[Launchpad-reviewers] [Merge] ~pelpsi/lpcraft:snaps-key-improved-to-specify-channel-and-classic-parameters into lpcraft:main
Simone Pelosi has proposed merging ~pelpsi/lpcraft:snaps-key-improved-to-specify-channel-and-classic-parameters into lpcraft:main. Commit message: Added support for channel and classic parameters Snap keys now support channel and classic parameters. Snap key new syntax :: LP: #1995101 Requested reviews: Launchpad code reviewers (launchpad-reviewers) Related bugs: Bug #1995101 in lpcraft: "snaps key doesn't allow to specify which channel to use for a snap" https://bugs.launchpad.net/lpcraft/+bug/1995101 For more details, see: https://code.launchpad.net/~pelpsi/lpcraft/+git/lpcraft/+merge/440175 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lpcraft:snaps-key-improved-to-specify-channel-and-classic-parameters into lpcraft:main. diff --git a/docs/configuration.rst b/docs/configuration.rst index d25c96d..549d6d6 100644 --- a/docs/configuration.rst +++ b/docs/configuration.rst @@ -63,6 +63,13 @@ Job definitions ``snaps`` (optional) Snaps to install as dependencies of this job. +Snap syntax :: +Example: +.. code:: yaml +snaps: +- black:22/stable:classic +- vim +- firefox::classic ``environment`` (optional) A mapping of environment variable names to values, to be set while diff --git a/lpcraft/commands/run.py b/lpcraft/commands/run.py index c0e00d9..26a2071 100644 --- a/lpcraft/commands/run.py +++ b/lpcraft/commands/run.py @@ -543,12 +543,27 @@ def _run_job( ) as instance: snaps = list(itertools.chain(*pm.hook.lpcraft_install_snaps())) for snap in snaps: -emit.progress(f"Running `snap install {snap}`") +snap_unpacked = snap.split(":") +snap = snap_unpacked[0] +channel = ( +snap_unpacked[1] +if len(snap_unpacked) > 1 and snap_unpacked[1].strip() != "" +else "latest/stable" +) +classic = ( +snap_unpacked[2] == "classic" +if len(snap_unpacked) > 2 +else False +) +classic_string = "classic" if classic else "" +emit.progress( +f"Running `snap install {snap} {channel} {classic_string}`" +) install_from_store( executor=instance, snap_name=snap, -channel="latest/stable", -classic=True, +channel=channel, +classic=classic, ) packages = list(itertools.chain(*pm.hook.lpcraft_install_packages())) if packages: diff --git a/lpcraft/commands/tests/test_run.py b/lpcraft/commands/tests/test_run.py index 4466295..f6ab514 100644 --- a/lpcraft/commands/tests/test_run.py +++ b/lpcraft/commands/tests/test_run.py @@ -1985,7 +1985,7 @@ class TestRun(RunBaseTestCase): series: focal architectures: amd64 run: tox -snaps: [chromium, firefox] +snaps: [chromium::classic, firefox::classic] """ ) Path(".launchpad.yaml").write_text(config) ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master
Simone Pelosi has proposed merging ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/turnip/+git/turnip/+merge/440169 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. diff --git a/requirements.txt b/requirements.txt index 8d5734d..c9bc202 100644 --- a/requirements.txt +++ b/requirements.txt @@ -22,7 +22,7 @@ future==0.18.2 gevent==20.6.2 gmpy==1.17 greenlet==0.4.16 -gunicorn==19.3.0 +gunicorn==20.1.0 hyperlink==19.0.0 idna==2.9 importlib_metadata==1.7.0 ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/rutabaga/+git/dependencies:master
Simone Pelosi has proposed merging ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/rutabaga/+git/dependencies:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/rutabaga/+git/dependencies/+merge/440166 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/rutabaga/+git/dependencies:master. diff --git a/gunicorn-20.1.0.tar.gz b/gunicorn-20.1.0.tar.gz new file mode 100644 index 000..b5da493 Binary files /dev/null and b/gunicorn-20.1.0.tar.gz differ ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master
The proposal to merge ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master has been updated. Status: Needs review => Superseded For more details, see: https://code.launchpad.net/~pelpsi/rutabaga/+git/dependencies/+merge/440150 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master
Simone Pelosi has proposed merging ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/lp-signing/+git/dependencies/+merge/440165 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~launchpad/lp-signing/+git/dependencies:master. diff --git a/gunicorn-20.1.0.tar.gz b/gunicorn-20.1.0.tar.gz new file mode 100644 index 000..b5da493 Binary files /dev/null and b/gunicorn-20.1.0.tar.gz differ ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master
The proposal to merge ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master has been updated. Status: Needs review => Superseded For more details, see: https://code.launchpad.net/~pelpsi/lp-signing/+git/dependencies/+merge/440156 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/turnip/+git/dependencies:master
Simone Pelosi has proposed merging ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/turnip/+git/dependencies:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/turnip/+git/dependencies/+merge/440163 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into ~canonical-launchpad-branches/turnip/+git/dependencies:master. diff --git a/gunicorn-19.3.0.tar.gz b/gunicorn-19.3.0.tar.gz deleted file mode 100644 index 1d38258..000 Binary files a/gunicorn-19.3.0.tar.gz and /dev/null differ diff --git a/gunicorn-20.1.0.tar.gz b/gunicorn-20.1.0.tar.gz new file mode 100644 index 000..b5da493 Binary files /dev/null and b/gunicorn-20.1.0.tar.gz differ ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master
The proposal to merge ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master has been updated. Status: Needs review => Superseded For more details, see: https://code.launchpad.net/~pelpsi/turnip/+git/turnip/+merge/440158 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master
Simone Pelosi has proposed merging ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) Related bugs: Bug #907675 in turnip: "Add support for Ed25519 SSH keys" https://bugs.launchpad.net/turnip/+bug/907675 Bug #1933722 in turnip: "Launchpad doesn't support secure SSH parameters" https://bugs.launchpad.net/turnip/+bug/1933722 For more details, see: https://code.launchpad.net/~pelpsi/turnip/+git/dependencies/+merge/440160 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/turnip/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. diff --git a/Automat-0.6.0.tar.gz b/Automat-0.6.0.tar.gz new file mode 100644 index 000..6bdeb92 Binary files /dev/null and b/Automat-0.6.0.tar.gz differ diff --git a/Automat-20.2.0.tar.gz b/Automat-20.2.0.tar.gz new file mode 100644 index 000..4b39472 Binary files /dev/null and b/Automat-20.2.0.tar.gz differ diff --git a/Jinja2-2.10.tar.gz b/Jinja2-2.10.tar.gz new file mode 100644 index 000..c311087 Binary files /dev/null and b/Jinja2-2.10.tar.gz differ diff --git a/Mako-1.0.1.tar.gz b/Mako-1.0.1.tar.gz new file mode 100644 index 000..0052984 Binary files /dev/null and b/Mako-1.0.1.tar.gz differ diff --git a/MarkupSafe-0.23.tar.gz b/MarkupSafe-0.23.tar.gz new file mode 100644 index 000..6b19006 Binary files /dev/null and b/MarkupSafe-0.23.tar.gz differ diff --git a/Paste-2.0.2.tar.gz b/Paste-2.0.2.tar.gz new file mode 100644 index 000..1ebbce7 Binary files /dev/null and b/Paste-2.0.2.tar.gz differ diff --git a/Paste-3.5.0.tar.gz b/Paste-3.5.0.tar.gz new file mode 100644 index 000..153724e Binary files /dev/null and b/Paste-3.5.0.tar.gz differ diff --git a/PasteDeploy-1.5.2.tar.gz b/PasteDeploy-1.5.2.tar.gz new file mode 100644 index 000..fd4f9e1 Binary files /dev/null and b/PasteDeploy-1.5.2.tar.gz differ diff --git a/PasteDeploy-2.1.0.tar.gz b/PasteDeploy-2.1.0.tar.gz new file mode 100644 index 000..fa4588a Binary files /dev/null and b/PasteDeploy-2.1.0.tar.gz differ diff --git a/PyHamcrest-1.10.1.tar.gz b/PyHamcrest-1.10.1.tar.gz new file mode 100644 index 000..2732ba2 Binary files /dev/null and b/PyHamcrest-1.10.1.tar.gz differ diff --git a/PyNaCl-1.3.0.tar.gz b/PyNaCl-1.3.0.tar.gz new file mode 100644 index 000..c50c491 Binary files /dev/null and b/PyNaCl-1.3.0.tar.gz differ diff --git a/PyYAML-3.11.zip b/PyYAML-3.11.zip new file mode 100644 index 000..c361e86 Binary files /dev/null and b/PyYAML-3.11.zip differ diff --git a/PyYAML-5.3.tar.gz b/PyYAML-5.3.tar.gz new file mode 100644 index 000..1ac6859 Binary files /dev/null and b/PyYAML-5.3.tar.gz differ diff --git a/SQLAlchemy-0.9.9.tar.gz b/SQLAlchemy-0.9.9.tar.gz new file mode 100644 index 000..3323458 Binary files /dev/null and b/SQLAlchemy-0.9.9.tar.gz differ diff --git a/Tempita-0.5.2.tar.gz b/Tempita-0.5.2.tar.gz new file mode 100644 index 000..755befc Binary files /dev/null and b/Tempita-0.5.2.tar.gz differ diff --git a/Twisted-15.0.0.tar.bz2 b/Twisted-15.0.0.tar.bz2 new file mode 100644 index 000..56247f0 Binary files /dev/null and b/Twisted-15.0.0.tar.bz2 differ diff --git a/Twisted-15.4.0.tar.bz2 b/Twisted-15.4.0.tar.bz2 new file mode 100644 index 000..91a28de Binary files /dev/null and b/Twisted-15.4.0.tar.bz2 differ diff --git a/Twisted-15.5.0.tar.bz2 b/Twisted-15.5.0.tar.bz2 new file mode 100644 index 000..bfc6f92 Binary files /dev/null and b/Twisted-15.5.0.tar.bz2 differ diff --git a/Twisted-16.5.0.tar.bz2 b/Twisted-16.5.0.tar.bz2 new file mode 100644 index 000..52cf7a0 Binary files /dev/null and b/Twisted-16.5.0.tar.bz2 differ diff --git a/Twisted-17.9.0.tar.bz2 b/Twisted-17.9.0.tar.bz2 new file mode 100644 index 000..9a8cfc9 Binary files /dev/null and b/Twisted-17.9.0.tar.bz2 differ diff --git a/Twisted-18.4.0.tar.bz2 b/Twisted-18.4.0.tar.bz2 new file mode 100644 index 000..d0319eb Binary files /dev/null and b/Twisted-18.4.0.tar.bz2 differ diff --git a/Twisted-18.9.0.tar.bz2 b/Twisted-18.9.0.tar.bz2 new file mode 100644 index 000..e76adf1 Binary files /dev/null and b/Twisted-18.9.0.tar.bz2 differ diff --git a/Twisted-20.3.0+lp1.tar.bz2 b/Twisted-20.3.0+lp1.tar.bz2 new file mode 100644 index 000..ade154c Binary files /dev/null and b/Twisted-20.3.0+lp1.tar.bz2 differ diff --git a/Twisted-20.3.0+lp2.tar.bz2 b/Twisted-20.3.0+lp2.tar.bz2 new file mode 100644 index 000..21d1548 Binary files /dev/null and b/Twisted-20.3.0+lp2.tar.bz2 differ diff --git a/Twisted-20.3.0+lp3.tar.bz2 b/Twisted-20.3.0+lp3.tar.bz2 new file mode 100644 index 000..ddb610c Binary files /dev/null and b/Twisted-20.3.0+lp3.tar.bz2 differ diff --git
[Launchpad-reviewers] [Merge] ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master
Simone Pelosi has proposed merging ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/turnip/+git/turnip/+merge/440158 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/turnip:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into turnip:master. diff --git a/requirements.txt b/requirements.txt index 8d5734d..c9bc202 100644 --- a/requirements.txt +++ b/requirements.txt @@ -22,7 +22,7 @@ future==0.18.2 gevent==20.6.2 gmpy==1.17 greenlet==0.4.16 -gunicorn==19.3.0 +gunicorn==20.1.0 hyperlink==19.0.0 idna==2.9 importlib_metadata==1.7.0 ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master
Simone Pelosi has proposed merging ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/lp-signing/+git/dependencies/+merge/440156 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master. diff --git a/Click-7.0-py2.py3-none-any.whl b/Click-7.0-py2.py3-none-any.whl new file mode 100644 index 000..284d6aa Binary files /dev/null and b/Click-7.0-py2.py3-none-any.whl differ diff --git a/Flask-1.0.2-py2.py3-none-any.whl b/Flask-1.0.2-py2.py3-none-any.whl new file mode 100644 index 000..bd2786c Binary files /dev/null and b/Flask-1.0.2-py2.py3-none-any.whl differ diff --git a/Flask_Storm-0.2.0-py2.py3-none-any.whl b/Flask_Storm-0.2.0-py2.py3-none-any.whl new file mode 100644 index 000..0843cbb Binary files /dev/null and b/Flask_Storm-0.2.0-py2.py3-none-any.whl differ diff --git a/Flask_Storm-1.0.0-py2.py3-none-any.whl b/Flask_Storm-1.0.0-py2.py3-none-any.whl new file mode 100644 index 000..4d11f93 Binary files /dev/null and b/Flask_Storm-1.0.0-py2.py3-none-any.whl differ diff --git a/Jinja2-2.10-py2.py3-none-any.whl b/Jinja2-2.10-py2.py3-none-any.whl new file mode 100644 index 000..7bc4e35 Binary files /dev/null and b/Jinja2-2.10-py2.py3-none-any.whl differ diff --git a/MarkupSafe-1.1.0-cp36-cp36m-manylinux1_x86_64.whl b/MarkupSafe-1.1.0-cp36-cp36m-manylinux1_x86_64.whl new file mode 100644 index 000..c8d604e Binary files /dev/null and b/MarkupSafe-1.1.0-cp36-cp36m-manylinux1_x86_64.whl differ diff --git a/PyNaCl-1.3.0-cp34-abi3-manylinux1_x86_64.whl b/PyNaCl-1.3.0-cp34-abi3-manylinux1_x86_64.whl new file mode 100644 index 000..13b196e Binary files /dev/null and b/PyNaCl-1.3.0-cp34-abi3-manylinux1_x86_64.whl differ diff --git a/PyYAML-3.13-cp36-cp36m-linux_x86_64.whl b/PyYAML-3.13-cp36-cp36m-linux_x86_64.whl new file mode 100644 index 000..16f2f0a Binary files /dev/null and b/PyYAML-3.13-cp36-cp36m-linux_x86_64.whl differ diff --git a/Werkzeug-0.14.1-py2.py3-none-any.whl b/Werkzeug-0.14.1-py2.py3-none-any.whl new file mode 100644 index 000..865d524 Binary files /dev/null and b/Werkzeug-0.14.1-py2.py3-none-any.whl differ diff --git a/acceptable-0.21-py2.py3-none-any.whl b/acceptable-0.21-py2.py3-none-any.whl new file mode 100644 index 000..91639a7 Binary files /dev/null and b/acceptable-0.21-py2.py3-none-any.whl differ diff --git a/argparse-1.4.0-py2.py3-none-any.whl b/argparse-1.4.0-py2.py3-none-any.whl new file mode 100644 index 000..dfef51d Binary files /dev/null and b/argparse-1.4.0-py2.py3-none-any.whl differ diff --git a/blinker-1.4-cp36-none-any.whl b/blinker-1.4-cp36-none-any.whl new file mode 100644 index 000..f48a094 Binary files /dev/null and b/blinker-1.4-cp36-none-any.whl differ diff --git a/certifi-2019.11.28-py2.py3-none-any.whl b/certifi-2019.11.28-py2.py3-none-any.whl new file mode 100644 index 000..1ab6713 Binary files /dev/null and b/certifi-2019.11.28-py2.py3-none-any.whl differ diff --git a/cffi-1.13.2-cp36-cp36m-manylinux1_x86_64.whl b/cffi-1.13.2-cp36-cp36m-manylinux1_x86_64.whl new file mode 100644 index 000..b48e6cd Binary files /dev/null and b/cffi-1.13.2-cp36-cp36m-manylinux1_x86_64.whl differ diff --git a/chardet-3.0.4-py2.py3-none-any.whl b/chardet-3.0.4-py2.py3-none-any.whl new file mode 100644 index 000..d276977 Binary files /dev/null and b/chardet-3.0.4-py2.py3-none-any.whl differ diff --git a/coverage-4.5.4-cp36-cp36m-manylinux1_x86_64.whl b/coverage-4.5.4-cp36-cp36m-manylinux1_x86_64.whl new file mode 100644 index 000..d6da01c Binary files /dev/null and b/coverage-4.5.4-cp36-cp36m-manylinux1_x86_64.whl differ diff --git a/cryptography-2.8-cp34-abi3-manylinux2010_x86_64.whl b/cryptography-2.8-cp34-abi3-manylinux2010_x86_64.whl new file mode 100644 index 000..886a3f0 Binary files /dev/null and b/cryptography-2.8-cp34-abi3-manylinux2010_x86_64.whl differ diff --git a/entrypoints-0.3-py2.py3-none-any.whl b/entrypoints-0.3-py2.py3-none-any.whl new file mode 100644 index 000..fbd579d Binary files /dev/null and b/entrypoints-0.3-py2.py3-none-any.whl differ diff --git a/extras-1.0.0-py2.py3-none-any.whl b/extras-1.0.0-py2.py3-none-any.whl new file mode 100644 index 000..8f31ed7 Binary files /dev/null and b/extras-1.0.0-py2.py3-none-any.whl differ diff --git a/fakesleep-0.1-cp36-none-any.whl b/fakesleep-0.1-cp36-none-any.whl new file mode 100644 index 000..236e4c2 Binary files /dev/null and b/fakesleep-0.1-cp36-none-any.whl differ diff --git a/fixtures-3.0.0-py2.py3-none-any.whl
[Launchpad-reviewers] [Merge] ~pelpsi/lp-signing:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master
Simone Pelosi has proposed merging ~pelpsi/lp-signing:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/lp-signing/+git/lp-signing/+merge/440154 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/lp-signing:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into lp-signing:master. diff --git a/requirements.txt b/requirements.txt index 7b2a353..9a9fbbf 100644 --- a/requirements.txt +++ b/requirements.txt @@ -6,7 +6,7 @@ Click==7.0 Flask==1.0.2 Flask-Storm==1.0.0 future==0.16.0 -gunicorn==19.9.0 +gunicorn==20.1.0 idna==2.8 iso8601==0.1.12 itsdangerous==1.1.0 ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master
Simone Pelosi has proposed merging ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/rutabaga/+git/dependencies/+merge/440150 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/rutabaga/+git/dependencies:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master. diff --git a/Jinja2-2.10.1.tar.gz b/Jinja2-2.10.1.tar.gz new file mode 100644 index 000..ffd1054 Binary files /dev/null and b/Jinja2-2.10.1.tar.gz differ diff --git a/MarkupSafe-1.1.1.tar.gz b/MarkupSafe-1.1.1.tar.gz new file mode 100644 index 000..a6dad8e Binary files /dev/null and b/MarkupSafe-1.1.1.tar.gz differ diff --git a/Paste-2.0.2.tar.gz b/Paste-2.0.2.tar.gz new file mode 100644 index 000..1ebbce7 Binary files /dev/null and b/Paste-2.0.2.tar.gz differ diff --git a/PasteDeploy-1.5.2.tar.gz b/PasteDeploy-1.5.2.tar.gz new file mode 100644 index 000..fd4f9e1 Binary files /dev/null and b/PasteDeploy-1.5.2.tar.gz differ diff --git a/PyYAML-3.11.tar.gz b/PyYAML-3.11.tar.gz new file mode 100644 index 000..2a5d431 Binary files /dev/null and b/PyYAML-3.11.tar.gz differ diff --git a/PyYAML-5.2.tar.gz b/PyYAML-5.2.tar.gz new file mode 100644 index 000..666d12a Binary files /dev/null and b/PyYAML-5.2.tar.gz differ diff --git a/Tempita-0.5.2.tar.gz b/Tempita-0.5.2.tar.gz new file mode 100644 index 000..755befc Binary files /dev/null and b/Tempita-0.5.2.tar.gz differ diff --git a/WebOb-1.5.1.tar.gz b/WebOb-1.5.1.tar.gz new file mode 100644 index 000..689a47c Binary files /dev/null and b/WebOb-1.5.1.tar.gz differ diff --git a/WebTest-2.0.18.zip b/WebTest-2.0.18.zip new file mode 100644 index 000..a4a22de Binary files /dev/null and b/WebTest-2.0.18.zip differ diff --git a/argparse-1.4.0.tar.gz b/argparse-1.4.0.tar.gz new file mode 100644 index 000..937eea6 Binary files /dev/null and b/argparse-1.4.0.tar.gz differ diff --git a/beautifulsoup4-4.4.1.tar.gz b/beautifulsoup4-4.4.1.tar.gz new file mode 100644 index 000..5080765 Binary files /dev/null and b/beautifulsoup4-4.4.1.tar.gz differ diff --git a/charmhelpers-0.20.22.tar.gz b/charmhelpers-0.20.22.tar.gz new file mode 100644 index 000..bd5d222 Binary files /dev/null and b/charmhelpers-0.20.22.tar.gz differ diff --git a/charms.reactive-1.4.1.tar.gz b/charms.reactive-1.4.1.tar.gz new file mode 100644 index 000..03bc1fe Binary files /dev/null and b/charms.reactive-1.4.1.tar.gz differ diff --git a/colander-1.0.tar.gz b/colander-1.0.tar.gz new file mode 100644 index 000..e60c8b4 Binary files /dev/null and b/colander-1.0.tar.gz differ diff --git a/cornice-1.0.0.tar.gz b/cornice-1.0.0.tar.gz new file mode 100644 index 000..624e4eb Binary files /dev/null and b/cornice-1.0.0.tar.gz differ diff --git a/envdir-0.7.tar.gz b/envdir-0.7.tar.gz new file mode 100644 index 000..e5cff3d Binary files /dev/null and b/envdir-0.7.tar.gz differ diff --git a/envdir-1.0.1.tar.gz b/envdir-1.0.1.tar.gz new file mode 100644 index 000..7b290d1 Binary files /dev/null and b/envdir-1.0.1.tar.gz differ diff --git a/extras-0.0.3.tar.gz b/extras-0.0.3.tar.gz new file mode 100644 index 000..46133fd Binary files /dev/null and b/extras-0.0.3.tar.gz differ diff --git a/fixtures-1.3.1.tar.gz b/fixtures-1.3.1.tar.gz new file mode 100644 index 000..1d55ac2 Binary files /dev/null and b/fixtures-1.3.1.tar.gz differ diff --git a/flake8-2.5.0.tar.gz b/flake8-2.5.0.tar.gz new file mode 100644 index 000..890e6b8 Binary files /dev/null and b/flake8-2.5.0.tar.gz differ diff --git a/gunicorn-19.3.0.tar.gz b/gunicorn-19.3.0.tar.gz new file mode 100644 index 000..1d38258 Binary files /dev/null and b/gunicorn-19.3.0.tar.gz differ diff --git a/gunicorn-20.1.0.tar.gz b/gunicorn-20.1.0.tar.gz new file mode 100644 index 000..b5da493 Binary files /dev/null and b/gunicorn-20.1.0.tar.gz differ diff --git a/iso8601-0.1.10.tar.gz b/iso8601-0.1.10.tar.gz new file mode 100644 index 000..741df00 Binary files /dev/null and b/iso8601-0.1.10.tar.gz differ diff --git a/linecache2-1.0.0.tar.gz b/linecache2-1.0.0.tar.gz new file mode 100644 index 000..4604f93 Binary files /dev/null and b/linecache2-1.0.0.tar.gz differ diff --git a/mccabe-0.3.1.tar.gz b/mccabe-0.3.1.tar.gz new file mode 100644 index 000..c613d37 Binary files /dev/null and b/mccabe-0.3.1.tar.gz differ diff --git a/netaddr-0.7.19.tar.gz b/netaddr-0.7.19.tar.gz new file mode 100644 index 000..cc31d9d Binary files /dev/null and b/netaddr-0.7.19.tar.gz differ diff --git a/pbr-1.8.1.tar.gz b/pbr-1.8.1.tar.gz new file mode 100644 index 000..245c14e Binary files /dev/null and
[Launchpad-reviewers] [Merge] ~pelpsi/rutabaga:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master
Simone Pelosi has proposed merging ~pelpsi/rutabaga:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master. Commit message: Upgraded gunicorn to fix HTTP request smuggling vulnerability A penetration test found that our gunicorn version is vulnerable, version 20.1.0 should be safe. Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~pelpsi/rutabaga/+git/rutabaga/+merge/440149 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~pelpsi/rutabaga:gunicorn-upgrade-HTTP-request-smuggling-vulnerability into rutabaga:master. diff --git a/README.rst b/README.rst index a5118a3..e62049a 100644 --- a/README.rst +++ b/README.rst @@ -7,15 +7,21 @@ Development --- Install:: - + python3 -m venv env + source env/bin/activate + pip install virtualenv + sudo apt install sqlite3 pip install -r bootstrap-requirements.txt -r requirements.txt python3 ./setup.py develop Run:: make migrate - make run + make run-api + +Run tests:: + make check Squid3 -- diff --git a/requirements.txt b/requirements.txt index ab02182..e5fc8ac 100644 --- a/requirements.txt +++ b/requirements.txt @@ -10,7 +10,7 @@ envdir==1.0.1 extras==0.0.3 fixtures==1.3.1 flake8==2.5.0 -gunicorn==19.3.0 +gunicorn==20.1.0 iso8601==0.1.10 linecache2==1.0.0 mccabe==0.3.1 ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~ines-almeida/launchpad:refactor-itermitently-failing-timing-test into launchpad:master
Ines Almeida has proposed merging ~ines-almeida/launchpad:refactor-itermitently-failing-timing-test into launchpad:master. Commit message: Update test so that it doesn't fail itermitently Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~ines-almeida/launchpad/+git/launchpad/+merge/440115 As it is, test fails 0.01% of the times because of a timing issue. This should fix it by setting self.now to the current transaction timestamp instead of the current time (which is more relevant). Because test only fails 0.01% of the time, it's hard to test this change, but running this test 20 times locally all passed. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~ines-almeida/launchpad:refactor-itermitently-failing-timing-test into launchpad:master. diff --git a/lib/lp/bugs/tests/test_bugtracker.py b/lib/lp/bugs/tests/test_bugtracker.py index 5c9cdca..3d60dd7 100644 --- a/lib/lp/bugs/tests/test_bugtracker.py +++ b/lib/lp/bugs/tests/test_bugtracker.py @@ -9,6 +9,7 @@ from urllib.parse import urlencode import responses import transaction from lazr.lifecycle.snapshot import Snapshot +from storm.store import Store from testtools.matchers import Equals, MatchesListwise, MatchesStructure from zope.component import getUtility from zope.security.interfaces import Unauthorized @@ -23,6 +24,7 @@ from lp.bugs.model.bugtracker import ( make_bugtracker_title, ) from lp.registry.interfaces.person import IPersonSet +from lp.services.database.sqlbase import get_transaction_timestamp from lp.testing import ( TestCase, TestCaseWithFactory, @@ -91,7 +93,8 @@ class BugTrackerTestCase(TestCaseWithFactory): for i in range(5): self.factory.makeBugWatch(bugtracker=self.bug_tracker) -self.now = datetime.now(timezone.utc) +store = Store.of(self.bug_tracker) +self.now = get_transaction_timestamp(store) def test_multi_product_constraints_observed(self): """BugTrackers for which multi_product=True should return None ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
Re: [Launchpad-reviewers] [Merge] ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master
Rejecting because I branched off the wrong branch -- https://code.launchpad.net/~ines-almeida/launchpad/+git/launchpad/+merge/440112 Your team Launchpad code reviewers is requested to review the proposed merge of ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master
The proposal to merge ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master has been updated. Status: Needs review => Rejected For more details, see: https://code.launchpad.net/~ines-almeida/launchpad/+git/launchpad/+merge/440112 -- Your team Launchpad code reviewers is requested to review the proposed merge of ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master. ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp
[Launchpad-reviewers] [Merge] ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master
Ines Almeida has proposed merging ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master. Commit message: Update test so that it doesn't fail intermittently Requested reviews: Launchpad code reviewers (launchpad-reviewers) For more details, see: https://code.launchpad.net/~ines-almeida/launchpad/+git/launchpad/+merge/440112 Test fails intermittently when a random() happens to be close to 0. Instead of fetching self.now as the current time, we are setting it to the current transaction timestamp instead, so it's more robust. As it was, the test passed 99.9% of time, so it's hard to ensure that it won't fail again. Ran it 20 times and they all passed. -- Your team Launchpad code reviewers is requested to review the proposed merge of ~ines-almeida/launchpad:refactor-itermitently-failing-test into launchpad:master. diff --git a/lib/canonical/launchpad/icing/css/typography.scss b/lib/canonical/launchpad/icing/css/typography.scss index 1e58f29..27bb84d 100644 --- a/lib/canonical/launchpad/icing/css/typography.scss +++ b/lib/canonical/launchpad/icing/css/typography.scss @@ -1,6 +1,6 @@ // This file the result of auto-converting typography.css to scss. -$page-width: 45em; +$page-width: 60em; $wider-page: $page-width + 15em; $reduced-spacing: 0.8em; $link-colour: #03a; @@ -45,7 +45,7 @@ h1, h2, h3, h4, h5, h6 { margin-top: $reduced-spacing; } - p, li, dt, dd, blockquote, .narrow, .narrow-listing { + li, dt, dd, blockquote, .narrow, .narrow-listing { /* Wrap the text before the eye gets lost. */ max-width: $page-width; } diff --git a/lib/lp/bugs/tests/test_bugtracker.py b/lib/lp/bugs/tests/test_bugtracker.py index 5c9cdca..3d60dd7 100644 --- a/lib/lp/bugs/tests/test_bugtracker.py +++ b/lib/lp/bugs/tests/test_bugtracker.py @@ -9,6 +9,7 @@ from urllib.parse import urlencode import responses import transaction from lazr.lifecycle.snapshot import Snapshot +from storm.store import Store from testtools.matchers import Equals, MatchesListwise, MatchesStructure from zope.component import getUtility from zope.security.interfaces import Unauthorized @@ -23,6 +24,7 @@ from lp.bugs.model.bugtracker import ( make_bugtracker_title, ) from lp.registry.interfaces.person import IPersonSet +from lp.services.database.sqlbase import get_transaction_timestamp from lp.testing import ( TestCase, TestCaseWithFactory, @@ -91,7 +93,8 @@ class BugTrackerTestCase(TestCaseWithFactory): for i in range(5): self.factory.makeBugWatch(bugtracker=self.bug_tracker) -self.now = datetime.now(timezone.utc) +store = Store.of(self.bug_tracker) +self.now = get_transaction_timestamp(store) def test_multi_product_constraints_observed(self): """BugTrackers for which multi_product=True should return None ___ Mailing list: https://launchpad.net/~launchpad-reviewers Post to : launchpad-reviewers@lists.launchpad.net Unsubscribe : https://launchpad.net/~launchpad-reviewers More help : https://help.launchpad.net/ListHelp