py-gradio: add v5.1.0 (and add/update dependencies) (fix CVEs) (spack…

…#47504) * py-pdm-backend: add v2.4.3 * py-starlette: add v0.28.0, v0.32.0, v0.35.1, v0.36.3, v0.37.2, v0.41.2 * py-fastapi: add v0.110.2, v0.115.4 * py-pydantic-extra-types: add v2.10.0 * py-pydantic-settings: add v2.6.1 * py-python-multipart: add v0.0.17 * py-email-validator: add v2.2.0
ginkgo-project · Nov 25, 2024 · 8094fa1 · 8094fa1
1 parent 5c67051
commit 8094fa1
Show file tree

Hide file tree

Showing 8 changed files with 112 additions and 10 deletions.
diff --git a/var/spack/repos/builtin/packages/py-email-validator/package.py b/var/spack/repos/builtin/packages/py-email-validator/package.py
@@ -12,10 +12,13 @@ class PyEmailValidator(PythonPackage):
     homepage = "https://github.com/JoshData/python-email-validator"
     pypi = "email_validator/email_validator-1.3.1.tar.gz"
 
-    license("CC0-1.0")
+    license("Unlicense", when="@2.1.1:", checked_by="wdconinc")
+    license("CC0-1.0", when="@:2.1.0", checked_by="wdconinc")
 
+    version("2.2.0", sha256="cb690f344c617a714f22e66ae771445a1ceb46821152df8e165c5f9a364582b7")
     version("1.3.1", sha256="d178c5c6fa6c6824e9b04f199cf23e79ac15756786573c190d2ad13089411ad2")
 
     depends_on("py-setuptools", type="build")
+    depends_on("py-dnspython@2:", type=("build", "run"), when="@2:")
     depends_on("[email protected]:", type=("build", "run"))
     depends_on("py-idna@2:", type=("build", "run"))
diff --git a/var/spack/repos/builtin/packages/py-fastapi/package.py b/var/spack/repos/builtin/packages/py-fastapi/package.py
@@ -10,34 +10,60 @@
 class PyFastapi(PythonPackage):
     """FastAPI framework, high performance, easy to learn, fast to code, ready for production"""
 
-    homepage = "https://github.com/tiangolo/fastapi"
+    homepage = "https://github.com/fastapi/fastapi"
     pypi = "fastapi/fastapi-0.88.0.tar.gz"
 
     license("MIT")
 
-    version("0.98.0", sha256="0d3c18886f652038262b5898fec6b09f4ca92ee23e9d9b1d1d24e429f84bf27b")
-    version("0.88.0", sha256="915bf304180a0e7c5605ec81097b7d4cd8826ff87a02bb198e336fb9f3b5ff02")
+    version("0.115.4", sha256="db653475586b091cb8b2fec2ac54a680ac6a158e07406e1abae31679e8826349")
+    version("0.110.2", sha256="b53d673652da3b65e8cd787ad214ec0fe303cad00d2b529b86ce7db13f17518d")
+    with default_args(deprecated=True):
+        # https://nvd.nist.gov/vuln/detail/CVE-2024-24762
+        version(
+            "0.98.0", sha256="0d3c18886f652038262b5898fec6b09f4ca92ee23e9d9b1d1d24e429f84bf27b"
+        )
+        version(
+            "0.88.0", sha256="915bf304180a0e7c5605ec81097b7d4cd8826ff87a02bb198e336fb9f3b5ff02"
+        )
 
     variant("all", default=False, description="Build all optional dependencies")
 
-    depends_on("[email protected]:", when="@0.98:", type="build")
-    depends_on("py-hatchling", type="build")
-    depends_on("[email protected]", when="@0.95.2:", type=("build", "run"))
+    depends_on("[email protected]:", when="@0.104:", type=("build", "run"))
+
+    depends_on("py-pdm-backend", when="@0.110.3:", type="build")
+    depends_on("[email protected]:", when="@0.98:0.110.2", type="build")
+    depends_on("py-hatchling", when="@:0.110.2", type="build")
+
+    depends_on("[email protected]:0.41", when="@0.115.3:", type=("build", "run"))
+    depends_on("[email protected]:0.40", when="@0.115.2", type=("build", "run"))
+    depends_on("[email protected]:0.38", when="@0.112.1:0.115.1", type=("build", "run"))
+    depends_on("[email protected]:0.37", when="@0.110.1:0.112.0", type=("build", "run"))
+    depends_on("[email protected]:0.36", when="@0.109.2:0.110.0", type=("build", "run"))
+    depends_on("[email protected]:0.35", when="@0.109.0:0.109.1", type=("build", "run"))
+    depends_on("[email protected]:0.32", when="@0.108.0:0.108", type=("build", "run"))
+    depends_on("[email protected]", when="@0.107.0:0.107", type=("build", "run"))
+    depends_on("[email protected]", when="@0.95.2:0.106", type=("build", "run"))
     depends_on("[email protected]", when="@:0.89.1", type=("build", "run"))
+    depends_on("[email protected]:1,2.1.1:2", when="@0.101:", type=("build", "run"))
     depends_on("[email protected]:1", when="@0.96.1:", type=("build", "run"))
     depends_on("[email protected]:1", when="@:0.96.0", type=("build", "run"))
+    depends_on("[email protected]:", when="@0.104:", type=("build", "run"))
 
-    conflicts("^[email protected]:1.7.3,1.8.0:1.8.1")
+    conflicts("^[email protected]:1.7.3,1.8.0:1.8.1,2.0,2.1.0")
 
     with when("+all"):
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
+        depends_on("[email protected]:", when="@0.109.1:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
+        depends_on("[email protected]:", when="@0.100:", type=("build", "run"))
         depends_on("[email protected]:", type=("build", "run"))
         depends_on("[email protected]:+standard", type=("build", "run"))
+        depends_on("[email protected]:", when="@0.100:", type=("build", "run"))
+        depends_on("[email protected]:", when="@0.100:", type=("build", "run"))
 
         conflicts("^[email protected],4.1.0,4.2.0,4.3.0,5.0.0,5.1.0")
diff --git a/var/spack/repos/builtin/packages/py-gradio/package.py b/var/spack/repos/builtin/packages/py-gradio/package.py
@@ -14,7 +14,18 @@ class PyGradio(PythonPackage):
 
     license("Apache-2.0")
 
-    version("3.36.1", sha256="1d821cee15da066c24c197248ba9aaed5f5e59505d17754561c2f96f90e73a89")
+    version("5.1.0", sha256="d2153668e6de2df7a01bb33f01a074fc7716ec863c40f472d8e439439ef1e153")
+    with default_args(deprecated=True):
+        # https://nvd.nist.gov/vuln/detail/CVE-2024-47871
+        version(
+            "4.44.1", sha256="a68a52498ac6b63f8864ef84bf7866a70e7d07ebe913edf921e1d2a3708ad5ae"
+        )
+        version(
+            "3.50.2", sha256="c6c81320566ba3e5688a1a58201d0729565a97b828b2bf6895e54f7bf25c01de"
+        )
+        version(
+            "3.36.1", sha256="1d821cee15da066c24c197248ba9aaed5f5e59505d17754561c2f96f90e73a89"
+        )
 
     depends_on("[email protected]:", type=("build", "run"))
     depends_on("py-hatchling", type="build")

diff --git a/var/spack/repos/builtin/packages/py-pdm-backend/package.py b/var/spack/repos/builtin/packages/py-pdm-backend/package.py
@@ -13,6 +13,7 @@ class PyPdmBackend(PythonPackage):
 
     license("MIT", checked_by="matz-e")
 
+    version("2.4.3", sha256="dbd9047a7ac10d11a5227e97163b617ad5d665050476ff63867d971758200728")
     version("2.3.0", sha256="e39ed2da206d90d4a6e9eb62f6dce54ed4fa65ddf172a7d5700960d0f8a09e09")
 
     depends_on("[email protected]:", type=("build", "run"))

diff --git a/var/spack/repos/builtin/packages/py-pydantic-extra-types/package.py b/var/spack/repos/builtin/packages/py-pydantic-extra-types/package.py
@@ -0,0 +1,23 @@
+# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
+# Spack Project Developers. See the top-level COPYRIGHT file for details.
+#
+# SPDX-License-Identifier: (Apache-2.0 OR MIT)
+
+from spack.package import *
+
+
+class PyPydanticExtraTypes(PythonPackage):
+    """A place for pydantic types that probably shouldn't
+    exist in the main pydantic lib."""
+
+    homepage = "https://github.com/pydantic/pydantic-extra-types"
+    pypi = "pydantic_extra_types/pydantic_extra_types-2.10.0.tar.gz"
+
+    license("MIT", checked_by="wdconinc")
+
+    version("2.10.0", sha256="552c47dd18fe1d00cfed75d9981162a2f3203cf7e77e55a3d3e70936f59587b9")
+
+    depends_on("[email protected]:", type=("build", "run"))
+    depends_on("py-hatchling", type="build")
+    depends_on("[email protected]:", type=("build", "run"))
+    depends_on("py-typing-extensions", type=("build", "run"))
diff --git a/var/spack/repos/builtin/packages/py-pydantic-settings/package.py b/var/spack/repos/builtin/packages/py-pydantic-settings/package.py
@@ -0,0 +1,22 @@
+# Copyright 2013-2024 Lawrence Livermore National Security, LLC and other
+# Spack Project Developers. See the top-level COPYRIGHT file for details.
+#
+# SPDX-License-Identifier: (Apache-2.0 OR MIT)
+
+from spack.package import *
+
+
+class PyPydanticSettings(PythonPackage):
+    """Settings management using Pydantic."""
+
+    homepage = "https://github.com/pydantic/pydantic-settings"
+    pypi = "pydantic_settings/pydantic_settings-2.6.1.tar.gz"
+
+    license("MIT", checked_by="wdconinc")
+
+    version("2.6.1", sha256="e0f92546d8a9923cb8941689abf85d6601a8c19a23e97a34b2964a2e3f813ca0")
+
+    depends_on("[email protected]:", type=("build", "run"))
+    depends_on("py-hatchling", type="build")
+    depends_on("[email protected]:", type=("build", "run"))
+    depends_on("[email protected]:", type=("build", "run"))
diff --git a/var/spack/repos/builtin/packages/py-python-multipart/package.py b/var/spack/repos/builtin/packages/py-python-multipart/package.py
@@ -15,8 +15,18 @@ class PyPythonMultipart(PythonPackage):
 
     license("Apache-2.0")
 
+    version("0.0.17", sha256="41330d831cae6e2f22902704ead2826ea038d0419530eadff3ea80175aec5538")
     version("0.0.5", sha256="f7bb5f611fc600d15fa47b3974c8aa16e93724513b49b5f95c81e6624c83fa43")
 
-    depends_on("py-setuptools", type="build")
+    depends_on("py-setuptools", type="build", when="@:0.0.5")
+    depends_on("py-hatchling", type="build", when="@0.0.6:")
 
     depends_on("[email protected]:", type=("build", "run"))
+
+    def url_for_version(self, version):
+        url = "https://files.pythonhosted.org/packages/source/p/python-multipart/{}-{}.tar.gz"
+        if self.spec.satisfies("@:0.0.5"):
+            name = "python-multipart"
+        else:
+            name = "python_multipart"
+        return url.format(name, version)
diff --git a/var/spack/repos/builtin/packages/py-starlette/package.py b/var/spack/repos/builtin/packages/py-starlette/package.py
@@ -15,6 +15,12 @@ class PyStarlette(PythonPackage):
 
     license("BSD-3-Clause")
 
+    version("0.41.2", sha256="9834fd799d1a87fd346deb76158668cfa0b0d56f85caefe8268e2d97c3468b62")
+    version("0.37.2", sha256="9af890290133b79fc3db55474ade20f6220a364a0402e0b556e7cd5e1e093823")
+    version("0.36.3", sha256="90a671733cfb35771d8cc605e0b679d23b992f8dcfad48cc60b38cb29aeb7080")
+    version("0.35.1", sha256="3e2639dac3520e4f58734ed22553f950d3f3cb1001cd2eaac4d57e8cdc5f66bc")
+    version("0.32.0", sha256="87c899fe3aee6a42f711380b03e1d244a21079529cb3dbe1a5109e60915e0bbb")
+    version("0.28.0", sha256="7bf3da5e997e796cc202cef2bd3f96a7d9b1e1943203c2fe2b42e020bc658482")
     version("0.27.0", sha256="6a6b0d042acb8d469a01eba54e9cda6cbd24ac602c4cd016723117d6a7e73b75")
     version("0.23.1", sha256="8510e5b3d670326326c5c1d4cb657cc66832193fe5d5b7015a51c7b1e1b1bf42")
     version("0.22.0", sha256="b092cbc365bea34dd6840b42861bdabb2f507f8671e642e8272d2442e08ea4ff")