CaROS/meta-openembedded
3
1
Fork 0
mirror of git://git.openembedded.org/meta-openembedded synced 2026-01-01 13:58:06 +00:00
Code Issues Packages Projects Releases Wiki Activity
36,574 Commits 63 Branches 0 Tags 91 MiB
96a2496b65
Commit Graph

8784 Commits

Author SHA1 Message Date
Gyorgy Sarvari
96a2496b65
python3-cbor2: set CVE_PRODUCT 
The default, "python:cbor2" CVE_PRODUCT is not appropriate for this
recipe, because most associated CVEs use "agronholm:cbor2" CPE.

Set the CVE_PRODUCT to cbor2, so it will match the currently used
CPE, and in case there will be future python:cbor2 CPEs also, they
will be matched too.

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:51 -08:00
Khem Raj
f06f03200d
python3-backports-zstd: Upgrade to 1.3.0 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:51 -08:00
Liu Yiding
e15758ad1a
python3-fastapi-cli: upgrade 0.0.16 -> 0.0.20 
Changelog:
https://github.com/fastapi/fastapi-cli/releases/tag/0.0.20

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:51 -08:00
Wang Mingyu
90ab1ee642
python3-typer: upgrade 0.20.1 -> 0.21.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:49 -08:00
Wang Mingyu
3be4495590
python3-pikepdf: upgrade 10.0.3 -> 10.1.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:48 -08:00
Wang Mingyu
54691ea40a
python3-marshmallow: upgrade 4.1.1 -> 4.1.2 
Changelog:
  Merge error store messages without rebuilding collections.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:48 -08:00
Wang Mingyu
b7a2d1f770
python3-elementpath: upgrade 5.0.4 -> 5.1.0 
License-Update: Copyright year updated to 2025.

Changelog:
===========
- Drop Python 3.9 compatibility and add Pyton 3.15 support
- Improve XPath sequence internal processing with a list derived type xlist
- Extensions and fixes for XSD datatypes
- Add XSequence datatype for external representation of XPath sequences

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:48 -08:00
Wang Mingyu
c5196a2282
python3-coverage: upgrade 7.13.0 -> 7.13.1 
Changelog:
============
- Added: the JSON report now includes a "start_line" key for function and class
  regions, indicating the first line of the region in the source.
- Added: The debug data command now takes file names as arguments on the
  command line, so you can inspect specific data files without needing to set
  the COVERAGE_FILE environment variable.
- Fix: the JSON report used to report module docstrings as executed lines,
  which no other report did, as described in issue 2105.
- Fix: coverage.py uses a more disciplined approach to detecting where
  third-party code is installed, and avoids measuring it.
- Performance: data files that will be combined now record their hash as part
  of the file name. This lets us skip duplicate data more quickly, speeding the
  combining step.
- Docs: added a section explaining more about what is considered a missing
  branch and how it is reported: Examples of missing branches, as requested in
  issue 1597.
- Tests: the test suite misunderstood what core was being tested if
  COVERAGE_CORE wasn't set on 3.14+.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-31 08:28:48 -08:00
Wang Mingyu
9c5e7e5c29
python3-typer: upgrade 0.20.0 -> 0.20.1 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
ebca0ae79d
python3-tornado: upgrade 6.5.3 -> 6.5.4 
Bug fixes
~~~~~~~~~
- The "in" operator for "HTTPHeaders" was incorrectly case-sensitive, causing
  lookups to fail for headers with different casing than the original header name.
  This was a regression in version 6.5.3 and has been fixed to restore the intended
  case-insensitive behavior from version 6.5.2 and earlier.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
f1bdb4e99b
python3-soupsieve: upgrade 2.8 -> 2.8.1 
FIX: Changes in tests to accommodate latest Python HTML parser changes.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
aba3856c1e
python3-smbus2: upgrade 0.5.0 -> 0.6.0 
Changelog:
==========
- Python 3.14 added.
- Fix SystemError: buffer overflow on Python 3.14+ on 64-bit systems by using
   c_ulong instead of c_uint32 for I2C_FUNCS ioctl.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
8db029f9a5
python3-sdbus: upgrade 0.14.1 -> 0.14.2 
Changelog:
===========
- Fix segmentation fault if export handle outlives the exported object.
- Fix some tests failing on slow systems.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
dc39281af5
python3-python-multipart: upgrade 0.0.20 -> 0.0.21 
Changelog:
  Add support for Python 3.14 and drop EOL 3.8 and 3.9

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:29 -08:00
Wang Mingyu
4389519b6b
python3-pikepdf: upgrade 10.0.2 -> 10.0.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
602a336ae3
python3-nodeenv: upgrade 1.9.1 -> 1.10.0 
Changelog:
==========
- Use lowercase lookup for archmap
- Add support for Python 3.13
- Add UV Virtual Environment support
- Use sh instead of bash
- Replace additional use of which(1) with shutil.which()
- Support leading v in .node-version
- Check host platform when finding node version

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
b92546dea2
python3-joblib: upgrade 1.5.2 -> 1.5.3 
Changelog:
===========
- The Memory object won't overwrite an already existing .gitignore file in its
  cache directory anymore.
- Harden the safety checks in eval_expr(pre_dispatch) to prevent excessive
  memory allocation and potential crashes by limiting the allowed length of the
  expression and the maximum numeric value of sub-expressions and not evaluating
  expressions with non-numeric literals.
- Vendor cloudpickle 3.1.2 to fix a pickling problem with interactively defined
  abstract base classes and type annotations in Python 3.14+.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
049f50eef4
python3-imgtool: upgrade 2.2.0 -> 2.3.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
310009aad6
python3-humanize: upgrade 4.14.0 -> 4.15.0 
Added
------
- Add locale support for decimal separator in intword
- Add support for Python 3.15

Changed
--------
- Replace pre-commit with prek

Fixed
------
- naturaldelta: round the value to nearest unit that makes sense
- Fix plural form for intword and improve performance
- Replace Exception with more specific FileNotFoundError

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
3f09bcaf54
python3-google-auth: upgrade 2.43.0 -> 2.45.0 
Changelog:
=============
Features
---------
- Adding Agent Identity bound token support and handling certificate mismatches
  with retries
- support Python 3.14
- add ecdsa p-384 support
- MDS connections use mTLS
- Implement token revocation in STS client and add revoke() method to
  ExternalAccountAuthorizedUser credentials
- Add shlex to correctly parse executable commands with spaces

Bug Fixes
---------
- Use public refresh method for source credentials in ImpersonatedCredentials
- Add temporary patch to workload cert logic to accomodate Cloud Run
  mis-configuration
- Delegate workload cert and key default lookup to helper function

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
c2710a2df9
python3-filelock: upgrade 3.20.0 -> 3.20.1 
Changelog:
 CVE-2025-68146: Fix TOCTOU symlink vulnerability in lock file creation

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:28 -08:00
Wang Mingyu
44c27a5915
python3-cmake: upgrade 4.2.0 -> 4.2.1 
Changelog:
==========
- fix: add missing f-string prefix for --parallel bootstrap arg
- fix: workaround issue in lastversion with OpenSSL
- chore(deps): update clang to 21.1.8.0

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:27 -08:00
Wang Mingyu
0cc847b8f7
python3-cachetools: upgrade 6.2.3 -> 6.2.4 
Changelog:
  Fix license information displayed on PyPI be using an updated version of twine for uploading.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-24 13:18:27 -08:00
Khem Raj
dbc5ef5e12
python3-pyzstd: Delete recipe 
It has been moved to core layer

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Cc: Koen Kooi <koen.kooi@oss.qualcomm.com>
 2025-12-24 13:18:25 -08:00
Liu Yiding
cf1b6485d1
python3-uvicorn: upgrade 0.38.0 -> 0.40.0 
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-23 12:22:42 -08:00
Liu Yiding
a33d278d08
python3-importlib-metadata: upgrade 8.7.0 -> 8.7.1 
LIC_FILES_CHKSUM changed as LICENSE file format has been changed in 8.7.1

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-23 12:22:41 -08:00
Khem Raj
c0fb020740
python3-pytest-metadata: Upgrade to 3.1.1 
pytest-metadata version 2.0.2 has a bug where it tries to access
py.__version__, but the py library version 1.11.0
removed the __version__ attribute. This is a known incompatibility.

Switch to hatching build backend

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-22 07:29:42 -08:00
Khem Raj
ab4e9f7009
python3-pytest-html: Add missing ptest rdep on pytest html 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 12:58:57 -08:00
Wang Mingyu
2c0a4edb58
python3-tzdata: upgrade 2025.2 -> 2025.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:04 -08:00
Wang Mingyu
8ba97b6646
python3-tornado: upgrade 6.5.2 -> 6.5.3 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:04 -08:00
Wang Mingyu
f95039cd4b
python3-sqlalchemy: upgrade 2.0.44 -> 2.0.45 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:04 -08:00
Wang Mingyu
50f6252da9
python3-nanobind: upgrade 2.9.2 -> 2.10.2 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
335d2486ed
python3-matplotlib: upgrade 3.10.7 -> 3.10.8 
Changelog:
===========
- Properly allow freethreaded mode in the MacOS backend
- Better error handling for MacOS backend

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
ac2879c276
python3-fastapi: upgrade 0.124.0 -> 0.124.4 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
ff6283e627
python3-coverage: upgrade 7.12.0 -> 7.13.0 
Changelog:
============
- Feature: coverage.py now supports .coveragerc.toml
- Fix: we now include a permanent .pth file which is installed with the code
- Deprecated: when coverage.py is installed, it creates three command entry
  points: coverage, coverage3, and coverage-3.10 (if installed for Python
  3.10). The second and third of these are not needed and will eventually be
  removed. They still work for now, but print a message about their deprecation.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
99022c28b7
python3-cachetools: upgrade 6.2.2 -> 6.2.3 
Changelog:
==========
- Improve documentation regarding @cachedmethod with condition parameter.
- Minor style and readability improvements.
- Modernize build environment.
- Update CI environment.

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
5e3cbe73ed
python3-black: upgrade 25.11.0 -> 25.12.0 
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:03 -08:00
Wang Mingyu
8f50eabb81
python3-aiodns: upgrade 3.6.0 -> 3.6.1 
Changelog:
  Pin pycares to < 5

Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:02 -08:00
Liu Yiding
d39a37da7d
python3-txaio: upgrade 25.12.1 -> 25.12.2 
LICENSE CHKSUM has been changed as title was added in new LICENSE file.

Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-21 08:54:01 -08:00
Gyorgy Sarvari
fae6fe9b41
python3-django: upgrade 4.2.26 -> 4.2.27 
Contains fix for CVE-2025-13372 and CVE-2025-64460

Changelog: https://github.com/django/django/blob/4.2.27/docs/releases/4.2.27.txt

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-20 11:41:01 -08:00
Gyorgy Sarvari
2538918df1
python3-django: upgrade 5.2.8 -> 5.2.9 
Includes fix for CVE-2025-13372 and CVE-2025-64460

Changelog: https://github.com/django/django/blob/5.2.9/docs/releases/5.2.9.txt

Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-20 11:41:01 -08:00
Tom Geelen
b91e86f73a
python3-chromecast: upgrade 14.0.7 -> 14.0.9 
Changelog: https://github.com/home-assistant-libs/pychromecast/releases/tag/14.0.9

Drop obsolete patches.

Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-16 19:57:34 -08:00
Tom Geelen
063ae95c56
python3-aiohttp: add optional PACKAGECONFIG for the extras mentioned in the build requirements 
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-16 19:57:34 -08:00
Tom Geelen
120f908fa0
python3-aiohttp: add BBCLASSEXTEND: native and nativesdk to the recipe 
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-16 19:57:34 -08:00
Tom Geelen
f11695a304
python3-aiohttp: upgrade 3.12.15 -> 3.12.2 
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-16 19:57:33 -08:00
Tom Geelen
1b8afacbda
python3-async-timeout: add BBCLASSEXTEND for native and nativesdk 
Signed-off-by: Tom Geelen <t.f.g.geelen@gmail.com>
Reviewed-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-16 19:57:33 -08:00
Khem Raj
ec4c278bc9
python3-betamax: Skip ptests accessing network 
cassette fixtures are not installed in ptests so skip
test_requests_with_json_body

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-10 08:56:15 -08:00
Khem Raj
a145ddffde
python3-traitlets: Fix ptests fails 
Python 3.13 changed how argparse handles % in help strings,
now treating them all as format placeholders

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-10 08:56:15 -08:00
Khem Raj
ea2e124c95
python3-multidict: Add missing dependency on psutils modules for ptests 
Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-10 08:56:15 -08:00
Khem Raj
d8e7190fd3
python3-pyzstd: Remove setup.py tweak for lto/clang 
This tweak was specific to clang-16, its no longer needed
moreover, setup.py is no longer there in latest 0.19.x
release

Signed-off-by: Khem Raj <raj.khem@gmail.com>
 2025-12-10 08:56:15 -08:00