Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package python-GitPython for 
openSUSE:Factory checked in at 2023-01-05 14:59:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/python-GitPython (Old)
 and      /work/SRC/openSUSE:Factory/.python-GitPython.new.1563 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "python-GitPython"

Thu Jan  5 14:59:49 2023 rev:25 rq:1046682 version:3.1.30.1672298042.141cd65

Changes:
--------
--- /work/SRC/openSUSE:Factory/python-GitPython/python-GitPython.changes        
2022-11-08 10:54:00.589619961 +0100
+++ 
/work/SRC/openSUSE:Factory/.python-GitPython.new.1563/python-GitPython.changes  
    2023-01-05 14:59:51.976774558 +0100
@@ -1,0 +2,23 @@
+Wed Jan  4 06:33:38 UTC 2023 - Steve Kowalik <steven.kowa...@suse.com>
+
+- Update to version 3.1.30.1672298042.141cd65:
+  * Make injections of command-invocations harder or impossible for clone and
+    others. See #1518 for details. Note that this might constitute a breaking
+    change for some users. (bsc#1206099, CVE-2022-24439)
+  * Prohibit insecure options and protocols by default, which is potentially a
+    breaking change, but a necessary fix for #1515.
+  * Make the git.__version__ re-appear.
+  * Reduced startup time due to optimized imports.
+  * Fix a vulenerability that could cause great slowdowns when encountering
+    long remote path names when pulling/fetching.
+  * Newly added timeout flag is not be enabled by default, and was renamed
+    to kill_after_timeout
+  * drop support for python 3.5 to reduce maintenance burden on typing.
+  * Add more static typing information
+  * git.Commit objects now have a replace method that will return a copy of
+    the commit with modified attributes.
+  * Add python 3.9 support
+  * Drop python 3.4 support
+- Refresh patches.
+
+-------------------------------------------------------------------

Old:
----
  GitPython-3.1.12.1610074031.f653af66.tar.xz

New:
----
  GitPython-3.1.30.1672298042.141cd65.tar.xz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ python-GitPython.spec ++++++
--- /var/tmp/diff_new_pack.aFCsQk/_old  2023-01-05 14:59:52.604774053 +0100
+++ /var/tmp/diff_new_pack.aFCsQk/_new  2023-01-05 14:59:52.612774046 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package python-GitPython
 #
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -18,7 +18,7 @@
 
 %define skip_python2 1
 Name:           python-GitPython
-Version:        3.1.12.1610074031.f653af66
+Version:        3.1.30.1672298042.141cd65
 Release:        0
 Summary:        Python Git Library
 License:        BSD-3-Clause
@@ -51,11 +51,10 @@
 are 'cgit' and pure python, which is the default.
 
 %prep
-%setup -q -n GitPython-%{version}
-echo y | ./init-tests-after-clone.sh
-%autopatch -p1
+%autosetup -p1 -n GitPython-%{version}
 # do not pull in extra deps
 sed -i -e '/tox/d' -e '/flake8/d' -e '/coverage/d' test-requirements.txt
+sed -i  -e '/addopts/d' pyproject.toml
 
 %build
 %python_build
@@ -78,7 +77,7 @@
 git config --global user.email "y...@example.com"
 git config --global user.name "Your Name"
 
-%pytest -k 'not test_installation' test
+%pytest -k 'not (test_installation or test_rev_parse)'
 
 %files %{python_files}
 %license LICENSE

++++++ GitPython-3.1.12.1610074031.f653af66.tar.xz -> 
GitPython-3.1.30.1672298042.141cd65.tar.xz ++++++
/work/SRC/openSUSE:Factory/python-GitPython/GitPython-3.1.12.1610074031.f653af66.tar.xz
 
/work/SRC/openSUSE:Factory/.python-GitPython.new.1563/GitPython-3.1.30.1672298042.141cd65.tar.xz
 differ: char 13, line 1

++++++ _service ++++++
--- /var/tmp/diff_new_pack.aFCsQk/_old  2023-01-05 14:59:52.676773995 +0100
+++ /var/tmp/diff_new_pack.aFCsQk/_new  2023-01-05 14:59:52.680773992 +0100
@@ -1,12 +1,12 @@
 <services>
   <service name="tar_scm" mode="disabled">
-    <param name="versionprefix">3.1.12</param>
-    <param name="url">git://github.com/gitpython-developers/GitPython</param>
+    <param name="versionprefix">3.1.30</param>
+    <param name="url">https://github.com/gitpython-developers/GitPython</param>
     <param name="scm">git</param>
     <param name="package-meta">yes</param>
     <param name="changesgenerate">enable</param>
     <param name="submodules">enable</param>
-    <param name="revision">f653af66e4c9461579ec44db50e113facf61e2d3</param>
+    <param name="revision">141cd651e459bff8919798b3ccf03dfa167757f6</param>
   </service>
   <service name="recompress" mode="disabled">
     <param name="compression">xz</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.aFCsQk/_old  2023-01-05 14:59:52.700773976 +0100
+++ /var/tmp/diff_new_pack.aFCsQk/_new  2023-01-05 14:59:52.704773972 +0100
@@ -1,6 +1,8 @@
 <servicedata>
 <service name="tar_scm">
                 <param 
name="url">git://github.com/gitpython-developers/GitPython</param>
-              <param 
name="changesrevision">f653af66e4c9461579ec44db50e113facf61e2d3</param></service></servicedata>
+              <param 
name="changesrevision">f653af66e4c9461579ec44db50e113facf61e2d3</param></service><service
 name="tar_scm">
+                <param 
name="url">https://github.com/gitpython-developers/GitPython</param>
+              <param 
name="changesrevision">141cd651e459bff8919798b3ccf03dfa167757f6</param></service></servicedata>
 (No newline at EOF)
 

++++++ test-skips.patch ++++++
--- /var/tmp/diff_new_pack.aFCsQk/_old  2023-01-05 14:59:52.716773963 +0100
+++ /var/tmp/diff_new_pack.aFCsQk/_new  2023-01-05 14:59:52.720773960 +0100
@@ -1,20 +1,21 @@
-Index: GitPython-3.1.7.1594621338.176838a3/test/test_base.py
+Index: GitPython-3.1.30.1672298042.141cd65/test/test_base.py
 ===================================================================
---- GitPython-3.1.7.1594621338.176838a3.orig/test/test_base.py
-+++ GitPython-3.1.7.1594621338.176838a3/test/test_base.py
-@@ -111,7 +111,7 @@ class TestBase(TestBase):
+--- GitPython-3.1.30.1672298042.141cd65.orig/test/test_base.py
++++ GitPython-3.1.30.1672298042.141cd65/test/test_base.py
+@@ -104,7 +104,8 @@ class TestBase(_TestBase):
          assert not rw_repo.config_reader("repository").getboolean("core", 
"bare")
-         assert osp.isdir(osp.join(rw_repo.working_tree_dir, 'lib'))
+         assert osp.isdir(osp.join(rw_repo.working_tree_dir, "lib"))
  
--    #@skipIf(HIDE_WINDOWS_FREEZE_ERRORS, "FIXME: Freezes!  sometimes...")
+-    @skipIf(HIDE_WINDOWS_FREEZE_ERRORS, "FIXME: Freezes!  sometimes...")
++    #@skipIf(HIDE_WINDOWS_FREEZE_ERRORS, "FIXME: Freezes!  sometimes...")
 +    @skipIf(os.environ.get('SKIP_LOCALHOST', 'false') == 'true', 'git-daemon 
connection error')
-     @with_rw_and_rw_remote_repo('0.1.6')
+     @with_rw_and_rw_remote_repo("0.1.6")
      def test_with_rw_remote_and_rw_repo(self, rw_repo, rw_remote_repo):
          assert not rw_repo.config_reader("repository").getboolean("core", 
"bare")
-Index: GitPython-3.1.7.1594621338.176838a3/test/test_remote.py
+Index: GitPython-3.1.30.1672298042.141cd65/test/test_remote.py
 ===================================================================
---- GitPython-3.1.7.1594621338.176838a3.orig/test/test_remote.py
-+++ GitPython-3.1.7.1594621338.176838a3/test/test_remote.py
+--- GitPython-3.1.30.1672298042.141cd65.orig/test/test_remote.py
++++ GitPython-3.1.30.1672298042.141cd65/test/test_remote.py
 @@ -4,6 +4,7 @@
  # This module is part of GitPython and is released under
  # the BSD License: http://www.opensource.org/licenses/bsd-license.php
@@ -22,61 +23,79 @@
 +import os
  import random
  import tempfile
- from unittest import skipIf
-@@ -408,7 +409,7 @@ class TestRemote(TestBase):
+ import pytest
+@@ -430,7 +431,8 @@ class TestRemote(TestBase):
          TagReference.delete(rw_repo, new_tag, other_tag)
-         remote.push(":%s" % other_tag.path)
+         remote.push(":%s" % other_tag.path, kill_after_timeout=10.0)
  
 -    @skipIf(HIDE_WINDOWS_FREEZE_ERRORS, "FIXME: Freezes!")
++    #@skipIf(HIDE_WINDOWS_FREEZE_ERRORS, "FIXME: Freezes!")
 +    @skipIf(os.environ.get('SKIP_LOCALHOST', 'false') == 'true', 'git-daemon 
connection error')
-     @with_rw_and_rw_remote_repo('0.1.6')
+     @with_rw_and_rw_remote_repo("0.1.6")
      def test_base(self, rw_repo, remote_repo):
          num_remotes = 0
-@@ -641,6 +642,7 @@ class TestRemote(TestBase):
+@@ -681,6 +683,7 @@ class TestRemote(TestBase):
          # will raise fatal: Will not delete all non-push URLs
          self.assertRaises(GitCommandError, remote.delete_url, test3)
  
 +    @skipIf(os.environ.get('SKIP_GITHUB', 'false') == 'true', 'GitHub 
connection error')
      def test_fetch_error(self):
-         rem = self.rorepo.remote('origin')
+         rem = self.rorepo.remote("origin")
          with self.assertRaisesRegex(GitCommandError, "[Cc]ouldn't find remote 
ref __BAD_REF__"):
-Index: GitPython-3.1.7.1594621338.176838a3/test/test_submodule.py
+Index: GitPython-3.1.30.1672298042.141cd65/test/test_submodule.py
 ===================================================================
---- GitPython-3.1.7.1594621338.176838a3.orig/test/test_submodule.py
-+++ GitPython-3.1.7.1594621338.176838a3/test/test_submodule.py
-@@ -420,12 +420,13 @@ class TestSubmodule(TestBase):
-     def test_base_bare(self, rwrepo):
-         self._do_base_tests(rwrepo)
- 
--    @skipIf(HIDE_WINDOWS_KNOWN_ERRORS and sys.version_info[:2] == (3, 5), """
+--- GitPython-3.1.30.1672298042.141cd65.orig/test/test_submodule.py
++++ GitPython-3.1.30.1672298042.141cd65/test/test_submodule.py
+@@ -453,14 +453,15 @@ class TestSubmodule(TestBase):
+         reason="Cygwin GitPython can't find submodule SHA",
+         raises=ValueError
+     )
+-    @skipIf(
+-        HIDE_WINDOWS_KNOWN_ERRORS,
+-        """
 -        File "C:\\projects\\gitpython\\git\\cmd.py", line 559, in execute
 -        raise GitCommandNotFound(command, err)
 -        git.exc.GitCommandNotFound: Cmd('git') not found due to: 
OSError('[WinError 6] The handle is invalid')
--        cmdline: git clone -n --shared -v C:\\projects\\gitpython\\.git 
Users\\appveyor\\AppData\\Local\\Temp\\1\\tmplyp6kr_rnon_bare_test_root_module""")
  # noqa E501
-+    #@skipIf(HIDE_WINDOWS_KNOWN_ERRORS and sys.version_info[:2] == (3, 5), """
+-        cmdline: git clone -n --shared -v C:\\projects\\gitpython\\.git 
Users\\appveyor\\AppData\\Local\\Temp\\1\\tmplyp6kr_rnon_bare_test_root_module""",
+-    )  # noqa E501
++    #@skipIf(
++    #    HIDE_WINDOWS_KNOWN_ERRORS,
++    #    """
 +    #    File "C:\\projects\\gitpython\\git\\cmd.py", line 559, in execute
 +    #    raise GitCommandNotFound(command, err)
 +    #    git.exc.GitCommandNotFound: Cmd('git') not found due to: 
OSError('[WinError 6] The handle is invalid')
-+    #    cmdline: git clone -n --shared -v C:\\projects\\gitpython\\.git 
Users\\appveyor\\AppData\\Local\\Temp\\1\\tmplyp6kr_rnon_bare_test_root_module""")
  # noqa E501
-     @with_rw_repo(k_subm_current, bare=False)
++    #    cmdline: git clone -n --shared -v C:\\projects\\gitpython\\.git 
Users\\appveyor\\AppData\\Local\\Temp\\1\\tmplyp6kr_rnon_bare_test_root_module""",
++    #)  # noqa E501
 +    @skipIf(os.environ.get('SKIP_LOCALHOST', 'false') == 'true', 'git-daemon 
connection error')
+     @with_rw_repo(k_subm_current, bare=False)
      def test_root_module(self, rwrepo):
          # Can query everything without problems
-         rm = RootModule(self.rorepo)
-@@ -750,6 +751,7 @@ class TestSubmodule(TestBase):
+@@ -802,6 +803,7 @@ class TestSubmodule(TestBase):
      #         "FIXME: helper.wrapper fails with: PermissionError: [WinError 
5] Access is denied: "
      #         
"'C:\\Users\\appveyor\\AppData\\Local\\Temp\\1\\test_work_tree_unsupportedryfa60di\\master_repo\\.git\\objects\\pack\\pack-bc9e0787aef9f69e1591ef38ea0a6f566ec66fe3.idx")
  # noqa E501
      @with_rw_directory
 +    @skipIf(os.environ.get('SKIP_LOCALHOST', 'false') == 'true', 'git-daemon 
connection error')
      def test_git_submodule_compatibility(self, rwdir):
-         parent = git.Repo.init(osp.join(rwdir, 'parent'))
-         sm_path = join_path_native('submodules', 'intermediate', 'one')
-@@ -825,6 +827,7 @@ class TestSubmodule(TestBase):
+         parent = git.Repo.init(osp.join(rwdir, "parent"))
+         sm_path = join_path_native("submodules", "intermediate", "one")
+@@ -887,6 +889,7 @@ class TestSubmodule(TestBase):
          # end for each dry-run mode
  
      @with_rw_directory
 +    @skipIf(os.environ.get('SKIP_LOCALHOST', 'false') == 'true', 'git-daemon 
connection error')
      def test_remove_norefs(self, rwdir):
-         parent = git.Repo.init(osp.join(rwdir, 'parent'))
-         sm_name = 'mymodules/myname'
+         parent = git.Repo.init(osp.join(rwdir, "parent"))
+         sm_name = "mymodules/myname"
+Index: GitPython-3.1.30.1672298042.141cd65/test/test_repo.py
+===================================================================
+--- GitPython-3.1.30.1672298042.141cd65.orig/test/test_repo.py
++++ GitPython-3.1.30.1672298042.141cd65/test/test_repo.py
+@@ -250,6 +250,7 @@ class TestRepo(TestBase):
+             except UnicodeEncodeError:
+                 self.fail("Raised UnicodeEncodeError")
+ 
++    @skipIf(os.environ.get('SKIP_GITHUB', 'false') == 'true', 'Gitlab 
connection error')
+     @with_rw_directory
+     def test_leaking_password_in_clone_logs(self, rw_dir):
+         password = "fakepassword1234"
 

Reply via email to