Skip to content

Commit

Permalink
python:html5lib: 0.999 -> 0.999999999
Browse files Browse the repository at this point in the history 
fixes LWN vuln:709146
ref #21289: Vulnerability roundup 14
  • Loading branch information
@phanimahesh
phanimahesh committed Dec 20, 2016
1 parent f3b65f6 commit a737eff
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkgs/top-level/python-packages.nix
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12485,12 +12485,12 @@ in {


html5lib = buildPythonPackage (rec {
version = "0.999";
version = "0.999999999";
name = "html5lib-${version}";

src = pkgs.fetchurl {
url = "http://github.com/html5lib/html5lib-python/archive/${version}.tar.gz";
sha256 = "1kxl36p0csssaf37zbbc9p4h8l1s7yb1qnfv3d4nixplvrxqkybp";
sha256 = "09j6194f5mlnd5xwbavwvnndwl1x91jw74shxl6hcxjp4fxg3h05";
};

buildInputs = with self; [ nose flake8 ];
Expand Down

5 comments on commit a737eff

@bjornfor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Breaks the build:

...
Collecting webencodings (from html5lib==0.999999999)
  Could not find a version that satisfies the requirement webencodings (from html5lib==0.999999999) (from versions: )
No matching distribution found for webencodings (from html5lib==0.999999999)
builder for ‘/nix/store/dcspd27ywcic8ciiszpkrj621bpr33av-python2.7-html5lib-0.999999999.drv’ failed with exit code 1

@bjornfor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I added webencodings and a few extra deps that html5lib now requires. But the tests fail:

======================================================================
ERROR: html5lib.tests.test_encoding.test_parser_args
----------------------------------------------------------------------
Traceback (most recent call last):
  File "/nix/store/drr4mbdfrj5avck3jw7byv1hk8zr0h99-python2.7-nose-1.3.7/lib/python2.7/site-packages/nose/case.py", line 197, in runTest
    self.test(*self.arg)
TypeError: test_parser_args() takes exactly 3 arguments (0 given)
...

There is a ton of these errors. A function expects some args, but none are given.

@bjornfor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I understand security is important, but if these security bumps aren't tested before being pushed, the end result is no added security. I'm still using the old package because I cannot upgrade.

@bjornfor
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I see you fixed it, @FRidh. Thanks!

@FRidh
Copy link
Member

@FRidh FRidh commented on a737eff Dec 25, 2016

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I accidentally merged the PR before fixing it. Since I needed the upgrade I thought I might as well fix it right away instead of reverting. Unfortunately it had this whole dependency tree that had to be packaged.

Please sign in to comment.