Skip to content

Commit c59b1a3

Browse files
MD-Mushfiqur123god032396-del
authored andcommitted
fix: replace deprecated utcnow() with now(timezone.utc)
Replaces all uses of deprecated datetime.datetime.utcnow() with timezone-aware datetime.datetime.now(timezone.utc). Fixes compatibility with Python 3.12+ where utcnow() was removed. Fixes #473 Signed-off-by: god032396-del <god032396@gmail.com>
0 parents  commit c59b1a3

93 files changed

Lines changed: 38890 additions & 0 deletions

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

.coveragerc

Lines changed: 16 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,16 @@
1+
[run]
2+
parallel = true
3+
source =
4+
webob
5+
6+
[paths]
7+
source =
8+
src/webob
9+
*/site-packages/webob
10+
11+
[report]
12+
show_missing = true
13+
precision = 2
14+
15+
[html]
16+
show_contexts = True

.flake8

Lines changed: 36 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,36 @@
1+
# Recommended flake8 settings while editing WebOb, we use Black for the final linting/say in how code is formatted
2+
#
3+
# pip install flake8 flake8-bugbear
4+
#
5+
# This will warn/error on things that black does not fix, on purpose.
6+
#
7+
# Run:
8+
#
9+
# tox -e run-flake8
10+
#
11+
# To have it automatically create and install the appropriate tools, and run
12+
# flake8 across the source code/tests
13+
14+
[flake8]
15+
# max line length is set to 88 in black, here it is set to 80 and we enable bugbear's B950 warning, which is:
16+
#
17+
# B950: Line too long. This is a pragmatic equivalent of pycodestyle’s E501: it
18+
# considers “max-line-length” but only triggers when the value has been
19+
# exceeded by more than 10%. You will no longer be forced to reformat code due
20+
# to the closing parenthesis being one character too far to satisfy the linter.
21+
# At the same time, if you do significantly violate the line length, you will
22+
# receive a message that states what the actual limit is. This is inspired by
23+
# Raymond Hettinger’s “Beyond PEP 8” talk and highway patrol not stopping you
24+
# if you drive < 5mph too fast. Disable E501 to avoid duplicate warnings.
25+
max-line-length = 80
26+
max-complexity = 12
27+
select = E,F,W,C,B,B9
28+
ignore =
29+
# E123 closing bracket does not match indentation of opening bracket’s line
30+
E123
31+
# E203 whitespace before ‘:’ (Not PEP8 compliant, Python Black)
32+
E203
33+
# E501 line too long (82 > 79 characters) (replaced by B950 from flake8-bugbear, https://github.com/PyCQA/flake8-bugbear)
34+
E501
35+
# W503 line break before binary operator (Not PEP8 compliant, Python Black)
36+
W503

.github/dependabot.yml

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,10 @@
1+
# Set update schedule for GitHub Actions
2+
3+
version: 2
4+
updates:
5+
6+
- package-ecosystem: "github-actions"
7+
directory: "/"
8+
schedule:
9+
# Check for updates to GitHub Actions every weekday
10+
interval: "daily"

.github/workflows/ci-tests.yml

Lines changed: 85 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,85 @@
1+
name: Build and test
2+
3+
on:
4+
# Only on pushes to main or one of the release branches we build on push
5+
push:
6+
branches:
7+
- main
8+
- "[0-9].[0-9]+-branch"
9+
tags:
10+
- "*"
11+
# Build pull requests
12+
pull_request:
13+
14+
jobs:
15+
test:
16+
strategy:
17+
# See https://github.com/actions/runner-images
18+
matrix:
19+
py:
20+
- "3.10"
21+
- "3.11"
22+
- "3.12"
23+
- "3.13"
24+
- "3.14"
25+
- "pypy-3.10"
26+
os:
27+
- "ubuntu-24.04" # x64
28+
- "windows-2022" # x64
29+
- "macos-15" # arm64
30+
- "macos-15-intel" # x64
31+
include:
32+
- os: "ubuntu-24.04"
33+
pytest-args: "--cov"
34+
- py: "pypy-3.10"
35+
toxenv: "pypy310"
36+
pytest-args: ""
37+
38+
name: "Python: ${{ matrix.py }} on ${{ matrix.os }}"
39+
runs-on: ${{ matrix.os }}
40+
steps:
41+
- uses: actions/checkout@v6
42+
- name: Setup uv
43+
uses: astral-sh/setup-uv@v7
44+
with:
45+
python-version: ${{ matrix.py }}
46+
- name: Running tox with specific toxenv
47+
if: ${{ matrix.toxenv != '' }}
48+
env:
49+
TOXENV: ${{ matrix.toxenv }}
50+
run: uvx tox
51+
- name: Running tox for current python version
52+
if: ${{ matrix.toxenv == '' }}
53+
run: uvx tox -e py -- ${{ matrix.pytest-args }}
54+
55+
coverage:
56+
runs-on: ubuntu-24.04
57+
name: Validate coverage
58+
steps:
59+
- uses: actions/checkout@v6
60+
- name: Setup uv
61+
uses: astral-sh/setup-uv@v7
62+
with:
63+
python-version: "3.14"
64+
- run: uvx tox -e py314,coverage
65+
docs:
66+
runs-on: ubuntu-24.04
67+
name: Build the documentation
68+
steps:
69+
- uses: actions/checkout@v6
70+
- name: Setup uv
71+
uses: astral-sh/setup-uv@v7
72+
with:
73+
python-version: "3.14"
74+
- run: uvx tox -e docs
75+
lint:
76+
runs-on: ubuntu-24.04
77+
name: Lint the package
78+
steps:
79+
- uses: actions/checkout@v6
80+
- name: Setup uv
81+
uses: astral-sh/setup-uv@v7
82+
with:
83+
python-version: "3.14"
84+
- run: uvx tox -e lint
85+

.gitignore

Lines changed: 20 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,20 @@
1+
*$py.class
2+
*.egg
3+
*.pyc
4+
*.pyo
5+
*.swp
6+
*~
7+
.*.swp
8+
.tox/
9+
__pycache__/
10+
_build/
11+
build/
12+
dist/
13+
env*/
14+
.coverage
15+
.coverage.*
16+
.cache/
17+
WebOb.egg-info/
18+
pytest*.xml
19+
coverage*.xml
20+
.pytest_cache/

.readthedocs.yaml

Lines changed: 14 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,14 @@
1+
# https://docs.readthedocs.io/en/stable/config-file/v2.html
2+
version: 2
3+
build:
4+
os: ubuntu-22.04
5+
tools:
6+
python: '3.12'
7+
sphinx:
8+
configuration: docs/conf.py
9+
python:
10+
install:
11+
- method: pip
12+
path: .
13+
extra_requirements:
14+
- docs

CHANGES.txt

Lines changed: 120 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,120 @@
1+
Unreleased
2+
----------
3+
4+
Security Fix
5+
~~~~~~~~~~~~
6+
7+
- The use of WebOb's Response object to redirect a request to a new location
8+
can lead to an open redirect if the Location header is not a full URI.
9+
10+
See https://github.com/Pylons/webob/security/advisories/GHSA-mg3v-6m49-jhp3
11+
and CVE-2024-42353
12+
13+
Thanks to Sara Gao for the report
14+
15+
(This fix was released in WebOb 1.8.8)
16+
17+
Feature
18+
~~~~~~~
19+
20+
- Rename "master" git branch to "main"
21+
22+
- Add support for Python 3.12.
23+
24+
- Add support for Python 3.13.
25+
26+
- Add support for Python 3.14.
27+
28+
- Add Request.remote_host, exposing REMOTE_HOST environment variable.
29+
30+
- Added ``acceptparse.Accept.parse_offer`` to codify what types of offers
31+
are compatible with ``acceptparse.AcceptValidHeader.acceptable_offers``,
32+
``acceptparse.AcceptMissingHeader.acceptable_offers``, and
33+
``acceptparse.AcceptInvalidHeader.acceptable_offers``. This API also
34+
normalizes the offer with lowercased type/subtype and parameter names.
35+
See https://github.com/Pylons/webob/pull/376 and
36+
https://github.com/Pylons/webob/pull/379
37+
38+
Compatibility
39+
~~~~~~~~~~~~~
40+
41+
42+
Backwards Incompatibilities
43+
~~~~~~~~~~~~~~~~~~~~~~~~~~~
44+
45+
- Drop support for Python 2.7, 3.4, 3.5, 3.6, 3.7, 3.8 and 3.9
46+
47+
Experimental Features
48+
~~~~~~~~~~~~~~~~~~~~~
49+
50+
- The SameSite value now includes a new option named "None", this is a new
51+
change that was introduced in
52+
https://tools.ietf.org/html/draft-west-cookie-incrementalism-00
53+
54+
Please be aware that older clients are incompatible with this change:
55+
https://www.chromium.org/updates/same-site/incompatible-clients, WebOb does
56+
not enable SameSite on cookies by default, so there is no backwards
57+
incompatible change here.
58+
59+
See https://github.com/Pylons/webob/issues/406
60+
61+
- Validation of SameSite values can be disabled by toggling a module flag. This
62+
is in anticipation of future changes in evolving cookie standards.
63+
The discussion in https://github.com/Pylons/webob/pull/407 (which initially
64+
expanded the allowed options) notes the sudden change to browser cookie
65+
implementation details may happen again.
66+
67+
In May 2019, Google announced a new model for privacy controls in their
68+
browsers, which affected the list of valid options for the SameSite attribute
69+
of cookies. In late 2019, the company began to roll out these changes to their
70+
browsers to force developer adoption of the new specification.
71+
See https://www.chromium.org/updates/same-site and
72+
https://blog.chromium.org/2019/10/developers-get-ready-for-new.html for more
73+
details on this change.
74+
75+
See https://github.com/Pylons/webob/pull/409
76+
77+
78+
Bugfix
79+
~~~~~~
80+
81+
- Response.content_type now accepts unicode strings on Python 2 and encodes
82+
them to latin-1. See https://github.com/Pylons/webob/pull/389 and
83+
https://github.com/Pylons/webob/issues/388
84+
85+
- Accept header classes now support a .copy() function that may be used to
86+
create a copy. This allows ``create_accept_header`` and other like functions
87+
to accept an pre-existing Accept header. See
88+
https://github.com/Pylons/webob/pull/386 and
89+
https://github.com/Pylons/webob/issues/385
90+
91+
- SameSite may now be passed as str or bytes to `Response.set_cookie` and
92+
`cookies.make_cookie`. This was an oversight as all other arguments would be
93+
correctly coerced before being serialized. See
94+
https://github.com/Pylons/webob/issues/361 and
95+
https://github.com/Pylons/webob/pull/362
96+
97+
- acceptparse.MIMEAccept which is deprecated in WebOb 1.8.0 made a backwards
98+
incompatible change that led to it raising on an invalid Accept header. This
99+
behaviour has now been reversed, as well as some other fixes to allow
100+
MIMEAccept to behave more like the old version. See
101+
https://github.com/Pylons/webob/pull/356
102+
103+
- ``acceptparse.AcceptValidHeader``, ``acceptparse.AcceptInvalidHeader``, and
104+
``acceptparse.AcceptNoHeader`` will now always ignore offers that do not
105+
match the required media type grammar when calling ``.acceptable_offers()``.
106+
Previous versions raised a ``ValueError`` for invalid offers in
107+
``AcceptValidHeader`` and returned them as acceptable in the others.
108+
See https://github.com/Pylons/webob/pull/372
109+
110+
- ``Response.body_file.write`` and ``Response.write`` now returns the written
111+
length. See https://github.com/Pylons/webob/pull/422
112+
113+
Warnings
114+
~~~~~~~~
115+
116+
- Some backslashes introduced with the new accept handling code were causing
117+
DeprecationWarnings upon compiling the source to pyc files, all of the
118+
backslashes have been reigned in as appropriate, and users should no longer
119+
see DeprecationWarnings for invalid escape sequence. See
120+
https://github.com/Pylons/webob/issues/384

0 commit comments

Comments
 (0)