GNU bug report logs - #33569
Missing sanitizing of '[]' in pypi-importer

Previous Next

Package: guix;

Reported by: swedebugia <swedebugia <at> riseup.net>

Date: Sun, 2 Dec 2018 00:27:02 UTC

Severity: normal

Tags: patch

Merged with 24450, 24557, 33047, 34266

Done: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Maxim Cournoyer <maxim.cournoyer <at> gmail.com>
To: swedebugia <swedebugia <at> riseup.net>
Cc: 33569 <at> debbugs.gnu.org, 24450 <at> debbugs.gnu.org
Subject: bug#33569: Missing sanitizing of '[]' in pypi-importer
Date: Fri, 29 Mar 2019 00:20:53 -0400

swedebugia <swedebugia <at> riseup.net> writes:

> E.g.
> sdb <at> komputilo ~/guix-tree$ ~/guix-tree/pre-inst-env guix import pypi
> snakemake
> ...
>   (propagated-inputs
>     `(("python-[reports]"
>        ,#{python-\x5b;reports\x5d;}#)
>       ("python-appdirs" ,python-appdirs)
> ...

This one now gives (local branch):

--8<---------------cut here---------------start------------->8---
./pre-inst-env guix import pypi snakemake

Starting download of /tmp/guix-file.4XvWMX
From https://files.pythonhosted.org/packages/4a/aa/aab1515d220be06fbdccf3c89335d9585b08ac6be74b8e3c9e8c3c32798e/snakemake-5.4.4.tar.gz...
 ….4.4.tar.gz  169KiB                 723KiB/s 00:00 [##################] 100.0%
(package
  (name "python-snakemake")
  (version "5.4.4")
  (source
    (origin
      (method url-fetch)
      (uri (pypi-uri "snakemake" version))
      (sha256
        (base32
          "0prpr5qajqwr8sh4gzggpj8l4np2rcm9nfdzvcp30d5yw7h26wqm"))))
  (build-system python-build-system)
  (propagated-inputs
    `(("python-appdirs" ,python-appdirs)
      ("python-configargparse" ,python-configargparse)
      ("python-datrie" ,python-datrie)
      ("python-docutils" ,python-docutils)
      ("python-gitpython" ,python-gitpython)
      ("python-jsonschema" ,python-jsonschema)
      ("python-pyyaml" ,python-pyyaml)
      ("python-ratelimiter" ,python-ratelimiter)
      ("python-requests" ,python-requests)
      ("python-wrapt" ,python-wrapt)))
  (home-page "http://snakemake.bitbucket.io")
  (synopsis
    "Snakemake is a workflow management system that aims to reduce the complexity of creating workflows by providing a fast and comfortable execution environment, together with a clean and modern specification language in python style. Snakemake workflows are essentially Python scripts extended by declarative code to define rules. Rules describe how to create output files from input files.")
  (description
    "Snakemake is a workflow management system that aims to reduce the complexity of creating workflows by providing a fast and comfortable execution environment, together with a clean and modern specification language in python style. Snakemake workflows are essentially Python scripts extended by declarative code to define rules. Rules describe how to create output files from input files.")
  (license license:expat))
--8<---------------cut here---------------end--------------->8---
This bug report was last modified 5 years and 327 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.