Hello community, here is the log from the commit of package python-django-silk for openSUSE:Factory checked in at 2019-09-17 13:37:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-django-silk (Old) and /work/SRC/openSUSE:Factory/.python-django-silk.new.7948 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-django-silk" Tue Sep 17 13:37:29 2019 rev:4 rq:731213 version:3.0.4 Changes: -------- --- /work/SRC/openSUSE:Factory/python-django-silk/python-django-silk.changes 2019-04-30 13:05:57.289904510 +0200 +++ /work/SRC/openSUSE:Factory/.python-django-silk.new.7948/python-django-silk.changes 2019-09-17 13:37:31.401841766 +0200 @@ -1,0 +2,10 @@ +Mon Sep 16 09:19:52 UTC 2019 - Tomáš Chvátal <[email protected]> + +- Update to 3.0.4: + * templates: limit select width to its container one #351 (xrmx) + * Clean up RemovedInDjango30Warning with {% load staticfiles %} #353 (devmonkey22) + * Simplify pattern masking and handle dicts #355 (Chris7) + * Fix masking sensitive data in batch JSON request #342 (nikolaik) + * Fix project url on PyPi #343 (luzfcb) + +------------------------------------------------------------------- Old: ---- django-silk-3.0.2.tar.gz New: ---- django-silk-3.0.4.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-django-silk.spec ++++++ --- /var/tmp/diff_new_pack.EDW8tX/_old 2019-09-17 13:37:32.005841670 +0200 +++ /var/tmp/diff_new_pack.EDW8tX/_new 2019-09-17 13:37:32.005841670 +0200 @@ -18,7 +18,7 @@ %{?!python_module:%define python_module() python-%{**} python3-%{**}} Name: python-django-silk -Version: 3.0.2 +Version: 3.0.4 Release: 0 Summary: Profiling for the Django Framework License: MIT ++++++ django-silk-3.0.2.tar.gz -> django-silk-3.0.4.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/.travis.yml new/django-silk-3.0.4/.travis.yml --- old/django-silk-3.0.2/.travis.yml 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/.travis.yml 2019-09-05 18:47:21.000000000 +0200 @@ -70,10 +70,7 @@ - if [[ "$DB" = "mysql" ]]; then pip install mysqlclient; fi - if [[ "$DB" = "mysql" ]]; then mysql -e 'create database mysql_db;'; fi script: -- cd project -- "./tests/test_migrations.sh" -- python manage.py test --noinput -- cd - +- "./project/run_tests.sh" deploy: provider: pypi user: jazzband diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/CHANGELOG.md new/django-silk-3.0.4/CHANGELOG.md --- old/django-silk-3.0.2/CHANGELOG.md 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/CHANGELOG.md 2019-09-05 18:47:21.000000000 +0200 @@ -1,5 +1,33 @@ # Change Log +## [3.0.4](https://github.com/jazzband/django-silk/tree/3.0.4) (2019-08-12) + +[Full Changelog](https://github.com/jazzband/django-silk/compare/3.0.2...3.0.4) + +**Implemented enhancements:** + +- templates: limit select width to its container one [\#351](https://github.com/jazzband/django-silk/pull/351) ([xrmx](https://github.com/xrmx)) +- Clean up RemovedInDjango30Warning with {% load staticfiles %} [\#353](https://github.com/jazzband/django-silk/pull/353) ([devmonkey22](https://github.com/devmonkey22)) +- Simplify pattern masking and handle dicts [\#355](https://github.com/jazzband/django-silk/pull/355) ([Chris7](https://github.com/Chris7)) + +**Fixed bugs:** + +- Fix masking sensitive data in batch JSON request [\#342](https://github.com/jazzband/django-silk/pull/342) ([nikolaik](https://github.com/nikolaik)) +- Fix project url on PyPi [\#343](https://github.com/jazzband/django-silk/pull/343) ([luzfcb](https://github.com/luzfcb)) + +**Closed issues:** + +- Clean up RemovedInDjango30Warning warning re `load staticfiles` in Django 2.1+ [\#352](https://github.com/jazzband/django-silk/issues/352) + +**Merged pull requests:** + +- Fix masking sensitive data in batch JSON request [\#342](https://github.com/jazzband/django-silk/pull/342) ([nikolaik](https://github.com/nikolaik)) +- Fix project url on PyPi [\#343](https://github.com/jazzband/django-silk/pull/343) ([luzfcb](https://github.com/luzfcb)) +- templates: limit select width to its container one [\#351](https://github.com/jazzband/django-silk/pull/351) ([xrmx](https://github.com/xrmx)) +- Clean up RemovedInDjango30Warning with {% load staticfiles %} [\#353](https://github.com/jazzband/django-silk/pull/353) ([devmonkey22](https://github.com/devmonkey22)) +- Simplify pattern masking and handle dicts [\#355](https://github.com/jazzband/django-silk/pull/355) ([Chris7](https://github.com/Chris7)) + + ## [3.0.2](https://github.com/jazzband/django-silk/tree/3.0.2) (2019-04-23) [Full Changelog](https://github.com/jazzband/django-silk/compare/3.0.1...3.0.2) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/Dockerfile new/django-silk-3.0.4/Dockerfile --- old/django-silk-3.0.2/Dockerfile 1970-01-01 01:00:00.000000000 +0100 +++ new/django-silk-3.0.4/Dockerfile 2019-09-05 18:47:21.000000000 +0200 @@ -0,0 +1,20 @@ +FROM python:3.6-alpine +MAINTAINER Jazz Band + +# Some system dependencies +RUN apk update -qq && apk add build-base jpeg-dev zlib-dev + +ENV APP_HOME=/usr/src/silk +RUN mkdir -p $APP_HOME + +WORKDIR $APP_HOME + +COPY project/test-requirements.txt ./ +RUN pip3 install -r test-requirements.txt + +COPY setup.py setup.cfg README.md ./ +COPY silk silk +COPY project project +RUN pip3 install -e . + +CMD ["project/run_tests.sh"] diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/docker/docker-compose.yml new/django-silk-3.0.4/docker/docker-compose.yml --- old/django-silk-3.0.2/docker/docker-compose.yml 1970-01-01 01:00:00.000000000 +0100 +++ new/django-silk-3.0.4/docker/docker-compose.yml 2019-09-05 18:47:21.000000000 +0200 @@ -0,0 +1,13 @@ +version: '2' + +services: + silk: + build: + context: .. + dockerfile: Dockerfile + volumes: + - ../project:/usr/src/silk/project + - ../silk:/usr/src/silk/silk + environment: + DB: sqlite3 + DB_NAME: db.sqlite3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/package.json new/django-silk-3.0.4/package.json --- old/django-silk-3.0.2/package.json 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/package.json 2019-09-05 18:47:21.000000000 +0200 @@ -1,6 +1,6 @@ { "name": "silk", - "version": "3.0.1", + "version": "3.0.4", "description": "https://github.com/jazzband/django-silk";, "main": "index.js", "directories": { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/project/run_tests.sh new/django-silk-3.0.4/project/run_tests.sh --- old/django-silk-3.0.2/project/run_tests.sh 1970-01-01 01:00:00.000000000 +0100 +++ new/django-silk-3.0.4/project/run_tests.sh 2019-09-05 18:47:21.000000000 +0200 @@ -0,0 +1,6 @@ +#!/bin/sh +set -ev + +cd "$(dirname "$0")" +python manage.py migrate --noinput +python manage.py test --noinput diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/project/tests/test_sensitive_data_in_request.py new/django-silk-3.0.4/project/tests/test_sensitive_data_in_request.py --- old/django-silk-3.0.2/project/tests/test_sensitive_data_in_request.py 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/project/tests/test_sensitive_data_in_request.py 2019-09-05 18:47:21.000000000 +0200 @@ -23,6 +23,7 @@ mock_request.get = mock_request.META.get factory = RequestModelFactory(mock_request) body, raw_body = factory.body() + self.assertIn('testunmasked', raw_body) self.assertNotIn('test_username', raw_body) self.assertNotIn('testpassword', raw_body) @@ -43,3 +44,32 @@ self.assertNotIn('test_username', body) self.assertNotIn('testpassword', body) + for datum in [json.loads(body), json.loads(raw_body)]: + self.assertEqual(datum['username'], RequestModelFactory.CLEANSED_SUBSTITUTE) + self.assertEqual(datum['password'], RequestModelFactory.CLEANSED_SUBSTITUTE) + self.assertEqual(datum['x'], 'testunmasked') + + def test_password_in_batched_json(self): + mock_request = Mock() + mock_request.META = {DJANGO_META_CONTENT_TYPE: 'application/json; charset=UTF-8'} + d = [ + {'x': 'testunmasked', 'username': 'test_username', 'password': 'testpassword'}, + {'x': 'testunmasked', 'username': 'test_username', 'password': 'testpassword'} + ] + mock_request.body = json.dumps(d) + mock_request.get = mock_request.META.get + factory = RequestModelFactory(mock_request) + body, raw_body = factory.body() + self.assertIn('testunmasked', raw_body) + self.assertNotIn('test_username', raw_body) + self.assertNotIn('testpassword', raw_body) + self.assertNotIn('test_username', body[0]) + self.assertNotIn('testpassword', body[0]) + self.assertNotIn('test_username', body[1]) + self.assertNotIn('testpassword', body[1]) + + for data in [json.loads(body), json.loads(raw_body)]: + for datum in data: + self.assertEqual(datum['username'], RequestModelFactory.CLEANSED_SUBSTITUTE) + self.assertEqual(datum['password'], RequestModelFactory.CLEANSED_SUBSTITUTE) + self.assertEqual(datum['x'], 'testunmasked') diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/setup.py new/django-silk-3.0.4/setup.py --- old/django-silk-3.0.2/setup.py 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/setup.py 2019-09-05 18:47:21.000000000 +0200 @@ -21,13 +21,14 @@ setup( name='django-silk', - version='3.0.2', + version='3.0.4', packages=['silk'], include_package_data=True, license='MIT License', description='Silky smooth profiling for the Django Framework', long_description=README, - url='http://www.mtford.co.uk/projects/silk/', + long_description_content_type='text/markdown', + url='https://github.com/jazzband/django-silk', author='Michael Ford', author_email='[email protected]', classifiers=[ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/model_factory.py new/django-silk-3.0.4/silk/model_factory.py --- old/django-silk-3.0.2/silk/model_factory.py 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/model_factory.py 2019-09-05 18:47:21.000000000 +0200 @@ -54,6 +54,8 @@ class RequestModelFactory(object): """Produce Request models from Django request objects""" + # String to replace on masking + CLEANSED_SUBSTITUTE = '********************' def __init__(self, request): super(RequestModelFactory, self).__init__() @@ -91,24 +93,36 @@ """ Mask credentials of potentially sensitive info before saving to db. """ + sensitive_keys = {'username', 'api', 'token', 'key', 'secret', 'password', 'signature'} + key_string = '|'.join(sensitive_keys) + + def replace_pattern_values(obj): + if isinstance(obj, dict): + for key in set(obj.keys()) & sensitive_keys: + obj[key] = RequestModelFactory.CLEANSED_SUBSTITUTE + elif isinstance(obj, list): + for index, item in enumerate(obj): + obj[index] = replace_pattern_values(item) + else: + pattern = re.compile(r'{}'.format(key_string), re.I) + if pattern.search(str(obj)): + return RequestModelFactory.CLEANSED_SUBSTITUTE + return obj + try: json_body = json.loads(body) except Exception as e: - pattern = re.compile(r'(username|api|token|key|secret|password|signature)=(.*?)(&|$)', re.M) + pattern = re.compile(r'({})=(.*?)(&|$)'.format(key_string), re.M) try: results = re.findall(pattern, body) except Exception: Logger.debug('{}'.format(str(e))) else: for res in results: - body = re.sub(res[1], '********************', body) + body = re.sub(res[1], RequestModelFactory.CLEANSED_SUBSTITUTE, body) else: - pattern = re.compile(r'username|api|token|key|secret|password|signature', re.I) - CLEANSED_SUBSTITUTE = '********************' - for key in json_body: - if pattern.search(key): - json_body[key] = CLEANSED_SUBSTITUTE - body = json.dumps(json_body) + body = json.dumps(replace_pattern_values(json_body)) + return body def _body(self, raw_body, content_type): diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/base/base.html new/django-silk-3.0.4/silk/templates/silk/base/base.html --- old/django-silk-3.0.2/silk/templates/silk/base/base.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/base/base.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,4 +1,4 @@ -{% load staticfiles %} +{% load static %} <!DOCTYPE html> <html> <head> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/base/detail_base.html new/django-silk-3.0.4/silk/templates/silk/base/detail_base.html --- old/django-silk-3.0.2/silk/templates/silk/base/detail_base.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/base/detail_base.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,5 +1,5 @@ {% extends 'silk/base/base.html' %} -{% load staticfiles %} +{% load static %} {% block style %} <link rel="stylesheet" href="{% static 'silk/lib/highlight/foundation.css' %}"/> <link rel="stylesheet" href="{% static 'silk/css/heading.css' %}"/> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/base/root_base.html new/django-silk-3.0.4/silk/templates/silk/base/root_base.html --- old/django-silk-3.0.2/silk/templates/silk/base/root_base.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/base/root_base.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,7 +1,7 @@ {% extends "silk/base/base.html" %} {% load silk_nav %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block body_class %} cbp-spmenu-push @@ -189,6 +189,7 @@ select { border-radius: 0; + max-width: 100%; } @media screen and (-webkit-min-device-pixel-ratio: 0) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/cprofile.html new/django-silk-3.0.4/silk/templates/silk/cprofile.html --- old/django-silk-3.0.2/silk/templates/silk/cprofile.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/cprofile.html 2019-09-05 18:47:21.000000000 +0200 @@ -2,7 +2,7 @@ {% load silk_filters %} {% load silk_nav %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block js %} <script type="text/javascript" src="{% static 'silk/lib/viz-lite.js' %}"></script> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/profile_detail.html new/django-silk-3.0.4/silk/templates/silk/profile_detail.html --- old/django-silk-3.0.2/silk/templates/silk/profile_detail.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/profile_detail.html 2019-09-05 18:47:21.000000000 +0200 @@ -2,7 +2,7 @@ {% load silk_filters %} {% load silk_nav %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block js %} <script type="text/javascript" src="{% static 'silk/lib/viz-lite.js' %}"></script> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/profiling.html new/django-silk-3.0.4/silk/templates/silk/profiling.html --- old/django-silk-3.0.2/silk/templates/silk/profiling.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/profiling.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,5 +1,5 @@ {% extends 'silk/base/root_base.html' %} -{% load staticfiles %} +{% load static %} {% load silk_inclusion %} {% block menu %} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/raw.html new/django-silk-3.0.4/silk/templates/silk/raw.html --- old/django-silk-3.0.2/silk/templates/silk/raw.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/raw.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,4 +1,4 @@ -{% load staticfiles %} +{% load static %} <html> <head> <link rel="stylesheet" href="{% static 'silk/css/fonts.css' %}"/> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/request.html new/django-silk-3.0.4/silk/templates/silk/request.html --- old/django-silk-3.0.2/silk/templates/silk/request.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/request.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,7 +1,7 @@ {% extends "silk/base/base.html" %} {% load silk_filters %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block style %} <link rel="stylesheet" href="{% static 'silk/css/cell.css' %}"/> <link rel="stylesheet" href="{% static 'silk/css/numeric.css' %}"/> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/requests.html new/django-silk-3.0.4/silk/templates/silk/requests.html --- old/django-silk-3.0.2/silk/templates/silk/requests.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/requests.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,6 +1,6 @@ {% extends 'silk/base/root_base.html' %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block menu %} {% root_menu request %} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/sql.html new/django-silk-3.0.4/silk/templates/silk/sql.html --- old/django-silk-3.0.2/silk/templates/silk/sql.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/sql.html 2019-09-05 18:47:21.000000000 +0200 @@ -2,7 +2,7 @@ {% load silk_nav %} {% load silk_filters %} -{% load staticfiles %} +{% load static %} {% load silk_inclusion %} {% block js %} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/django-silk-3.0.2/silk/templates/silk/summary.html new/django-silk-3.0.4/silk/templates/silk/summary.html --- old/django-silk-3.0.2/silk/templates/silk/summary.html 2019-04-23 09:49:08.000000000 +0200 +++ new/django-silk-3.0.4/silk/templates/silk/summary.html 2019-09-05 18:47:21.000000000 +0200 @@ -1,6 +1,6 @@ {% extends 'silk/base/root_base.html' %} {% load silk_inclusion %} -{% load staticfiles %} +{% load static %} {% block menu %} {% root_menu request %} {% endblock %}
