python-pskc branch master updated. 1.3-2-g2c50b12

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Commits of the python-pskc project <python-pskc-commits [at] lists.arthurdejong.org>
To: python-pskc-commits [at] lists.arthurdejong.org
Reply-to: python-pskc-users [at] lists.arthurdejong.org, python-pskc-commits [at] lists.arthurdejong.org
Subject: python-pskc branch master updated. 1.3-2-g2c50b12
Date: Wed, 1 Jan 2025 09:17:09 +0100 (CET)

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "python-pskc".

The branch, master has been updated
       via  2c50b125914bd24328046db066db3165cffe4e4e (commit)
      from  78a25b342bf27d46068eacace6faa5d404998398 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://arthurdejong.org/git/python-pskc/commit/?id=2c50b125914bd24328046db066db3165cffe4e4e

commit 2c50b125914bd24328046db066db3165cffe4e4e
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Sun Sep 8 20:43:02 2024 +0200

    No longer use defusedxml with lxml
    
    The lxml parser uses libxml2 which guards against the vulnerabilities
    defusedxml protects against when using libxml2 2.6 (released 2008) or
    newer. The lxml support in defusedxml has been deprecated since release
    0.6.0 and is planned to be removed in 0.8.0.
    
    See 
https://github.com/tiran/defusedxml/commit/d1260ab35e53dbb16417f4f6736ab2981f13ddab
    See https://github.com/tiran/defusedxml/issues/38

diff --git a/pskc/xml.py b/pskc/xml.py
index 7b82b0a..673d95a 100644
--- a/pskc/xml.py
+++ b/pskc/xml.py
@@ -32,10 +32,6 @@ from collections import OrderedDict
 try:  # pragma: no cover (different implementations)
     from lxml.etree import parse as xml_parse, tostring as xml_tostring
     from lxml.etree import register_namespace, Element, SubElement
-    try:
-        from defusedxml.lxml import parse as xml_parse  # noqa: F811
-    except ImportError:
-        pass
 except ImportError:  # pragma: no cover (different implementations)
     from xml.etree.ElementTree import (
         parse as xml_parse, tostring as xml_tostring)
diff --git a/tox.ini b/tox.ini
index 595610a..416de78 100644
--- a/tox.ini
+++ b/tox.ini
@@ -6,7 +6,6 @@ skip_missing_interpreters = true
 deps = pytest
        pytest-cov
        signxml: signxml
-       signxml: defusedxml
        lxml: lxml
        defusedxml: defusedxml
 commands = signxml: pytest --cov-fail-under 100

-----------------------------------------------------------------------

Summary of changes:
 pskc/xml.py | 4 ----
 tox.ini     | 1 -
 2 files changed, 5 deletions(-)


hooks/post-receive
-- 
python-pskc

python-pskc branch master updated. 1.3-2-g2c50b12, Commits of the python-pskc project

Prev by Date: python-pskc branch master updated. 1.3-1-g78a25b3
Next by Date: python-pskc branch master updated. 1.3-3-gab5bea9
Previous by thread: python-pskc branch master updated. 1.3-1-g78a25b3
Next by thread: python-pskc branch master updated. 1.3-3-gab5bea9