Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 02 Jul 2019 14:54:01 +0200] rev 12679
Added tag 3.26.12, debian/3.26.12-1 for changeset 4531a266f8b2
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 02 Jul 2019 11:32:59 +0200] rev 12678
[pkg] Version 3.26.12
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 27 Jun 2019 12:20:22 +0200] rev 12677
[autoform] Fix display_fields handling
This follows-up on changeset b2ceb483e056 (present in 3.25 as well), in
which AutomaticEntityForm.editable_attributes() was turned into a
generator. In this method, in case display_fields is not None, we
previously returned a list of (rtype, role); this was changed into a
yield, but the change was missing a return after the loop in order not
to go through the remainder of the function.
Add tests for editable_attributes() method.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 27 Jun 2019 12:27:37 +0200] rev 12676
Flake8 cubicweb/web/views/autoform.py
Fixes:
cubicweb/web/views/autoform.py:703: [E122] continuation line missing indentation or outdented
cubicweb/web/views/autoform.py:704: [E122] continuation line missing indentation or outdented
cubicweb/web/views/autoform.py:819: [W504] line break after binary operator
cubicweb/web/views/autoform.py:820: [E125] continuation line with same indent as next logical line
cubicweb/web/views/autoform.py:961: [W504] line break after binary operator
cubicweb/web/views/autoform.py:962: [E126] continuation line over-indented for hanging indent
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 27 Jun 2019 12:13:21 +0200] rev 12675
[py3] unicode() -> six.text_type in autoform
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 26 Jun 2019 15:01:45 +0200] rev 12674
Added tag debian/3.26.11-2 for changeset e7eb914df71d
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 26 Jun 2019 15:01:15 +0200] rev 12673
[debian] Release 3.26.11-2
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 26 Jun 2019 13:19:30 +0200] rev 12672
[test] Require pycryptodomex, not pycryptodome
This follows up on changeset 5b0ce10a7046.
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 16:44:31 +0200] rev 12671
[debian] Mention Lintian warnings fixes from previous changesets
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 16:24:45 +0200] rev 12670
[debian] Remove unused/redundant entries from debian/cubicweb-ctl.dirs
* bash completion entry produces a lintian warning
"package-installs-into-obsolete-dir etc/bash_completion.d/", and it does not
install bash completion.
* doc directory should be handled automatically.
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 16:21:41 +0200] rev 12669
[debian] Make descriptions of python-cubicweb and python3-cubicweb uniform
Thus solving lintian warning "description-synopsis-starts-with-article".
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 14:49:16 +0200] rev 12668
[debian] Mention that -postgresql-support binaries are dependency package
Fixing lintian warning "empty-binary-package".
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 14:42:06 +0200] rev 12667
[debian] Add ${misc:Depends} where missing
Fixes lintian warning "debhelper-but-no-misc-depends".
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 16:43:16 +0200] rev 12666
[debian] Set Section: python for python- binary package
This is to fix a Lintian warning.
Denis Laxalde <denis.laxalde@logilab.fr> [Tue, 25 Jun 2019 16:42:58 +0200] rev 12665
[debian] Install cubicweb-ctl from python2 build
Previously, the binary package was empty. Now it is bound to
the python2 package as support for python3 is "fresh".
In order python2 and python3 packages to be co-installable, we drop the
cubicweb-ctl file from both packages.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 20 Jun 2019 17:02:59 +0200] rev 12664
[debian] Introduce python3-cubicweb and python3-cubicweb-pyramid binary packages
This is the bare minimum to have a working cubicweb on python3. Further
work is done in default branch.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 19 Jun 2019 09:51:38 +0200] rev 12663
[skeleton] Update Debian packaging template
Here are multiple updates to the Debian packaging template provided when
running `cubicweb-ctl newcube`:
* Switch to source format 3.0 (quilt).
* Switch to debhelper 9.
* Switch to dh-python.
* Switch to Python 3.
* Name the binary package `python3-cubicweb-CUBENAME` instead of
just `cubicweb-CUBENAME` (which is still the source package).
* Populate Depends using dh_python3 support for Python requirements.
* Run test suite at build time using pytest.
* Add autopkgtest to run test suite against the installed package.
* Bump Standards-Version to 4.3.0.
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 26 Jun 2019 12:35:25 +0200] rev 12662
[test] Use --short-description when testing newcube command
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 17 Jun 2019 17:23:36 +0200] rev 12661
[devtools] Allow to specify short desc on `newcube` command line
In order to implement automated testing of `cubicweb-ctl newcube`, we
need to avoid any user interaction. So we add a `-s` switch to specify
a short description on the command-line instead of requiring an input.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 10:51:31 +0200] rev 12660
[pkg] Remove build dependency on dh-systemd
As suggested by Lintian, remove build dependency on obsolete package
dh-systemd. Instead, specify a more precise version of debhelper 9 that
added support for systemd.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 13 Jun 2019 15:04:13 +0200] rev 12659
[config] Raise in case of failure to send emails when in test mode
Since, for some reason, exception log messages are not visible when
running tests, it's very hard to debug when sendmails() method fails
during tests. So, as in some other places, let's raise the exception
when in test mode.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 19 Jun 2019 16:33:15 +0200] rev 12658
[doc] Update documentation to match current Debian packages
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 19 Jun 2019 16:32:25 +0200] rev 12657
[pkg] Remove transitional packages
We can take the opportunity of the switch to Python 3 to get rid
of old transitional packages. Let's do it. :)
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 19 Jun 2019 16:10:19 +0200] rev 12656
[pkg] Use sections from requires.txt to populate Recommends and Suggests
As Denis Laxalde pointed out, dh_python can also generate Recommends and
Suggests from Python package names. So let's use that instead of
manually populating these fields in `debian/control`.
Optional dependencies are currently specified in `setup.py` grouped by
feature. These dependency groups are turned into sections in
`requires.txt`. Thankfully `dh_python3` has options to populate
Recommends or Suggests with all package from a given section.
`debian/rules` now contains a list of which sections should go
to Recommends and which section should go to Suggests. Because such
extra list easily gets out-of-sync, we add a third list for ignored
sections, and ensure that all sections currently in `requires.txt`
get a mentioned in `debian/rules`.
Here are the results compared to the previous version with explicit
Recommends and Suggests (only listing Python packages):
|==============================================================|
| only in previous | common | only in new |
|==============================================================|
| Recommends |
|--------------------------------------------------------------|
| | python3-docutils | |
| python3-fyzz | | |
| python3-imaging | | |
| | python3-pycryptodome | |
| | python3-pyramid | |
| | python3-pyramid-multiauth | |
| python3-pysqlite2 | | |
| | python3-rdflib | |
| | python3-repoze.lru | |
| python3-simpletal | | |
| | python3-vobject | |
| | python3-waitress | |
| python3-werkzeug | | |
| | python3-wsgicors | |
|--------------------------------------------------------------|
| Suggests |
|--------------------------------------------------------------|
| | | python3-pil |
We also lose versioned dependencies which should not really be an issue
for Recommends and Suggests.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 19 Jun 2019 15:44:17 +0200] rev 12655
[crypto] Use Cryptodome namespace instead of Crypto
PyCryptodome comes in two flavors: “an almost drop-in replacement for the old
PyCrypto library” and “a library independent of the old PyCrypto”. The former
uses the Crypto namespace, and is shipped as `pycryptodome` while the latter
uses Cryptodome instead and lies in the `pycryptodomex` package.
Given the reason to switch to PyCryptodome is that PyCrypto in unmaintained,
its probably better to avoid any mistake and mandate the specific usage of
the Cryptodome namespace by requiring `pycryptodomex` instead of
`pycryptodome`.
A more present reason is that Debian buster will only provide a package
with the separate namespace flavor. The current Recommends is not working with
the current code. Although it's important to note that the package name will
probably have to be changed to `python3-pycryptodomex` once
https://bugs.debian.org/886291 is solved.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 17 Jun 2019 11:12:03 +0200] rev 12654
[pkg] Remove python3-six from Build-Depends
The default branch only provides support for Python 3.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 17 Jun 2019 11:11:28 +0200] rev 12653
[pkg] Merge python3-cubicweb-pyramid into python3-cubicweb
As suggested by Denis Laxalde, we can merge python3-cubicweb-pyramid into
python3-cubicweb as all other web backend in the default branch.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 17 Jun 2019 10:37:32 +0200] rev 12652
[pkg] Remove explicit Depends on Python packages for python3-cubicweb
As suggested by Denis Laxalde, we can let pybuild generate the list
of Depends from the egg requirements.
The list we get is slightly less specific in terms of needed versions,
but given the age of the previous ones, it's unlikely to cause issues.
Also we lose python3-six from the list… which is correct as it was
removed from the dependencies in 26744ad37953.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 12:04:39 +0200] rev 12651
[pkg] Fix spelling mistake in doc-base abstract
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 12:04:11 +0200] rev 12650
[pkg] Fix doc-base section
As pointed by Lintian, the “Apps” section is only used in menu,
not in doc-base. We can just remove it.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 11:25:24 +0200] rev 12649
[pkg] Use “dependency package” instead of “virtual package” to describe python3-cubicweb-postgresql-support
The term “virtual” was too imprecise and is not accepted for empty
packages by Lintian anymore.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 11:15:17 +0200] rev 12648
[pkg] Move lintian-overrides file to debian/source directory
Just use the now preferred location.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 11:13:06 +0200] rev 12647
[pkg] Stop using /etc/bash_completion.d
cubicweb-ctl shipped an empty /etc/bash_completion.d as a leftover
of shipping a bash completion script. As pointed by Lintian, this
directory is not obsolete, so let's get rid of it for good.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Thu, 13 Jun 2019 16:47:47 +0200] rev 12646
[pkg] Tidy substvars usage in control file
The documentation package was missing a Built-Using field to record
the provenance of the templates.
Empty packages or meta packages do not require Depends on a specific
Python version, so we can remove the relevant substvars.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 10:53:48 +0200] rev 12645
[pkg] Specify priority “optional” instead of the obsolete “extra”
Quoting Lintian, “Since Debian Policy version 4.0.1, the priority extra
has been deprecated.” So let's use “optional” instead.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Mon, 10 Jun 2019 10:51:31 +0200] rev 12644
[pkg] Remove build dependency on dh-systemd
As suggested by Lintian, remove build dependency on obsolete package
dh-systemd. Instead, specify a more precise version of debhelper 9 that
added support for systemd.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 05 Jun 2019 18:35:51 +0200] rev 12643
[pkg] Run test suite as part of autopkgtest
Add support for autopkgtest. The test “unittest” will run the test
suite using pytest. As we need PostgreSQL in the test environment
and open network connection, the test is marked with
`isolation-container` and requires at least LXC to be run, e.g:
autopkgtest -s -- lxc -s autopkgtest-sid
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 05 Jun 2019 16:29:04 +0200] rev 12642
[pkg] Switch to Debian source format 3.0 (quilt)
This forces us to base the Debian package on the source of the Python
package (as produced by running `python3 setup.py sdist`). While
it might seem cumbersome, this greatly reduces likelyhood of mismatch
between an installation via `pip` and one using the Debian package.
`dpkg-source` will also document for us what is currently in the
source repository but not in the Python package. Currently the missing
file are:
PKG-INFO
cubicweb/sobjects/test/data/cubicweb_comment/schema.py
cubicweb/sobjects/test/data/cubicweb_comment/__init__.py
cubicweb/sobjects/test/data/cubicweb_comment/__pkginfo__.py
cubicweb/sobjects/test/data/cubicweb_card/schema.py
cubicweb/sobjects/test/data/cubicweb_card/entities.py
cubicweb/sobjects/test/data/cubicweb_card/__init__.py
cubicweb/sobjects/test/data/cubicweb_card/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_comment/schema.py
cubicweb/server/test/data-migractions/cubicweb_comment/__init__.py
cubicweb/server/test/data-migractions/cubicweb_comment/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_localperms/schema.py
cubicweb/server/test/data-migractions/cubicweb_localperms/__init__.py
cubicweb/server/test/data-migractions/cubicweb_localperms/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_basket/schema.py
cubicweb/server/test/data-migractions/cubicweb_basket/__init__.py
cubicweb/server/test/data-migractions/cubicweb_basket/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_comment/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_comment/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_comment/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_localperms/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_localperms/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_localperms/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_basket/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_basket/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_basket/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_tag/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_tag/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_tag/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_card/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_card/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_card/__pkginfo__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_file/schema.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_file/__init__.py
cubicweb/server/test/data-migractions/migratedapp/cubicweb_file/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_tag/schema.py
cubicweb/server/test/data-migractions/cubicweb_tag/__init__.py
cubicweb/server/test/data-migractions/cubicweb_tag/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_card/schema.py
cubicweb/server/test/data-migractions/cubicweb_card/__init__.py
cubicweb/server/test/data-migractions/cubicweb_card/__pkginfo__.py
cubicweb/server/test/data-migractions/cubicweb_file/schema.py
cubicweb/server/test/data-migractions/cubicweb_file/__init__.py
cubicweb/server/test/data-migractions/cubicweb_file/__pkginfo__.py
cubicweb/test/data-rewrite/cubicweb_localperms/schema.py
cubicweb/test/data-rewrite/cubicweb_localperms/__init__.py
cubicweb/test/data-rewrite/cubicweb_localperms/__pkginfo__.py
cubicweb/test/data-rewrite/cubicweb_card/schema.py
cubicweb/test/data-rewrite/cubicweb_card/entities.py
cubicweb/test/data-rewrite/cubicweb_card/__init__.py
cubicweb/test/data-rewrite/cubicweb_card/__pkginfo__.py
The current manifest will duplicate several files that are stored as
symlinks in the Mercurial repository, hence the long list of ignored
files in `extend-diff-ignore`.
Jérémy Bobbio <jeremy.bobbio@irq7.fr> [Wed, 05 Jun 2019 15:38:29 +0200] rev 12641
[pkg] Switch all Debian packages to Python 3
julien tayon <julien.tayon@logilab.fr> [Tue, 11 Jun 2019 09:40:12 +0200] rev 12640
Fix sorting key for rdefs in schema viewer
With changeset 234ca3cbbb46, clicking in the schema of an entity with
cubicweb in py3 on "vue en boite" will probably result in an infinite
spinner (which implies cw > 3.26)
What happened ?
This "vue en boite" used to work at least until...
hg diff -c a8c1ea390400 cubicweb/schema.py
@@ -993,10 +992,6 @@ class CubicWebRelationSchema(PermissionM
return False
return True
- @deprecated('use .rdef(subjtype, objtype).role_cardinality(role)')
- def cardinality(self, subjtype, objtype, target):
- return self.rdef(subjtype, objtype).role_cardinality(target)
-
class CubicWebSchema(Schema):
"""set of entities and relations schema defining the possible data sets
But, wait ...
If I open a shell on an instance of cw 3.24 something seems off
>>> list(schema['CWUniqueTogetherConstraint'].relation_definitions())[0][0].cardinality
# <bound method CubicWebRelationSchema.wrapped of <constraint_of [CWUniqueTogetherConstraint,CWEType]>>
We have been sorting on a method the whole time ? Is it possible what
were the effects ?
1) We cannot sort function can't we ?
>>> def adder(i): return lambda x: x+i
>>> sorted(map(adder,range(10)))
[<function __main__.<lambda>>,
<function __main__.<lambda>>,
...
Yes we can.
2) what does it means.
>>> { adder(1) : 1 }
Out[19]: {<function __main__.<lambda>>: 1}
In fact the function object as a __hash__ method (which is practical for making
memoizers (cache)), and return truly random results (pseudo random).
My take on this patch is relations have NEVER been sorted by cardinality.
No one never ever noticed. Hence, I propose to not fix a bug that never was
reported.
julien tayon <julien.tayon@logilab.fr> [Tue, 04 Jun 2019 09:35:47 +0200] rev 12639
Flake8 cubicweb/web/schemaviewer.py
julien tayon <julien.tayon@logilab.fr> [Tue, 04 Jun 2019 09:35:47 +0200] rev 12638
[py3] changing unicode to str
py2 support being dropped, passing the code in full py3 str/bytes syntax
julien tayon <julien.tayon@logilab.fr> [Tue, 11 Jun 2019 09:07:24 +0200] rev 12637
[py3] Use sorted(key=...) instead of sorted(cmp=...)
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 07 Jun 2019 14:56:22 +0200] rev 12636
Merge with 3.26
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 07 Jun 2019 14:53:03 +0200] rev 12635
Added tag 3.26.11, debian/3.26.11-1 for changeset 633ca84bea58
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 07 Jun 2019 14:52:51 +0200] rev 12634
[pkg] Version 3.26.11
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 06 Jun 2019 16:40:14 +0200] rev 12633
Added tag debian/3.26.10-1 for changeset 0ce26fb5ab48
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 16:59:57 +0200] rev 12632
[debian] New upstream release
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 17:24:21 +0200] rev 12631
[debian] Drop override_dh_auto_install about cubicweb-ctl
The script should be installed normally as it is a setuptools' entry
point.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 23 May 2019 17:25:59 +0200] rev 12630
[debian] Remove test/doc Build-Depends
We are not actually running tests during package build. (This was
disabled for python2, now it is also for python3.) And having these
build-depends makes it hard to rebuild the package.
Laurent Peuch <cortex@worlddomination.be> [Tue, 28 May 2019 12:35:34 +0200] rev 12629
[fix] parse cube version number without space in them
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 24 May 2019 17:09:10 +0200] rev 12628
Install patched yapps for test from an http archive
Instead of git which require git to be installed. Also downloading archive is faster than cloning the repository.
Philippe Pepiot <philippe.pepiot@logilab.fr> [Thu, 28 Mar 2019 11:39:36 +0100] rev 12627
[server/test] make test filename uniques
To avoid these pytest error when collecting the whole test suite:
import file mismatch:
imported module 'unittest_utils' has this __file__ attribute:
cubicweb/cubicweb/server/test/unittest_utils.py
which is not the same as the test file we want to collect:
cubicweb/cubicweb/test/unittest_utils.py
Move cubicweb/server/test/unittest_security.py to cubicweb/server/test/unittest_security.py
and cubicweb/test/unittest_utils.py to cubicweb/test/unittest_server_utils.py
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 24 May 2019 16:29:14 +0200] rev 12626
Merge 3.26
julien tayon <julien.tayon@logilab.fr> [Tue, 21 May 2019 10:50:08 +0200] rev 12625
[dataimport] Fix case when extid is text in use_extid_as_cwuri()
Extid can be bytes or text.
This avoid AttributeError: 'str' object has no attribute 'decode'
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:34:08 +0200] rev 12624
[doc] fix key used in the hook example
The hook's regid is check_no_subsidiary_cycle.
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:32:09 +0200] rev 12623
[doc] set_operation has been replaced by add_data
See the changelog https://cubicweb.readthedocs.io/en/3.26/changes/changelog/#id14
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:30:52 +0200] rev 12622
[doc] check_cycle is a standard function
Noe Gaumont <ngaumont@logilab.fr> [Wed, 22 May 2019 11:29:49 +0200] rev 12621
[doc] fix several typos
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:54 +0200] rev 12620
[pkg] make cubicweb[crypto] depends on pycryptodome instead of pycrypto
pycrypto isn't maintained anymore, the last release 2.6.1 is from 2014.
Use the drop-in replacement fork pycryptodome instead.
pycryptodome is packaged in debian starting from stretch-backports.
Philippe Pepiot <philippe.pepiot@logilab.fr> [Tue, 21 May 2019 10:18:38 +0200] rev 12619
[crypto] Encode unicode strings in _cypherer()
pycrypto accept both bytes or string but pycryptodome, which will be introduced
in next changeset, doesn't accept this.
For backward compatibility, encode unicode strings in _cypherer()
julien tayon <julien.tayon@logilab.fr> [Thu, 16 May 2019 14:26:38 +0200] rev 12618
[ldapfeed] FIX: Unique Key violation when synchronizing with LDAPfeed
What was happening
==================
The bug appears when ldapfeed tries to insert a user while another user exists
exists with a different source.
Simple use case to reproduce:
- create a local user in cubicweb (source=system)
- sync with ldap
- ldapfeed will stop complaining user already exists.
Without next patch the test MUST fail with message:
cubicweb/server/sources/native.py:714: UniqueTogetherError
The ldapfeed is thus stopped ignoring any further ldap entries.
The proposal
============
Prior to this patch, the insertion was trying to create all CWUser with the
computed login from eeimporter.extid2eid (method process of DataFeedLDAPAdapter).
When a CWUser existed with a different cw_source ("system" for user created
with cubicweb for instance), it created a conflict.
To avoid collisions, in the extentities_generator method a bypass
was added at the insertion layer.
Prior to insertion the absence of the computed login is checked on a list of
all existing login from a different source.
If collision is detected, we skip the ldap record.
By short circuiting at the CWUser entity insertion level we also avoid to treat
CWGroup and EmailAddress related to this user.
Hence ensuring a behaviour that will not break existing instances.
(conservative approach: faced with ambiguity better do nothing than guess).
An error message is added stating explicitly the conflict.
Denis Laxalde <denis.laxalde@logilab.fr> [Fri, 15 Mar 2019 12:12:23 +0100] rev 12617
Skip tests for ldapsource with python >= 3.7
Until someone works on fixing these, this should make our CI green
again.
I tried to use setupModule() to check for python version, but
pre_setup_database() is apparently called even when a SkipTest exception
is raised there. So handle this in that method.
(grafted from 4d68d20427dee4b6751a0f1f5511fec2a04f4782)
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 17:18:29 +0200] rev 12616
Flake8 crypto module
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 17:17:42 +0200] rev 12615
Make crypto module python3-compatible
* Remove usage of unicode() and decode the base64-encoded string in
encrypt();
* Encode the string received in decrypt() as (I supposed) it should come
from the result of encrypt().
Add tests for this module along the way.
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:42:59 +0200] rev 12614
[mod] make ViolatedConstraint actually display useful information
Move from:
(Pdb++) raise some_exception
*** ViolatedConstraint:
To:
(Pdb++) raise some_exception
*** ViolatedConstraint: constraint 'cstr56c2ab4b3154f21d08b067742ce5bd9d' is being violated by the query 'ALTER TABLE cw_Bibliography ADD CONSTRAINT cstr56c2ab4b3154f21d08b067742ce5bd9d CHECK(cw_item_type IN ('journalArticle', 'note', 'book', 'thesis', 'film', 'web page', 'manuscrit', 'tapuscrit'))'. You can run the inverted constraint on the database to list the problematic rows.
And save hours of debugging to actually understand what is going on.
Denis Laxalde <denis.laxalde@logilab.fr> [Thu, 16 May 2019 09:40:28 +0200] rev 12613
Fix flake8 errors/warnings about import in cubicweb/_exceptions.py
We either ignore errors in case of name re-exports and drop re-exports
from old backwards compatibility. We fix the only occurrence of
NoSelectableObject being imported from cubicweb in tests and update the
import to use lgc instead.
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:47:27 +0200] rev 12612
add comment and # noqa on used import
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 04:47:10 +0200] rev 12611
remove unused import
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:42 +0200] rev 12610
[autopep8] E305 - Expected 2 blank lines after end of function or class
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:41 +0200] rev 12609
[autopep8] E303 - Remove extra blank lines
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:41 +0200] rev 12608
[autopep8] E302 - Add missing 2 blank lines
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 02:39:40 +0200] rev 12607
[autopep8] E301 - Add missing blank line
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 01:23:51 +0200] rev 12606
[enh] display CWConstraint type in its repr
This will change CWConstraint repr from something like:
<Entity CWConstraint 314282 [] at 140127700141904>
To:
<Entity CWConstraint 314282 of type UniqueConstraint [] at 140127700141904>
To help improve debugging UX a little bit.
Laurent Peuch <cortex@worlddomination.be> [Thu, 16 May 2019 01:23:51 +0200] rev 12605
[entities] display CWConstraint type in its repr
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 14:23:19 +0200] rev 12604
[changelog] document pyramid.ini automatic generation
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:50:29 +0200] rev 12603
Flake8 cubicweb/pyramid/test/test_hooks.py
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:06:29 +0200] rev 12602
[pyramid/doc] bad docstring
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:06:15 +0200] rev 12601
[pyramid/misc] remove useless variable
Laurent Peuch <cortex@worlddomination.be> [Wed, 15 May 2019 12:05:52 +0200] rev 12600
[pyramid/test] add test for pyramid.ini generation
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:44:35 +0200] rev 12599
Added tag 3.26.10 for changeset 74cc5de1ee6c
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 15 May 2019 15:44:26 +0200] rev 12598
[pkg] Version 3.26.10
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 16:07:32 +0200] rev 12597
Move CWSchemaTC to RQLExpressionTC
The test actually doesn't require a cubicweb schema, except for testing
EmailAdress which is out of scope of the test (testing RQLExpression.transform_has_permission()).
Just move the test in existing RQLExpressionTC inheriting from TestCase and
rename the tests to be more explicit.
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 16:41:41 +0200] rev 12596
[skeleton] Drop py27 tox environment
Since we dropped py2 support from cubicweb, it does not make
much sense to keep it in skeleton from now on.
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 15:30:42 +0200] rev 12595
[skeleton] Do not ship Debian and RPM packaging files in sdist
Denis Laxalde <denis.laxalde@logilab.fr> [Wed, 17 Apr 2019 15:06:57 +0200] rev 12594
[skeleton] Add a check-manifest tox environment
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 16:04:37 +0200] rev 12593
Fix pyramid tests
Followup fa292e9 which require cubicweb.session.secret to be set.
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 11:42:24 +0200] rev 12592
Fix flake8 and check-manifest
Followup fa292e9
Philippe Pepiot <philippe.pepiot@logilab.fr> [Fri, 10 May 2019 15:58:01 +0200] rev 12591
Merge 3.26
This fixes tests with psycopg2
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:37:13 +0200] rev 12590
DeprecationWarning: In future versions of Waitress clear_untrusted_proxy_headers will be set to True by default. You may opt-out by setting this value to False, or opt-in explicitly by setting this to True.
Source: https://docs.pylonsproject.org/projects/waitress/en/stable/arguments.html?highlight=clear_untrusted_proxy_headers
> This tells Waitress to remove any untrusted proxy headers ("Forwarded",
> "X-Forwared-For", "X-Forwarded-By", "X-Forwarded-Host", "X-Forwarded-Port",
> "X-Forwarded-Proto") not explicitly allowed by trusted_proxy_headers.
According to grep we don't use any of those headers so let's turn it on for
security reasons.
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:30:44 +0200] rev 12589
DeprecationWarning: The default pickle serializer is deprecated as of Pyramid 1.9 and it will be changed to use pyramid.session.JSONSerializer in version 2.0. Explicitly set the serializer to avoid future incompatibilities
. See "Upcoming Changes to ISession in Pyramid 2.0" for more information about this change.
As describe here https://docs.pylonsproject.org/projects/pyramid/en/1.10-branch/narr/sessions.html#pickle-session-deprecation
use a serializer that fallback on pickle if needed to avoid impacting users.
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 20:53:49 +0200] rev 12588
[pyramid/enh] generate pyramid.ini "create" and on "pyramid" command if needed
Laurent Peuch <cortex@worlddomination.be> [Wed, 08 May 2019 21:00:45 +0200] rev 12587
DeprecationWarning: The SafeConfigParser class has been renamed to ConfigParser in Python 3.2. This alias will be removed in future versions. Use ConfigParser directly instead.
Denis Laxalde <denis.laxalde@logilab.fr> [Mon, 08 Apr 2019 11:24:53 +0200] rev 12586
Account for new psycopg2 exception classes mapping
From psycopg2 >= 2.8, specific exceptions are raised corresponding to
postgresql errors. E.g. a CheckViolation exception is raised instead of
a generic IntegrityError previously when a constraint violation occurs.
The way we intercept database errors, especially for constraint
violation, is not compliant with that because we do not catch subclasses
of IntegrityError in native source's doexec() method.
We fix this by checking for the presence of IntegrityError error in
exception class's mro. This is still overcomplicated and clumsy, because
we still use string comparison, but this is the best we can do as far as
I know. (A better fix would be 'isinstance(ex, IntegrityError)' but we
have no engine-independent error classes, so this is not possible.
Something like sqlalchemy's DBAPI Errors [1] might help:
https://docs.sqlalchemy.org/en/latest/errors.html#dbapi-errors)
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 02:26:28 +0200] rev 12585
[cubicweb-ctl] remove "cubicweb-ctl wsgi" command following pyramid standardization
Laurent Peuch <cortex@worlddomination.be> [Fri, 12 Apr 2019 12:31:14 +0200] rev 12584
Use secure hash algorithm in WebConfiguration.sign_text
Fix: PendingDeprecationWarning: HMAC() without an explicit digestmod argument is deprecated.
The default hash algorithm used by hmac.new is md5. As of today, md5 is so weak
that it's the equivalent of plaintext and can't be considered to be secured at all.
Therefor, we switch to a secure hash algorithm.
The rational for choosing sha3_512 is:
* the recommended algorithm is at least sha_256
* the stronger, the more secured and sha3_512 is the stronger available
* thinking about the future this should keep this part of the code safe long
enough before people think about checking it again
You can read more about choosing a secure hash algorithm in the NIST
recommendations https://csrc.nist.gov/Projects/Hash-Functions/NIST-Policy-on-Hash-Functions
This code modification should normally be transparent since check_text_sign is
exactly this code 'self.sign_text(text) == signature' and that sign_text is
only used in combination with it. The only impact is that the hash is going to
move from 32 char to 128 which might make html page a bit bigger and that
sha3_512 is slow to compute (which is a good thing for security)