pkgsrc-WIP-changes archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
py-pip-audit: update to 0.0.5
Module Name: pkgsrc-wip
Committed By: Thomas Klausner <tk%giga.or.at@localhost>
Pushed By: wiz
Date: Wed Nov 10 00:25:23 2021 +0100
Changeset: 29a82e2634cfc4c42d54fd93c47c42d7b912f9ab
Modified Files:
py-pip-audit/Makefile
py-pip-audit/distinfo
py-pip-audit/patches/patch-setup.py
Removed Files:
py-pip-audit/patches/patch-mypy.ini
py-pip-audit/patches/patch-pip__audit_cli.py
py-pip-audit/patches/patch-pip__audit_dependency__source_resolvelib_pypi__provider.py
py-pip-audit/patches/patch-pip__audit_service_pypi.py
Log Message:
py-pip-audit: update to 0.0.5
Bugfix release for 0.0.4 with the patches from pkgsrc and a couple more.
To see a diff of this commit:
https://wip.pkgsrc.org/cgi-bin/gitweb.cgi?p=pkgsrc-wip.git;a=commitdiff;h=29a82e2634cfc4c42d54fd93c47c42d7b912f9ab
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
diffstat:
py-pip-audit/Makefile | 3 +-
py-pip-audit/distinfo | 12 ++----
py-pip-audit/patches/patch-mypy.ini | 14 -------
py-pip-audit/patches/patch-pip__audit_cli.py | 46 ----------------------
...dependency__source_resolvelib_pypi__provider.py | 46 ----------------------
.../patches/patch-pip__audit_service_pypi.py | 16 --------
py-pip-audit/patches/patch-setup.py | 16 ++------
7 files changed, 10 insertions(+), 143 deletions(-)
diffs:
diff --git a/py-pip-audit/Makefile b/py-pip-audit/Makefile
index 09df1560c5..d014ec8d0d 100644
--- a/py-pip-audit/Makefile
+++ b/py-pip-audit/Makefile
@@ -1,6 +1,6 @@
# $NetBSD: Makefile,v 1.45 2020/12/18 09:03:43 adam Exp $
-DISTNAME= pip-audit-0.0.4
+DISTNAME= pip-audit-0.0.5
PKGNAME= ${PYPKGPREFIX}-${DISTNAME}
CATEGORIES= security python
# pypi file does not include tests
@@ -37,6 +37,7 @@ USE_LANGUAGES= # none
post-install:
cd ${DESTDIR}${PREFIX}/bin && \
${MV} pip-audit pip-audit-${PYVERSSUFFIX} || ${TRUE}
+ ${RM} -r ${DESTDIR}${PREFIX}/${PYSITELIB}/test
# as of 0.0.4
# 2 failed, 46 passed
diff --git a/py-pip-audit/distinfo b/py-pip-audit/distinfo
index 724f3b750f..e10540ac19 100644
--- a/py-pip-audit/distinfo
+++ b/py-pip-audit/distinfo
@@ -1,10 +1,6 @@
$NetBSD: distinfo,v 1.40 2021/10/26 10:18:45 nia Exp $
-BLAKE2s (pip-audit-0.0.4.tar.gz) = 07e726eb27ca453638d64a84490a1a4fc934e819868c1fb50bd0a3bd2c023174
-SHA512 (pip-audit-0.0.4.tar.gz) = 3192547e0c7bccda1c69ff20d7a23175f29260a05d882769f474577485da086f98dbe05af5c3e8c3eaed9b033cb251315832b84ed864986183fae8e157006bda
-Size (pip-audit-0.0.4.tar.gz) = 31496 bytes
-SHA1 (patch-mypy.ini) = 63b86e4ab5735d44ebf0d695cf9e228181fb6b26
-SHA1 (patch-pip__audit_cli.py) = 23f15f2bf7afe7c0a9bb0abb77cfdf07438af011
-SHA1 (patch-pip__audit_dependency__source_resolvelib_pypi__provider.py) = f703cfbd4f8abbc51bb1effe291564267b062203
-SHA1 (patch-pip__audit_service_pypi.py) = e9d290bd6b318e1ce0850b9e8de397b5da771620
-SHA1 (patch-setup.py) = 7460564df5eeef3d22f1314d9b554df0d74e8942
+BLAKE2s (pip-audit-0.0.5.tar.gz) = c60ea00a1e24ff8e0677ae3d8d7d72b606e919475534b108de32174b2cad7826
+SHA512 (pip-audit-0.0.5.tar.gz) = 018aa04901baee74399314faa3afeebd141be91d4bba7621f5c657281458ae5a7d90db60e3059d9bfec858dc0e4251b9c56321b8d22d2533edf9db1154180a03
+Size (pip-audit-0.0.5.tar.gz) = 31766 bytes
+SHA1 (patch-setup.py) = 2171a0cc6c3b737844cce29f1c38d1099115f640
diff --git a/py-pip-audit/patches/patch-mypy.ini b/py-pip-audit/patches/patch-mypy.ini
deleted file mode 100644
index 5fd8e5476b..0000000000
--- a/py-pip-audit/patches/patch-mypy.ini
+++ /dev/null
@@ -1,14 +0,0 @@
-$NetBSD$
-
-https://github.com/trailofbits/pip-audit/issues/115
-
---- mypy.ini.orig 2021-11-09 16:11:51.000000000 +0000
-+++ mypy.ini
-@@ -2,3 +2,7 @@
- warn_return_any = True
- warn_unused_configs = True
- warn_unused_ignores = True
-+warn_no_return = True
-+strict_equality = True
-+allow_redefinition = True
-+check_untyped_defs = True
diff --git a/py-pip-audit/patches/patch-pip__audit_cli.py b/py-pip-audit/patches/patch-pip__audit_cli.py
deleted file mode 100644
index 70aaf3bda7..0000000000
--- a/py-pip-audit/patches/patch-pip__audit_cli.py
+++ /dev/null
@@ -1,46 +0,0 @@
-$NetBSD$
-
-https://github.com/trailofbits/pip-audit/issues/115
-
---- pip_audit/cli.py.orig 2021-11-09 16:11:51.000000000 +0000
-+++ pip_audit/cli.py
-@@ -13,7 +13,12 @@ from typing import List, Optional
-
- from pip_audit import __version__
- from pip_audit.audit import AuditOptions, Auditor
--from pip_audit.dependency_source import PipSource, RequirementSource, ResolveLibResolver
-+from pip_audit.dependency_source import (
-+ DependencySource,
-+ PipSource,
-+ RequirementSource,
-+ ResolveLibResolver,
-+)
- from pip_audit.format import ColumnsFormat, JsonFormat, VulnerabilityFormat
- from pip_audit.service import OsvService, PyPIService, VulnerabilityService
- from pip_audit.state import AuditSpinner
-@@ -105,7 +110,7 @@ class ProgressSpinnerChoice(str, enum.En
- return self.value
-
-
--def audit():
-+def audit() -> None:
- """
- The primary entrypoint for `pip-audit`.
- """
-@@ -182,6 +187,7 @@ def audit():
- with ExitStack() as stack:
- state = stack.enter_context(AuditSpinner()) if args.progress_spinner else None
-
-+ source: DependencySource
- if args.requirements is not None:
- req_files: List[Path] = [Path(req.name) for req in args.requirements]
- source = RequirementSource(req_files, ResolveLibResolver(state), state)
-@@ -195,7 +201,7 @@ def audit():
- vuln_count = 0
- for (spec, vulns) in auditor.audit(source):
- if state is not None:
-- state.update_state(f"Auditing {spec.package} ({spec.version})")
-+ state.update_state(f"Auditing {spec.name} ({spec.version})")
- result[spec] = vulns
- if len(vulns) > 0:
- pkg_count += 1
diff --git a/py-pip-audit/patches/patch-pip__audit_dependency__source_resolvelib_pypi__provider.py b/py-pip-audit/patches/patch-pip__audit_dependency__source_resolvelib_pypi__provider.py
deleted file mode 100644
index f375899e1c..0000000000
--- a/py-pip-audit/patches/patch-pip__audit_dependency__source_resolvelib_pypi__provider.py
+++ /dev/null
@@ -1,46 +0,0 @@
-$NetBSD$
-
-https://github.com/trailofbits/pip-audit/issues/115
-
---- pip_audit/dependency_source/resolvelib/pypi_provider.py.orig 2021-11-09 16:11:51.000000000 +0000
-+++ pip_audit/dependency_source/resolvelib/pypi_provider.py
-@@ -13,7 +13,7 @@ from operator import attrgetter
- from platform import python_version
- from tarfile import TarFile
- from tempfile import TemporaryDirectory
--from typing import List, Optional, Set
-+from typing import BinaryIO, List, Optional, Set, cast
- from urllib.parse import urlparse
- from zipfile import ZipFile
-
-@@ -42,8 +42,8 @@ class Candidate:
- self,
- name: str,
- version: Version,
-- url: Optional[str] = None,
-- extras: bool = None,
-+ url: str,
-+ extras: Set[str],
- is_wheel: bool = True,
- state: Optional[AuditState] = None,
- ) -> None:
-@@ -89,7 +89,7 @@ class Candidate:
- """
- Computes the dependency set for this candidate.
- """
-- deps = self.metadata.get_all("Requires-Dist", [])
-+ deps: List[str] = self.metadata.get_all("Requires-Dist", [])
- extras = self.extras if self.extras else [""]
-
- for d in deps:
-@@ -125,7 +125,9 @@ class Candidate:
- for n in z.namelist():
- if n.endswith(".dist-info/METADATA"):
- p = BytesParser()
-- return p.parse(z.open(n), headersonly=True)
-+ # NOTE: MyPy bug? ZipFile.open is treated as IO[bytes], which
-+ # should be unified with BinaryIO but isn't.
-+ return p.parse(cast(BinaryIO, z.open(n)), headersonly=True)
-
- # If we didn't find the metadata, return an empty dict
- return EmailMessage() # pragma: no cover
diff --git a/py-pip-audit/patches/patch-pip__audit_service_pypi.py b/py-pip-audit/patches/patch-pip__audit_service_pypi.py
deleted file mode 100644
index 0d826de2fb..0000000000
--- a/py-pip-audit/patches/patch-pip__audit_service_pypi.py
+++ /dev/null
@@ -1,16 +0,0 @@
-$NetBSD$
-
-Adapt for CacheControl 0.12.10.
-https://github.com/trailofbits/pip-audit/commit/185c7a27ee40bfe333b95deeb71f937680d8ed8c
-
---- pip_audit/service/pypi.py.orig 2021-11-09 16:12:41.000000000 +0000
-+++ pip_audit/service/pypi.py
-@@ -44,7 +44,7 @@ class _SafeFileCache(FileCache):
- self._logged_warning = True
- return None
-
-- def set(self, key: str, value: bytes) -> None:
-+ def set(self, key: str, value: bytes, expires: Optional[Any] = None) -> None:
- try:
- self._set_impl(key, value)
- except Exception as e: # pragma: no cover
diff --git a/py-pip-audit/patches/patch-setup.py b/py-pip-audit/patches/patch-setup.py
index d4ddf9b9f9..39d454b6c8 100644
--- a/py-pip-audit/patches/patch-setup.py
+++ b/py-pip-audit/patches/patch-setup.py
@@ -1,23 +1,15 @@
$NetBSD$
-Fix dataclasses dependency
-https://github.com/trailofbits/pip-audit/pull/114/files
-
Do not insist on one particular version of CacheControl.
---- setup.py.orig 2021-11-09 16:11:51.000000000 +0000
+--- setup.py.orig 2021-11-09 22:42:57.000000000 +0000
+++ setup.py
-@@ -31,11 +31,11 @@ setup(
- "pip-api>=0.0.23",
- "packaging>=21.0.0",
- # TODO: Remove this once 3.7 is our minimally supported version.
-- "dataclasses>=0.6",
-+ "dataclasses>=0.6; python_version < '3.7'",
+@@ -35,7 +35,7 @@ setup(
"progress>=1.6",
"resolvelib>=0.8.0",
"html5lib>=1.1",
-- "CacheControl==0.12.6",
-+ "CacheControl>=0.12.6",
+- "CacheControl==0.12.10",
++ "CacheControl>=0.12.10",
"lockfile>=0.12.2",
],
extras_require={
Home |
Main Index |
Thread Index |
Old Index