Bug#989216: marked as done (unblock: python-ddt/1.4.1-2.1)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sat, 29 May 2021 10:41:59 +0000
with message-id <E1lmwPn-0002IG-SS@respighi.debian.org>
and subject line unblock python-ddt
has caused the Debian Bug report #989216,
regarding unblock: python-ddt/1.4.1-2.1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
989216: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=989216
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: Debian Bug Tracking System <submit@bugs.debian.org>
• Subject: unblock: python-ddt/1.4.1-2.1
• From: Stefano Rivera <stefanor@debian.org>
• Date: Fri, 28 May 2021 20:18:29 -0400
• Message-id: <[🔎] 20210529001829.anhq6mp6myijqdar@haydn.kardiogramm.net>

Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
X-Debbugs-CC: Thomas Goirand <zigo@debian.org>

Please unblock package python-ddt

Changes:
 python-ddt (1.4.1-2.1) unstable; urgency=medium
 .
   * Non-maintainer upload.
   * Patch: Support pyyaml's security patch in 5.3.1-4 (from 5.4 upstream).
     (Closes: #989009)

[ Reason ]
Updated python-ddt to build-against pyyaml's recent security update
(#988926)

[ Impact ]
Fixes FTBFS with the new pyyaml.

[ Tests ]
The affected code is the test suite.

[ Risks ]
Change is from upstream, affecting only unit tests, so negligible.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock python-ddt/1.4.1-2.1

diff -Nru python-ddt-1.4.1/debian/changelog python-ddt-1.4.1/debian/changelog
--- python-ddt-1.4.1/debian/changelog	2020-10-14 04:11:28.000000000 -0400
+++ python-ddt-1.4.1/debian/changelog	2021-05-23 11:51:10.000000000 -0400
@@ -1,3 +1,11 @@
+python-ddt (1.4.1-2.1) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Patch: Support pyyaml's security patch in 5.3.1-4 (from 5.4 upstream).
+    (Closes: #989009)
+
+ -- Stefano Rivera <stefanor@debian.org>  Sun, 23 May 2021 11:51:10 -0400
+
 python-ddt (1.4.1-2) unstable; urgency=medium
 
   * Uploading to unstable.
diff -Nru python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch
--- python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch	1969-12-31 20:00:00.000000000 -0400
+++ python-ddt-1.4.1/debian/patches/pyyaml-unsafeloader.patch	2021-05-23 11:50:57.000000000 -0400
@@ -0,0 +1,56 @@
+From 97f0a2315736e50f1b34a015447cd751da66ecb6 Mon Sep 17 00:00:00 2001
+From: Dirk Mueller <dirk@dmllr.de>
+Date: Mon, 25 Jan 2021 22:49:04 +0100
+Subject: [PATCH] Use Yaml's UnsafeLoader for Python embedding tests
+
+In newer PyYAML versions the default FullLoader has
+python/object/* integration removed. One has to use
+UnsafeLoader instead. see this issue for details:
+
+https://github.com/yaml/pyyaml/issues/321
+Bug-Debian: https://bugs.debian.org/989009
+---
+ test/test_example.py    |  2 +-
+ test/test_functional.py | 10 +++++-----
+ 2 files changed, 6 insertions(+), 6 deletions(-)
+
+--- a/test/test_example.py
++++ b/test/test_example.py
+@@ -151,7 +151,7 @@
+ 
+     @ddt
+     class YamlOnlyTestCase(unittest.TestCase):
+-        @file_data('data/test_custom_yaml_loader.yaml', yaml.FullLoader)
++        @file_data('data/test_custom_yaml_loader.yaml', yaml.UnsafeLoader)
+         def test_custom_yaml_loader(self, instance, expected):
+             """Test with yaml tags to create specific classes to compare"""
+             self.assertEqual(expected, instance)
+--- a/test/test_functional.py
++++ b/test/test_functional.py
+@@ -427,7 +427,7 @@
+     loader allowing python tags is passed.
+     """
+ 
+-    from yaml import FullLoader
++    from yaml import UnsafeLoader
+     from yaml.constructor import ConstructorError
+ 
+     def str_to_type(class_name):
+@@ -444,13 +444,13 @@
+             raise AssertionError()
+ 
+     @ddt
+-    class YamlFullLoaderTest(object):
+-        @file_data('data/test_functional_custom_tags.yaml', FullLoader)
++    class YamlUnsafeLoaderTest(object):
++        @file_data('data/test_functional_custom_tags.yaml', UnsafeLoader)
+         def test_cls_is_instance(self, instance, expected):
+             assert isinstance(instance, str_to_type(expected))
+ 
+-    tests = list(filter(_is_test, YamlFullLoaderTest.__dict__))
+-    obj = YamlFullLoaderTest()
++    tests = list(filter(_is_test, YamlUnsafeLoaderTest.__dict__))
++    obj = YamlUnsafeLoaderTest()
+ 
+     if not tests:
+         raise AssertionError('No tests have been found.')
diff -Nru python-ddt-1.4.1/debian/patches/series python-ddt-1.4.1/debian/patches/series
--- python-ddt-1.4.1/debian/patches/series	1969-12-31 20:00:00.000000000 -0400
+++ python-ddt-1.4.1/debian/patches/series	2021-05-23 11:50:33.000000000 -0400
@@ -0,0 +1 @@
+pyyaml-unsafeloader.patch

--- End Message ---

--- Begin Message ---

• To: 989216-done@bugs.debian.org
• Subject: unblock python-ddt
• From: Sebastian Ramacher <sramacher@respighi.debian.org>
• Date: Sat, 29 May 2021 10:41:59 +0000
• Message-id: <E1lmwPn-0002IG-SS@respighi.debian.org>

Unblocked.

--- End Message ---