GNU bug report logs - #44302
[PATCH] gnu: httpie: Update to 2.3.0.

Previous Next

Package: guix-patches;

Reported by: Tanguy Le Carrour <tanguy <at> bioneland.org>

Date: Thu, 29 Oct 2020 09:49:01 UTC

Severity: normal

Tags: patch

Done: Ludovic Courtès <ludo <at> gnu.org>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 44302 in the body.
You can then email your comments to 44302 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to guix-patches <at> gnu.org:
bug#44302; Package guix-patches. (Thu, 29 Oct 2020 09:49:01 GMT) Full text and rfc822 format available.

Acknowledgement sent to Tanguy Le Carrour <tanguy <at> bioneland.org>:
New bug report received and forwarded. Copy sent to guix-patches <at> gnu.org. (Thu, 29 Oct 2020 09:49:01 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Tanguy Le Carrour <tanguy <at> bioneland.org>
To: guix-patches <at> gnu.org
Cc: Tanguy Le Carrour <tanguy <at> bioneland.org>
Subject: [PATCH] gnu: httpie: Update to 2.3.0.
Date: Thu, 29 Oct 2020 10:47:54 +0100
* gnu/packages/python-web.scm (httpie): Update to 2.3.0.
[propagated-inputs]: Add python-requests-toolbelt.
[home-page]: Update URL.
---
 gnu/packages/python-web.scm | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm
index 1b6f0290ab..cf71a64e7c 100644
--- a/gnu/packages/python-web.scm
+++ b/gnu/packages/python-web.scm
@@ -30,7 +30,7 @@
 ;;; Copyright © 2019 Vagrant Cascadian <vagrant <at> debian.org>
 ;;; Copyright © 2019 Brendan Tildesley <mail <at> brendan.scot>
 ;;; Copyright © 2019 Pierre Langlois <pierre.langlois <at> gmx.com>
-;;; Copyright © 2019 Tanguy Le Carrour <tanguy <at> bioneland.org>
+;;; Copyright © 2019, 2020 Tanguy Le Carrour <tanguy <at> bioneland.org>
 ;;; Copyright © 2020 Jakub Kądziołka <kuba <at> kadziolka.net>
 ;;; Copyright © 2020 Evan Straw <evan.straw99 <at> gmail.com>
 ;;; Copyright © 2020 Alexandros Theodotou <alex <at> zrythm.org>
@@ -429,14 +429,14 @@ other HTTP libraries.")
 (define-public httpie
   (package
     (name "httpie")
-    (version "2.2.0")
+    (version "2.3.0")
     (source
      (origin
        (method url-fetch)
        (uri (pypi-uri "httpie" version))
        (sha256
         (base32
-         "18058k0i3cc4ixvgzj882w693lf40283flvspbrvd876iq42ib1i"))))
+         "15ngl3yc186gkgqdx8iav9bpj8gxjpzz26y32z92jwyhj4cmfh6m"))))
     (build-system python-build-system)
     (arguments
      ;; The tests attempt to access external web servers, so we cannot run them.
@@ -444,8 +444,9 @@ other HTTP libraries.")
     (propagated-inputs
      `(("python-colorama" ,python-colorama)
        ("python-pygments" ,python-pygments)
-       ("python-requests" ,python-requests)))
-    (home-page "https://httpie.org/")
+       ("python-requests" ,python-requests)
+       ("python-requests-toolbelt" ,python-requests-toolbelt-0.9.1)))
+    (home-page "https://httpie.io")
     (synopsis "cURL-like tool for humans")
     (description
      "A command line HTTP client with an intuitive UI, JSON support,
-- 
2.29.1





Reply sent to Ludovic Courtès <ludo <at> gnu.org>:
You have taken responsibility. (Sat, 31 Oct 2020 22:17:01 GMT) Full text and rfc822 format available.

Notification sent to Tanguy Le Carrour <tanguy <at> bioneland.org>:
bug acknowledged by developer. (Sat, 31 Oct 2020 22:17:01 GMT) Full text and rfc822 format available.

Message #10 received at 44302-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Tanguy Le Carrour <tanguy <at> bioneland.org>
Cc: 44302-done <at> debbugs.gnu.org
Subject: Re: [bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.
Date: Sat, 31 Oct 2020 23:15:57 +0100
Hi,

Tanguy Le Carrour <tanguy <at> bioneland.org> skribis:

> * gnu/packages/python-web.scm (httpie): Update to 2.3.0.
> [propagated-inputs]: Add python-requests-toolbelt.
> [home-page]: Update URL.

Applied, thanks!

‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be nice
if you could take a look and see what needs to be done about it.

Thanks,
Ludo’.




Information forwarded to guix-patches <at> gnu.org:
bug#44302; Package guix-patches. (Sun, 01 Nov 2020 08:15:01 GMT) Full text and rfc822 format available.

Message #13 received at 44302-done <at> debbugs.gnu.org (full text, mbox):

From: Tanguy LE CARROUR <tanguy <at> bioneland.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 44302-done <at> debbugs.gnu.org
Subject: Re: [bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.
Date: Sun, 01 Nov 2020 09:14:28 +0100
Hi Ludo',

Le 31 octobre 2020 23:15:57 CET, "Ludovic Courtès" <ludo <at> gnu.org> a écrit :
>Tanguy Le Carrour <tanguy <at> bioneland.org> skribis:
>
>> * gnu/packages/python-web.scm (httpie): Update to 2.3.0.
>> [propagated-inputs]: Add python-requests-toolbelt.
>> [home-page]: Update URL.
>
>Applied, thanks!

Thanks.


>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
>nice
>if you could take a look and see what needs to be done about it.

I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?

Regards


-- 
Tanguy




Information forwarded to guix-patches <at> gnu.org:
bug#44302; Package guix-patches. (Mon, 02 Nov 2020 15:50:03 GMT) Full text and rfc822 format available.

Message #16 received at 44302-done <at> debbugs.gnu.org (full text, mbox):

From: Ludovic Courtès <ludo <at> gnu.org>
To: Tanguy LE CARROUR <tanguy <at> bioneland.org>
Cc: 44302-done <at> debbugs.gnu.org
Subject: Re: [bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.
Date: Mon, 02 Nov 2020 16:49:45 +0100
Hi,

Tanguy LE CARROUR <tanguy <at> bioneland.org> skribis:

>>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
>>nice
>>if you could take a look and see what needs to be done about it.
>
> I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?

If you’re sure of that, you can add a ‘lint-hidden-cve’ property with a
comment linking to evidence that this is fixed.

Thanks for checking,
Ludo’.




Information forwarded to guix-patches <at> gnu.org:
bug#44302; Package guix-patches. (Mon, 02 Nov 2020 16:11:01 GMT) Full text and rfc822 format available.

Message #19 received at 44302-done <at> debbugs.gnu.org (full text, mbox):

From: Tanguy Le Carrour <tanguy <at> bioneland.org>
To: Ludovic Courtès <ludo <at> gnu.org>
Cc: 44302-done <at> debbugs.gnu.org
Subject: Re: [bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.
Date: Mon, 2 Nov 2020 17:10:31 +0100
Hi,


Le 11/02, Ludovic Courtès a écrit :
> Tanguy LE CARROUR <tanguy <at> bioneland.org> skribis:
> 
> >>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
> >>nice
> >>if you could take a look and see what needs to be done about it.
> >
> > I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?
> 
> If you’re sure of that, you can add a ‘lint-hidden-cve’ property with a
> comment linking to evidence that this is fixed.

Done! http://debbugs.gnu.org/cgi/bugreport.cgi?bug=44392

Regards

-- 
Tanguy




bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Tue, 01 Dec 2020 12:24:04 GMT) Full text and rfc822 format available.

This bug report was last modified 4 years and 256 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.