Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove URL validation from requirement parsing #684

Merged
merged 2 commits into from
Jun 13, 2023

Conversation

uranusjr
Copy link
Member

The scheme and path validation logic limits how users of the library can provide URL support. This limitation is lifted, and dependants now need to implement their own URL validation logic they see fit.

Close #120.

@uranusjr uranusjr force-pushed the no-validate-url branch 2 times, most recently from 72eb9b8 to 25ad1c1 Compare March 30, 2023 09:19
@uranusjr uranusjr marked this pull request as ready for review March 30, 2023 09:40
Copy link
Member

@brettcannon brettcannon left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should probably update the docs saying that this is no longer being done.

@uranusjr uranusjr force-pushed the no-validate-url branch 2 times, most recently from 5d9b4c9 to d09588c Compare April 13, 2023 07:10
@uranusjr
Copy link
Member Author

Documentation and changelog added.

The scheme and path validation logic limits how users of the library can
provide URL support. This limitation is lifted, and dependants now need
to implement their own URL validation logic they see fit.
pradyunsg
pradyunsg previously approved these changes Apr 13, 2023
@pradyunsg pradyunsg dismissed their stale review April 13, 2023 16:19

Re-reading the issue history gave me some pause.

@brettcannon brettcannon self-requested a review May 3, 2023 19:42
@brettcannon
Copy link
Member

@pradyunsg is your "pause" still on, or are you okay with this change?

Copy link
Member

@pradyunsg pradyunsg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's do this.

@brettcannon brettcannon merged commit fe8f0bb into pypa:main Jun 13, 2023
@brettcannon
Copy link
Member

Thanks, @uranusjr , for the PR!

kodiakhq bot referenced this pull request in cloudquery/plugin-sdk-python Nov 1, 2023
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [packaging](https://github.com/pypa/packaging) | minor | `==23.1` -> `==23.2` |

---

### Release Notes

<details>
<summary>pypa/packaging (packaging)</summary>

### [`v23.2`](https://github.com/pypa/packaging/releases/tag/23.2)

[Compare Source](https://github.com/pypa/packaging/compare/23.1...23.2)

#### What's Changed

-   parse_marker should consume the entire source string by [@&#8203;mwerschy](https://github.com/mwerschy) in [https://github.com/pypa/packaging/pull/687](https://github.com/pypa/packaging/pull/687)
-   Create a Security Policy file  by [@&#8203;joycebrum](https://github.com/joycebrum) in [https://github.com/pypa/packaging/pull/695](https://github.com/pypa/packaging/pull/695)
-   Add python 3.12 to CI by [@&#8203;mayeut](https://github.com/mayeut) in [https://github.com/pypa/packaging/pull/689](https://github.com/pypa/packaging/pull/689)
-   Remove URL validation from requirement parsing by [@&#8203;uranusjr](https://github.com/uranusjr) in [https://github.com/pypa/packaging/pull/684](https://github.com/pypa/packaging/pull/684)
-   Add types for packaging.version.\_Version by [@&#8203;hauntsaninja](https://github.com/hauntsaninja) in [https://github.com/pypa/packaging/pull/665](https://github.com/pypa/packaging/pull/665)
-   Add PyPy 3.10 to CI by [@&#8203;mayeut](https://github.com/mayeut) in [https://github.com/pypa/packaging/pull/699](https://github.com/pypa/packaging/pull/699)
-   Remove unused argument in `_manylinux._is_compatible` by [@&#8203;mayeut](https://github.com/mayeut) in [https://github.com/pypa/packaging/pull/700](https://github.com/pypa/packaging/pull/700)
-   Canonicalize names for requirements comparison by [@&#8203;astrojuanlu](https://github.com/astrojuanlu) in [https://github.com/pypa/packaging/pull/696](https://github.com/pypa/packaging/pull/696)
-   Add platform tag support for LoongArch by [@&#8203;loongson-zn](https://github.com/loongson-zn) in [https://github.com/pypa/packaging/pull/693](https://github.com/pypa/packaging/pull/693)
-   Ability to install `armv7l manylinux/musllinux` wheels on `armv8l` by [@&#8203;mayeut](https://github.com/mayeut) in [https://github.com/pypa/packaging/pull/690](https://github.com/pypa/packaging/pull/690)
-   Include CHANGELOG.rst in sdist by [@&#8203;astrojuanlu](https://github.com/astrojuanlu) in [https://github.com/pypa/packaging/pull/704](https://github.com/pypa/packaging/pull/704)
-   Update pyupgrade to Python 3.7+ by [@&#8203;fangchenli](https://github.com/fangchenli) in [https://github.com/pypa/packaging/pull/580](https://github.com/pypa/packaging/pull/580)
-   Fix version pattern pre-releases by [@&#8203;deathaxe](https://github.com/deathaxe) in [https://github.com/pypa/packaging/pull/705](https://github.com/pypa/packaging/pull/705)
-   Fix typos found by codespell by [@&#8203;DimitriPapadopoulos](https://github.com/DimitriPapadopoulos) in [https://github.com/pypa/packaging/pull/706](https://github.com/pypa/packaging/pull/706)
-   Support enriched metadata by [@&#8203;brettcannon](https://github.com/brettcannon) in [https://github.com/pypa/packaging/pull/686](https://github.com/pypa/packaging/pull/686)
-   Correct rST syntax in CHANGELOG.rst by [@&#8203;atugushev](https://github.com/atugushev) in [https://github.com/pypa/packaging/pull/709](https://github.com/pypa/packaging/pull/709)
-   fix: platform tag for GraalPy by [@&#8203;mayeut](https://github.com/mayeut) in [https://github.com/pypa/packaging/pull/711](https://github.com/pypa/packaging/pull/711)
-   Document that this library uses a calendar-based versioning scheme by [@&#8203;faph](https://github.com/faph) in [https://github.com/pypa/packaging/pull/717](https://github.com/pypa/packaging/pull/717)
-   fix: Update copyright date for docs by [@&#8203;garrypolley](https://github.com/garrypolley) in [https://github.com/pypa/packaging/pull/713](https://github.com/pypa/packaging/pull/713)
-   Bump pip version to avoid known vulnerabilities by [@&#8203;joycebrum](https://github.com/joycebrum) in [https://github.com/pypa/packaging/pull/720](https://github.com/pypa/packaging/pull/720)
-   Typing annotations fixed in version.py by [@&#8203;jolaf](https://github.com/jolaf) in [https://github.com/pypa/packaging/pull/723](https://github.com/pypa/packaging/pull/723)
-   parse\_{sdist,wheel}\_filename: don't raise InvalidVersion by [@&#8203;SpecLad](https://github.com/SpecLad) in [https://github.com/pypa/packaging/pull/721](https://github.com/pypa/packaging/pull/721)
-   Fix code blocks in CHANGELOG.md by [@&#8203;edmorley](https://github.com/edmorley) in [https://github.com/pypa/packaging/pull/724](https://github.com/pypa/packaging/pull/724)

#### New Contributors

-   [@&#8203;mwerschy](https://github.com/mwerschy) made their first contribution in [https://github.com/pypa/packaging/pull/687](https://github.com/pypa/packaging/pull/687)
-   [@&#8203;joycebrum](https://github.com/joycebrum) made their first contribution in [https://github.com/pypa/packaging/pull/695](https://github.com/pypa/packaging/pull/695)
-   [@&#8203;astrojuanlu](https://github.com/astrojuanlu) made their first contribution in [https://github.com/pypa/packaging/pull/696](https://github.com/pypa/packaging/pull/696)
-   [@&#8203;loongson-zn](https://github.com/loongson-zn) made their first contribution in [https://github.com/pypa/packaging/pull/693](https://github.com/pypa/packaging/pull/693)
-   [@&#8203;fangchenli](https://github.com/fangchenli) made their first contribution in [https://github.com/pypa/packaging/pull/580](https://github.com/pypa/packaging/pull/580)
-   [@&#8203;deathaxe](https://github.com/deathaxe) made their first contribution in [https://github.com/pypa/packaging/pull/705](https://github.com/pypa/packaging/pull/705)
-   [@&#8203;DimitriPapadopoulos](https://github.com/DimitriPapadopoulos) made their first contribution in [https://github.com/pypa/packaging/pull/706](https://github.com/pypa/packaging/pull/706)
-   [@&#8203;atugushev](https://github.com/atugushev) made their first contribution in [https://github.com/pypa/packaging/pull/709](https://github.com/pypa/packaging/pull/709)
-   [@&#8203;faph](https://github.com/faph) made their first contribution in [https://github.com/pypa/packaging/pull/717](https://github.com/pypa/packaging/pull/717)
-   [@&#8203;garrypolley](https://github.com/garrypolley) made their first contribution in [https://github.com/pypa/packaging/pull/713](https://github.com/pypa/packaging/pull/713)
-   [@&#8203;jolaf](https://github.com/jolaf) made their first contribution in [https://github.com/pypa/packaging/pull/723](https://github.com/pypa/packaging/pull/723)
-   [@&#8203;SpecLad](https://github.com/SpecLad) made their first contribution in [https://github.com/pypa/packaging/pull/721](https://github.com/pypa/packaging/pull/721)
-   [@&#8203;edmorley](https://github.com/edmorley) made their first contribution in [https://github.com/pypa/packaging/pull/724](https://github.com/pypa/packaging/pull/724)

**Full Changelog**: pypa/packaging@23.1...23.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4xMDkuNCIsInVwZGF0ZWRJblZlciI6IjM2LjEwOS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

URI parsing
4 participants