[bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.

[bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.

[Tanguy Le Carrour]

* gnu/packages/python-web.scm (httpie): Update to 2.3.0.
[propagated-inputs]: Add python-requests-toolbelt.
[home-page]: Update URL.
---
 gnu/packages/python-web.scm | 11 ++++++-----
 1 file changed, 6 insertions(+), 5 deletions(-)

diff --git a/gnu/packages/python-web.scm b/gnu/packages/python-web.scm
index 1b6f0290ab..cf71a64e7c 100644
--- a/gnu/packages/python-web.scm
+++ b/gnu/packages/python-web.scm
@@ -30,7 +30,7 @@
 ;;; Copyright © 2019 Vagrant Cascadian <vagrant@debian.org>
 ;;; Copyright © 2019 Brendan Tildesley <mail@brendan.scot>
 ;;; Copyright © 2019 Pierre Langlois <pierre.langlois@gmx.com>
-;;; Copyright © 2019 Tanguy Le Carrour <tanguy@bioneland.org>
+;;; Copyright © 2019, 2020 Tanguy Le Carrour <tanguy@bioneland.org>
 ;;; Copyright © 2020 Jakub Kądziołka <kuba@kadziolka.net>
 ;;; Copyright © 2020 Evan Straw <evan.straw99@gmail.com>
 ;;; Copyright © 2020 Alexandros Theodotou <alex@zrythm.org>
@@ -429,14 +429,14 @@ other HTTP libraries.")
 (define-public httpie
   (package
     (name "httpie")
-    (version "2.2.0")
+    (version "2.3.0")
     (source
      (origin
        (method url-fetch)
        (uri (pypi-uri "httpie" version))
        (sha256
         (base32
-         "18058k0i3cc4ixvgzj882w693lf40283flvspbrvd876iq42ib1i"))))
+         "15ngl3yc186gkgqdx8iav9bpj8gxjpzz26y32z92jwyhj4cmfh6m"))))
     (build-system python-build-system)
     (arguments
      ;; The tests attempt to access external web servers, so we cannot run them.
@@ -444,8 +444,9 @@ other HTTP libraries.")
     (propagated-inputs
      `(("python-colorama" ,python-colorama)
        ("python-pygments" ,python-pygments)
-       ("python-requests" ,python-requests)))
-    (home-page "https://httpie.org/")
+       ("python-requests" ,python-requests)
+       ("python-requests-toolbelt" ,python-requests-toolbelt-0.9.1)))
+    (home-page "https://httpie.io")
     (synopsis "cURL-like tool for humans")
     (description
      "A command line HTTP client with an intuitive UI, JSON support,
-- 
2.29.1

bug#44302: [PATCH] gnu: httpie: Update to 2.3.0.

[Ludovic Courtès]

Hi,

Tanguy Le Carrour <tanguy@bioneland.org> skribis:

> * gnu/packages/python-web.scm (httpie): Update to 2.3.0.
> [propagated-inputs]: Add python-requests-toolbelt.
> [home-page]: Update URL.

Applied, thanks!

‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be nice
if you could take a look and see what needs to be done about it.

Thanks,
Ludo’.

[bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.

[Tanguy LE CARROUR]

Hi Ludo',

Le 31 octobre 2020 23:15:57 CET, "Ludovic Courtès" <ludo@gnu.org> a écrit :
>Tanguy Le Carrour <tanguy@bioneland.org> skribis:
>
>> * gnu/packages/python-web.scm (httpie): Update to 2.3.0.
>> [propagated-inputs]: Add python-requests-toolbelt.
>> [home-page]: Update URL.
>
>Applied, thanks!

Thanks.


>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
>nice
>if you could take a look and see what needs to be done about it.

I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?

Regards


-- 
Tanguy

[bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.

[Ludovic Courtès]

Hi,

Tanguy LE CARROUR <tanguy@bioneland.org> skribis:

>>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
>>nice
>>if you could take a look and see what needs to be done about it.
>
> I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?

If you’re sure of that, you can add a ‘lint-hidden-cve’ property with a
comment linking to evidence that this is fixed.

Thanks for checking,
Ludo’.

[bug#44302] [PATCH] gnu: httpie: Update to 2.3.0.

[Tanguy Le Carrour]

Hi,


Le 11/02, Ludovic Courtès a écrit :
> Tanguy LE CARROUR <tanguy@bioneland.org> skribis:
> 
> >>‘guix lint’ says “probably vulnerable to CVE-2019-10751”.  Would be
> >>nice
> >>if you could take a look and see what needs to be done about it.
> >
> > I saw that! But it only applies to older versions of httpie. Should I have mentioned it somewhere? In the commit message?
> 
> If you’re sure of that, you can add a ‘lint-hidden-cve’ property with a
> comment linking to evidence that this is fixed.

Done! http://debbugs.gnu.org/cgi/bugreport.cgi?bug=44392

Regards

-- 
Tanguy