From unknown Sat Jun 14 19:10:36 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#40742] [PATCH] Update python-tortoise-orm and deps (security fix) Resent-From: Lars-Dominik Braun Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Apr 2020 08:59:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: report 40742 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: 40742@debbugs.gnu.org X-Debbugs-Original-To: guix-patches@gnu.org Received: via spool by submit@debbugs.gnu.org id=B.158745950828431 (code B ref -1); Tue, 21 Apr 2020 08:59:02 +0000 Received: (at submit) by debbugs.gnu.org; 21 Apr 2020 08:58:28 +0000 Received: from localhost ([127.0.0.1]:49034 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQojb-0007OV-Hl for submit@debbugs.gnu.org; Tue, 21 Apr 2020 04:58:27 -0400 Received: from lists.gnu.org ([209.51.188.17]:48847) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQojZ-0007ON-Eb for submit@debbugs.gnu.org; Tue, 21 Apr 2020 04:58:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58222) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jQojY-0005ct-IB for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:25 -0400 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1) (envelope-from ) id 1jQojS-00010v-99 for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:24 -0400 Received: from mail-wm1-x342.google.com ([2a00:1450:4864:20::342]:40789) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jQojR-0000wL-If for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:17 -0400 Received: by mail-wm1-x342.google.com with SMTP id u16so2726804wmc.5 for ; Tue, 21 Apr 2020 01:58:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leibniz-psychology-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=wFPTx26kktUgb7ClvHI/X1rxowCTds80gQfVSY9uqV4=; b=jvX9gNn+q1d+AT0Jkw1PjN2CEKHkSdF7Gg3hd6u6JClupUCLBz9/nspi7y1jE9IZKk KOvtoJfAjBUcezQJJUAE+BHFwl7Z1miKiT+qcj1h6skynIkifnT7SCGvjtYSsBu4xcex JElPCexyeaj3w0g5/XrYTxlF89zICBCII2efsKVu5e7fXA2ueq4faxbZY0Bib6bEys0a 1ZHnvGDLshasTaWyg+W+pOL5SdMuKSXHgb7FYzFXlTnJf9ZfbIfeW/le96kSQqwLEQF8 6/eF855rrxfc3PcHGQOsA7w8EAflz3M3xBbMVuiJ0wr+KlSLWi5sZH0n3JMgfJX43uub 5liA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=wFPTx26kktUgb7ClvHI/X1rxowCTds80gQfVSY9uqV4=; b=GMzVlEOiIufvAgjy4mVcUVqttKFhKryXAqtDQz9pDn9c2/Vqnxhpb81aB/acTPdd32 kh70F5N5wU07cnZEnKMan/IRRCC9vX4mXOTJBjMKaAWI9wSKdweC+7xEWi4oAkulYjgG uVAkdr96U6IZWDJMWJaBFhyqz3BGjAeAVzjLk7iXg1I/4+sge1wNKIoMBXH4SRkLZN4p oe7zBoJ9KXuS6hqam8b+CjWDIwyeHrL8V+8qFwvwaYiExRcFwQaWWBuOIMhaM/XOddSm HZhUbpzhPBfgl3kR4cwu5WOesHTuFCz10J2zMkefYdt6ZM61r0JeBu5RFsmXrqxLPoeF PpJg== X-Gm-Message-State: AGi0PubWQdmr/DGvi33DyMPlsR4et7qz4qk9bhFBaLR2LcpAXo2i78es 7yTL0nqfLEzX52CAzjV/sXIjLVMWf+2ivrFijkIgjv4GZ/V9/5M5keye7MpKhzbtUOpBvV7CgSD jTWmMoM4Wa/CJCORKTd6SUSWDk16eiRB9C756hZDO3LvdF6BKmXFpwf6eywcH6BurLbIVlOrve+ JW0qmNxg/y5g== X-Google-Smtp-Source: APiQypJ01imCDNbxJQkmwxWipaI5a/qg2Rty+yYMVZ5mv7jcYrMGIsf9kL9Cacy8vWVlKJssmp81vQ== X-Received: by 2002:a05:600c:148:: with SMTP id w8mr3951028wmm.144.1587459494817; Tue, 21 Apr 2020 01:58:14 -0700 (PDT) Received: from localhost (dynamic-2a01-0c22-c813-0900-7494-ad80-8848-1078.c22.pool.telefonica.de. [2a01:c22:c813:900:7494:ad80:8848:1078]) by smtp.gmail.com with ESMTPSA id 68sm2834533wrm.65.2020.04.21.01.58.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Apr 2020 01:58:14 -0700 (PDT) Date: Tue, 21 Apr 2020 10:58:13 +0200 From: Lars-Dominik Braun Message-ID: <20200421085813.GB3527@zpidnp36> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="+xNpyl7Qekk2NvDX" Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) Received-SPF: none client-ip=2a00:1450:4864:20::342; envelope-from=ldb@leibniz-psychology.org; helo=mail-wm1-x342.google.com X-detected-operating-system: by eggs.gnu.org: Error: [-] PROGRAM ABORT : Malformed IPv6 address (bad octet value). Location : parse_addr6(), p0f-client.c:67 X-Received-From: 2a00:1450:4864:20::342 X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --+xNpyl7Qekk2NvDX Content-Type: multipart/mixed; boundary="mxv5cy4qt+RJ9ypb" Content-Disposition: inline --mxv5cy4qt+RJ9ypb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, the attached patch series updates python-tortoise-orm and its dependencies. tortoise-orm has received a security fix with version 0.16.6. Lars --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0001-gnu-python-aiosqlite-Update-to-0.12.0.patch" Content-Transfer-Encoding: quoted-printable =46rom 0ecef561fc88e52682c67d5112b43ac3d5c495f1 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:34:30 +0200 Subject: [PATCH 1/4] gnu: python-aiosqlite: Update to 0.12.0 * gnu/packages/databases.scm (python-aiosqlite): Update to 0.12.0 --- gnu/packages/databases.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 606594e005..bf5398d87b 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2743,14 +2743,14 @@ translate the complete SQLite API into Python.") (define-public python-aiosqlite (package (name "python-aiosqlite") - (version "0.11.0") + (version "0.12.0") (source (origin (method url-fetch) (uri (pypi-uri "aiosqlite" version)) (sha256 (base32 - "1f3zdldp9zgrw6qz5fsp3wa5zw73cjf139pj4vf24ryv895320jg")))) + "1w8248yz85xyzvvh4jaxnc59fqil45aka6h82kn1rcih4rjxbnn1")))) (build-system python-build-system) (native-inputs `(("python-aiounittest" ,python-aiounittest))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0002-gnu-python-pypika-Update-to-0.37.1.patch" Content-Transfer-Encoding: quoted-printable =46rom 1a50c8c5c0768f387b4f822d53e48858bf5aa403 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:35:33 +0200 Subject: [PATCH 2/4] gnu: python-pypika: Update to 0.37.1 * gnu/packages/databases.scm (python-pypika): Update to 0.37.1 --- gnu/packages/databases.scm | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index bf5398d87b..b629fc098b 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -3074,14 +3074,17 @@ transforms idiomatic python function calls to well-= formed SQL queries.") (define-public python-pypika (package (name "python-pypika") - (version "0.36.0") + (version "0.37.1") (source - (origin - (method url-fetch) - (uri (pypi-uri "PyPika" version)) - (sha256 - (base32 - "0qzn5vygirg52dlizm6ayzdc5llq8p2krrx0kymr236lrz89wqp8")))) + (origin (method git-fetch) + (uri (git-reference + (url "https://github.com/kayak/pypika.git") + ;; releases are not tagged in git + (commit "ff97e3605448bf0ef67f2348ebdb1021f26c7416"))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "08s6limzgjm4k2pw7gzbhx8914phr673dpi66q5s0zniwq6v72rh")))) (build-system python-build-system) (native-inputs `(("python-parameterized" ,python-parameterized))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0003-gnu-python-tortoise-orm-Update-to-0.16.7.patch" Content-Transfer-Encoding: quoted-printable =46rom 0f0fd13d570b35ef2eecb925eeb3285e03926322 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:36:29 +0200 Subject: [PATCH 3/4] gnu: python-tortoise-orm: Update to 0.16.7 0.16.6, which we skipped, includes a security fix. * gnu/packages/databases.scm (python-tortoise-orm)[source]: Update to 0.16.7 [propagated-inputs] Propagate ciso8601, which is required in setup.py --- gnu/packages/databases.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index b629fc098b..503b11e6fe 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2197,24 +2197,24 @@ can autogenerate peewee models using @code{pwiz}, a= model generator.") (define-public python-tortoise-orm (package (name "python-tortoise-orm") - (version "0.16.3") + (version "0.16.7") (source (origin (method url-fetch) (uri (pypi-uri "tortoise-orm" version)) (sha256 (base32 - "01hbvfyxs2qd1mjc96aipwsdxxhydw8ww686r4gsf87bl6f98dvz")))) + "0wr7p4v0b16ypm9fcpwpl99kf491m6w3jkd13xcsgq13fy73fbqc")))) (build-system python-build-system) ;; Disable tests for now. They pull in a lot of dependencies. (arguments `(#:tests? #f)) (native-inputs - `(("python-ciso8601" ,python-ciso8601) - ("python-asynctest" ,python-asynctest) + `(("python-asynctest" ,python-asynctest) ("python-nose2" ,python-nose2))) (propagated-inputs `(("python-aiosqlite" ,python-aiosqlite) ("python-pypika" ,python-pypika) + ("python-ciso8601" ,python-ciso8601) ("python-typing-extensions" ,python-typing-extensions))) (home-page --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0004-gnu-python-pypika-Update-to-0.37.2.patch" Content-Transfer-Encoding: quoted-printable =46rom e625bb6dba074871af6f311fceb2322f9b8084f3 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:48:56 +0200 Subject: [PATCH 4/4] gnu: python-pypika: Update to 0.37.2 * gnu/packages/databases.scm (python-pypika): Update to 0.37.2 --- gnu/packages/databases.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 503b11e6fe..08a1e1b4ad 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -3074,17 +3074,17 @@ transforms idiomatic python function calls to well-= formed SQL queries.") (define-public python-pypika (package (name "python-pypika") - (version "0.37.1") + (version "0.37.2") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/kayak/pypika.git") ;; releases are not tagged in git - (commit "ff97e3605448bf0ef67f2348ebdb1021f26c7416"))) + (commit "baef001dd2362661311b6e2f949d2be4de5c23c8"))) (file-name (git-file-name name version)) (sha256 (base32 - "08s6limzgjm4k2pw7gzbhx8914phr673dpi66q5s0zniwq6v72rh")))) + "089z1c778q1fwhzsc88ws8j5gm2hgxknibabn4wpax8rz2bfs3ck")))) (build-system python-build-system) (native-inputs `(("python-parameterized" ,python-parameterized))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb-- --+xNpyl7Qekk2NvDX Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEyk+M9DfXR4/aBV/UQhN3ARo3hEYFAl6etaEACgkQQhN3ARo3 hEZAIgv+K27BUVP+E3B/Mh4GXWLlk6wgUJMR1UqlJm5QC2tpZdJiQ6kSMaWUEIyC s+1cWTSfeH0blIG8ZavrRnsh9DmJEth41V9zpZPqCV37ic9YOU5aPMpbDxj2jQxn JXQs++9pw3tHl4rbByR603q2tGRbqGQdw60u5qHF8cVhzJ6lNjkFedwDfHxHcPrR oeXP9pouv4/Yvl4v8bk/WLsTQObRg8Hnf5c33o+91kt1oBPZq9AGFS8jB0EcraXn Ec8oIfzhyG3zLhAdyxbfFHN0ab3g4KYZ69g7a1uXV1nOrUM7x/JrKrowsJPPat6K 5D/eHVqeeFiIF6js4ZXscbDBIFCXCJkRqGpJCzpaw2TocBNjYotielIP+DYe8LAj Gm+fLXPVT/IAfLWKxAzoqz0Bpx/g8zOZpP24wdSzwGqSK+sWU2OLfGX/eq98KUNe NQQhSZZRYAZgXm9JLHn2HIg8aA9pnrPgFat1xOBVkuBNvCnsCNzGmReHK61OKSlJ Tl8k6dQJ =AOIX -----END PGP SIGNATURE----- --+xNpyl7Qekk2NvDX-- From unknown Sat Jun 14 19:10:36 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#40742] [PATCH] Update python-tortoise-orm and deps (security fix) Resent-From: Leo Famulari Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Tue, 21 Apr 2020 16:33:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 40742 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Lars-Dominik Braun Cc: 40742@debbugs.gnu.org Received: via spool by 40742-submit@debbugs.gnu.org id=B40742.158748673725205 (code B ref 40742); Tue, 21 Apr 2020 16:33:02 +0000 Received: (at 40742) by debbugs.gnu.org; 21 Apr 2020 16:32:17 +0000 Received: from localhost ([127.0.0.1]:50670 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQvom-0006YS-WC for submit@debbugs.gnu.org; Tue, 21 Apr 2020 12:32:17 -0400 Received: from out1-smtp.messagingengine.com ([66.111.4.25]:49385) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQvol-0006YE-Cn for 40742@debbugs.gnu.org; Tue, 21 Apr 2020 12:32:16 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id 2D0545C0093; Tue, 21 Apr 2020 12:32:10 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Tue, 21 Apr 2020 12:32:10 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=uSGbLVl/JLSQM8Bm+jTL+fJb RdIzsSn9I+RIWv7wOtU=; b=BxM3Hyxmds52Ykefuc5ovgtDiTKr3k59n07rmrHL GDeaS8BjD8AYN30rT1jJW+4BDRth8SghU3IK1dRqE156xuPZdGz4IpIBvy/51D/J ZICATaYrcfvSNJ145WiIj6R549K2uyH6cu59SoNf2Be/hTtZ+c6w0Bjbv2zjq78u wmM= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=uSGbLV l/JLSQM8Bm+jTL+fJbRdIzsSn9I+RIWv7wOtU=; b=nla9txH3LAogUPXn0Gdhxi +j0FGsQfPQxrGiH/Oz/sszT1lky8PTka+6ssXoZZJmXZuyt0SaUmEjp+kWXHdOaW Ys8B2pjy15DJrgLSBuP7gNpyUzuFzYFTyKDy2TTsO6oc8zmw8WV1V0dCDA6Hjdct mzLV7DOz5JkAXYDTON7qCD8rgqXcWMwej7GuBA6kSgmuzIva3QW8k10QDOsVXROs ENNY5xv9zdXV+2QhrV2vPZN6HpE+47Qdq6AXkzeSzDiwfp1F8jHvnIpsQkYYc5DT fhXXvpOooO3DJMojRmlOp8oHXiczEmZXir4jlT1o9vZOK3jUILasce7WHnLNgBAg == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrgeehgddutdduucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesthdtre dttddtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr rhhirdhnrghmvgeqnecukfhppeejiedruddvgedrudefkedrieefnecuvehluhhsthgvrh fuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvohesfhgrmhhulhgrrhhi rdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id A61D13065C8A; Tue, 21 Apr 2020 12:32:09 -0400 (EDT) Date: Tue, 21 Apr 2020 12:32:07 -0400 From: Leo Famulari Message-ID: <20200421163207.GA20354@jasmine.lan> References: <20200421085813.GB3527@zpidnp36> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200421085813.GB3527@zpidnp36> X-Spam-Score: -0.7 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) On Tue, Apr 21, 2020 at 10:58:13AM +0200, Lars-Dominik Braun wrote: > Hi, > > the attached patch series updates python-tortoise-orm and its dependencies. > tortoise-orm has received a security fix with version 0.16.6. Okay, > Subject: [PATCH 1/4] gnu: python-aiosqlite: Update to 0.12.0 > Subject: [PATCH 2/4] gnu: python-pypika: Update to 0.37.1 > Subject: [PATCH 3/4] gnu: python-tortoise-orm: Update to 0.16.7 > Subject: [PATCH 4/4] gnu: python-pypika: Update to 0.37.2 Can we skip patch 2? Or combine it with patch 4? From unknown Sat Jun 14 19:10:36 2025 X-Loop: help-debbugs@gnu.org Subject: [bug#40742] [PATCH] Update python-tortoise-orm and deps (security fix) Resent-From: Lars-Dominik Braun Original-Sender: "Debbugs-submit" Resent-CC: guix-patches@gnu.org Resent-Date: Fri, 24 Apr 2020 06:52:01 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 40742 X-GNU-PR-Package: guix-patches X-GNU-PR-Keywords: patch To: Leo Famulari Cc: 40742@debbugs.gnu.org Received: via spool by 40742-submit@debbugs.gnu.org id=B40742.15877110683404 (code B ref 40742); Fri, 24 Apr 2020 06:52:01 +0000 Received: (at 40742) by debbugs.gnu.org; 24 Apr 2020 06:51:08 +0000 Received: from localhost ([127.0.0.1]:56293 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jRsB1-0000sp-Ej for submit@debbugs.gnu.org; Fri, 24 Apr 2020 02:51:08 -0400 Received: from mail-wm1-f67.google.com ([209.85.128.67]:50427) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jRsAy-0000sJ-8p for 40742@debbugs.gnu.org; Fri, 24 Apr 2020 02:51:06 -0400 Received: by mail-wm1-f67.google.com with SMTP id x25so9206671wmc.0 for <40742@debbugs.gnu.org>; Thu, 23 Apr 2020 23:51:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leibniz-psychology-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=PTppAj6N4GPJ95OPR9msg7I6Cbv0o+MoJK1T+WkTSC4=; b=E/h7YDh6TfMoaz7Jkk23BVaiJEo7htQVTA02mJmKR8/oMdNoTN3O9mUML4A2H+Hf6/ 5k8dqUVMb3mXLad7bh9QkEOn3JtdspA6YRE11ujc3wpmxLgrAcFIRKxLfSEnSrWx1DeY bISfx/qRV7o6UnMyRgKV2fYzaM+OtlNe3k2RWbjZOPLjUdsVtFGqFF55A9Mxe9pdr9c/ jRkT+bNBkLaYpdKqhY4cTC2LyjXekwM/He4xCBZCqmq1LJCnXKlZZHyV8doLh93xP/2h lWs8mTXk0p5/ZH7z31PaGXjNF5OEngR/rv98wcaboserxCF5iCrCmNvg6y5CH+Mb6sKr 7WOQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=PTppAj6N4GPJ95OPR9msg7I6Cbv0o+MoJK1T+WkTSC4=; b=OBmcrPI3iXOPrtlbBBp+YhkzwKpqZyD58vuyKNNz9EkveMtUm6vofAcdSG3ej+ZQZX VIz5S/N4fCBTmjKyF/cyk0xCdTXKlvC8fLAHFvupkJ0CHOSBZc52Lk8MF8th5ogbh5VR d6Rs0CXhfsPFqfWhNeE6caTkkTAZqDF7Y+9yt5VoaZuuIzIUF0eu57Ryhpe4wuyKFuia YAheOc565pC9WyTyFMtX0wdRGjJ/sxBZDuXDViKb4SzuxZBf/g7+FFVtzpIUBh9xdzRI VwzRXou3S5KK0ZP+K04h0hrpTnHLpFbb25VvO1RhnixnR3ZYnPtKX264MHWc0WxbTIQc UwrA== X-Gm-Message-State: AGi0PuYPJ+YgprmxV52b6Ba24OoGAYA+WQyg2iymbhIJIb3yD2hT5Q/U MB2jLiNJX3/oll+8zeH0TG5eYeuLLOttLF/l0/2Cq4Xl/jmkD+EtM/Uon5LKZLpmU70ME3shGc+ gm6jUYidNqbD6pvAE6asLYIPAfU+8jcxv3alBJKS5OvhlOQwwrFc/xW30Id5fvRoL9ki0Okfile Ff6WmU+GEXx5E= X-Google-Smtp-Source: APiQypJq3u2/YS4SpvryTxacrg0axjjYPvuFwWg1yn0Czr5izZvnFDmVgEgedqhBob2s5HV+j1OwyA== X-Received: by 2002:a1c:384:: with SMTP id 126mr8408017wmd.58.1587711058277; Thu, 23 Apr 2020 23:50:58 -0700 (PDT) Received: from localhost (dynamic-2a01-0c23-7c4e-eb00-9040-c1ec-a458-8ab0.c23.pool.telefonica.de. [2a01:c23:7c4e:eb00:9040:c1ec:a458:8ab0]) by smtp.gmail.com with ESMTPSA id t16sm1484368wmi.27.2020.04.23.23.50.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 23 Apr 2020 23:50:56 -0700 (PDT) Date: Fri, 24 Apr 2020 08:50:56 +0200 From: Lars-Dominik Braun Message-ID: <20200424065056.GA3265@zpidnp36> References: <20200421085813.GB3527@zpidnp36> <20200421163207.GA20354@jasmine.lan> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="wq9mPyueHGvFACwf" Content-Disposition: inline In-Reply-To: <20200421163207.GA20354@jasmine.lan> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Score: 0.0 (/) X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.0 (-) --wq9mPyueHGvFACwf Content-Type: multipart/mixed; boundary="bp/iNruPH9dso1Pn" Content-Disposition: inline --bp/iNruPH9dso1Pn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, > Can we skip patch 2? Or combine it with patch 4? sorry for the delay. I squashed them and got upstream to upload tags to git. Updated patchset attached to this email. Lars --bp/iNruPH9dso1Pn Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0001-gnu-python-aiosqlite-Update-to-0.12.0.patch" Content-Transfer-Encoding: quoted-printable =46rom 0ecef561fc88e52682c67d5112b43ac3d5c495f1 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:34:30 +0200 Subject: [PATCH 1/3] gnu: python-aiosqlite: Update to 0.12.0 * gnu/packages/databases.scm (python-aiosqlite): Update to 0.12.0 --- gnu/packages/databases.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 606594e005..bf5398d87b 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2743,14 +2743,14 @@ translate the complete SQLite API into Python.") (define-public python-aiosqlite (package (name "python-aiosqlite") - (version "0.11.0") + (version "0.12.0") (source (origin (method url-fetch) (uri (pypi-uri "aiosqlite" version)) (sha256 (base32 - "1f3zdldp9zgrw6qz5fsp3wa5zw73cjf139pj4vf24ryv895320jg")))) + "1w8248yz85xyzvvh4jaxnc59fqil45aka6h82kn1rcih4rjxbnn1")))) (build-system python-build-system) (native-inputs `(("python-aiounittest" ,python-aiounittest))) --=20 2.20.1 --bp/iNruPH9dso1Pn Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0002-gnu-python-pypika-Update-to-0.37.2.patch" Content-Transfer-Encoding: quoted-printable =46rom 1fb2c59a405cc9117753e86ae29be270a64f0cab Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:35:33 +0200 Subject: [PATCH 2/3] gnu: python-pypika: Update to 0.37.2 * gnu/packages/databases.scm (python-pypika): Update to 0.37.2 --- gnu/packages/databases.scm | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index bf5398d87b..57a5128e9e 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -3074,14 +3074,16 @@ transforms idiomatic python function calls to well-= formed SQL queries.") (define-public python-pypika (package (name "python-pypika") - (version "0.36.0") + (version "0.37.2") (source - (origin - (method url-fetch) - (uri (pypi-uri "PyPika" version)) - (sha256 - (base32 - "0qzn5vygirg52dlizm6ayzdc5llq8p2krrx0kymr236lrz89wqp8")))) + (origin (method git-fetch) + (uri (git-reference + (url "https://github.com/kayak/pypika.git") + (commit (string-append "v" version)))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "089z1c778q1fwhzsc88ws8j5gm2hgxknibabn4wpax8rz2bfs3ck")))) (build-system python-build-system) (native-inputs `(("python-parameterized" ,python-parameterized))) --=20 2.20.1 --bp/iNruPH9dso1Pn Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0003-gnu-python-tortoise-orm-Update-to-0.16.7.patch" Content-Transfer-Encoding: quoted-printable =46rom 0cb47c30c36c5e49c666da32d0c234b3120bb0fe Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:36:29 +0200 Subject: [PATCH 3/3] gnu: python-tortoise-orm: Update to 0.16.7 0.16.6, which we skipped, includes a security fix. * gnu/packages/databases.scm (python-tortoise-orm)[source]: Update to 0.16.7 [propagated-inputs] Propagate ciso8601, which is required in setup.py --- gnu/packages/databases.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 57a5128e9e..23b8f14c54 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2197,24 +2197,24 @@ can autogenerate peewee models using @code{pwiz}, a= model generator.") (define-public python-tortoise-orm (package (name "python-tortoise-orm") - (version "0.16.3") + (version "0.16.7") (source (origin (method url-fetch) (uri (pypi-uri "tortoise-orm" version)) (sha256 (base32 - "01hbvfyxs2qd1mjc96aipwsdxxhydw8ww686r4gsf87bl6f98dvz")))) + "0wr7p4v0b16ypm9fcpwpl99kf491m6w3jkd13xcsgq13fy73fbqc")))) (build-system python-build-system) ;; Disable tests for now. They pull in a lot of dependencies. (arguments `(#:tests? #f)) (native-inputs - `(("python-ciso8601" ,python-ciso8601) - ("python-asynctest" ,python-asynctest) + `(("python-asynctest" ,python-asynctest) ("python-nose2" ,python-nose2))) (propagated-inputs `(("python-aiosqlite" ,python-aiosqlite) ("python-pypika" ,python-pypika) + ("python-ciso8601" ,python-ciso8601) ("python-typing-extensions" ,python-typing-extensions))) (home-page --=20 2.20.1 --bp/iNruPH9dso1Pn-- --wq9mPyueHGvFACwf Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEyk+M9DfXR4/aBV/UQhN3ARo3hEYFAl6ijEwACgkQQhN3ARo3 hEaGIQv8DVobF4iVkdHFLEb4zhZcA6IeTKI7IkXwirxITczkY80VrSrTzGZQZT7D VKFdQwmr2POgu6O2FEWcojFfZE4x6A6fqPbncDmGGq0/xJQFJvX4GJLOnQhjUbSZ 4UHFETl6NDDPh9JvBoB5j1MmGHsqBCPkqBj+ftgvv0uLB/7T7a0CyjucnzerRNE7 s7jfnPd7PTotldZ5QURTi06dN3nd8zHzVVQCTz3IAkqjwg8UCkPccmJg7xTX2JaM Wl2Rz/dYh1Joy2cRdNXqQpG7IGoM5trPdknYWQmu8Y0XLJeIgCZrVnLIugf+m3gt 3Q2TgVxTT82PzqscaXuhT1dDbl9Cydg9Hw73nwXEnDgUfjAKLDTxTs+SiN3oz1M4 j37p86CrgNbZ7uVmAkzHKrGbWy7QL54XgUpe3kk6J7XnlVoKrXptPQrHgvJIdp2B 0J/75zk0Ast9Gvuhb19mC/8OdypxN6z8vnhTNPmy38kzbmjEbBpVIkuSGYmsXQW8 J8eMSxtG =kZMK -----END PGP SIGNATURE----- --wq9mPyueHGvFACwf-- From unknown Sat Jun 14 19:10:36 2025 MIME-Version: 1.0 X-Mailer: MIME-tools 5.505 (Entity 5.505) X-Loop: help-debbugs@gnu.org From: help-debbugs@gnu.org (GNU bug Tracking System) To: Lars-Dominik Braun Subject: bug#40742: closed (Re: [bug#40742] [PATCH] Update python-tortoise-orm and deps (security fix)) Message-ID: References: <20200429191245.GA28764@jasmine.lan> <20200421085813.GB3527@zpidnp36> X-Gnu-PR-Message: they-closed 40742 X-Gnu-PR-Package: guix-patches X-Gnu-PR-Keywords: patch Reply-To: 40742@debbugs.gnu.org Date: Wed, 29 Apr 2020 19:13:02 +0000 Content-Type: multipart/mixed; boundary="----------=_1588187582-17109-1" This is a multi-part message in MIME format... ------------=_1588187582-17109-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset="utf-8" Your bug report #40742: [PATCH] Update python-tortoise-orm and deps (security fix) which was filed against the guix-patches package, has been closed. The explanation is attached below, along with your original report. If you require more details, please reply to 40742@debbugs.gnu.org. --=20 40742: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=3D40742 GNU Bug Tracking System Contact help-debbugs@gnu.org with problems ------------=_1588187582-17109-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at 40742-done) by debbugs.gnu.org; 29 Apr 2020 19:12:59 +0000 Received: from localhost ([127.0.0.1]:44626 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTs8h-0004Ri-9C for submit@debbugs.gnu.org; Wed, 29 Apr 2020 15:12:59 -0400 Received: from out2-smtp.messagingengine.com ([66.111.4.26]:45987) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jTs8g-0004RV-6M for 40742-done@debbugs.gnu.org; Wed, 29 Apr 2020 15:12:58 -0400 Received: from compute2.internal (compute2.nyi.internal [10.202.2.42]) by mailout.nyi.internal (Postfix) with ESMTP id E89765C01E0; Wed, 29 Apr 2020 15:12:51 -0400 (EDT) Received: from mailfrontend2 ([10.202.2.163]) by compute2.internal (MEProxy); Wed, 29 Apr 2020 15:12:51 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=famulari.name; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:in-reply-to; s=mesmtp; bh=Hai/ohcbEhaeCeEKRZmIzs0n SoUcrL85PLxmZehe+nk=; b=XqWlCAqxsznlmqkwkeGUz8fohrTx33mDPfVOkW3/ F7K1xnuLy/Z8olbMnQmAMDOJcmWlMEdKlusBEpL74Lhj1pi+ul9ojRneCAEA21lP K9BRQS1NyZn26tVjR6pAkaCgRI0ufzpQgaIv1Ij1ZuldpYAldsf5HGdsPjx08dly 840= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:content-type:date:from:in-reply-to :message-id:mime-version:references:subject:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; bh=Hai/oh cbEhaeCeEKRZmIzs0nSoUcrL85PLxmZehe+nk=; b=X+zMiHKWT/Jb+9e8Yu5/Yc EdrjAdqoUjHTl984kA/j9Drwf4HWQJcHSHO3bSzl4iAc+eTmPerNAZYwkdduGVAo xizsrBuYM6Nryj+1fH8clIufXm71Qmv50Zwg/I8mSV/wLFJHdPVkdz/MNfCfpNrM yCXK3XaNaBl1hTeHIE4WTMmP/gvpZd3+yG4R7/NooO/5VmMJozH6hUQApFcbysv1 Q0E6mLmnOclusfWxivNXCWUnKEQvDLkgDOhtrl6P3coywEsX/l68eV+KbXRi9PD9 FTQ6xY298pp5WTFNc7gU9qhTa2iWtuq8CTZ9mQiS3xMJaq9OvvnTFbYtk3n7dRcQ == X-ME-Sender: X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgeduhedrieefgddufeefucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpeffhffvuffkfhggtggujgesghdtre ertddtvdenucfhrhhomhepnfgvohcuhfgrmhhulhgrrhhiuceolhgvohesfhgrmhhulhgr rhhirdhnrghmvgeqnecuggftrfgrthhtvghrnhepudekveegteekleetgfeitdejgfejke ffudethedvhfeukeduleeikeejfeehffetnecukfhppeejiedruddvgedrudefkedrieef necuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomheplhgvoh esfhgrmhhulhgrrhhirdhnrghmvg X-ME-Proxy: Received: from localhost (c-76-124-138-63.hsd1.pa.comcast.net [76.124.138.63]) by mail.messagingengine.com (Postfix) with ESMTPA id 70B0A3065EDF; Wed, 29 Apr 2020 15:12:51 -0400 (EDT) Date: Wed, 29 Apr 2020 15:12:45 -0400 From: Leo Famulari To: Lars-Dominik Braun Subject: Re: [bug#40742] [PATCH] Update python-tortoise-orm and deps (security fix) Message-ID: <20200429191245.GA28764@jasmine.lan> References: <20200421085813.GB3527@zpidnp36> <20200421163207.GA20354@jasmine.lan> <20200424065056.GA3265@zpidnp36> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ZPt4rx8FFjLCG7dd" Content-Disposition: inline In-Reply-To: <20200424065056.GA3265@zpidnp36> X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 40742-done Cc: 40742-done@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --ZPt4rx8FFjLCG7dd Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 24, 2020 at 08:50:56AM +0200, Lars-Dominik Braun wrote: > Hi, >=20 > > Can we skip patch 2? Or combine it with patch 4? > sorry for the delay. I squashed them and got upstream to upload tags to g= it. > Updated patchset attached to this email. Thanks! Pushed as b9d96ed77343e3f158f7ee1c758270bf4f059a74 --ZPt4rx8FFjLCG7dd Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCAAdFiEEsFFZSPHn08G5gDigJkb6MLrKfwgFAl6p0a0ACgkQJkb6MLrK fwjFMRAA0RehhJ1hIFDmriisIME6Qgws9DM2+qMgeCHLQHhNUT+D8ShxxBKLw1Px 39jK1NlOMG7tknI46psSMcayCL+gRKTYLM80vYxbiKqpDvMICqLq/ek90b9wrH2Y 13eXWebFLpGcCFgFQzc4FR3BOt/vz/KpvyUYxDON1WfYZlQ9p/3Kgz5AOuWEJFJ2 GN9iQLj96ugllijY6bS/KLRo3c7LNd3RVZKwA59RbYfp9rTYkZaSkPwNLDnOkuDP BqUlcFkuL2D8Dv2OO4i+dubrVX9JgX55bny/NbU1Xn5KATWeh+jyvaCxgYdhpz30 kJtaa5dGXQ3wcgSqNsLp0IyZia+A08pwXbaLc2xisyvwTPskTYre6aov5Lly83YY c7AdafIOKhbpgbDIqnDEbwqJln51/4rwhY35riWlI7nNLbaxboKTHSeaJGpHfkgf kjls7pSjOmKArNbJq11GDW/uH+PdhZq7nrC1FTUNpHdWbJ0onBCoC4SClrw0wqsp gpnwMJxlPt/kPvo5Y9m2n2udCHKTahGo2mfmyxEdF0RHw1nZIM/2Fiq1CcNaJHMi tFxusqyPPwFmS3cX6wA6cjfO21LWhDa286VnKCqxNbRqnVdLsxbrMuOdJY8E6ZkX JozDDBKo7fcrGQAQaaGjw8A25JmBFUR80iHV3dVEqyJ80RGoTEo= =oaSj -----END PGP SIGNATURE----- --ZPt4rx8FFjLCG7dd-- ------------=_1588187582-17109-1 Content-Type: message/rfc822 Content-Disposition: inline Content-Transfer-Encoding: 7bit Received: (at submit) by debbugs.gnu.org; 21 Apr 2020 08:58:28 +0000 Received: from localhost ([127.0.0.1]:49034 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQojb-0007OV-Hl for submit@debbugs.gnu.org; Tue, 21 Apr 2020 04:58:27 -0400 Received: from lists.gnu.org ([209.51.188.17]:48847) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1jQojZ-0007ON-Eb for submit@debbugs.gnu.org; Tue, 21 Apr 2020 04:58:25 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:58222) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jQojY-0005ct-IB for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:25 -0400 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_NONE,URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.2 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.90_1) (envelope-from ) id 1jQojS-00010v-99 for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:24 -0400 Received: from mail-wm1-x342.google.com ([2a00:1450:4864:20::342]:40789) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1jQojR-0000wL-If for guix-patches@gnu.org; Tue, 21 Apr 2020 04:58:17 -0400 Received: by mail-wm1-x342.google.com with SMTP id u16so2726804wmc.5 for ; Tue, 21 Apr 2020 01:58:16 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=leibniz-psychology-org.20150623.gappssmtp.com; s=20150623; h=date:from:to:subject:message-id:mime-version:content-disposition :user-agent; bh=wFPTx26kktUgb7ClvHI/X1rxowCTds80gQfVSY9uqV4=; b=jvX9gNn+q1d+AT0Jkw1PjN2CEKHkSdF7Gg3hd6u6JClupUCLBz9/nspi7y1jE9IZKk KOvtoJfAjBUcezQJJUAE+BHFwl7Z1miKiT+qcj1h6skynIkifnT7SCGvjtYSsBu4xcex JElPCexyeaj3w0g5/XrYTxlF89zICBCII2efsKVu5e7fXA2ueq4faxbZY0Bib6bEys0a 1ZHnvGDLshasTaWyg+W+pOL5SdMuKSXHgb7FYzFXlTnJf9ZfbIfeW/le96kSQqwLEQF8 6/eF855rrxfc3PcHGQOsA7w8EAflz3M3xBbMVuiJ0wr+KlSLWi5sZH0n3JMgfJX43uub 5liA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:date:from:to:subject:message-id:mime-version :content-disposition:user-agent; bh=wFPTx26kktUgb7ClvHI/X1rxowCTds80gQfVSY9uqV4=; b=GMzVlEOiIufvAgjy4mVcUVqttKFhKryXAqtDQz9pDn9c2/Vqnxhpb81aB/acTPdd32 kh70F5N5wU07cnZEnKMan/IRRCC9vX4mXOTJBjMKaAWI9wSKdweC+7xEWi4oAkulYjgG uVAkdr96U6IZWDJMWJaBFhyqz3BGjAeAVzjLk7iXg1I/4+sge1wNKIoMBXH4SRkLZN4p oe7zBoJ9KXuS6hqam8b+CjWDIwyeHrL8V+8qFwvwaYiExRcFwQaWWBuOIMhaM/XOddSm HZhUbpzhPBfgl3kR4cwu5WOesHTuFCz10J2zMkefYdt6ZM61r0JeBu5RFsmXrqxLPoeF PpJg== X-Gm-Message-State: AGi0PubWQdmr/DGvi33DyMPlsR4et7qz4qk9bhFBaLR2LcpAXo2i78es 7yTL0nqfLEzX52CAzjV/sXIjLVMWf+2ivrFijkIgjv4GZ/V9/5M5keye7MpKhzbtUOpBvV7CgSD jTWmMoM4Wa/CJCORKTd6SUSWDk16eiRB9C756hZDO3LvdF6BKmXFpwf6eywcH6BurLbIVlOrve+ JW0qmNxg/y5g== X-Google-Smtp-Source: APiQypJ01imCDNbxJQkmwxWipaI5a/qg2Rty+yYMVZ5mv7jcYrMGIsf9kL9Cacy8vWVlKJssmp81vQ== X-Received: by 2002:a05:600c:148:: with SMTP id w8mr3951028wmm.144.1587459494817; Tue, 21 Apr 2020 01:58:14 -0700 (PDT) Received: from localhost (dynamic-2a01-0c22-c813-0900-7494-ad80-8848-1078.c22.pool.telefonica.de. [2a01:c22:c813:900:7494:ad80:8848:1078]) by smtp.gmail.com with ESMTPSA id 68sm2834533wrm.65.2020.04.21.01.58.13 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 21 Apr 2020 01:58:14 -0700 (PDT) Date: Tue, 21 Apr 2020 10:58:13 +0200 From: Lars-Dominik Braun To: guix-patches@gnu.org Subject: [PATCH] Update python-tortoise-orm and deps (security fix) Message-ID: <20200421085813.GB3527@zpidnp36> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="+xNpyl7Qekk2NvDX" Content-Disposition: inline User-Agent: Mutt/1.10.1 (2018-07-13) Received-SPF: none client-ip=2a00:1450:4864:20::342; envelope-from=ldb@leibniz-psychology.org; helo=mail-wm1-x342.google.com X-detected-operating-system: by eggs.gnu.org: Error: [-] PROGRAM ABORT : Malformed IPv6 address (bad octet value). Location : parse_addr6(), p0f-client.c:67 X-Received-From: 2a00:1450:4864:20::342 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: submit X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -1.7 (-) --+xNpyl7Qekk2NvDX Content-Type: multipart/mixed; boundary="mxv5cy4qt+RJ9ypb" Content-Disposition: inline --mxv5cy4qt+RJ9ypb Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi, the attached patch series updates python-tortoise-orm and its dependencies. tortoise-orm has received a security fix with version 0.16.6. Lars --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0001-gnu-python-aiosqlite-Update-to-0.12.0.patch" Content-Transfer-Encoding: quoted-printable =46rom 0ecef561fc88e52682c67d5112b43ac3d5c495f1 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:34:30 +0200 Subject: [PATCH 1/4] gnu: python-aiosqlite: Update to 0.12.0 * gnu/packages/databases.scm (python-aiosqlite): Update to 0.12.0 --- gnu/packages/databases.scm | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 606594e005..bf5398d87b 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2743,14 +2743,14 @@ translate the complete SQLite API into Python.") (define-public python-aiosqlite (package (name "python-aiosqlite") - (version "0.11.0") + (version "0.12.0") (source (origin (method url-fetch) (uri (pypi-uri "aiosqlite" version)) (sha256 (base32 - "1f3zdldp9zgrw6qz5fsp3wa5zw73cjf139pj4vf24ryv895320jg")))) + "1w8248yz85xyzvvh4jaxnc59fqil45aka6h82kn1rcih4rjxbnn1")))) (build-system python-build-system) (native-inputs `(("python-aiounittest" ,python-aiounittest))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0002-gnu-python-pypika-Update-to-0.37.1.patch" Content-Transfer-Encoding: quoted-printable =46rom 1a50c8c5c0768f387b4f822d53e48858bf5aa403 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:35:33 +0200 Subject: [PATCH 2/4] gnu: python-pypika: Update to 0.37.1 * gnu/packages/databases.scm (python-pypika): Update to 0.37.1 --- gnu/packages/databases.scm | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index bf5398d87b..b629fc098b 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -3074,14 +3074,17 @@ transforms idiomatic python function calls to well-= formed SQL queries.") (define-public python-pypika (package (name "python-pypika") - (version "0.36.0") + (version "0.37.1") (source - (origin - (method url-fetch) - (uri (pypi-uri "PyPika" version)) - (sha256 - (base32 - "0qzn5vygirg52dlizm6ayzdc5llq8p2krrx0kymr236lrz89wqp8")))) + (origin (method git-fetch) + (uri (git-reference + (url "https://github.com/kayak/pypika.git") + ;; releases are not tagged in git + (commit "ff97e3605448bf0ef67f2348ebdb1021f26c7416"))) + (file-name (git-file-name name version)) + (sha256 + (base32 + "08s6limzgjm4k2pw7gzbhx8914phr673dpi66q5s0zniwq6v72rh")))) (build-system python-build-system) (native-inputs `(("python-parameterized" ,python-parameterized))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0003-gnu-python-tortoise-orm-Update-to-0.16.7.patch" Content-Transfer-Encoding: quoted-printable =46rom 0f0fd13d570b35ef2eecb925eeb3285e03926322 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:36:29 +0200 Subject: [PATCH 3/4] gnu: python-tortoise-orm: Update to 0.16.7 0.16.6, which we skipped, includes a security fix. * gnu/packages/databases.scm (python-tortoise-orm)[source]: Update to 0.16.7 [propagated-inputs] Propagate ciso8601, which is required in setup.py --- gnu/packages/databases.scm | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index b629fc098b..503b11e6fe 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -2197,24 +2197,24 @@ can autogenerate peewee models using @code{pwiz}, a= model generator.") (define-public python-tortoise-orm (package (name "python-tortoise-orm") - (version "0.16.3") + (version "0.16.7") (source (origin (method url-fetch) (uri (pypi-uri "tortoise-orm" version)) (sha256 (base32 - "01hbvfyxs2qd1mjc96aipwsdxxhydw8ww686r4gsf87bl6f98dvz")))) + "0wr7p4v0b16ypm9fcpwpl99kf491m6w3jkd13xcsgq13fy73fbqc")))) (build-system python-build-system) ;; Disable tests for now. They pull in a lot of dependencies. (arguments `(#:tests? #f)) (native-inputs - `(("python-ciso8601" ,python-ciso8601) - ("python-asynctest" ,python-asynctest) + `(("python-asynctest" ,python-asynctest) ("python-nose2" ,python-nose2))) (propagated-inputs `(("python-aiosqlite" ,python-aiosqlite) ("python-pypika" ,python-pypika) + ("python-ciso8601" ,python-ciso8601) ("python-typing-extensions" ,python-typing-extensions))) (home-page --=20 2.20.1 --mxv5cy4qt+RJ9ypb Content-Type: text/x-diff; charset=us-ascii Content-Disposition: attachment; filename="0004-gnu-python-pypika-Update-to-0.37.2.patch" Content-Transfer-Encoding: quoted-printable =46rom e625bb6dba074871af6f311fceb2322f9b8084f3 Mon Sep 17 00:00:00 2001 =46rom: Lars-Dominik Braun Date: Tue, 21 Apr 2020 10:48:56 +0200 Subject: [PATCH 4/4] gnu: python-pypika: Update to 0.37.2 * gnu/packages/databases.scm (python-pypika): Update to 0.37.2 --- gnu/packages/databases.scm | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gnu/packages/databases.scm b/gnu/packages/databases.scm index 503b11e6fe..08a1e1b4ad 100644 --- a/gnu/packages/databases.scm +++ b/gnu/packages/databases.scm @@ -3074,17 +3074,17 @@ transforms idiomatic python function calls to well-= formed SQL queries.") (define-public python-pypika (package (name "python-pypika") - (version "0.37.1") + (version "0.37.2") (source (origin (method git-fetch) (uri (git-reference (url "https://github.com/kayak/pypika.git") ;; releases are not tagged in git - (commit "ff97e3605448bf0ef67f2348ebdb1021f26c7416"))) + (commit "baef001dd2362661311b6e2f949d2be4de5c23c8"))) (file-name (git-file-name name version)) (sha256 (base32 - "08s6limzgjm4k2pw7gzbhx8914phr673dpi66q5s0zniwq6v72rh")))) + "089z1c778q1fwhzsc88ws8j5gm2hgxknibabn4wpax8rz2bfs3ck")))) (build-system python-build-system) (native-inputs `(("python-parameterized" ,python-parameterized))) --=20 2.20.1 --mxv5cy4qt+RJ9ypb-- --+xNpyl7Qekk2NvDX Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQGzBAABCgAdFiEEyk+M9DfXR4/aBV/UQhN3ARo3hEYFAl6etaEACgkQQhN3ARo3 hEZAIgv+K27BUVP+E3B/Mh4GXWLlk6wgUJMR1UqlJm5QC2tpZdJiQ6kSMaWUEIyC s+1cWTSfeH0blIG8ZavrRnsh9DmJEth41V9zpZPqCV37ic9YOU5aPMpbDxj2jQxn JXQs++9pw3tHl4rbByR603q2tGRbqGQdw60u5qHF8cVhzJ6lNjkFedwDfHxHcPrR oeXP9pouv4/Yvl4v8bk/WLsTQObRg8Hnf5c33o+91kt1oBPZq9AGFS8jB0EcraXn Ec8oIfzhyG3zLhAdyxbfFHN0ab3g4KYZ69g7a1uXV1nOrUM7x/JrKrowsJPPat6K 5D/eHVqeeFiIF6js4ZXscbDBIFCXCJkRqGpJCzpaw2TocBNjYotielIP+DYe8LAj Gm+fLXPVT/IAfLWKxAzoqz0Bpx/g8zOZpP24wdSzwGqSK+sWU2OLfGX/eq98KUNe NQQhSZZRYAZgXm9JLHn2HIg8aA9pnrPgFat1xOBVkuBNvCnsCNzGmReHK61OKSlJ Tl8k6dQJ =AOIX -----END PGP SIGNATURE----- --+xNpyl7Qekk2NvDX-- ------------=_1588187582-17109-1--