summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python
Commit message (Collapse)AuthorAgeFilesLines
...
* python3-setuptools-rust-native: Add direct dependency of native python3 modulesPoonam2023-03-201-3/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Add direct dependency of below native python3 modules to fix the compile issue  python3-semantic-version-native python3-setuptools-native python3-setuptools-scm-native python3-toml-native python3-typing-extensions-native python3-wheel-native This issue is not seen in the upstream yocto but in the project, where the python modules are not built by any other dependency. They have to be explicitly pulled. This fixes below error: File "<path to file>/python3-setuptools-rust-native/1.1.2-r0/recipe-sysroot-native/usr/lib/python3.10/site-packages/setuptools/config.py", line 422, in _parse_attr     module = importlib.import_module(module_name)   File "<path to file>/python3-setuptools-rust-native/1.1.2-r0/recipe-sysroot-native/usr/lib/python3.10/importlib/__init__.py", line 126, in import_module     return _bootstrap._gcd_import(name[level:], package, level)   File "<frozen importlib._bootstrap>", line 1050, in _gcd_import   File "<frozen importlib._bootstrap>", line 1027, in _find_and_load   File "<frozen importlib._bootstrap>", line 1006, in _find_and_load_unlocked   File "<frozen importlib._bootstrap>", line 688, in _load_unlocked   File "<frozen importlib._bootstrap_external>", line 883, in exec_module   File "<frozen importlib._bootstrap>", line 241, in _call_with_frames_removed   File "<path to file>/python3-setuptools-rust-native/1.1.2-r0/setuptools-rust-1.1.2/setuptools_rust/__init__.py", line 1, in <module>     from .build import build_rust   File "<path to file>/python3-setuptools-rust-native/1.1.2-r0/setuptools-rust-1.1.2/setuptools_rust/build.py", line 23, in <module>     from typing_extensions import Literal ModuleNotFoundError: No module named 'typing_extensions' (From OE-Core rev: 0ae1ed426e97d9d53fb31a9751de5a3f1898b16b) Signed-off-by: Poonam Jadhav <Poonam.Jadhav@kpit.com> Signed-off-by: Poonam Jadhav <ppjadhav456@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytest: depend on python3-tomli instead of python3-tomlArnout Vandecappelle2023-02-151-1/+1
| | | | | | | | | | | | | | | | | | Since version 7.0.0 [1], pytest switched from the toml package to the tomli package for parsing pyproject.toml configuration files [2]. This change is not immediately noticable during tests, because the toml/tomli module is only important if a pyproject.toml is actually present in a project. [1] https://docs.pytest.org/en/latest/changelog.html#pytest-7-0-0rc1-2021-12-06 [2] https://github.com/pytest-dev/pytest/issues/8789 (From OE-Core rev: e5e590ed9e118283ad67bcfb059b3375cf847b33) Signed-off-by: Arnout Vandecappelle <arnout@mind.be> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-certifi: fix for CVE-2022-23491Narpat Mali2023-02-152-0/+232
| | | | | | | | | | | | | | | | | | | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi 2022.12.07 removes root certificates from "TrustCor" from the root store. These are in the process of being removed from Mozilla's trust store. TrustCor's root certificates are being removed pursuant to an investigation prompted by media reporting that TrustCor's ownership also operated a business that produced spyware. Conclusions of Mozilla's investigation can be found in the linked google group discussion. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-23491 (From OE-Core rev: 8ee4adb8675c690962e5820669098a95f74c07c7) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-git: fix for CVE-2022-24439Narpat Mali2023-01-263-0/+589
| | | | | | | | | | | | | | | | | | | | | | All versions of package gitpython are vulnerable to Remote Code Execution (RCE) due to improper user input validation, which makes it possible to inject a maliciously crafted remote URL into the clone command. Exploiting this vulnerability is possible because the library makes external calls to git without sufficient sanitization of input arguments. CVE: CVE-2022-24439 Upstream-Status: Backport Reference: https://github.com/gitpython-developers/GitPython/discussions/1529 https://github.com/gitpython-developers/GitPython/pull/1518 https://github.com/gitpython-developers/GitPython/pull/1521 (From OE-Core rev: 55f93e3786290dfa5ac72b5969bb2793f6a98bde) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-wheel: fix for CVE-2022-40898Narpat Mali2023-01-262-1/+35
| | | | | | | | | | | | | | | An issue discovered in Python Packaging Authority (PyPA) Wheel 0.37.1 and earlier allows remote attackers to cause a denial of service via attacker controlled input to wheel cli. CVE: CVE-2022-40898 Upstream-Status: Backport [https://github.com/pypa/wheel/commit/88f02bc335d5404991e532e7f3b0fc80437bf4e0] (From OE-Core rev: 0974291e545aec68755dfb634c75dca37cca1ea9) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-setuptools: fix for CVE-2022-40897Narpat Mali2023-01-262-0/+32
| | | | | | | | | | | | | | | | Python Packaging Authority (PyPA) setuptools before 65.5.1 allows remote attackers to cause a denial of service via HTML in a crafted package or custom PackageIndex page. There is a Regular Expression Denial of Service (ReDoS) in package_index.py. CVE: CVE-2022-40897 Upstream-Status: Backport [https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be] (From OE-Core rev: f574d8d57ff3fbc38e350e7a90913993081c4fdf) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.10.8 -> 3.10.9Florin Diaconescu2022-12-233-180/+1
| | | | | | | | | | | | | | | | | | | Security and bug fixes. Drop patch for CVE-2022-42919 and CVE-2022-37454 which were merged in 3.10.9 Fixes: * CVE-2022-45061 (gh-98433) https://nvd.nist.gov/vuln/detail/CVE-2022-45061 List of changes: https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-9-final (From OE-Core rev: f98b9c71686eb5ce5115ee73155a7d0389831ef0) Signed-off-by: Florin Diaconescu <florin.diaconescu009@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: advance to version 3.10.8Joe Slater2022-12-132-2/+110
| | | | | | | | | | Fixes CVE-2022-37460. Also add patch to fix CVE-2022-37454. (From OE-Core rev: b446dd69b79783ea232514e1c5212595ec28e553) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix CVE-2022-42919 local privilege escalation via the ↵Vivek Kumbhar2022-12-012-0/+71
| | | | | | | | | | | | multiprocessing forkserver start method Upstream-Status: Backport from https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2 (From OE-Core rev: 9ed7184930707c98afabca8c6b712df874ad659f) Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* get_module_deps3.py: Check attribute '__file__'Leon Anavi2022-11-241-1/+1
| | | | | | | | | | | | | | | Check if the module object has attribute '__file__' to fix and avoid errors like: AttributeError: module '_abc' has no attribute '__file__'. Did you mean: '__name__'? (From OE-Core rev: 1684457df9fb7029a276df4438c8fc4a17e3e1e9) Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 8acce12c1a4cf37ac312c92d62a6ae93a349dddf) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-mako: backport fix for CVE-2022-40023Narpat Mali2022-11-202-0/+121
| | | | | | | | | | | | | | | | | Sqlalchemy mako before 1.2.2 is vulnerable to Regular expression Denial of Service when using the Lexer class to parse. This also affects babelplugin and linguaplugin. Reference: https://nvd.nist.gov/vuln/detail/CVE-2022-40023 Reference to Upstream Patch: https://github.com/sqlalchemy/mako/commit/925760291d6efec64fda6e9dd1fd9cfbd5be068c (From OE-Core rev: 34727812b54fd52f85806f4f95702286d551b5fd) Signed-off-by: Narpat Mali <narpat.mali@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.10.4 -> 3.10.7Tim Orling2022-10-203-59/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | Security and bug fixes. Drop patch for gh-92036 which was merged in 3.10.5 Refresh 0017-setup.py-do-not-report-missing-dependencies-for-disa.pathc Fixes: * CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 * CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 * CVE-2018-25032 https://nvd.nist.gov/vuln/detail/CVE-2018-25032 For a list of changes see: https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-7-final https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final (From OE-Core rev: 3efae85283b19fa1b30af7fed7fa89d7a50337db) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-rfc3986-validator: switch from SRC_URI:append to SRC_URI +=Mikko Rapeli2022-09-281-1/+1
| | | | | | | | | | | | | | | The :append can not be removed via bbappends if needed. Thus it's better for open source layers to use += append if possible. (From OE-Core rev: 1e09be9455fb054b3f74f088b355116828cb4626) (From OE-Core rev: 15ac2f4f2873a3c7b9f5bd0385d570e7b64fc643) Signed-off-by: Mikko Rapeli <mikko.rapeli@linaro.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4546b5186e5aa2808be6c1616eca15219c4fcb5d) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pip: Fix RDEPENDS after the updateDaiane Angolini2022-08-281-0/+2
| | | | | | | | | | | | | | | | | | Fix the following error messages: ModuleNotFoundError: No module named 'distutils' ModuleNotFoundError: No module named 'colorsys' (From OE-Core rev: 3e1c254f71a4d22ebde063e23242cd838fb917f9) Signed-off-by: Daiane Angolini <daiane.angolini@foundries.io> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8beef93e6e341566eba8a125f75ad836ac6a3d69) Signed-off-by: Jose Quaresma <jose.quaresma@foundries.io> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Backport patch to fix an issue in subinterpretersMarkus Volk2022-07-252-0/+55
| | | | | | | | | | | | | This adds a backport patch that fixes a problem in subinterpreters related to the garbagecollector. Without the patch, there are random segfaults in several Kodi addons that use python3-sqlite3. Presumably there are real world issues in other programs as well. (From OE-Core rev: 39d57ef7e341a048b94bc5dd9c29d58f57e06f19) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python: Avoid shebang overflow on python-config.pyPaulo Neves2022-06-242-0/+34
| | | | | | | | | | | | | | The native path may be too big, leading to shebang overflow. Just use the #!/usr/bin/env python3. (From OE-Core rev: 8a86bd88f0b46b0f413b98df20891cb9aa84c271) Signed-off-by: Paulo Neves <ptsneves@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 84783dee09e48cb930c7cd27944eaf3f03997237) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Ensure stale empty python module directories don't break the buildRichard Purdie2022-06-242-0/+33
| | | | | | | | | | | | | | | | | | | | | There are two issues inside importlib. Firstly, the modules are accessed in on disk order. This means behaviour seen on one system might not reproduce on another and is a real headache. Secondly, empty directories left behind by previous modules might be looked at. This has caused a long string of different issues for us. As a result, patch this to a behaviour which works for us. Upstream discussion can follow later, this is breaking builds for too many people to leave unpatched. [YOCTO #14816] (From OE-Core rev: cdb6879b49d4f6dc2bea8ff064a5b1e62db34781) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e5944a38db513e033c3a3e9313267055f7254be7) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Remove problematic paths from sysroot filesRichard Purdie2022-06-241-3/+7
| | | | | | | | | | | | | | | | | | | | In the native sysroot we should never have paths to the python3-native build directory. These may or may not exist at the time some dependency is building and nothing should rely upon them. I suspect nothing is relying on this at the moment but clean up just to be sure. The various config copies are adjusted to be modified consistently as some copies were and some were not. The Makefile has the "bad" ${B} paths replaced with a dummy placeholder too. (From OE-Core rev: 2f93d30fee0698e3cf13be17f1691e85d2122b0e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ae9e6249ded8fc063d6333231c391cfa2d594567) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: use built-in distutils for ptest, rather than setuptools' 'fork'Alexander Kanavin2022-06-241-1/+1
| | | | | | | | | | | | | | The setuptools version is now used by default when setuptools is installed, but it is incompatible with some of python's own tests. (From OE-Core rev: 8e34686911269e461dc646068f7a4d7c0e5da53f) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit c0c1ee33781733d712cd983be460001cd7938014) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: fix reproducibility issue with python3-coreSteve Sakoman2022-05-251-0/+5
| | | | | | | | | | | | | | | traceback.cpython-310.pyc is non-deterministic due to 'frozenset' being written without strict ordering. For now let's just not install the problematic file. (From OE-Core rev: 00b62965bd4c9eb6fd8c016f83126da2a107a5c5) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 4b1f0f7542abcb8606688c974695a6c8a142e7a2) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: ignore CVE-2015-20107Ross Burton2022-05-041-0/+3
| | | | | | | | | | | | | | | | | | | CVE-2015-20107 describes an arbitrary command execution in the mailcap module, but this is by design in mailcap and needs to be worked around by the calling application. Upstream Python will be documenting this flaw in the library reference, and it is likely that the mailcap module will be deprecated and removed in the future. (From OE-Core rev: f525745af38b0e5ea26693849cd4f19c627efd46) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 85fac8408baf92d8b71946f5bfea92952b7eab01) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pip: correct licenseKonrad Weihmann2022-04-141-2/+30
| | | | | | | | | | | | as described in src/pip/_vendor/README.rst pip ships plenty of vendored copies of other python modules. Correct the license of the resulting package and reference all the vendor copy license files correctly (From OE-Core rev: 1c192304b2b2ff8c909836d2c78826192e7d21ca) Signed-off-by: Konrad Weihmann <kweihmann@outlook.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Do not detect multiarch when cross compilingKhem Raj2022-04-132-0/+43
| | | | | | | | | | | | | This was a long standing problem seen on aarch64 build hosts when compiling python3 with clang cross compiler. The issue is not seen with gcc because native glibc headers are still compatible with gcc cross compiler (From OE-Core rev: 407744b00d702e3133304e1b43064a5634ca02cf) Signed-off-by: Khem Raj <raj.khem@gmail.com> Cc: Ross Burton <ross.burton@arm.com> Cc: Jon Mason <jdmason@kudzu.us> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography: backport fix for leaky testRoss Burton2022-04-103-20/+37
| | | | | | | | | The leaking test case has been fixed upstream, so backport the patch. (From OE-Core rev: 4705b8a724fe288a20f1a080e2796ea90f46c9fb) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jinja2: Correct HOMEPAGEPeter Kjellerstedt2022-04-031-1/+1
| | | | | | | | (From OE-Core rev: 261778c1e3665b34c0d4e49bda63b520d5335587) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: update to 3.10.4Oleksandr Kravchuk2022-04-011-1/+1
| | | | | | | | (From OE-Core rev: 17e7d71ca8972b971156e83d14a89a7fe5e0f4e5) Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-urllib3: upgrade 1.26.8 -> 1.26.9wangmy2022-03-301-1/+1
| | | | | | | | | | | | | | | | | | Changelog: ========== - Changed urllib3[brotli] extra to favor installing Brotli libraries that are still receiving updates like brotli and brotlicffi instead of brotlipy. This change does not impact behavior of urllib3, only which dependencies are installed. - Fixed a socket leaking when HTTPSConnection.connect() raises an exception. - Fixed server_hostname being forwarded from PoolManager to HTTPConnectionPool when requesting an HTTP URL. Should only be forwarded when requesting an HTTPS URL. (From OE-Core rev: 1c44078db4e8fc3ed992ede38708bea0dcf87f11) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytz: upgrade 2021.3 -> 2022.1wangmy2022-03-301-1/+1
| | | | | | | | (From OE-Core rev: 6099720d01aaab4fd9c878e6026ab4fbb862421c) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytest-subtests: upgrade 0.6.0 -> 0.7.0wangmy2022-03-301-1/+1
| | | | | | | | | | | | Changelog: ========= Fixed support for pytest 7.0, and pytest>=7.0 is now required. (From OE-Core rev: 34f6bc8ca0cfc310fd6ba494b995fa86d28b5a6e) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytest-runner: upgrade 5.3.1 -> 6.0.0wangmy2022-03-301-2/+2
| | | | | | | | | | | | | | | | Add dependency python3-distutils. Changelog: ========= - #49: Dropped workaround for older setuptools versions. - Require Python 3.7. - #58: Fixed syntax issue in changelog. (From OE-Core rev: 06162fbbbacbfd705755b5898fb3343483807904) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jinja2: upgrade 3.0.3 -> 3.1.1wangmy2022-03-301-1/+1
| | | | | | | | (From OE-Core rev: 768de8fa99336f6232110cf4158b6bab36ec3c54) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-imagesize: upgrade 1.2.0 -> 1.3.0wangmy2022-03-301-1/+3
| | | | | | | | | | Add dependency python3-xml. (From OE-Core rev: ab1439ec24077461c92d2d150131aee81b2cfe66) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-hypothesis: upgrade 6.39.2 -> 6.39.5wangmy2022-03-301-1/+1
| | | | | | | | | | | | | | | | | | | | Changelog: ========= Improve error detection and message when Hypothesis is run on a Python implementation without support for "-0.0", which is required for the "floats()" strategy but can be disabled by unsafe compiler options (issue #3265). If the "shrink" phase is disabled, stop the "generate" phase as soon as an error is found regardless of the value of the "report_multiple_examples" setting, since that's probably what you wanted (issue #3244). (From OE-Core rev: 56702a6c8e066d3730dd336eeb98d10534226601) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-dbusmock: upgrade 0.26.1 -> 0.27.3wangmy2022-03-301-1/+1
| | | | | | | | | | | | Changelog: ========= packit: Fix file name to sync (From OE-Core rev: 2867273089a46a9d331df4cb11e97066e31a2169) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-asn1crypto: upgrade 1.4.0 -> 1.5.1wangmy2022-03-301-3/+2
| | | | | | | | | | | | | | | | | | License-Update: year updated to 2022 Changelog: ========= - Handle RSASSA-PSS in keys.PrivateKeyInfo.bit_size and keys.PublicKeyInfo.bit_size - Handle RSASSA-PSS in keys.PrivateKeyInfo.wrap and keys.PublicKeyInfo.wrap - Updated docs for keys.PrivateKeyInfo.algorithm and keys.PublicKeyInfo.algorithm to reflect that they can return "rsassa_pss" (From OE-Core rev: 8fbe3bd4aca7a8906e342bcc9f27e205398919c3) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Add a dependency on ncursesPeter Kjellerstedt2022-03-291-1/+1
| | | | | | | | | | | | | | | This avoids the following configuration error: The necessary bits to build these optional modules were not found: _curses _curses_panel which happens if the "readline" PACKAGECONFIG is disabled. (From OE-Core rev: 70e0641069ca1e0e460000fe19662d6b3753b2ba) Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: upgrade 3.10.2 -> 3.10.3Trevor Gamblin2022-03-241-1/+1
| | | | | | | | | | | 3.10.3 includes numerous bug fixes. See: https://docs.python.org/3/whatsnew/changelog.html (From OE-Core rev: 6fdd19fb9ccef0bf9813e4dfe6063df1d0168359) Signed-off-by: Trevor Gamblin <trevor.gamblin@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-pytest: upgrade 7.0.1 -> 7.1.1Tim Orling2022-03-241-1/+1
| | | | | | | | | | | | | | Changes in 7.1.1: https://docs.pytest.org/en/stable/changelog.html#pytest-7-1-1-2022-03-17 Changes in 7.1.0: https://docs.pytest.org/en/stable/changelog.html#pytest-7-1-0-2022-03-13 (From OE-Core rev: d3403cdb262f995e47f00c015f82909652d1c36d) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: ignore CVE-2022-26488Ross Burton2022-03-231-3/+2
| | | | | | | | | | This CVE is specific to Microsoft Windows, so we can ignore it. (From OE-Core rev: 2bd3c5a93988140d9927340b3af68785ae03db65) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-markupsafe: upgrade 2.1.0 -> 2.1.1wangmy2022-03-231-1/+1
| | | | | | | | (From OE-Core rev: 82001dbcb2afe00f3a5367bff134c63351d09fc5) Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-sphinx-rtd-theme: correct upstream version checkAlexander Kanavin2022-03-231-0/+1
| | | | | | | (From OE-Core rev: 975be11022f42d5e91ac82bdd253a7570a72b5a7) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* classes/setuptools_build_meta: rename to python_setuptools_build_metaRoss Burton2022-03-2020-20/+20
| | | | | | | | | | Rename this class to be python-prefixed to match the other new Python build system classes. (From OE-Core rev: 25d6bf8079797906bde7c0cf63a0466c981ba5bb) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-typing-extensions: fix upstream version checkAlexander Kanavin2022-03-201-0/+2
| | | | | | | (From OE-Core rev: 3adad1e0cf0ad2238e0bbc23949d3b8668d41a5c) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-semantic-version: fix upstream verison checkAlexander Kanavin2022-03-201-0/+2
| | | | | | | (From OE-Core rev: 6fbc555ee50f97c4b4b3e3af5eaeb23551ec4901) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography-vectors: upgrade to 36.0.2Ross Burton2022-03-181-1/+1
| | | | | | | | | | This needs to be upgraded in lockstep with python3-cryptography. (From OE-Core rev: 1a66c415af0b8178fdaa44ebf0d59957194e891f) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography: enforce identical version for -cryptography-vectorsRoss Burton2022-03-181-1/+1
| | | | | | | | | | | | | | | | | | | | | | python3-cryptography and python3-cryptography-vectors are actually the same project but are on Pypi as two separate modules. The test suite validates that they're the same version and fails if they are not: FAIL: tests/test_utils.py::test_vector_version def test_vector_version(): > assert cryptography.__version__ == cryptography_vectors.__version__ E AssertionError: assert '36.0.2' == '36.0.1' Catch this slightly earlier by mandating that python3-cryptography-ptest pulls in an identically versioned python3-cryptography-vectors. (From OE-Core rev: 7c098aac08faf5da01aafec5c5d87f563d913744) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-cryptography: Upgrade to 36.0.2Khem Raj2022-03-181-2/+2
| | | | | | | (From OE-Core rev: 3acf088edec6e328f4e25ddd741f967368ae5ae0) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: Add missing HOMEPAGE entriesRichard Purdie2022-03-182-0/+2
| | | | | | (From OE-Core rev: 979122077165b2dcdce5bb8e9b88a764254ddef8) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-sphinx: Work around reproducibility issueRichard Purdie2022-03-181-0/+6
| | | | | | | | | | The dict used in this recipe doesn't write into the cache consistently, work around it until this issue is resolved in python upstream (similar to frozenset issues). (From OE-Core rev: a0d056862c218f5fcd921905271169742cf464dc) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-sphinx: Add a new recipeRichard Purdie2022-03-181-0/+22
| | | | | | | | | | Needed to build the sphinx based yocto-docs Based on a recipe from Armin Kuster <akuster808@gmail.com> (From OE-Core rev: 15b623e74846b7c7cd2f5e5b309e1379af86cf3f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-08-04 14:20:54 +0000