All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1
@ 2020-09-30  7:32 Michael Nosthoff
  2020-09-30 19:36 ` Thomas Petazzoni
  2020-09-30 19:56 ` Yann E. MORIN
  0 siblings, 2 replies; 4+ messages in thread
From: Michael Nosthoff @ 2020-09-30  7:32 UTC (permalink / raw)
  To: buildroot

Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
---
 package/python-werkzeug/python-werkzeug.hash | 6 +++---
 package/python-werkzeug/python-werkzeug.mk   | 4 ++--
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/package/python-werkzeug/python-werkzeug.hash b/package/python-werkzeug/python-werkzeug.hash
index cc90fe140b..1d6de8a0c7 100644
--- a/package/python-werkzeug/python-werkzeug.hash
+++ b/package/python-werkzeug/python-werkzeug.hash
@@ -1,5 +1,5 @@
 # md5, sha256 from https://pypi.org/pypi/werkzeug/json
-md5	5b23b4953efc4f52b1d0b33af6f7cd2d  Werkzeug-0.16.0.tar.gz
-sha256	7280924747b5733b246fe23972186c6b348f9ae29724135a6dfc1e53cea433e7  Werkzeug-0.16.0.tar.gz
+md5  5d499cfdd30de5d9c946994783772efd  Werkzeug-1.0.1.tar.gz
+sha256  6c80b1e5ad3665290ea39320b91e1be1e0d5f60652b964a3070216de83d2e47c  Werkzeug-1.0.1.tar.gz
 # Locally computed sha256 checksums
-sha256	3b49dcee4105eb37bac10faf1be260408fe85d252b8e9df2e0979fc1e094437b  LICENSE.rst
+sha256  3b49dcee4105eb37bac10faf1be260408fe85d252b8e9df2e0979fc1e094437b  LICENSE.rst
diff --git a/package/python-werkzeug/python-werkzeug.mk b/package/python-werkzeug/python-werkzeug.mk
index fea25f8ee8..1013f8af80 100644
--- a/package/python-werkzeug/python-werkzeug.mk
+++ b/package/python-werkzeug/python-werkzeug.mk
@@ -4,9 +4,9 @@
 #
 ################################################################################
 
-PYTHON_WERKZEUG_VERSION = 0.16.0
+PYTHON_WERKZEUG_VERSION = 1.0.1
 PYTHON_WERKZEUG_SOURCE = Werkzeug-$(PYTHON_WERKZEUG_VERSION).tar.gz
-PYTHON_WERKZEUG_SITE = https://files.pythonhosted.org/packages/5e/fd/eb19e4f6a806cd6ee34900a687f181001c7a0059ff914752091aba84681f
+PYTHON_WERKZEUG_SITE = https://files.pythonhosted.org/packages/10/27/a33329150147594eff0ea4c33c2036c0eadd933141055be0ff911f7f8d04
 PYTHON_WERKZEUG_SETUP_TYPE = setuptools
 PYTHON_WERKZEUG_LICENSE = BSD-3-Clause
 PYTHON_WERKZEUG_LICENSE_FILES = LICENSE.rst
-- 
2.25.1

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1
  2020-09-30  7:32 [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1 Michael Nosthoff
@ 2020-09-30 19:36 ` Thomas Petazzoni
  2020-09-30 19:56 ` Yann E. MORIN
  1 sibling, 0 replies; 4+ messages in thread
From: Thomas Petazzoni @ 2020-09-30 19:36 UTC (permalink / raw)
  To: buildroot

On Wed, 30 Sep 2020 09:32:03 +0200
Michael Nosthoff via buildroot <buildroot@busybox.net> wrote:

> Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
> ---
>  package/python-werkzeug/python-werkzeug.hash | 6 +++---
>  package/python-werkzeug/python-werkzeug.mk   | 4 ++--
>  2 files changed, 5 insertions(+), 5 deletions(-)

Applied to master, thanks.

Thomas
-- 
Thomas Petazzoni, CTO, Bootlin
Embedded Linux and Kernel engineering
https://bootlin.com

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1
  2020-09-30  7:32 [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1 Michael Nosthoff
  2020-09-30 19:36 ` Thomas Petazzoni
@ 2020-09-30 19:56 ` Yann E. MORIN
  2020-10-02  9:50   ` Michael Nosthoff
  1 sibling, 1 reply; 4+ messages in thread
From: Yann E. MORIN @ 2020-09-30 19:56 UTC (permalink / raw)
  To: buildroot

Michael, All,

On 2020-09-30 09:32 +0200, Michael Nosthoff via buildroot spake thusly:
> Signed-off-by: Michael Nosthoff <buildroot@heine.tech>
> ---
>  package/python-werkzeug/python-werkzeug.hash | 6 +++---
>  package/python-werkzeug/python-werkzeug.mk   | 4 ++--
>  2 files changed, 5 insertions(+), 5 deletions(-)
> 
> diff --git a/package/python-werkzeug/python-werkzeug.hash b/package/python-werkzeug/python-werkzeug.hash
> index cc90fe140b..1d6de8a0c7 100644
> --- a/package/python-werkzeug/python-werkzeug.hash
> +++ b/package/python-werkzeug/python-werkzeug.hash
> @@ -1,5 +1,5 @@
>  # md5, sha256 from https://pypi.org/pypi/werkzeug/json
> -md5	5b23b4953efc4f52b1d0b33af6f7cd2d  Werkzeug-0.16.0.tar.gz
> -sha256	7280924747b5733b246fe23972186c6b348f9ae29724135a6dfc1e53cea433e7  Werkzeug-0.16.0.tar.gz
> +md5  5d499cfdd30de5d9c946994783772efd  Werkzeug-1.0.1.tar.gz
> +sha256  6c80b1e5ad3665290ea39320b91e1be1e0d5f60652b964a3070216de83d2e47c  Werkzeug-1.0.1.tar.gz
>  # Locally computed sha256 checksums
> -sha256	3b49dcee4105eb37bac10faf1be260408fe85d252b8e9df2e0979fc1e094437b  LICENSE.rst
> +sha256  3b49dcee4105eb37bac10faf1be260408fe85d252b8e9df2e0979fc1e094437b  LICENSE.rst
> diff --git a/package/python-werkzeug/python-werkzeug.mk b/package/python-werkzeug/python-werkzeug.mk
> index fea25f8ee8..1013f8af80 100644
> --- a/package/python-werkzeug/python-werkzeug.mk
> +++ b/package/python-werkzeug/python-werkzeug.mk
> @@ -4,9 +4,9 @@
>  #
>  ################################################################################
>  
> -PYTHON_WERKZEUG_VERSION = 0.16.0
> +PYTHON_WERKZEUG_VERSION = 1.0.1

It's been pointed out on IRC that "there were a number of breaking
changes in that jump", further pointing to the release notes:

    https://werkzeug.palletsprojects.com/en/1.0.x/changes/#version-1-0-0

We have two packages in Buildroot, that use werkzeug: crossbar and
flask.

Could you investigate how they are both impacted, if at all, by this
bump, please?

Note that your patch has already been applied, and we'd like to know
if we also need to update crossbar or flask, or if we need to revert.

Regards,
Yann E. MORIN.

>  PYTHON_WERKZEUG_SOURCE = Werkzeug-$(PYTHON_WERKZEUG_VERSION).tar.gz
> -PYTHON_WERKZEUG_SITE = https://files.pythonhosted.org/packages/5e/fd/eb19e4f6a806cd6ee34900a687f181001c7a0059ff914752091aba84681f
> +PYTHON_WERKZEUG_SITE = https://files.pythonhosted.org/packages/10/27/a33329150147594eff0ea4c33c2036c0eadd933141055be0ff911f7f8d04
>  PYTHON_WERKZEUG_SETUP_TYPE = setuptools
>  PYTHON_WERKZEUG_LICENSE = BSD-3-Clause
>  PYTHON_WERKZEUG_LICENSE_FILES = LICENSE.rst
> -- 
> 2.25.1
> 
> _______________________________________________
> buildroot mailing list
> buildroot at busybox.net
> http://lists.busybox.net/mailman/listinfo/buildroot

-- 
.-----------------.--------------------.------------------.--------------------.
|  Yann E. MORIN  | Real-Time Embedded | /"\ ASCII RIBBON | Erics' conspiracy: |
| +33 662 376 056 | Software  Designer | \ / CAMPAIGN     |  ___               |
| +33 561 099 427 `------------.-------:  X  AGAINST      |  \e/  There is no  |
| http://ymorin.is-a-geek.org/ | _/*\_ | / \ HTML MAIL    |   v   conspiracy.  |
'------------------------------^-------^------------------^--------------------'

^ permalink raw reply	[flat|nested] 4+ messages in thread
* [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1
  2020-09-30 19:56 ` Yann E. MORIN
@ 2020-10-02  9:50   ` Michael Nosthoff
  0 siblings, 0 replies; 4+ messages in thread
From: Michael Nosthoff @ 2020-10-02  9:50 UTC (permalink / raw)
  To: buildroot

Hi Yann,

On 30.09.2020 21:56, Yann E. MORIN wrote:
> Michael, All,
> 
>>  #
>>  ################################################################################
>>  
>> -PYTHON_WERKZEUG_VERSION = 0.16.0
>> +PYTHON_WERKZEUG_VERSION = 1.0.1
> 
> It's been pointed out on IRC that "there were a number of breaking
> changes in that jump", further pointing to the release notes:
> 
>     https://werkzeug.palletsprojects.com/en/1.0.x/changes/#version-1-0-0
> 
> We have two packages in Buildroot, that use werkzeug: crossbar and
> flask.
> 
> Could you investigate how they are both impacted, if at all, by this
> bump, please?
> 
> Note that your patch has already been applied, and we'd like to know
> if we also need to update crossbar or flask, or if we need to revert.
> 


We already discussed this on IRC. But for documentation a short write-up:

Werkzeug 1.0.1 was released on 2020-03-31.

Flask in BR is on 1.1.2 which was released on 2020-04-03
Crossbar in BR is on  20.4.2 released on 2020-04-14

So both releases were after the Werkzeug Release and for Flask we even
are on the latest version.

I can't say much about crossbar as I don't use it. But at least their
issue tracker [0] and their changelog [1] have no mentions of any
Werkzeug related issues.


For Flask I can say: the package itself works fine on my target.

Things that actually broke:

* my local package for flask-wtf which could be fixed with a version bump.

* my own code using flask which I had to update. Werkzeug 0.16.0 shows
deprecation warnings like

DeprecationWarning: The import 'werkzeug.secure_filename' is deprecated
and will be removed in Werkzeug 1.0. Use 'from werkzeug.utils import
secure_filename' instead.

but running in gunicorn they are lost somewhere...

So it might be an issue for some user code or external packages but the
depending packages seem to be fine.

Bonus: I actually found some other deprecations my code uses from other
packages while checking this ;)

Regards,
Michael

[0] https://github.com/crossbario/crossbar/issues?q=is%3Aissue+werkzeug
[1] https://crossbar.io/docs/changelog/

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-10-02  9:50 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-30  7:32 [Buildroot] [PATCH] package/python-werkzeug: bump version to 1.0.1 Michael Nosthoff
2020-09-30 19:36 ` Thomas Petazzoni
2020-09-30 19:56 ` Yann E. MORIN
2020-10-02  9:50   ` Michael Nosthoff

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.