fb275978345d9e6af51354e6c1539f977ca5 7732
python-shodan_1.31.0-2.debian.tar.xz
68bc22907188131c579875d2f133574a1300a64d 7798
python-shodan_1.31.0-2_source.buildinfo
Checksums-Sha256:
01654f6d0ccf7a3295bab6fc52814762b30e941e6dbf4b0ae7917d4291f63320 2201
python-shodan_1.31.0-2.dsc
b89db02e5a17a87f7f14873a8f165072174e6bad8319209d207c596891578101 7732
python-shodan_1.31.0-2.debian.tar.xz
9569828210d171fca200a6e745afb61f93b237cc4246947c9f117010b8c5e19d 7798
python-shodan_1.31.0-2_source.buildinfo
Files:
86ae7a777248c47829016694cfb43268 2201 python optional
python-shodan_1.31.0-2.dsc
febb0542c0d8a6f35c1bb7f264856ead 7732 python optional
python-shodan_1.31.0-2.debian.tar.xz
ad724a79683ded38eb5369f4192aa6ee 7798 python optional
python-shodan_1.31.0-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJFBAEBCgAvFiEEj23hBDd/OxHnQXSHMfMURUShdBoFAmjWnpQRHHRjaGV0QGRl
Ymlhbi5vcmcACgkQMfMURUShdBrFYA//ZO1GwyV8MYoY7kqltuz+rmsLCWKgQS+Z
8TA7+U9HvjsNKW8fzX1Bd8mj7KfrQxPxy7pA7GugB6FBt6FWBTi9PGGIPGoO/jOq
mU+WRvBWrt6ze0smZkA+cwMEqMsqPKdZHkLU99Ud5MJQXYeAJXztSCTV+uueYnfH
LD2VjQSB5/1mqlSYW1C4BUYqINf4dCg+zQFGyL4mE5aHQA6a8doTnZreQX07LSb4
2zo+t8+PJrInIhT3CrzTrxTka0flpH2YfNztaJp8foJrfq3rePV0LMf9bFcsGC/b
IAHj9OLAZ9VW1aksBdVgCVcLncXy23Nge1beJfjeLDWcdlSVQp7x3ww3re//+AGn
6rpXSY0GM7uDE/fWs2L3oqTdSlUpg4vEjp/LaAIKhrXp9TZDISVssikUyWB0C3Av
A5MM231z3e4DZCAdqGPSd2ZQoW1nhfj7GOWcu0F10ODwCebRhrZ9rRu3N6J+tUXo
+MNc0K7GJ6/fnzX6jg5V1Up4y91SyIYuZ+mvFhZcB3PNMglvakCuhl6/qoAvqr5p
QOIdf3yqBArzC6FucZmG6q0yshwWST1RvYlpq56p2r67mtdEK1h0UmhqM00orgpZ
drUHlWZoBZCiq5mQeGD3GXwDsZdKKUSkFKSiYhFI5IGlBspWIaw/wWO1Q+YusYsK
yCt0nvBAooU=
=t7Px
-----END PGP SIGNATURE-----
pgpJDqrhOnKzH.pgp
Description: PGP signature
--- End Message ---
