Changelog:
==========
- Announce for now that croniter dev is ended (CRA).
- Rework timestamp_to_datetime to use whatever timezone
- Make datetime_to_timestamp & timestamp_to_datetime public
- Fix EPOCH calculation in case of non UTC & 32 bits based systems
- Apply isort formatter
- Reintegrate test_speed
- Apply black formatter
- Code quality changes
Remove unused _get_caller_globals_and_locals
Remove single-use bad_length
Remove unused days in proc_month
Use field_index over i for readability
Always use """ for docstrings
Make helper instance methods that do not use self static
Remove unusd call to sys.exc_info
Remove unused ALPHAS
Improve croniter.expand documentation
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
Fix: Tomas Uribe fixed a performance problem in the XML report.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
Rolled back undocumented changes to printing functions introduced in 2.5.0.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=========
- [Bot] Update to CMake 3.31.2
- fix: tests
- chore: align minimum cmake version with the one of scikit-build-core
- fix: bootstrap build
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
==========
Features
--------
- Convert to pytest for running unit and integration tests (PYTHON-1297)
- Add support for Cassandra 4.1.x and 5.0 releases to CI (PYTHON-1393)
- Extend driver vector support to arbitrary subtypes and fix handling of variable length types (PYTHON-1369)
Bug Fixes
----------
- Python NumpyProtocolHandler does not work with NumPy 1.24.0 or greater (PYTHON-1359)
- cibuildwheel appears to not be stripping Cython-generated shared objects (PYTHON-1387)
- Windows build for Python 3.12 compiled without libev support (PYTHON-1386)
Others
---------
- Update README.rst with badges for version and license (PR 1210)
- Remove dependency on old mock external module (PR 1201)
- Removed future print_function, division, and with and some pre 3.7 handling (PR 1208)
- Update geomet dependency (PR 1207)
- Remove problematic escape sequences in some docstrings to avoid SyntaxWarning in Python 3.12 (PR 1205)
- Use timezone-aware API to avoid deprecated warning
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- When parsing DBC, use long names in SignalGroup.signal_names to match Signal.name
- Raise Minimum Python Version to 3.9
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Fix response headers to be compliant with the OpenAPI specification for versions 3.0.0+
- Fix input data loading implementation when input validation is skipped
- Include input documentation in API spec when specifying validation=False on @input decorator
- Support skipping the validation for the request body with @input(validation=False)
- Enable CI test for Python 3.13.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
===========
- Updated TaskGroup to work with asyncio's eager task factories
- Added the wait_readable() and wait_writable() functions which will accept an
object with a .fileno() method or an integer handle, and deprecated their now
obsolete versions (wait_socket_readable() and wait_socket_writable())
- Changed EventAdapter (an Event with no bound async backend) to allow set() to
work even before an async backend is bound to it
- Added support for wait_readable() and wait_writable() on ProactorEventLoop
(used on asyncio + Windows by default)
- Fixed a misleading ValueError in the context of DNS failures
- Fixed the return type annotations of readinto() and readinto1() methods in the
anyio.AsyncFile class
- Fixed TaskInfo.has_pending_cancellation() on asyncio returning false positives
in cleanup code on Python >= 3.11
- Fixed cancelled cancel scopes on asyncio calling asyncio.Task.uncancel when
propagating a CancelledError on exit to a cancelled parent scope1
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
=============
- fix common misspellings from codespell project
- nvmetcli: set up the target only after the network is configured
- nvmetcli: fixup ana groupid setting for namespaces
- Documentation: fix typo
- nvmetcli: add a tcp example json
- nvmetcli: Correct xrange usage for py3
- nvmetcli: Allow different devices for make test
- nvmetcli: Report save name correctly
- test_nvmet.py: test_invalid_input fails for py3
- nvme.py: Make modprobe work for kmod lib too
- nvme.py: Sync the containing directory
- nvme.py: Explicit close is redundant
- nvmetcli: Improve IOError handling on restore
- README: Update URL for configshell-fb
- nvmetcli: don't remove ANA Group 1 on clear
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
============
- A build failure with gcc-15 is fixed.
- Several translations were updated.
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: add year and name of copyright owner
Changelog:
==========
- Stringify '$]' for far future compatibility.
- Fixed docs about custom files for capture
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop python3-cython-native from DEPENDS since we already inherit cython
bbclass.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Drop python3 and python3-cython-native from DEPENDS since we already
inherit setuptools3 and cython bbclasses.
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Small bugfix release addressing a potential crash due to a bad usage of
PyDict_Next() in the C extension.
Signed-off-by: Bartosz Golaszewski <bartosz.golaszewski@linaro.org>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2024-46613
Update dependencies:
- remove openssl and icu
- add cjson and gettext-native
Remove patch to find gcrypt which is no longer needed.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This CVE is fixed in current libsass recipe version.
So wrapper around it will also not show this problem.
It's usual usecase is to be statically linked with libsass which is
probably the reason why this is listed as vulnerable component.
[1] links [2] as issue tracker which points to [3] as fix.
[4] as base repository for the recipe is not involved and files from [3]
are not present in this repository.
[1] https://nvd.nist.gov/vuln/detail/CVE-2022-43357
[2] https://github.com/sass/libsass/issues/3177
[3] https://github.com/sass/libsass/pull/3184
[4] https://github.com/sass/sassc/
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is fixed by [2].
The commit message says that it is reverting feature added in:
$ git tag --no-contains d7a0084 | grep 1.0.18
1.0.18
This recipe is for the original memcached which is unmaintained now.
Hence the ignore instead of upgrade.
[1] https://nvd.nist.gov/vuln/detail/CVE-2023-27478
[2] https://github.com/awesomized/libmemcached/commit/48dcc61a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
After removing old libmemcached recipe version, these is no reasons
anymore to have this split.
The memcached resurrected project uses cmake and different urls.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Solves CVE-2023-46852 and CVE-2023-46853.
Upgrade done via "devtool upgrade".
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Download URL is not listable so devtool upgrade fails.
Using homepage works as it contains link to latest release,
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
NVD tracks this CVE as version-less.
Per [1] this is fixed by following commits:
$ git tag --contains b28a3cef416fcfb92fbb9ea7fd3c71df52c6c9fc
0.26.0
0.26.0-rc1
$ git tag --contains 02e847458369c08421fd2d5e9a16a5f272c2de9e
0.26.0
0.26.0-rc1
[1] https://github.com/OpenSC/OpenSC/wiki/CVE-2024-8443
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This will remove false-positive CVE-2024-50655 from reports.
There are different emlog components from other vendors around.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Per [1] this is a problem of applications using memcached inproperly.
This should not be a CVE against php-memcached, but for whatever
software the issue was actually found in. php-memcached and
libmemcached provide a VERIFY_KEY flag if they're too lazy to
filter untrusted user input.
[1] https://github.com/php-memcached-dev/php-memcached/issues/519
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This CVE is officially disputed by Redhat with official statement in
https://nvd.nist.gov/vuln/detail/CVE-2007-0086
Red Hat does not consider this issue to be a security vulnerability.
The pottential attacker has to send acknowledgement packets periodically
to make server generate traffic. Exactly the same effect could be
achieved by simply downloading the file. The statement that setting the
TCP window size to arbitrarily high value would permit the attacker to
disconnect and stop sending ACKs is false, because Red Hat Enterprise
Linux limits the size of the TCP send buffer to 4MB by default.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is Debian-specific CVE.
NVD tracks this CVE as version-less.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
This is gentoo specific CVE.
NVD tracks this as version-less CVE.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Our hash does not point to exact tag and CVE patch is already in.
We use: 33a8a275928b186381bb0aea0f9778e330e57ec3
Fix: 60b813a770
git describe --tags --match=v0.2 33a8a275928b186381bb0aea0f9778e330e57ec3 60b813a770e42fdb0e85c1d2da7a55327784b8d6
v0.2-262-g33a8a27
v0.2-85-g60b813a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
NVD tracks this as version-less CVE for spice.
It was fixed by [1] and [2] included in 0.13.2.
[1] 6b32af3e17
[2] 359ac42a7a
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
