salt: cgi.escape() has been removed in python 3.8

Thu, 09 Jul 2020 04:54:17 -0700 

... after it was deprecated since 3.2.

2020-07-09 08:38:44,604 [salt.utils.schedule                                    
               :853 ][ERROR   ][26771] Unhandled exception running stat
e.highstate
Traceback (most recent call last):
  File "/usr/local/lib/python3.8/site-packages/salt/utils/schedule.py", line 
844, in handle_func
    self.returners[ret_str](ret)
  File 
"/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", 
line 480, in returner
    _produce_output(report, failed, setup)
  File 
"/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", 
line 433, in _produce_output
    _generate_html(report, string_file)
  File 
"/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", 
line 269, in _generate_html
    _generate_html_table(data, out, 0)
  File 
"/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", 
line 220, in _generate_html_table
    _generate_html_table(value, out, level + 1, new_extra_style)
  File 
"/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", 
line 229, in _generate_html_table
    cgi.escape(six.text_type(value)),
AttributeError: module 'cgi' has no attribute 'escape'

I only tested the hightstate returner, no idea about nagios, but it's
mechanical...

Technically this changes behavior in the highstate returner but I
think what it did before was actually a bug, called out in the
deprecation note:

"Deprecated since version 3.2: This function is unsafe because quote
is false by default, and therefore deprecated. Use html.escape()
instead."
https://docs.python.org/3.7/library/cgi.html#cgi.escape

OK?

p.s. I tried to work out how to feed this upstream but I don't fully
grok the hoopes they want me to jump through.

diff --git Makefile Makefile
index 1f38fa8af70..9fcf4d52a38 100644
--- Makefile
+++ Makefile
@@ -19,7 +19,7 @@ COMMENT =             remote execution and configuration 
management system
 
 MODPY_EGG_VERSION =    3001
 DISTNAME =             salt-${MODPY_EGG_VERSION}
-REVISION =             3
+REVISION =             4
 
 CATEGORIES =           sysutils net devel
 
diff --git patches/patch-salt_returners_highstate_return_py 
patches/patch-salt_returners_highstate_return_py
new file mode 100644
index 00000000000..439612ac661
--- /dev/null
+++ patches/patch-salt_returners_highstate_return_py
@@ -0,0 +1,33 @@
+$OpenBSD$
+cgi.escape has been deprecated since python 3.2 and removed in 3.8.
+
+Index: salt/returners/highstate_return.py
+--- salt/returners/highstate_return.py.orig
++++ salt/returners/highstate_return.py
+@@ -79,7 +79,7 @@ the time of execution.
+ """
+ from __future__ import absolute_import, print_function, unicode_literals
+ 
+-import cgi
++import html
+ import logging
+ import smtplib
+ from email.mime.text import MIMEText
+@@ -226,7 +226,7 @@ def _generate_html_table(data, out, level=0, extra_sty
+                                 "td",
+                                 [cell_style, second_style, "value", 
new_extra_style],
+                             ),
+-                            cgi.escape(six.text_type(value)),
++                            html.escape(six.text_type(value)),
+                         ),
+                         file=out,
+                     )
+@@ -251,7 +251,7 @@ def _generate_html_table(data, out, level=0, extra_sty
+                     _lookup_style(
+                         "td", [cell_style, first_style, "value", extra_style]
+                     ),
+-                    cgi.escape(six.text_type(subdata)),
++                    html.escape(six.text_type(subdata)),
+                 ),
+                 file=out,
+             )
diff --git patches/patch-salt_returners_nagios_nrdp_return_py 
patches/patch-salt_returners_nagios_nrdp_return_py
new file mode 100644
index 00000000000..a3406afa892
--- /dev/null
+++ patches/patch-salt_returners_nagios_nrdp_return_py
@@ -0,0 +1,40 @@
+$OpenBSD$
+cgi.escape has been deprecated since python 3.2 and removed in 3.8.
+
+Index: salt/returners/nagios_nrdp_return.py
+--- salt/returners/nagios_nrdp_return.py.orig
++++ salt/returners/nagios_nrdp_return.py
+@@ -51,7 +51,7 @@ To override individual configuration items, append --r
+ from __future__ import absolute_import, print_function, unicode_literals
+ 
+ # Import python libs
+-import cgi
++import html
+ import logging
+ 
+ import salt.ext.six.moves.http_client
+@@ -125,20 +125,20 @@ def _prepare_xml(options=None, state=None):
+             + six.text_type(options["checktype"])
+             + "'>"
+         )
+-        xml += "<hostname>" + cgi.escape(options["hostname"], True) + 
"</hostname>"
+-        xml += "<servicename>" + cgi.escape(options["service"], True) + 
"</servicename>"
++        xml += "<hostname>" + html.escape(options["hostname"]) + "</hostname>"
++        xml += "<servicename>" + html.escape(options["service"]) + 
"</servicename>"
+     else:
+         xml += (
+             "<checkresult type='host' checktype='"
+             + six.text_type(options["checktype"])
+             + "'>"
+         )
+-        xml += "<hostname>" + cgi.escape(options["hostname"], True) + 
"</hostname>"
++        xml += "<hostname>" + html.escape(options["hostname"]) + "</hostname>"
+ 
+     xml += "<state>" + _state + "</state>"
+ 
+     if "output" in options:
+-        xml += "<output>" + cgi.escape(options["output"], True) + "</output>"
++        xml += "<output>" + html.escape(options["output"]) + "</output>"
+ 
+     xml += "</checkresult>"
+ 


-- 
I'm not entirely sure you are real.

Reply via email to