| Age | Commit message (Collapse) | Author |
|---|
|
The GitHub dependabot tool has reported a "medium" priority bug
CVE-2026-22701, with this package. Update to the patched version.
Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <[email protected]>
|
|
The GitHub dependabot tool has reported a "medium" priority bug
CVE-2025-68146, with this package. Update to the patched version.
Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <[email protected]>
|
|
Our pytest package was pinned to a release from 2021. The minimum
compatible with labgrid v25.0.x is pytest 7.0.0. Update to the current
relase which is currently 8.4.2
Signed-off-by: Tom Rini <[email protected]>
|
|
Add tests for the exfat filesystem. These tests are largely an
extension of the FS_GENERIC tests with the following notable
exceptions.
The filesystem image for exfat tests is generated using combination
of exfatprogs mkfs.exfat and python fattools. The fattols are capable
of generating exfat filesystem images too, but this is not used, the
fattools are only used as a replacement for dosfstools 'mcopy' and
'mdir', which are used to insert files and directories into existing
fatfs images and list existing fatfs images respectively, without the
need for superuser access to mount such images.
The exfat filesystem has no filesystem specific command, there is only
the generic filesystem command interface, therefore check_ubconfig()
has to special case exfat and skip check for CONFIG_CMD_EXFAT and
instead check for CONFIG_FS_EXFAT.
Signed-off-by: Marek Vasut <[email protected]>
|
|
Use the "pipreqs" tool to re-create these files, with a few manual
corrections. We still need to include pytest-xdist which the tool does
not detect. We also for now don't upgrade most of the required tools as
that creates problems with various tests, which should be resolved
independently.
Signed-off-by: Tom Rini <[email protected]>
|
|
In order to build the docker container, which contains a download cache
of python modules, we need to have our versions be in sync in each
requirements file. Update some of the cases where which are older than
the rest of the project.
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
There is some potential security issue resolved by upgrading to v70.0.0
here and the latest is now v70.3.0.
Reported-by: GitHub dependabot
Suggested-by: Sebastian Kropatsch <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
A security issue exists with zipp before v3.19.1, and the current
release is now v3.19.2. While the change in versions numbers is large, a
manual inspection of the changelog shows that it's not as big as might
be implied.
Reported-by: GitHub dependabot
Reviewed-by: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
The issue described in https://github.com/psf/requests/pull/6655 has
been assigned as a security issue. While unlikely to be exploited in our
usage, update to the current release to fix it. Furthermore, upstream
has now moved on to v2.23.2 as the release to use which has all of the
issues resolved.
Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <[email protected]>
|
|
Update pygit2 and py to their latest versions. Even in the venv pygit2
still links against the system libgit2 library which is failing on
latest Arch Linux.
The py library also needs updating to fix a KeyNotFound exception during
test initialisation.
Signed-off-by: Caleb Connolly <[email protected]>
|
|
Update packaging to be version 23.2 to match our Sphinx requirements.
This will let us build a pip cache out of both of our requirements.txt
files.
Signed-off-by: Tom Rini <[email protected]>
|
|
The version of pycryptodomex that we use is vulnerable to this CVE.
While not likely an issue for us, let us upgrade to be on the safe side.
Reported-by: GitHub dependabot
Signed-off-by: Tom Rini <[email protected]>
|
|
Per GitHub Dependabot:
- Use setuptools 65.5.1 to avoid some DoS issue
- Use requests 2.31.0 to avoid leaking some proxy information
Signed-off-by: Tom Rini <[email protected]>
Tested-by: Heinrich Schuchardt <[email protected]>
|
|
In order to better make use of pip caches, and also for better overall
consistency, we should use the same versions of packages in each of our
python requirements files. Update pytest to use the newer versions of
packages we use in sphinx builds.
Signed-off-by: Tom Rini <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
This allows tests to run in parallel and speeds up some tests markedly,
particularly with binman. Add it to the requirements.
Signed-off-by: Simon Glass <[email protected]>
|
|
The version used on Ubuntu 2022.04 produces a number of warnings:
/usr/lib/python3/dist-packages/pkg_resources/__init__.py:116:
PkgResourcesDeprecationWarning: 1.16.0-unknown is an invalid version
and will not be supported in a future release
Same with: 0.1.43ubuntu1 11.4.1ubuntu1 2.22.1ubuntu1 1.1build1
According to [1] this is a bug in setuptools. Employ the workaround for
now.
[1] https://askubuntu.com/questions/1406952/what-is-the-meaning-of-this-
pkgresourcesdeprecationwarning-warning-from-pipenv
Signed-off-by: Simon Glass <[email protected]>
|
|
At present when -n is used, all workers try to build U-Boot at once.
Add a lock to ensure that only one of them builds, with the others using
the build that is produced.
The lock file is removed on startup.
Signed-off-by: Simon Glass <[email protected]>
|
|
- We now have a new enough sbsigntools in the distro, stop building.
- Use the 20220801 tag for Jammy.
- Move to pygit2 1.9.2 (current version) as the old one doesn't build on
"Jammy".
- Add the working directory to the list of safe directories for git.
- Move to pytest 6.2.5 to address other issues.
- This move exposed a number of minor issues in the existing scripts we
used within CI to perform the jobs themselves. The most notable changes
here involve using 'set +e / set -e' to enforce when we should or should
not make non-zero buildman status be a fatal error.
Signed-off-by: Tom Rini <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
As explained upstream:
https://github.com/untitaker/python-atomicwrites/issues/61 there is no
longer a 1.3.0 version but the API is unchanged. Move to 1.4.1.
Signed-off-by: Tom Rini <[email protected]>
|
|
The patman tests require the requests module, add it.
Cc: Simon Glass <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Bump our py version to 1.10.0 to address CVE-2020-29651.
Reported-by: GitHub dependabot
Reported-by: Ley Foon Tan <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
We wish to use pycryptodomex to verify code paths involving ECDSA
signatures. Add it to requirements.txt so that they get picked up
automatically .gitlab and .azure tasks
Signed-off-by: Alexandru Gagniuc <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
The latest versions of pygit2 are not available in practically any
distribution at this time. Furthermore, we don't need the latest in
order to run all of our testsuites. Reduce this version requirement to
something older that meets our needs while still supporting running our
tests on older hosts (and so, test labs).
Reported-by: Tom Warren <[email protected]>
Signed-off-by: Tom Rini <[email protected]>
|
|
Add pygit2 and pyelftools to the list of packages for virtualenv
needed to run all sets of pytests.This fixes warnings like:
binman.elf_test.TestElf.testDecodeElf (subunit.RemotedTestCase):
Python elftools not available
Signed-off-by: Igor Opaniuk <[email protected]>
Reviewed-by: Simon Glass <[email protected]>
|
|
To be more closely aligned with Python community best practices, we need
to better document our usage of pip and make use of a requirements.txt
file that shows the versions of the tools that we are using. This will
aide in ensuring reproducibility of our tests as well.
Reviewed-by: Simon Glass <[email protected]>
Tested-by: Stephen Warren <[email protected]>
Tested-by: Simon Glass <[email protected]> [on sandbox]
Signed-off-by: Tom Rini <[email protected]>
|
