Your message dated Sat, 29 May 2021 10:41:59 +0000
with message-id <[email protected]>
and subject line unblock python-ddt
has caused the Debian Bug report #989216,
regarding unblock: python-ddt/1.4.1-2.1
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
989216: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989216
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
X-Debbugs-CC: Thomas Goirand <[email protected]>
Please unblock package python-ddt
Changes:
python-ddt (1.4.1-2.1) unstable; urgency=medium
.
* Non-maintainer upload.
* Patch: Support pyyaml's security patch in 5.3.1-4 (from 5.4 upstream).
(Closes: #989009)
[ Reason ]
Updated python-ddt to build-against pyyaml's recent security update
(#988926)
[ Impact ]
Fixes FTBFS with the new pyyaml.
[ Tests ]
The affected code is the test suite.
[ Risks ]
Change is from upstream, affecting only unit tests, so negligible.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
unblock python-ddt/1.4.1-2.1
diff -Nru python-ddt-1.4.1/debian/changelog python-ddt-1.4.1/debian/changelog
--- python-ddt-1.4.1/debian/changelog 2020-10-14 04:11:28.000000000 -0400
+++ python-ddt-1.4.1/debian/changelog 2021-05-23 11:51:10.000000000 -0400
@@ -1,3 +1,11 @@
+python-ddt (1.4.1-2.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+ * Patch: Support pyyaml's security patch in 5.3.1-4 (from 5.4 upstream).
+ (Closes: #989009)
+
+ -- Stefano Rivera <[email protected]> Sun, 23 May 2021 11:51:10 -0400
+
python-ddt (1.4.1-2) unstable; urgency=medium
* Uploading to unstable.
diff -Nru python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch
python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch
--- python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch 1969-12-31
20:00:00.000000000 -0400
+++ python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch 2021-05-23
11:50:57.000000000 -0400
@@ -0,0 +1,56 @@
+From 97f0a2315736e50f1b34a015447cd751da66ecb6 Mon Sep 17 00:00:00 2001
+From: Dirk Mueller <[email protected]>
+Date: Mon, 25 Jan 2021 22:49:04 +0100
+Subject: [PATCH] Use Yaml's UnsafeLoader for Python embedding tests
+
+In newer PyYAML versions the default FullLoader has
+python/object/* integration removed. One has to use
+UnsafeLoader instead. see this issue for details:
+
+https://github.com/yaml/pyyaml/issues/321
+Bug-Debian: https://bugs.debian.org/989009
+---
+ test/test_example.py | 2 +-
+ test/test_functional.py | 10 +++++-----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+--- a/test/test_example.py
++++ b/test/test_example.py
+@@ -151,7 +151,7 @@
+
+ @ddt
+ class YamlOnlyTestCase(unittest.TestCase):
+- @file_data('data/test_custom_yaml_loader.yaml', yaml.FullLoader)
++ @file_data('data/test_custom_yaml_loader.yaml', yaml.UnsafeLoader)
+ def test_custom_yaml_loader(self, instance, expected):
+ """Test with yaml tags to create specific classes to compare"""
+ self.assertEqual(expected, instance)
+--- a/test/test_functional.py
++++ b/test/test_functional.py
+@@ -427,7 +427,7 @@
+ loader allowing python tags is passed.
+ """
+
+- from yaml import FullLoader
++ from yaml import UnsafeLoader
+ from yaml.constructor import ConstructorError
+
+ def str_to_type(class_name):
+@@ -444,13 +444,13 @@
+ raise AssertionError()
+
+ @ddt
+- class YamlFullLoaderTest(object):
+- @file_data('data/test_functional_custom_tags.yaml', FullLoader)
++ class YamlUnsafeLoaderTest(object):
++ @file_data('data/test_functional_custom_tags.yaml', UnsafeLoader)
+ def test_cls_is_instance(self, instance, expected):
+ assert isinstance(instance, str_to_type(expected))
+
+- tests = list(filter(_is_test, YamlFullLoaderTest.__dict__))
+- obj = YamlFullLoaderTest()
++ tests = list(filter(_is_test, YamlUnsafeLoaderTest.__dict__))
++ obj = YamlUnsafeLoaderTest()
+
+ if not tests:
+ raise AssertionError('No tests have been found.')
diff -Nru python-ddt-1.4.1/debian/patches/series
python-ddt-1.4.1/debian/patches/series
--- python-ddt-1.4.1/debian/patches/series 1969-12-31 20:00:00.000000000
-0400
+++ python-ddt-1.4.1/debian/patches/series 2021-05-23 11:50:33.000000000
-0400
@@ -0,0 +1 @@
+pyyaml-unsafeloader.patch
--- End Message ---
--- Begin Message ---
Unblocked.
--- End Message ---
