Current description is getting
cut off and is formatted incorrectly
in LuCI when viewing packages.
Rewrote description to shorten,
correct and provide a more
concise description that will
work in LuCI.
Signed-off-by: Joshua Criss <owlsy@outlook.com.au>
This is a security release.
Notable Changes
* (CVE-2026-21637) wrap SNICallback invocation in try/catch (Matteo Collina) - High
* (CVE-2026-21710) use null prototype for headersDistinct/trailersDistinct (Matteo Collina) - High
* (CVE-2026-21713) use timing-safe comparison in Web Cryptography HMAC (Filip Skokan) - Medium
* (CVE-2026-21714) handle NGHTTP2_ERR_FLOW_CONTROL error code (RafaelGSS) - Medium
* (CVE-2026-21717) test array index hash collision (Joyee Cheung) - Medium
* (CVE-2026-21715) add permission check to realpath.native (RafaelGSS) - Low
* (CVE-2026-21716) include permission check on lib/fs/promises (RafaelGSS) - Low
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Changelog: https://github.com/python-poetry/poetry-core/releases/tag/2.3.2
Changes include:
- Fix handling of PEP 440 post-releases in version constraints
- Minor bug fixes and internal improvements
Add test.sh to validate basic version parsing and constraint evaluation.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The 0001-distutils-use-python-sysroot.patch was written against an
older setuptools where the build_ext LIBDIR yield had less indentation.
In 82.0.1, a z/OS platform check wrapped the code adding an extra
indentation level. Regenerate the patch against the actual 82.0.1 source.
Signed-off-by: Alexandru Ardelean <alex@mesatop.com>
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Starting with 46.x, cryptography switched its build backend from
setuptools-rust to maturin. Update PKG_BUILD_DEPENDS accordingly:
replace python-setuptools-rust/host with python-maturin/host and
python-setuptools/host (setuptools is still required by cffi).
Drop 001-Update-ouroboros.patch: the ouroboros crate is no longer a
dependency in 46.x, so the patch (which bumped it from 0.15 to 0.18
to fix RUSTSEC-2023-0042) no longer applies.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Required by python-maturin as a build dependency (maturin >= 1.12.6
requires setuptools-rust >= 1.11.0).
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Needed by python-cryptography 46.x, which switched its build backend
from setuptools-rust to maturin (requires maturin >= 1.9.4).
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
When Python3 was updated via commit 97a92f2e7 , distutils was
disappeared from Python3 and moved to setuptools.
So that patch should have moved here as well.
This should fix all packages which still use the 'build_ext'
module from setuptools.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
As we're seeing in various test.sh scrip runs, importing 'email' fails
with not finding 'urllib' and vice-versa.
Then via a7e96ec91 ("python3-email: add python3-urllib as dependency")
I created a circular dependency.
So, might as well merge the two packages into one (named python3-urllib)
and updates all dependencies to pull python3-urllib.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The python3-pkg-resources package does not exist in OpenWrt.
The only distutils/setuptools usage in fail2ban 1.1.0 is in
filterpyinotify.py and filtersystemd.py, both of which are
optional backends not available on OpenWrt. They are loaded
lazily via ImportError-guarded calls and the default auto
backend falls through to polling without them.
Also add test.sh with basic import and CLI smoke test.
Add me as maintainer.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Fix dependency with python3-pkg-resources (it got removed).
And add test.sh
- Bump from 4.5.1 to 4.6.0
- Drop python3-pkg-resources dependency: setools uses
'from importlib import resources as pkg_resources' which is stdlib,
not the external pkg_resources package
- Update 010-no-gui.patch: pyproject.toml now manages script-files and
package-data (was setup.py in 4.5.1); rewrite patch to target it
- Update 030-remove-host-paths.patch: lib_dirs now uses list[str] type
hint; fix hunk header line numbers to match new upstream layout
- Add test.sh: verify core query classes (SELinuxPolicy, BoolQuery,
TypeQuery, RoleQuery, UserQuery) are accessible
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
cpe:/a:beep_project:beep is the correct CPE ID for beep:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:beep_project:beep
Indeed, spkr-beep is a fork of https://github.com/johnath/beep as
clearly stated in README.md: "This version of beep has been forked from
Johnathan Nightingales' original beep when johnath/beep#11 required
fixes in 2018, while Johnathan Nightingales' github.com/johnath/beep/
and johnath.com/beep/ was only maintained from around 2000 until around
2013.
So, it is still appropriate to use beep_project:beep CPE ID since the
code base remains the same and no new CPE has been assigned to the fork
(as there have been no new CVEs since 2018).
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
The LMDB shared library (liblmdb.so) does not currently have a SONAME
set, which can cause issues when linking against it. Specifically, when
an object is linked against the library using its absolute path (for
example, in Meson builds), that path (as seen in the build environment)
is stored in the resulting object's DT_NEEDED entry. This can prevent
the library from being found during runtime linking. Set the SONAME to
liblmdb.so to ensure proper runtime linking.
Signed-off-by: Michał Kępień <michal@isc.org>
urllib3 2.6.3 pyproject.toml pins setuptools-scm<10 but
python-setuptools-scm was recently bumped to 10.0.3, breaking
the build. Drop the upper bound via patch to allow building
with setuptools-scm 10.x.
Also add test.sh to verify core API imports, Retry/Timeout
configuration, and PoolManager creation.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 1.0.1:
- Added support for Python 3.14 (including free-threaded build)
- CLI now forwards flags directly to commands
- Improved symlink handling with explicit follow_symlinks option
- Added FIFO file support on Unix systems
- Changed file mode preservation to maintain original permissions
Also add test.sh to verify dotenv_values parsing and load_dotenv.
Note: PyPI renamed the source tarball from python-dotenv-*.tar.gz
to python_dotenv-*.tar.gz; add PYPI_SOURCE_NAME accordingly.
Link: https://github.com/theskumar/python-dotenv/blob/main/CHANGELOG.md
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 8.0.1:
- Improved uppercase special character handling and text
normalization before unicode conversion
- Resolved pattern type issues
- Various bug fixes for robust character handling
Also add test.sh to verify slugification, unicode handling and
options like separator and max_length.
Link: https://github.com/un33k/python-slugify/blob/master/CHANGELOG.md
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 25.0:
- Added support for PEP 751 (pylock files) and PEP 794 (import
name metadata); new metadata writing functionality
- Performance improvements: 3x speedup via regex caching, lazy
Version key calculation, accelerated canonicalize_name
- Refined PEP 440 prerelease handling and SpecifierSet matching
- Improved Marker and Requirement subclassing support
Link: https://github.com/pypa/packaging/blob/main/CHANGELOG.rst
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 2.32.5:
- Security fix for CVE-2026-25645 in extract_zipped_paths utility
- Migrated to PEP 517 build system
- Added inline type hints throughout the library
- Fixed Content-Type header parsing for malformed values
Also add test.sh to verify core API imports and PreparedRequest.
Link: https://github.com/psf/requests/blob/main/HISTORY.md
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
The fwupd Config.in menu depends on PACKAGE_fwupd-libs, making
FWUPD_PLUGIN_FLASHROM implicitly depend on PACKAGE_fwupd-libs.
But fwupd-libs has a conditional dependency on libflashrom gated
by FWUPD_PLUGIN_FLASHROM, creating a circular dependency.
Fix by removing the depends on PACKAGE_fwupd-libs guard from the
Config.in menu and moving DEPENDS from Package/fwupd/Default into
Package/fwupd-libs directly. The menu options are always visible
in menuconfig but only take effect when fwupd-libs is selected.
Co-developed-by: Florian Eckert <fe@dev.tdt.de>
Signed-off-by: Joshua Klinesmith <joshuaklinesmith@gmail.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Remove PROVIDES from all OVS kernel packages. The provider-
alternation logic in scripts/package-metadata.pl generates
recursive Kconfig dependencies when kmod-openvswitch-intree
provides kmod-openvswitch, because userspace packages
(openvswitch, ovsd, ovn-host) that +depend on kmod-openvswitch
get cross-referenced against the intree provider via
PACKAGE_<provider> < PACKAGE_<requester> conditions.
Verified locally: make defconfig produces zero OVS-related
recursive dependency errors with PROVIDES removed entirely.
The previous selective approach (keeping PROVIDES only for
openvswitch-intree) did not resolve the userspace recursion.
Users must install kmod-openvswitch-intree explicitly instead
of relying on provider alternation.
Fixes: openwrt/openwrt#22664
Signed-off-by: Joshua Klinesmith <joshuaklinesmith@gmail.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Changes since 1.7.0:
- v1.8.0: Add support for custom socket options and improved
proxy handling
- v1.9.0: Fix compatibility with Python 3.12+ deprecations
- Various bug fixes for connection handling and error reporting
Also add test.sh to verify version and core API imports.
Link: https://github.com/websocket-client/websocket-client/blob/master/ChangeLog
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 0.4.4:
- v0.5.0: Improved handling of CTEs and window functions
- v0.5.0: Better token classification for SQL dialects
- v0.5.x: Various bug fixes for edge cases in formatting
and statement splitting
Also add test.sh to verify formatting, splitting, and parsing.
Link: https://github.com/andialbrecht/sqlparse/blob/master/CHANGELOG
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 5.3.1:
- v6.0: Drop Python 3.7 support; add Python 3.12/3.13
- v6.0: TTLCache now uses monotonic time for expiry
- v7.0: Cache classes are now generic (PEP 585 type hints)
- v7.0: New MRUCache (most-recently-used) eviction policy
- Various performance improvements across all cache types
Also add test.sh to verify LRU/LFU/TTL caches and @cached decorator.
Link: https://github.com/tkem/cachetools/blob/master/CHANGELOG.rst
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 1.0.1:
- Support for multi-select list/hash expressions with enhanced
function argument validation
- Minor performance improvements in expression parsing
Also add test.sh to verify field access, wildcards, and filters.
Link: https://github.com/jmespath/jmespath.py/blob/develop/CHANGELOG.rst
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 4.4.2:
- v5.x rewrites the implementation using the standard library
inspect module, dropping the code generation approach
- Signature preservation is now based on functools.wraps internals
- New contextmanager and asynccontextmanager decorator support
- Python 3.8+ required; Python 2 no longer supported
Also add test.sh to verify signature preservation and basic usage.
Link: https://github.com/micheles/decorator/blob/master/CHANGES.md
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
In recent versions of Python, trying to include 'email' also pulls
in urllib from CPython.
So just add it as dependency.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 0.9.0:
- New 'outline' table format
- Support for multi-line cell values in more formats
- Improved alignment for mixed-type columns
- Various bug fixes for edge cases in number formatting
Also add test.sh to verify version and basic table rendering.
Link: https://github.com/astanin/python-tabulate/blob/master/CHANGELOG
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 0.7.5:
- Fix handling of Optional keys with default values
- Improve error messages for nested schema failures
- Various bug fixes and compatibility improvements
Also add test.sh to verify version and data validation API.
Link: https://github.com/keleshev/schema/blob/master/CHANGELOG.rst
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
Changes since 1.2.0:
- Fix compatibility with Python 3.12 deprecation of datetime.utcnow()
- Various minor bug fixes and improvements
Also add test.sh to verify version and core scheduling API.
Link: https://github.com/dbader/schedule/blob/master/CHANGELOG.rst
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
When alt_config_file is set, global_defs() returns before creating
the PID file directory. stunnel then fails to start because it
cannot write its PID file to the nonexistent directory.
Move the PID directory creation and ownership setup above the
alt_config_file early return so it runs regardless of config mode.
Fixes: openwrt/openwrt#28982
Signed-off-by: Joshua Klinesmith <joshuaklinesmith@gmail.com>
Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
