On Thu, 01 May 2025 12:54:21 +0200, Stuart Henderson <s...@spacehopper.org> wrote: > > Good find. > > Seeing https://github.com/ThirVondukr/passlib/pull/15#issuecomment-2844561564 > do you think it might be worth waiting to see what gets committed > upstream first? >
Absolutley, I'll wait until upstream commit it, or backport his patch. But we have a solution if anyone complains that 7.7 brokes things :) > On 2025/05/01 10:14, Kirill A. Korinsky wrote: > > ports, > > > > I had narrowed down the issue with mitmproxy too verbose logging to a the > > root cause: update of security/py-passlib. > > > > The new fork includes > > https://github.com/ThirVondukr/passlib/commit/650121d0cd7a6da775b2f44573de4c165b80d93c > > which had switched the code to use logging in the way like logging.debug() > > > > One of the casses happens on import, and as documentation stated here > > https://docs.python.org/3/library/logging.html#logging.debug the call > > `logging.debug (or similar one) make implicit configuration of the logger > > and it dismiss the second configuration from user application like mitmproxy > > > > We had a few users for security/py-passlib: > > - productivity/radicale > > - productivity/radicale2 > > - security/mitmproxy > > - sysutils/ansible-core > > - www/odoo > > - www/py-autobahn > > which might be impacted by this bug. > > > > I had backported this fix to upstream already, and I think that we need > > backport it to -stable as well. > > > > Ok for -current and -stable? > > > > > > Index: security/py-passlib/Makefile > > =================================================================== > > RCS file: /cvs/ports/security/py-passlib/Makefile,v > > diff -u -p -r1.30 Makefile > > --- security/py-passlib/Makefile 26 Mar 2025 09:42:19 -0000 1.30 > > +++ security/py-passlib/Makefile 1 May 2025 08:04:17 -0000 > > @@ -1,6 +1,7 @@ > > COMMENT= Python module providing a password hashing framework > > > > MODPY_DISTV= 1.9.0 > > +REVISION= 0 > > DISTNAME= libpass-${MODPY_DISTV} > > # libpass is a maintained fork of passlib, providing the same namespace > > PKGNAME= py-passlib-${MODPY_DISTV} > > Index: security/py-passlib/patches/patch-passlib_registry_py > > =================================================================== > > RCS file: security/py-passlib/patches/patch-passlib_registry_py > > diff -N security/py-passlib/patches/patch-passlib_registry_py > > --- /dev/null 1 Jan 1970 00:00:00 -0000 > > +++ security/py-passlib/patches/patch-passlib_registry_py 1 May 2025 > > 08:04:17 -0000 > > @@ -0,0 +1,36 @@ > > +https://github.com/ThirVondukr/passlib/pull/15 > > + > > +Index: passlib/registry.py > > +--- passlib/registry.py.orig > > ++++ passlib/registry.py > > +@@ -234,7 +234,7 @@ def register_crypt_handler_path(name, path): > > + > > + # store location > > + _locations[name] = path > > +- logging.debug("registered path to %r handler: %r", name, path) > > ++ logging.getLogger(__name__).debug("registered path to %r handler: > > %r", name, path) > > + > > + > > + def register_crypt_handler(handler, force=False, _attr=None): > > +@@ -278,10 +278,10 @@ def register_crypt_handler(handler, force=False, > > _attr > > + other = _handlers.get(name) > > + if other: > > + if other is handler: > > +- logging.debug("same %r handler already registered: %r", name, > > handler) > > ++ logging.getLogger(__name__).debug("same %r handler already > > registered: %r", name, handler) > > + return > > + if force: > > +- logging.warning( > > ++ logging.getLogger(__name__).warning( > > + "overriding previously registered %r handler: %r", name, > > other > > + ) > > + else: > > +@@ -291,7 +291,7 @@ def register_crypt_handler(handler, force=False, _attr > > + > > + # register handler > > + _handlers[name] = handler > > +- logging.debug("registered %r handler: %r", name, handler) > > ++ logging.getLogger(__name__).debug("registered %r handler: %r", name, > > handler) > > + > > + > > + def get_crypt_handler(name, default=_UNSET): > > > > > > -- > > wbr, Kirill > > > -- wbr, Kirill
