Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Use the new url for CPAN, in https #569

Merged
merged 3 commits into from
Jul 19, 2018
Merged

Use the new url for CPAN, in https #569

merged 3 commits into from
Jul 19, 2018

Conversation

mscherer
Copy link
Contributor

While there is likely no practical issue, I suspect we should be cautious
and not parse XML download in cleartext, given the rather large
amount of issues with XML parsing in the past:

https://www.owasp.org/index.php/XML_Security_Cheat_Sheet

@mscherer
Use the new url for CPAN, in https
01df1b6 
While there is likely no practical issue, I suspect we should be cautious
and not parse XML download in cleartext, given the rather large
amount of issues with XML parsing in the past:

   https://www.owasp.org/index.php/XML_Security_Cheat_Sheet
@jeremycline
Copy link
Member

Hi @mscherer, thanks for the PR!

It looks like this fixes #558. I'll fix up the tests and get this merged.

jeremycline added a commit to mscherer/anitya that referenced this pull request Jul 19, 2018
@jeremycline
Add release notes for PR fedora-infra#569
ff8d6b8 
Signed-off-by: Jeremy Cline <[email protected]>
@codecov-io
Copy link

codecov-io commented Jul 19, 2018
edited
Loading

Codecov Report

Merging #569 into master will decrease coverage by 0.05%.
The diff coverage is 92.85%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #569      +/-   ##
==========================================
- Coverage   89.51%   89.45%   -0.06%     
==========================================
  Files          54       54              
  Lines        2556     2561       +5     
  Branches      327      327              
==========================================
+ Hits         2288     2291       +3     
- Misses        201      203       +2     
  Partials       67       67
Impacted Files Coverage Δ
anitya/lib/backends/cpan.py 93.54% <92.85%> (-6.46%) ⬇️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a27c2b7...f93de62. Read the comment docs.

jeremycline added a commit to mscherer/anitya that referenced this pull request Jul 19, 2018
@jeremycline
Add release notes for PR fedora-infra#569
cb923f3 
Signed-off-by: Jeremy Cline <[email protected]>
@jeremycline
Update check_feed to use defusedxml
61496f1 
We already depend on defusedxml (indirectly) so pull it in explicitly
and use it for XML parsing. Additionally, more gracefully handle
failures to split titles. This updates the HTTP recordings for metacpan.

Signed-off-by: Jeremy Cline <[email protected]>
@jeremycline
Add release notes for PR fedora-infra#569
f93de62 
Signed-off-by: Jeremy Cline <[email protected]>
@jeremycline jeremycline merged commit 22016d8 into fedora-infra:master Jul 19, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mscherer @jeremycline @codecov-io