From b4131d30e6d615dd01db723d65ce3ba73d76e625 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:08:16 +0200 Subject: [PATCH 01/10] Bump django and django-redis dependencies in setup.py django < 4 django-redis < 6 --- setup.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/setup.py b/setup.py index c13decdc..5f8ce011 100644 --- a/setup.py +++ b/setup.py @@ -77,13 +77,13 @@ setup( # Requirements install_requires=[ - 'django >= 2.2.10, < 3', + 'django >= 2.2.10, < 4', 'bcrypt >= 3.1.6, < 4', 'python-debian >= 0.1.35, < 1', 'celery >= 4.2.1, < 6', 'django-celery-beat >= 1.1.1, < 3', 'redis >= 3.2.1, < 4', - 'django-redis >= 4.10.0, < 5', + 'django-redis >= 4.10.0, < 6', 'python-debianbts >= 2.8.2, < 4', 'lxml >= 4.3.2, < 5', 'dulwich >= 0.19.11, < 1', -- GitLab From 1995c85b5bf15144b42552fc6934abbc0dc227a6 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:10:18 +0200 Subject: [PATCH 02/10] Add additional test env for tox covering django3 --- tox.ini | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index aa76e1b5..deba1e14 100644 --- a/tox.ini +++ b/tox.ini @@ -4,12 +4,14 @@ # and then run "tox" from this directory. [tox] -envlist = py3-django2,flake8 +envlist = py3-django{2,3},flake8 [testenv] extras = testing deps = coverage + django2: Django >= 2.2.24, < 3 + django3: Django >= 3.2.7, <4 setenv = DJANGO_SETTINGS_MODULE=debexpo.settings.test -- GitLab From 95a03e752f71f782f904624b779f9e5233616f70 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:10:56 +0200 Subject: [PATCH 03/10] Exclude online nntp tests from tox conf --- tox.ini | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tox.ini b/tox.ini index deba1e14..b7ed6b1b 100644 --- a/tox.ini +++ b/tox.ini @@ -18,9 +18,9 @@ setenv = commands = coverage erase - coverage run manage.py test -v 2 - coverage report --include='debexpo*' - coverage html --include='debexpo*' + coverage run manage.py test -v 2 --exclude-tag nntp + coverage report --include='debexpo*' --omit '*/nntp.py' + coverage html --include='debexpo*' --omit '*/nntp.py' [testenv:flake8] deps = flake8 -- GitLab From 5e5c4f62ca8f2515673ccc7ac34d2093f10b8a58 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:11:52 +0200 Subject: [PATCH 04/10] Pass extra tox args to the test cli to allow running partial tests --- tox.ini | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tox.ini b/tox.ini index b7ed6b1b..7b30496e 100644 --- a/tox.ini +++ b/tox.ini @@ -18,7 +18,7 @@ setenv = commands = coverage erase - coverage run manage.py test -v 2 --exclude-tag nntp + coverage run manage.py test -v 2 --exclude-tag nntp {posargs} coverage report --include='debexpo*' --omit '*/nntp.py' coverage html --include='debexpo*' --omit '*/nntp.py' -- GitLab From 3ded951b3936146700d87fb225e12e73219a085d Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sat, 25 Sep 2021 15:54:00 +0200 Subject: [PATCH 05/10] Disable minimal size requirement for ed25519 keys debexpo previously checked that ed25519 keys had a length of 256. Since libgcrypt-1.9.0, this value has been updated to 255. Instead of adjusting the size, the minimal requirement for ed25519 keys have been dropped since all keys have a unique length anyway. See: https://dev.gnupg.org/rCdb7b2c591004868abedbc2c19d3bb2efebf8529d See: https://lists.gnupg.org/pipermail/gnupg-users/2021-September/065454.html --- .../migrations/0004_set_ecc_size_to_zero.py | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 debexpo/keyring/migrations/0004_set_ecc_size_to_zero.py diff --git a/debexpo/keyring/migrations/0004_set_ecc_size_to_zero.py b/debexpo/keyring/migrations/0004_set_ecc_size_to_zero.py new file mode 100644 index 00000000..1017178b --- /dev/null +++ b/debexpo/keyring/migrations/0004_set_ecc_size_to_zero.py @@ -0,0 +1,59 @@ +# 0004_set_ecc_size_to_zero.py - Set ECC minimum size to zero +# +# This file is part of debexpo +# https://salsa.debian.org/mentors.debian.net-team/debexpo +# +# Copyright © 2021 Baptiste Beauplat +# +# Permission is hereby granted, free of charge, to any person +# obtaining a copy of this software and associated documentation +# files (the "Software"), to deal in the Software without +# restriction, including without limitation the rights to use, +# copy, modify, merge, publish, distribute, sublicense, and/or sell +# copies of the Software, and to permit persons to whom the +# Software is furnished to do so, subject to the following +# conditions: +# +# The above copyright notice and this permission notice shall be +# included in all copies or substantial portions of the Software. +# +# THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +# EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES +# OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND +# NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT +# HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, +# WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING +# FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR +# OTHER DEALINGS IN THE SOFTWARE. + +from django.db import migrations + + +def set_ecc_size_to_zero(apps, schema_editor): + set_ecc_size(apps, schema_editor, 0) + + +def revert_set_ecc_size_to_zero(apps, schema_editor): # pragma: no cover + set_ecc_size(apps, schema_editor, 256) + + +def set_ecc_size(apps, schema_editor, size): + GPGAlgo = apps.get_model('keyring', 'GPGAlgo') + + algo = GPGAlgo.objects.get(name='ed25519') + algo.minimal_size_requirement = size + algo.full_clean() + algo.save() + + +class Migration(migrations.Migration): + + initial = True + + dependencies = [ + ('keyring', '0003_fingerprint_uniqueness',), + ] + + operations = [ + migrations.RunPython(set_ecc_size_to_zero, revert_set_ecc_size_to_zero), + ] -- GitLab From 3cbf2e1d96709230d7af10134af7ec20f74e6461 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sat, 25 Sep 2021 16:36:59 +0200 Subject: [PATCH 06/10] Prefix apps name with 'debexpo.' --- debexpo/accounts/apps.py | 2 +- debexpo/base/apps.py | 2 +- debexpo/bugs/apps.py | 2 +- debexpo/comments/apps.py | 2 +- debexpo/importer/apps.py | 2 +- debexpo/keyring/apps.py | 2 +- debexpo/nntp/apps.py | 2 +- debexpo/packages/apps.py | 2 +- debexpo/plugins/apps.py | 2 +- debexpo/repository/apps.py | 2 +- 10 files changed, 10 insertions(+), 10 deletions(-) diff --git a/debexpo/accounts/apps.py b/debexpo/accounts/apps.py index 383c3e76..47313a28 100644 --- a/debexpo/accounts/apps.py +++ b/debexpo/accounts/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class AccountsConfig(AppConfig): - name = 'accounts' + name = 'debexpo.accounts' diff --git a/debexpo/base/apps.py b/debexpo/base/apps.py index 466c3da3..abe1fba7 100644 --- a/debexpo/base/apps.py +++ b/debexpo/base/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class BaseConfig(AppConfig): - name = 'base' + name = 'debexpo.base' diff --git a/debexpo/bugs/apps.py b/debexpo/bugs/apps.py index 8024aebf..a36bc29e 100644 --- a/debexpo/bugs/apps.py +++ b/debexpo/bugs/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class BugsConfig(AppConfig): - name = 'bugs' + name = 'debexpo.bugs' diff --git a/debexpo/comments/apps.py b/debexpo/comments/apps.py index 23b3934a..a795e699 100644 --- a/debexpo/comments/apps.py +++ b/debexpo/comments/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class CommentsConfig(AppConfig): - name = 'comments' + name = 'debexpo.comments' diff --git a/debexpo/importer/apps.py b/debexpo/importer/apps.py index 4b1300e7..cd947e8e 100644 --- a/debexpo/importer/apps.py +++ b/debexpo/importer/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class ImporterConfig(AppConfig): - name = 'importer' + name = 'debexpo.importer' diff --git a/debexpo/keyring/apps.py b/debexpo/keyring/apps.py index f7757a09..6c769d14 100644 --- a/debexpo/keyring/apps.py +++ b/debexpo/keyring/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class KeyringConfig(AppConfig): - name = 'keyring' + name = 'debexpo.keyring' diff --git a/debexpo/nntp/apps.py b/debexpo/nntp/apps.py index a2d9e8bf..56ddb3e8 100644 --- a/debexpo/nntp/apps.py +++ b/debexpo/nntp/apps.py @@ -29,4 +29,4 @@ from django.apps import AppConfig class NntpConfig(AppConfig): - name = 'nntp' + name = 'debexpo.nntp' diff --git a/debexpo/packages/apps.py b/debexpo/packages/apps.py index 2d566080..85ef3427 100644 --- a/debexpo/packages/apps.py +++ b/debexpo/packages/apps.py @@ -29,4 +29,4 @@ from django.apps import AppConfig class PackagesConfig(AppConfig): - name = 'packages' + name = 'debexpo.packages' diff --git a/debexpo/plugins/apps.py b/debexpo/plugins/apps.py index 2b78aee6..4a35b1a5 100644 --- a/debexpo/plugins/apps.py +++ b/debexpo/plugins/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class PluginsConfig(AppConfig): - name = 'plugins' + name = 'debexpo.plugins' diff --git a/debexpo/repository/apps.py b/debexpo/repository/apps.py index 6959e71c..11804707 100644 --- a/debexpo/repository/apps.py +++ b/debexpo/repository/apps.py @@ -30,4 +30,4 @@ from django.apps import AppConfig class RepositoryConfig(AppConfig): - name = 'repository' + name = 'debexpo.repository' -- GitLab From 7d87726d0b4844f11581a6707e97f12688dd61a3 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:15:24 +0200 Subject: [PATCH 07/10] Add setting DEFAULT_AUTO_FIELD to specify primary key default field type --- debexpo/settings/common.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/debexpo/settings/common.py b/debexpo/settings/common.py index 874975bc..a7e79204 100644 --- a/debexpo/settings/common.py +++ b/debexpo/settings/common.py @@ -260,3 +260,6 @@ REGISTRATION_CACHE_TIMEOUT = 1 * 24 * 3600 # Timeout for processes (10 minutes by default, 30 minutes for lintian) SUBPROCESS_TIMEOUT = 10 * 60 SUBPROCESS_TIMEOUT_LINTIAN = 30 * 60 + +# Default settings for models +DEFAULT_AUTO_FIELD = 'django.db.models.AutoField' -- GitLab From 8182a3496d184a1423d06b7979d168425fdce4a5 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:16:09 +0200 Subject: [PATCH 08/10] Explicitly add _num_days and _today method to EmailChangeTokenGenerator (removed in django3) --- debexpo/tools/token.py | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/debexpo/tools/token.py b/debexpo/tools/token.py index 72f8e493..de02cb9b 100644 --- a/debexpo/tools/token.py +++ b/debexpo/tools/token.py @@ -26,6 +26,7 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR # OTHER DEALINGS IN THE SOFTWARE. +from datetime import date from django.conf import settings from django.utils.crypto import constant_time_compare, salted_hmac @@ -87,5 +88,12 @@ class EmailChangeTokenGenerator(PasswordResetTokenGenerator): str(login_timestamp) + \ str(timestamp) + def _num_days(self, dt): + return (dt - date(2001, 1, 1)).days + + def _today(self): + # Used for mocking in tests + return date.today() # pragma: no cover + email_change_token_generator = EmailChangeTokenGenerator() -- GitLab From d8e8862138465df26be416506933248688914075 Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Sun, 26 Sep 2021 13:17:04 +0200 Subject: [PATCH 09/10] Replace INTERNAL_RESET_URL_TOKEN by its actual static value (removed in django3) --- tests/functional/accounts/test_reset.py | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/functional/accounts/test_reset.py b/tests/functional/accounts/test_reset.py index 1dbf2cf9..0f779e11 100644 --- a/tests/functional/accounts/test_reset.py +++ b/tests/functional/accounts/test_reset.py @@ -27,8 +27,7 @@ # OTHER DEALINGS IN THE SOFTWARE. from django.contrib.auth.tokens import PasswordResetTokenGenerator -from django.contrib.auth.views import INTERNAL_RESET_URL_TOKEN, \ - INTERNAL_RESET_SESSION_TOKEN +from django.contrib.auth.views import INTERNAL_RESET_SESSION_TOKEN from django.core import mail from django.urls import reverse from django.utils.encoding import force_bytes @@ -67,7 +66,7 @@ class TestResetController(TestController): response = self.client.post(reverse('password_reset_confirm', kwargs={ 'uidb64': uid, - 'token': INTERNAL_RESET_URL_TOKEN + 'token': 'set-password' }), { 'new_password1': 'newpass', 'new_password2': 'newpass', -- GitLab From 0222634578fb16c7f25141d6be68c87121d4433d Mon Sep 17 00:00:00 2001 From: Baptiste Beauplat Date: Thu, 14 Oct 2021 21:13:01 +0200 Subject: [PATCH 10/10] Replace celery @task by @shared_task (removed in celery 5.2) --- debexpo/importer/tasks.py | 4 ++-- debexpo/packages/tasks.py | 6 +++--- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/debexpo/importer/tasks.py b/debexpo/importer/tasks.py index 444aef24..8a9da789 100644 --- a/debexpo/importer/tasks.py +++ b/debexpo/importer/tasks.py @@ -26,7 +26,7 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR # OTHER DEALINGS IN THE SOFTWARE. -from celery.decorators import task +from celery import shared_task from django.conf import settings @@ -34,7 +34,7 @@ from debexpo.importer.models import Importer from debexpo.tools.cache import enforce_unique_instance -@task +@shared_task def importer(): with enforce_unique_instance('importer'): importctl = Importer(settings.UPLOAD_SPOOL) diff --git a/debexpo/packages/tasks.py b/debexpo/packages/tasks.py index 77d33694..1c3239c9 100644 --- a/debexpo/packages/tasks.py +++ b/debexpo/packages/tasks.py @@ -27,7 +27,7 @@ # FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR # OTHER DEALINGS IN THE SOFTWARE. -from celery.decorators import task +from celery import shared_task from datetime import timedelta, datetime, timezone from logging import getLogger from debian.deb822 import Changes @@ -97,7 +97,7 @@ def remove_uploads(uploads): return removals -@task +@shared_task def remove_old_uploads(): expiration_date = datetime.now(timezone.utc) - \ timedelta(weeks=settings.MAX_AGE_UPLOAD_WEEKS) @@ -128,7 +128,7 @@ def notify_uploaders(removals, reason): reason=reason) -@task +@shared_task def remove_uploaded_packages(client=None): uploads_to_archive = set() uploads_to_new = set() -- GitLab