Commit 3da874371 ("libsodium: include ed25519_core in minimal build")
broke the build of PyNaCl. Add patch to always include all ed25519
functions which are now always covered even if libsodium is built with
the MINIMAL option.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
1. updated to 5.9.0
2. psutil can not be built on macos due to build script detects Darwin
using sys.platform and changes build logic to build for Darwin, but
OpenWrt is Linux.
This commit add patch to allow redefining sys.platform and uses
env var TARGET_SYS_PLATFORM to specify linux as sys platfrom.
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
2.11.0:
- [Feature] Add SSH config token expansion (eg %h, %p) when parsing
ProxyJump directives. Patch courtesy of Bruno Inec.
- [Support] (via #2011) Apply unittest skipIf to tests currently
using SHA1 in their critical path, to avoid failures on systems
starting to disable SHA1 outright in their crypto backends (eg RHEL
9). Report & patch via Paul Howarth.
- [Support] Update camelCase method calls against the threading
module to be snake_case; this and related tweaks should fix some
deprecation warnings under Python 3.10. Thanks to Karthikeyan
Singaravelan for the report, @Narendra-Neerukonda for the patch,
and to Thomas Grainger and Jun Omae for patch workshopping.
- [Support] Recent versions of Cryptography have deprecated Blowfish
algorithm support; in lieu of an easy method for users to remove it
from the list of algorithms Paramiko tries to import and use, we’ve
decided to remove it from our “preferred algorithms” list. This will
both discourage use of a weak algorithm, and avoid warnings. Credit
for report/patch goes to Mike Roest.
2.10.5:
- [Bug] Windows-native SSH agent support as merged in 2.10 could
encounter Errno 22 OSError exceptions in some scenarios (eg server
not cleanly closing a relevant named pipe). This has been worked
around and should be less problematic. Reported by Danilo Campana
Fuchs and patched by Jun Omae.
- [Bug] OpenSSH 7.7 and older has a bug preventing it from
understanding how to perform SHA2 signature verification for RSA
certificates (specifically certs - not keys), so when we added SHA2
support it broke all clients using RSA certificates with these
servers. This has been fixed in a manner similar to what OpenSSH’s
own client does: a version check is performed and the algorithm used
is downgraded if needed. Reported by Adarsh Chauhan, with fix
suggested by Jun Omae.
- [Bug] Align signature verification algorithm with OpenSSH re:
zero-padding signatures which don’t match their nominal size/length.
This shouldn’t affect most users, but will help Paramiko-implemented
SSH servers handle poorly behaved clients such as PuTTY. Thanks to
Jun Omae for catch & patch.
Signed-off-by: Javier Marcet <javier@marcet.info>
- [Bug] Servers offering certificate variants of hostkey algorithms
(eg ssh-rsa-cert-v01@openssh.com) could not have their host keys
verified by Paramiko clients, as it only ever considered non-cert key
types for that part of connection handshaking. This has been fixed.
- [Bug] PKey instances’ __eq__ did not have the usual safety guard in
place to ensure they were being compared to another PKey object,
causing occasional spurious BadHostKeyException (among other things).
This has been fixed. Thanks to Shengdun Hua for the original report
/patch and to Christopher Papke for the final version of the fix.
- [Support] Update camelCase method calls against the threading
module to be snake_case; this and related tweaks should fix some
deprecation warnings under Python 3.10. Thanks to Karthikeyan
Singaravelan for the report, @Narendra-Neerukonda for the patch, and
to Thomas Grainger and Jun Omae for patch workshopping.
Signed-off-by: Javier Marcet <javier@marcet.info>
2.10.2:
- [Bug] Fix Python 2 compatibility breakage introduced in 2.10.1.
Spotted by Christian Hammond.
2.10.3:
- [Bug] Switch from module-global to thread-local storage when
recording thread IDs for a logging helper; this should avoid one
flavor of memory leak for long-running processes. Catch & patch via
Richard Kojedzinszky.
- [Bug] Certificate-based pubkey auth was inadvertently broken when
adding SHA2 support; this has been fixed. Reported by Erik Forsberg
and fixed by Jun Omae.
Signed-off-by: Javier Marcet <javier@marcet.info>
2.10.1:
- [Bug]: (CVE-2022-24302) Creation of new private key files using
PKey subclasses was subject to a race condition between file creation
& mode modification, which could be exploited by an attacker with
knowledge of where the Paramiko-using code would write out such
files.
- This has been patched by using os.open and os.fdopen to ensure new
files are opened with the correct mode immediately. We’ve left the
subsequent explicit chmod in place to minimize any possible
disruption, though it may get removed in future backwards-
incompatible updates.
- Thanks to Jan Schejbal for the report & feedback on the solution,
and to Jeremy Katz at Tidelift for coordinating the disclosure.
2.10.0:
- [Feature] Add support for OpenSSH’s Windows agent as a fallback
when Putty/WinPageant isn’t available or functional. Reported by
@benj56 with patches/PRs from @lewgordon and Patrick Spendrin.
- [Feature] Add support for the %C token when parsing SSH config
files. Foundational PR submitted by @jbrand42.
- [Bug] Significantly speed up low-level read/write actions on
SFTPFile objects by using bytearray/memoryview. This is unlikely to
change anything for users of the higher level methods like
SFTPClient.get or SFTPClient.getfo, but users of SFTPClient.open will
likely see orders of magnitude improvements for files larger than a
few megabytes in size.
- Thanks to @jkji for the original report and to Sevastian Tchernov
for the patch.
- [Support] Add six explicitly to install-requires; it snuck into
active use at some point but has only been indicated by transitive
dependency on bcrypt until they somewhat-recently dropped it. This
will be short-lived until we drop Python 2 support. Thanks to
Sondre Lillebø Gundersen for catch & patch.
Signed-off-by: Javier Marcet <javier@marcet.info>
- [Bug]: Enhanced log output when connecting to servers that do not
support server-sig-algs extensions, making the new-as-of-2.9
defaulting to SHA2 pubkey algorithms more obvious when it kicks in.
- [Bug]: Connecting to servers which support server-sig-algs but
which have no overlap between that list and what a Paramiko client
supports, now raise an exception instead of defaulting to
rsa-sha2-512 (since the use of server-sig-algs allows us to know
what the server supports).
Signed-off-by: Javier Marcet <javier@marcet.info>
- Improve the base URI behavior when resolving a $ref to a resolution
URI which is different from the resolved schema's declared $id.
- Accessing jsonschema.draftN_format_checker is deprecated. Instead,
if you want access to the format checker itself, it is exposed as
jsonschema.validators.DraftNValidator.FORMAT_CHECKER on any
jsonschema.protocols.Validator.
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed:
- Type annotate format checker methods by @sirosen
- Fix fuzzer to include instrumentation by @DavidKorczynski
- [pre-commit.ci] pre-commit autoupdate by @pre-commit-ci
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed:
- Add package_url for changelog by @fhightower
- Only validate unevaluated properties/items on applicable types by
@EpicWink
- Mark library as typed (PEP-561) by @ssbarnea
- Add v4.5.1 to changelog by @sirosen
- Modernize the packaging setup via PEP 621 and Hatch. by @Julian
New Contributors:
- @fhightower made their first contribution
- @EpicWink made their first contribution
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed:
- Extend dynamicRef keyword by @nezhar
- Add FORMAT_CHECKER attribute for Validator by @TiborVoelcker
- Remove stray double-quote by @lurch
- Ensure proper sorting of list in error message by @ssbarnea
Signed-off-by: Javier Marcet <javier@marcet.info>
Added:
- CLI: add support for invocations via 'python -m'.
- load_dotenv function now returns False.
- CLI: add --format= option to list command.
Fixed:
- Drop Python 3.5 and 3.6 and upgrade GA
- Use open instead of io.open.
- Improve documentation for variables without a value
- Add parse_it to Related Projects
- Update README.md
- Improve documentation with direct use of MkDocs
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed:
Fixed:
- Add missing trailing newline before adding new entry with set_key
by @bbc2 in #361
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed
- CHANGELOG.md: Fix typos discovered by codespell by @cclauss in #350
- Add Python 3.10 support by @theskumar in #359
Signed-off-by: Javier Marcet <javier@marcet.info>
Changed:
- Require Python 3.5 or a later version. Python 2 and 3.4 are no
longer supported
- Raise ValueError if quote_mode isn't one of always, auto or never
in set_key
- When writing a value to a .env file with set_key or dotenv set
<key> <value>
Added:
- The dotenv_path argument of set_key and unset_key now has a type of
Union[str, os.PathLike] instead of just os.PathLike
Signed-off-by: Javier Marcet <javier@marcet.info>
Package does not currently build because of distutil dependency. Fix
this by updating to the latest version.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Features:
- Add cap_add and cap_drop parameters to service create and
ContainerSpec
- Add templating parameter to config create
Bugfixes:
- Fix getting a read timeout for logs/attach with a tty and slow
output
Miscellaneous:
- Fix documentation examples
Signed-off-by: Javier Marcet <javier@marcet.info>
Bugfixes:
- Fix disable_buffering regression
- Bring back support for ssh identity file
- Cleanup remaining python-2 dependencies
- Fix image save example in docs
Miscellaneous:
- Bump urllib3 to 1.26.5
- Bump requests to 2.26.0
Signed-off-by: Javier Marcet <javier@marcet.info>
- Removed PYPI_SOURCE_EXT as this release provides tarball with .tar.gz
extension, which is default.
- Changelog: https://dnspython.readthedocs.io/en/stable/whatsnew.html
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
- BACKWARD COMPATIBILITY:
- Dropped support for EOL Pythons 2.7, 3.4 and 3.5
- Dropped support for LSB and uname back-ends when --root-dir is
specified
- Moved distro.py to src/distro/distro.py
- ENHANCEMENTS:
- Documented that distro.version() can return an empty string on
- rolling releases
- Documented support for Python 3.10
- Added official support for Rocky Linux distribution
- Added a shebang to distro.py to allow standalone execution
- Added support for AIX platforms
- Added compliance for PEP-561
- BUG FIXES:
- Fixed include_uname parameter oversight
- Fixed crash when uname -rs output is empty
- Fixed Amazon Linux identifier in distro.id() documentation
- Fixed OpenSuse >= 15 support
- Fixed encoding issues when opening distro release files
- Fixed linux_distribution regression
Signed-off-by: Javier Marcet <javier@marcet.info>
- BACKWARDS COMPATIBILITY:
- Deprecated the distro.linux_distribution() function. Use
distro.id(), distro.version() and distro.name() instead [#296]
- Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will
only support Python 3.6+
- ENHANCEMENTS:
- Added type hints to distro module [#269]
- Added __version__ for checking distro version [#292]
- Added support for arbitrary rootfs via the root_dir parameter
[#247]
- Added the --root-dir option to CLI [#161]
- Added fallback to /usr/lib/os-release when /etc/os-release isn't
available [#262]
- BUG FIXES:
- Fixed subprocess.CalledProcessError when running lsb_release
[#261]
- Ignore /etc/iredmail-release file while parsing distribution
[#268]
- Use a binary file for /dev/null to avoid TextIOWrapper overhead
[#271]
- RELEASE:
- Moved repository from nir0s/distro to python-distro/distro on
GitHub.
Signed-off-by: Javier Marcet <javier@marcet.info>
setup.py detects macos (darwin) and adds -flat_namespace flag. This
flag is not compatible with GCC that is used to compile target.
This patch patch disables darwin detection
Signed-off-by: Sergey V. Lobanov <sergey@lobanov.in>
Changelog:
PycURL 7.44.0 - 2021-08-08
--------------------------
This release reinstates best effort Python 2 support, adds Python 3.9 and
Python 3.10 alpha support and implements support for several libcurl options.
Official Windows builds are currently not being produced.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Changelog:
- Bumped upper bound of the chardet runtime dependency to allow their v4.0 version stream.
From a1158c5389/CHANGES.rst
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This package was updated without a hash change.
Fixes: c1575225807cab ("pyodbc: update to version 4.0.31")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
As we are using this package in Turris OS
and Daniel Golle decided to no longer maintain this
and some other Python packages I'd like to take
this package maintainership as was originally
suggested in https://github.com/openwrt/packages/pull/17911
by Josef Schlehofer (@BKPepe).
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
As we are using this package in Turris OS
and Daniel Golle decided to no longer maintain this
and some other Python packages I'd like to take
this package maintainership as was originally
suggested in https://github.com/openwrt/packages/pull/17911
by Josef Schlehofer (@BKPepe).
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
Includes fix for CVE-2022-21716 (The Twisted SSH client and server
implementation naively accepted an infinite amount of data for the
peer's SSH version identifier.)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python3: Update to 3.9.11, refresh patches
Includes fixes for:
* Windows builds updated to bzip2 1.0.8 to mitigate CVE-2016-3189 and
CVE-2019-12900
* CVE-2022-26488: Escalation of privilege via Windows Installer
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python3: Update to 3.9.12
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
- Add support for pre-initialized stream socket in new WebSocketApp
- Remove rel.saferead() in examples (f0bf03d)
- Increase scope of linting checks (dca4022)
- Start adding type hints (a8a4099)
Signed-off-by: Javier Marcet <javier@marcet.info>
- 1.3.1:
- Fix 10 year old bug and improve dispatcher handling for
run_forever
- Fix run_forever to never return None, only return True or False,
and add two tests
- Remove Python 3.6 support, EOL in Dec 2021
- 1.3.0:
- BREAKING: Set Origin header to use https:// scheme when wss://
WebSocket URL is passed
- Replace deprecated/broken WebSocket URLs with working ones
(6ad5197)
- Add documentation referencing rel for automatic reconnection with
run_forever()
- Add missing opcodes 1012, 1013
- Add errno.ENETUNREACH to improve error handling (da1b050)
- Minor documentation improvements and typo fixes
- 1.2.3:
- Fix broken run_forever() functionality
- 1.2.2:
- Migrate wsdump script in setup.py from scripts to newer
entry_points
- Add support for ssl.SSLContext for arbitrary SSL parameters
- Remove keep_running variable
- Remove HAVE_CONTEXT_CHECK_HOSTNAME variable (dac1692)
- Replace deprecated ssl.PROTOCOL_TLS with ssl.PROTOCOL_TLS_CLIENT
- Simplify code and improve Python 3 support
- Fill default license template fields
- Update CI tests
- Improve documentation
Signed-off-by: Javier Marcet <javier@marcet.info>
* update license (changed in 1.2.0)
* removed python3-six dependency (removed in 1.0.0)
* do not install tests
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
It seems that Turris guys is using this package in the Turris OS, where
it is used for reForis (simple, basic UI for users)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[replace Daniel as maintainer, add commit message]
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
It seems that Turris guys is using this package in the Turris OS, where
it is used for reForis (simple, basic UI for users)
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
[replace Daniel as maintainer, add commit message]
Signed-off-by: Josef Schlehofer <josef.schlehofer@nic.cz>
I can't seem to see any package that needs it.
This was added for cryptography, since it was needed up to version 2.7
asn1-crypto doesn't have a user since commit 9d892e3cf88bd7c5f2c61117df2f3c2fd6c0e960
So, remove it.
Abandoned packaged PR: https://github.com/openwrt/packages-abandoned/pull/23
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
With the removal of Seafile, these library packages no longer have any
in-repo users. They will be imported into the abandoned packages
repo[1].
[1]: https://github.com/openwrt/packages-abandoned/pull/24
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
There's been a bit of overlapping opinions on some of these packages.
The best thing to do here is to reduce ownership and relinquish my
control.
This patch does that.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 48ce6e48b617ee72e40220e6ab6b7ceaa079a192)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Refreshed patches.
And apply hack for line-endings in pep517 (from pip).
Hack comment:
# FIXME: [1] get rid of this asap; 'patch' doesn't like Windows endings, and this file is full of them...
# I actually tried this in a number of ways and the only way to fix this is to implement
# a poor-man's dos2unix using sed.
# The issue is with the pip package; it seems that it throws in some Windows line-endings
# and 'patch' won't handle them. So, we do a "dos2unix" and then patch.
# We can get rid of this once this is solved upstream and in pip:
# https://github.com/pypa/pep517/pull/130
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 26988f905f1f78ee0fd67dc90c3c7b112ac1817d)
I tried to install matplotlib by using pip and it failed with the following output:
2021-08-18T11:52:26,171 Collecting matplotlib
2021-08-18T11:52:26,173 Created temporary directory: /tmp/pip-unpack-wuth2u0e
2021-08-18T11:52:26,565 Using cached matplotlib-3.4.3.tar.gz (37.9 MB)
2021-08-18T11:52:38,659 Added matplotlib from https://files.pythonhosted.org/packages/21/37/ 197e68df384ff694f78d687a49ad39f96c67b8d75718bc61503e1676b617/matplotlib-3.4.3.tar. gz#sha256=fc4f526dfdb31c9bd6b8ca06bf9fab663ca12f3ec9cdf4496fb44bc680140318 to build tracker '/tmp/pip- req-tracker-u30x8pht'
2021-08-18T11:52:38,660 Running setup.py (path:/tmp/pip-install-afiyiers/ matplotlib_8e717e38862f4976a3d6cb1832ba3261/setup.py) egg_info for package matplotlib
2021-08-18T11:52:38,661 Created temporary directory: /tmp/pip-pip-egg-info-kbtiezxq
2021-08-18T11:52:38,662 Running command python setup.py egg_info
2021-08-18T11:52:38,831 Traceback (most recent call last):
2021-08-18T11:52:38,832 File "<string>", line 1, in <module>
2021-08-18T11:52:38,832 File "/usr/lib/python3.9/site-packages/setuptools/__init__.py", line 8, in <module>
2021-08-18T11:52:38,833 ModuleNotFoundError: No module named '_distutils_hack'
More details about it:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968410
Once I applied the patch from the bug tracker, I got further to install
it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit feaaacc10fff283505ff261ed6886a4936fbe7f5)
I seem to forget to check/select setuptools and pip (that come bundled with
Python).
This change will do a simple 'ls' on the 2 wheel files, so that the build
fails even if just building Python.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Refreshed patches.
Bumped pip to 21.1.3.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 44e009364f5a115172f5825fbfd8c0b3730021a5)
Dropped patches:
0004-Replace-EVP_CIPHER_CTX_cleanup-with-EVP_CIPHER_CTX_r.patch
0005-Switch-get_-Update-APIs-to-get0.patch
Reworked patches:
0001-Add-new-ASN1_STRING_get0_data-API.patch
0006-Add-X509_STORE_CTX_trusted_stack-compatibility-macro.patch
These 2 require that we keep only the CUSTOMIZATIONS stuff for now. Maybe
later we can drop this.
Ran 'make package/python-cryptography/refresh'.
Added patch:
0004-disable-rust.patch
upstream did a sloppy job with the CRYPTOGRAPHY_DONT_BUILD_RUST logic; we
need to patch it, to make sure the setuptools-rust isn't installed.
We may need to carry this patch in our tree for a bit longer than upstream,
because in newer versions, CRYPTOGRAPHY_DONT_BUILD_RUST logic gets removed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 01d1b4581e885bc878de6e075b19a1008ef93569)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Django 1.x is not compatible with python 3.10.
Mark the package as BROKEN. Since its dependent packages will also
select it, they will need to be marked BROKEN as well to avoid recursive
dependencies--packages not marked as BROKEN will be able to select the
broken package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Django 1.11 (host-build) is only needed for Seahub.
And won't ever be needed for anything else (hopefully).
This change moves it to the Seahub folder.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Update to the newest versions and switch to $(AUTORELEASE) for the python3 packages (where I am the maintainer).
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
2to3 is a Python program that reads Python 2.x source code and applies a
series of fixers to transform it into valid Python 3.x code. The standard
library contains a rich set of fixers that will handle almost all code. 2to3
supporting library lib2to3 is, however, a flexible and generic library, so it
is possible to write your own fixers for 2to3. lib2to3 could also be adapted
to custom applications in which Python code needs to be edited automatically.
This tool is necessary for fail2ban package because of issue
https://github.com/openwrt/packages/issues/17311https://github.com/openwrt/packages/pull/17341
Simple 2to3.py script from Debian, thanks to Matthias Klose <doko@ubuntu.com>
From: https://salsa.debian.org/cpython-team/python3-defaults
Co-authored-by: Jeffery To <jeffery.to@gmail.com>
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
The last tagged release (v1.9.3) was in 2017. This updates the package
to the most recent commit of the master branch.
This also sets myself at the maintainer.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
