#
# spec file for package python-defusedxml
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%{?!python_module:%define python_module() python-%{**} python3-%{**}}
%bcond_without tests
%{?sle15_python_module_pythons}
Name:           python-defusedxml
Version:        0.7.1
Release:        3.11
Summary:        XML bomb protection for Python stdlib modules
License:        Python-2.0
Group:          Development/Languages/Python
URL:            https://pypi.python.org/pypi/defusedxml
Source:         https://files.pythonhosted.org/packages/source/d/defusedxml/defusedxml-%{version}.tar.gz
BuildRequires:  %{python_module setuptools}
# SECTION test requirements
BuildRequires:  %{python_module lxml}
BuildRequires:  %{python_module pytest}
BuildRequires:  %{python_module xml}
# /SECTION
BuildRequires:  fdupes
BuildRequires:  python-rpm-macros
Requires:       python-xml
BuildArch:      noarch
%python_subpackages

%description
The results of an attack on a vulnerable XML library can be fairly dramatic.
With just a few hundred bytes of XML data an attacker can occupy several
gigabytes of memory within seconds. An attacker can also keep
CPUs busy for a long time with a small to medium size request.

This library allows for XML to be parsed in a manner that avoids these
pitfalls.

%prep
%setup -q -n defusedxml-%{version}

%build
%python_build

%install
%python_install
%python_expand %fdupes %{buildroot}%{$python_sitelib}

%if %{with tests}
%check
# see test_main() in tests.py; test_html_arg: deprecation warning is not raised, perhaps capturing wrongly setup?
usable_tests=$(grep addTests tests.py | sed 's:.*makeSuite(\([a-zA-Z]*\)).*:\1:' | tr '\n' ' ' | sed -e 's: $::' -e 's: : or :g')
%pytest -s -k "($usable_tests) and not test_html_arg"
%endif

%files %{python_files}
%license LICENSE
%doc README.txt CHANGES.txt
%{python_sitelib}/*

%changelog
* Fri Apr 21 2023 Dirk Müller <dmueller@suse.com>
- add sle15_python_module_pythons (jsc#PED-68)
* Thu Apr 13 2023 Matej Cepl <mcepl@suse.com>
- Make calling of %%{sle15modernpython} optional.
* Tue May 18 2021 pgajdos@suse.com
- use %%pytest macro, run lxml tests
* Tue Mar 23 2021 Dirk Müller <dmueller@suse.com>
- update to 0.7.1:
  - Fix regression ``defusedxml.ElementTree.ParseError`` (#63)
    The ``ParseError`` exception is now the same class object as
    ``xml.etree.ElementTree.ParseError`` again.
* Mon Mar  8 2021 Dirk Müller <dmueller@suse.com>
- update to 0.7.0:
  - Re-add and deprecate ``defusedxml.cElementTree``
  - Use GitHub Actions instead of TravisCI
  - Restore ``ElementTree`` attribute of ``xml.etree`` module after patching
  - Add support for Python 3.9
  - ``defusedxml.cElementTree`` is not available with Python 3.9.
  - Python 2 is deprecate. Support for Python 2 will be removed in 0.8.0.
* Thu May 30 2019 Michael Ströder <michael@stroeder.com>
- Update to 0.6.0
  - Increase test coverage.
  - Add badges to README.
  - Test on Python 3.7 stable and 3.8-dev
  - Drop support for Python 3.4
  - No longer pass *html* argument to XMLParse. It has been deprecated and
    ignored for a long time. The DefusedXMLParser still takes a html argument.
    A deprecation warning is issued when the argument is False and a TypeError
    when it's True.
  - defusedxml now fails early when pyexpat stdlib module is not available or
    broken.
  - defusedxml.ElementTree.__all__ now lists ParseError as public attribute.
  - The defusedxml.ElementTree and defusedxml.cElementTree modules had a typo
    and used XMLParse instead of XMLParser as an alias for DefusedXMLParser.
    Both the old and fixed name are now available.
* Tue Dec  4 2018 Matej Cepl <mcepl@suse.com>
- Remove superfluous devel dependency for noarch package
* Wed Apr 19 2017 toddrme2178@gmail.com
- Fix source url.
* Tue Apr 18 2017 toddrme2178@gmail.com
- Update to 5.0
  * Add compatibility with Python 3.6
  * Drop support for Python 2.6, 3.1, 3.2, 3.3
  * Fix lxml tests (XMLSyntaxError: Detected an entity reference loop)
- Implement single-spec version.
* Tue Jan 31 2017 rsalevsky@suse.com
- Dummy changelog for bsc#1019074, FATE#322329
* Tue Feb  4 2014 mcihar@suse.cz
- Initial packaging.