Thu, 23 May 2019 16:59:57 +0200 [debian] New upstream release 3.26 debian/3.26.10-1
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 16:59:57 +0200] rev 12632
[debian] New upstream release
Thu, 23 May 2019 17:24:21 +0200 [debian] Drop override_dh_auto_install about cubicweb-ctl 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 17:24:21 +0200] rev 12631
[debian] Drop override_dh_auto_install about cubicweb-ctl The script should be installed normally as it is a setuptools' entry point.
Thu, 23 May 2019 17:25:59 +0200 [debian] Remove test/doc Build-Depends 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 17:25:59 +0200] rev 12630
[debian] Remove test/doc Build-Depends We are not actually running tests during package build. (This was disabled for python2, now it is also for python3.) And having these build-depends makes it hard to rebuild the package.
Tue, 28 May 2019 12:35:34 +0200 [fix] parse cube version number without space in them
Laurent Peuch <cortex@worlddomination.be> [Tue, 28 May 2019 12:35:34 +0200] rev 12629
[fix] parse cube version number without space in them
Fri, 24 May 2019 17:09:10 +0200 Install patched yapps for test from an http archive
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 24 May 2019 17:09:10 +0200] rev 12628
Install patched yapps for test from an http archive Instead of git which require git to be installed. Also downloading archive is faster than cloning the repository.
Thu, 28 Mar 2019 11:39:36 +0100 [server/test] make test filename uniques
Philippe Pepiot <philippe.pepiot@logilab.fr> [Thu, 28 Mar 2019 11:39:36 +0100] rev 12627
[server/test] make test filename uniques To avoid these pytest error when collecting the whole test suite: import file mismatch: imported module 'unittest_utils' has this __file__ attribute: cubicweb/cubicweb/server/test/unittest_utils.py which is not the same as the test file we want to collect: cubicweb/cubicweb/test/unittest_utils.py Move cubicweb/server/test/unittest_security.py to cubicweb/server/test/unittest_security.py and cubicweb/test/unittest_utils.py to cubicweb/test/unittest_server_utils.py
Fri, 24 May 2019 16:29:14 +0200 Merge 3.26
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 24 May 2019 16:29:14 +0200] rev 12626
Merge 3.26
Tue, 21 May 2019 10:50:08 +0200 [dataimport] Fix case when extid is text in use_extid_as_cwuri() 3.26
julien tayon <julien.tayon@logilab.fr> [Tue, 21 May 2019 10:50:08 +0200] rev 12625
[dataimport] Fix case when extid is text in use_extid_as_cwuri() Extid can be bytes or text. This avoid AttributeError: 'str' object has no attribute 'decode'
Wed, 22 May 2019 11:34:08 +0200 [doc] fix key used in the hook example
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:34:08 +0200] rev 12624
[doc] fix key used in the hook example The hook's regid is check_no_subsidiary_cycle.
Wed, 22 May 2019 11:32:09 +0200 [doc] set_operation has been replaced by add_data
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:32:09 +0200] rev 12623
[doc] set_operation has been replaced by add_data See the changelog https://cubicweb.readthedocs.io/en/3.26/changes/changelog/#id14
Wed, 22 May 2019 11:30:52 +0200 [doc] check_cycle is a standard function
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:30:52 +0200] rev 12622
[doc] check_cycle is a standard function
Wed, 22 May 2019 11:29:49 +0200 [doc] fix several typos
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:29:49 +0200] rev 12621
[doc] fix several typos
Tue, 21 May 2019 10:18:54 +0200 [pkg] make cubicweb[crypto] depends on pycryptodome instead of pycrypto
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:54 +0200] rev 12620
[pkg] make cubicweb[crypto] depends on pycryptodome instead of pycrypto pycrypto isn't maintained anymore, the last release 2.6.1 is from 2014. Use the drop-in replacement fork pycryptodome instead. pycryptodome is packaged in debian starting from stretch-backports.
Tue, 21 May 2019 10:18:38 +0200 [crypto] Encode unicode strings in _cypherer()
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:38 +0200] rev 12619
[crypto] Encode unicode strings in _cypherer() pycrypto accept both bytes or string but pycryptodome, which will be introduced in next changeset, doesn't accept this. For backward compatibility, encode unicode strings in _cypherer()
Thu, 16 May 2019 14:26:38 +0200 [ldapfeed] FIX: Unique Key violation when synchronizing with LDAPfeed 3.26
julien tayon <julien.tayon@logilab.fr> [Thu, 16 May 2019 14:26:38 +0200] rev 12618
[ldapfeed] FIX: Unique Key violation when synchronizing with LDAPfeed What was happening ================== The bug appears when ldapfeed tries to insert a user while another user exists exists with a different source. Simple use case to reproduce: - create a local user in cubicweb (source=system) - sync with ldap - ldapfeed will stop complaining user already exists. Without next patch the test MUST fail with message: cubicweb/server/sources/native.py:714: UniqueTogetherError The ldapfeed is thus stopped ignoring any further ldap entries. The proposal ============ Prior to this patch, the insertion was trying to create all CWUser with the computed login from eeimporter.extid2eid (method process of DataFeedLDAPAdapter). When a CWUser existed with a different cw_source ("system" for user created with cubicweb for instance), it created a conflict. To avoid collisions, in the extentities_generator method a bypass was added at the insertion layer. Prior to insertion the absence of the computed login is checked on a list of all existing login from a different source. If collision is detected, we skip the ldap record. By short circuiting at the CWUser entity insertion level we also avoid to treat CWGroup and EmailAddress related to this user. Hence ensuring a behaviour that will not break existing instances. (conservative approach: faced with ambiguity better do nothing than guess). An error message is added stating explicitly the conflict.
Fri, 15 Mar 2019 12:12:23 +0100 Skip tests for ldapsource with python >= 3.7 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 15 Mar 2019 12:12:23 +0100] rev 12617
Skip tests for ldapsource with python >= 3.7 Until someone works on fixing these, this should make our CI green again. I tried to use setupModule() to check for python version, but pre_setup_database() is apparently called even when a SkipTest exception is raised there. So handle this in that method. (grafted from 4d68d20427dee4b6751a0f1f5511fec2a04f4782)
Thu, 16 May 2019 17:18:29 +0200 Flake8 crypto module 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 17:18:29 +0200] rev 12616
Flake8 crypto module
Thu, 16 May 2019 17:17:42 +0200 Make crypto module python3-compatible 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 17:17:42 +0200] rev 12615
Make crypto module python3-compatible * Remove usage of unicode() and decode the base64-encoded string in encrypt(); * Encode the string received in decrypt() as (I supposed) it should come from the result of encrypt(). Add tests for this module along the way.
Thu, 16 May 2019 04:42:59 +0200 [mod] make ViolatedConstraint actually display useful information
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:42:59 +0200] rev 12614
[mod] make ViolatedConstraint actually display useful information Move from: (Pdb++) raise some_exception *** ViolatedConstraint: To: (Pdb++) raise some_exception *** ViolatedConstraint: constraint 'cstr56c2ab4b3154f21d08b067742ce5bd9d' is being violated by the query 'ALTER TABLE cw_Bibliography ADD CONSTRAINT cstr56c2ab4b3154f21d08b067742ce5bd9d CHECK(cw_item_type IN ('journalArticle', 'note', 'book', 'thesis', 'film', 'web page', 'manuscrit', 'tapuscrit'))'. You can run the inverted constraint on the database to list the problematic rows. And save hours of debugging to actually understand what is going on.
Thu, 16 May 2019 09:40:28 +0200 Fix flake8 errors/warnings about import in cubicweb/_exceptions.py
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 09:40:28 +0200] rev 12613
Fix flake8 errors/warnings about import in cubicweb/_exceptions.py We either ignore errors in case of name re-exports and drop re-exports from old backwards compatibility. We fix the only occurrence of NoSelectableObject being imported from cubicweb in tests and update the import to use lgc instead.
Thu, 16 May 2019 04:47:27 +0200 add comment and # noqa on used import
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:47:27 +0200] rev 12612
add comment and # noqa on used import
Thu, 16 May 2019 04:47:10 +0200 remove unused import
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:47:10 +0200] rev 12611
remove unused import
Thu, 16 May 2019 02:39:42 +0200 [autopep8] E305 - Expected 2 blank lines after end of function or class
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:42 +0200] rev 12610
[autopep8] E305 - Expected 2 blank lines after end of function or class
Thu, 16 May 2019 02:39:41 +0200 [autopep8] E303 - Remove extra blank lines
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:41 +0200] rev 12609
[autopep8] E303 - Remove extra blank lines
Thu, 16 May 2019 02:39:41 +0200 [autopep8] E302 - Add missing 2 blank lines
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:41 +0200] rev 12608
[autopep8] E302 - Add missing 2 blank lines
Thu, 16 May 2019 02:39:40 +0200 [autopep8] E301 - Add missing blank line
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:40 +0200] rev 12607
[autopep8] E301 - Add missing blank line
Thu, 16 May 2019 01:23:51 +0200 [enh] display CWConstraint type in its repr
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 01:23:51 +0200] rev 12606
[enh] display CWConstraint type in its repr This will change CWConstraint repr from something like: <Entity CWConstraint 314282 [] at 140127700141904> To: <Entity CWConstraint 314282 of type UniqueConstraint [] at 140127700141904> To help improve debugging UX a little bit.
Thu, 16 May 2019 01:23:51 +0200 [entities] display CWConstraint type in its repr 3.26
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 01:23:51 +0200] rev 12605
[entities] display CWConstraint type in its repr
Wed, 15 May 2019 14:23:19 +0200 [changelog] document pyramid.ini automatic generation
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 14:23:19 +0200] rev 12604
[changelog] document pyramid.ini automatic generation
Wed, 15 May 2019 15:50:29 +0200 Flake8 cubicweb/pyramid/test/test_hooks.py
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:50:29 +0200] rev 12603
Flake8 cubicweb/pyramid/test/test_hooks.py
Wed, 15 May 2019 12:06:29 +0200 [pyramid/doc] bad docstring
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:06:29 +0200] rev 12602
[pyramid/doc] bad docstring
Wed, 15 May 2019 12:06:15 +0200 [pyramid/misc] remove useless variable
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:06:15 +0200] rev 12601
[pyramid/misc] remove useless variable
Wed, 15 May 2019 12:05:52 +0200 [pyramid/test] add test for pyramid.ini generation
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:05:52 +0200] rev 12600
[pyramid/test] add test for pyramid.ini generation
Wed, 15 May 2019 15:44:35 +0200 Added tag 3.26.10 for changeset 74cc5de1ee6c 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:44:35 +0200] rev 12599
Added tag 3.26.10 for changeset 74cc5de1ee6c
Wed, 15 May 2019 15:44:26 +0200 [pkg] Version 3.26.10 3.26 3.26.10
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:44:26 +0200] rev 12598
[pkg] Version 3.26.10
Fri, 10 May 2019 16:07:32 +0200 Move CWSchemaTC to RQLExpressionTC
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 16:07:32 +0200] rev 12597
Move CWSchemaTC to RQLExpressionTC The test actually doesn't require a cubicweb schema, except for testing EmailAdress which is out of scope of the test (testing RQLExpression.transform_has_permission()). Just move the test in existing RQLExpressionTC inheriting from TestCase and rename the tests to be more explicit.
Wed, 17 Apr 2019 16:41:41 +0200 [skeleton] Drop py27 tox environment
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 16:41:41 +0200] rev 12596
[skeleton] Drop py27 tox environment Since we dropped py2 support from cubicweb, it does not make much sense to keep it in skeleton from now on.
Wed, 17 Apr 2019 15:30:42 +0200 [skeleton] Do not ship Debian and RPM packaging files in sdist
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 15:30:42 +0200] rev 12595
[skeleton] Do not ship Debian and RPM packaging files in sdist
Wed, 17 Apr 2019 15:06:57 +0200 [skeleton] Add a check-manifest tox environment
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 15:06:57 +0200] rev 12594
[skeleton] Add a check-manifest tox environment
Fri, 10 May 2019 16:04:37 +0200 Fix pyramid tests
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 16:04:37 +0200] rev 12593
Fix pyramid tests Followup fa292e9 which require cubicweb.session.secret to be set.
Fri, 10 May 2019 11:42:24 +0200 Fix flake8 and check-manifest
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 11:42:24 +0200] rev 12592
Fix flake8 and check-manifest Followup fa292e9
Fri, 10 May 2019 15:58:01 +0200 Merge 3.26
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 15:58:01 +0200] rev 12591
Merge 3.26 This fixes tests with psycopg2
Wed, 08 May 2019 21:37:13 +0200 DeprecationWarning: In future versions of Waitress clear_untrusted_proxy_headers will be set to True by default. You may opt-out by setting this value to False, or opt-in explicitly by setting this to True.
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:37:13 +0200] rev 12590
DeprecationWarning: In future versions of Waitress clear_untrusted_proxy_headers will be set to True by default. You may opt-out by setting this value to False, or opt-in explicitly by setting this to True. Source: https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html?highlight=clear_untrusted_proxy_headers > This tells Waitress to remove any untrusted proxy headers ("Forwarded", > "X-Forwared-For", "X-Forwarded-By", "X-Forwarded-Host", "X-Forwarded-Port", > "X-Forwarded-Proto") not explicitly allowed by trusted_proxy_headers. According to grep we don't use any of those headers so let's turn it on for security reasons.
Wed, 08 May 2019 21:30:44 +0200 DeprecationWarning: The default pickle serializer is deprecated as of Pyramid 1.9 and it will be changed to use pyramid.session.JSONSerializer in version 2.0. Explicitly set the serializer to avoid future incompatibilities
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:30:44 +0200] rev 12589
DeprecationWarning: The default pickle serializer is deprecated as of Pyramid 1.9 and it will be changed to use pyramid.session.JSONSerializer in version 2.0. Explicitly set the serializer to avoid future incompatibilities . See "Upcoming Changes to ISession in Pyramid 2.0" for more information about this change. As describe here https://docs.pylonsproject.org/projects/pyramid/en/1.10-branch/narr/sessions.html#pickle-session-deprecation use a serializer that fallback on pickle if needed to avoid impacting users.
Wed, 08 May 2019 20:53:49 +0200 [pyramid/enh] generate pyramid.ini "create" and on "pyramid" command if needed
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 20:53:49 +0200] rev 12588
[pyramid/enh] generate pyramid.ini "create" and on "pyramid" command if needed
Wed, 08 May 2019 21:00:45 +0200 DeprecationWarning: The SafeConfigParser class has been renamed to ConfigParser in Python 3.2. This alias will be removed in future versions. Use ConfigParser directly instead.
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:00:45 +0200] rev 12587
DeprecationWarning: The SafeConfigParser class has been renamed to ConfigParser in Python 3.2. This alias will be removed in future versions. Use ConfigParser directly instead.
Mon, 08 Apr 2019 11:24:53 +0200 Account for new psycopg2 exception classes mapping 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 08 Apr 2019 11:24:53 +0200] rev 12586
Account for new psycopg2 exception classes mapping From psycopg2 >= 2.8, specific exceptions are raised corresponding to postgresql errors. E.g. a CheckViolation exception is raised instead of a generic IntegrityError previously when a constraint violation occurs. The way we intercept database errors, especially for constraint violation, is not compliant with that because we do not catch subclasses of IntegrityError in native source's doexec() method. We fix this by checking for the presence of IntegrityError error in exception class's mro. This is still overcomplicated and clumsy, because we still use string comparison, but this is the best we can do as far as I know. (A better fix would be 'isinstance(ex, IntegrityError)' but we have no engine-independent error classes, so this is not possible. Something like sqlalchemy's DBAPI Errors [1] might help: https://docs.sqlalchemy.org/en/latest/errors.html#dbapi-errors)
Fri, 12 Apr 2019 02:26:28 +0200 [cubicweb-ctl] remove "cubicweb-ctl wsgi" command following pyramid standardization
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 02:26:28 +0200] rev 12585
[cubicweb-ctl] remove "cubicweb-ctl wsgi" command following pyramid standardization
Fri, 12 Apr 2019 12:31:14 +0200 Use secure hash algorithm in WebConfiguration.sign_text
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 12:31:14 +0200] rev 12584
Use secure hash algorithm in WebConfiguration.sign_text Fix: PendingDeprecationWarning: HMAC() without an explicit digestmod argument is deprecated. The default hash algorithm used by hmac.new is md5. As of today, md5 is so weak that it's the equivalent of plaintext and can't be considered to be secured at all. Therefor, we switch to a secure hash algorithm. The rational for choosing sha3_512 is: * the recommended algorithm is at least sha_256 * the stronger, the more secured and sha3_512 is the stronger available * thinking about the future this should keep this part of the code safe long enough before people think about checking it again You can read more about choosing a secure hash algorithm in the NIST recommendations https://csrc.nist.gov/Projects/Hash-Functions/NIST-Policy-on-Hash-Functions This code modification should normally be transparent since check_text_sign is exactly this code 'self.sign_text(text) == signature' and that sign_text is only used in combination with it. The only impact is that the hash is going to move from 32 char to 128 which might make html page a bit bigger and that sha3_512 is slow to compute (which is a good thing for security)
Tue, 23 Apr 2019 09:33:52 +0200 [enh] don't catch all exceptions in notification hooks during tests
Laurent Peuch <cortex@worlddomination.be> [Tue, 23 Apr 2019 09:33:52 +0200] rev 12583
[enh] don't catch all exceptions in notification hooks during tests
Thu, 18 Apr 2019 15:09:36 +0200 [doc] add a reference to static-messages.pot usage
Noe Gaumont <ngaumont@logilab.fr> [Thu, 18 Apr 2019 15:09:36 +0200] rev 12582
[doc] add a reference to static-messages.pot usage
Thu, 18 Apr 2019 15:10:35 +0200 [doc] Clarify sentences
Noe Gaumont <ngaumont@logilab.fr> [Thu, 18 Apr 2019 15:10:35 +0200] rev 12581
[doc] Clarify sentences
Thu, 18 Apr 2019 15:05:13 +0200 [doc] Fix format and typo
Noe Gaumont <ngaumont@logilab.fr> [Thu, 18 Apr 2019 15:05:13 +0200] rev 12580
[doc] Fix format and typo
Thu, 18 Apr 2019 04:40:23 +0000 Fix DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated
Nsukami Patrick <ndkpatt at gmail dot com> [Thu, 18 Apr 2019 04:40:23 +0000] rev 12579
Fix DeprecationWarning: Using or importing the ABCs from 'collections' instead of from 'collections.abc' is deprecated
Thu, 18 Apr 2019 04:34:34 +0000 Fix DeprecationWarning: invalid escape sequence
Nsukami Patrick <ndkpatt at gmail dot com> [Thu, 18 Apr 2019 04:34:34 +0000] rev 12578
Fix DeprecationWarning: invalid escape sequence
Tue, 16 Apr 2019 15:49:03 +0200 [devtools/testlib] avoid hidding AttributeError in create_user() 3.26
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 16 Apr 2019 15:49:03 +0200] rev 12577
[devtools/testlib] avoid hidding AttributeError in create_user() commit() might raise a AttributeError too. Use getattr(req, 'cnx', req) instead, which is a form already used to get the real cnx in some code: cubicweb/rset.py:577: cnx = getattr(self.req, 'cnx', self.req) cubicweb/schema.py:353: with getattr(_cw, 'cnx', _cw).security_enabled(read=False): We could use if hasattr(req, 'commit') here too but it lead to 3 additionals lines. Maybe we should have commit() and rollback() on cubicweb.web.request.ConnectionCubicWebRequestBase too ?
Wed, 10 Apr 2019 17:59:17 +0000 Fix DeprecationWarning: invalid escape sequence \
Nsukami Patrick <ndkpatt at gmail dot com> [Wed, 10 Apr 2019 17:59:17 +0000] rev 12576
Fix DeprecationWarning: invalid escape sequence \
Fri, 12 Apr 2019 11:56:13 +0200 DeprecationWarning: The 'warn' method is deprecated, use 'warning' instead
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 11:56:13 +0200] rev 12575
DeprecationWarning: The 'warn' method is deprecated, use 'warning' instead
Fri, 12 Apr 2019 13:52:17 +0200 [mod] remove backward compatible code for passlib and force modern version
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 13:52:17 +0200] rev 12574
[mod] remove backward compatible code for passlib and force modern version
Fri, 12 Apr 2019 11:54:42 +0200 DeprecationWarning: Please use assertEqual instead.
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 11:54:42 +0200] rev 12573
DeprecationWarning: Please use assertEqual instead.
(0) -10000 -3000 -1000 -300 -100 -60 +60 +100 tip