Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python39 for openSUSE:Factory checked in at 2023-05-21 19:07:58 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python39 (Old) and /work/SRC/openSUSE:Factory/.python39.new.1533 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python39" Sun May 21 19:07:58 2023 rev:44 rq:1087859 version:3.9.16 Changes: -------- --- /work/SRC/openSUSE:Factory/python39/python39.changes 2023-04-20 15:13:51.277786547 +0200 +++ /work/SRC/openSUSE:Factory/.python39.new.1533/python39.changes 2023-05-21 19:08:02.662207665 +0200 @@ -1,0 +2,19 @@ +Sat May 6 17:31:35 UTC 2023 - Matej Cepl <mc...@suse.com> + +- Add 99366-patch.dict-can-decorate-async.patch fixing + gh#python/cpython#98086 (backport from Python 3.10 patch in + gh#python/cpython!99366), fixing bsc#1211158. + +------------------------------------------------------------------- +Wed May 3 14:09:37 UTC 2023 - Matej Cepl <mc...@suse.com> + +- Add CVE-2007-4559-filter-tarfile_extractall.patch to fix + CVE-2007-4559 (bsc#1203750) by adding the filter for + tarfile.extractall (PEP 706). + +------------------------------------------------------------------- +Sun Apr 30 18:16:37 UTC 2023 - Matej Cepl <mc...@suse.com> + +- Why in the world we download from HTTP? + +------------------------------------------------------------------- New: ---- 99366-patch.dict-can-decorate-async.patch CVE-2007-4559-filter-tarfile_extractall.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python39.spec ++++++ --- /var/tmp/diff_new_pack.nsNGm4/_old 2023-05-21 19:08:03.486212369 +0200 +++ /var/tmp/diff_new_pack.nsNGm4/_new 2023-05-21 19:08:03.494212414 +0200 @@ -98,8 +98,8 @@ Summary: Python 3 Interpreter License: Python-2.0 URL: https://www.python.org/ -Source0: http://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz -Source1: http://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz.asc +Source0: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz +Source1: https://www.python.org/ftp/python/%{folderversion}/%{tarname}.tar.xz.asc Source2: baselibs.conf Source3: README.SUSE Source7: macros.python3 @@ -165,6 +165,12 @@ # blocklist bypass via the urllib.parse component when supplying # a URL that starts with blank characters Patch38: CVE-2023-24329-blank-URL-bypass.patch +# PATCH-FIX-UPSTREAM CVE-2007-4559-filter-tarfile_extractall.patch bsc#1203750 mc...@suse.com +# Implement PEP-706 to filter outcome of the tarball extracing +Patch39: CVE-2007-4559-filter-tarfile_extractall.patch +# PATCH-FIX-UPSTREAM 99366-patch.dict-can-decorate-async.patch bsc#[0-9]+ mc...@suse.com +# Patch for gh#python/cpython#98086 +Patch40: 99366-patch.dict-can-decorate-async.patch BuildRequires: autoconf-archive BuildRequires: automake BuildRequires: fdupes @@ -424,6 +430,8 @@ %patch35 -p1 %patch37 -p1 %patch38 -p1 +%patch39 -p1 +%patch40 -p1 # drop Autoconf version requirement sed -i 's/^AC_PREREQ/dnl AC_PREREQ/' configure.ac @@ -548,6 +556,11 @@ EXCLUDE="$EXCLUDE test_faulthandler test_multiprocessing_forkserver test_multiprocessing_spawn test_os test_posix test_signal test_socket test_subprocess" %endif +# gh#python/cpython#81350 +%if 0%{?suse_version} <= 1500 +EXCLUDE="$EXCLUDE test_capi" +%endif + # This test (part of test_uuid) requires real network interfaces # so that ifconfig output has "HWaddr <something>". Some kvm instances # done have any such interface breaking the uuid module. ++++++ 99366-patch.dict-can-decorate-async.patch ++++++ >From c0dea0309b9a0a7cbc87727c9957f0a388fb9b0f Mon Sep 17 00:00:00 2001 From: Nikita Sobolev <m...@sobolevn.me> Date: Fri, 11 Nov 2022 11:04:30 +0300 Subject: [PATCH] gh-98086: Now ``patch.dict`` can decorate async functions (GH-98095) (cherry picked from commit 67b4d2772c5124b908f8ed9b13166a79bbeb88d2) Co-authored-by: Nikita Sobolev <m...@sobolevn.me> --- Lib/unittest/mock.py | 18 ++++++++++ Lib/unittest/test/testmock/testasync.py | 17 +++++++++ Misc/NEWS.d/next/Library/2022-10-08-19-39-27.gh-issue-98086.y---WC.rst | 1 3 files changed, 36 insertions(+) create mode 100644 Misc/NEWS.d/next/Library/2022-10-08-19-39-27.gh-issue-98086.y---WC.rst --- a/Lib/unittest/mock.py +++ b/Lib/unittest/mock.py @@ -1761,6 +1761,12 @@ class _patch_dict(object): def __call__(self, f): if isinstance(f, type): return self.decorate_class(f) + if inspect.iscoroutinefunction(f): + return self.decorate_async_callable(f) + return self.decorate_callable(f) + + + def decorate_callable(self, f): @wraps(f) def _inner(*args, **kw): self._patch_dict() @@ -1769,6 +1775,18 @@ class _patch_dict(object): finally: self._unpatch_dict() + return _inner + + + def decorate_async_callable(self, f): + @wraps(f) + async def _inner(*args, **kw): + self._patch_dict() + try: + return await f(*args, **kw) + finally: + self._unpatch_dict() + return _inner --- a/Lib/unittest/test/testmock/testasync.py +++ b/Lib/unittest/test/testmock/testasync.py @@ -146,6 +146,23 @@ class AsyncPatchCMTest(unittest.TestCase run(test_async()) + def test_patch_dict_async_def(self): + foo = {'a': 'a'} + @patch.dict(foo, {'a': 'b'}) + async def test_async(): + self.assertEqual(foo['a'], 'b') + + self.assertTrue(iscoroutinefunction(test_async)) + run(test_async()) + + def test_patch_dict_async_def_context(self): + foo = {'a': 'a'} + async def test_async(): + with patch.dict(foo, {'a': 'b'}): + self.assertEqual(foo['a'], 'b') + + run(test_async()) + class AsyncMockTest(unittest.TestCase): def test_iscoroutinefunction_default(self): --- /dev/null +++ b/Misc/NEWS.d/next/Library/2022-10-08-19-39-27.gh-issue-98086.y---WC.rst @@ -0,0 +1 @@ +Make sure ``patch.dict()`` can be applied on async functions. ++++++ CVE-2007-4559-filter-tarfile_extractall.patch ++++++ ++++ 2566 lines (skipped)
