4.x: Update RestrictedPython to 5.4 to mitigate a security issue. (#…

…1147) Make linter happy: E721 do not compare types.
zopefoundation · Aug 31, 2023 · 403d5de · 403d5de
1 parent f5a21fe
commit 403d5de
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 6 deletions.
diff --git a/CHANGES.rst b/CHANGES.rst
@@ -10,7 +10,7 @@ https://zope.readthedocs.io/en/2.13/CHANGES.html
 4.8.9 (unreleased)
 ------------------
 
-- Nothing changed yet.
+- Update ``RestrictedPython`` to 5.4 to mitigate a security issue.
 
 
 4.8.8 (2023-06-20)

diff --git a/requirements-full.txt b/requirements-full.txt
@@ -21,7 +21,7 @@ Persistence==3.6
 Products.BTreeFolder2==4.4
 Products.ZCatalog==5.4
 Record==3.6
-RestrictedPython==5.3
+RestrictedPython==5.4
 WSGIProxy2==0.4.6; python_version == '2.7'
 WSGIProxy2==0.4.6; python_version == '3.5'
 WSGIProxy2==0.4.6; python_version == '3.6'
@@ -70,7 +70,8 @@ zope.cachedescriptors==4.4
 zope.component==5.0.1
 zope.componentvocabulary==2.3.0
 zope.configuration==4.4.1
-zope.container==4.10
+zope.container==4.10; python_version < '3.7'
+zope.container==5.1; python_version >= '3.7'
 zope.contentprovider==4.2.1
 zope.contenttype==4.6
 zope.datetime==4.3.0

diff --git a/src/OFS/PropertyManager.py b/src/OFS/PropertyManager.py
@@ -180,7 +180,7 @@ def _wrapperCheck(self, object):
 
     def _setPropValue(self, id, value):
         self._wrapperCheck(value)
-        if type(value) == list:
+        if isinstance(value, list):
             value = tuple(value)
         setattr(self, id, value)
 

diff --git a/src/OFS/PropertySheets.py b/src/OFS/PropertySheets.py
@@ -259,7 +259,7 @@ def _updateProperty(self, id, value, meta=None):
                 props.append(prop)
             pself._properties = tuple(props)
 
-        if type(value) == list:
+        if isinstance(value, list):
             value = tuple(value)
         setattr(self.v_self(), id, value)
 

diff --git a/versions-prod.cfg b/versions-prod.cfg
@@ -23,7 +23,7 @@ Products.BTreeFolder2 = 4.4
 Products.ZCatalog = 5.4
 Record = 3.6
 # RestrictedPython >= 6 no longer supports Zope 4
-RestrictedPython = 5.3
+RestrictedPython = 5.4
 WSGIProxy2 = 0.5.1
 WebOb = 1.8.7
 WebTest = 3.0.0
@@ -143,3 +143,11 @@ PasteDeploy = 2.1.1
 WSGIProxy2 = 0.4.6
 # waitress 2.1 requires Python 3.7 or higher
 waitress = 2.0.0
+
+[versions:python37]
+# Older versions have build problems
+zope.container = 5.1
+
+[versions:python38]
+# Older versions have build problems
+zope.container = 5.1