Skip to content

python3Packages.deepdiff: 8.5.0 -> 8.6.1#440116

Merged
vcunat merged 1 commit intoNixOS:masterfrom
diogotcorreia:deepdiff-8.6.1
Sep 5, 2025
Merged

python3Packages.deepdiff: 8.5.0 -> 8.6.1#440116
vcunat merged 1 commit intoNixOS:masterfrom
diogotcorreia:deepdiff-8.6.1

Conversation

@diogotcorreia
Copy link
Member

@diogotcorreia diogotcorreia commented Sep 4, 2025

Critical security vulnerability fixed:

Changelog:

Things done

  • Built on platform:
    • x86_64-linux
    • aarch64-linux
    • x86_64-darwin
    • aarch64-darwin
  • Tested, as applicable:
  • Ran nixpkgs-review on this PR. See nixpkgs-review usage.
  • Tested basic functionality of all binary files, usually in ./result/bin/.
  • Nixpkgs Release Notes
    • Package update: when the change is major or breaking.
  • NixOS Release Notes
    • Module addition: when adding a new NixOS module.
    • Module update: when the change is significant.
  • Fits CONTRIBUTING.md, pkgs/README.md, maintainers/README.md and other READMEs.

Add a 👍 reaction to pull requests you find important.

@diogotcorreia diogotcorreia added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Sep 4, 2025
@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux. 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 6.topic: python Python is a high-level, general-purpose programming language. labels Sep 4, 2025
@nix-owners nix-owners bot requested review from Mic92 and doronbehar September 4, 2025 11:02
diogotcorreia
diogotcorreia commented Sep 4, 2025
View reviewed changes
Copy link
Member Author

@diogotcorreia diogotcorreia left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 440116
Commit: 5a193723a41caf2b1c156b1906a18621f361f46e

x86_64-linux

⏩ 2 packages marked as broken and skipped:
  • azure-cli-extensions.confcom
  • azure-cli-extensions.confcom.dist
❌ 12 packages failed to build:
  • ansible_2_16
  • ansible_2_16.dist
  • ansible_2_17
  • ansible_2_17.dist
  • open-webui
  • open-webui.dist
  • poetry
  • poetry.dist
  • python312Packages.dipy
  • python312Packages.dipy.dist
  • python313Packages.dipy
  • python313Packages.dipy.dist
✅ 155 packages built:
  • ansible (ansible_2_18, python313Packages.ansible-core)
  • ansible-doctor
  • ansible-doctor.dist
  • ansible-lint
  • ansible-lint.dist
  • ansible-navigator
  • ansible-navigator.dist
  • ansible.dist (ansible_2_18.dist, python313Packages.ansible-core.dist)
  • appdaemon
  • appdaemon.dist
  • dbt (python313Packages.dbt-core)
  • dbt.dist (python313Packages.dbt-core.dist)
  • deepdiff (python313Packages.deepdiff)
  • deepdiff.dist (python313Packages.deepdiff.dist)
  • home-assistant-component-tests.apple_tv
  • home-assistant-component-tests.litterrobot
  • immich-machine-learning
  • immich-machine-learning.dist
  • molecule (python313Packages.molecule)
  • molecule.dist (python313Packages.molecule.dist)
  • napalm
  • napalm.dist
  • poetryPlugins.poetry-audit-plugin
  • poetryPlugins.poetry-audit-plugin.dist
  • poetryPlugins.poetry-plugin-export
  • poetryPlugins.poetry-plugin-export.dist
  • poetryPlugins.poetry-plugin-shell
  • poetryPlugins.poetry-plugin-shell.dist
  • poetryPlugins.poetry-plugin-up
  • poetryPlugins.poetry-plugin-up.dist
  • python312Packages.albumentations
  • python312Packages.albumentations.dist
  • python312Packages.ansible
  • python312Packages.ansible-compat
  • python312Packages.ansible-compat.dist
  • python312Packages.ansible-core
  • python312Packages.ansible-core.dist
  • python312Packages.ansible-kernel
  • python312Packages.ansible-kernel.dist
  • python312Packages.ansible-runner
  • python312Packages.ansible-runner.dist
  • python312Packages.ansible-vault-rw
  • python312Packages.ansible-vault-rw.dist
  • python312Packages.ansible.dist
  • python312Packages.atsim-potentials
  • python312Packages.atsim-potentials.dist
  • python312Packages.dbt-adapters
  • python312Packages.dbt-adapters.dist
  • python312Packages.dbt-bigquery
  • python312Packages.dbt-bigquery.dist
  • python312Packages.dbt-common
  • python312Packages.dbt-common.dist
  • python312Packages.dbt-core
  • python312Packages.dbt-core.dist
  • python312Packages.dbt-postgres
  • python312Packages.dbt-postgres.dist
  • python312Packages.dbt-redshift
  • python312Packages.dbt-redshift.dist
  • python312Packages.dbt-snowflake
  • python312Packages.dbt-snowflake.dist
  • python312Packages.deepdiff
  • python312Packages.deepdiff.dist
  • python312Packages.dynaconf
  • python312Packages.dynaconf.dist
  • python312Packages.insightface
  • python312Packages.insightface.dist
  • python312Packages.molecule
  • python312Packages.molecule.dist
  • python312Packages.napalm
  • python312Packages.napalm-hp-procurve
  • python312Packages.napalm-hp-procurve.dist
  • python312Packages.napalm-ros
  • python312Packages.napalm-ros.dist
  • python312Packages.napalm.dist
  • python312Packages.pyatv
  • python312Packages.pyatv.dist
  • python312Packages.pylitterbot
  • python312Packages.pylitterbot.dist
  • python312Packages.pytest-ansible
  • python312Packages.pytest-ansible.dist
  • python312Packages.pytest-testinfra
  • python312Packages.pytest-testinfra.dist
  • python312Packages.qcodes
  • python312Packages.qcodes-contrib-drivers
  • python312Packages.qcodes-contrib-drivers.dist
  • python312Packages.qcodes.dist
  • python312Packages.tianshou
  • python312Packages.tianshou.dist
  • python312Packages.trx-python
  • python312Packages.trx-python.dist
  • python312Packages.ttp
  • python312Packages.ttp.dist
  • python312Packages.unstructured
  • python312Packages.unstructured-client
  • python312Packages.unstructured-client.dist
  • python312Packages.unstructured.dist
  • python313Packages.albumentations
  • python313Packages.albumentations.dist
  • python313Packages.ansible
  • python313Packages.ansible-compat
  • python313Packages.ansible-compat.dist
  • python313Packages.ansible-kernel
  • python313Packages.ansible-kernel.dist
  • python313Packages.ansible-runner
  • python313Packages.ansible-runner.dist
  • python313Packages.ansible-vault-rw
  • python313Packages.ansible-vault-rw.dist
  • python313Packages.ansible.dist
  • python313Packages.dbt-adapters
  • python313Packages.dbt-adapters.dist
  • python313Packages.dbt-bigquery
  • python313Packages.dbt-bigquery.dist
  • python313Packages.dbt-common
  • python313Packages.dbt-common.dist
  • python313Packages.dbt-postgres
  • python313Packages.dbt-postgres.dist
  • python313Packages.dbt-redshift
  • python313Packages.dbt-redshift.dist
  • python313Packages.dbt-snowflake
  • python313Packages.dbt-snowflake.dist
  • python313Packages.dynaconf
  • python313Packages.dynaconf.dist
  • python313Packages.insightface
  • python313Packages.insightface.dist
  • python313Packages.napalm
  • python313Packages.napalm-hp-procurve
  • python313Packages.napalm-hp-procurve.dist
  • python313Packages.napalm-ros
  • python313Packages.napalm-ros.dist
  • python313Packages.napalm.dist
  • python313Packages.netbox-napalm-plugin
  • python313Packages.netbox-napalm-plugin.dist
  • python313Packages.pyatv
  • python313Packages.pyatv.dist
  • python313Packages.pylitterbot
  • python313Packages.pylitterbot.dist
  • python313Packages.pytest-ansible
  • python313Packages.pytest-ansible.dist
  • python313Packages.pytest-testinfra
  • python313Packages.pytest-testinfra.dist
  • python313Packages.qcodes
  • python313Packages.qcodes-contrib-drivers
  • python313Packages.qcodes-contrib-drivers.dist
  • python313Packages.qcodes.dist
  • python313Packages.trx-python
  • python313Packages.trx-python.dist
  • ttp (python313Packages.ttp)
  • ttp.dist (python313Packages.ttp.dist)
  • python313Packages.unstructured
  • python313Packages.unstructured-client
  • python313Packages.unstructured-client.dist
  • python313Packages.unstructured.dist
  • sublime-music
  • sublime-music.dist
  • unstructured-api
Error logs: `x86_64-linux`
ansible_2_16 
Using pypaBuildPhase
Sourcing python-runtime-deps-check-hook
Using pythonRuntimeDepsCheckHook
Sourcing pypa-install-hook
Using pypaInstallPhase
Sourcing python-imports-check-hook.sh
Using pythonImportsCheckPhase
Sourcing python-namespaces-hook
Sourcing python-catch-conflicts-hook.sh
Running phase: unpackPhase
@nix { "action": "setPhase", "phase": "unpackPhase" }
unpacking source archive /nix/store/r5fjzzf47pj63jmpqzhzxff6wirpixmf-ansible_core-2.16.14.tar.gz
source root is ansible_core-2.16.14
setting SOURCE_DATE_EPOCH to timestamp 1733161595 of file "ansible_core-2.16.14/test/units/vars/test_variable_manager.py"
Running phase: patchPhase
@nix { "action": "setPhase", "phase": "patchPhase" }
patching script interpreter paths in packaging/cli-doc/build.py
packaging/cli-doc/build.py: interpreter directive changed from "#!/usr/bin/env python" to "/nix/store/iyff8129iampdw13nlfqalzhxy8y1hi9-python3-3.13.6/bin/python"
setuptools replace: "setuptools >= 66.1.0, <= 75.6.0"
substituteStream() in derivation python3.13-ansible-core-2.16.14: ERROR: pattern wheel\ ==\ 0.45.1 doesn't match anything in file 'pyproject.toml'
ansible_2_17 
Using pypaBuildPhase
Sourcing python-runtime-deps-check-hook
Using pythonRuntimeDepsCheckHook
Sourcing pypa-install-hook
Using pypaInstallPhase
Sourcing python-imports-check-hook.sh
Using pythonImportsCheckPhase
Sourcing python-namespaces-hook
Sourcing python-catch-conflicts-hook.sh
Running phase: unpackPhase
@nix { "action": "setPhase", "phase": "unpackPhase" }
unpacking source archive /nix/store/hzcdidw0s2yin2659a26nlf58012nkmm-ansible_core-2.17.8.tar.gz
source root is ansible_core-2.17.8
setting SOURCE_DATE_EPOCH to timestamp 1738007128 of file "ansible_core-2.17.8/test/units/vars/test_variable_manager.py"
Running phase: patchPhase
@nix { "action": "setPhase", "phase": "patchPhase" }
patching script interpreter paths in packaging/cli-doc/build.py
packaging/cli-doc/build.py: interpreter directive changed from "#!/usr/bin/env python" to "/nix/store/iyff8129iampdw13nlfqalzhxy8y1hi9-python3-3.13.6/bin/python"
setuptools replace: "setuptools >= 66.1.0, <= 75.8.0"
substituteStream() in derivation python3.13-ansible-core-2.17.8: ERROR: pattern wheel\ ==\ 0.45.1 doesn't match anything in file 'pyproject.toml'
open-webui 
no configure script, doing nothing
Running phase: buildPhase
@nix { "action": "setPhase", "phase": "buildPhase" }
Executing pypaBuildPhase
Creating a wheel...
pypa build flags: --no-isolation --outdir dist/ --wheel
* Getting build dependencies for wheel...
* Building wheel...
Successfully built open_webui-0.6.25-py3-none-any.whl
Finished creating a wheel...
/build/source/dist /build/source
Unpacking to: unpacked/open_webui-0.6.25...OK
Repacking wheel as ./open_webui-0.6.25-py3-none-any.whl...OK
/build/source
Finished executing pypaBuildPhase
Running phase: pythonRuntimeDepsCheckHook
@nix { "action": "setPhase", "phase": "pythonRuntimeDepsCheckHook" }
Executing pythonRuntimeDepsCheck
Checking runtime dependencies for open_webui-0.6.25-py3-none-any.whl
  - rapidocr-onnxruntime not installed
poetry 
tests/vcs/git/test_backend.py::test_short_sha_not_in_head
tests/vcs/git/test_backend.py::test_clone_success
  /nix/store/8lijdnspm6gz17gngpgwhmxzpczx73m8-python3.13-poetry-2.1.4/lib/python3.13/site-packages/poetry/vcs/git/backend.py:358: DeprecationWarning: reset_index is deprecated and will be removed in 0.26.0
    local.reset_index()

-- Docs: https://docs.pytest.org/en/stable/how-to/capture-warnings.html

=========================== short test summary info ============================

SKIPPED [3] tests/console/commands/env/test_activate.py:53: Only Windows shells

SKIPPED [1] tests/console/commands/test_sync.py:26: Only relevant for poetry install

SKIPPED [1] tests/console/commands/test_run.py:159: Poetry only installs CMD script files for console scripts of editable dependencies on Windows

SKIPPED [1] tests/installation/test_executor.py:414: python-poetry/poetry#7983

SKIPPED [1] tests/console/commands/self/test_sync.py:26: Only relevant for poetry self install

SKIPPED [1] tests/utils/env/test_env_manager.py:1265: requires darwin

SKIPPED [1] tests/utils/test_python_manager.py:104: Windows only

SKIPPED [1] tests/vcs/git/test_system.py:32: These tests requires git cli

SKIPPED [1] tests/vcs/git/test_system.py:48: These tests requires git cli

SKIPPED [1] tests/vcs/git/test_system.py:37: These tests requires git cli

SKIPPED [1] tests/vcs/git/test_system.py:43: These tests requires git cli

FAILED tests/utils/env/test_env.py::test_call_does_not_block_on_full_pipe[sys.stderr] - assert ([])

==== 1 failed, 2604 passed, 13 skipped, 1073 warnings in 158.63s (0:02:38) =====

python312Packages.dipy 
------------------------------------------------------------

/build/source/dipy/denoise/enhancement_kernel.pyx:81:44: undeclared name not builtin: long


[12/123] Generating 'dipy/denoise/nlmeans_block.cpython-312-x86_64-linux-gnu.so.p/nlmeans_block.c'

[13/123] Generating 'dipy/align/transforms.cpython-312-x86_64-linux-gnu.so.p/transforms.c'

[14/123] Generating 'dipy/align/parzenhist.cpython-312-x86_64-linux-gnu.so.p/parzenhist.c'

[15/123] Generating 'dipy/direction/bootstrap_direction_getter.cpython-312-x86_64-linux-gnu.so.p/bootstrap_direction_getter.c'

[16/123] Generating 'dipy/align/sumsqdiff.cpython-312-x86_64-linux-gnu.so.p/sumsqdiff.c'

[17/123] Generating 'dipy/align/crosscorr.cpython-312-x86_64-linux-gnu.so.p/crosscorr.c'

[18/123] Generating 'dipy/align/expectmax.cpython-312-x86_64-linux-gnu.so.p/expectmax.c'

[19/123] Generating 'dipy/direction/closest_peak_direction_getter.cpython-312-x86_64-linux-gnu.so.p/closest_peak_direction_getter.c'

[20/123] Generating 'dipy/core/interpolation.cpython-312-x86_64-linux-gnu.so.p/interpolation.c'

[21/123] Generating 'dipy/direction/pmf.cpython-312-x86_64-linux-gnu.so.p/pmf.c'

[22/123] Generating 'dipy/direction/probabilistic_direction_getter.cpython-312-x86_64-linux-gnu.so.p/probabilistic_direction_getter.c'

[23/123] Generating 'dipy/direction/ptt_direction_getter.cpython-312-x86_64-linux-gnu.so.p/ptt_direction_getter.c'

[24/123] Generating 'dipy/align/vector_fields.cpython-312-x86_64-linux-gnu.so.p/vector_fields.c'

ninja: build stopped: subcommand failed.


ERROR Backend subprocess exited when trying to invoke build_wheel

python313Packages.dipy 
------------------------------------------------------------

/build/source/dipy/denoise/enhancement_kernel.pyx:81:44: undeclared name not builtin: long


[12/123] Generating 'dipy/align/expectmax.cpython-313-x86_64-linux-gnu.so.p/expectmax.c'

[13/123] Generating 'dipy/align/parzenhist.cpython-313-x86_64-linux-gnu.so.p/parzenhist.c'

[14/123] Generating 'dipy/align/transforms.cpython-313-x86_64-linux-gnu.so.p/transforms.c'

[15/123] Generating 'dipy/direction/bootstrap_direction_getter.cpython-313-x86_64-linux-gnu.so.p/bootstrap_direction_getter.c'

[16/123] Generating 'dipy/align/crosscorr.cpython-313-x86_64-linux-gnu.so.p/crosscorr.c'

[17/123] Generating 'dipy/denoise/pca_noise_estimate.cpython-313-x86_64-linux-gnu.so.p/pca_noise_estimate.c'

[18/123] Generating 'dipy/denoise/shift_twist_convolution.cpython-313-x86_64-linux-gnu.so.p/shift_twist_convolution.c'

[19/123] Generating 'dipy/align/sumsqdiff.cpython-313-x86_64-linux-gnu.so.p/sumsqdiff.c'

[20/123] Generating 'dipy/direction/ptt_direction_getter.cpython-313-x86_64-linux-gnu.so.p/ptt_direction_getter.c'

[21/123] Generating 'dipy/direction/pmf.cpython-313-x86_64-linux-gnu.so.p/pmf.c'

[22/123] Generating 'dipy/direction/closest_peak_direction_getter.cpython-313-x86_64-linux-gnu.so.p/closest_peak_direction_getter.c'

[23/123] Generating 'dipy/direction/probabilistic_direction_getter.cpython-313-x86_64-linux-gnu.so.p/probabilistic_direction_getter.c'

[24/123] Generating 'dipy/align/vector_fields.cpython-313-x86_64-linux-gnu.so.p/vector_fields.c'

ninja: build stopped: subcommand failed.


ERROR Backend subprocess exited when trying to invoke build_wheel

@vcunat vcunat merged commit 66ddfea into NixOS:master Sep 5, 2025
33 of 35 checks passed
@vcunat
Copy link
Member

vcunat commented Sep 5, 2025

dipy was already broken, ansible and poetry build for me.

@diogotcorreia
Copy link
Member Author

diogotcorreia commented Sep 5, 2025

@vcunat This should be backported. Do you think I should bump the version to 8.6.1 or apply a patch to 8.4.3 (should apply cleanly)?

PS: I'm the reporter of the vulnerability upstream

@diogotcorreia diogotcorreia deleted the deepdiff-8.6.1 branch September 5, 2025 10:22
@vcunat
Copy link
Member

vcunat commented Sep 5, 2025

I'm not really familiar with the package. Maybe .meta.maintainers will say (already pinged here), but I expect many people are busy this weekend with NixCon.org

@vcunat vcunat added the 9.needs: port to stable A PR needs a backport to the stable release. label Sep 5, 2025
@diogotcorreia diogotcorreia mentioned this pull request Sep 5, 2025
Merged
13 tasks
@diogotcorreia diogotcorreia added 8.has: port to stable This PR already has a backport to the stable release. and removed 9.needs: port to stable A PR needs a backport to the stable release. labels Sep 5, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@doronbehar doronbehar Awaiting requested review from doronbehar

@Mic92 Mic92 Awaiting requested review from Mic92

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python Python is a high-level, general-purpose programming language. 8.has: port to stable This PR already has a backport to the stable release. 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@diogotcorreia @vcunat