Hello community,
here is the log from the commit of package python-jupyter-core for
openSUSE:Factory checked in at 2020-02-29 21:18:25
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-jupyter-core (Old)
and /work/SRC/openSUSE:Factory/.python-jupyter-core.new.26092 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-jupyter-core"
Sat Feb 29 21:18:25 2020 rev:2 rq:778848 version:4.6.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-jupyter-core/python-jupyter-core.changes
2019-11-22 10:22:33.953323961 +0100
+++
/work/SRC/openSUSE:Factory/.python-jupyter-core.new.26092/python-jupyter-core.changes
2020-02-29 21:18:28.586048430 +0100
@@ -1,0 +2,19 @@
+Mon Feb 24 15:37:51 UTC 2020 - Todd R <[email protected]>
+
+- Update to 4.6.3
+ * Changed windows secure_write path to skip all filesystem
+ permission checks when running in insecure mode. Too many
+ exception paths existed for mounted file systems to reliably
+ try to set them before opting out with the insecure write
+ pattern.
+- Update to 4.6.2
+ * Add ability to allow insecure writes with
+ JUPYTER_ALLOW_INSECURE_WRITES environement variable.
+ * Docs typo and build fixes
+ * Added python 3.7 and 3.8 builds to testing
+- Implement tests via multibuild
+- Drop doc subpackage. This was only around to resolve dependency
+ cycles in testing, which the multibuild now does. Keeping up
+ with rapid changes in readthedocs was becoming difficult.
+
+-------------------------------------------------------------------
Old:
----
jupyter-core.pdf
jupyter-core.zip
jupyter_core-4.6.1.tar.gz
python-jupyter-core-doc.changes
python-jupyter-core-doc.spec
New:
----
_multibuild
jupyter_core-4.6.3.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-jupyter-core.spec ++++++
--- /var/tmp/diff_new_pack.Nrm9dy/_old 2020-02-29 21:18:29.486048000 +0100
+++ /var/tmp/diff_new_pack.Nrm9dy/_new 2020-02-29 21:18:29.486048000 +0100
@@ -1,7 +1,7 @@
#
# spec file for package python-jupyter-core
#
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -16,10 +16,19 @@
#
+%global flavor @BUILD_FLAVOR@%{nil}
+%if "%{flavor}" == "test"
+%define psuffix -test
+%bcond_without test
+%else
+%define psuffix %{nil}
+%bcond_with test
+%endif
+
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%define oldpython python
-Name: python-jupyter-core
-Version: 4.6.1
+Name: python-jupyter-core%{psuffix}
+Version: 4.6.3
Release: 0
Summary: Base package on which Jupyter projects rely
License: BSD-3-Clause
@@ -40,11 +49,17 @@
Recommends: python-ipython
Provides: python-jupyter_core = %{version}
Obsoletes: python-jupyter_core < %{version}
+BuildArch: noarch
%ifpython2
Provides: %{oldpython}-jupyter_core = %{version}
Obsoletes: %{oldpython}-jupyter_core < %{version}
%endif
-BuildArch: noarch
+%if %{with test}
+BuildRequires: %{python_module jupyter-core}
+BuildRequires: %{python_module nose}
+BuildRequires: %{python_module pytest}
+BuildRequires: python-mock
+%endif
%python_subpackages
%description
@@ -61,10 +76,12 @@
%package -n jupyter-jupyter-core
Summary: Base package on which Jupyter projects rely
Group: Development/Languages/Python
-Requires: python3-jupyter_core = %{version}
Requires: jupyter-notebook-filesystem
+Requires: python3-jupyter_core = %{version}
Provides: jupyter-jupyter_core = %{version}
Obsoletes: jupyter-jupyter_core < %{version}
+Provides: jupyter-jupyter-core-doc = %{version}
+Obsoletes: jupyter-jupyter-core-doc < %{version}
%description -n jupyter-jupyter-core
Core common functionality of Jupyter projects.
@@ -90,6 +107,7 @@
%python_build
%install
+%if !%{with test}
%python_install
%{python_expand chmod a+x
%{buildroot}%{$python_sitelib}/jupyter_core/troubleshoot.py
@@ -98,7 +116,18 @@
$python -O -m compileall -d %{$python_sitelib}
%{buildroot}%{$python_sitelib}/jupyter_core/
%fdupes %{buildroot}%{$python_sitelib}
}
+%endif
+%if %{with test}
+%check
+# test_migrate requires files not found in the package
+pushd jupyter_core/tests
+rm test_migrate.py
+%pytest
+popd
+%endif
+
+%if !%{with test}
%files %{python_files}
%license COPYING.md
%{python_sitelib}/jupyter.py*
@@ -112,5 +141,6 @@
%{_bindir}/jupyter
%{_bindir}/jupyter-migrate
%{_bindir}/jupyter-troubleshoot
+%endif
%changelog
++++++ _multibuild ++++++
<multibuild>
<package>test</package>
</multibuild>
++++++ jupyter_core-4.6.1.tar.gz -> jupyter_core-4.6.3.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/PKG-INFO
new/jupyter_core-4.6.3/PKG-INFO
--- old/jupyter_core-4.6.1/PKG-INFO 2019-10-24 06:10:36.000000000 +0200
+++ new/jupyter_core-4.6.3/PKG-INFO 2020-02-18 19:13:42.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 1.2
Name: jupyter_core
-Version: 4.6.1
+Version: 4.6.3
Summary: Jupyter core package. A base package on which Jupyter projects rely.
Home-page: https://jupyter.org
Author: Jupyter Development Team
@@ -16,6 +16,4 @@
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.3
-Classifier: Programming Language :: Python :: 3.4
-Requires-Python: >=2.7, !=3.0, !=3.1, !=3.2
+Requires-Python: !=3.0,!=3.1,!=3.2,!=3.3,!=3.4,>=2.7
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/docs/changelog.rst
new/jupyter_core-4.6.3/docs/changelog.rst
--- old/jupyter_core-4.6.1/docs/changelog.rst 2019-10-24 06:08:45.000000000
+0200
+++ new/jupyter_core-4.6.3/docs/changelog.rst 2020-02-18 19:12:27.000000000
+0100
@@ -4,6 +4,26 @@
4.6
---
+4.6.3
+~~~~~
+
+`on
+GitHub <https://github.com/jupyter/jupyter_core/releases/tag/4.6.3>`__
+
+- Changed windows secure_write path to skip all filesystem permission checks
when running in insecure mode.
+ Too many exception paths existed for mounted file systems to reliably try to
set them before opting out with the insecure write pattern.
+
+
+4.6.2
+~~~~~
+
+`on
+GitHub <https://github.com/jupyter/jupyter_core/releases/tag/4.6.2>`__
+
+- Add ability to allow insecure writes with JUPYTER_ALLOW_INSECURE_WRITES
environement variable (:ghpull:`182`).
+- Docs typo and build fixes
+- Added python 3.7 and 3.8 builds to testing
+
4.6.1
~~~~~
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/jupyter_core/application.py
new/jupyter_core-4.6.3/jupyter_core/application.py
--- old/jupyter_core-4.6.1/jupyter_core/application.py 2019-09-14
00:09:00.000000000 +0200
+++ new/jupyter_core-4.6.3/jupyter_core/application.py 2020-02-11
07:37:47.000000000 +0100
@@ -36,7 +36,8 @@
from .paths import (
jupyter_config_dir, jupyter_data_dir, jupyter_runtime_dir,
- jupyter_path, jupyter_config_path,
+ jupyter_path, jupyter_config_path, allow_insecure_writes,
+ issue_insecure_write_warning
)
# aliases and flags
@@ -245,8 +246,9 @@
self.load_config_file()
# enforce cl-opts override configfile opts:
self.update_config(cl_config)
-
-
+ if allow_insecure_writes:
+ issue_insecure_write_warning()
+
def start(self):
"""Start the whole thing"""
if self.subcommand:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/jupyter_core/paths.py
new/jupyter_core-4.6.3/jupyter_core/paths.py
--- old/jupyter_core-4.6.1/jupyter_core/paths.py 2019-10-24
06:08:45.000000000 +0200
+++ new/jupyter_core-4.6.3/jupyter_core/paths.py 2020-02-18
19:10:10.000000000 +0100
@@ -14,9 +14,11 @@
import stat
import errno
import tempfile
+import warnings
from ipython_genutils import py3compat
from contextlib import contextmanager
+from distutils.util import strtobool
from ipython_genutils import py3compat
pjoin = os.path.join
@@ -32,7 +34,7 @@
# Next line will make things work even when /home/ is a symlink to
# /usr/home as it is on FreeBSD, for example
homedir = os.path.realpath(homedir)
- homedir = py3compat.str_to_unicode(homedir,
encoding=sys.getfilesystemencoding())
+ homedir = py3compat.str_to_unicode(homedir,
encoding=sys.getfilesystemencoding())
return homedir
_dtemps = {}
@@ -387,8 +389,12 @@
"""
# Some filesystems (e.g., CIFS) auto-enable the execute bit on files. As
a result, we
# should tolerate the execute bit on the file's owner when validating
permissions - thus
- # the missing one's bit on the third octet.
- return stat.S_IMODE(os.stat(fname).st_mode) & 0o7677 # Use 4 octets since
S_IMODE does the same
+ # the missing least significant bit on the third octal digit. In addition,
we also tolerate
+ # the sticky bit being set, so the lsb from the fourth octal digit is also
removed.
+ return stat.S_IMODE(os.stat(fname).st_mode) & 0o6677 # Use 4 octal digits
since S_IMODE does the same
+
+
+allow_insecure_writes = strtobool(os.getenv('JUPYTER_ALLOW_INSECURE_WRITES',
'false'))
@contextmanager
@@ -415,20 +421,38 @@
pass
if os.name == 'nt':
- # Python on windows does not respect the group and public bits for
chmod, so we need
- # to take additional steps to secure the contents.
- # Touch file pre-emptively to avoid editing permissions in open files
in Windows
- fd = os.open(fname, os.O_CREAT | os.O_WRONLY | os.O_TRUNC, 0o0600)
- os.close(fd)
- open_flag = os.O_WRONLY | os.O_TRUNC
- win32_restrict_file_to_user(fname)
+ if allow_insecure_writes:
+ # Mounted file systems can have a number of failure modes inside
this block.
+ # For windows machines in insecure mode we simply skip this to
avoid failures :/
+ issue_insecure_write_warning()
+ else:
+ # Python on windows does not respect the group and public bits for
chmod, so we need
+ # to take additional steps to secure the contents.
+ # Touch file pre-emptively to avoid editing permissions in open
files in Windows
+ fd = os.open(fname, open_flag, 0o0600)
+ os.close(fd)
+ open_flag = os.O_WRONLY | os.O_TRUNC
+ win32_restrict_file_to_user(fname)
with os.fdopen(os.open(fname, open_flag, 0o0600), mode) as f:
if os.name != 'nt':
# Enforce that the file got the requested permissions before
writing
file_mode = get_file_mode(fname)
if 0o0600 != file_mode:
- raise RuntimeError("Permissions assignment failed for secure
file: '{file}'."
- "Got '{permissions}' instead of '0o0600'"
- .format(file=fname, permissions=oct(file_mode)))
+ if allow_insecure_writes:
+ issue_insecure_write_warning()
+ else:
+ raise RuntimeError("Permissions assignment failed for
secure file: '{file}'."
+ " Got '{permissions}' instead of '0o0600'."
+ .format(file=fname, permissions=oct(file_mode)))
yield f
+
+
+def issue_insecure_write_warning():
+ def format_warning(msg, *args, **kwargs):
+ return str(msg) + '\n'
+
+ warnings.formatwarning = format_warning
+ warnings.warn("WARNING: Insecure writes have been enabled via environment
variable "
+ "'JUPYTER_ALLOW_INSECURE_WRITES'! If this is not intended,
remove the "
+ "variable or set its value to 'False'.")
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/jupyter_core/version.py
new/jupyter_core-4.6.3/jupyter_core/version.py
--- old/jupyter_core-4.6.1/jupyter_core/version.py 2019-10-24
06:09:45.000000000 +0200
+++ new/jupyter_core-4.6.3/jupyter_core/version.py 2020-02-18
19:10:53.000000000 +0100
@@ -1,6 +1,6 @@
# Copyright (c) Jupyter Development Team.
# Distributed under the terms of the Modified BSD License.
-version_info = (4, 6, 1)
+version_info = (4, 6, 3)
__version__ = '.'.join(map(str, version_info))
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/jupyter_core.egg-info/PKG-INFO
new/jupyter_core-4.6.3/jupyter_core.egg-info/PKG-INFO
--- old/jupyter_core-4.6.1/jupyter_core.egg-info/PKG-INFO 2019-10-24
06:10:36.000000000 +0200
+++ new/jupyter_core-4.6.3/jupyter_core.egg-info/PKG-INFO 2020-02-18
19:13:42.000000000 +0100
@@ -1,6 +1,6 @@
Metadata-Version: 1.2
Name: jupyter-core
-Version: 4.6.1
+Version: 4.6.3
Summary: Jupyter core package. A base package on which Jupyter projects rely.
Home-page: https://jupyter.org
Author: Jupyter Development Team
@@ -16,6 +16,4 @@
Classifier: Programming Language :: Python :: 2
Classifier: Programming Language :: Python :: 2.7
Classifier: Programming Language :: Python :: 3
-Classifier: Programming Language :: Python :: 3.3
-Classifier: Programming Language :: Python :: 3.4
-Requires-Python: >=2.7, !=3.0, !=3.1, !=3.2
+Requires-Python: !=3.0,!=3.1,!=3.2,!=3.3,!=3.4,>=2.7
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/jupyter_core-4.6.1/setup.cfg
new/jupyter_core-4.6.3/setup.cfg
--- old/jupyter_core-4.6.1/setup.cfg 2019-10-24 06:10:36.000000000 +0200
+++ new/jupyter_core-4.6.3/setup.cfg 2020-02-18 19:13:42.000000000 +0100
@@ -17,14 +17,12 @@
Programming Language :: Python :: 2
Programming Language :: Python :: 2.7
Programming Language :: Python :: 3
- Programming Language :: Python :: 3.3
- Programming Language :: Python :: 3.4
[options]
py_modules = jupyter
packages = jupyter_core, jupyter_core.utils, jupyter_core.tests
include_package_data = True
-python_requires = >=2.7, !=3.0, !=3.1, !=3.2
+python_requires = >=2.7, !=3.0, !=3.1, !=3.2, !=3.3, !=3.4
install_requires =
traitlets
pywin32>=1.0 ; sys_platform == 'win32'
