Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-deepdiff for openSUSE:Factory
checked in at 2025-09-09 20:30:37
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-deepdiff (Old)
and /work/SRC/openSUSE:Factory/.python-deepdiff.new.1977 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-deepdiff"
Tue Sep 9 20:30:37 2025 rev:18 rq:1303319 version:8.6.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-deepdiff/python-deepdiff.changes
2025-06-03 17:58:03.856863059 +0200
+++
/work/SRC/openSUSE:Factory/.python-deepdiff.new.1977/python-deepdiff.changes
2025-09-09 20:31:16.123814647 +0200
@@ -1,0 +2,30 @@
+Tue Sep 9 07:26:58 UTC 2025 - John Paul Adrian Glaubitz
<[email protected]>
+
+- Update to 8.6.1 (bsc#1249347, CVE-2025-58367):
+ * Patched security vulnerability in the Delta class which was vulnerable
+ to class pollution via its constructor, and when combined with a gadget
+ available in DeltaDiff itself, it could lead to Denial of Service and
+ Remote Code Execution (via insecure Pickle deserialization).
+ (bsc#1249347, CVE-2025-58367)
+- from version 8.6.0
+ * Added Colored View thanks to @mauvilsa
+ * Added support for applying deltas to NamedTuple thanks to @paulsc
+ * Fixed test_delta.py with Python 3.14 thanks to @Romain-Geissler-1A
+ * Added python property serialization to json
+ * Added ip address serialization
+ * Switched to UV from pip
+ * Added Claude.md
+ * Added uuid hashing thanks to @akshat62
+ * Added ignore_uuid_types flag to DeepDiff to avoid type reports when
comparing UUID and string.
+ * Added comprehensive type hints across the codebase (multiple commits for
better type safety)
+ * Added support for memoryview serialization
+ * Added support for bytes serialization (non-UTF8 compatible)
+ * Fixed bug where group_by with numbers would leak type info into group path
reports
+ * Fixed bug in _get_clean_to_keys_mapping without explicit significant digits
+ * Added support for python dict key serialization
+ * Enhanced support for IP address serialization with safe module imports
+ * Added development tooling improvements (pyright config, .envrc example)
+ * Updated documentation and development instructions
+- Update BuildRequires from pyproject.toml
+
+-------------------------------------------------------------------
Old:
----
deepdiff-8.5.0-gh.tar.gz
New:
----
deepdiff-8.6.1-gh.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-deepdiff.spec ++++++
--- /var/tmp/diff_new_pack.ZWiRVi/_old 2025-09-09 20:31:16.567833359 +0200
+++ /var/tmp/diff_new_pack.ZWiRVi/_new 2025-09-09 20:31:16.571833527 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-deepdiff
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
%{?sle15_python_module_pythons}
Name: python-deepdiff
-Version: 8.5.0
+Version: 8.6.1
Release: 0
Summary: Deep Difference and Search of any Python object/data
License: MIT
@@ -40,6 +40,7 @@
BuildRequires: %{python_module setuptools}
BuildRequires: %{python_module tomli-w}
BuildRequires: %{python_module toml}
+BuildRequires: %{python_module uuid6}
BuildRequires: %{python_module wheel}
BuildRequires: fdupes
BuildRequires: python-rpm-macros
++++++ deepdiff-8.5.0-gh.tar.gz -> deepdiff-8.6.1-gh.tar.gz ++++++
++++ 6352 lines of diff (skipped)
