mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-11 02:50:24 +00:00
585f894f1c
While processing Issue 206746 [1] for a security update to
security/py-rsa (For versions < 3.3), it was noticed that Portscout
had not identified the the newer version, released on 2016-01-13.
Investigation revealed that the PyPI SiteHandler in Portscout only
processed the first url/filename returned by PyPI, which in many cases
is not a tar.gz, the default EXTRACT_SUFFIX for source distribution
(sdist) files:
[py-rsa] VersionCheck()
[py-rsa] Checking site: https://pypi.python.org/packages/source/r/rsa/
Does site handler exist ... Yes
(Portscout::SiteHandler::PyPI) GET https://pypi.python.org/pypi/rsa/json
(Portscout::SiteHandler::PyPI) GET success: 200 Filename: rsa-3.3-py2.py3-none-any.whl
FindNewest: Checking rsa-3.3-py2.py3-none-any.whl ... against port DISTFILES.
FindNewest: Checking DISTFILE ... rsa-3.1.4.tar.gz (ver: 3.1.4, sufx: .tar.gz)
[py-rsa] Done
This change backports a commit [1] made to Portroach which adds a loop to
enumerate all URLs/filenames in the PyPI JSON response, not just the
first.
[1]
|
||
---|---|---|
.. | ||
files | ||
distinfo | ||
Makefile | ||
pkg-descr | ||
pkg-plist |