Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-w3lib for openSUSE:Factory checked in at 2021-03-20 21:25:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-w3lib (Old) and /work/SRC/openSUSE:Factory/.python-w3lib.new.2401 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-w3lib" Sat Mar 20 21:25:56 2021 rev:7 rq:880134 version:1.22.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-w3lib/python-w3lib.changes 2020-07-24 10:02:57.269810534 +0200 +++ /work/SRC/openSUSE:Factory/.python-w3lib.new.2401/python-w3lib.changes 2021-03-20 21:26:24.149206661 +0100 @@ -1,0 +2,6 @@ +Fri Mar 19 14:28:28 UTC 2021 - Matej Cepl <mc...@suse.com> + +- Add 166-add-xfail-test_add_or_replace_parameter_fail.patch, + which makes tests working with CVE-2021-23336 (bsc#1181270). + +------------------------------------------------------------------- New: ---- 166-add-xfail-test_add_or_replace_parameter_fail.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-w3lib.spec ++++++ --- /var/tmp/diff_new_pack.0yFDSf/_old 2021-03-20 21:26:24.589207176 +0100 +++ /var/tmp/diff_new_pack.0yFDSf/_new 2021-03-20 21:26:24.593207181 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-w3lib # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2021 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -25,6 +25,10 @@ Group: Development/Languages/Python URL: https://github.com/scrapy/w3lib Source: https://files.pythonhosted.org/packages/source/w/w3lib/w3lib-%{version}.tar.gz +# PATCH-FIX-UPSTREAM 166-add-xfail-test_add_or_replace_parameter_fail.patch mc...@suse.com +# Allow working with Python fixed CVE-2021-23336 +Patch0: 166-add-xfail-test_add_or_replace_parameter_fail.patch +BuildRequires: %{python_module pytest} BuildRequires: %{python_module setuptools} BuildRequires: %{python_module six >= 1.4.1} BuildRequires: fdupes @@ -56,7 +60,7 @@ * extract arguments from urls %prep -%setup -q -n w3lib-%{version} +%autosetup -p1 -n w3lib-%{version} %build %python_build @@ -66,7 +70,7 @@ %python_expand %fdupes %{buildroot}%{$python_sitelib} %check -%python_exec setup.py test +%pytest %files %{python_files} %doc README.rst ++++++ 166-add-xfail-test_add_or_replace_parameter_fail.patch ++++++ >From 34c62eb265cdb75b748d8aca43a2f8b9581dbd6a Mon Sep 17 00:00:00 2001 From: Eugenio Lacuesta <eugenio.lacue...@gmail.com> Date: Wed, 10 Mar 2021 12:20:24 -0300 Subject: [PATCH 1/8] [CI] Run tests on GitHub actions --- tests/test_url.py | 24 ++++++++++++++---------- 1 file changed, 14 insertions(+), 10 deletions(-) delete mode 100644 .github/workflows/build.yml create mode 100644 .github/workflows/tests.yml --- a/tests/test_url.py +++ b/tests/test_url.py @@ -2,11 +2,14 @@ from __future__ import absolute_import import os import unittest + +import pytest +from six.moves.urllib.parse import urlparse + from w3lib.url import (is_url, safe_url_string, safe_download_url, url_query_parameter, add_or_replace_parameter, url_query_cleaner, file_uri_to_path, parse_data_uri, path_to_file_uri, any_to_uri, urljoin_rfc, canonicalize_url, parse_url, add_or_replace_parameters) -from six.moves.urllib.parse import urlparse class UrlTests(unittest.TestCase): @@ -76,17 +79,16 @@ class UrlTests(unittest.TestCase): def test_safe_url_string_unsafe_chars(self): safeurl = safe_url_string(r"http://localhost:8001/unwise{,},|,\,^,[,],`?|=[]&[]=|") self.assertEqual(safeurl, r"http://localhost:8001/unwise%7B,%7D,|,%5C,%5E,[,],%60?|=[]&[]=|") - + def test_safe_url_string_quote_path(self): safeurl = safe_url_string(u'http://google.com/"hello";', quote_path=True) self.assertEqual(safeurl, u'http://google.com/%22hello%22') - + safeurl = safe_url_string(u'http://google.com/"hello";', quote_path=False) self.assertEqual(safeurl, u'http://google.com/"hello";') - + safeurl = safe_url_string(u'http://google.com/"hello";') self.assertEqual(safeurl, u'http://google.com/%22hello%22') - def test_safe_url_string_with_query(self): safeurl = safe_url_string(u"http://www.example.com/???unit=??";) @@ -299,10 +301,6 @@ class UrlTests(unittest.TestCase): self.assertEqual(add_or_replace_parameter(url, 'arg3', 'nv3'), 'http://domain/test?arg1=v1&arg2=v2&arg3=nv3') - url = 'http://domain/test?arg1=v1;arg2=v2' - self.assertEqual(add_or_replace_parameter(url, 'arg1', 'v3'), - 'http://domain/test?arg1=v3&arg2=v2') - self.assertEqual(add_or_replace_parameter("http://domain/moreInfo.asp?prodID=";, 'prodID', '20'), 'http://domain/moreInfo.asp?prodID=20') url = 'http://rmc-offers.co.uk/productlist.asp?BCat=2%2C60&CatID=60' @@ -327,6 +325,13 @@ class UrlTests(unittest.TestCase): self.assertEqual(add_or_replace_parameter(url, 'arg1', 'v3'), 'http://domain/test?arg1=v3&arg2=v2') + @pytest.mark.xfail(reason="https://github.com/scrapy/w3lib/issues/164";) + def test_add_or_replace_parameter_fail(self): + self.assertEqual( + add_or_replace_parameter('http://domain/test?arg1=v1;arg2=v2', 'arg1', 'v3'), + 'http://domain/test?arg1=v3&arg2=v2' + ) + def test_add_or_replace_parameters(self): url = 'http://domain/test' self.assertEqual(add_or_replace_parameters(url, {'arg': 'v'}), @@ -741,4 +746,3 @@ class DataURITests(unittest.TestCase): if __name__ == "__main__": unittest.main() -
