anyone? On Thu, Jul 09, 2020 at 01:52:37PM +0200, Florian Obser wrote: > ... after it was deprecated since 3.2. > > 2020-07-09 08:38:44,604 [salt.utils.schedule > :853 ][ERROR ][26771] Unhandled exception running stat > e.highstate > Traceback (most recent call last): > File "/usr/local/lib/python3.8/site-packages/salt/utils/schedule.py", line > 844, in handle_func > self.returners[ret_str](ret) > File > "/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", > line 480, in returner > _produce_output(report, failed, setup) > File > "/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", > line 433, in _produce_output > _generate_html(report, string_file) > File > "/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", > line 269, in _generate_html > _generate_html_table(data, out, 0) > File > "/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", > line 220, in _generate_html_table > _generate_html_table(value, out, level + 1, new_extra_style) > File > "/usr/local/lib/python3.8/site-packages/salt/returners/highstate_return.py", > line 229, in _generate_html_table > cgi.escape(six.text_type(value)), > AttributeError: module 'cgi' has no attribute 'escape' > > I only tested the hightstate returner, no idea about nagios, but it's > mechanical... > > Technically this changes behavior in the highstate returner but I > think what it did before was actually a bug, called out in the > deprecation note: > > "Deprecated since version 3.2: This function is unsafe because quote > is false by default, and therefore deprecated. Use html.escape() > instead." > https://docs.python.org/3.7/library/cgi.html#cgi.escape > > OK? > > p.s. I tried to work out how to feed this upstream but I don't fully > grok the hoopes they want me to jump through. > > diff --git Makefile Makefile > index 1f38fa8af70..9fcf4d52a38 100644 > --- Makefile > +++ Makefile > @@ -19,7 +19,7 @@ COMMENT = remote execution and configuration > management system > > MODPY_EGG_VERSION = 3001 > DISTNAME = salt-${MODPY_EGG_VERSION} > -REVISION = 3 > +REVISION = 4 > > CATEGORIES = sysutils net devel > > diff --git patches/patch-salt_returners_highstate_return_py > patches/patch-salt_returners_highstate_return_py > new file mode 100644 > index 00000000000..439612ac661 > --- /dev/null > +++ patches/patch-salt_returners_highstate_return_py > @@ -0,0 +1,33 @@ > +$OpenBSD$ > +cgi.escape has been deprecated since python 3.2 and removed in 3.8. > + > +Index: salt/returners/highstate_return.py > +--- salt/returners/highstate_return.py.orig > ++++ salt/returners/highstate_return.py > +@@ -79,7 +79,7 @@ the time of execution. > + """ > + from __future__ import absolute_import, print_function, unicode_literals > + > +-import cgi > ++import html > + import logging > + import smtplib > + from email.mime.text import MIMEText > +@@ -226,7 +226,7 @@ def _generate_html_table(data, out, level=0, extra_sty > + "td", > + [cell_style, second_style, "value", > new_extra_style], > + ), > +- cgi.escape(six.text_type(value)), > ++ html.escape(six.text_type(value)), > + ), > + file=out, > + ) > +@@ -251,7 +251,7 @@ def _generate_html_table(data, out, level=0, extra_sty > + _lookup_style( > + "td", [cell_style, first_style, "value", > extra_style] > + ), > +- cgi.escape(six.text_type(subdata)), > ++ html.escape(six.text_type(subdata)), > + ), > + file=out, > + ) > diff --git patches/patch-salt_returners_nagios_nrdp_return_py > patches/patch-salt_returners_nagios_nrdp_return_py > new file mode 100644 > index 00000000000..a3406afa892 > --- /dev/null > +++ patches/patch-salt_returners_nagios_nrdp_return_py > @@ -0,0 +1,40 @@ > +$OpenBSD$ > +cgi.escape has been deprecated since python 3.2 and removed in 3.8. > + > +Index: salt/returners/nagios_nrdp_return.py > +--- salt/returners/nagios_nrdp_return.py.orig > ++++ salt/returners/nagios_nrdp_return.py > +@@ -51,7 +51,7 @@ To override individual configuration items, append --r > + from __future__ import absolute_import, print_function, unicode_literals > + > + # Import python libs > +-import cgi > ++import html > + import logging > + > + import salt.ext.six.moves.http_client > +@@ -125,20 +125,20 @@ def _prepare_xml(options=None, state=None): > + + six.text_type(options["checktype"]) > + + "'>" > + ) > +- xml += "<hostname>" + cgi.escape(options["hostname"], True) + > "</hostname>" > +- xml += "<servicename>" + cgi.escape(options["service"], True) + > "</servicename>" > ++ xml += "<hostname>" + html.escape(options["hostname"]) + > "</hostname>" > ++ xml += "<servicename>" + html.escape(options["service"]) + > "</servicename>" > + else: > + xml += ( > + "<checkresult type='host' checktype='" > + + six.text_type(options["checktype"]) > + + "'>" > + ) > +- xml += "<hostname>" + cgi.escape(options["hostname"], True) + > "</hostname>" > ++ xml += "<hostname>" + html.escape(options["hostname"]) + > "</hostname>" > + > + xml += "<state>" + _state + "</state>" > + > + if "output" in options: > +- xml += "<output>" + cgi.escape(options["output"], True) + > "</output>" > ++ xml += "<output>" + html.escape(options["output"]) + "</output>" > + > + xml += "</checkresult>" > + > > > -- > I'm not entirely sure you are real. >
-- I'm not entirely sure you are real.
