Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package python-simplejson for
openSUSE:Factory checked in at 2021-09-09 23:07:17
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-simplejson (Old)
and /work/SRC/openSUSE:Factory/.python-simplejson.new.1899 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-simplejson"
Thu Sep 9 23:07:17 2021 rev:45 rq:917209 version:3.17.5
Changes:
--------
--- /work/SRC/openSUSE:Factory/python-simplejson/python-simplejson.changes
2021-07-21 19:05:28.387196932 +0200
+++
/work/SRC/openSUSE:Factory/.python-simplejson.new.1899/python-simplejson.changes
2021-09-09 23:07:20.220816530 +0200
@@ -1,0 +2,9 @@
+Tue Sep 7 06:55:10 UTC 2021 - Dirk M??ller <dmuel...@suse.com>
+
+- update to 3.17.5:
+ * Fix the C extension module to harden is_namedtuple against looks-a-likes
such
+ as Mocks. Also prevent dict encoding from causing an unraised SystemError
when
+ encountering a non-Dict. Noticed by running user tests against a CPython
+ interpreter with C asserts enabled (COPTS += -UNDEBUG).
+
+-------------------------------------------------------------------
Old:
----
simplejson-3.17.3.tar.gz
New:
----
simplejson-3.17.5.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ python-simplejson.spec ++++++
--- /var/tmp/diff_new_pack.W1Efoh/_old 2021-09-09 23:07:20.772817171 +0200
+++ /var/tmp/diff_new_pack.W1Efoh/_new 2021-09-09 23:07:20.776817176 +0200
@@ -18,7 +18,7 @@
%{?!python_module:%define python_module() python-%{**} python3-%{**}}
Name: python-simplejson
-Version: 3.17.3
+Version: 3.17.5
Release: 0
Summary: Extensible JSON encoder/decoder for Python
License: AFL-2.1 OR MIT
++++++ simplejson-3.17.3.tar.gz -> simplejson-3.17.5.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/CHANGES.txt
new/simplejson-3.17.5/CHANGES.txt
--- old/simplejson-3.17.3/CHANGES.txt 2021-07-10 01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/CHANGES.txt 2021-08-24 06:42:09.000000000 +0200
@@ -1,3 +1,16 @@
+Version 3.17.5 released 2021-08-23
+
+* Fix the C extension module to harden is_namedtuple against looks-a-likes such
+ as Mocks. Also prevent dict encoding from causing an unraised SystemError
when
+ encountering a non-Dict. Noticed by running user tests against a CPython
+ interpreter with C asserts enabled (COPTS += -UNDEBUG).
+ https://github.com/simplejson/simplejson/pull/284
+
+Version 3.17.4 released 2021-08-19
+
+* Upgrade cibuildwheel
+ https://github.com/simplejson/simplejson/pull/287
+
Version 3.17.3 released 2021-07-09
* Replaced Travis-CI and AppVeyor with Github Actions,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/PKG-INFO
new/simplejson-3.17.5/PKG-INFO
--- old/simplejson-3.17.3/PKG-INFO 2021-07-10 01:46:02.285155300 +0200
+++ new/simplejson-3.17.5/PKG-INFO 2021-08-24 06:42:09.889491000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.2
Name: simplejson
-Version: 3.17.3
+Version: 3.17.5
Summary: Simple, fast, extensible JSON encoder/decoder for Python
Home-page: https://github.com/simplejson/simplejson
Author: Bob Ippolito
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/conf.py
new/simplejson-3.17.5/conf.py
--- old/simplejson-3.17.3/conf.py 2021-07-10 01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/conf.py 2021-08-24 06:42:09.000000000 +0200
@@ -44,7 +44,7 @@
# The short X.Y version.
version = '3.17'
# The full version, including alpha/beta/rc tags.
-release = '3.17.3'
+release = '3.17.5'
# There are two options for replacing |today|: either, you set today to some
# non-false value, then it is used:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/setup.py
new/simplejson-3.17.5/setup.py
--- old/simplejson-3.17.3/setup.py 2021-07-10 01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/setup.py 2021-08-24 06:42:09.000000000 +0200
@@ -12,7 +12,7 @@
DistutilsPlatformError
IS_PYPY = hasattr(sys, 'pypy_translation_info')
-VERSION = '3.17.3'
+VERSION = '3.17.5'
DESCRIPTION = "Simple, fast, extensible JSON encoder/decoder for Python"
with open('README.rst', 'r') as f:
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/simplejson/__init__.py
new/simplejson-3.17.5/simplejson/__init__.py
--- old/simplejson-3.17.3/simplejson/__init__.py 2021-07-10
01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/simplejson/__init__.py 2021-08-24
06:42:09.000000000 +0200
@@ -118,7 +118,7 @@
"""
from __future__ import absolute_import
-__version__ = '3.17.3'
+__version__ = '3.17.5'
__all__ = [
'dump', 'dumps', 'load', 'loads',
'JSONDecoder', 'JSONDecodeError', 'JSONEncoder',
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/simplejson/_speedups.c
new/simplejson-3.17.5/simplejson/_speedups.c
--- old/simplejson-3.17.3/simplejson/_speedups.c 2021-07-10
01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/simplejson/_speedups.c 2021-08-24
06:42:09.000000000 +0200
@@ -386,6 +386,8 @@
_is_namedtuple(PyObject *obj)
{
int rval = 0;
+ /* We intentionally accept anything with a duck typed _asdict method rather
+ * than requiring it to pass PyTuple_Check(obj). */
PyObject *_asdict = PyObject_GetAttrString(obj, "_asdict");
if (_asdict == NULL) {
PyErr_Clear();
@@ -2853,6 +2855,15 @@
return rv;
newobj = PyObject_CallMethod(obj, "_asdict", NULL);
if (newobj != NULL) {
+ if (!PyDict_Check(newobj)) {
+ PyErr_Format(
+ PyExc_TypeError,
+ "_asdict() must return a dict, not %.80s",
+ Py_TYPE(newobj)->tp_name
+ );
+ Py_DECREF(newobj);
+ return -1;
+ }
rv = encoder_listencode_dict(s, rval, newobj, indent_level);
Py_DECREF(newobj);
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/simplejson/encoder.py
new/simplejson-3.17.5/simplejson/encoder.py
--- old/simplejson-3.17.3/simplejson/encoder.py 2021-07-10 01:45:59.000000000
+0200
+++ new/simplejson-3.17.5/simplejson/encoder.py 2021-08-24 06:42:09.000000000
+0200
@@ -520,7 +520,10 @@
else:
_asdict = _namedtuple_as_object and getattr(value,
'_asdict', None)
if _asdict and callable(_asdict):
- chunks = _iterencode_dict(_asdict(),
+ dct = _asdict()
+ if not isinstance(dct, dict):
+ raise TypeError("_asdict() must return a dict, not
%s" % (type(dct).__name__,))
+ chunks = _iterencode_dict(dct,
_current_indent_level)
elif _tuple_as_array and isinstance(value, tuple):
chunks = _iterencode_list(value, _current_indent_level)
@@ -641,7 +644,10 @@
else:
_asdict = _namedtuple_as_object and getattr(value,
'_asdict', None)
if _asdict and callable(_asdict):
- chunks = _iterencode_dict(_asdict(),
+ dct = _asdict()
+ if not isinstance(dct, dict):
+ raise TypeError("_asdict() must return a dict, not
%s" % (type(dct).__name__,))
+ chunks = _iterencode_dict(dct,
_current_indent_level)
elif _tuple_as_array and isinstance(value, tuple):
chunks = _iterencode_list(value, _current_indent_level)
@@ -686,8 +692,10 @@
else:
_asdict = _namedtuple_as_object and getattr(o, '_asdict', None)
if _asdict and callable(_asdict):
- for chunk in _iterencode_dict(_asdict(),
- _current_indent_level):
+ dct = _asdict()
+ if not isinstance(dct, dict):
+ raise TypeError("_asdict() must return a dict, not %s"
% (type(dct).__name__,))
+ for chunk in _iterencode_dict(dct, _current_indent_level):
yield chunk
elif (_tuple_as_array and isinstance(o, tuple)):
for chunk in _iterencode_list(o, _current_indent_level):
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/simplejson-3.17.3/simplejson/tests/test_namedtuple.py
new/simplejson-3.17.5/simplejson/tests/test_namedtuple.py
--- old/simplejson-3.17.3/simplejson/tests/test_namedtuple.py 2021-07-10
01:45:59.000000000 +0200
+++ new/simplejson-3.17.5/simplejson/tests/test_namedtuple.py 2021-08-24
06:42:09.000000000 +0200
@@ -4,6 +4,11 @@
from simplejson.compat import StringIO
try:
+ from unittest import mock
+except ImportError:
+ mock = None
+
+try:
from collections import namedtuple
except ImportError:
class Value(tuple):
@@ -120,3 +125,25 @@
self.assertEqual(
json.dumps(f({})),
json.dumps(f(DeadDict()), namedtuple_as_object=True))
+
+ def test_asdict_does_not_return_dict(self):
+ if not mock:
+ if hasattr(unittest, "SkipTest"):
+ raise unittest.SkipTest("unittest.mock required")
+ else:
+ print("unittest.mock not available")
+ return
+ fake = mock.Mock()
+ self.assertTrue(hasattr(fake, '_asdict'))
+ self.assertTrue(callable(fake._asdict))
+ self.assertFalse(isinstance(fake._asdict(), dict))
+ # https://github.com/simplejson/simplejson/pull/284
+ # when running under a debug build of CPython (COPTS=-UNDEBUG)
+ # a C assertion could fire due to an unchecked error of an PyDict
+ # API call on a non-dict internally in _speedups.c. Without a debug
+ # build of CPython this test likely passes either way despite the
+ # potential for internal data corruption. Getting it to crash in
+ # a debug build is not always easy either as it requires an
+ # assert(!PyErr_Occurred()) that could fire later on.
+ with self.assertRaises(TypeError):
+ json.dumps({23: fake}, namedtuple_as_object=True, for_json=False)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/simplejson-3.17.3/simplejson.egg-info/PKG-INFO
new/simplejson-3.17.5/simplejson.egg-info/PKG-INFO
--- old/simplejson-3.17.3/simplejson.egg-info/PKG-INFO 2021-07-10
01:46:01.000000000 +0200
+++ new/simplejson-3.17.5/simplejson.egg-info/PKG-INFO 2021-08-24
06:42:09.000000000 +0200
@@ -1,6 +1,6 @@
Metadata-Version: 1.2
Name: simplejson
-Version: 3.17.3
+Version: 3.17.5
Summary: Simple, fast, extensible JSON encoder/decoder for Python
Home-page: https://github.com/simplejson/simplejson
Author: Bob Ippolito
