[Buildroot] [PATCH 6/6] package/python-crossbar: fix configuration
Emile Cormier
emile.cormier.jr at gmail.com
Sun Apr 3 22:19:53 UTC 2022
From: ecorm <ecorm at users.noreply.github.com>
Fixes configuration and patches setup requirements so that
python-crossbar can build and run.
See https://github.com/crossbario/crossbar/issues/1936 for discussion
with Crossbar author.
Fixes: #14556
Signed-off-by: Emile Cormier <emile.cormier.jr at gmail.com>
---
.../0002-Remove-idna-requirement.patch | 29 ----------
...002-Resolve-conflicting-requirements.patch | 57 +++++++++++++++++++
package/python-crossbar/Config.in | 21 +++----
3 files changed, 68 insertions(+), 39 deletions(-)
delete mode 100644 package/python-crossbar/0002-Remove-idna-requirement.patch
create mode 100644 package/python-crossbar/0002-Resolve-conflicting-requirements.patch
diff --git a/package/python-crossbar/0002-Remove-idna-requirement.patch b/package/python-crossbar/0002-Remove-idna-requirement.patch
deleted file mode 100644
index 5e19a467c2..0000000000
--- a/package/python-crossbar/0002-Remove-idna-requirement.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 9164d21cc66c1f78de37c9383528c5d528cbdbeb Mon Sep 17 00:00:00 2001
-From: Asaf Kahlon <asafka7 at gmail.com>
-Date: Wed, 26 Sep 2018 15:33:43 +0300
-Subject: [PATCH] Remove idna requirement.
-
-The latest version of idna is 2.7, but it seems like idna is not a direct
-dependency anymore (a short "git grep" shows it's only written in requirement
-and readme files).
-
-Signed-off-by: Asaf Kahlon <asafka7 at gmail.com>
----
- requirements-min.txt | 1 -
- 1 file changed, 1 deletion(-)
-
-diff --git a/requirements-min.txt b/requirements-min.txt
-index 92fb0f8f..13cdac87 100644
---- a/requirements-min.txt
-+++ b/requirements-min.txt
-@@ -8,7 +8,6 @@ click>=6.7
- constantly>=15.1.0
- cryptography>=2.6.1
- h2>=3.2.0
--idna<2.6,>=2.5
- importlib-resources>=4.1.1
- incremental>=17.5.0
- jinja2>=2.10.1
---
-2.17.1
-
diff --git a/package/python-crossbar/0002-Resolve-conflicting-requirements.patch b/package/python-crossbar/0002-Resolve-conflicting-requirements.patch
new file mode 100644
index 0000000000..afb182cab1
--- /dev/null
+++ b/package/python-crossbar/0002-Resolve-conflicting-requirements.patch
@@ -0,0 +1,57 @@
+Remove the upper limit for idna, which is an indirect dependency via
+twisted[tls] and treq->requests. This upper limit conflicts with the
+python-idna v3.3 package bundled with buildroot. The idna requirement for
+twisted v20.3.0 is idna>=0.6,!=2.3 , and for requests it's
+idna>=2.5,<4;python_version>="3" .
+
+Remove the upper limit for urllib3, which is an indirect dependency via
+treq->requests. This upper limit conflicts with the python-urllib3 v1.26.8
+package bundled with buildroot. The urllib3 requirements for requests v2.27.1
+is urllib3>=1.21.1,<1.27 .
+
+Set the lower limit for urllib3 to >1.24.2 to satisfy the comment regarding
+CVE-2019-11324.
+
+Remove the importlib-resources>=4.1.1 requirement. The features of
+importlib-resources v5.0 (and thus v4.1.1) have been merged into the
+CPython 3.10 bundled with buildroot.
+
+Remove the u-msgpack-python requirement, which is an indirect dependency via
+autobahn[serialization] that is not needed due to the python-msgpack package
+being chosen instead on CPython.
+
+Remove the netaddr requirement, which is an indirect dependency via
+autobahn[xbr]->web3. buildroot's python-autobahn package currently does not
+support the autobahn[xbr] extras.
+
+Signed-off-by: Emile Cormier <emile.cormier.jr at gmail.com>
+
+--- a/requirements-min.txt
++++ b/requirements-min.txt
+@@ -8,13 +8,11 @@ colorama>=0.4.4
+ constantly>=15.1.0
+ cryptography>=2.6.1
+ h2>=3.2.0
+-idna<2.6,>=2.5
+-importlib-resources>=4.1.1
++idna>=2.5
+ incremental>=17.5.0
+ jinja2>=2.10.1
+ lmdb>=0.92
+ mistune>=0.7.4
+-netaddr>=0.7.19
+ passlib>=1.7.1
+ priority>=1.3.0
+ psutil>=5.2.2
+@@ -37,10 +35,9 @@ twisted[tls,conch,http2,osx_platform]>=2
+ twisted[tls,conch,http2,windows_platform]>=20.3.0; sys_platform == 'win32'
+ txaio>=21.2.1
+ txtorcon>=20.0.0
+-u-msgpack-python>=2.4.1
+ # urllib3 is an indirect dependency, but we force a recent version because of https://nvd.nist.gov/vuln/detail/CVE-2019-11324
+ # workaround for version conflict in requests vs sth else:
+-urllib3<1.25,>=1.21.1
++urllib3>1.24.2
+ vmprof>=0.4.12; platform_machine=='x86_64' or platform_machine=='i386' or platform_machine=='arm'
+ watchdog>=0.8.3
+ werkzeug>=0.14.1
diff --git a/package/python-crossbar/Config.in b/package/python-crossbar/Config.in
index 9625d9ce8e..ef02dd54f9 100644
--- a/package/python-crossbar/Config.in
+++ b/package/python-crossbar/Config.in
@@ -2,21 +2,21 @@ config BR2_PACKAGE_PYTHON_CROSSBAR
bool "python-crossbar"
depends on BR2_PACKAGE_HOST_RUSTC_TARGET_ARCH_SUPPORTS # python-cryptography
# All the following dependencies are runtime dependencies
- select BR2_PACKAGE_PYTHON_ATTRS
select BR2_PACKAGE_PYTHON_AUTOBAHN
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_ACCELERATE
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_COMPRESS
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_ENCRYPTION
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_SCRAM
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_SERIALIZATION
+ select BR2_PACKAGE_PYTHON_AUTOBAHN_TWISTED
select BR2_PACKAGE_PYTHON_BITSTRING
select BR2_PACKAGE_PYTHON_CBOR
- select BR2_PACKAGE_PYTHON_CBOR2
select BR2_PACKAGE_PYTHON_CLICK
- select BR2_PACKAGE_PYTHON_CONSTANTLY
+ select BR2_PACKAGE_PYTHON_COLORAMA
select BR2_PACKAGE_PYTHON_CRYPTOGRAPHY
- select BR2_PACKAGE_PYTHON_H2
- select BR2_PACKAGE_PYTHON_IDNA
- select BR2_PACKAGE_PYTHON_INCREMENTAL
select BR2_PACKAGE_PYTHON_JINJA2
select BR2_PACKAGE_PYTHON_LMDB
select BR2_PACKAGE_PYTHON_MISTUNE
- select BR2_PACKAGE_PYTHON_NETADDR
select BR2_PACKAGE_PYTHON_PASSLIB
select BR2_PACKAGE_PYTHON_PRIORITY
select BR2_PACKAGE_PYTHON_PSUTIL
@@ -29,17 +29,18 @@ config BR2_PACKAGE_PYTHON_CROSSBAR
select BR2_PACKAGE_PYTHON_PYTRIE
select BR2_PACKAGE_PYTHON_PYYAML
select BR2_PACKAGE_PYTHON_SDNOTIFY
- select BR2_PACKAGE_PYTHON_SERVICE_IDENTITY
select BR2_PACKAGE_PYTHON_SETPROCTITLE
select BR2_PACKAGE_PYTHON_SETUPTOOLS
select BR2_PACKAGE_PYTHON_TREQ
select BR2_PACKAGE_PYTHON_TWISTED
+ select BR2_PACKAGE_PYTHON_TWISTED_CONCH
+ select BR2_PACKAGE_PYTHON_TWISTED_HTTP2
+ select BR2_PACKAGE_PYTHON_TWISTED_TLS
select BR2_PACKAGE_PYTHON_TXAIO
select BR2_PACKAGE_PYTHON_TXTORCON
- select BR2_PACKAGE_PYTHON_U_MSGPACK
- select BR2_PACKAGE_PYTHON_UBJSON
select BR2_PACKAGE_PYTHON_WATCHDOG
select BR2_PACKAGE_PYTHON_WERKZEUG
+ select BR2_PACKAGE_PYTHON_ZLMDB
select BR2_PACKAGE_PYTHON_ZOPE_INTERFACE
help
Crossbar.io is an open-source WAMP application router that
--
2.25.1
More information about the buildroot
mailing list