[packages/python-markdown] - updated to 2.6.11 - added yaml patch (fix for PyYAML 5.1, partially from git)

qboosh qboosh at pld-linux.org
Sat Mar 23 07:49:20 CET 2019 

commit 4c99705f9946ecc5ff549f964834221a2b189616
Author: Jakub Bogusz <qboosh at pld-linux.org>
Date:   Sat Mar 23 07:55:13 2019 +0100

    - updated to 2.6.11
    - added yaml patch (fix for PyYAML 5.1, partially from git)

 python-markdown-yaml.patch | 68 ++++++++++++++++++++++++++++++++++++++++++++++
 python-markdown.spec       | 21 ++++++--------
 2 files changed, 76 insertions(+), 13 deletions(-)
---
diff --git a/python-markdown.spec b/python-markdown.spec
index 8f2806c..d342b8d 100644
--- a/python-markdown.spec
+++ b/python-markdown.spec
@@ -1,6 +1,6 @@
 #
 # Conditional build:
-%bcond_without	tests	# do not perform "make test"
+%bcond_without	tests	# unit tests
 %bcond_without	python2	# python2 package
 %bcond_without	python3	# python3 package
 
@@ -8,13 +8,14 @@
 Summary:	Markdown implementation in Python 2
 Summary(pl.UTF-8):	Implementacja formatu Markdown w Pythonie 2
 Name:		python-%{module}
-Version:	2.6.7
-Release:	3
+Version:	2.6.11
+Release:	1
 License:	BSD
 Group:		Development/Languages/Python
 #Source0Download: https://pypi.python.org/simple/markdown/
 Source0:	https://files.pythonhosted.org/packages/source/M/Markdown/Markdown-%{version}.tar.gz
-# Source0-md5:	a06f1c5d462b32e0e8da014e9eebb0d9
+# Source0-md5:	a67c1b2914f7d74eeede2ebe0fdae470
+Patch0:		%{name}-yaml.patch
 URL:		https://pythonhosted.org/Markdown/
 BuildRequires:	python-devel
 BuildRequires:	python-elementtree
@@ -24,7 +25,6 @@ BuildRequires:	python-nose
 %endif
 BuildRequires:	rpm-pythonprov
 BuildRequires:	rpmbuild(macros) >= 1.714
-BuildRequires:	sed >= 4.0
 %if %{with python3}
 BuildRequires:	python3-devel >= 1:3.2
 %if %{with tests}
@@ -65,12 +65,7 @@ choć jest kilka znanych problemów.
 
 %prep
 %setup -q -n Markdown-%{version}
-
-# remove shebangs
-find markdown -type f -name '*.py' -exec sed -i -e '/^#!/{1D}' {} ';'
-
-# fix line-ending
-%undos docs/release-2.2.0.txt
+%patch0 -p1
 
 %build
 %if %{with python2}
@@ -113,7 +108,7 @@ rm -rf $RPM_BUILD_ROOT
 %if %{with python2}
 %files
 %defattr(644,root,root,755)
-%doc LICENSE.md README.md docs/{authors.txt,change_log.txt,cli.txt,index.txt,reference.txt,release-*.txt,siteindex.txt,extensions}
+%doc LICENSE.md README.md docs/{change_log,extensions,authors.md,cli.md,favicon.ico,index.md,py.png,reference.md}
 %attr(755,root,root) %{_bindir}/markdown_py
 %attr(755,root,root) %{_bindir}/markdown_py-%{py_ver}
 %{py_sitescriptdir}/markdown
@@ -123,7 +118,7 @@ rm -rf $RPM_BUILD_ROOT
 %if %{with python3}
 %files -n python3-markdown
 %defattr(644,root,root,755)
-%doc LICENSE.md README.md docs/{authors.txt,change_log.txt,cli.txt,index.txt,reference.txt,release-*.txt,siteindex.txt,extensions}
+%doc LICENSE.md README.md docs/{change_log,extensions,authors.md,cli.md,favicon.ico,index.md,py.png,reference.md}
 %attr(755,root,root) %{_bindir}/markdown_py-%{py3_ver}
 %{py3_sitescriptdir}/markdown
 %{py3_sitescriptdir}/Markdown-%{version}-py*.egg-info
diff --git a/python-markdown-yaml.patch b/python-markdown-yaml.patch
new file mode 100644
index 0000000..90edd4d
--- /dev/null
+++ b/python-markdown-yaml.patch
@@ -0,0 +1,68 @@
+diff --git a/markdown/__main__.py b/markdown/__main__.py
+index 38d08fe0..43e486c9 100644
+--- a/markdown/__main__.py
++++ b/markdown/__main__.py
+@@ -26,9 +26,17 @@
+ import warnings
+ import markdown
+ try:
+-    import yaml
++    # We use `unsafe_load` because users may need to pass in actual Python
++    # objects. As this is only available from the CLI, the user has much
++    # worse problems if an attacker can use this as an attach vector.
++    from yaml import unsafe_load as yaml_load
+ except ImportError:  # pragma: no cover
+-    import json as yaml
++    try:
++        # Fall back to PyYAML <5.1
++        from yaml import load as yaml_load
++    except ImportError:
++        # Fall back to JSON
++        from json import load as yaml_load
+ 
+ import logging
+ from logging import DEBUG, WARNING, CRITICAL
+@@ -97,7 +105,7 @@ def parse_options(args=None, values=None):
+             options.configfile, mode="r", encoding=options.encoding
+         ) as fp:
+             try:
+-                extension_configs = yaml.load(fp)
++                extension_configs = yaml_load(fp)
+             except Exception as e:
+                 message = "Failed parsing extension config file: %s" % \
+                           options.configfile
+--- a/tests/__init__.py.orig	2018-01-05 01:41:13.000000000 +0100
++++ b/tests/__init__.py	2019-03-22 22:41:00.850729644 +0100
+@@ -17,13 +17,16 @@
+ except ImportError:
+     tidylib = None
+ try:
+-    import yaml
+-except ImportError as e:
+-    msg = e.args[0]
+-    msg = msg + ". A YAML library is required to run the Python-Markdown " \
+-        "tests. Run `pip install pyyaml` to install the latest version."
+-    e.args = (msg,) + e.args[1:]
+-    raise
++    from yaml import unsafe_load as yaml_load
++except ImportError: # PyYAML < 5.1
++    try:
++        from yaml import load as yaml_load
++    except ImportError as e:
++        msg = e.args[0]
++        msg = msg + ". A YAML library is required to run the Python-Markdown " \
++            "tests. Run `pip install pyyaml` to install the latest version."
++        e.args = (msg,) + e.args[1:]
++        raise
+ 
+ test_dir = os.path.abspath(os.path.dirname(__file__))
+ 
+@@ -36,7 +39,7 @@
+         self._config = {}
+         if os.path.exists(filename):
+             with codecs.open(filename, encoding="utf-8") as f:
+-                self._config = yaml.load(f)
++                self._config = yaml_load(f)
+ 
+     def get(self, section, option):
+         """ Get config value for given section and option key. """
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/python-markdown.git/commitdiff/4c99705f9946ecc5ff549f964834221a2b189616

More information about the pld-cvs-commit mailing list