On Mon, Mar 30, 2020 at 10:42:20PM +0100, Stuart Henderson wrote: > We are currently quite behind on 5.1.1 so there are a number of other things > fixed in the meantime, but this includes a code execution fix. Nothing looks > incompatible in changelog, I've tested runtime with beets, ansible, urlwatch > and built a selection of the other ports depending on it. OK?
All tests pass for me on sparc64 (both FLAVORs). ok kmos --Kurt > 5.3.1 (2020-03-18) > > * https://github.com/yaml/pyyaml/pull/386 -- Prevents arbitrary code > execution during python/object/new constructor > > 5.3 (2020-01-06) > > * https://github.com/yaml/pyyaml/pull/290 -- Use `is` instead of equality for > comparing with `None` > * https://github.com/yaml/pyyaml/pull/270 -- fix typos and stylistic nit > * https://github.com/yaml/pyyaml/pull/309 -- Fix up small typo > * https://github.com/yaml/pyyaml/pull/161 -- Fix handling of __slots__ > * https://github.com/yaml/pyyaml/pull/358 -- Allow calling > add_multi_constructor with None > * https://github.com/yaml/pyyaml/pull/285 -- Add use of safe_load() function > in README > * https://github.com/yaml/pyyaml/pull/351 -- Fix reader for Unicode code > points over 0xFFFF > * https://github.com/yaml/pyyaml/pull/360 -- Enable certain unicode tests > when maxunicode not > 0xffff > * https://github.com/yaml/pyyaml/pull/359 -- Use full_load in yaml-highlight > example > * https://github.com/yaml/pyyaml/pull/244 -- Document that PyYAML is > implemented with Cython > * https://github.com/yaml/pyyaml/pull/329 -- Fix for Python 3.10 > * https://github.com/yaml/pyyaml/pull/310 -- increase size of index, line, > and column fields > * https://github.com/yaml/pyyaml/pull/260 -- remove some unused imports > * https://github.com/yaml/pyyaml/pull/163 -- Create timezone-aware datetimes > when parsed as such > * https://github.com/yaml/pyyaml/pull/363 -- Add tests for timezone > > 5.2 (2019-12-02) > ------------------ > > * Repair incompatibilities introduced with 5.1. The default Loader was > changed, > but several methods like add_constructor still used the old default > https://github.com/yaml/pyyaml/pull/279 -- A more flexible fix for custom > tag constructors > https://github.com/yaml/pyyaml/pull/287 -- Change default loader for > yaml.add_constructor > https://github.com/yaml/pyyaml/pull/305 -- Change default loader for > add_implicit_resolver, add_path_resolver > * Make FullLoader safer by removing python/object/apply from the default > FullLoader > https://github.com/yaml/pyyaml/pull/347 -- Move constructor for > object/apply to UnsafeConstructor > * Fix bug introduced in 5.1 where quoting went wrong on systems with > sys.maxunicode <= 0xffff > https://github.com/yaml/pyyaml/pull/276 -- Fix logic for quoting special > characters > * Other PRs: > https://github.com/yaml/pyyaml/pull/280 -- Update CHANGES for 5.1 > > 5.1.2 (2019-07-30) > ------------------ > > * Re-release of 5.1 with regenerated Cython sources to build properly for > Python 3.8b2+ > > > > > > Index: Makefile > =================================================================== > RCS file: /cvs/ports/textproc/py-yaml/Makefile,v > retrieving revision 1.20 > diff -u -p -r1.20 Makefile > --- Makefile 23 Jun 2019 16:28:30 -0000 1.20 > +++ Makefile 30 Mar 2020 21:26:23 -0000 > @@ -2,7 +2,7 @@ > > COMMENT= YAML parser and emitter in Python > > -MODPY_EGG_VERSION=5.1.1 > +MODPY_EGG_VERSION=5.3.1 > DISTNAME= PyYAML-${MODPY_EGG_VERSION} > PKGNAME= py-yaml-${MODPY_EGG_VERSION} > CATEGORIES= textproc > Index: distinfo > =================================================================== > RCS file: /cvs/ports/textproc/py-yaml/distinfo,v > retrieving revision 1.7 > diff -u -p -r1.7 distinfo > --- distinfo 23 Jun 2019 16:28:30 -0000 1.7 > +++ distinfo 30 Mar 2020 21:26:23 -0000 > @@ -1,2 +1,2 @@ > -SHA256 (PyYAML-5.1.1.tar.gz) = tLtNP14jJCXiXdohwHDOBRaKeGrJ7aQ3aKt/OsJ3CVU= > -SIZE (PyYAML-5.1.1.tar.gz) = 274442 > +SHA256 (PyYAML-5.3.1.tar.gz) = uOrHUsXhTT7KDm3ZGZzWJ1GMtewGrdDenTK67ub+ZF0= > +SIZE (PyYAML-5.3.1.tar.gz) = 269377 > Index: pkg/PLIST > =================================================================== > RCS file: /cvs/ports/textproc/py-yaml/pkg/PLIST,v > retrieving revision 1.2 > diff -u -p -r1.2 PLIST > --- pkg/PLIST 9 Dec 2015 18:26:47 -0000 1.2 > +++ pkg/PLIST 30 Mar 2020 21:26:23 -0000 > @@ -1,6 +1,6 @@ > @comment $OpenBSD: PLIST,v 1.2 2015/12/09 18:26:47 jca Exp $ > > lib/python${MODPY_VERSION}/site-packages/PyYAML-${MODPY_EGG_VERSION}-py${MODPY_VERSION}.egg-info > -lib/python${MODPY_VERSION}/site-packages/_yaml.so > +@so lib/python${MODPY_VERSION}/site-packages/_yaml.so > lib/python${MODPY_VERSION}/site-packages/yaml/ > lib/python${MODPY_VERSION}/site-packages/yaml/__init__.py > > ${MODPY_COMMENT}lib/python${MODPY_VERSION}/site-packages/yaml/${MODPY_PYCACHE}/ >
