Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 29 Apr 2024 04:11:49 GMT
From:      Li-Wen Hsu <lwhsu@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-branches@FreeBSD.org
Subject:   git: 188a62cbfecb - 2024Q2 - devel/py-python-bugzilla: Fix for API key leak
Message-ID:  <202404290411.43T4BnYE026465@gitrepo.freebsd.org>
next in thread | raw e-mail | index | archive | help 
The branch 2024Q2 has been updated by lwhsu:

URL: https://cgit.FreeBSD.org/ports/commit/?id=188a62cbfecb9d70e4f6ab0ce419c681ffde80c1

commit 188a62cbfecb9d70e4f6ab0ce419c681ffde80c1
Author:     Ricardo Branco <rbranco@suse.de>
AuthorDate: 2024-04-26 19:44:26 +0000
Commit:     Li-Wen Hsu <lwhsu@FreeBSD.org>
CommitDate: 2024-04-29 04:11:05 +0000

    devel/py-python-bugzilla: Fix for API key leak
    
    Fixes https://github.com/python-bugzilla/python-bugzilla/issues/187
    
    PR:             278612
    MFH:            2024Q2
    Pull Request:   https://github.com/freebsd/freebsd-ports/pull/253
    
    (cherry picked from commit e199513d74a5585e71a2aa278fc495f1ce3c41fe)
---
 devel/py-python-bugzilla/Makefile                  |  1 +
 .../files/patch-bugzilla___session.py              | 23 ++++++++++++++++++++++
 2 files changed, 24 insertions(+)

diff --git a/devel/py-python-bugzilla/Makefile b/devel/py-python-bugzilla/Makefile
index 42db2a632006..35eb957c3a9d 100644
--- a/devel/py-python-bugzilla/Makefile
+++ b/devel/py-python-bugzilla/Makefile
@@ -1,5 +1,6 @@
 PORTNAME=	python-bugzilla
 PORTVERSION=	3.2.0
+PORTREVISION=	1
 CATEGORIES=	devel python
 MASTER_SITES=	PYPI
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
diff --git a/devel/py-python-bugzilla/files/patch-bugzilla___session.py b/devel/py-python-bugzilla/files/patch-bugzilla___session.py
new file mode 100644
index 000000000000..bf9849a0eef2
--- /dev/null
+++ b/devel/py-python-bugzilla/files/patch-bugzilla___session.py
@@ -0,0 +1,23 @@
+--- bugzilla/_session.py
++++ bugzilla/_session.py
+@@ -98,14 +98,14 @@ def request(self, *args, **kwargs):
+         if "timeout" not in kwargs:
+             kwargs["timeout"] = timeout
+ 
+-        response = self._session.request(*args, **kwargs)
++        try:
++            response = self._session.request(*args, **kwargs)
+ 
+-        if self._is_xmlrpc:
+-            # Yes this still appears to matter for properly decoding unicode
+-            # code points in bugzilla.redhat.com content
+-            response.encoding = "UTF-8"
++            if self._is_xmlrpc:
++                # This still appears to matter for properly decoding unicode
++                # code points in bugzilla.redhat.com content
++                response.encoding = "UTF-8"
+ 
+-        try:
+             response.raise_for_status()
+         except requests.HTTPError as e:
+             # Scrape the api key out of the returned exception string

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?202404290411.43T4BnYE026465>