Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-django-picklefield for
openSUSE:Factory checked in at 2026-04-01 19:52:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-django-picklefield (Old)
and /work/SRC/openSUSE:Factory/.python-django-picklefield.new.21863 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-django-picklefield"
Wed Apr 1 19:52:16 2026 rev:23 rq:1344055 version:3.4.0
Changes:
--------
---
/work/SRC/openSUSE:Factory/python-django-picklefield/python-django-picklefield.changes
2024-04-10 17:50:27.140610401 +0200
+++
/work/SRC/openSUSE:Factory/.python-django-picklefield.new.21863/python-django-picklefield.changes
2026-04-01 19:53:50.417134634 +0200
@@ -1,0 +2,8 @@
+Wed Apr 1 07:44:56 UTC 2026 - Dirk Müller <[email protected]>
+
+- update to 3.4.0:
+ * Added tested support for Django 6.0.
+ * Added tested support for Python 3.14.
+ * Dropped support for Python 3.9.
+
+-------------------------------------------------------------------
Old:
----
v3.1.0.tar.gz
New:
----
v3.4.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-django-picklefield.spec ++++++
--- /var/tmp/diff_new_pack.MsKE66/_old 2026-04-01 19:53:52.005200596 +0200
+++ /var/tmp/diff_new_pack.MsKE66/_new 2026-04-01 19:53:52.025201426 +0200
@@ -1,7 +1,7 @@
#
# spec file for package python-django-picklefield
#
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2026 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,9 +17,9 @@
%{?sle15_python_module_pythons}
-%define upstream_version 3.1
+%define upstream_version 3.4
Name: python-django-picklefield
-Version: 3.1.0
+Version: 3.4.0
Release: 0
Summary: Pickled object field for Django
License: MIT
++++++ v3.1.0.tar.gz -> v3.4.0.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/.github/workflows/test.yml
new/django-picklefield-3.4.0/.github/workflows/test.yml
--- old/django-picklefield-3.1.0/.github/workflows/test.yml 2022-06-18
22:13:08.000000000 +0200
+++ new/django-picklefield-3.4.0/.github/workflows/test.yml 2025-11-27
03:54:04.000000000 +0100
@@ -9,13 +9,18 @@
fail-fast: false
max-parallel: 5
matrix:
- python-version: ['3.6', '3.7', '3.8', '3.9', '3.10']
+ python-version:
+ - '3.10'
+ - '3.11'
+ - '3.12'
+ - '3.13'
+ - '3.14'
steps:
- - uses: actions/checkout@v2
+ - uses: actions/checkout@v4
- name: Set up Python ${{ matrix.python-version }}
- uses: actions/setup-python@v2
+ uses: actions/setup-python@v5
with:
python-version: ${{ matrix.python-version }}
@@ -23,21 +28,25 @@
id: pip-cache
run: |
echo "::set-output name=dir::$(pip cache dir)"
+
- name: Cache
- uses: actions/cache@v2
+ uses: actions/cache@v4
with:
path: ${{ steps.pip-cache.outputs.dir }}
key:
${{ matrix.python-version }}-v1-${{ hashFiles('**/setup.py') }}-${{
hashFiles('**/tox.ini') }}
restore-keys: |
${{ matrix.python-version }}-v1-
+
- name: Install dependencies
run: |
python -m pip install --upgrade pip
python -m pip install --upgrade tox tox-gh-actions
+
- name: Tox tests
run: |
tox -v
+
- name: Coveralls
uses: AndreMiras/coveralls-python-action@develop
with:
@@ -52,4 +61,3 @@
uses: AndreMiras/coveralls-python-action@develop
with:
parallel-finished: true
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/README.rst
new/django-picklefield-3.4.0/README.rst
--- old/django-picklefield-3.1.0/README.rst 2022-06-18 22:13:08.000000000
+0200
+++ new/django-picklefield-3.4.0/README.rst 2025-11-27 03:54:04.000000000
+0100
@@ -63,6 +63,22 @@
>>> obj.args = ['fancy', {'objects': 'inside'}]
>>> obj.save()
+.. warning::
+
+ As the name of this package implies ``django-picklefield`` relies on the
+ stdlib `pickle`_ module to serialize its data. Concretely this means that
+ **this package should not be used to store user controllable data under any
+ circumstances at the risk of exposing your application to arbitrary code
+ execution**.
+
+ In order to prevent potentially dangerous usage of ``PickledObjectField``
+ field it is explicitly marked as ``editable=False`` which will prevent its
+ declarative usage in forms and consequently the admin but be aware that
+ assigning unsanitized user provided strings directly to a
``PickledObjectField``
+ exposes your to arbitrary code execution the same way piping malicious
+ strings into ``pickle.loads`` does.
+
+.. _pickle: https://docs.python.org/3/library/pickle.html#module-pickle
-----
Notes
@@ -162,10 +178,32 @@
Changes
-------
+Changes in version 3.4.0
+========================
+
+* Added tested support for Django 6.0.
+* Added tested support for Python 3.14.
+* Dropped support for Python 3.9.
+
+Changes in version 3.3.0
+========================
+
+* Added tested support for Django 5.1 and 5.2.
+* Dropped support for Django 3.2, 4.0, and 4.1.
+* Added tested support for Python 3.11 and 3.12.
+* Dropped support for Python 3.8.
+
+Changes in version 3.2.0
+========================
+
+* Added tested support for Django 4.1, 4.2, 5.0.
+* Added tested support for Python 3.11, 3.12.
+* Dropped support for Python 3.6 and 3.7.
+
Changes in version 3.1.0
========================
-* Added testing against Django 3.2 and 4.0.
+* Added tested support for Django 3.2 and 4.0.
Changes in version 3.0.1
========================
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/picklefield/__init__.py
new/django-picklefield-3.4.0/picklefield/__init__.py
--- old/django-picklefield-3.1.0/picklefield/__init__.py 2022-06-18
22:13:08.000000000 +0200
+++ new/django-picklefield-3.4.0/picklefield/__init__.py 2025-11-27
03:54:04.000000000 +0100
@@ -5,6 +5,6 @@
__all__ = 'VERSION', '__version__', 'DEFAULT_PROTOCOL', 'PickledObjectField'
-VERSION = (3, 1, 0, 'final', 0)
+VERSION = (3, 4, 0, 'final', 0)
__version__ = django.utils.version.get_version(VERSION)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/setup.py
new/django-picklefield-3.4.0/setup.py
--- old/django-picklefield-3.1.0/setup.py 2022-06-18 22:13:08.000000000
+0200
+++ new/django-picklefield-3.4.0/setup.py 2025-11-27 03:54:04.000000000
+0100
@@ -10,6 +10,7 @@
version=picklefield.__version__,
description='Pickled object field for Django',
long_description=long_description,
+ long_description_content_type='text/x-rst',
author='Simon Charette',
author_email='[email protected]',
url='http://github.com/gintas/django-picklefield',
@@ -18,24 +19,29 @@
'Development Status :: 5 - Production/Stable',
'Environment :: Web Environment',
'Framework :: Django',
- 'Framework :: Django :: 3.2',
- 'Framework :: Django :: 4.0',
+ 'Framework :: Django :: 4.2',
+ 'Framework :: Django :: 5.0',
+ 'Framework :: Django :: 5.1',
+ 'Framework :: Django :: 5.2',
+ 'Framework :: Django :: 6.0',
'Intended Audience :: Developers',
'License :: OSI Approved :: MIT License',
'Operating System :: OS Independent',
'Programming Language :: Python',
'Programming Language :: Python :: 3 :: Only',
'Programming Language :: Python :: 3',
- 'Programming Language :: Python :: 3.6',
- 'Programming Language :: Python :: 3.7',
- 'Programming Language :: Python :: 3.8',
+ 'Programming Language :: Python :: 3.10',
+ 'Programming Language :: Python :: 3.11',
+ 'Programming Language :: Python :: 3.12',
+ 'Programming Language :: Python :: 3.13',
+ 'Programming Language :: Python :: 3.14',
'Topic :: Software Development :: Libraries :: Application Frameworks',
'Topic :: Software Development :: Libraries :: Python Modules',
],
keywords=['django pickle model field'],
packages=find_packages(exclude=['tests', 'tests.*']),
- python_requires='>=3',
- install_requires=['Django>=3.2'],
+ python_requires='>=3.10',
+ install_requires=['Django>=4.2'],
extras_require={
'tests': ['tox'],
},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/tests/models.py
new/django-picklefield-3.4.0/tests/models.py
--- old/django-picklefield-3.1.0/tests/models.py 2022-06-18
22:13:08.000000000 +0200
+++ new/django-picklefield-3.4.0/tests/models.py 2025-11-27
03:54:04.000000000 +0100
@@ -1,6 +1,7 @@
from datetime import date
from django.db import models
+
from picklefield import PickledObjectField
S1 = 'Hello World'
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/tests/tests.py
new/django-picklefield-3.4.0/tests/tests.py
--- old/django-picklefield-3.1.0/tests/tests.py 2022-06-18 22:13:08.000000000
+0200
+++ new/django-picklefield-3.4.0/tests/tests.py 2025-11-27 03:54:04.000000000
+0100
@@ -6,6 +6,7 @@
from django.db import IntegrityError, models
from django.test import SimpleTestCase, TestCase
from django.test.utils import isolate_apps
+
from picklefield.fields import (
PickledObjectField, dbsafe_encode, wrap_conflictual_object,
)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/django-picklefield-3.1.0/tox.ini
new/django-picklefield-3.4.0/tox.ini
--- old/django-picklefield-3.1.0/tox.ini 2022-06-18 22:13:08.000000000
+0200
+++ new/django-picklefield-3.4.0/tox.ini 2025-11-27 03:54:04.000000000
+0100
@@ -2,49 +2,46 @@
skipsdist = true
args_are_paths = false
envlist =
- flake8,
- isort,
- py36-3.2,
- py37-3.2,
- py38-{3.2,4.0,main},
- py39-{3.2,4.0,main},
- py310-{3.2,4.0,main},
+ flake8
+ isort
+ py310-django{42,50,51,52}
+ py311-django{42,50,51,52}
+ py312-django{42,50,51,52,main}
+ py313-django{51,52,main}
+ py314-django{52,60,main}
[gh-actions]
python =
- 3.6: py36, flake8, isort
- 3.7: py37
- 3.8: py38
- 3.9: py39
3.10: py310
+ 3.11: py311
+ 3.12: py312
+ 3.13: py313
+ 3.14: py314, flake8, isort
[testenv]
-basepython =
- py36: python3.6
- py37: python3.7
- py38: python3.8
- py39: python3.9
- py310: python3.10
usedevelop = true
commands =
- {envpython} -R -Wonce {envbindir}/coverage run -a -m django test -v2
--settings=tests.settings {posargs}
+ {envpython} -R -Werror {envbindir}/coverage run -a -m django test -v2
--settings=tests.settings {posargs}
coverage report -m
deps =
coverage
- 3.2: Django>=3.0,<3.1
- 4.0: Django>=4.0,<4.1
- main: https://github.com/django/django/archive/main.tar.gz
+ django42: Django>=4.2,<5.0
+ django50: Django>=5.0,<5.1
+ django51: Django>=5.1,<5.2
+ django52: Django>=5.2a1,<6.0
+ django60: Django>=6.0a1,<6.1
+ djangomain: https://github.com/django/django/archive/main.tar.gz
passenv =
GITHUB_*
[testenv:flake8]
usedevelop = false
-basepython = python3.6
+basepython = python3.14
commands = flake8
deps = flake8
[testenv:isort]
usedevelop = false
-basepython = python3.6
+basepython = python3.14
commands = isort --recursive --check-only --diff picklefield tests
-deps = isort==4.2.5
+deps = isort==5.13.2
