Uh oh!
There was an error while loading.Please reload this page.
- Notifications
You must be signed in to change notification settings - Fork938
Better document env_case test/fixture and cwd#1657
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.
Already on GitHub?Sign in to your account
Uh oh!
There was an error while loading.Please reload this page.
Conversation
This expands and adds comments intest_it_avoids_upcasing_unrelated_environment_variable_names andits supporting fixture env_case.py so it is clear exactly what isbeing tested and how/why the test works to test it.
To better focus on the key information.
This frames the reentrancy claim in terms of what is similar to anddifferent from contextlib.chdir (which we would just use, but it isonly available on Python 3.11 and later).
Thanks again for your tremendous help! I appreciate these improvements and confirm that they make clearer what's happening. It's a bit sad that we don't have a general-purpose bug-tracker yet that we can refer to in a self-contained fashion (maybe similar to
I'd never ask that as I believe that any
That's extremely diligent of you, but even if there would have been a chance for test-failure, it's fine if CI detects it first. It's a tool and ideally, it saves some time as well. |
EliahKagan commentedSep 13, 2023 • edited
Loading Uh oh!
There was an error while loading.Please reload this page.
edited
Uh oh!
There was an error while loading.Please reload this page.
I'm a big fan of discovering test failures through CI only. The issue, here, is that the #1635 (CVE-2023-40590) and#1646 only affected GitPython on native Windows builds of Although the reported case of#1646 mattered because of how it broke Cygwin When I found that out, I wasbriefly worriedCVE-2023-40590 might not be fully patched. In#1636, I had committed the fix and then the test, and mistakenly assumed--based on my local verification, which was with native Windows, not Cygwin--that CI would have shown a test failure if I had committed and pushed them in the other order. The regression test introduced in#1636 (which is now verifying the modified fix as of#1650) covers both true and false cases of So if GitPython on Cygwin Note thatCVE-2023-40590did affect MinGW |
[](https://renovatebot.com)This PR contains the following updates:| Package | Change | Age | Adoption | Passing | Confidence ||---|---|---|---|---|---|| [GitPython](https://togithub.com/gitpython-developers/GitPython) |`==3.1.36` -> `==3.1.37` |[](https://docs.renovatebot.com/merge-confidence/)|[](https://docs.renovatebot.com/merge-confidence/)|[](https://docs.renovatebot.com/merge-confidence/)|[](https://docs.renovatebot.com/merge-confidence/)|---### Release Notes<details><summary>gitpython-developers/GitPython (GitPython)</summary>###[`v3.1.37`](https://togithub.com/gitpython-developers/GitPython/releases/tag/3.1.37):- a proper fixCVE-2023-41040[CompareSource](https://togithub.com/gitpython-developers/GitPython/compare/3.1.36...3.1.37)#### What's Changed- Improve Python version and OS compatibility, fixing deprecations by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1654](https://togithub.com/gitpython-developers/GitPython/pull/1654)- Better document env_case test/fixture and cwd by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1657](https://togithub.com/gitpython-developers/GitPython/pull/1657)- Remove spurious executable permissions by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1658](https://togithub.com/gitpython-developers/GitPython/pull/1658)- Fix up checks in Makefile and make them portable by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1661](https://togithub.com/gitpython-developers/GitPython/pull/1661)- Fix URLs that were redirecting to another license by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1662](https://togithub.com/gitpython-developers/GitPython/pull/1662)- Assorted small fixes/improvements to root dir docs by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1663](https://togithub.com/gitpython-developers/GitPython/pull/1663)- Use venv instead of virtualenv in test_installation by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1664](https://togithub.com/gitpython-developers/GitPython/pull/1664)- Omit py_modules in setup by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1665](https://togithub.com/gitpython-developers/GitPython/pull/1665)- Don't track code coverage temporary files by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1666](https://togithub.com/gitpython-developers/GitPython/pull/1666)- Configure tox by [@​EliahKagan](https://togithub.com/EliahKagan)in[https://github.com/gitpython-developers/GitPython/pull/1667](https://togithub.com/gitpython-developers/GitPython/pull/1667)- Format tests with black and auto-exclude untracked paths by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1668](https://togithub.com/gitpython-developers/GitPython/pull/1668)- Upgrade and broaden flake8, fixing style problems and bugs by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1673](https://togithub.com/gitpython-developers/GitPython/pull/1673)- Fix rollback bug in SymbolicReference.set_reference by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1675](https://togithub.com/gitpython-developers/GitPython/pull/1675)- Remove `@NoEffect` annotations by[@​EliahKagan](https://togithub.com/EliahKagan) in[https://github.com/gitpython-developers/GitPython/pull/1677](https://togithub.com/gitpython-developers/GitPython/pull/1677)- Add more checks for the validity of refnames by[@​facutuesca](https://togithub.com/facutuesca) in[https://github.com/gitpython-developers/GitPython/pull/1672](https://togithub.com/gitpython-developers/GitPython/pull/1672)**Full Changelog**:gitpython-developers/GitPython@3.1.36...3.1.37</details>---### Configuration📅 **Schedule**: Branch creation - At any time (no schedule defined),Automerge - At any time (no schedule defined).🚦 **Automerge**: Enabled.♻ **Rebasing**: Whenever PR becomes conflicted, or you tick therebase/retry checkbox.🔕 **Ignore**: Close this PR and you won't be reminded about this updateagain.---- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, checkthis box---This PR has been generated by [MendRenovate](https://www.mend.io/free-developer-tools/renovate/). Viewrepository job log[here](https://developer.mend.io/github/allenporter/flux-local).<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi45Ny4xIiwidXBkYXRlZEluVmVyIjoiMzYuOTcuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
%5d(https%3a%2f%2frenovatebot.com){kind=link}
Bump gitpython from 3.1.35 to 3.1.37Bumps gitpython from 3.1.35 to 3.1.37.Release notesSourced from gitpython's releases.3.1.37 - a proper fixCVE-2023-41040What's ChangedImprove Python version and OS compatibility, fixing deprecations by @EliahKagan ingitpython-developers/GitPython#1654Better document env_case test/fixture and cwd by @EliahKagan ingitpython-developers/GitPython#1657Remove spurious executable permissions by @EliahKagan ingitpython-developers/GitPython#1658Fix up checks in Makefile and make them portable by @EliahKagan ingitpython-developers/GitPython#1661Fix URLs that were redirecting to another license by @EliahKagan ingitpython-developers/GitPython#1662Assorted small fixes/improvements to root dir docs by @EliahKagan ingitpython-developers/GitPython#1663Use venv instead of virtualenv in test_installation by @EliahKagan ingitpython-developers/GitPython#1664Omit py_modules in setup by @EliahKagan ingitpython-developers/GitPython#1665Don't track code coverage temporary files by @EliahKagan ingitpython-developers/GitPython#1666Configure tox by @EliahKagan ingitpython-developers/GitPython#1667Format tests with black and auto-exclude untracked paths by @EliahKagan ingitpython-developers/GitPython#1668Upgrade and broaden flake8, fixing style problems and bugs by @EliahKagan ingitpython-developers/GitPython#1673Fix rollback bug in SymbolicReference.set_reference by @EliahKagan ingitpython-developers/GitPython#1675Remove@NoEffect annotations by @EliahKagan ingitpython-developers/GitPython#1677Add more checks for the validity of refnames by @facutuesca ingitpython-developers/GitPython#1672Full Changelog: gitpython-developers/GitPython@3.1.36...3.1.37Commitsb27a89f fix makefile to compare commit hashes only0bd2890 prepare next release832b6ee remove unnecessary list comprehension to fix CIe98f57b Merge pull request #1672 from trail-of-forks/robust-refname-checks1774f1e Merge pull request #1677 from EliahKagan/no-noeffecta4701a0 Remove@NoEffect annotationsd40320b Merge pull request #1675 from EliahKagan/rollbackd1c1f31 Merge pull request #1673 from EliahKagan/flake8e480985 Tweak rollback logic in log.to_fileff84b26 Refactor try-finally cleanup in git/Additional commits viewable in compare viewDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting@dependabot rebase.Dependabot commands and optionsYou can trigger Dependabot actions by commenting on this PR:@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.Reviewed-by: Vladimir Vshivkov
Uh oh!
There was an error while loading.Please reload this page.
This improves how some of the changes in#1650 are documented, expanding comments and a docstring.
I ended up doing this in four commits, but really it would probably be just as clear with two. If you'd like me to rebase this to have just two commits, please let me know.
Identifying the steps in the "
env_case" testThis is my main motivation for opening this PR, and most of the change.
I was thinking about how it was not immediately obvious why
test_it_avoids_upcasing_unrelated_environment_variable_names(the "env_case" test) works and why it is done in this way.To improve on this, I wrote comments that divide it into four steps. Two of the steps occur in the test case method, and the others occur in the supporting
env_case.pyfixture. The comments are in both files.This only adds and changes comments, but just in case I have locally tested that it does not stop the test from passing, nor from failing when using the version of the code in
git/from just before the merge of#1650.Non-reentrancy of some context manager objects
I had intended my brief mention of non-reentrancy to distinguish
git.util.cwdfromcontextlib.chdir, which is fully reentrant by having each returned object maintain a stack of directories (but which is not available before Python 3.11). But this was not clear at all--I had nowhere mentionedcontextlib.chdir!--and it risked giving the wrong impression thatcwdcouldn't be called multiple times in nestedwith-statements.Furthermore, the newly introduced
patch_envfunction is non-reentrant in exactly the same narrow sense, but because it did not mention this andcwddid, this gave the wrong impression thatpatch_envwas reentrant in this way. (I thinkpatch_envactuallydoesn't need to document this--reallycwd's limitation compared tocontextlib.chdiris the only thing important enough to mention.)I've somewhat clarified this, but maybe further improvements can be made in the future. This can be make clearer withextended example, but I would be very reluctant to bloat the
cwddocstring with fully worked examples. If anything, maybe there is a way to say it shorter. Or maybe the reentrancy information should be removed altogether.