Re: [Django] #35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-only builds.
13 views
Skip to first unread message
Django
Feb 15, 2024, 3:01:50 PMFeb 15
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
---------------------------------+------------------------------------
Reporter: Marcus Hoffmann | Owner: nobody
Type: Bug | Status: new
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Comment (by Marcus Hoffmann):
Replying to [comment:7 Mariusz Felisiak]:
> Great idea! Marcus, does it work for you?
> {{{#!diff
> diff --git a/django/views/decorators/debug.py
b/django/views/decorators/debug.py
> index 7ea8a540de..6540fc0651 100644
> --- a/django/views/decorators/debug.py
> +++ b/django/views/decorators/debug.py
> @@ -47,7 +47,6 @@ def sensitive_variables(*variables):
>
> try:
> file_path = inspect.getfile(wrapped_func)
> - _, first_file_line =
inspect.getsourcelines(wrapped_func)
> except TypeError: # Raises for builtins or native
functions.
> raise ValueError(
> f"{func.__name__} cannot safely be wrapped by "
> @@ -55,7 +54,8 @@ def sensitive_variables(*variables):
> "Python file (not a builtin or from a native
extension)."
> )
> else:
> - key = hash(f"{file_path}:{first_file_line}")
> + first_line_number =
wrapped_func.__code__.co_firstlineno
> + key = hash(f"{file_path}:{first_line_number}")
>
> if variables:
> coroutine_functions_to_sensitive_variables[key] =
variables
>
> }}}
Thanks for the patch, I'll try and test this tomorrow!
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:9>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
only builds.
---------------------------------+------------------------------------
Reporter: Marcus Hoffmann | Owner: nobody
Type: Bug | Status: new
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Comment (by Marcus Hoffmann):
Replying to [comment:7 Mariusz Felisiak]:
> Great idea! Marcus, does it work for you?
> {{{#!diff
> diff --git a/django/views/decorators/debug.py
b/django/views/decorators/debug.py
> index 7ea8a540de..6540fc0651 100644
> --- a/django/views/decorators/debug.py
> +++ b/django/views/decorators/debug.py
> @@ -47,7 +47,6 @@ def sensitive_variables(*variables):
>
> try:
> file_path = inspect.getfile(wrapped_func)
> - _, first_file_line =
inspect.getsourcelines(wrapped_func)
> except TypeError: # Raises for builtins or native
functions.
> raise ValueError(
> f"{func.__name__} cannot safely be wrapped by "
> @@ -55,7 +54,8 @@ def sensitive_variables(*variables):
> "Python file (not a builtin or from a native
extension)."
> )
> else:
> - key = hash(f"{file_path}:{first_file_line}")
> + first_line_number =
wrapped_func.__code__.co_firstlineno
> + key = hash(f"{file_path}:{first_line_number}")
>
> if variables:
> coroutine_functions_to_sensitive_variables[key] =
variables
>
> }}}
Thanks for the patch, I'll try and test this tomorrow!
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:9>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
Django
Feb 16, 2024, 7:35:55 AMFeb 16
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
---------------------------------+------------------------------------
Reporter: Marcus Hoffmann | Owner: nobody
Type: Bug | Status: new
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Comment (by Marcus Hoffmann):
Replying to [comment:7 Mariusz Felisiak]:
> Great idea! Marcus, does it work for you?
I can confirm, this fixes the Problem for us. :-)
only builds.
---------------------------------+------------------------------------
Reporter: Marcus Hoffmann | Owner: nobody
Type: Bug | Status: new
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
---------------------------------+------------------------------------
Comment (by Marcus Hoffmann):
Replying to [comment:7 Mariusz Felisiak]:
> Great idea! Marcus, does it work for you?
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:10>
Django
Feb 16, 2024, 7:36:46 AMFeb 16
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
only builds.
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 0 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
Changes (by Mariusz Felisiak):
* owner: nobody => Mariusz Felisiak
* status: new => assigned
Comment:
> I can confirm, this fixes the Problem for us. :-)
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:11>
Django
Feb 16, 2024, 2:42:23 PMFeb 16
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: assigned
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution:
Keywords: | Triage Stage: Accepted
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):
* has_patch: 0 => 1
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by Mariusz Felisiak):
Comment:
[https://github.com/django/django/pull/17860 PR]
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:12>
Django
Feb 17, 2024, 2:16:09 AMFeb 17
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Changes (by GitHub <noreply@…>):
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
* resolution: => fixed
* status: assigned => closed
Comment:
In [changeset:"d1be05b3e9209fd0787841c71a95819d81061187" d1be05b3]:
{{{#!CommitTicketReference repository=""
revision="d1be05b3e9209fd0787841c71a95819d81061187"
Fixed #35187 -- Fixed @sensitive_variables/sensitive_post_parameters
decorators crash with .pyc-only builds.
Thanks Jon Janzen for the implementation idea.
Thanks Marcus Hoffmann for the report.
Regression in 38e391e95fe5258bc6d2467332dc9cd44ce6ba52.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:13>
Django
Feb 17, 2024, 2:17:15 AMFeb 17
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Mariusz Felisiak <felisiak.mariusz@…>):
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
In [changeset:"41a4bba817f139f3cfd94f04e728e046560c9a18" 41a4bba]:
{{{#!CommitTicketReference repository=""
revision="41a4bba817f139f3cfd94f04e728e046560c9a18"
[5.0.x] Fixed #35187 -- Fixed
@sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
Thanks Jon Janzen for the implementation idea.
Thanks Marcus Hoffmann for the report.
Regression in 38e391e95fe5258bc6d2467332dc9cd44ce6ba52.
Backport of d1be05b3e9209fd0787841c71a95819d81061187 from main
only builds.
Thanks Jon Janzen for the implementation idea.
Thanks Marcus Hoffmann for the report.
Regression in 38e391e95fe5258bc6d2467332dc9cd44ce6ba52.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:14>
Django
Feb 17, 2024, 12:54:22 PMFeb 17
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Jon Janzen):
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
I've put up a [https://github.com/django/django/pull/17870 PR] to add pyc-
only builds to Django's daily tests.
Marcus, if you wouldn't mind can you take a look and verify that the
checks are sufficient to ensure buildroot/pyc-only builds won't break
again?
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:15>
Django
Feb 19, 2024, 5:43:52 AMFeb 19
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Marcus Hoffmann):
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
@Jon: The test looks good to me! Thanks for adding it!
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:16>
Django
Feb 21, 2024, 7:53:18 AMFeb 21
to django-...@googlegroups.com
#35187: @sensitive_variables/sensitive_post_parameters decorators crash with .pyc-
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
only builds.
-------------------------------------+-------------------------------------
Reporter: Marcus Hoffmann | Owner: Mariusz
| Felisiak
Type: Bug | Status: closed
Component: Core (Other) | Version: 5.0
Severity: Release blocker | Resolution: fixed
Keywords: | Triage Stage: Accepted
Has patch: 1 | Needs documentation: 0
Needs tests: 0 | Patch needs improvement: 0
Easy pickings: 0 | UI/UX: 0
-------------------------------------+-------------------------------------
Comment (by Mariusz Felisiak <felisiak.mariusz@…>):
In [changeset:"6feaad9113fd38ba3970032d2b7856c77403e29e" 6feaad9]:
{{{#!CommitTicketReference repository=""
revision="6feaad9113fd38ba3970032d2b7856c77403e29e"
Refs #30950, Refs #35187 -- Added tests for byte-compiled Django to daily
builds.
}}}
--
Ticket URL: <https://code.djangoproject.com/ticket/35187#comment:17>
Reply all
Reply to author
Forward
0 new messages