Fix bpo-29528 Use a secure variable to stop spam#13
Merged
vstinner merged 1 commit intopython:masterfrom Feb 11, 2017
Merged
Conversation
If the IRC notification is stored in plaintext, then anyone who forks the repository and also adds it to travis will send notifications to the IRC channel for their fork by default. Since the secure variable is encrypted using a repository specific key, this will only work when it is being built using the correct repository.
vstinner
approved these changes
Feb 11, 2017
paulmon
added a commit
to paulmon/cpython
that referenced
this pull request
Jan 10, 2019
fix importlib and distutils formatting of platform tag for ARM
emmatyping
referenced
this pull request
in emmatyping/cpython
Mar 16, 2020
nanjekyejoannah
added a commit
to nanjekyejoannah/cpython
that referenced
this pull request
Nov 29, 2022
13: warn for hmac and hexlify r=ltratt a=nanjekyejoannah
This PR adds warnings for the following modules:
- `hmac`
- `binascii.hexlify`
- `binascii.b2a_hex`
See the notes below:
1. warn for the 'digest' parameter in hmac in pygrate2
In Python 2:
```
>>> import hashlib
>>> import hmac
>>> string1 = 'firststring'.encode('utf-8')
>>> string2 = 'secondstring'.encode('utf-8')
>>> digest = hmac.new(key=string1, msg=string2, digestmod=hashlib.sha256).digest()
>>> digest = hmac.new(key=string1, msg=string2).digest()
>>>
```
In Python 3:
```
string1 = 'firststring'.encode('utf-8')
>>> string2 = 'secondstring'.encode('utf-8')
>>> digest = hmac.new(key=string1, msg=string2, digestmod=hashlib.sha256).digest()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
NameError: name 'hmac' is not defined
>>> import hashlib
>>> import hmac
>>> digest = hmac.new(key=string1, msg=string2, digestmod=hashlib.sha256).digest()
>>> digest = hmac.new(key=string1, msg=string2).digest()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/usr/local/Cellar/python@3.9/3.9.12_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/hmac.py", line 170, in new
return HMAC(key, msg, digestmod)
File "/usr/local/Cellar/python@3.9/3.9.12_1/Frameworks/Python.framework/Versions/3.9/lib/python3.9/hmac.py", line 56, in __init__
raise TypeError("Missing required parameter 'digestmod'.")
TypeError: Missing required parameter 'digestmod'.
>>>
```
2. Warn for hexlify
In python 2:
```
>>> import codecs
>>> hexlify = codecs.getencoder('hex')
>>> hexlify(b'Blaah')[0]
'426c616168'
>>> import binascii
>>> binascii.hexlify(b'Blaah')
'426c616168'
>>> binascii.hexlify('Blaah')
'426c616168'
>>>
```
In Python 3:
```
>>> import codecs
>>> hexlify = codecs.getencoder('hex')
>>> hexlify(b'Blaah')[0]
b'426c616168'
>>> import binascii
>>> binascii.hexlify(b'Blaah')
b'426c616168'
>>> binascii.hexlify('Blaah')
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
TypeError: a bytes-like object is required, not 'str'
>>>
```
Co-authored-by: Joannah Nanjekye <jnanjekye@python.org>
nanjekyejoannah
added a commit
to nanjekyejoannah/cpython
that referenced
this pull request
Dec 1, 2022
16: Warn for specific thread module methods r=ltratt a=nanjekyejoannah Dont merge until python#13 and python#14 are merged, some helper code cuts across. This replaces python#15 Threading module Notes Python 2: ``` >>> from thread import get_ident >>> from threading import get_ident Traceback (most recent call last): File "<stdin>", line 1, in <module> ImportError: cannot import name get_ident >>> import threading >>> from threading import _get_ident >>> ``` Python 3: ``` >>> from threading import get_ident >>> from thread import get_ident Traceback (most recent call last): File "<stdin>", line 1, in <module> ModuleNotFoundError: No module named 'thread' > ``` **Note:** There is no neutral way of porting Co-authored-by: Joannah Nanjekye <jnanjekye@python.org>
jaraco
pushed a commit
that referenced
this pull request
Dec 2, 2022
oraluben
referenced
this pull request
in oraluben/cpython
Jun 25, 2023
Eclips4
added a commit
to Eclips4/cpython
that referenced
this pull request
Nov 16, 2025
Eclips4
added a commit
to Eclips4/cpython
that referenced
this pull request
Jan 1, 2026
Fix macos builds
gaweng
added a commit
to gaweng/cpython
that referenced
this pull request
Apr 9, 2026
…st round-trips plistlib's _escape() function was normalizing \r\n to \n and \r to \n during XML plist serialization. When the plist was loaded back, the original carriage return characters were lost because expat also normalizes newlines in XML character data. Fix by encoding \r as the XML character reference &python#13; instead of converting it to \n. Character references are not subject to XML newline normalization, so expat correctly decodes &python#13; back to \r, preserving the original data during round-trips.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
If the IRC notification is stored in plaintext, then anyone who forks the repository and also adds it to travis will send notifications to the IRC channel for their fork by default. Since the secure variable is encrypted using a repository specific key, this will only work when it is being built using the correct repository.