-
Notifications
You must be signed in to change notification settings - Fork 164
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
devel/py-python-bugzilla: Fix for API key leak #138
Closed
ricardobranco777
wants to merge
1
commit into
NetBSD:trunk
from
ricardobranco777:fix_bugzilla_api_key_leak
Closed
devel/py-python-bugzilla: Fix for API key leak #138
ricardobranco777
wants to merge
1
commit into
NetBSD:trunk
from
ricardobranco777:fix_bugzilla_api_key_leak
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jul 19, 2024
Based on PR 58426 by jonathan buschmann. ## 2.4.7 2024-05-05 ### Fixed - docs(pop): clarify --spill behavior (#445) - fix(branch): disallow branch before subcommand (#447) ### Changed - refactor: get gix-command via gix with command feature - Update gix to version 0.62 ## 2.4.6 2024-04-07 ### Fixed - fix(bash): fix completion for "committish" ### Changed - docs: Update copyright year - chore: update gix to 0.61.1 - ci: update to wix 4.0.5 ## 2.4.5 2024-02-18 ### Fixed - fix: stdout from hooks (#418) ### Changed - chore: add category and keywords to Cargo.toml - build: exclude some paths from crate - docs(readme): enumerate more package repositories - chore: update dependencies ## 2.4.4 2024-02-11 ### Fixed - fix: pass stdio for interactive editing (#415) - fix: update gix-tempfile and gix-lock to 13.1.0 (#413) ### Changed - chore: update dependencies ## 2.4.3 2024-02-04 ### Added - feat(branch): allow delete of current branch ### Fixed - fix(branch): delete branch config with branch - fix: use gix-command for interactive edit (#407) - fix: improved interactive editor diagnostics - chore: update gix to 0.58.0 (#407) - docs: fix dates in changelog ### Changed - refactor(branch): use gix to rename config section - refactor: use gix to remove stgit branch config - refactor: use gix-command for hooks - refactor: use non-deprecated indexmap methods - ci: update cargo-generate-rpm to 0.14.0 - ci: update to upload-artifact@v4 - ci: restore use of IO::Pty in MacOS build ## 2.4.2 2023-12-26 ### Changed - feat(pop): allow unescaped negative patch offsets - feat(show): allow unescaped negative patch offsets - chore: update dependencies ## 2.4.1 2023-12-10 ### Fixed - fix(zsh): short -r opt for `stg series` ### Changed - chore: update gix to 0.56.0 - chore: update transient dependencies ## 2.4.0 2023-10-08 ### Added - feat(delete): --all -A -U -H options - feat(sink): -T/--above option - feat(branch): short opts for clone and delete ## 2.3.3 2023-10-04 ### Fixed - fix(zsh): -S option for float, import, and sync - build: avoid non-portable install options - test: improved test script portability ### Changed - update dependencies ## [2.3.2] 2023-08-19 ### Fixed - fix!(uncommit): check for HEAD/top mismatch (#360) - docs: docstring spelling and formatting fixes ### Changed - feat(uncommit): print uncommited patches - pin serde to avoid using precompiled binary - update dependencies ## [2.3.1] 2023-07-25 ### Fixed - fix(zsh): typo in completion help for stg commit --all - fix: use canonical Message-ID spelling - fix(stgit.el): recognize new empty patch marker - fix(import): Keep first line break in body ### Changed - update dependencies ## [2.3.0] 2023-05-25 ### Removed - import-compressed is always enabled, no longer a feature ### Added - unofficial deb and rpm packages - msi package for Windows ### Fixed - fix(import): would panic without import-url feature - fix(import): patch numbers not stripped from name ### Changed - use bzip2-rs instead of bzip2 crate - update dependencies ## [2.2.4] 2023-05-15 ### Added - feat: Upgrade from ancient stack state formats (#235) ### Fixed - fix(branch): create based on remote branch (#317) - fix(import): lost subject lines resembling header (#321) - fix(import): subject line may be discarded ### Changed - chore: update dependencies ## [2.2.3] 2023-04-26 ### Fixed - fix: error using on Windows (#273) - fix: path handling for Windows compatibility - fix: commit-msg hook run from work root - fix: avoid "stg.exe" in usage on Windows - fix: use gitattributes to force LF endings on Windows - fix: wrap hooks with sh on Windows ### Changed - chore: update to gix 0.44.0 - chore: update other dependencies ## [2.2.2] 2023-04-01 ### Fixed - fix: rebase with '@' in ref names (#306) - fix: improved error messages for unrecognized commands ## [2.2.1] 2023-03-29 ### Changed - chore: update to clap 4.2.0 - chore: update to gix 0.43.0 - chore: pin clap minor version ### Fixed - fix(branch): allow reuse of partially deleted branch names (#290) - fix(branch): branch list alignment - fix: running hooks from worktree subdir (#295) - fix: running from linked worktree (#297) - fix(float): correct -S in usage string - fix: correctly show bold command/subcommand in overidden usage ## [2.2.0] 2023-02-24 ### Removed - feat!: remove short -s option for --submodules - fix!: patch name cannot be {base} or @ ### Added - feat: patch locator syntax - feat: locate branches using @{-N} syntax - feat(series): Add --reverse option - feat(series): options for patch offsets and indices - feat(series): --no-xxx options to override display options - feat(series): optional value for --short - feat!: short -s option for --signoff (#245) - feat(init): add -b/--branch option ### Changed - fix!: use -S as short opt for --series - feat!: constrain refresh -p to visible patches - feat(series)!: empty patch prefix changed to * - feat!: spell errors in lowercase - refactor: use gitoxide instead of git2 - refactor: use time crate instead of chrono - feat!: update to clap 4.1 - chore: update to latest dependencies ### Fixed - fix: Error if author or committer is not configured - fix: Use correct base directory for core.hooksPaths - fix(rename): colliding patch names - fix(rebase): repair rebasing to a tag (#265) - fix(branch): switch branch with detached head - docs: Repair docstrings being confused as html - docs: normalized spelling for --branch value ## [2.1.0] 2022-12-12 ### Added - feat: Configurable push conflict policy (#60) - feat: Add --committer-date-is-author-date option (#47) - feat(import): Add --3way option (#36) - feat(import): Add --directory option (#36) ### Changed - feat!: Relaxed stack initialization (#238) - feat!: Only sign stack based on stgit.gpgsign (#238) - fix!: Allow "---" separator in messages (#243) - feat: More descriptive push conflict message (#60) - feat: Avoid post-edit commits when no change - chore: Update dependencies to latest versions ### Fixed - fix: Improved error message for uninitialized stack - fix: Improve error for re-initialization attempt - fix(prev): Different error message for empty stack - fix: Accept full ref name for branches - fix(zsh): Complete --edit and --diff for stg new ## [2.0.4] 2022-11-30 ### Changed - docs: Document configuration variables - refactor: Use is-terminal instead of atty - chore: Update Cargo.lock with latest dependencies. ### Fixed - fix: Don't generate new patch name until after edit (#239) - fix: Run shell aliases from top-level of work tree - fix: Use GIT_PREFIX in built-in aliases ## [2.0.3] 2022-11-21 ### Changed - chore: Update Cargo.lock with latest dependencies. ### Fixed - fix: improved git version parsing on MacOS - fix: StGit-specific branch config handling - docs: fixed many typos ## [2.0.2] 2022-11-17 ### Changed - chore: Update Cargo.lock with latest dependencies. - docs(init): Add long help for `stg init`. ### Added - feat: Enable basic support for `extensions.worktreeconfig` to unblock sparse checkout with partial clone (#195). ### Fixed - docs: More inter-command links - docs: Normalize quoting ## [2.0.1] 2022-11-07 ### Changed - chore: Update to clap 4.0.22 ### Fixed - docs(readme): Clarify static versus dynamic linking (#230) - build: Improve Documentation build performance (#229) ## [2.0.0] 2022-11-06 ### Removed - `stg clone` is removed. Use `git clone` and `stg init` instead. - `stg mail` is replaced with `stg email format` and `stg email send`. - `stg refresh --spill` is replaced with dedicated `stg spill` command. - `stg edit` no longer accepts `-O/--diff-opts`. Custom diff options is in conflict with editable diffs since many (most?) diff options cause the diff to no long be applicable. - `stg files` no longer accepts `-O/--diff-opts`. This option was of marginal value since it only had a possible side effect when `--stat` was being used. ### Added - `stg id` now accepts the `-b/--branch` option. - `stg completion` command provides runtime support for shell completions. - `stg completion bash` generates bash shell completion script. - `stg completion fish` generates fish shell completion script. - `stg completion zsh` outputs zsh shell completion script. - `stg completion list` shows StGit commands and aliases and is used at completion-time by shell completion scripts. - `stg completion man` generates man pages in asciidoc format. - `stg email format` wraps `git format-patch` and provides a mechanism to generate patch emails and optional cover letter in mbox format. - `stg email send` wraps `git send-email` and allows sending patch emails, either from files generated by `stg email format` or by specifying patches directly. - `stg new --refresh` allows a new patch to be refreshed with changes in one step. The `-i/--index`, `-F/--force`, `-s/--submodules`, and `--no-submodules` options from `stg refresh` are also available to `stg new` when using `-r/--refresh`. - `stg series` gains the `-i/--commit-id` option to display patches' commit ids. - `stg show` diff output can now be limited to certain paths by specifying path limits on the command line. - `stg spill` replaces `stg refresh --spill`. - `stg version` gains `-s/--short` flag to show shortened version info. - Added documentation for patch range syntax to stg(1) man page. - Added `install-all` target to top-level Makefile that installs the executable, man pages, html pages, and shell completions. ### Changed - StGit is now implemented entirely in Rust instead of Python. - StGit is generally much faster; many commands are up to 4x faster. There was an emphasis on making informational commands such as `stg id`, `stg series`, and `stg top` as fast as possible to make their use in interactive contexts (shell prompts, IDE extensions) more comfortable. - StGit error messages have been updated; many have different, and hopefully better, wording. Error messages are also use color (when color is enabled). Scripts relying on exact error messages from StGit will need to be updated. - StGit output to stdout is generally more terse. Commands that change the stack such as `push`, `pop`, and `commit`, use sigils to denote the changes made to the stack. E.g. `stg commit p0..p3` will output `$ p0..p3` where the "$" sigil means that a patch, or patch range, has been committed. These are all the currently used stack change sigils: - `+` patch was pushed - `-` patch was popped - `>` patch became the current topmost patch - `&` patch was updated - `$` patch was committed - `#` patch was deleted - `@` patch was rolled-back - `!` patch was hidden - StGit aliases are now more like Git aliases. Normal aliases refer to StGit subcommands, but aliases prefixed with '!' are shell aliases that may run arbitrary commands. An example normal alias would be `git config stgit.alias.list 'series --description --empty'`. An example shell alias would be `git config stgit.alias.st '!git status --short'`. - Commands such as `stg goto`, `stg push`, and `stg pop` now require full/correct patch names on the command line and no longer accept unambiguous patch name prefixes. When an inexact patch name is provided on the command line, the error message will now suggest similar valid patch names. - Additional template search paths were added. In addition to looking for template files in .git/, also look in `$XDG_CONFIG_HOME/stgit/templates/` and `$HOME/.stgit/templates`. This search strategy is consistent with how git looks for the global config file. - The new `--signoff` patch edit option supersedes the deprecated `--sign` and `--sign-by` options. `--signoff` without its optional value does the same thing as `--sign`, while `--signoff=<value>` does the same thing as `--sign-by=<value>`. - The `--ack` and `--review` patch edit options now optionally take a value. The `--ack-by` and `--review-by` options are deprecated. - `stg branch` output is now generally less verbose. - `stg branch --describe` replaces `stg branch --description`. The `--description` subcommand remains supported as a hidden alias to `--describe`, but the description string must now be provided as its own argument; i.e. `--description="description string"` is no longer supported. - `stg branch --list` now produces colorized output. The `--color` option or `NO_COLOR` environment variable may be used to affect this behavior. - `stg branch --rename` now supports renaming regular git branches in addition to StGit-enabled branches. - `stg clean` now uses `-A` and `-U` short options for `--applied` and `--unapplied` instead of `-a` and `-u`. This is done for consistency with `stg series` and `stg show`. - `stg import` now only recognizes compressed patches by their file extension (`.bz2` or `.gz`) and no longer proactively attempts to decompress using all known decompressors. - `stg import` support for compressed input files is selectable at compile time using the `import-compressed` feature. - `stg import` support for importing from a URL is selectable at compile time using the `import-url` feature. **N.B.** there is a measurable runtime performance impact of building with `import-url` due to the unconditional, pre-main initialization of `curl` which affects **all** `stg` commands. - `stg log` now colorizes output by default. The `--color` option or `NO_COLOR` environment variable may be used to affect this behavior. - `stgit.new.verbose` changed to `stgit.edit.verbose` and now also affects edit behavior for `edit`, `refresh`, and `squash` along with `new`. - `stg new` now accepts `-e/--edit` and `-d/--diff` instead of `-v/--verbose` - `stg pick` now allows a mix of commits and patches to be picked whereas previously only a single commit xor multiple patches could be picked. - `stg pick` now performs a single stack transaction for all the picked patches/commits instead of one transaction per pick. - `stg push` now attempts to perform three-way merges, which may improve conflict resolution in some cases. This feature is enabled by default when git >= 2.32.0 is detected. - `stg rebase --interactive` the "squash" and "fixup" instructions may no longer be applied to the first patch in the instruction list. The stated semantics of both "squash" and "fixup" is that they squash the labeled patch with the preceding patch, which is not possible/valid when there is no preceding patch. - `stg refresh` no longer has a `--spill` flag. Use `stg spill` instead. - `stg series` has updated colorized output. - `stg series` now requires patch range arguments to be both in-order and contiguous. Constraining patch ranges in this manner ensures that the output from `stg series` is always a valid/correct view of a subset of the series. - `stg show` diff output respects the `--color` option. - `stg squash` now allows the full suite of patch edit options, including `-d/--diff`. Previously only a few message-related options were available. - `stg version` now displays copyright and license statements. ### Fixed - `stg branch --create` inherits the current branch's remote branch configuration, if available. The Python implementation had an apparent bug that prevented inheriting the remote branch configuration when creating from the current branch. - Avoid case insensitive patch name collisions. On operating systems with case-insensitive paths, patch names that only differ by case lead to patch reference collisions. StGit now ensures that patch names are distinct under case insensitive comparisons. - `stg pull` and `stg rebase` record updated stack state instead of deferring until the next stack-modifying command to do so. ### Changed since 2.0.0-rc.2 #### Changed - chore: Update Cargo.lock #### Fixed - fix(zsh): Repair broken completion of --git-opt - fix(zsh): Add missing `stg email send --branch` - fix(email): Send using --branch option - fix: Avoid duplicate signoff with stgit.autosign - fix: Do not use 3way for merged checks ## [2.0.0-rc.2] 2022-10-23 ### Changed - The `--diff-opts` option is renamed to `--diff-opt`. `--diff-opts` remains available as an alias. - The `--diff-opt` option no longer allows multiple git options per occurrence. This allows git diff options with spaces in their values. - The `--git-opts` option for `stg email format` and `stg email send` is renamed `--git-opt`. - The `--git-opt` option no longer allows multiple git options per occurrence. This allows git options with spaces in their values. - Zsh completion for `--diff-opt` and `--git-opt` leverage the full-featured git completion capability. ### Fixed - Repair check for modifications to stack by external tools. - `stg pull` and `stg rebase` record updated stack state instead of deferring until the next stack-modifying command to do so. - Improve patch application with `git apply --3way` when pushing` (#225) - Zsh completion for `--diff-opt` accommodates multiple occurrences ## [2.0.0-rc.1] 2022-09-30 ### Added - Added `--annotate` flag to `stg email send`. - Added `-p`/`--patch` option to `stg show` as alternative way to select patch ranges (#216). - Added `-n`/`--name` option to `stg new` as alternative way to specify new patch name (#216). ### Changed - Update `git2` to 0.15.0, which may further help compatibility with sparse checkouts and multiple worktrees (#195). - Update to `clap` 4.0, which changes the help formatting and coloring. - Update other dependencies to latest versions in Cargo.lock. - No longer depend on `lazy_static` crate. - Use `std::thread::scope` instead of custom mechanism. This brings the total number of uses of `unsafe` in StGit to zero. - Minimum rustc requirement is set to 1.63.0. - The '$' sigil used for committed patches is now yellow instead of white. - Patch names beginning with a hyphen '-' may be disambiguated from command line options by escaping the leading '-' with a backslash. - `stg email format` and `stg email send` now use `-G`/`--git-opts` to pass additional options to `git format-patch` and `git send-email`. - Patch name arguments to `stg email format` and `stg email-send` can now be placed after a `--` separator (#216). - Update top-level usage help for `stg`. ### Fixed - Various errors that may occur when executing a stack transaction are now handled more robustly such that the changes from the transaction are rolled-back so that the stack, repository, and worktree are all in a consistent state (#205). - The `stg uncommit -h` usage indentation is repaired. - The `stg float` usage now shows the two distinct usage modes. - `stg squash --name` allows patch names with leading '-'. - `stg diff --range` allows patch names and ranges with leading '-'. - Fix some pre-indented paragraphs in help/about strings. - Zsh completion for `stg edit` incorrectly included -O/--diff-opts. - Zsh completion for `stg files` incorrectly included -O/--diff-opts. ## [2.0.0-beta.3] 2022-08-28 ### Added - Add install targets for `contrib/` directory. ### Changed - Use `git` executable instead of `libgit2` for all status and index operations to improve compatibility with sparse index checkouts (#195). - Show commit hash in `stg version` output when not built from tag. - Use `cargo --locked` consistently in Makefiles. - Use "patch" extension in temp file name when editing a patch with a diff. - Updated transient dependencies in Cargo.lock. ### Fixed - Repair `stg branch --describe` panic when run without arguments - Repair zsh completions for `git branch` - Repair `stgit.el` to use compatible `stg show` commands (#202). - Repair `stg uncommit --to` to work with annotated tags (#203). - Repair `make install` to not install cargo tracking files. ## [2.0.0-beta.2] 2022-08-05 ### Changed - Improved error when push conflicts with untracked files (#193) - Removed a few transitive dependencies by turning-off features in bstr and chrono. - Update Cargo.lock with latest dependencies - Update to clap 3.2 and only use non-deprecated interfaces ### Fixed - Repair `stg spill` when spilling newly added files and using path limits. ## [2.0.0-beta.1] 2022-07-28 ### Removed - Removed Python implementation of StGit. ### Added - Man page generation in asciidoc format with `stg completion man`. This was needed for feature parity with the Python implementation. - Added documentation for patch range syntax to stg(1) man page. - Added `install-all` target to top-level Makefile that installs the executable, man pages, html pages, and shell completions. ### Changed - Additional template search paths were added. In addition to looking for template files in .git/, also look in `$XDG_CONFIG_HOME/stgit/templates/` and `$HOME/.stgit/templates`. This search strategy is consistent with how git looks for the global config file. - Makefile targets are updated such that they are all applicable to the Rust implementation. - Argument value names are now all lowercase in help and man pages. - Updated Cargo.lock with latest versions of dependencies. - Release checklist is updated for Rust implementation. ### Fixed - Minor typo fixes in help strings - Improved documentation for top-level `stg` options. - Improve error message in edge case of attempting to push a hidden patch by name when there are no unapplied patches. ## [2.0.0-alpha.2] 2022-07-07 ### Added - `stg email format` wraps `git format-patch` and provides a mechanism to generate patch emails and optional cover letter in mbox format. - `stg email send` wraps `git send-email` and allows sending patch emails, either from files generated by `stg email format` or by specifying patches directly. ### Changed - Bash completions for shell aliases now fallback to filename completions (#191). - Help options listings now ensure --color and --help are shown last. - Various zsh completion improvements: - Add descriptions for --color values - Complete -O/--diff-opts values (using `git diff-tree --git-completion-helper`) - Comprehend `stg -C <dir>` options - Improved/corrected alias expansion - Improved error messages when completion is attempted outside git repo and/or StGit-initialized branch - Patch name completions now look and feel like output from `stg series` - Complete patch range syntax ('patch0..patchN') for all relevant commands - Completion for `stg squash` no longer allows duplicate patch name arguments - Removed completions for removed `stg mail` command - Completion for `stg sink` no longer offers hidden patches - Completion for `stg rename` comprehends second, new patch name argument - Completion for `stg diff --range` now works ### Fixed - Compatibility with git versions prior to 2.35.0 is repaired by avoiding using `git apply --allow-empty` (#192). - Fish completions for -O/--diff-opts are repaired ## [2.0.0-alpha.1] 2022-06-17 ### Added - `stg series` gains the `-i/--commit-id` option to display patches' commit ids. - `stg series` colorized output is modified. The main change is that patch descriptions are no longer yellow. - `stg version` now displays copyright and license statements. - `stg version` gains `-s/--short` flag to show shortened version info. - The `stgit.diff-opts` configuration variable is now respected as it was in the Python implementation. - `stg completion` command provides runtime support for shell completions. - `stg completion bash` generates bash shell completion script. - `stg completion fish` generates fish shell completion script. - `stg completion zsh` outputs zsh shell completion script. - `stg completion list` shows StGit commands and aliases and is used at completion-time by shell completion scripts. ### Changed - The `-O/--diff-opts` flag now allows both multiple space separated opts in one value as well as multiple occurrences of `-O/--diff-opts` on the same command line. This behavior is compatible with the Python implementation. - `stg series` help output splits options into a few sections. - Dependencies are updated to more recent versions in Cargo.lock. ### Fixed - `stg edit --set-tree` no longer causes the interactive editor to be implicitly invoked. - Repair build for non-Linux unix targets (including MacOS) and Windows targets. - Avoid case insensitive patch name collisions. On operating systems with case-insensitive paths, patch names that only differ by case lead to patch reference collisions. StGit now ensures that patch names are distinct under case insensitive comparisons. - Add missing `-t` short option for `--set-tree` for `stg edit`. - Add missing `-k` short option for `--keep`. ## [2.0.0-alpha.0] 2022-05-17 ### Removed - `stg edit` no longer accepts `-O/--diff-opts`. Custom diff options is in conflict with editable diffs since many (most?) diff options cause the diff to no long be applicable. - `stg files` no longer accepts `-O/--diff-opts`. This option was of marginal value since it only had a possible side effect when `--stat` was being used. - `stg clone` is removed (at least for the time being). Use `git clone` and `stg init` instead. - `stg mail` is removed, but will be re-added or replaced prior to the 2.0.0 release. ### Added - `stg new --refresh` allows a new patch to be refreshed with changes in one step. The `-i/--index`, `-F/--force`, `-s/--submodules`, and `--no-submodules` options from `stg refresh` are also available to `stg new`. - `stg id` now accepts the `-b/--branch` option. - `stg spill` replaces `stg refresh --spill`. ### Changed - StGit aliases are now more like Git aliases. Normal aliases refer to StGit subcommands, but aliases prefixed with '!' are shell aliases that may run arbitrary commands. An example normal alias would be `git config stgit.alias.list 'series --description --empty'`. An example shell alias would be `git config stgit.alias.st '!git status --short'`. - The `--ack` and `--review` options now optionally take a value. The `--ack-by` and `--review-by` options are deprecated. - Commands such as `stg goto`, `stg push`, and `stg pop` now require full/correct patch names on the command line and no longer accept unambiguous patch name prefixes. When an inexact patch name is provided on the command line, the error message will now indicate similar valid patch names. - `stg branch` output is now generally less verbose. - `stg branch --describe` replaces `stg branch --description`. The `--description` subcommand remains supported as a hidden alias to `--describe`, but the description string must now be provided as its own argument; i.e. `--description="description string"` is no longer supported. - `stg branch --list` now produces colorized output. The `--color` option or `NO_COLOR` environment variable may be used to affect this behavior. - `stg branch --rename` now supports renaming regular git branches in addition to StGit-enabled branches. - `stg clean` now uses `-A` and `-U` short options for `--applied` and `--unapplied` instead of `-a` and `-u`. This is done for consistency with `stg series` and `stg show`. - `stg import` now only recognizes compressed patches by their file extension (`.bz2` or `.gz`) and no longer attempts to decompress using all known decompressors. - `stg import` support for compressed input files is selectable at compile time using the `import-compressed` feature. - `stg import` support for importing from a URL is selectable at compile time using the `import-url` feature. - `stg log` now colorizes output by default. The `--color` option or `NO_COLOR` environment variable may be used to affect this behavior. - `stgit.new.verbose` changed to `stgit.edit.verbose` and now affects edit behavior for `edit`, `refresh`, and `squash` along with `new`. - `stg new` now accepts `-e/--edit` and `-d/--diff` instead of `-v/--verbose` - `stg pick` now allows a mix of commits and patches to be picked whereas previously only a single commit xor multiple patches could be picked. - `stg pick` now performs a single stack transaction for all the picked patches/commits instead of one transaction per pick. - `stg rebase --interactive` the "squash" and "fixup" instructions may no longer be applied to the first patch in the instruction list. The stated semantics of both "squash" and "fixup" is that they squash the labeled patch with the preceding patch, which is not possible/valid when there is no preceding patch. - `stg refresh` no longer has the `--spill` flag. Use `stg spill` instead. - Updated colorized output for `stg series`. - `stg series` now requires patch range arguments to be both in-order and contiguous. Constraining patch ranges in this manner ensures that the output from `stg series` is always a valid/correct view of a subset of the series. - `stg show` diff can now be limited to certain paths by specifying path limits on the command line. - `stg show` diff output respects the `--color` option. - The new `--signoff` patch edit option supersedes the deprecated `--sign` and `--sign-by` options. `--signoff` without its optional value does the same thing as `--sign`, while `--signoff=<value>` does the same thing as `--sign-by=<value>`. - `stg squash` now allows the full suite of patch edit options, including `-d/--diff`. Previously only a few message-related options were available. ### Fixed - `stg branch --create` inherits the current branch's remote branch configuration, if available. The Python implementation had an apparent bug that prevented inheriting the remote branch configuration when creating from the current branch. ## [1.5] 2022-01-28 ### Removed ### Added - Add Makefile targets for installing shell completions - `stg rebase --interactive` learns 'hide' instruction ### Changed - Picked patch names are preserved when possible (#175) - Replace `--unapplied` option with `--noapply` for `stg pick` (#174) - `stg pick --noapply` no longer reverses patch order (#174) - Use `stg version` uses `sys.executable` to get Python version. ### Fixed - Repair `stg repair` with amended first patch (#163) - Repair corner cases where invalid patchnames could be generated by `stg new`, `stg uncommit`, etc. (#176) - `stg mail` could crash due to a misspelled reference (#178) - Zsh completion for `stg refresh -p` now completes against all patches (not just applied patches). - Zsh gains missing completion for `stg push --noapply` - Minor repair to help for `stg float --noapply` and `stg push --noapply` - Restore `stg sink --nopush` capability. ## [1.4] 2021-10-27 ### Removed - Python 3.5, which became EOL 2020-09-13, support is deprecated and will be removed in a future StGit release - Python 3.6, which will be EOL 2021-12-23, support is deprecated and will be removed in a future StGit release ### Added - The new `stg import --message-id` option causes the Message-ID from imported emails to be included as the Message-Id trailer in the patch description (#42) - The new 'stgit.import.message-id' config option also enables the Message-Id trailer (#42) ### Changed - `stg import` no longer creates "Message-Id" trailer by default when importing patches from email (#42) - StGit works with Python 3.10 - `stg version` prints a more abbreviated Python version - `stg commit` will no longer commit empty patches by default; the `--allow-empty` option may be used to override this behavior (#158) - The `stgit.main.main()` function now takes an argv parameter and returns an int return code in most cases instead of calling sys.exit(), thus making main() a bit easier to use as an API. ### Fixed - Repair stack upgrade with `stg branch --list` (#155) - Repair crash in `stg squash` with out of order patches and no name specified (#157) - Zsh completions learn `stg float --noapply` option - Zsh completion for `stg sink` now allows multiple patches ## [1.3] 2021-09-26 ### Removed ### Added ### Changed ### Fixed - Repair crash regression when using `stgit.autosign` ## [1.2] 2021-09-26 ### Removed ### Deprecated - Python 3.5, which became EOL 2020-09-13, support is deprecated and will be removed in a future StGit release - Python 3.6, which will be EOL 2021-12-23, support is deprecated and will be removed in a future StGit release ### Added - `stg rebase ` learns `--interactive`; easily re-order, edit, squash, fixup, or delete patches via your editor - `stg rebase` learns `--autostash`; stash changes before the rebase and apply them after. Also configurable with the `stgit.autostash` configuration option - `stg edit` can now rename patches (#119) - `stg edit` gains helpful instructions (#138) - `stg new` learns `--verbose`, which includes a diff in the editor window (similar to `git commit --verbose`). This behavior is also configurable with the `stgit.new.verbose` configuration option - `stg push` and `stg float` learn `--noapply` option; allows patches to be reordered without updating worktree and deferring merge conflict resolution (#144) - `stg edit`, `stg refresh`, and `stg new` learn the `--sign-by`, `--ack-by`, and `--review-by` options which allow those respective trailers' values to be specified by the user on the command line (#92) ### Changed - Stack metadata version 5; stack metadata is moved from `refs/heads/<branch>.stgit` to `refs/stacks/<branch>` and the stack metadata file now uses a JSON format instead of the prior custom format; the stack metadata will be upgraded to v5 on first use of this version of StGit; like all stack metadata upgrades, **this is a one-way auto-upgrade for existing stacks** (#65) - Use setuptools instead of distutils for packaging - No git or python version checks in setup.py - Use different dynamic versioning system - Install `stg` executable as console_script entry point - More sophisticated search for bash.exe on Windows when running hooks - The editor window text for `stg squash` has been modified to mirror git's behavior -- the squash edit message now includes all commits (#71) - Binary diffs are no longer shown when with `stg edit -d` - Multiple trailers can now be added at once; this is now allowed, for example: `stg edit --sign --review --ack` - Update zsh completion for `stg rebase` to show local and remote heads (#102) - Zsh completions for commands with patch arguments now comprehend the effect of `-b/--branch` and `-B/--ref-branch` - Zsh completions now guard patch names--one less TAB press to complete patch names in certain contexts - `stg import` now extracts the `Message-ID` email header into the patch message (#42) ### Fixed - Repair crash when attempting to export empty patch (#112) - Exact command name matches are unambiguous (#110) - Exiting with an empty `stg edit` editor will now abort the edit; previously it would delete your commit message. (#138) - Repair completions when stg.series.description is enabled in config - Workaround child process reaping race on Windows (#78) - Repair crash with `stg float --series` when bad patch name in series - Repair zsh completion for `stg float` to accept multiple patch names - Repair zsh completion for changed files, affecting `stg refresh` and `stg diff` ### Internal - Add link to coverage.io project to CONTRIBUTING.md - Set smart `exclude_lines` default for 'coverage' - Expanded test suite for `stg edit` - Add pkgtest.py script to help test StGit packaging - Cleanup .gitignore files ## [1.1] 2021-04-30 ### Removed ### Added - StGit GPG-signs patches when `commit.gpgsign` is set (#12) - Support `core.hooksPath` in git config - Add `-C` option for `stg import` and `stg fold` (#18) ### Changed - Allow importing mail and series from urls (#94) - `stg refresh --edit` may also use `--diff` and `--diff-opts` (#98) - `stg goto` allows sha1 of a patch instead of patch name (#93) ### Fixed - Repair hang in `stg pull -m`, `stg goto -m`, and `stg push -m` - Repair `stg mail` to show diffstat of whole series (#104) - Repair MANIFEST.in to include AUTHORS.md and README.md files ## [1.0] 2021-02-07 ### Removed - Drop support for Python < 3.5 - Remove previously deprecated `stg publish` command - Removed contrib scripts: `stg-swallow`, `stg-fold-files-from`, `stg-dispatch`, `stg-whatchanged`, and `stg-show-old` ### Added - The pre-commit hook is now run for `stg refresh` - New `--spill` option for `stg refresh` - Add stgit.series.description config option (#88) - Official support for Python versions up to 3.9 ### Changed - Stack metadata format 4. All metadata now kept in Git objects; no more stack state files in .git/patches. **A one-way auto-upgrade to format version 4 will occur when StGit commands are run on an existing StGit branch.** - Use `python3` in shebangs instead of `python` - `contrib/stgbashprompt.sh` is no longer executable - Internal docstrings now use reStructuredText instead of Epytext ### Fixed - Importing large patches is much, much faster (#66) - Other performance improvements when dealing with large patches - Repair diffstat when outside work tree root (#62) - Use encoded (string) environment variables on Windows (#79) - Fix `stg pull` when no upstream is configured (#83) - Fix `refresh` crash with path limiting and files added to index (#85) - Repair `new` with patchdescr.template crash (#87) - Repair `log` from worktree subdir with patches specified - Repair `import` allowing/generating duplicate patch names (#64) - Repair `mail --auto` to strip comments after addrs (#91) ## [0.23] 2020-06-12 ### Removed - Drop support for Python 3.3; Python 2 (2.6 and 2.7) remain deprecated, but supported for one last release - Tutorial is removed; it now exists as part of the website ### Deprecated - Python 2.x support is deprecated and will be removed in a future release ### Added - Support html5 output of docs from asciidoc - Add `--expose` option for `stg pick` to allow picked commit message to be customized ### Changed - Limit mail diffstat to 72 columns - Added pyproject.toml file for black configuration - Minimum Git version is 2.2.0 - Quote stg and subcommand in man page synopsis - Replaced RELEASENOTES with this CHANGELOG.md - Replaces Documentation/SubmittingPatches with CONTRIBUTING.md ### Fixed - Repair MANIFEST.in and generated source dist - Repair importing mail with ": " (colon space) in subject - Fix mail cover letter shortlog - Fix mail cover letter diffstat - `stg series` now only outputs colors when `isatty()` - Repair mail SSL check (#57) - Repair `stg mail` with both `-a` and `-e` options (#58) - Remove empty short-opt for `--no-submodules` of `stg refresh` - Repair build.py for Python 2 with explicit `flush()` - `stgit.refreshsubmodules` added to sample gitconfig ### Internal - Update docs build system from upstream Git docs - Use coverage contexts to map commands to covered lines - Improve mail tests - Use GitHub Actions instead of TravisCI - Format StGit source using black formatter ## [0.22] - 2020-03-02 ### Removed - Remove debian packaging; downstream Debian uses its own anyway ### Deprecated - Python 2.x support is deprecated and will be removed in the next StGit release - `stg publish` is deprecated and will be removed in the next StGit release ### Added - `stg import` has new --keep-cr option, like `git mailsplit` ### Changed - `stg new` now includes patch name in log message - `stg branch --rename` can now rename the current branch - `stg branch --create` now works even if the workspace is dirty, consistent with `git checkout` - `stg branch --description` now works on both regular and stgit branches - `stg edit --diff` now implies `--edit` - `stg refresh` and `stg edit` now reset the committer information, consistent with `stg push` - git notes are now preserved when patches are modified - Tutorial improvements - Many additional tests and test improvements - All stgit commands now use "new" git library infrastructure ### Fixed - `stg branch --create` inherits remote correctly from parent committish - Patch names are checked earlier to avoid inconsistent stack states - Improved commit data parsing and handling of non-UTF8 encodings - Repair git error messages when checking stgit version from outside a git repo ## [0.21] - 2019-10-28 ### Changed - Faster handling of large patches (#44) ### Fixed - Build reproducibility repairs (Thanks reproducible-builds.org team!) - Python can now be run with optimizations (`python -O`) - `stg log` now prints trailing newline - Improved command line option parsing for `stg log` ## [0.20] - 2019-10-04 ### Added - `stg patches -d` can now output colored diffs. - `stg publish --overwrite` allows branch to be overwritten instead of creating new commits. - `stg log --clear` deletes the stack's log history. Use with caution. - Fish shell completions for stg. - Zsh completions for stg. - `stg mail --domain` option overrides the host's domain in the message ID. ### Changed - Branch protection metadata now captured in config instead of .git/patches/<branch>protect file. This updates stgit's metadata format from v2 to v3. - `stg diff` no longer shows binary diffs by default. Use `-O--binary` or add `--binary` to stgit.diff-opts in config. - Diagnostic output is now routed to stderr instead of stdout. Diagnostic output is also now sent to stderr unconditionally, i.e. no more isatty() test (#35). - Converted to "new" lib infrastructure: `show`, `patches`, `diff`, `pick`, `pull`, `rebase`, and `fold`. ### Fixed - `stg show` detects conflicting --applied and --unapplied options. - `stg show --stat` now shows commit headers. - `stg patches --diff` now shows proper diff instead of `b'...'` repr of diff. - `stg diff --range` detects some invalid values (e.g. `-r ..`). - Date parsing is now more portable, only use platform specific `date` as last parsing option. Affects, e.g., `stg refresh --authdate`. - Repaired search path for templates to avoid looking in Python site-packages directory. - Ensure stdout and stderr are flushed. Rarely affected `stg diff`. - `stg repair` will now fail if extra command line arguments are provided. - Bash completions are now generated in a reproducible manner. - `stg edit --diff` on an empty patch no longer crashes. - `stg pick` no longer fails when picked commit has empty message (#39). - `stg rebase` no longer crashes when there are conflicts (#34). - `stg pick` no longer crashes if --name is not provided when picking a regular commit object. - Improved test coverage for: branch, diff, pick, sync, - New tests for: files, patches, fold, series - Portable use of iconv, sort, and sed in tests. - Linting using flake8 and isort. - All Python code now conforms to PEP-8. - Updated test infrastructure from git 2.20. - Parallel tests with coverage (`make -j4 coverage`) now works. - Documentation build is not included in code coverage. - Repaired log end messages when using `STGIT_SUBPROCESS_LOG=debug`. - Renamed "dunder" instance attributes to improve debugging. - Fail faster when patch name has slash ('/') (#24). ## [0.19] 2018-11-05 ### Changed - Python 3 support. StGit supports Python 2.6, 2.7, 3.3, 3.4, 3.5, 3.6, and 3.7. PyPy interpreters are also supported. - Submodules are now ignored when checking if working tree is clean. Submodules are also not included by default when refreshing a patch. - Config booleans are now parsed similarly to git-config. - `contrib/stgit.el` is now licenced with GPLv2. - Add continuous integration (travis-ci) and code coverage (coveralls) support. - Many new test cases were added. ### Fixed - Repair handling of emails with utf-8 bodies containing latin-1 characters. Also correctly decode email headers containing quoted encoded words. - StGit's version is now correct/available in the release archive. ## [0.18] 2017-08-14 ### Added - `commit-msg` hook support for easier integration with Gerrit, allowing a Change-Id line to be inserted in the commit message - `stg mail` improvements for 'Suggested-by:' tag and auto generation of Cc for the cover letter based on all tags in the series - `stg mail` bash completion for the --to, --cc and --bcc options based on the content of the [mail "alias"] section of Git configuration - `stg edit --review` option to add a 'Reviewed-by:' tag - `stg pop --spill` functionality to allow popping a patch from the stack while keeping its modification in the tree ### Changed - Project page details updated (gna.org has been shut down) ### Fixed - Various fixes and test coverage improvements
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Jul 30, 2024
Upstream changes: ## 2024 05 11 - The option --valign-signed-numbers, or -vsn is now the default. It was introduced in the previous release has been found to significantly improve the overall appearance of columns of signed and unsigned numbers. See the previous Change Log entry for an example. This will change the formatting in scripts with columns of vertically aligned signed and unsigned numbers. Use -nvsn to turn this option off and avoid this change. - Previously, a line break was made before a short concatenated terminal quoted string, such as "\n", if the previous line had a greater starting indentation. The break is now placed after the short quote. This keeps code a little more compact. For example: # old rule: break before "\n" here because '$name' has more indentation: my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; # new rule: break after a short terminal quote like "\n" for compactness; my $html = $this->SUPER::genObject( $query, $bindNode, $field . ":$var", $name, "remove", "UNCHECKED" ) . "\n"; - The option --delete-repeated-commas is now the default. It makes the following checks and changes: - Repeated commas like ',,' are removed with a warning - Repeated fat commas like '=> =>' are removed with a warning - The combination '=>,' produces a warning but is not changed These warnings are only output if --warning-output, or -w, is set. Use --nodelete-repeated-commas, or -ndrc, to retain repeated commas. - The operator ``**=`` now has spaces on both sides by default. Previously, there was no space on the left. This change makes its spacing the same as all other assignment operators. The previous behavior can be obtained with the parameter setting -nwls='**='. - The option --file-size-order, or -fso is now the default. When perltidy is given a list of multiple filenames to process, they are sorted by size and processed in order of increasing size. This can significantly reduce memory usage by Perl. This option has always been used in testing, where typically several jobs each operating on thousands of filenames are running at the same time and competing for system resources. If this option is not wanted for some reason, it can be deactivated with -nfso. - In the option --dump-block-summary, the number of sub arguments indicated for each sub now includes any leading object variable passed with an arrow-operator call. Previously the count would have been decreased by one in this case. This change is needed for compatibility with future updates. - Fix issue git #138 involving -xlp (--extended-line-up-parentheses). When multiple-line quotes and regexes have long secondary lines, these line lengths could influencing some spacing and indentation, but they should not have since perltidy has no control over their indentation. This has been fixed. This will mainly influence code which uses -xlp and has long multi-line quotes. - Add option --minimize-continuation-indentation, -mci (see git #137). This flag allows perltidy to remove continuation indentation in some special cases where it is not really unnecessary. For a simple example, the default formatting for the following snippet is: # perltidy -nmci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); The second and third lines are one level deep in a container, and are also statement continuations, so they get indented by the sum of the -i value and the -ci value. If this flag is set, the indentation is reduced by -ci spaces, giving # perltidy -mci $self->blurt( "Error: No INPUT definition for type '$type', typekind '" . $type->xstype . "' found" ); This situation is relatively rare except in code which has long quoted strings and the -nolq flag is also set. This flag is currently off by default, but it could become the default in a future version. - Add options --dump-mismatched-args (or -dma) and --warn-mismatched-arg (or -wma). These options look for and report instances where the number of args expected by a sub appear to differ from the number passed to the sub. The -dump version writes the results for a single file to standard output and exits: perltidy -dma somefile.pl >results.txt The -warn version formats as normal but reports any issues as warnings in the error file: perltidy -wma somefile.pl The -warn version may be customized with the following additional parameters if necessary to avoid needless warnings: --warn-mismatched-arg-types=s (or -wmat=s), --warn-mismatched-arg-exclusion-list=s (or -wmaxl=s), and --warn-mismatched-arg-undercount-cutoff=n (or -wmauc=n). --warn-mismatched-arg-overcount-cutoff=n (or -wmaoc=n). These are explained in the manual. - Add option --valign-wide-equals, or -vwe, for issue git #135. Setting this parameter causes the following assignment operators = **= += *= &= <<= &&= -= /= |= >>= ||= //= .= %= ^= x= to be aligned vertically with the ending = all aligned. For example, here is the default formatting of a snippet of code: $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; And here is the same code formatted with -vwe: # perltidy -vwe $str .= SPACE x $total_pad_count; $str_len += $total_pad_count; $total_pad_count = 0; $str .= $rfields->[$j]; $str_len += $rfield_lengths->[$j]; This option currently is off by default to avoid changing existing formatting. - Added control --delete-interbracket-arrows, or -dia, to delete optional hash ref and array ref arrows between brackets as in the following expression (see git #131) return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; # perltidy -dia gives: return $self->{'commandline'}{'arg_list'}[0][0]{'hostgroups'}; Added the opposite control --aia-interbracket-arrows, or -aia, to add arrows. So applied to the previous line the arrows are restored: # perltidy -aia return $self->{'commandline'}->{'arg_list'}->[0]->[0]->{'hostgroups'}; The manual describes additional controls for adding and deleting just selected interbracket arrows.
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Sep 19, 2024
This is a point release intended to clear up a couple of CVEs and apply point fixes that have been accumulating since 5.2.1 There are a few unresolved (but minor) memory leaks related to design issues in the API that still need to be resolved. Expect those fixes in the next release. Code Fixes ---------- * Fixes for CVE-2023-48161, CVE-2022-28506, * Address SF issue #138 Documentation for obsolete utilities still installed * Address SF issue #139: Typo in "LZW image data" page ("110_2 = 4_10") * Address SF issue #140: Typo in "LZW image data" page ("LWZ") * Address SF issue #141: Typo in "Bits and bytes" page ("filed") * Note as already fixed SF issue #143: cannot compile under mingw * Address SF issue #144: giflib-5.2.1 cannot be build on windows and other platforms using c89 * Address SF issue #145: Remove manual pages installation for binaries that are not installed too * Address SF issue #146: [PATCH] Limit installed man pages to binaries, move giflib to section 7 * Address SF issue #147 [PATCH] Fixes to doc/whatsinagif/ content * Address SF issue #148: heap Out of Bound Read in gif2rgb.c:298 DumpScreen2RGB * Declared no-info on SF issue #150: There is a denial of service vulnerability in GIFLIB 5.2.1 * Declared Won't-fix on SF issue 149: Out of source builds no longer possible * Address SF issue #151: A heap-buffer-overflow in gif2rgb.c:294:45 * Address SF issue #152: Fix some typos on the html documentation and man pages * Address SF issue #153: Fix segmentation faults due to non correct checking for args * Address SF issue #154: Recover the giffilter manual page * Address SF issue #155: Add gifsponge docs * Address SF issue #157: An OutofMemory-Exception or Memory Leak in gif2rgb * Address SF issue #158: There is a null pointer problem in gif2rgb * Address SF issue #159 A heap-buffer-overflow in GIFLIB5.2.1 DumpScreen2RGB() in gif2rgb.c:298:45 * Address SF issue #163: detected memory leaks in openbsd_reallocarray giflib/openbsd-reallocarray.c * Address SF issue #164: detected memory leaks in GifMakeMapObject giflib/gifalloc.c * Address SF issue #166: a read zero page leads segment fault in getarg.c and memory leaks in gif2rgb.c and gifmalloc.c * Address SF issue #167: Heap-Buffer Overflow during Image Saving in DumpScreen2RGB Function at Line 321 of gif2rgb.c
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 17, 2024
### 1.8.0 (2024-10-17) * All: Drop support for Python 2 and <3.6, removing compatibility code. * All: Use stdlib unittest.mock instead of mock package. * All: Removed usage of path.py and path in favour of pathlib. #174 #224 * pytest-devpi-server: Run devpi-init for initialisation. #179 * pytest-server-fixtures: BREAKING CHANGE: Removed RethinkDB support, as the project is no longer maintained. * pytest-server-fixtures: Allowed passing through HTTP headers to the server. #149 * pytest-server-fixtures: Fixed threading log debug messages. #146 * pytest-server-fixtures: Removed usage of deprecated Thread.setDaemon. #202 * pytest-server-fixtures: Explicitly close initial Mongo client. #198 * pytest-server-fixtures: Don't use context manager for CREATE DATABASE #186 * pytest-shutil: Removed contextlib2 requirement. #144 * pytest-shutil: Fixed forcing color through termcolor. #217 * pytest-shutil: Replaced deprecated imp module #219 * pytest-profiling: Added support to hide/show the full path of file. #95 * pytest-profiling: Fixed SVG file generation on Windows. #93 * pytest-profiling: Remove pinning of more-itertools. #194 * pytest-profiling: Add support to define element number for print_stats() #96 * pytest-profiling: Fix mock in test_writes_summary #223 * pytest-virtualenv: Modernised package. #188 #185 #182 #163 * pytest-virtualenv: Fixed virtualenv creation on Windows. #142 * pytest-virtualenv: Added delete_workspace parameter to VirtualEnv. #195 * pytest-virtualenv: Removed extras_require. #240 * ci: Remove usage of deprecated distutils. #189 * ci: Disabled jenkins server tests on CircleCI to improve build time. * ci: Fixed `collections` import for py 3.11 compatibility #222 ### 1.7.1 (2019-05-28) * pytest-profiling: Fix pytest-profiling to profile fixtures. #48 * pytest-devpi-server: Fixed Python 3.4 support updating "ruamel.yaml" requirements. #138 * ci: Added PYTEST_DONT_REWRITE in order to suppress module already imported. #123
netbsd-srcmastr
pushed a commit
that referenced
this pull request
Oct 21, 2024
1.8.2 (2024-09-24) What's Changed * Drop commented-out line by @olleolleolle in #108 * Add Ruby 3.1 & 3.2 to CI matrix by @tricknotes in #109 * Fix/redos by @ooooooo-q in #114 * Raise HTTPStatus::BadRequest for requests with invalid/duplicate content-length headers by @jeremyevans in #120 * Bump actions/checkout from 3 to 4 by @dependabot in #121 * Improve CI by @hsbt in #123 * Fix WEBrick::TestFileHandler#test_short_filename test not working on mswin by @KJTsanaktsidis in #128 * Fix bug chunk extension detection by @jeremyevans in #125 * Fix CI. by @ioquatix in #131 * Merge multiple cookie headers, preserving semantic correctness. by @ioquatix in #130 * Test on macos-latest by @byroot in #132 * Require CRLF line endings in request line and headers by @jeremyevans in #138 * Prefer squigly heredocs. by @ioquatix in #143 * Only strip space and horizontal tab in headers by @jeremyevans in #141 * Treat missing CRLF separator after headers as an EOFError by @jeremyevans in #142 * Return 400 response for chunked requests with unexpected data after chunk by @jeremyevans in #136 * Fix reference to URI::REGEXP::PATTERN::HOST by @casperisfine in #144 * Prevent request smuggling by @jeremyevans in #146 New Contributors * @tricknotes made their first contribution in #109 * @ooooooo-q made their first contribution in #114 * @KJTsanaktsidis made their first contribution in #128 * @byroot made their first contribution in #132 * @casperisfine made their first contribution in #144
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fix for python-bugzilla/python-bugzilla#187
Also included in openSUSE:
https://build.opensuse.org/projects/devel:languages:python/packages/python-bugzilla/files/188-fix-api-key-leak.diff
Ref: pkg/58213