New submission from ghost43 :
Currently `ZipFile.writestr` writes the local time into the ZipFile.
(depends on both current time and local timezone)
See
https://github.com/python/cpython/blob/20e6e5636a06fe5e1472062918d0a302d82a71c3/Lib/zipfile.py#L1816-L1817
This makes pip installing
New submission from ghost43 :
This is about a potential DOS vector that can get an asyncio server serving SSL
connections to enter a busy loop and hang. To recover the server (python
process) needs to be restarted.
See downstream report at https://github.com/spesmilo/electrumx/issues/92
New submission from ghost43 :
I am trying to generate .zip sdists for a project in a reproducible manner,
using setuptoools.
The generated zips differ in the order of packed files.
The root cause of the non-determinicity is using os.walk() in make_zipfile here:
https://github.com/python
