PR#1: Update to 0.0.7 (close RHBZ#2262502) - rpms/python-multipart

rpms / python-multipart

#1 Update to 0.0.7 (close RHBZ#2262502)

Merged 4 months ago by carlwgeorge. Opened 4 months ago by music.

rpms/ music/python-multipart v0.0.7 into rawhide

Update to 0.0.7 (close RHBZ#2262502)

Benjamin A. Beasley • 4 months ago

ada92ef

Assert that .dist-info contains a license file

Benjamin A. Beasley • 4 months ago

5f629e6

python-multipart.spec

file modified

+2 -2

		`@@ -2,7 +2,7 @@`
		`python-multipart is an Apache2 licensed streaming multipart parser for Python.}`

		`Name: python-multipart`
		`- Version: 0.0.6`
		`+ Version: 0.0.7`
		`Release: %autorelease`
		`Summary: A streaming multipart parser for Python`
		`License: Apache-2.0`
		`@@ -38,7 +38,7 @@`

		`%install`
		`%pyproject_install`
		`- %pyproject_save_files multipart`
		`+ %pyproject_save_files -l multipart`


		`%check`

sources

file modified

+1 -1

		`@@ -1,1 +1,1 @@`
		`- SHA512 (python_multipart-0.0.6.tar.gz) = fad42688353ffd66530af36e1aab0ac596d9a748d64a4e4885d92d6c0d1dad4c434dc0f56003fe7fd0822fd9bb59699991543d982e0e44eb49455dd96733bc7d`
		`+ SHA512 (python_multipart-0.0.7.tar.gz) = 402a6858b030046ac61e7b04125310280231850e2c6deb426335416fe69dbbdbfe8fb9873a1a83301c88963e1345712d44f47a58273754cf6e3fcf23f45036a5`

music commented 4 months ago

Upstream source diff: https://github.com/andrew-d/python-multipart/compare/0.0.6...0.0.7

Upstream changelog entry:

## 0.0.7 (2024-02-03)

* Refactor header option parser to use the standard library instead of a custom RegEx [#75](https://github.com/andrew-d/python-multipart/pull/75).

FastAPI upstream reports that this is a security update fixing a denial-of-service vulnerability: https://github.com/tiangolo/fastapi/security/advisories/GHSA-qf9m-vfgh-m389

Dependent packages rebuilt OK in COPR in F40/Rawhide, F39, and F38:

Since this is a security update and is blocking further FastAPI updates, if there is no feedback on this PR by later this week (after F40 branching settles out), I plan to merge this and carry out updates for all releases using my python-packagers-sig membership.