[OE-core][PATCH v2] python3-pip: upgrade 20.0.2 -> 21.1.2

Trevor Gamblin Tue, 22 Jun 2021 11:41:19 -0700

21.1.2 contains a fix for CVE-2021-3572
(https://github.com/pypa/pip/commit/e46bdda9711392fec0c45c1175bae6db847cb30b)


The LICENSE.txt signature changed due to an update to the copyright
dates, but the terms are the same.

Also update 0001-change-shebang-to-python3.patch to cover all files in
pip's src directory, since we need to ensure compatibility.

Finally, fix the ordering of the "inherit" and "SRC_URI" lines so that
devtool will correctly identify that there is a new version upstream.

Signed-off-by: Trevor Gamblin <trevor.gamb...@windriver.com>
---
 .../0001-change-shebang-to-python3.patch      | 128 ++++++++++++++----
 ...n3-pip_20.0.2.bb => python3-pip_21.1.2.bb} |  10 +-
 2 files changed, 103 insertions(+), 35 deletions(-)
 rename meta/recipes-devtools/python/{python3-pip_20.0.2.bb => 
python3-pip_21.1.2.bb} (73%)

diff --git 
a/meta/recipes-devtools/python/python3-pip/0001-change-shebang-to-python3.patch 
b/meta/recipes-devtools/python/python3-pip/0001-change-shebang-to-python3.patch
index 00cffe169b..0187001168 100644
--- 
a/meta/recipes-devtools/python/python3-pip/0001-change-shebang-to-python3.patch
+++ 
b/meta/recipes-devtools/python/python3-pip/0001-change-shebang-to-python3.patch
@@ -1,32 +1,30 @@
-From e7a00e9b5104ae2fbcea32a35c85760b77fae7e5 Mon Sep 17 00:00:00 2001
-From: Changqing Li <changqing...@windriver.com>
-Date: Thu, 23 Apr 2020 09:42:10 +0000
+From baa85a4dab2e8d64eb25d1181b6420db25ce919a Mon Sep 17 00:00:00 2001
+From: Trevor Gamblin <trevor.gamb...@windriver.com>
+Date: Tue, 22 Jun 2021 12:31:46 -0400
 Subject: [PATCH] change shebang to python3
 
-Upstream-Status: Pending
+Upstream-Status: Inappropriate (OE-specific)
 
-pip will drop support of python2 from 21.0
+Despite no longer supporting python2, some files in the pip source refer
+to "python" instead of "python3", so patch them as needed to ensure that
+they correctly reference the python3 binary.
 
-Signed-off-by: Changqing Li <changqing...@windriver.com>
+Signed-off-by: Trevor Gamblin <trevor.gamb...@windriver.com>
 ---
- src/pip/_internal/__init__.py             | 2 +-
- src/pip/_vendor/appdirs.py                | 2 +-
- src/pip/_vendor/chardet/cli/chardetect.py | 2 +-
- src/pip/_vendor/requests/certs.py         | 2 +-
- 4 files changed, 4 insertions(+), 4 deletions(-)
+ src/pip/_vendor/appdirs.py                    | 2 +-
+ src/pip/_vendor/chardet/langbulgarianmodel.py | 2 +-
+ src/pip/_vendor/chardet/langgreekmodel.py     | 2 +-
+ src/pip/_vendor/chardet/langhebrewmodel.py    | 2 +-
+ src/pip/_vendor/chardet/langhungarianmodel.py | 2 +-
+ src/pip/_vendor/chardet/langrussianmodel.py   | 2 +-
+ src/pip/_vendor/chardet/langthaimodel.py      | 2 +-
+ src/pip/_vendor/chardet/langturkishmodel.py   | 2 +-
+ src/pip/_vendor/chardet/metadata/languages.py | 2 +-
+ src/pip/_vendor/requests/certs.py             | 2 +-
+ 10 files changed, 10 insertions(+), 10 deletions(-)
 
-diff --git a/src/pip/_internal/__init__.py b/src/pip/_internal/__init__.py
-index 3aa8a46..e1ad179 100755
---- a/src/pip/_internal/__init__.py
-+++ b/src/pip/_internal/__init__.py
-@@ -1,4 +1,4 @@
--#!/usr/bin/env python
-+#!/usr/bin/env python3
- import pip._internal.utils.inject_securetransport  # noqa
- from pip._internal.utils.typing import MYPY_CHECK_RUNNING
- 
 diff --git a/src/pip/_vendor/appdirs.py b/src/pip/_vendor/appdirs.py
-index 3a52b75..ad3f81d 100644
+index 33a3b7741..60b9ef5f7 100644
 --- a/src/pip/_vendor/appdirs.py
 +++ b/src/pip/_vendor/appdirs.py
 @@ -1,4 +1,4 @@
@@ -35,18 +33,88 @@ index 3a52b75..ad3f81d 100644
  # -*- coding: utf-8 -*-
  # Copyright (c) 2005-2010 ActiveState Software Inc.
  # Copyright (c) 2013 Eddy Petrișor
-diff --git a/src/pip/_vendor/chardet/cli/chardetect.py 
b/src/pip/_vendor/chardet/cli/chardetect.py
-index c61136b..a497e98 100644
---- a/src/pip/_vendor/chardet/cli/chardetect.py
-+++ b/src/pip/_vendor/chardet/cli/chardetect.py
+diff --git a/src/pip/_vendor/chardet/langbulgarianmodel.py 
b/src/pip/_vendor/chardet/langbulgarianmodel.py
+index e963a5097..97ea6cea8 100644
+--- a/src/pip/_vendor/chardet/langbulgarianmodel.py
++++ b/src/pip/_vendor/chardet/langbulgarianmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langgreekmodel.py 
b/src/pip/_vendor/chardet/langgreekmodel.py
+index d99528ede..4a127ea83 100644
+--- a/src/pip/_vendor/chardet/langgreekmodel.py
++++ b/src/pip/_vendor/chardet/langgreekmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langhebrewmodel.py 
b/src/pip/_vendor/chardet/langhebrewmodel.py
+index 484c652a4..676c1a711 100644
+--- a/src/pip/_vendor/chardet/langhebrewmodel.py
++++ b/src/pip/_vendor/chardet/langhebrewmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langhungarianmodel.py 
b/src/pip/_vendor/chardet/langhungarianmodel.py
+index bbc5cda64..042eae70a 100644
+--- a/src/pip/_vendor/chardet/langhungarianmodel.py
++++ b/src/pip/_vendor/chardet/langhungarianmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langrussianmodel.py 
b/src/pip/_vendor/chardet/langrussianmodel.py
+index 5594452b5..564b02e58 100644
+--- a/src/pip/_vendor/chardet/langrussianmodel.py
++++ b/src/pip/_vendor/chardet/langrussianmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langthaimodel.py 
b/src/pip/_vendor/chardet/langthaimodel.py
+index 9a37db573..c97487959 100644
+--- a/src/pip/_vendor/chardet/langthaimodel.py
++++ b/src/pip/_vendor/chardet/langthaimodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/langturkishmodel.py 
b/src/pip/_vendor/chardet/langturkishmodel.py
+index 43f4230ae..7e710c371 100644
+--- a/src/pip/_vendor/chardet/langturkishmodel.py
++++ b/src/pip/_vendor/chardet/langturkishmodel.py
+@@ -1,4 +1,4 @@
+-#!/usr/bin/env python
++#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
+ 
+ from pip._vendor.chardet.sbcharsetprober import SingleByteCharSetModel
+diff --git a/src/pip/_vendor/chardet/metadata/languages.py 
b/src/pip/_vendor/chardet/metadata/languages.py
+index 3237d5abf..aa2ec7c35 100644
+--- a/src/pip/_vendor/chardet/metadata/languages.py
++++ b/src/pip/_vendor/chardet/metadata/languages.py
 @@ -1,4 +1,4 @@
 -#!/usr/bin/env python
 +#!/usr/bin/env python3
+ # -*- coding: utf-8 -*-
  """
- Script which takes one or more file paths and reports on their detected
- encodings
+ Metadata about languages used by our model training code for our
 diff --git a/src/pip/_vendor/requests/certs.py 
b/src/pip/_vendor/requests/certs.py
-index 06a594e..bfa7839 100644
+index 06a594e58..bfa7839a4 100644
 --- a/src/pip/_vendor/requests/certs.py
 +++ b/src/pip/_vendor/requests/certs.py
 @@ -1,4 +1,4 @@
@@ -56,5 +124,5 @@ index 06a594e..bfa7839 100644
  
  """
 -- 
-2.24.1
+2.31.1
 
diff --git a/meta/recipes-devtools/python/python3-pip_20.0.2.bb 
b/meta/recipes-devtools/python/python3-pip_21.1.2.bb
similarity index 73%
rename from meta/recipes-devtools/python/python3-pip_20.0.2.bb
rename to meta/recipes-devtools/python/python3-pip_21.1.2.bb
index 99eeea2edf..7367dfdc21 100644
--- a/meta/recipes-devtools/python/python3-pip_20.0.2.bb
+++ b/meta/recipes-devtools/python/python3-pip_21.1.2.bb
@@ -2,16 +2,16 @@ SUMMARY = "The PyPA recommended tool for installing Python 
packages"
 HOMEPAGE = "https://pypi.org/project/pip";
 SECTION = "devel/python"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8ba06d529c955048e5ddd7c45459eb2e"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=c4fa2b50f55649f43060fa04b0919b9b"
 
 DEPENDS += "python3 python3-setuptools-native"
 
-SRC_URI += "file://0001-change-shebang-to-python3.patch"
+inherit pypi distutils3
 
-SRC_URI[md5sum] = "7d42ba49b809604f0df3d55df1c3fd86"
-SRC_URI[sha256sum] = 
"7db0c8ea4c7ea51c8049640e8e6e7fde949de672bfa4949920675563a5a6967f"
+SRC_URI += "file://0001-change-shebang-to-python3.patch"
 
-inherit pypi distutils3
+SRC_URI[md5sum] = "a867fd51eacfd5293f5b7e0c2e7867a7"
+SRC_URI[sha256sum] = 
"eb5df6b9ab0af50fe1098a52fd439b04730b6e066887ff7497357b9ebd19f79b"
 
 do_install_append() {
     # Install as pip3 and leave pip2 as default
-- 
2.31.1

-=-=-=-=-=-=-=-=-=-=-=-
Links: You receive all messages sent to this group.
View/Reply Online (#153213): 
https://lists.openembedded.org/g/openembedded-core/message/153213
Mute This Topic: https://lists.openembedded.org/mt/83720856/21656
Group Owner: openembedded-core+ow...@lists.openembedded.org
Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub 
[arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

[OE-core][PATCH v2] python3-pip: upgrade 20.0.2 -> 21.1.2

Reply via email to