Good find. Seeing https://github.com/ThirVondukr/passlib/pull/15#issuecomment-2844561564 do you think it might be worth waiting to see what gets committed upstream first?
On 2025/05/01 10:14, Kirill A. Korinsky wrote: > ports, > > I had narrowed down the issue with mitmproxy too verbose logging to a the > root cause: update of security/py-passlib. > > The new fork includes > https://github.com/ThirVondukr/passlib/commit/650121d0cd7a6da775b2f44573de4c165b80d93c > which had switched the code to use logging in the way like logging.debug() > > One of the casses happens on import, and as documentation stated here > https://docs.python.org/3/library/logging.html#logging.debug the call > `logging.debug (or similar one) make implicit configuration of the logger > and it dismiss the second configuration from user application like mitmproxy > > We had a few users for security/py-passlib: > - productivity/radicale > - productivity/radicale2 > - security/mitmproxy > - sysutils/ansible-core > - www/odoo > - www/py-autobahn > which might be impacted by this bug. > > I had backported this fix to upstream already, and I think that we need > backport it to -stable as well. > > Ok for -current and -stable? > > > Index: security/py-passlib/Makefile > =================================================================== > RCS file: /cvs/ports/security/py-passlib/Makefile,v > diff -u -p -r1.30 Makefile > --- security/py-passlib/Makefile 26 Mar 2025 09:42:19 -0000 1.30 > +++ security/py-passlib/Makefile 1 May 2025 08:04:17 -0000 > @@ -1,6 +1,7 @@ > COMMENT= Python module providing a password hashing framework > > MODPY_DISTV= 1.9.0 > +REVISION= 0 > DISTNAME= libpass-${MODPY_DISTV} > # libpass is a maintained fork of passlib, providing the same namespace > PKGNAME= py-passlib-${MODPY_DISTV} > Index: security/py-passlib/patches/patch-passlib_registry_py > =================================================================== > RCS file: security/py-passlib/patches/patch-passlib_registry_py > diff -N security/py-passlib/patches/patch-passlib_registry_py > --- /dev/null 1 Jan 1970 00:00:00 -0000 > +++ security/py-passlib/patches/patch-passlib_registry_py 1 May 2025 > 08:04:17 -0000 > @@ -0,0 +1,36 @@ > +https://github.com/ThirVondukr/passlib/pull/15 > + > +Index: passlib/registry.py > +--- passlib/registry.py.orig > ++++ passlib/registry.py > +@@ -234,7 +234,7 @@ def register_crypt_handler_path(name, path): > + > + # store location > + _locations[name] = path > +- logging.debug("registered path to %r handler: %r", name, path) > ++ logging.getLogger(__name__).debug("registered path to %r handler: %r", > name, path) > + > + > + def register_crypt_handler(handler, force=False, _attr=None): > +@@ -278,10 +278,10 @@ def register_crypt_handler(handler, force=False, _attr > + other = _handlers.get(name) > + if other: > + if other is handler: > +- logging.debug("same %r handler already registered: %r", name, > handler) > ++ logging.getLogger(__name__).debug("same %r handler already > registered: %r", name, handler) > + return > + if force: > +- logging.warning( > ++ logging.getLogger(__name__).warning( > + "overriding previously registered %r handler: %r", name, > other > + ) > + else: > +@@ -291,7 +291,7 @@ def register_crypt_handler(handler, force=False, _attr > + > + # register handler > + _handlers[name] = handler > +- logging.debug("registered %r handler: %r", name, handler) > ++ logging.getLogger(__name__).debug("registered %r handler: %r", name, > handler) > + > + > + def get_crypt_handler(name, default=_UNSET): > > > -- > wbr, Kirill >
