[Checkins] [zopefoundation/RestrictedPython] 2aa90e: Safer getattr (#143)

Michael Howitz noreply at github.com
Fri Feb 8 11:34:57 CET 2019 

  Branch: refs/heads/py38
  Home:   https://github.com/zopefoundation/RestrictedPython
  Commit: 2aa90e989f0048d2e4c266d92cfc12be74120726
      https://github.com/zopefoundation/RestrictedPython/commit/2aa90e989f0048d2e4c266d92cfc12be74120726
  Author: Alexander Loechel <loechel at users.noreply.github.com>
  Date:   2018-10-29 (Mon, 29 Oct 2018)

  Changed paths:
    M .gitignore
    M README.rst
    M docs/CHANGES.rst
    M docs/RestrictedPython4/index.rst
    M docs/idea.rst
    M docs/index.rst
    M docs/old_README.rst
    M docs/upgrade/index.rst
    M docs/upgrade_dependencies/index.rst
    M docs/usage/api.rst
    M docs/usage/basic_usage.rst
    M docs/usage/policy.rst
    M src/RestrictedPython/Guards.py
    M src/RestrictedPython/__init__.py
    M tests/test_Guards.py
    M tests/test_compile_restricted_function.py
    M tests/test_iterating_over_dict_items.py

  Log Message:
  -----------
  Safer getattr (#143)

* idea for fixing bug #142

* add tests and fix problems

* Fix README:

The wrong usage of `safe_builtins` allows access to the Python built-in
`getattr` allowing all sorts of access.

* Fix wrong usage of `safe_builtins` in tests.

* Do not provide a default `getattr` implementation.

And simplify and correct the test.

* Use and document `safe_globals`.

* Document `safer_getattr`.

* Add change log entry.

[skip ci]

* more documentation changes

* more documentation fixes


  Commit: df404cb217956f8a3842fc5ac1bfb620652e1538
      https://github.com/zopefoundation/RestrictedPython/commit/df404cb217956f8a3842fc5ac1bfb620652e1538
  Author: Michael Howitz <mh at gocept.com>
  Date:   2018-10-30 (Tue, 30 Oct 2018)

  Changed paths:
    M setup.py

  Log Message:
  -----------
  Fix URL.


  Commit: 5e3f5cd9ccc971f95dd3b87533b6fe5fca8a9da8
      https://github.com/zopefoundation/RestrictedPython/commit/5e3f5cd9ccc971f95dd3b87533b6fe5fca8a9da8
  Author: Michael Howitz <mh at gocept.com>
  Date:   2018-10-30 (Tue, 30 Oct 2018)

  Changed paths:
    M docs/CHANGES.rst
    M setup.py

  Log Message:
  -----------
  Preparing release 4.0b7


  Commit: 90a5211b99a622931f7b7380b1919032f01d5340
      https://github.com/zopefoundation/RestrictedPython/commit/90a5211b99a622931f7b7380b1919032f01d5340
  Author: Michael Howitz <mh at gocept.com>
  Date:   2018-10-30 (Tue, 30 Oct 2018)

  Changed paths:
    M docs/CHANGES.rst
    M setup.py

  Log Message:
  -----------
  Back to development: 4.0b8


  Commit: 1e28717b99375811655dab4f92579f7d6fb02d57
      https://github.com/zopefoundation/RestrictedPython/commit/1e28717b99375811655dab4f92579f7d6fb02d57
  Author: Alexander Loechel <loechel at users.noreply.github.com>
  Date:   2018-11-07 (Wed, 07 Nov 2018)

  Changed paths:
    M appveyor.yml
    M setup.py
    M tox.ini

  Log Message:
  -----------
  lint config (#146)

* make the isort explicite check result ignored, as that is also in the flake8 check via flake8-isort, so we always got the full problem list. 
* fix one linting issue in setup.py
* fix a missing quote in appveyor config


  Commit: c7a90b46c9dabe6da135434da9d694e673d93c42
      https://github.com/zopefoundation/RestrictedPython/commit/c7a90b46c9dabe6da135434da9d694e673d93c42
  Author: Marius Gedminas <marius at gedmin.as>
  Date:   2019-02-07 (Thu, 07 Feb 2019)

  Changed paths:
    M appveyor.yml

  Log Message:
  -----------
  There's no Python 3.8 on Appveyor (#148)

* There's no Python 3.8 on Appveyor

https://www.appveyor.com/docs/windows-images-software/#python does not
list Python 3.8 as an available version.

Having it listed in appveyor.yml confuses tools like my
check-python-versions, as they detect an inconsistency between supported
Python versions listed in appveyor.yml with those listed eg. in
setup.py.

* Simplify appveyor.yml

I don't know what these PROFILE/PYTHON_VERSION environment variables are
supposed to be (or why PYTHON_VERSION is 3.6 for three different values
of PROFILE=py3{5,6,7}-conventions), but python -V reports the same "2.7.15"
version for all four of these jobs.

I see no reason to run the same set of tox jobs on the same Python
version four times (while incorrectly claiming they use different Python
versions).


  Commit: 23833bea226c58c51034e03337f101c337268e19
      https://github.com/zopefoundation/RestrictedPython/commit/23833bea226c58c51034e03337f101c337268e19
  Author: Michael Howitz <mh at gocept.com>
  Date:   2019-02-08 (Fri, 08 Feb 2019)

  Changed paths:
    M .gitignore
    M README.rst
    M appveyor.yml
    M docs/CHANGES.rst
    M docs/RestrictedPython4/index.rst
    M docs/idea.rst
    M docs/index.rst
    M docs/old_README.rst
    M docs/upgrade/index.rst
    M docs/upgrade_dependencies/index.rst
    M docs/usage/api.rst
    M docs/usage/basic_usage.rst
    M docs/usage/policy.rst
    M setup.py
    M src/RestrictedPython/Guards.py
    M src/RestrictedPython/__init__.py
    M tests/test_Guards.py
    M tests/test_compile_restricted_function.py
    M tests/test_iterating_over_dict_items.py
    M tox.ini

  Log Message:
  -----------
  Merge branch 'master' into py38


Compare: https://github.com/zopefoundation/RestrictedPython/compare/4b7b06dce468...23833bea226c

More information about the checkins mailing list