summaryrefslogtreecommitdiffstats
path: root/meta/recipes-devtools/python
Commit message (Collapse)AuthorAgeFilesLines
* python3-jinja2: upgrade 3.1.4 -> 3.1.6Soumya Sambu2025-04-281-1/+4
| | | | | | | | | | | | | Includes fix for - CVE-2024-56326, CVE-2025-27516, CVE-2024-56201 Changelog: https://github.com/pallets/jinja/blob/3.1.6/CHANGES.rst https://github.com/pallets/jinja/blob/3.1.5/CHANGES.rst (From OE-Core rev: a935ef8f205c9510ebc5539c133960bc72504902) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-setuptools-scm: respect GIT_CEILING_DIRECTORIESEtienne Cordonnier2025-02-282-0/+37
| | | | | | | | | | | | | | | | | | | | | | | | | Fixes https://bugzilla.yoctoproject.org/show_bug.cgi?id=15740 python3-setuptools-scm was ignoring GIT_CEILING_DIRECTORIES which is set by poky, and it was thus finding a wrong value of "toplevel" in ./src/setuptools_scm/_file_finders/git.py The code is supposed to generate the list of files contained in python3-setuptools-scm, but it was instead running "git archive" on whatever git repository was above the build directory, because the tarball containing the sources of python3-setuptools-scm does not contain a .git directory. This is barely noticeable when building as a subdirectory of poky which is only 48MB, but this was causing serious slowdowns of python3-setuptools-scm:do_compile when building inside a big git repository with files tracked using git-lfs (50 minutes in my use-case). Reported upstream as https://github.com/pypa/setuptools-scm/issues/1103 (From OE-Core rev: 4ebe72477484cf68165b6f736ce10373e97d0e6d) (From OE-Core rev: 369eebad4f38c3641be73dbc0490c87636e0912d) Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.8 -> 3.12.9Peter Marko2025-02-148-13/+67
| | | | | | | | | | | | | | | Release notes: https://docs.python.org/release/3.12.9/whatsnew/changelog.html#python-3-12-9 Solves CVE-2025-0938, CVE-2024-12254 and 3 other vulnerabilities without CVE number assigment. Add a patch to fix failure of a new test. (From OE-Core rev: 685b2719ae9b44c238e63942efabe52e5df7d640) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-requests: upgrade 2.32.0 -> 2.32.3Soumya Sambu2025-01-091-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Changelog: https://requests.readthedocs.io/en/latest/community/updates/#release-history 2.32.3 (2024-05-29) * Bugfixes - Fixed bug breaking the ability to specify custom SSLContexts in sub-classes of HTTPAdapter. (#6716) * Fixed issue where Requests started failing to run on Python versions compiled without the ssl module. (#6724) 2.32.2 (2024-05-21) * Deprecations - To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we’ve renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0. * A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710) 2.32.1 (2024-05-20) * Bugfixes - Add missing test certs to the sdist distributed on PyPI. https://github.com/psf/requests/compare/v2.32.0...v2.32.3 Also transition to using python_setuptools_build_meta. (From OE-Core rev: e1787271b07c605df2843d82d65e1c3d2e2114e6) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.7 -> 3.12.8Guðni Már Gilbert2025-01-0923-53/+53
| | | | | | | | | | Changelog: https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8 (From OE-Core rev: db5081254adacf6c87269fd43af7199267ad535c) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.6 -> 3.12.7Guðni Már Gilbert2025-01-0923-87/+65
| | | | | | | | | | Changelog: https://docs.python.org/release/3.12.7/whatsnew/changelog.html#python-3-12-7 (From OE-Core rev: 197048667f69ed559baf54831eb7b1606320f3e8) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: add dependency on -compression to -coreRoss Burton2024-12-231-1/+1
| | | | | | | | | | | | | | | | importlib.metadata is part of -core, but that will import zipfile which is part of -compression. Obviously this shows that our packaging of the Python modules is not optimal. I plan to follow up with a redesign of the splitting which focuses on simply pulling out the larger or esoteric modules and having a more featureful core. (From OE-Core rev: 05166eafb99cf8c7adb6879277069ab384a2f8df) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Drop empty patchKhem Raj2024-12-232-27/+0
| | | | | | | | | | | The fix brought by this patch is already part of python 3.12.3 therefore drop it. (From OE-Core rev: 555623d2378138fdcfae95c04e06ba384cebab5b) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-poetry-core: drop python3-six from RDEPENDSGuðni Már Gilbert2024-12-131-1/+0
| | | | | | | | | | | | | | | | Looking at the history, python3-six was removed as a dependency in the poetry.lock file in v1.5.2 Even before v1.5.2 and until now (v1.9.1) there is no code in the package which imports the six module. So it can be safely dropped from the recipe. (From OE-Core rev: 09378088bba46b6e505f69381496da0ecd0ecf2c) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-requests: upgrade 2.32.1 -> 2.32.2Soumya Sambu2024-12-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | https://requests.readthedocs.io/en/latest/community/updates/#id2 2.32.2 (2024-05-21) * Deprecations - To provide a more stable migration for custom HTTPAdapters impacted by the CVE changes in 2.32.0, we’ve renamed _get_connection to a new public API, get_connection_with_tls_context. Existing custom HTTPAdapters will need to migrate their code to use this new API. get_connection is considered deprecated in all versions of Requests>=2.32.0. * A minimal (2-line) example has been provided in the linked PR to ease migration, but we strongly urge users to evaluate if their custom adapter is subject to the same issue described in CVE-2024-35195. (#6710) https://github.com/psf/requests/compare/v2.32.1...v2.32.2 (From OE-Core rev: 5b420f3526729809f11b187f48469a7a86d6a93a) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-urllib3: upgrade 2.2.1 -> 2.2.2Trevor Gamblin2024-12-061-1/+1
| | | | | | | | | | | | (From OE-Core rev: 32fdd5673c25084af4ba295b271455cd92ca09d5) (From OE-Core rev: ee42ec7146a7c3ceb25c1e0f5afee93849cf9143) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-zipp: fix CVE-2024-5569Jiaying Song2024-12-062-0/+139
| | | | | | | | | | | | | | | | | | | | | | | | | | | | A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinite loop. This issue also impacts the zipfile module of CPython, as features from the third-party zipp library are later merged into CPython, and the affected code is identical in both projects. The infinite loop can be initiated through the use of functions affecting the `Path` module in both zipp and zipfile, such as `joinpath`, the overloaded division operator, and `iterdir`. Although the infinite loop is not resource exhaustive, it prevents the application from responding. The vulnerability was addressed in version 3.19.1 of jaraco/zipp. References: https://nvd.nist.gov/vuln/detail/CVE-2024-5569 Upstream patches: https://github.com/jaraco/zipp/pull/120/commits/79a309fe54dc6b7934fb72e9f31bcb58f2e9f547 https://github.com/jaraco/zipp/pull/120/commits/564fcc10cdbfdaecdb33688e149827465931c9e0 https://github.com/jaraco/zipp/pull/120/commits/58115d2be968644ce71ce6bcc9b79826c82a1806 https://github.com/jaraco/zipp/pull/120/commits/c18417ed2953e181728a7dac07bff88a2190abf7 (From OE-Core rev: ec77cfe12f0790c7e3cf2d9bf00e47b4c653997c) Signed-off-by: Jiaying Song <jiaying.song.cn@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-lxml=v5.0.2Martin Jansa2024-11-091-2/+1
| | | | | | | | | | | | | | | | * minor upgrade to fix building with gcc-14 on host * contains 31 commits: https://github.com/lxml/lxml/compare/lxml-5.0.0...lxml-5.0.2 the important one for gcc-14 is: https://github.com/lxml/lxml/commit/663041a56a075a8fa1e6ca13ba4c6d1de7043ac2 * https://bugs.launchpad.net/lxml/+bug/2045435 * https://bugs.gentoo.org/917562 (From OE-Core rev: baa0ba7084533907c0735dcb58b4432e0b3072df) Signed-off-by: Martin Jansa <martin.jansa@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-setuptools: Add "python:setuptools" to CVE_PRODUCTShunsuke Tokumoto2024-10-301-0/+2
| | | | | | | | | | | | | | | Since there are vulnerabilities that cannot be detected by the existing CVE_PRODUCT, add "python:setuptools" to CVE_PRODUCT. https://nvd.nist.gov/vuln/detail/CVE-2013-1633 https://nvd.nist.gov/vuln/detail/CVE-2022-40897 (From OE-Core rev: 85b61bf9cefc024faefa083c37ce88ba9c7355e1) Signed-off-by: Shunsuke Tokumoto <s-tokumoto@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit aa1c8d97efc6640a1cffa2459d9b20ad1f7309b0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Upgrade 3.12.5 -> 3.12.6Peter Marko2024-09-254-285/+9
| | | | | | | | | | | | | | | | | | | | | Includes security fixes for CVE-2024-7592, CVE-2024-8088, CVE-2024-6232, CVE-2023-27043 and other bug fixes. Removed below patches, as the fix is included in 3.12.6 upgrade: 1. CVE-2024-7592.patch 2. CVE-2024-8088.patch Release Notes: https://www.python.org/downloads/release/python-3126/ (From OE-Core rev: aa492b1fd5973c37b8fa2cd17d28199eba46afcc) (From OE-Core rev: 6688a8ff2e1cbf6ad8ebd1b89ec6c929caf6a161) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: skip readline limited history testsTrevor Gamblin2024-09-252-0/+42
| | | | | | | | | | | | | | | | | Python 3.12.5 is failing a newer ptest for reading/writing limited history when editline (default) is set in PACKAGECONFIG. Skip it for now until a proper fix (if any) is determined. A bug has been opened upstream: https://github.com/python/cpython/issues/123018 (From OE-Core rev: de569ddffd5ea36b70c56df21dec9c892e5dee7d) (From OE-Core rev: 98b3a3e3f79a3edaa4cf2cfbf58eb84553d65e1e) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.4 -> 3.12.5Trevor Gamblin2024-09-251-1/+1
| | | | | | | | | | | | | | Changelog: https://docs.python.org/release/3.12.5/whatsnew/changelog.html (From OE-Core rev: d9e2ebd6b24b802d1d4cd38b3b910e068c308809) (From OE-Core rev: ae0e8f6932359959535e901e64bdb47189de14cd) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-maturin: Fix cross compilation issue for armv7l, mips64, ppcNiko Mauno2024-09-196-0/+438
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When bitbaking python3-rpds-py it built extension module as: site-packages/rpds/rpds.cpython-312-armv7l-linux-gnueabihf.so Which caused error on target: root@qemuarm:~# python3 -c "from rpds import HashTrieMap, HashTrieSet, List" Traceback (most recent call last): File "<string>", line 1, in <module> File "/usr/lib/python3.12/site-packages/rpds/__init__.py", line 1, in <module> from .rpds import * ModuleNotFoundError: No module named 'rpds.rpds' Where as it should have been: site-packages/rpds/rpds.cpython-312-arm-linux-gnueabihf.so Associated upstream bug report: https://github.com/PyO3/maturin/issues/2203 Associated upstream pull request: https://github.com/PyO3/maturin/pull/2204 Note - mitigation has not been tested with musl: https://github.com/PyO3/maturin/pull/2204#issuecomment-2323952320 (From OE-Core rev: 32a8a7379008cc6e367b7664c5b10b29f0bb8136) (From OE-Core rev: d2f73e3840c21997b918d1f1cfae965c618c1076) Signed-off-by: Vesa Jääskeläinen <vesa.jaaskelainen@vaisala.com> Signed-off-by: Niko Mauno <niko.mauno@vaisala.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Fix CVE-2024-8088Soumya Sambu2024-09-092-0/+129
| | | | | | | | | | | | | | | | | | | | | There is a HIGH severity vulnerability affecting the CPython "zipfile" module. When iterating over names of entries in a zip archive (for example, methodsof "zipfile.ZipFile" like "namelist()", "iterdir()", "extractall()", etc) the process can be put into an infinite loop with a maliciously crafted zip archive. This defect applies when reading only metadata or extracting the contents of the zip archive. Programs that are not handling user-controlled zip archives are not affected. References: https://nvd.nist.gov/vuln/detail/CVE-2024-8088 Upstream-Patch: https://github.com/corydolphin/flask-cors/commit/7ae310c56ac30e0b94fb42129aa377bf633256ec (From OE-Core rev: 2d98276ba70ed6c44afecd42a7352f1b3030438f) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Fix CVE-2024-7592Soumya Sambu2024-09-092-0/+144
| | | | | | | | | | | | | | | | | | | There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. References: https://nvd.nist.gov/vuln/detail/CVE-2024-7592 Upstream-Patch: https://github.com/python/cpython/commit/dcc3eaef98cd94d6cb6cb0f44bd1c903d04f33b1 (From OE-Core rev: 3bb9684eef5227e7b1280ee9051884310b0d0b7f) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-setuptools: Fix CVE-2024-6345Soumya Sambu2024-09-092-1/+315
| | | | | | | | | | | | | | | | | | | A vulnerability in the package_index module of pypa/setuptools versions up to 69.1.1 allows for remote code execution via its download functions. These functions, which are used to download packages from URLs provided by users or retrieved from package index servers, are susceptible to code injection. If these functions are exposed to user-controlled inputs, such as package URLs, they can execute arbitrary commands on the system. The issue is fixed in version 70.0. References: https://nvd.nist.gov/vuln/detail/CVE-2024-6345 Upstream-patch: https://github.com/pypa/setuptools/commit/88807c7062788254f654ea8c03427adc859321f0 (From OE-Core rev: 468c5a4e12b9d38768b00151c55fd27b2b504f3b) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-pycryptodome(x): use python_setuptools_build_meta build classRoss Burton2024-08-192-2/+2
| | | | | | | | | | | This package can be built using pep517 classes now. (From OE-Core rev: a9ac262d9dbc57be6ac5c8905c803009e5c4ef4e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit a32fa3e64d1daf5846c29403e9f258aea42212d3) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-certifi: Fix CVE-2024-39689Soumya Sambu2024-08-192-0/+72
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues."Certifi is a curated collection of Root Certificates for validating the trustworthiness of SSL certificates while verifying the identity of TLS hosts. Certifi starting in 2021.05.30 and prior to 2024.07.4 recognized root certificates from `GLOBALTRUST`. Certifi 2024.07.04 removes root certificates from `GLOBALTRUST` from the root store. These are in the process of being removed from Mozilla's trust store. `GLOBALTRUST`'s root certificates are being removed pursuant to an investigation which identified "long-running and unresolved compliance issues." References: https://nvd.nist.gov/vuln/detail/CVE-2024-39689 Upstream-patch: https://github.com/certifi/python-certifi/commit/bd8153872e9c6fc98f4023df9c2deaffea2fa463 (From OE-Core rev: 2ec1ba32a23611484e5d3819008bbab85336ae20) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-attrs: drop python3-ctypes from RDEPENDSGuðni Már Gilbert2024-08-011-1/+0
| | | | | | | | | | | python3-ctypes was dropped as a dependency in v19.2.0 (From OE-Core rev: 48c43d2ff467c067d1518dc55d8d6da39bea159a) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 8d06116caf2382ad4782b9b2da50534d076a736d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: submit deterministic_imports.patch upstream as a ticketAlexander Kanavin2024-08-011-1/+1
| | | | | | | | | | (From OE-Core rev: eb3868d99ef2d5fa9fafc9cf947209d81ab5f11f) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit d77511cc9add70857e4a9d7237b23d7d6ae14e98) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: skip test_multiprocessing/test_active_children testTrevor Gamblin2024-08-012-0/+31
| | | | | | | | | | | This test is causing problems on the Autobuilder, so disable it for now. (From OE-Core rev: 9eafd0c56b279a7c3025b0dcd00745baead15bb6) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ac000b00ec615b3e51dda8d819015d5e7110ed88) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: skip test_concurrent_futures/test_deadlockTrevor Gamblin2024-08-012-0/+31
| | | | | | | | | | | | These tests are causing hangs on the Autobuilder, so disable them for now. (From OE-Core rev: 141c348ce83552beae88e115d9c4db5802c6e0f4) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 291f37808f1a2b2fdc8190696867f974994457c0) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: Treat UID/GID overflow as failureKhem Raj2024-08-012-0/+41
| | | | | | | | | | | | | | | | | | | | | | | This fixes ptest failures on 32bit architectures AssertionError: Failed ptests: {'python3': ['test_extractall_none_gid', 'test_extractall_none_gname', 'test_extractall_none_mode', 'test_extractall_none_mtime', 'test_extractall_none_uid', 'test_extractall_none_uname', 'setUpClass', 'python3']} (From OE-Core rev: 371124fa4bf1a255a4fc646b028398db8c9f3681) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 43104b547cb79693c83df0882773ae8dd74b1d35) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-idna: upgrade 3.6 -> 3.7Soumya Sambu2024-08-011-2/+2
| | | | | | | | | | | | | | License-Update: Updated copyright year Changelog: ========== * Fix issue where specially crafted inputs to encode() could take exceptionally long amount of time to process. [CVE-2024-3651] (From OE-Core rev: b6f8938c8048d08e29233fa29f5104b044353cf7) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-pyopenssl: drop python3-six from RDEPENDSGuðni Már Gilbert2024-07-091-1/+0
| | | | | | | | | | | | | Python 2.7 support was dropped in version 22.0.0 python3-six was dropped as a dependency in 22.0.0 (From OE-Core rev: d7ad0495c543ec952817860595c047e5e4263978) Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 6eab37a0cdcc6071f79aa5c8198df0b2ba23dd7a) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-bcrypt: drop python3-six from RDEPENDSGuðni Már Gilbert2024-07-091-1/+0
| | | | | | | | | | | | | Python 2.7 support was dropped in version 3.2.0 and python3-six dependency was subsequently dropped in version 3.2.1 (From OE-Core rev: 214d41b73d235176123fd78143747845aa9c951e) Signed-off-by: Guðni Már Gilbert <gudnimar@noxmedical.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 50757cc95b3062f11a7455af33e7a7e74ea1d0f7) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-setuptools: drop python3-2to3 from RDEPENDSGuðni Már Gilbert2024-07-091-1/+0
| | | | | | | | | | 2to3 module was dropped as a dependency in setuptools 58.0 (From OE-Core rev: 0d5cd1d867a826cf83fcaee3e8390b9defec47d1) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-requests: cleanup RDEPENDSGuðni Már Gilbert2024-07-091-4/+2
| | | | | | | | | | | | | | | | | | Drop the following dependencies from RDEPENDS: - python3-ndg-httpsclient - python3-pyasn1 - python3-pyopenssl Add a missing dependency into RDEPENDS: - python3-certifi Additional fix HOMEPAGE, the old link doesn't work (From OE-Core rev: 3d9072c346bf7bdeecd6197df8b14e39399bdabd) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3-jinja2: Upgrade 3.1.3 -> 3.1.4Richard Purdie2024-07-091-4/+4
| | | | | | | | | | | | | | | Switch to use flit core since upstream changed. They also changed the capitalisation under pypi. The license didn't change but the file was renamed, probably as it wasn't rst. (From OE-Core rev: ac35432687624ad58ff6586446e5e73710658a68) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit e352680528b18c3cdae26233bef7cddc2771d42d) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.3 -> 3.12.4Trevor Gamblin2024-07-031-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This release contains numerous security updates and fixes to regressions. Changelog: https://docs.python.org/release/3.12.4/whatsnew/changelog.html#python-3-12-4-final Results of ptests in core-image-ptest-python3 (qemux86-64): == Tests result: SUCCESS == 26 tests skipped: test.test_asyncio.test_windows_events test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full test.test_gdb.test_misc test.test_gdb.test_pretty_print test_asdl_parser test_clinic test_devpoll test_idle test_ioctl test_kqueue test_launcher test_msilib test_startfile test_tcl test_tix test_tkinter test_ttk test_ttk_textonly test_turtle test_winapi test_winconsoleio test_winreg test_wmi 9 tests skipped (resource denied): test_curses test_ossaudiodev test_smtpnet test_socketserver test_urllib2net test_urllibnet test_winsound test_xmlrpc_net test_zipfile64 454 tests OK. Total duration: 2 min 45 sec Total tests: run=41,470 skipped=1,548 Total test files: run=480/489 skipped=26 resource_denied=9 Result: SUCCESS DURATION: 165 END: /usr/lib/python3/ptest 2024-06-10T17:03 STOP: ptest-runner TOTAL: 1 FAIL: 0 (From OE-Core rev: 621b0298e1829a86002ebb57d99850907e775b43) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 012aeee398af4d4cce4012f71007cfb31266dd6c) Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: skip test_concurrent_futures/test_shutdownTrevor Gamblin2024-05-092-0/+47
| | | | | | | | | | These tests are causing hangs on the Autobuilder, so disable them for now. (From OE-Core rev: e3b4a05f19e3ba8f84b5d892b787e67bef565e48) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>
* python3: upgrade 3.12.2 -> 3.12.3Trevor Gamblin2024-04-142-57/+1
| | | | | | | | | | | | | | | | | | | Remove the following patch: 0001-gh-115133-Fix-tests-for-XMLPullParser-with-Expat-2.6.patch Which a different fix was submitted for in: c4fa79b924 [3.12] gh-115133: Fix tests for XMLPullParser with Expat 2.6.0 (GH-115164) (GH-115288) See: https://github.com/python/cpython/pull/115288 (related to CVE-2023-52425) Changelog: https://docs.python.org/3/whatsnew/changelog.html#python-3-12-3-final (From OE-Core rev: 4122d8f6ecf6957de7a34fc51beffcd8e808911f) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-testtools: Fix build problems from incorrect build backendRichard Purdie2024-04-142-29/+19
| | | | | | | | | | | | | | | | | | | testtools uses the hatchling backend so: * merge the inc back into the recipe * drop setuptools * use the hatchling backend * add the needed vcs dependency * drop the now unneeded python3-pbr dependency This means the submodules are included in packaging, fixing build failures and the verison in the wheel is no longer 0.0.0 Prior to this fix, testtools in buildtools tarball was completely broken. (From OE-Core rev: fe46107e6bf4880d97f03b5e55d722d64f922889) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-websockets: Import from meta-pythonRichard Purdie2024-04-141-0/+16
| | | | | | | | | For the newer hash equivlance servers we need websockets. Import it from meta-oe so we can easily include it in buildtools tarball. (From OE-Core rev: c61ed007b9e06683065aed62af1e1ca4569b8c16) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-referencing: drop ${PYTHON_PN}Justin Bronder2024-04-131-1/+1
| | | | | | | | | | python 2 is gone and we don't need the abstraction now, drop the remaining usage of this variable. (From OE-Core rev: f64078dd67b2d4db26edea5992f649161e7fee2f) Signed-off-by: Justin Bronder <jsbronder@cold-front.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jsonschema-specifications: drop ${PYTHON_PN}Justin Bronder2024-04-131-1/+1
| | | | | | | | | | python 2 is gone and we don't need the abstraction now, drop the remaining usage of this variable. (From OE-Core rev: 51c6501e7b255f3a699fea3b787abe1a5d8231dd) Signed-off-by: Justin Bronder <jsbronder@cold-front.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python-*: don't set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is sufficientRoss Burton2024-03-228-28/+11
| | | | | | | | | | There's no need to explicitly set PYPI_ARCHIVE_NAME and S when PYPI_PACKAGE is set correctly. (From OE-Core rev: e757a0595602dafcd95a988fb123a8fdb3d4d82b) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-manifest: Sync RDEPENDS with latest versionAlejandro Hernandez Samaniego2024-03-221-7/+2
| | | | | | | | | | | | | | | bitbake python3 -c create_manifest revealed several changes that were missing. This commit contains a manual cherry-picked version of those, making sure that new RDEPENDS are reflected since the last time this was updated. In this case its taking out unnecessary dependencies to python3-profile and python3-shell. (From OE-Core rev: 692013b9aa5106561afb4c6506661bab41d88461) Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandro@enedino.org> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3: correct upstream version checkAlexander Kanavin2024-03-201-1/+0
| | | | | | | | | | This only needs removal of the custom setting (which no longer produces a webpage suitable for parsing the version out), as the default SRC_URI is 'tarballs in versioned directoroies' setup, which the version checker is able to handle. (From OE-Core rev: d9fa89180fe497ce67493b8dec8452d87c05ccba) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-wcwidth: upgrade 0.2.12 -> 0.2.13Alexander Kanavin2024-03-071-2/+4
| | | | | | | (From OE-Core rev: 800f18b387463a96f3e0642a06f7c4ff5fe85da9) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-setuptools: upgrade 69.0.3 -> 69.1.1Alexander Kanavin2024-03-073-6/+4
| | | | | | | (From OE-Core rev: a953d88346d4ee93b5669c079586ae27d71552dc) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-ruamel-yaml: upgrade 0.17.35 -> 0.18.6Alexander Kanavin2024-03-071-2/+2
| | | | | | | | | License-Update: copyright years (From OE-Core rev: bc997c790cd2ccdfce8bf21021be6abe008ba46b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-jsonschema: upgrade 4.17.3 -> 4.21.1 and add new dependenciesAlexander Kanavin2024-03-075-1/+132
| | | | | | | (From OE-Core rev: 61401c6c82b4e717fcec3810dd9ee5ee61292696) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-dtschema: upgrade 2023.7 -> 2024.2Alexander Kanavin2024-03-071-2/+2
| | | | | | | (From OE-Core rev: 612be0f227d1d016ea05c78facae2fe0d08e8081) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* python3-build: upgrade 1.0.3 -> 1.1.1Alexander Kanavin2024-03-071-1/+1
| | | | | | | (From OE-Core rev: 8b4703d0a1866053979dd1500a7d6d8d3d6b853a) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2025-06-13 13:30:25 +0000