From d9dc87d43ea7025e385d61d83b96c9f174c6f2f0 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Sat, 9 Oct 2021 18:55:01 +0200 Subject: doc: Clarify SOCKS auth support --- doc/help/settings.asciidoc | 2 +- qutebrowser/config/configdata.yml | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/doc/help/settings.asciidoc b/doc/help/settings.asciidoc index 18dfebc5d..60c229078 100644 --- a/doc/help/settings.asciidoc +++ b/doc/help/settings.asciidoc @@ -2669,7 +2669,7 @@ Default: +pass:[false]+ === content.proxy Proxy to use. In addition to the listed values, you can use a `socks://...` or `http://...` URL. -Note that with QtWebEngine, it will take a couple of seconds until the change is applied, if this value is changed at runtime. +Note that with QtWebEngine, it will take a couple of seconds until the change is applied, if this value is changed at runtime. Authentication for SOCKS proxies isn't supported due to Chromium limitations. Type: <> diff --git a/qutebrowser/config/configdata.yml b/qutebrowser/config/configdata.yml index a525e2426..a1ff69f74 100644 --- a/qutebrowser/config/configdata.yml +++ b/qutebrowser/config/configdata.yml @@ -1060,7 +1060,8 @@ content.proxy: `http://...` URL. Note that with QtWebEngine, it will take a couple of seconds until the - change is applied, if this value is changed at runtime. + change is applied, if this value is changed at runtime. Authentication for + SOCKS proxies isn't supported due to Chromium limitations. content.proxy_dns_requests: default: true -- cgit v1.2.3-54-g00ecf From a16951ca673e187396aec1f4c20fe86b3ecadc4d Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Mon, 11 Oct 2021 04:21:27 +0000 Subject: Update dependencies --- misc/requirements/requirements-dev.txt | 6 +++--- misc/requirements/requirements-flake8.txt | 11 ++++++----- misc/requirements/requirements-mypy.txt | 4 ++-- misc/requirements/requirements-pylint.txt | 4 ++-- misc/requirements/requirements-pyroma.txt | 2 +- misc/requirements/requirements-sphinx.txt | 4 ++-- misc/requirements/requirements-tests.txt | 14 +++++++------- requirements.txt | 2 +- 8 files changed, 24 insertions(+), 23 deletions(-) diff --git a/misc/requirements/requirements-dev.txt b/misc/requirements/requirements-dev.txt index 391106422..000ed39aa 100644 --- a/misc/requirements/requirements-dev.txt +++ b/misc/requirements/requirements-dev.txt @@ -1,7 +1,7 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py bump2version==1.0.1 -certifi==2021.5.30 +certifi==2021.10.8 cffi==1.14.6 charset-normalizer==2.0.6 cryptography==35.0.0 @@ -21,6 +21,6 @@ requests==2.26.0 sip==6.2.0 six==1.16.0 toml==0.10.2 -uritemplate==3.0.1 +uritemplate==4.0.0 # urllib3==1.26.7 -wrapt==1.12.1 +wrapt==1.13.1 diff --git a/misc/requirements/requirements-flake8.txt b/misc/requirements/requirements-flake8.txt index 7a39fba32..9d5c0e170 100644 --- a/misc/requirements/requirements-flake8.txt +++ b/misc/requirements/requirements-flake8.txt @@ -1,10 +1,11 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py attrs==21.2.0 -flake8==3.9.2 +cached-property==1.5.2 +flake8==4.0.0 flake8-bugbear==21.9.2 flake8-builtins==1.5.3 -flake8-comprehensions==3.6.1 +flake8-comprehensions==2.3.0 flake8-copyright==0.2.2 flake8-debugger==4.0.0 flake8-deprecated==1.3 @@ -13,12 +14,12 @@ flake8-future-import==0.4.6 flake8-mock==0.3 flake8-polyfill==1.0.2 flake8-string-format==0.3.0 -flake8-tidy-imports==4.4.1 +flake8-tidy-imports==3.0.0 flake8-tuple==0.4.1 mccabe==0.6.1 pep8-naming==0.12.1 -pycodestyle==2.7.0 +pycodestyle==2.8.0 pydocstyle==6.1.1 -pyflakes==2.3.1 +pyflakes==2.4.0 six==1.16.0 snowballstemmer==2.1.0 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index 4732fed81..e3a05eac7 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -1,11 +1,11 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py chardet==4.0.0 -diff-cover==6.4.1 +diff-cover==6.4.2 importlib-metadata==4.8.1 importlib-resources==5.2.2 inflect==5.3.0 -Jinja2==3.0.1 +Jinja2==3.0.2 jinja2-pluralize==0.3.0 lxml==4.6.3 MarkupSafe==2.0.1 diff --git a/misc/requirements/requirements-pylint.txt b/misc/requirements/requirements-pylint.txt index 26e07b878..9dc56ea29 100644 --- a/misc/requirements/requirements-pylint.txt +++ b/misc/requirements/requirements-pylint.txt @@ -1,7 +1,7 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py astroid==2.3.3 # rq.filter: < 2.4 -certifi==2021.5.30 +certifi==2021.10.8 cffi==1.14.6 charset-normalizer==2.0.6 cryptography==35.0.0 @@ -21,6 +21,6 @@ python-dateutil==2.8.2 requests==2.26.0 six==1.16.0 typed-ast==1.4.3 ; python_version<"3.8" -uritemplate==3.0.1 +uritemplate==4.0.0 # urllib3==1.26.7 wrapt==1.11.2 diff --git a/misc/requirements/requirements-pyroma.txt b/misc/requirements/requirements-pyroma.txt index 77badd53c..82a00016c 100644 --- a/misc/requirements/requirements-pyroma.txt +++ b/misc/requirements/requirements-pyroma.txt @@ -1,6 +1,6 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py -certifi==2021.5.30 +certifi==2021.10.8 charset-normalizer==2.0.6 docutils==0.17.1 idna==3.2 diff --git a/misc/requirements/requirements-sphinx.txt b/misc/requirements/requirements-sphinx.txt index 88d56b677..fb01ec30c 100644 --- a/misc/requirements/requirements-sphinx.txt +++ b/misc/requirements/requirements-sphinx.txt @@ -2,12 +2,12 @@ alabaster==0.7.12 Babel==2.9.1 -certifi==2021.5.30 +certifi==2021.10.8 charset-normalizer==2.0.6 docutils==0.17.1 idna==3.2 imagesize==1.2.0 -Jinja2==3.0.1 +Jinja2==3.0.2 MarkupSafe==2.0.1 packaging==21.0 Pygments==2.10.0 diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index b61eab6a8..83379d700 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -2,24 +2,24 @@ attrs==21.2.0 beautifulsoup4==4.10.0 -certifi==2021.5.30 +certifi==2021.10.8 charset-normalizer==2.0.6 cheroot==8.5.2 -click==8.0.1 -coverage==6.0 +click==8.0.3 +coverage==6.0.1 EasyProcess==0.3 execnet==1.9.0 filelock==3.3.0 -Flask==2.0.1 +Flask==2.0.2 glob2==0.7 hunter==3.3.8 -hypothesis==6.23.1 +hypothesis==6.23.2 icdiff==2.0.4 idna==3.2 iniconfig==1.1.1 itsdangerous==2.0.1 jaraco.functools==3.3.0 -# Jinja2==3.0.1 +# Jinja2==3.0.2 Mako==1.1.5 manhole==1.8.0 # MarkupSafe==2.0.1 @@ -57,4 +57,4 @@ toml==0.10.2 tomli==1.2.1 urllib3==1.26.7 vulture==2.3 -Werkzeug==2.0.1 +Werkzeug==2.0.2 diff --git a/requirements.txt b/requirements.txt index 01d49032a..a158bdde6 100644 --- a/requirements.txt +++ b/requirements.txt @@ -5,7 +5,7 @@ colorama==0.4.4 dataclasses==0.6 ; python_version<"3.7" importlib-metadata==4.8.1 ; python_version<"3.8" importlib-resources==5.2.2 ; python_version<"3.9" -Jinja2==3.0.1 +Jinja2==3.0.2 MarkupSafe==2.0.1 Pygments==2.10.0 PyYAML==5.4.1 -- cgit v1.2.3-54-g00ecf From b75786560d54a92c63b0a460b3705548985a637a Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 11 Oct 2021 14:33:00 +0200 Subject: scripts: Add cached-property changelog URL --- scripts/dev/recompile_requirements.py | 1 + 1 file changed, 1 insertion(+) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index 6c9a6bcc9..506f4ac99 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -98,6 +98,7 @@ CHANGELOG_URLS = { 'pep8-naming': 'https://github.com/PyCQA/pep8-naming/blob/master/CHANGELOG.rst', 'pycodestyle': 'https://github.com/PyCQA/pycodestyle/blob/master/CHANGES.txt', 'pyflakes': 'https://github.com/PyCQA/pyflakes/blob/master/NEWS.rst', + 'cached-property': 'https://github.com/pydanny/cached-property/blob/master/HISTORY.md', 'cffi': 'https://github.com/python-cffi/release-doc/blob/master/doc/source/whatsnew.rst', 'astroid': 'https://github.com/PyCQA/astroid/blob/2.4/ChangeLog', 'pytest-instafail': 'https://github.com/pytest-dev/pytest-instafail/blob/master/CHANGES.rst', -- cgit v1.2.3-54-g00ecf From 82ee43a56abf0bfb5b62413a757ac0fa43dd7bbf Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 11 Oct 2021 14:38:38 +0200 Subject: scripts: Update path to flake8 release notes --- scripts/dev/recompile_requirements.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index 506f4ac99..a4cd81ad4 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -81,7 +81,7 @@ CHANGELOG_URLS = { 'attrs': 'https://www.attrs.org/en/stable/changelog.html', 'Jinja2': 'https://jinja.palletsprojects.com/en/latest/changes/', 'MarkupSafe': 'https://markupsafe.palletsprojects.com/en/latest/changes/', - 'flake8': 'https://gitlab.com/pycqa/flake8/tree/master/docs/source/release-notes', + 'flake8': 'https://github.com/PyCQA/flake8/tree/main/docs/source/release-notes', 'flake8-docstrings': 'https://pypi.org/project/flake8-docstrings/', 'flake8-debugger': 'https://github.com/JBKahn/flake8-debugger/', 'flake8-builtins': 'https://github.com/gforcada/flake8-builtins/blob/master/CHANGES.rst', -- cgit v1.2.3-54-g00ecf From 1547a48e6f1a8af8dc618d5afe858084ebfd317f Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 14 Oct 2021 09:05:07 +0200 Subject: tests: Adjust for PyYAML 6.0 --- tests/unit/utils/test_utils.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/tests/unit/utils/test_utils.py b/tests/unit/utils/test_utils.py index 57adc883c..330ef3b96 100644 --- a/tests/unit/utils/test_utils.py +++ b/tests/unit/utils/test_utils.py @@ -809,8 +809,11 @@ class TestYaml: assert utils.yaml_load("[1, 2]") == [1, 2] def test_load_float_bug(self): - with pytest.raises(yaml.YAMLError): + try: utils.yaml_load("._") + except yaml.YAMLError: + # Either no exception or YAMLError, not ValueError + pass def test_load_file(self, tmp_path): tmpfile = tmp_path / 'foo.yml' -- cgit v1.2.3-54-g00ecf From 07cf1ff356bdb8538091e684eb8780dc29f44a23 Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Mon, 18 Oct 2021 04:19:35 +0000 Subject: Update dependencies --- misc/requirements/requirements-check-manifest.txt | 2 +- misc/requirements/requirements-dev.txt | 14 +++++++------- misc/requirements/requirements-flake8.txt | 7 +++---- misc/requirements/requirements-mypy.txt | 6 +++--- misc/requirements/requirements-pylint.txt | 8 ++++---- misc/requirements/requirements-pyroma.txt | 4 ++-- misc/requirements/requirements-sphinx.txt | 4 ++-- misc/requirements/requirements-tests.txt | 8 ++++---- misc/requirements/requirements-tox.txt | 4 ++-- misc/requirements/requirements-yamllint.txt | 2 +- requirements.txt | 4 ++-- 11 files changed, 31 insertions(+), 32 deletions(-) diff --git a/misc/requirements/requirements-check-manifest.txt b/misc/requirements/requirements-check-manifest.txt index 9a783f8b2..b44d45833 100644 --- a/misc/requirements/requirements-check-manifest.txt +++ b/misc/requirements/requirements-check-manifest.txt @@ -3,7 +3,7 @@ build==0.7.0 check-manifest==0.47 packaging==21.0 -pep517==0.11.0 +pep517==0.11.1 pyparsing==2.4.7 toml==0.10.2 tomli==1.2.1 diff --git a/misc/requirements/requirements-dev.txt b/misc/requirements/requirements-dev.txt index 000ed39aa..24f63926a 100644 --- a/misc/requirements/requirements-dev.txt +++ b/misc/requirements/requirements-dev.txt @@ -2,25 +2,25 @@ bump2version==1.0.1 certifi==2021.10.8 -cffi==1.14.6 -charset-normalizer==2.0.6 +cffi==1.15.0 +charset-normalizer==2.0.7 cryptography==35.0.0 Deprecated==1.2.13 github3.py==2.0.0 hunter==3.3.8 -idna==3.2 +idna==3.3 jwcrypto==1.0 manhole==1.8.0 packaging==21.0 pycparser==2.20 Pympler==0.9 pyparsing==2.4.7 -PyQt-builder==1.11.0 +PyQt-builder==1.12.1 python-dateutil==2.8.2 requests==2.26.0 -sip==6.2.0 +sip==6.3.1 six==1.16.0 toml==0.10.2 -uritemplate==4.0.0 +uritemplate==4.1.1 # urllib3==1.26.7 -wrapt==1.13.1 +wrapt==1.13.2 diff --git a/misc/requirements/requirements-flake8.txt b/misc/requirements/requirements-flake8.txt index 9d5c0e170..08b75e2bf 100644 --- a/misc/requirements/requirements-flake8.txt +++ b/misc/requirements/requirements-flake8.txt @@ -1,11 +1,10 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py attrs==21.2.0 -cached-property==1.5.2 -flake8==4.0.0 +flake8==4.0.1 flake8-bugbear==21.9.2 flake8-builtins==1.5.3 -flake8-comprehensions==2.3.0 +flake8-comprehensions==3.7.0 flake8-copyright==0.2.2 flake8-debugger==4.0.0 flake8-deprecated==1.3 @@ -14,7 +13,7 @@ flake8-future-import==0.4.6 flake8-mock==0.3 flake8-polyfill==1.0.2 flake8-string-format==0.3.0 -flake8-tidy-imports==3.0.0 +flake8-tidy-imports==4.5.0 flake8-tuple==0.4.1 mccabe==0.6.1 pep8-naming==0.12.1 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index e3a05eac7..aa72eec75 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -3,7 +3,7 @@ chardet==4.0.0 diff-cover==6.4.2 importlib-metadata==4.8.1 -importlib-resources==5.2.2 +importlib-resources==5.2.3 inflect==5.3.0 Jinja2==3.0.2 jinja2-pluralize==0.3.0 @@ -15,7 +15,7 @@ pluggy==1.0.0 Pygments==2.10.0 PyQt5-stubs==5.15.2.0 toml==0.10.2 -types-dataclasses==0.1.7 -types-PyYAML==5.4.10 +types-dataclasses==0.6.1 +types-PyYAML==5.4.12 typing-extensions==3.10.0.2 zipp==3.6.0 diff --git a/misc/requirements/requirements-pylint.txt b/misc/requirements/requirements-pylint.txt index 9dc56ea29..5f6646aed 100644 --- a/misc/requirements/requirements-pylint.txt +++ b/misc/requirements/requirements-pylint.txt @@ -2,13 +2,13 @@ astroid==2.3.3 # rq.filter: < 2.4 certifi==2021.10.8 -cffi==1.14.6 -charset-normalizer==2.0.6 +cffi==1.15.0 +charset-normalizer==2.0.7 cryptography==35.0.0 Deprecated==1.2.13 future==0.18.2 github3.py==2.0.0 -idna==3.2 +idna==3.3 isort==4.3.21 jwcrypto==1.0 lazy-object-proxy==1.4.3 @@ -21,6 +21,6 @@ python-dateutil==2.8.2 requests==2.26.0 six==1.16.0 typed-ast==1.4.3 ; python_version<"3.8" -uritemplate==4.0.0 +uritemplate==4.1.1 # urllib3==1.26.7 wrapt==1.11.2 diff --git a/misc/requirements/requirements-pyroma.txt b/misc/requirements/requirements-pyroma.txt index 82a00016c..40ee1f6e7 100644 --- a/misc/requirements/requirements-pyroma.txt +++ b/misc/requirements/requirements-pyroma.txt @@ -1,9 +1,9 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py certifi==2021.10.8 -charset-normalizer==2.0.6 +charset-normalizer==2.0.7 docutils==0.17.1 -idna==3.2 +idna==3.3 Pygments==2.10.0 pyroma==3.2 requests==2.26.0 diff --git a/misc/requirements/requirements-sphinx.txt b/misc/requirements/requirements-sphinx.txt index fb01ec30c..eda122d26 100644 --- a/misc/requirements/requirements-sphinx.txt +++ b/misc/requirements/requirements-sphinx.txt @@ -3,9 +3,9 @@ alabaster==0.7.12 Babel==2.9.1 certifi==2021.10.8 -charset-normalizer==2.0.6 +charset-normalizer==2.0.7 docutils==0.17.1 -idna==3.2 +idna==3.3 imagesize==1.2.0 Jinja2==3.0.2 MarkupSafe==2.0.1 diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index 83379d700..206a9faad 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -3,19 +3,19 @@ attrs==21.2.0 beautifulsoup4==4.10.0 certifi==2021.10.8 -charset-normalizer==2.0.6 +charset-normalizer==2.0.7 cheroot==8.5.2 click==8.0.3 -coverage==6.0.1 +coverage==6.0.2 EasyProcess==0.3 execnet==1.9.0 -filelock==3.3.0 +filelock==3.3.1 Flask==2.0.2 glob2==0.7 hunter==3.3.8 hypothesis==6.23.2 icdiff==2.0.4 -idna==3.2 +idna==3.3 iniconfig==1.1.1 itsdangerous==2.0.1 jaraco.functools==3.3.0 diff --git a/misc/requirements/requirements-tox.txt b/misc/requirements/requirements-tox.txt index 4c1cfbe27..95dec5191 100644 --- a/misc/requirements/requirements-tox.txt +++ b/misc/requirements/requirements-tox.txt @@ -2,9 +2,9 @@ backports.entry-points-selectable==1.1.0 distlib==0.3.3 -filelock==3.3.0 +filelock==3.3.1 packaging==21.0 -pip==21.2.4 +pip==21.3 platformdirs==2.4.0 pluggy==1.0.0 py==1.10.0 diff --git a/misc/requirements/requirements-yamllint.txt b/misc/requirements/requirements-yamllint.txt index 897184c74..12553f2b2 100644 --- a/misc/requirements/requirements-yamllint.txt +++ b/misc/requirements/requirements-yamllint.txt @@ -1,5 +1,5 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py pathspec==0.9.0 -PyYAML==5.4.1 +PyYAML==6.0 yamllint==1.26.3 diff --git a/requirements.txt b/requirements.txt index a158bdde6..b12ccc048 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,10 +4,10 @@ adblock==0.5.0 colorama==0.4.4 dataclasses==0.6 ; python_version<"3.7" importlib-metadata==4.8.1 ; python_version<"3.8" -importlib-resources==5.2.2 ; python_version<"3.9" +importlib-resources==5.2.3 ; python_version<"3.9" Jinja2==3.0.2 MarkupSafe==2.0.1 Pygments==2.10.0 -PyYAML==5.4.1 +PyYAML==6.0 typing-extensions==3.10.0.2 zipp==3.6.0 -- cgit v1.2.3-54-g00ecf From 8f46ba3f6dc7b18375f7aa63c48a1fe461190430 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Sat, 16 Oct 2021 22:14:20 +0200 Subject: CVE-2021-41146: Add --untrusted-args to avoid argument injection On Windows, if an application is registered as an URL handler like this: HKEY_CLASSES_ROOT https URL Protocol = "" [...] shell open command (Default) = ".../qutebrowser.exe" "%1" one would think that Windows takes care of making sure URLs can't inject arguments by containing a quote. However, this is not the case, as stated by the Microsoft docs: https://docs.microsoft.com/en-us/previous-versions/windows/internet-explorer/ie-developer/platform-apis/aa767914(v=vs.85) Security Warning: Applications that handle URI schemes must consider how to respond to malicious data. Because handler applications can receive data from untrusted sources, the URI and other parameter values passed to the application may contain malicious data that attempts to exploit the handling application. and As noted above, the string that is passed to a pluggable protocol handler might be broken across multiple parameters. Malicious parties could use additional quote or backslash characters to pass additional command line parameters. For this reason, pluggable protocol handlers should assume that any parameters on the command line could come from malicious parties, and carefully validate them. Applications that could initiate dangerous actions based on external data must first confirm those actions with the user. In addition, handling applications should be tested with URIs that are overly long or contain unexpected (or undesirable) character sequences. Indeed it's trivial to pass a command to qutebrowser this way - given how trivial the exploit is to recreate given the information above, here's a PoC: https:x" ":spawn calc (or qutebrowserurl: instead of https: if qutebrowser isn't registered as a default browser) Some applications do escape the quote characters before calling qutebrowser - but others, like Outlook Desktop or .url files, do not. As a fix, we add an --untrusted-args flag and some early validation of the raw sys.argv, before parsing any arguments or e.g. creating a QApplication (which might already allow injecting Qt flags there). We assume that there's no way for an attacker to inject flags *before* the %1 placeholder in the registry, and add --untrusted-args as the last argument of the registry entry. This way, it'd still be possible for users to customize their invocation flags without having to remove --untrusted-args. After --untrusted-args, however, we have some rather strict checks: - There should be zero or one arguments, but not two (or more) - Any argument may not start with - (flag) or : (qutebrowser command) We also add the --untrusted-args flag to the Linux .desktop file, though it should not be needed there, as the specification there is sane: https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#exec-variables Implementations must take care not to expand field codes into multiple arguments unless explicitly instructed by this specification. This means that name fields, filenames and other replacements that can contain spaces must be passed as a single argument to the executable program after expansion. There is no comparable mechanism on macOS, which opens the application without arguments and then sends an "open" event to it: https://doc.qt.io/qt-5/qfileopenevent.html This issue was introduced in qutebrowser v1.7.0 which started registering it as URL handler: baee2888907b260881d5831c68500941937261a0 / #4086 This is by no means an issue isolated to qutebrowser. Many other projects have had similar trouble with Windows' rather unexpected behavior: Electron / Exodus Bitcoin wallet: - http://web.archive.org/web/20190702112128/https://medium.com/0xcc/electrons-bug-shellexecute-to-blame-cacb433d0d62 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000006 - https://medium.com/hackernoon/exploiting-electron-rce-in-exodus-wallet-d9e6db13c374 IE/Firefox: - https://bugzilla.mozilla.org/show_bug.cgi?id=384384 - https://bugzilla.mozilla.org/show_bug.cgi?id=1572838 Others: - http://web.archive.org/web/20210930203632/https://www.vdoo.com/blog/exploiting-custom-protocol-handlers-in-windows - https://parsiya.net/blog/2021-03-17-attack-surface-analysis-part-2-custom-protocol-handlers/ - etc. etc. See CVE-2021-41146 / GHSA-vw27-fwjf-5qxm: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41146 https://github.com/qutebrowser/qutebrowser/security/advisories/GHSA-vw27-fwjf-5qxm Thanks to Ping Fan (Zetta) Ke of Valkyrie-X Security Research Group (VXRL/@vxresearch) for finding and responsibly disclosing this issue. --- misc/nsis/install.nsh | 2 +- misc/org.qutebrowser.qutebrowser.desktop | 2 +- qutebrowser/qutebrowser.py | 25 +++++++++++++ tests/unit/test_qutebrowser.py | 60 ++++++++++++++++++++++++++++++++ 4 files changed, 87 insertions(+), 2 deletions(-) diff --git a/misc/nsis/install.nsh b/misc/nsis/install.nsh index f29a0a9a8..362bf9c18 100755 --- a/misc/nsis/install.nsh +++ b/misc/nsis/install.nsh @@ -351,7 +351,7 @@ Section "Register with Windows" SectionWindowsRegister !insertmacro UpdateRegDWORD SHCTX "SOFTWARE\Classes\$2" "EditFlags" 0x00000002 !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2\DefaultIcon" "" "$1,0" !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2\shell" "" "open" - !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2\shell\open\command" "" "$\"$1$\" $\"%1$\"" + !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2\shell\open\command" "" "$\"$1$\" --untrusted-args $\"%1$\"" !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2\shell\open\ddeexec" "" "" StrCmp $2 "${PRODUCT_NAME}HTML" 0 +4 StrCpy $2 "${PRODUCT_NAME}URL" diff --git a/misc/org.qutebrowser.qutebrowser.desktop b/misc/org.qutebrowser.qutebrowser.desktop index 52144b3c5..d999496ee 100644 --- a/misc/org.qutebrowser.qutebrowser.desktop +++ b/misc/org.qutebrowser.qutebrowser.desktop @@ -45,7 +45,7 @@ Comment[it]= Un browser web vim-like utilizzabile da tastiera basato su PyQt5 Icon=qutebrowser Type=Application Categories=Network;WebBrowser; -Exec=qutebrowser %u +Exec=qutebrowser --untrusted-args %u Terminal=false StartupNotify=true MimeType=text/html;text/xml;application/xhtml+xml;application/xml;application/rdf+xml;image/gif;image/jpeg;image/png;x-scheme-handler/http;x-scheme-handler/https;x-scheme-handler/qute; diff --git a/qutebrowser/qutebrowser.py b/qutebrowser/qutebrowser.py index d0819f832..c576c4a06 100644 --- a/qutebrowser/qutebrowser.py +++ b/qutebrowser/qutebrowser.py @@ -87,6 +87,11 @@ def get_argparser(): help="Set the base name of the desktop entry for this " "application. Used to set the app_id under Wayland. See " "https://doc.qt.io/qt-5/qguiapplication.html#desktopFileName-prop") + parser.add_argument('--untrusted-args', + action='store_true', + help="Mark all following arguments as untrusted, which " + "enforces that they are URLs/search terms (and not flags or " + "commands)") parser.add_argument('--json-args', help=argparse.SUPPRESS) parser.add_argument('--temp-basedir-restarted', @@ -207,7 +212,27 @@ def _unpack_json_args(args): return argparse.Namespace(**new_args) +def _validate_untrusted_args(argv): + # NOTE: Do not use f-strings here, as this should run with older Python + # versions (so that a proper error can be displayed) + try: + untrusted_idx = argv.index('--untrusted-args') + except ValueError: + return + + rest = argv[untrusted_idx + 1:] + if len(rest) > 1: + sys.exit( + "Found multiple arguments ({}) after --untrusted-args, " + "aborting.".format(' '.join(rest))) + + for arg in rest: + if arg.startswith(('-', ':')): + sys.exit("Found {} after --untrusted-args, aborting.".format(arg)) + + def main(): + _validate_untrusted_args(sys.argv) parser = get_argparser() argv = sys.argv[1:] args = parser.parse_args(argv) diff --git a/tests/unit/test_qutebrowser.py b/tests/unit/test_qutebrowser.py index d9275631d..36b4065a1 100644 --- a/tests/unit/test_qutebrowser.py +++ b/tests/unit/test_qutebrowser.py @@ -22,6 +22,8 @@ (Mainly commandline flag parsing) """ +import re + import pytest from qutebrowser import qutebrowser @@ -75,3 +77,61 @@ class TestJsonArgs: # pylint: disable=no-member assert args.debug assert not args.temp_basedir + + +class TestValidateUntrustedArgs: + + @pytest.mark.parametrize('args', [ + [], + [':nop'], + [':nop', '--untrusted-args'], + [':nop', '--debug', '--untrusted-args'], + [':nop', '--untrusted-args', 'foo'], + ['--debug', '--untrusted-args', 'foo'], + ['foo', '--untrusted-args', 'bar'], + ]) + def test_valid(self, args): + qutebrowser._validate_untrusted_args(args) + + @pytest.mark.parametrize('args, message', [ + ( + ['--untrusted-args', '--debug'], + "Found --debug after --untrusted-args, aborting.", + ), + ( + ['--untrusted-args', ':nop'], + "Found :nop after --untrusted-args, aborting.", + ), + ( + ['--debug', '--untrusted-args', '--debug'], + "Found --debug after --untrusted-args, aborting.", + ), + ( + [':nop', '--untrusted-args', '--debug'], + "Found --debug after --untrusted-args, aborting.", + ), + ( + [':nop', '--untrusted-args', ':nop'], + "Found :nop after --untrusted-args, aborting.", + ), + ( + [ + ':nop', + '--untrusted-args', + ':nop', + '--untrusted-args', + 'https://www.example.org', + ], + ( + "Found multiple arguments (:nop --untrusted-args " + "https://www.example.org) after --untrusted-args, aborting." + ) + ), + ( + ['--untrusted-args', 'okay1', 'okay2'], + "Found multiple arguments (okay1 okay2) after --untrusted-args, aborting.", + ), + ]) + def test_invalid(self, args, message): + with pytest.raises(SystemExit, match=re.escape(message)): + qutebrowser._validate_untrusted_args(args) -- cgit v1.2.3-54-g00ecf From 58e64d28c4d69f992fdaaff55df8e7001ae56ac6 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Sat, 16 Oct 2021 23:15:53 +0200 Subject: Don't register qutebrowserurl: as URL protocol This was originally intended as a fix for CVE-2021-41146, but it turned out the same exploit works via e.g. https:// just as well. Still, it makes sense to remove it. --- misc/nsis/install.nsh | 1 - 1 file changed, 1 deletion(-) diff --git a/misc/nsis/install.nsh b/misc/nsis/install.nsh index 362bf9c18..9f0cdf446 100755 --- a/misc/nsis/install.nsh +++ b/misc/nsis/install.nsh @@ -357,7 +357,6 @@ Section "Register with Windows" SectionWindowsRegister StrCpy $2 "${PRODUCT_NAME}URL" StrCpy $3 "${PRODUCT_NAME} URL" Goto WriteRegHandler - !insertmacro UpdateRegStr SHCTX "SOFTWARE\Classes\$2" "URL Protocol" "" ${endif} SectionEnd -- cgit v1.2.3-54-g00ecf From c1c0f0f80147bb0ca5b31a70697b8966fa4fb784 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 16:22:24 +0200 Subject: Update UA completions --- qutebrowser/config/configdata.yml | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/qutebrowser/config/configdata.yml b/qutebrowser/config/configdata.yml index a1ff69f74..e034fe8f5 100644 --- a/qutebrowser/config/configdata.yml +++ b/qutebrowser/config/configdata.yml @@ -679,14 +679,14 @@ content.headers.user_agent: # Vim-protip: Place your cursor below this comment and run # :r!python scripts/dev/ua_fetch.py - - "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, - like Gecko) Chrome/90.0.4430.93 Safari/537.36" - - Chrome 90 Win10 + like Gecko) Chrome/92.0.4515.131 Safari/537.36" + - Chrome 92 Win10 - - "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 - (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36" - - Chrome 90 macOS + (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36" + - Chrome 92 macOS - - "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like - Gecko) Chrome/90.0.4430.93 Safari/537.36" - - Chrome 90 Linux + Gecko) Chrome/92.0.4515.131 Safari/537.36" + - Chrome 92 Linux supports_pattern: true desc: | User agent to send. -- cgit v1.2.3-54-g00ecf From 777d82fce40190d8da26ddffeee35c99b7c65d1e Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 16:44:20 +0200 Subject: Update docs --- doc/qutebrowser.1.asciidoc | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/qutebrowser.1.asciidoc b/doc/qutebrowser.1.asciidoc index 8db231add..bc312f108 100644 --- a/doc/qutebrowser.1.asciidoc +++ b/doc/qutebrowser.1.asciidoc @@ -65,6 +65,9 @@ show it. *--desktop-file-name* 'DESKTOP_FILE_NAME':: Set the base name of the desktop entry for this application. Used to set the app_id under Wayland. See https://doc.qt.io/qt-5/qguiapplication.html#desktopFileName-prop +*--untrusted-args*:: + Mark all following arguments as untrusted, which enforces that they are URLs/search terms (and not flags or commands) + === debug arguments *-l* '{critical,error,warning,info,debug,vdebug}', *--loglevel* '{critical,error,warning,info,debug,vdebug}':: Override the configured console loglevel -- cgit v1.2.3-54-g00ecf From 8326ea0e9dea2987ad90952ef7a7a377a29006da Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 16:49:33 +0200 Subject: scripts: Adjust changelog URLs --- scripts/dev/recompile_requirements.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index a4cd81ad4..3ec2b59b8 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -98,7 +98,6 @@ CHANGELOG_URLS = { 'pep8-naming': 'https://github.com/PyCQA/pep8-naming/blob/master/CHANGELOG.rst', 'pycodestyle': 'https://github.com/PyCQA/pycodestyle/blob/master/CHANGES.txt', 'pyflakes': 'https://github.com/PyCQA/pyflakes/blob/master/NEWS.rst', - 'cached-property': 'https://github.com/pydanny/cached-property/blob/master/HISTORY.md', 'cffi': 'https://github.com/python-cffi/release-doc/blob/master/doc/source/whatsnew.rst', 'astroid': 'https://github.com/PyCQA/astroid/blob/2.4/ChangeLog', 'pytest-instafail': 'https://github.com/pytest-dev/pytest-instafail/blob/master/CHANGES.rst', @@ -171,7 +170,7 @@ CHANGELOG_URLS = { 'check-manifest': 'https://github.com/mgedmin/check-manifest/blob/master/CHANGES.rst', 'yamllint': 'https://github.com/adrienverge/yamllint/blob/master/CHANGELOG.rst', 'pathspec': 'https://github.com/cpburnz/python-path-specification/blob/master/CHANGES.rst', - 'filelock': 'https://github.com/tox-dev/py-filelock/commits/main', + 'filelock': 'https://github.com/tox-dev/py-filelock/blob/main/docs/changelog.rst', 'github3.py': 'https://github3py.readthedocs.io/en/master/release-notes/index.html', 'manhole': 'https://github.com/ionelmc/python-manhole/blob/master/CHANGELOG.rst', 'pycparser': 'https://github.com/eliben/pycparser/blob/master/CHANGES', -- cgit v1.2.3-54-g00ecf From 959c3889840f3118b09b93ddd603e2c1a848c15c Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 16:51:55 +0200 Subject: tox: Use newest PyQt for pyinstaller See #6611 --- misc/requirements/requirements-pyqt-pyinstaller.txt | 7 ------- misc/requirements/requirements-pyqt-pyinstaller.txt-raw | 2 -- tox.ini | 2 +- 3 files changed, 1 insertion(+), 10 deletions(-) delete mode 100644 misc/requirements/requirements-pyqt-pyinstaller.txt delete mode 100644 misc/requirements/requirements-pyqt-pyinstaller.txt-raw diff --git a/misc/requirements/requirements-pyqt-pyinstaller.txt b/misc/requirements/requirements-pyqt-pyinstaller.txt deleted file mode 100644 index 678a1d7ea..000000000 --- a/misc/requirements/requirements-pyqt-pyinstaller.txt +++ /dev/null @@ -1,7 +0,0 @@ -# This file is automatically generated by scripts/dev/recompile_requirements.py - -PyQt5==5.15.3 -PyQt5-Qt==5.15.2 -PyQt5-sip==12.9.0 -PyQtWebEngine==5.15.3 -PyQtWebEngine-Qt==5.15.2 diff --git a/misc/requirements/requirements-pyqt-pyinstaller.txt-raw b/misc/requirements/requirements-pyqt-pyinstaller.txt-raw deleted file mode 100644 index 89b5644da..000000000 --- a/misc/requirements/requirements-pyqt-pyinstaller.txt-raw +++ /dev/null @@ -1,2 +0,0 @@ -PyQt5==5.15.3 -PyQtWebEngine==5.15.3 diff --git a/tox.ini b/tox.ini index 4be5b8620..271bf4241 100644 --- a/tox.ini +++ b/tox.ini @@ -160,7 +160,7 @@ passenv = APPDATA HOME PYINSTALLER_DEBUG deps = -r{toxinidir}/requirements.txt -r{toxinidir}/misc/requirements/requirements-pyinstaller.txt - -r{toxinidir}/misc/requirements/requirements-pyqt-pyinstaller.txt + -r{toxinidir}/misc/requirements/requirements-pyqt.txt commands = {envbindir}/pyinstaller --noconfirm misc/qutebrowser.spec -- cgit v1.2.3-54-g00ecf From a0bfb7c824900881f01c53204d9e8cd0b5b78f53 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 17:07:53 +0200 Subject: scripts: Remove macOS symlinking Seems to be fixed in PyInstaller 4.4? See #6611. --- scripts/dev/build_release.py | 19 ------------------- 1 file changed, 19 deletions(-) diff --git a/scripts/dev/build_release.py b/scripts/dev/build_release.py index a1c6646eb..04a981199 100755 --- a/scripts/dev/build_release.py +++ b/scripts/dev/build_release.py @@ -225,25 +225,6 @@ def patch_mac_app(): with open(plist_path, "wb") as f: plistlib.dump(plist_data, f) - # Replace some duplicate files by symlinks - framework_path = os.path.join(app_path, 'Contents', 'MacOS', 'PyQt5', - 'Qt', 'lib', 'QtWebEngineCore.framework') - - core_lib = os.path.join(framework_path, 'Versions', '5', 'QtWebEngineCore') - os.remove(core_lib) - core_target = os.path.join(*[os.pardir] * 7, 'MacOS', 'QtWebEngineCore') - os.symlink(core_target, core_lib) - - framework_resource_path = os.path.join(framework_path, 'Resources') - for name in os.listdir(framework_resource_path): - file_path = os.path.join(framework_resource_path, name) - target = os.path.join(*[os.pardir] * 5, name) - if os.path.isdir(file_path): - shutil.rmtree(file_path) - else: - os.remove(file_path) - os.symlink(target, file_path) - INFO_PLIST_UPDATES = { 'CFBundleVersion': qutebrowser.__version__, -- cgit v1.2.3-54-g00ecf From 337ad04fd460a9af0d96a5dff6dc05631e39237e Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:02:36 +0200 Subject: utils: Don't require coverage for old PyYAML workaround --- qutebrowser/utils/utils.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/qutebrowser/utils/utils.py b/qutebrowser/utils/utils.py index a56769255..5784d754c 100644 --- a/qutebrowser/utils/utils.py +++ b/qutebrowser/utils/utils.py @@ -670,7 +670,8 @@ def yaml_load(f: Union[str, IO[str]]) -> Any: try: data = yaml.load(f, Loader=YamlLoader) except ValueError as e: - if str(e).startswith('could not convert string to float'): + pyyaml_error = 'could not convert string to float' + if str(e).startswith(pyyaml_error): # pragma: no cover # WORKAROUND for https://github.com/yaml/pyyaml/issues/168 raise yaml.YAMLError(e) raise # pragma: no cover -- cgit v1.2.3-54-g00ecf From 9989bf223fcb6894659c75c6c2523542626c3552 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:02:49 +0200 Subject: requirements: PyQt 5.15.5 --- misc/requirements/requirements-pyqt.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/misc/requirements/requirements-pyqt.txt b/misc/requirements/requirements-pyqt.txt index 75ef27bf4..6a662ef7b 100644 --- a/misc/requirements/requirements-pyqt.txt +++ b/misc/requirements/requirements-pyqt.txt @@ -1,7 +1,7 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py -PyQt5==5.15.4 +PyQt5==5.15.5 PyQt5-Qt5==5.15.2 PyQt5-sip==12.9.0 -PyQtWebEngine==5.15.4 +PyQtWebEngine==5.15.5 PyQtWebEngine-Qt5==5.15.2 -- cgit v1.2.3-54-g00ecf From a8dacd98fb15c688571d1fa9db82cbd4715a0bda Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:03:21 +0200 Subject: scripts: Remove old -Qt5 PyQt packages --- scripts/dev/recompile_requirements.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index 3ec2b59b8..6f1a12ab0 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -142,10 +142,8 @@ CHANGELOG_URLS = { 'tomli': 'https://github.com/hukkin/tomli/blob/master/CHANGELOG.md', 'PyQt5': 'https://www.riverbankcomputing.com/news', 'PyQt5-Qt': 'https://www.riverbankcomputing.com/news', - 'PyQt5-Qt5': 'https://www.riverbankcomputing.com/news', 'PyQtWebEngine': 'https://www.riverbankcomputing.com/news', 'PyQtWebEngine-Qt': 'https://www.riverbankcomputing.com/news', - 'PyQtWebEngine-Qt5': 'https://www.riverbankcomputing.com/news', 'PyQt-builder': 'https://www.riverbankcomputing.com/news', 'PyQt5-sip': 'https://www.riverbankcomputing.com/news', 'PyQt5-stubs': 'https://github.com/stlehmann/PyQt5-stubs/blob/master/CHANGELOG.md', -- cgit v1.2.3-54-g00ecf From 51972fa4e2fa3b9d90cd728020d5d7496331b008 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:18:03 +0200 Subject: Revert "scripts: Remove macOS symlinking" This reverts commit a0bfb7c824900881f01c53204d9e8cd0b5b78f53. It *is* required, just used the wrong path... gg --- scripts/dev/build_release.py | 19 +++++++++++++++++++ 1 file changed, 19 insertions(+) diff --git a/scripts/dev/build_release.py b/scripts/dev/build_release.py index 04a981199..a1c6646eb 100755 --- a/scripts/dev/build_release.py +++ b/scripts/dev/build_release.py @@ -225,6 +225,25 @@ def patch_mac_app(): with open(plist_path, "wb") as f: plistlib.dump(plist_data, f) + # Replace some duplicate files by symlinks + framework_path = os.path.join(app_path, 'Contents', 'MacOS', 'PyQt5', + 'Qt', 'lib', 'QtWebEngineCore.framework') + + core_lib = os.path.join(framework_path, 'Versions', '5', 'QtWebEngineCore') + os.remove(core_lib) + core_target = os.path.join(*[os.pardir] * 7, 'MacOS', 'QtWebEngineCore') + os.symlink(core_target, core_lib) + + framework_resource_path = os.path.join(framework_path, 'Resources') + for name in os.listdir(framework_resource_path): + file_path = os.path.join(framework_resource_path, name) + target = os.path.join(*[os.pardir] * 5, name) + if os.path.isdir(file_path): + shutil.rmtree(file_path) + else: + os.remove(file_path) + os.symlink(target, file_path) + INFO_PLIST_UPDATES = { 'CFBundleVersion': qutebrowser.__version__, -- cgit v1.2.3-54-g00ecf From e6e7e95013f76a21357783d27fda85de6f125ffc Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:18:36 +0200 Subject: scripts: Use new Qt path in build_release --- scripts/dev/build_release.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/dev/build_release.py b/scripts/dev/build_release.py index a1c6646eb..4961cbdc8 100755 --- a/scripts/dev/build_release.py +++ b/scripts/dev/build_release.py @@ -227,7 +227,7 @@ def patch_mac_app(): # Replace some duplicate files by symlinks framework_path = os.path.join(app_path, 'Contents', 'MacOS', 'PyQt5', - 'Qt', 'lib', 'QtWebEngineCore.framework') + 'Qt5', 'lib', 'QtWebEngineCore.framework') core_lib = os.path.join(framework_path, 'Versions', '5', 'QtWebEngineCore') os.remove(core_lib) -- cgit v1.2.3-54-g00ecf From ca114a076621c58f067e8b809e7ef4e27ad4e2c1 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:26:57 +0200 Subject: scripts: Fix changelog URLs for real --- scripts/dev/recompile_requirements.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index 6f1a12ab0..c013346ae 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -141,9 +141,9 @@ CHANGELOG_URLS = { 'toml': 'https://github.com/uiri/toml/releases', 'tomli': 'https://github.com/hukkin/tomli/blob/master/CHANGELOG.md', 'PyQt5': 'https://www.riverbankcomputing.com/news', - 'PyQt5-Qt': 'https://www.riverbankcomputing.com/news', + 'PyQt5-Qt5': 'https://www.riverbankcomputing.com/news', 'PyQtWebEngine': 'https://www.riverbankcomputing.com/news', - 'PyQtWebEngine-Qt': 'https://www.riverbankcomputing.com/news', + 'PyQtWebEngine-Qt5': 'https://www.riverbankcomputing.com/news', 'PyQt-builder': 'https://www.riverbankcomputing.com/news', 'PyQt5-sip': 'https://www.riverbankcomputing.com/news', 'PyQt5-stubs': 'https://github.com/stlehmann/PyQt5-stubs/blob/master/CHANGELOG.md', -- cgit v1.2.3-54-g00ecf From 62958e54e09eb21fbe7ce4d1517b6b35e9509e85 Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Thu, 21 Oct 2021 16:34:33 +0000 Subject: Update dependencies --- misc/requirements/requirements-check-manifest.txt | 2 +- misc/requirements/requirements-mypy.txt | 2 +- misc/requirements/requirements-pyqt-5.15.txt | 4 ++-- misc/requirements/requirements-tests.txt | 2 +- requirements.txt | 2 +- 5 files changed, 6 insertions(+), 6 deletions(-) diff --git a/misc/requirements/requirements-check-manifest.txt b/misc/requirements/requirements-check-manifest.txt index b44d45833..d13d82006 100644 --- a/misc/requirements/requirements-check-manifest.txt +++ b/misc/requirements/requirements-check-manifest.txt @@ -3,7 +3,7 @@ build==0.7.0 check-manifest==0.47 packaging==21.0 -pep517==0.11.1 +pep517==0.12.0 pyparsing==2.4.7 toml==0.10.2 tomli==1.2.1 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index aa72eec75..2048eba21 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -3,7 +3,7 @@ chardet==4.0.0 diff-cover==6.4.2 importlib-metadata==4.8.1 -importlib-resources==5.2.3 +importlib-resources==5.3.0 inflect==5.3.0 Jinja2==3.0.2 jinja2-pluralize==0.3.0 diff --git a/misc/requirements/requirements-pyqt-5.15.txt b/misc/requirements/requirements-pyqt-5.15.txt index 8b7a53c44..cc00b1c6d 100644 --- a/misc/requirements/requirements-pyqt-5.15.txt +++ b/misc/requirements/requirements-pyqt-5.15.txt @@ -1,7 +1,7 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py -PyQt5==5.15.4 # rq.filter: < 5.16 +PyQt5==5.15.5 # rq.filter: < 5.16 PyQt5-Qt5==5.15.2 PyQt5-sip==12.9.0 -PyQtWebEngine==5.15.4 # rq.filter: < 5.16 +PyQtWebEngine==5.15.5 # rq.filter: < 5.16 PyQtWebEngine-Qt5==5.15.2 diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index 206a9faad..6e78d3fce 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -13,7 +13,7 @@ filelock==3.3.1 Flask==2.0.2 glob2==0.7 hunter==3.3.8 -hypothesis==6.23.2 +hypothesis==6.23.4 icdiff==2.0.4 idna==3.3 iniconfig==1.1.1 diff --git a/requirements.txt b/requirements.txt index b12ccc048..b1de6aef8 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ adblock==0.5.0 colorama==0.4.4 dataclasses==0.6 ; python_version<"3.7" importlib-metadata==4.8.1 ; python_version<"3.8" -importlib-resources==5.2.3 ; python_version<"3.9" +importlib-resources==5.3.0 ; python_version<"3.9" Jinja2==3.0.2 MarkupSafe==2.0.1 Pygments==2.10.0 -- cgit v1.2.3-54-g00ecf From 2d85e4100624f09f14a7256f81870f292d152af5 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:35:50 +0200 Subject: utils: Fix coverage pragma location --- qutebrowser/utils/utils.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/qutebrowser/utils/utils.py b/qutebrowser/utils/utils.py index 5784d754c..f42515c5c 100644 --- a/qutebrowser/utils/utils.py +++ b/qutebrowser/utils/utils.py @@ -669,12 +669,12 @@ def yaml_load(f: Union[str, IO[str]]) -> Any: r"of from 'collections\.abc' is deprecated.*"): try: data = yaml.load(f, Loader=YamlLoader) - except ValueError as e: + except ValueError as e: # pragma: no cover pyyaml_error = 'could not convert string to float' - if str(e).startswith(pyyaml_error): # pragma: no cover + if str(e).startswith(pyyaml_error): # WORKAROUND for https://github.com/yaml/pyyaml/issues/168 raise yaml.YAMLError(e) - raise # pragma: no cover + raise end = datetime.datetime.now() -- cgit v1.2.3-54-g00ecf From bcd91f3d4a0c2abec3c2742681f71f77643cfd3d Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:37:26 +0200 Subject: Fix typo --- qutebrowser/utils/resources.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qutebrowser/utils/resources.py b/qutebrowser/utils/resources.py index ff5ec9d9a..f561d6747 100644 --- a/qutebrowser/utils/resources.py +++ b/qutebrowser/utils/resources.py @@ -82,7 +82,7 @@ def _glob( else: # zipfile.Path or importlib_resources compat object # Unfortunately, we can't tell mypy about resource_path being of type # Union[pathlib.Path, zipfile.Path] because we set "python_version = 3.6" in - # .mypy.ini, but the zipfiel stubs (correctly) only declare zipfile.Path with + # .mypy.ini, but the zipfile stubs (correctly) only declare zipfile.Path with # Python 3.8... assert glob_path.is_dir(), glob_path # type: ignore[unreachable] for subpath in glob_path.iterdir(): -- cgit v1.2.3-54-g00ecf From 1e1aa4e89187bc70f27af18231942608003ae168 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:43:39 +0200 Subject: Update changelog --- doc/changelog.asciidoc | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index c17f35eec..b3f99fb05 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -19,6 +19,14 @@ breaking changes (such as renamed commands) can happen in minor releases. v2.4.0 (unreleased) ------------------- +Security +~~~~~~~~ + +- **CVE-2021-41146**: Fix arbitrary command execution on Windows via URL handler + argument injection. See the + https://github.com/qutebrowser/qutebrowser/security/advisories/GHSA-vw27-fwjf-5qxm[security advisory] + for details. + Added ~~~~~ -- cgit v1.2.3-54-g00ecf From 36ffff2f6b3b77f900cd503b86ec9cfd9497e983 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 21 Oct 2021 18:50:06 +0200 Subject: Release v2.4.0 --- .bumpversion.cfg | 2 +- doc/changelog.asciidoc | 2 +- misc/org.qutebrowser.qutebrowser.appdata.xml | 1 + qutebrowser/__init__.py | 2 +- 4 files changed, 4 insertions(+), 3 deletions(-) diff --git a/.bumpversion.cfg b/.bumpversion.cfg index e1e31afc5..cf1c019f7 100644 --- a/.bumpversion.cfg +++ b/.bumpversion.cfg @@ -1,5 +1,5 @@ [bumpversion] -current_version = 2.3.1 +current_version = 2.4.0 commit = True message = Release v{new_version} tag = True diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index b3f99fb05..901461023 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -16,7 +16,7 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Security` to invite users to upgrade in case of vulnerabilities. [[v2.4.0]] -v2.4.0 (unreleased) +v2.4.0 (2021-10-21) ------------------- Security diff --git a/misc/org.qutebrowser.qutebrowser.appdata.xml b/misc/org.qutebrowser.qutebrowser.appdata.xml index 7c382cbb3..9930514d0 100644 --- a/misc/org.qutebrowser.qutebrowser.appdata.xml +++ b/misc/org.qutebrowser.qutebrowser.appdata.xml @@ -44,6 +44,7 @@ + diff --git a/qutebrowser/__init__.py b/qutebrowser/__init__.py index 29a8e4836..c05215792 100644 --- a/qutebrowser/__init__.py +++ b/qutebrowser/__init__.py @@ -26,7 +26,7 @@ __copyright__ = "Copyright 2014-2021 Florian Bruhin (The Compiler)" __license__ = "GPL" __maintainer__ = __author__ __email__ = "mail@qutebrowser.org" -__version__ = "2.3.1" +__version__ = "2.4.0" __version_info__ = tuple(int(part) for part in __version__.split('.')) __description__ = "A keyboard-driven, vim-like browser based on PyQt5." -- cgit v1.2.3-54-g00ecf From 540f40d17bba91e8e69857fc1c8124615b623916 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Fri, 22 Oct 2021 22:14:08 +0200 Subject: doc: Add breath theme --- doc/help/configuring.asciidoc | 1 + 1 file changed, 1 insertion(+) diff --git a/doc/help/configuring.asciidoc b/doc/help/configuring.asciidoc index 23894ddc4..552145023 100644 --- a/doc/help/configuring.asciidoc +++ b/doc/help/configuring.asciidoc @@ -412,6 +412,7 @@ Pre-built colorschemes - https://github.com/dracula/qutebrowser-dracula-theme[Dracula] - https://gitlab.com/lovetocode999/selenized-qutebrowser[Selenized] - https://github.com/morhetz/gruvbox[gruvbox]: https://github.com/The-Compiler/dotfiles/blob/master/qutebrowser/gruvbox.py[The-Compiler], https://gitlab.com/shaneyost/dots-popos-september-2020/-/blob/master/qutebrowser/config.py[Shane Yost] +- https://www.opencode.net/wakellor957/qb-breath/-/blob/main/qb-breath.py[Manjaro Breath-like] Avoiding flake8 errors ^^^^^^^^^^^^^^^^^^^^^^ -- cgit v1.2.3-54-g00ecf From 7a83b15d6ddfa687462b86611bc2177ff22c670d Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 25 Oct 2021 09:53:21 +0200 Subject: Add pylint_checkers build dir to .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 31c4ca3b7..ccfc12ccb 100644 --- a/.gitignore +++ b/.gitignore @@ -49,6 +49,7 @@ TODO /scripts/testbrowser/cpp/webengine/testbrowser /scripts/testbrowser/cpp/webengine/.qmake.stash /scripts/dev/pylint_checkers/qute_pylint.egg-info +/scripts/dev/pylint_checkers/build /misc/file_version_info.txt /doc/extapi/_build /misc/nsis/include -- cgit v1.2.3-54-g00ecf From 0e06d8db7b239e7ee955bebec427ad087510159c Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Mon, 25 Oct 2021 08:04:42 +0000 Subject: Update dependencies --- misc/requirements/requirements-check-manifest.txt | 2 +- misc/requirements/requirements-dev.txt | 2 +- misc/requirements/requirements-mypy.txt | 2 +- misc/requirements/requirements-sphinx.txt | 2 +- misc/requirements/requirements-tests.txt | 4 ++-- misc/requirements/requirements-tox.txt | 8 ++++---- 6 files changed, 10 insertions(+), 10 deletions(-) diff --git a/misc/requirements/requirements-check-manifest.txt b/misc/requirements/requirements-check-manifest.txt index d13d82006..6923babfe 100644 --- a/misc/requirements/requirements-check-manifest.txt +++ b/misc/requirements/requirements-check-manifest.txt @@ -4,6 +4,6 @@ build==0.7.0 check-manifest==0.47 packaging==21.0 pep517==0.12.0 -pyparsing==2.4.7 +pyparsing==3.0.1 toml==0.10.2 tomli==1.2.1 diff --git a/misc/requirements/requirements-dev.txt b/misc/requirements/requirements-dev.txt index 24f63926a..2c750eab7 100644 --- a/misc/requirements/requirements-dev.txt +++ b/misc/requirements/requirements-dev.txt @@ -14,7 +14,7 @@ manhole==1.8.0 packaging==21.0 pycparser==2.20 Pympler==0.9 -pyparsing==2.4.7 +pyparsing==3.0.1 PyQt-builder==1.12.1 python-dateutil==2.8.2 requests==2.26.0 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index 2048eba21..e49cc1ee5 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -16,6 +16,6 @@ Pygments==2.10.0 PyQt5-stubs==5.15.2.0 toml==0.10.2 types-dataclasses==0.6.1 -types-PyYAML==5.4.12 +types-PyYAML==6.0.0 typing-extensions==3.10.0.2 zipp==3.6.0 diff --git a/misc/requirements/requirements-sphinx.txt b/misc/requirements/requirements-sphinx.txt index eda122d26..c37ec4c51 100644 --- a/misc/requirements/requirements-sphinx.txt +++ b/misc/requirements/requirements-sphinx.txt @@ -11,7 +11,7 @@ Jinja2==3.0.2 MarkupSafe==2.0.1 packaging==21.0 Pygments==2.10.0 -pyparsing==2.4.7 +pyparsing==3.0.1 pytz==2021.3 requests==2.26.0 snowballstemmer==2.1.0 diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index 6e78d3fce..5f146ee82 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -13,7 +13,7 @@ filelock==3.3.1 Flask==2.0.2 glob2==0.7 hunter==3.3.8 -hypothesis==6.23.4 +hypothesis==6.24.0 icdiff==2.0.4 idna==3.3 iniconfig==1.1.1 @@ -32,7 +32,7 @@ pprintpp==0.4.0 py==1.10.0 py-cpuinfo==8.0.0 Pygments==2.10.0 -pyparsing==2.4.7 +pyparsing==3.0.1 pytest==6.2.5 pytest-bdd==4.1.0 pytest-benchmark==3.4.1 diff --git a/misc/requirements/requirements-tox.txt b/misc/requirements/requirements-tox.txt index 95dec5191..7d06679ce 100644 --- a/misc/requirements/requirements-tox.txt +++ b/misc/requirements/requirements-tox.txt @@ -4,14 +4,14 @@ backports.entry-points-selectable==1.1.0 distlib==0.3.3 filelock==3.3.1 packaging==21.0 -pip==21.3 +pip==21.3.1 platformdirs==2.4.0 pluggy==1.0.0 py==1.10.0 -pyparsing==2.4.7 -setuptools==58.2.0 +pyparsing==3.0.1 +setuptools==58.3.0 six==1.16.0 toml==0.10.2 tox==3.24.4 -virtualenv==20.8.1 +virtualenv==20.9.0 wheel==0.37.0 -- cgit v1.2.3-54-g00ecf From ed5af1fcd2b37f12a424e5d5d9b4e57ac331fe2a Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 25 Oct 2021 12:56:07 +0200 Subject: Improve error handling with early faulthandler enable Speculative fix for issue reported by a macOS user: https://crashes.qutebrowser.org/lists?search=NullWriter See https://github.com/pyinstaller/pyinstaller/issues/4481 --- qutebrowser/misc/earlyinit.py | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/qutebrowser/misc/earlyinit.py b/qutebrowser/misc/earlyinit.py index c4ff0bb85..1863dedb3 100644 --- a/qutebrowser/misc/earlyinit.py +++ b/qutebrowser/misc/earlyinit.py @@ -111,17 +111,21 @@ def init_faulthandler(fileobj=sys.__stderr__): Args: fobj: An opened file object to write the traceback to. """ - if fileobj is None: + try: + faulthandler.enable(fileobj) + except (RuntimeError, AttributeError) as e: # When run with pythonw.exe, sys.__stderr__ can be None: # https://docs.python.org/3/library/sys.html#sys.__stderr__ - # If we'd enable faulthandler in that case, we just get a weird - # exception, so we don't enable faulthandler if we have no stdout. + # + # With PyInstaller, it can be a NullWriter raising AttributeError on + # fileno: https://github.com/pyinstaller/pyinstaller/issues/4481 # # Later when we have our data dir available we re-enable faulthandler # to write to a file so we can display a crash to the user at the next # start. + log.debug(f"Failed to enable early faulthandler: {e}", exc_info=True) return - faulthandler.enable(fileobj) + if (hasattr(faulthandler, 'register') and hasattr(signal, 'SIGUSR1') and sys.stderr is not None): # If available, we also want a traceback on SIGUSR1. -- cgit v1.2.3-54-g00ecf From 5c33d1fdef9d1733e49c842ccae1b77b4e30bdab Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 25 Oct 2021 12:59:12 +0200 Subject: Update changelog --- doc/changelog.asciidoc | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index 901461023..d9753efa2 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -15,6 +15,16 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Fixed` for any bug fixes. // `Security` to invite users to upgrade in case of vulnerabilities. +[[v2.4.1]] +v2.4.1 (unreleased) +------------------- + +Fixed +~~~~~ + +- Speculative fix for an immediate crash at start with the macOS/Windows + binaries (in certain rare environments). + [[v2.4.0]] v2.4.0 (2021-10-21) ------------------- -- cgit v1.2.3-54-g00ecf From ce070a23a91d79d38ba01fc8f279db7488ffbb89 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 25 Oct 2021 13:03:18 +0200 Subject: Don't crash on notification daemon crash --- qutebrowser/browser/webengine/notification.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/qutebrowser/browser/webengine/notification.py b/qutebrowser/browser/webengine/notification.py index e40b3e736..f8e1a59b1 100644 --- a/qutebrowser/browser/webengine/notification.py +++ b/qutebrowser/browser/webengine/notification.py @@ -715,6 +715,10 @@ class DBusNotificationAdapter(AbstractNotificationAdapter): # https://github.com/KDE/plasma-workspace/blob/v5.21.4/libnotificationmanager/server_p.cpp#L227-L237 # Created too many similar notifications in quick succession "org.freedesktop.Notifications.Error.ExcessNotificationGeneration", + + # From https://crashes.qutebrowser.org/view/b8c9838a - probably when + # notification daemon crashes? + "org.freedesktop.DBus.Error.Spawn.ChildSignaled", } def __init__(self, parent: QObject = None) -> None: -- cgit v1.2.3-54-g00ecf From 1cff4c422338f94c2fb22512bab39962c32dfe0e Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 25 Oct 2021 13:03:43 +0200 Subject: Update changelog --- doc/changelog.asciidoc | 2 ++ 1 file changed, 2 insertions(+) diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index d9753efa2..03eedba79 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -24,6 +24,8 @@ Fixed - Speculative fix for an immediate crash at start with the macOS/Windows binaries (in certain rare environments). +- Speculative fix for a qutebrowser crash when the notification daemon crashes + while showing the notification. [[v2.4.0]] v2.4.0 (2021-10-21) -- cgit v1.2.3-54-g00ecf From be5e8abc5a3354f92ba593d5700376b22410faa1 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Fri, 29 Oct 2021 20:41:44 +0200 Subject: Fix accessing log in earlyinit --- qutebrowser/misc/earlyinit.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/qutebrowser/misc/earlyinit.py b/qutebrowser/misc/earlyinit.py index 1863dedb3..696cc7f8a 100644 --- a/qutebrowser/misc/earlyinit.py +++ b/qutebrowser/misc/earlyinit.py @@ -123,7 +123,9 @@ def init_faulthandler(fileobj=sys.__stderr__): # Later when we have our data dir available we re-enable faulthandler # to write to a file so we can display a crash to the user at the next # start. - log.debug(f"Failed to enable early faulthandler: {e}", exc_info=True) + # + # Note that we don't have any logging initialized yet at this point, so + # this is a silent error. return if (hasattr(faulthandler, 'register') and hasattr(signal, 'SIGUSR1') and -- cgit v1.2.3-54-g00ecf From d43529e2766eedb931d1c95c97323fed58cb7cce Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Fri, 29 Oct 2021 21:10:13 +0200 Subject: earlyinit: Remove unnecessary 'as e:' too --- qutebrowser/misc/earlyinit.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/qutebrowser/misc/earlyinit.py b/qutebrowser/misc/earlyinit.py index 696cc7f8a..f27b7acfe 100644 --- a/qutebrowser/misc/earlyinit.py +++ b/qutebrowser/misc/earlyinit.py @@ -113,7 +113,7 @@ def init_faulthandler(fileobj=sys.__stderr__): """ try: faulthandler.enable(fileobj) - except (RuntimeError, AttributeError) as e: + except (RuntimeError, AttributeError): # When run with pythonw.exe, sys.__stderr__ can be None: # https://docs.python.org/3/library/sys.html#sys.__stderr__ # -- cgit v1.2.3-54-g00ecf From ccf624365ccd3dd9edcccf94ca7cf9680b70a70e Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Sat, 30 Oct 2021 13:19:36 +0200 Subject: Add flatpak hint to :spawn message See https://www.reddit.com/r/qutebrowser/comments/qirb5k/editor_gvim_failed_to_start_execpv_no_such_file/ --- doc/changelog.asciidoc | 10 ++++++++++ qutebrowser/misc/guiprocess.py | 6 ++++-- tests/unit/misc/test_guiprocess.py | 14 ++++++++++---- 3 files changed, 24 insertions(+), 6 deletions(-) diff --git a/doc/changelog.asciidoc b/doc/changelog.asciidoc index 03eedba79..f86b84622 100644 --- a/doc/changelog.asciidoc +++ b/doc/changelog.asciidoc @@ -15,6 +15,16 @@ breaking changes (such as renamed commands) can happen in minor releases. // `Fixed` for any bug fixes. // `Security` to invite users to upgrade in case of vulnerabilities. +[[v2.5.0]] +v2.5.0 (unreleased) +------------------- + +Changed +~~~~~~~ + +- Improved message if a spawned process wasn't found and a Flatpak container is + in use. + [[v2.4.1]] v2.4.1 (unreleased) ------------------- diff --git a/qutebrowser/misc/guiprocess.py b/qutebrowser/misc/guiprocess.py index e5ccd1b8b..c93fad09b 100644 --- a/qutebrowser/misc/guiprocess.py +++ b/qutebrowser/misc/guiprocess.py @@ -27,7 +27,7 @@ from typing import Mapping, Sequence, Dict, Optional from PyQt5.QtCore import (pyqtSlot, pyqtSignal, QObject, QProcess, QProcessEnvironment, QByteArray, QUrl, Qt) -from qutebrowser.utils import message, log, utils, usertypes +from qutebrowser.utils import message, log, utils, usertypes, version from qutebrowser.api import cmdutils, apitypes from qutebrowser.completion.models import miscmodels @@ -273,7 +273,9 @@ class GUIProcess(QObject): known_errors = ['No such file or directory', 'Permission denied'] if (': ' in error_string and # pragma: no branch error_string.split(': ', maxsplit=1)[1] in known_errors): - msg += f'\n(Hint: Make sure {self.cmd!r} exists and is executable)' + msg += f'\nHint: Make sure {self.cmd!r} exists and is executable' + if version.is_flatpak(): + msg += ' inside the Flatpak container' message.error(msg) diff --git a/tests/unit/misc/test_guiprocess.py b/tests/unit/misc/test_guiprocess.py index be86bf215..faf2006de 100644 --- a/tests/unit/misc/test_guiprocess.py +++ b/tests/unit/misc/test_guiprocess.py @@ -26,7 +26,7 @@ import pytest from PyQt5.QtCore import QProcess, QUrl from qutebrowser.misc import guiprocess -from qutebrowser.utils import usertypes, utils +from qutebrowser.utils import usertypes, utils, version from qutebrowser.api import cmdutils from qutebrowser.qt import sip @@ -394,8 +394,11 @@ def test_running(qtbot, proc, py_proc): proc.outcome.was_successful() -def test_failing_to_start(qtbot, proc, caplog, message_mock): +@pytest.mark.parametrize('is_flatpak', [True, False]) +def test_failing_to_start(qtbot, proc, caplog, message_mock, monkeypatch, is_flatpak): """Test the process failing to start.""" + monkeypatch.setattr(version, 'is_flatpak', lambda: is_flatpak) + with caplog.at_level(logging.ERROR, 'message'): with qtbot.wait_signal(proc.error, timeout=5000): proc.start('this_does_not_exist_either', []) @@ -405,8 +408,11 @@ def test_failing_to_start(qtbot, proc, caplog, message_mock): "Testprocess 'this_does_not_exist_either' failed to start:") if not utils.is_windows: - assert msg.text.endswith( - "(Hint: Make sure 'this_does_not_exist_either' exists and is executable)") + expected_msg = ( + "Hint: Make sure 'this_does_not_exist_either' exists and is executable") + if is_flatpak: + expected_msg += ' inside the Flatpak container' + assert msg.text.endswith(expected_msg) assert not proc.outcome.running assert proc.outcome.status is None -- cgit v1.2.3-54-g00ecf From 455879804365507be805b242f4463b26da8a66da Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Sat, 30 Oct 2021 13:23:07 +0200 Subject: Avoid pytest-bdd 5 for now See https://github.com/pytest-dev/pytest-bdd/issues/447 --- misc/requirements/requirements-tests-bleeding.txt | 2 +- misc/requirements/requirements-tests.txt-raw | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/misc/requirements/requirements-tests-bleeding.txt b/misc/requirements/requirements-tests-bleeding.txt index 49911c48d..d2a7fcfb6 100644 --- a/misc/requirements/requirements-tests-bleeding.txt +++ b/misc/requirements/requirements-tests-bleeding.txt @@ -9,7 +9,7 @@ git+https://github.com/HypothesisWorks/hypothesis.git#subdirectory=hypothesis-py git+https://github.com/pytest-dev/pytest.git # Problematic: https://github.com/pytest-dev/pytest-bdd/issues/447 # git+https://github.com/pytest-dev/pytest-bdd.git -pytest-bdd +pytest-bdd<5 git+https://github.com/ionelmc/pytest-benchmark.git git+https://github.com/pytest-dev/pytest-instafail.git git+https://github.com/pytest-dev/pytest-mock.git diff --git a/misc/requirements/requirements-tests.txt-raw b/misc/requirements/requirements-tests.txt-raw index ab580ac4b..5586a86ef 100644 --- a/misc/requirements/requirements-tests.txt-raw +++ b/misc/requirements/requirements-tests.txt-raw @@ -4,7 +4,8 @@ coverage Flask hypothesis pytest -pytest-bdd +# https://github.com/pytest-dev/pytest-bdd/issues/447 +pytest-bdd<5 pytest-benchmark pytest-instafail pytest-mock -- cgit v1.2.3-54-g00ecf From 389ccdc339c8523cb700e60548faba1f0acdae1b Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Mon, 1 Nov 2021 04:22:01 +0000 Subject: Update dependencies --- misc/requirements/requirements-check-manifest.txt | 6 +++--- misc/requirements/requirements-dev.txt | 12 ++++++------ misc/requirements/requirements-mypy.txt | 2 +- misc/requirements/requirements-pyinstaller.txt | 2 +- misc/requirements/requirements-pylint.txt | 2 +- misc/requirements/requirements-pyqt-5.15.txt | 2 +- misc/requirements/requirements-pyqt.txt | 2 +- misc/requirements/requirements-pyroma.txt | 2 +- misc/requirements/requirements-sphinx.txt | 4 ++-- misc/requirements/requirements-tests.txt | 14 +++++++------- misc/requirements/requirements-tox.txt | 8 ++++---- requirements.txt | 2 +- 12 files changed, 29 insertions(+), 29 deletions(-) diff --git a/misc/requirements/requirements-check-manifest.txt b/misc/requirements/requirements-check-manifest.txt index 6923babfe..21843c4ae 100644 --- a/misc/requirements/requirements-check-manifest.txt +++ b/misc/requirements/requirements-check-manifest.txt @@ -2,8 +2,8 @@ build==0.7.0 check-manifest==0.47 -packaging==21.0 +packaging==21.2 pep517==0.12.0 -pyparsing==3.0.1 +pyparsing==2.4.7 toml==0.10.2 -tomli==1.2.1 +tomli==1.2.2 diff --git a/misc/requirements/requirements-dev.txt b/misc/requirements/requirements-dev.txt index 2c750eab7..088604a77 100644 --- a/misc/requirements/requirements-dev.txt +++ b/misc/requirements/requirements-dev.txt @@ -6,21 +6,21 @@ cffi==1.15.0 charset-normalizer==2.0.7 cryptography==35.0.0 Deprecated==1.2.13 -github3.py==2.0.0 +github3.py==3.0.0 hunter==3.3.8 idna==3.3 jwcrypto==1.0 manhole==1.8.0 -packaging==21.0 +packaging==21.2 pycparser==2.20 Pympler==0.9 -pyparsing==3.0.1 -PyQt-builder==1.12.1 +pyparsing==2.4.7 +PyQt-builder==1.12.2 python-dateutil==2.8.2 requests==2.26.0 -sip==6.3.1 +sip==6.4.0 six==1.16.0 toml==0.10.2 uritemplate==4.1.1 # urllib3==1.26.7 -wrapt==1.13.2 +wrapt==1.13.3 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index e49cc1ee5..5aa36d659 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -3,7 +3,7 @@ chardet==4.0.0 diff-cover==6.4.2 importlib-metadata==4.8.1 -importlib-resources==5.3.0 +importlib-resources==5.4.0 inflect==5.3.0 Jinja2==3.0.2 jinja2-pluralize==0.3.0 diff --git a/misc/requirements/requirements-pyinstaller.txt b/misc/requirements/requirements-pyinstaller.txt index 81b66393b..8d5567e67 100644 --- a/misc/requirements/requirements-pyinstaller.txt +++ b/misc/requirements/requirements-pyinstaller.txt @@ -1,5 +1,5 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py altgraph==0.17.2 -pyinstaller==4.5.1 +pyinstaller==4.6 pyinstaller-hooks-contrib==2021.3 diff --git a/misc/requirements/requirements-pylint.txt b/misc/requirements/requirements-pylint.txt index 5f6646aed..abc6c2812 100644 --- a/misc/requirements/requirements-pylint.txt +++ b/misc/requirements/requirements-pylint.txt @@ -7,7 +7,7 @@ charset-normalizer==2.0.7 cryptography==35.0.0 Deprecated==1.2.13 future==0.18.2 -github3.py==2.0.0 +github3.py==3.0.0 idna==3.3 isort==4.3.21 jwcrypto==1.0 diff --git a/misc/requirements/requirements-pyqt-5.15.txt b/misc/requirements/requirements-pyqt-5.15.txt index cc00b1c6d..3a3110c8b 100644 --- a/misc/requirements/requirements-pyqt-5.15.txt +++ b/misc/requirements/requirements-pyqt-5.15.txt @@ -1,6 +1,6 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py -PyQt5==5.15.5 # rq.filter: < 5.16 +PyQt5==5.15.6 # rq.filter: < 5.16 PyQt5-Qt5==5.15.2 PyQt5-sip==12.9.0 PyQtWebEngine==5.15.5 # rq.filter: < 5.16 diff --git a/misc/requirements/requirements-pyqt.txt b/misc/requirements/requirements-pyqt.txt index 6a662ef7b..3953d27b3 100644 --- a/misc/requirements/requirements-pyqt.txt +++ b/misc/requirements/requirements-pyqt.txt @@ -1,6 +1,6 @@ # This file is automatically generated by scripts/dev/recompile_requirements.py -PyQt5==5.15.5 +PyQt5==5.15.6 PyQt5-Qt5==5.15.2 PyQt5-sip==12.9.0 PyQtWebEngine==5.15.5 diff --git a/misc/requirements/requirements-pyroma.txt b/misc/requirements/requirements-pyroma.txt index 40ee1f6e7..8849014be 100644 --- a/misc/requirements/requirements-pyroma.txt +++ b/misc/requirements/requirements-pyroma.txt @@ -2,7 +2,7 @@ certifi==2021.10.8 charset-normalizer==2.0.7 -docutils==0.17.1 +docutils==0.18 idna==3.3 Pygments==2.10.0 pyroma==3.2 diff --git a/misc/requirements/requirements-sphinx.txt b/misc/requirements/requirements-sphinx.txt index c37ec4c51..86553bb4c 100644 --- a/misc/requirements/requirements-sphinx.txt +++ b/misc/requirements/requirements-sphinx.txt @@ -9,9 +9,9 @@ idna==3.3 imagesize==1.2.0 Jinja2==3.0.2 MarkupSafe==2.0.1 -packaging==21.0 +packaging==21.2 Pygments==2.10.0 -pyparsing==3.0.1 +pyparsing==2.4.7 pytz==2021.3 requests==2.26.0 snowballstemmer==2.1.0 diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index 5f146ee82..23fb69402 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -6,25 +6,25 @@ certifi==2021.10.8 charset-normalizer==2.0.7 cheroot==8.5.2 click==8.0.3 -coverage==6.0.2 +coverage==6.1.1 EasyProcess==0.3 execnet==1.9.0 -filelock==3.3.1 +filelock==3.3.2 Flask==2.0.2 glob2==0.7 hunter==3.3.8 -hypothesis==6.24.0 +hypothesis==6.24.1 icdiff==2.0.4 idna==3.3 iniconfig==1.1.1 itsdangerous==2.0.1 -jaraco.functools==3.3.0 +jaraco.functools==3.4.0 # Jinja2==3.0.2 Mako==1.1.5 manhole==1.8.0 # MarkupSafe==2.0.1 more-itertools==8.10.0 -packaging==21.0 +packaging==21.2 parse==1.19.0 parse-type==0.5.2 pluggy==1.0.0 @@ -32,7 +32,7 @@ pprintpp==0.4.0 py==1.10.0 py-cpuinfo==8.0.0 Pygments==2.10.0 -pyparsing==3.0.1 +pyparsing==2.4.7 pytest==6.2.5 pytest-bdd==4.1.0 pytest-benchmark==3.4.1 @@ -54,7 +54,7 @@ sortedcontainers==2.4.0 soupsieve==2.2.1 tldextract==3.1.2 toml==0.10.2 -tomli==1.2.1 +tomli==1.2.2 urllib3==1.26.7 vulture==2.3 Werkzeug==2.0.2 diff --git a/misc/requirements/requirements-tox.txt b/misc/requirements/requirements-tox.txt index 7d06679ce..248c850c2 100644 --- a/misc/requirements/requirements-tox.txt +++ b/misc/requirements/requirements-tox.txt @@ -2,14 +2,14 @@ backports.entry-points-selectable==1.1.0 distlib==0.3.3 -filelock==3.3.1 -packaging==21.0 +filelock==3.3.2 +packaging==21.2 pip==21.3.1 platformdirs==2.4.0 pluggy==1.0.0 py==1.10.0 -pyparsing==3.0.1 -setuptools==58.3.0 +pyparsing==2.4.7 +setuptools==58.4.0 six==1.16.0 toml==0.10.2 tox==3.24.4 diff --git a/requirements.txt b/requirements.txt index b1de6aef8..0805ad6cc 100644 --- a/requirements.txt +++ b/requirements.txt @@ -4,7 +4,7 @@ adblock==0.5.0 colorama==0.4.4 dataclasses==0.6 ; python_version<"3.7" importlib-metadata==4.8.1 ; python_version<"3.8" -importlib-resources==5.3.0 ; python_version<"3.9" +importlib-resources==5.4.0 ; python_version<"3.9" Jinja2==3.0.2 MarkupSafe==2.0.1 Pygments==2.10.0 -- cgit v1.2.3-54-g00ecf From c8092499ec566548702413ae23a8386a62f4c73d Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 1 Nov 2021 08:54:10 +0100 Subject: Remove old PyInstaller handling See #6792 and https://github.com/pyinstaller/pyinstaller/issues/1905 (fixed in PyInstaller 4.4) --- qutebrowser/extensions/loader.py | 36 +++++------------------------------- qutebrowser/utils/resources.py | 6 ------ tests/unit/extensions/test_loader.py | 8 +------- 3 files changed, 6 insertions(+), 44 deletions(-) diff --git a/qutebrowser/extensions/loader.py b/qutebrowser/extensions/loader.py index 7ae45023b..c7b619b3e 100644 --- a/qutebrowser/extensions/loader.py +++ b/qutebrowser/extensions/loader.py @@ -21,12 +21,11 @@ import pkgutil import types -import sys import pathlib import importlib import argparse import dataclasses -from typing import Callable, Iterator, List, Optional, Set, Tuple +from typing import Callable, Iterator, List, Optional, Tuple from PyQt5.QtCore import pyqtSlot @@ -95,18 +94,6 @@ def load_components(*, skip_hooks: bool = False) -> None: def walk_components() -> Iterator[ExtensionInfo]: """Yield ExtensionInfo objects for all modules.""" - if hasattr(sys, 'frozen'): - yield from _walk_pyinstaller() - else: - yield from _walk_normal() - - -def _on_walk_error(name: str) -> None: - raise ImportError("Failed to import {}".format(name)) - - -def _walk_normal() -> Iterator[ExtensionInfo]: - """Walk extensions when not using PyInstaller.""" for _finder, name, ispkg in pkgutil.walk_packages( # Only packages have a __path__ attribute, # but we're sure this is one. @@ -123,23 +110,6 @@ def _walk_normal() -> Iterator[ExtensionInfo]: yield ExtensionInfo(name=name) -def _walk_pyinstaller() -> Iterator[ExtensionInfo]: - """Walk extensions when using PyInstaller. - - See https://github.com/pyinstaller/pyinstaller/issues/1905 - - Inspired by: - https://github.com/webcomics/dosage/blob/master/dosagelib/loader.py - """ - toc: Set[str] = set() - for importer in pkgutil.iter_importers('qutebrowser'): - if hasattr(importer, 'toc'): - toc |= importer.toc # type: ignore[union-attr] - for name in toc: - if name.startswith(components.__name__ + '.'): - yield ExtensionInfo(name=name) - - def _get_init_context() -> InitContext: """Get an InitContext object.""" return InitContext(data_dir=pathlib.Path(standarddir.data()), @@ -190,3 +160,7 @@ def _on_config_changed(changed_name: str) -> None: def init() -> None: config.instance.changed.connect(_on_config_changed) + + +def _on_walk_error(name: str) -> None: + raise ImportError("Failed to import {}".format(name)) diff --git a/qutebrowser/utils/resources.py b/qutebrowser/utils/resources.py index f561d6747..cd6284f7f 100644 --- a/qutebrowser/utils/resources.py +++ b/qutebrowser/utils/resources.py @@ -40,12 +40,6 @@ def _path(filename: str) -> pathlib.Path: """Get a pathlib.Path object for a resource.""" assert not posixpath.isabs(filename), filename assert os.path.pardir not in filename.split(posixpath.sep), filename - - if hasattr(sys, 'frozen'): - # For PyInstaller, where we can't store resource files in a qutebrowser/ folder - # because the executable is already named "qutebrowser" (at least on macOS). - return pathlib.Path(sys.executable).parent / filename - return importlib_resources.files(qutebrowser) / filename @contextlib.contextmanager diff --git a/tests/unit/extensions/test_loader.py b/tests/unit/extensions/test_loader.py index feb5dd347..e9b8055aa 100644 --- a/tests/unit/extensions/test_loader.py +++ b/tests/unit/extensions/test_loader.py @@ -35,16 +35,10 @@ def test_on_walk_error(): def test_walk_normal(): - names = [info.name for info in loader._walk_normal()] + names = [info.name for info in loader.walk_components()] assert 'qutebrowser.components.scrollcommands' in names -def test_walk_pyinstaller(): - # We can't test whether we get something back without being frozen by - # PyInstaller, but at least we can test that we don't crash. - list(loader._walk_pyinstaller()) - - def test_load_component(monkeypatch): monkeypatch.setattr(objects, 'commands', {}) -- cgit v1.2.3-54-g00ecf From c3f77d40eb666cf890bd8a940ece7bb3a330d572 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 1 Nov 2021 09:48:34 +0100 Subject: Bring back PyInstaller resource handling Seems to be still needed, at least on macOS. Otherwise, we get a NotADirectoryError trying to load resources from a weird path under the qutebrowser executable. See #6792 --- qutebrowser/utils/resources.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/qutebrowser/utils/resources.py b/qutebrowser/utils/resources.py index cd6284f7f..f561d6747 100644 --- a/qutebrowser/utils/resources.py +++ b/qutebrowser/utils/resources.py @@ -40,6 +40,12 @@ def _path(filename: str) -> pathlib.Path: """Get a pathlib.Path object for a resource.""" assert not posixpath.isabs(filename), filename assert os.path.pardir not in filename.split(posixpath.sep), filename + + if hasattr(sys, 'frozen'): + # For PyInstaller, where we can't store resource files in a qutebrowser/ folder + # because the executable is already named "qutebrowser" (at least on macOS). + return pathlib.Path(sys.executable).parent / filename + return importlib_resources.files(qutebrowser) / filename @contextlib.contextmanager -- cgit v1.2.3-54-g00ecf From 81080aaffde55d0bb49c8d931c8b079a7576ac58 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 4 Nov 2021 09:51:20 +0100 Subject: tests: Set IDs for urlmatch tests This works around a VS Code bug with weird node IDs: https://github.com/microsoft/vscode-python/issues/17676 --- tests/unit/utils/test_urlmatch.py | 153 +++++++++++++++++++++++++++++--------- 1 file changed, 117 insertions(+), 36 deletions(-) diff --git a/tests/unit/utils/test_urlmatch.py b/tests/unit/utils/test_urlmatch.py index 35ccc94fe..9a3091e05 100644 --- a/tests/unit/utils/test_urlmatch.py +++ b/tests/unit/utils/test_urlmatch.py @@ -42,19 +42,23 @@ from qutebrowser.utils import urlmatch ### Chromium: kMissingSchemeSeparator ## TEST(ExtensionURLPatternTest, ParseInvalid) # ("http", "No scheme given"), - ("http:", "Invalid port: Port is empty"), - ("http:/", "Invalid port: Port is empty"), - ("about://", "Pattern without path"), - ("http:/bar", "Invalid port: Port is empty"), + pytest.param("http:", "Invalid port: Port is empty", id='scheme-no-slash'), + pytest.param("http:/", "Invalid port: Port is empty", id='scheme-single-slash'), + pytest.param("about://", "Pattern without path", id='scheme-no-path'), + pytest.param( + "http:/bar", + "Invalid port: Port is empty", + id='scheme-single-slash-path', + ), ### Chromium: kEmptyHost ## TEST(ExtensionURLPatternTest, ParseInvalid) - ("http://", "Pattern without host"), - ("http:///", "Pattern without host"), - ("http://:1234/", "Pattern without host"), - ("http://*./", "Pattern without host"), + pytest.param("http://", "Pattern without host", id='host-double-slash'), + pytest.param("http:///", "Pattern without host", id='host-triple-slash'), + pytest.param("http://:1234/", "Pattern without host", id='host-port'), + pytest.param("http://*./", "Pattern without host", id='host-pattern'), ## TEST(ExtensionURLPatternTest, IPv6Patterns) - ("http://[]:8888/*", "Pattern without host"), + pytest.param("http://[]:8888/*", "Pattern without host", id='host-ipv6'), ### Chromium: kEmptyPath ## TEST(ExtensionURLPatternTest, ParseInvalid) @@ -63,48 +67,125 @@ from qutebrowser.utils import urlmatch ### Chromium: kInvalidHost ## TEST(ExtensionURLPatternTest, ParseInvalid) - ("http://\0www/", "May not contain NUL byte"), + pytest.param("http://\0www/", "May not contain NUL byte", id='host-nul'), ## TEST(ExtensionURLPatternTest, IPv6Patterns) # No closing bracket (`]`). - ("http://[2607:f8b0:4005:805::200e/*", "Invalid IPv6 URL"), + pytest.param( + "http://[2607:f8b0:4005:805::200e/*", + "Invalid IPv6 URL", + id='host-ipv6-no-closing', + ), # Two closing brackets (`]]`). - pytest.param("http://[2607:f8b0:4005:805::200e]]/*", "Invalid IPv6 URL", marks=pytest.mark.xfail(reason="https://bugs.python.org/issue34360")), + pytest.param( + "http://[2607:f8b0:4005:805::200e]]/*", + "Invalid IPv6 URL", + marks=pytest.mark.xfail(reason="https://bugs.python.org/issue34360"), + id='host-ipv6-two-closing', + ), # Two open brackets (`[[`). - ("http://[[2607:f8b0:4005:805::200e]/*", r"""Expected '\]' to match '\[' in hostname; source was "\[2607:f8b0:4005:805::200e"; host = """""), + pytest.param( + "http://[[2607:f8b0:4005:805::200e]/*", + r"""Expected '\]' to match '\[' in hostname; source was "\[2607:f8b0:4005:805::200e"; host = """"", + id='host-ipv6-two-open', + ), # Too few colons in the last chunk. - ("http://[2607:f8b0:4005:805:200e]/*", 'Invalid IPv6 address; source was "2607:f8b0:4005:805:200e"; host = ""'), + pytest.param( + "http://[2607:f8b0:4005:805:200e]/*", + 'Invalid IPv6 address; source was "2607:f8b0:4005:805:200e"; host = ""', + id='host-ipv6-colons', + ), # Non-hex piece. - ("http://[2607:f8b0:4005:805:200e:12:bogus]/*", 'Invalid IPv6 address; source was "2607:f8b0:4005:805:200e:12:bogus"; host = ""'), + pytest.param( + "http://[2607:f8b0:4005:805:200e:12:bogus]/*", + 'Invalid IPv6 address; source was "2607:f8b0:4005:805:200e:12:bogus"; host = ""', + id='host-ipv6-non-hex', + ), ### Chromium: kInvalidHostWildcard ## TEST(ExtensionURLPatternTest, ParseInvalid) - ("http://*foo/bar", "Invalid host wildcard"), - ("http://foo.*.bar/baz", "Invalid host wildcard"), - ("http://fo.*.ba:123/baz", "Invalid host wildcard"), - ("http://foo.*/bar", "Invalid host wildcard"), + pytest.param("http://*foo/bar", "Invalid host wildcard", id='host-wildcard-no-dot'), + pytest.param( + "http://foo.*.bar/baz", + "Invalid host wildcard", + id='host-wildcard-middle', + ), + pytest.param( + "http://fo.*.ba:123/baz", + "Invalid host wildcard", + id='host-wildcard-middle-port', + ), + pytest.param("http://foo.*/bar", "Invalid host wildcard", id='host-wildcard-end'), ### Chromium: kInvalidPort ## TEST(ExtensionURLPatternTest, Ports) - ("http://foo:/", "Invalid port: Port is empty"), - ("http://*.foo:/", "Invalid port: Port is empty"), - ("http://foo:com/", "Invalid port: .* 'com'"), - ("http://foo:123456/", "Invalid port: Port out of range 0-65535"), - ("http://foo:80:80/monkey", "Invalid port: .* '80:80'"), - ("chrome://foo:1234/bar", "Ports are unsupported with chrome scheme"), + pytest.param("http://foo:/", "Invalid port: Port is empty", id='port-empty'), + pytest.param( + "http://*.foo:/", + "Invalid port: Port is empty", + id='port-empty-wildcard', + ), + pytest.param("http://foo:com/", "Invalid port: .* 'com'", id='port-alpha'), + pytest.param( + "http://foo:123456/", + "Invalid port: Port out of range 0-65535", + id='port-range', + ), + pytest.param( + "http://foo:80:80/monkey", + "Invalid port: .* '80:80'", + id='port-double', + ), + pytest.param( + "chrome://foo:1234/bar", + "Ports are unsupported with chrome scheme", + id='port-chrome', + ), # No port specified, but port separator. - ("http://[2607:f8b0:4005:805::200e]:/*", "Invalid port: Port is empty"), + pytest.param( + "http://[2607:f8b0:4005:805::200e]:/*", + "Invalid port: Port is empty", + id='port-empty-ipv6', + ), ### Additional tests - ("http://[", "Invalid IPv6 URL"), - ("http://[fc2e::bb88::edac]", 'Invalid IPv6 address; source was "fc2e::bb88::edac"; host = ""'), - ("http://[fc2e:0e35:bb88::edac:fc2e:0e35:bb88:edac]", 'Invalid IPv6 address; source was "fc2e:0e35:bb88::edac:fc2e:0e35:bb88:edac"; host = ""'), - ("http://[fc2e:0e35:bb88:af:edac:fc2e:0e35:bb88:edac]", 'Invalid IPv6 address; source was "fc2e:0e35:bb88:af:edac:fc2e:0e35:bb88:edac"; host = ""'), - ("http://[127.0.0.1:fc2e::bb88:edac]", r'Invalid IPv6 address; source was "127\.0\.0\.1:fc2e::bb88:edac'), - ("http://[fc2e::bb88", "Invalid IPv6 URL"), - ("http://[fc2e:bb88:edac]", 'Invalid IPv6 address; source was "fc2e:bb88:edac"; host = ""'), - ("http://[fc2e:bb88:edac::z]", 'Invalid IPv6 address; source was "fc2e:bb88:edac::z"; host = ""'), - ("http://[fc2e:bb88:edac::2]:2a2", "Invalid port: .* '2a2'"), - ("://", "Missing scheme"), + pytest.param("http://[", "Invalid IPv6 URL", id='ipv6-single-open'), + pytest.param( + "http://[fc2e::bb88::edac]", + 'Invalid IPv6 address; source was "fc2e::bb88::edac"; host = ""', + id='ipv6-double-double', + ), + pytest.param( + "http://[fc2e:0e35:bb88::edac:fc2e:0e35:bb88:edac]", + 'Invalid IPv6 address; source was "fc2e:0e35:bb88::edac:fc2e:0e35:bb88:edac"; host = ""', + id='ipv6-long-double', + ), + pytest.param( + "http://[fc2e:0e35:bb88:af:edac:fc2e:0e35:bb88:edac]", + 'Invalid IPv6 address; source was "fc2e:0e35:bb88:af:edac:fc2e:0e35:bb88:edac"; host = ""', + id='ipv6-long', + ), + pytest.param( + "http://[127.0.0.1:fc2e::bb88:edac]", + r'Invalid IPv6 address; source was "127\.0\.0\.1:fc2e::bb88:edac', + id='ipv6-ipv4', + ), + pytest.param("http://[fc2e::bb88", "Invalid IPv6 URL", id='ipv6-trailing'), + pytest.param( + "http://[fc2e:bb88:edac]", + 'Invalid IPv6 address; source was "fc2e:bb88:edac"; host = ""', + id='ipv6-short', + ), + pytest.param( + "http://[fc2e:bb88:edac::z]", + 'Invalid IPv6 address; source was "fc2e:bb88:edac::z"; host = ""', + id='ipv6-z', + ), + pytest.param( + "http://[fc2e:bb88:edac::2]:2a2", + "Invalid port: .* '2a2'", + id='ipv6-port', + ), + pytest.param("://", "Missing scheme", id='scheme-naked'), ]) def test_invalid_patterns(pattern, error): with pytest.raises(urlmatch.ParseError, match=error): -- cgit v1.2.3-54-g00ecf From 5adb053e77dfdc1e18e7dfa4db1561d22b97f695 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Thu, 4 Nov 2021 21:26:17 +0100 Subject: Fix lint --- tests/unit/utils/test_urlmatch.py | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/unit/utils/test_urlmatch.py b/tests/unit/utils/test_urlmatch.py index 9a3091e05..7e0807d7e 100644 --- a/tests/unit/utils/test_urlmatch.py +++ b/tests/unit/utils/test_urlmatch.py @@ -37,6 +37,7 @@ from PyQt5.QtCore import QUrl from qutebrowser.utils import urlmatch +# pylint: disable=line-too-long @pytest.mark.parametrize('pattern, error', [ ### Chromium: kMissingSchemeSeparator @@ -191,6 +192,8 @@ def test_invalid_patterns(pattern, error): with pytest.raises(urlmatch.ParseError, match=error): urlmatch.UrlPattern(pattern) +# pylint: enable=line-too-long + @pytest.mark.parametrize('host', ['.', ' ', ' .', '. ', '. .', '. . .', ' . ']) def test_whitespace_hosts(host): -- cgit v1.2.3-54-g00ecf From dafe9f6966132ae48b16347538a6210ca1010f6c Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Fri, 5 Nov 2021 15:03:22 +0100 Subject: Fix lint --- tests/unit/utils/test_urlmatch.py | 1 + 1 file changed, 1 insertion(+) diff --git a/tests/unit/utils/test_urlmatch.py b/tests/unit/utils/test_urlmatch.py index 7e0807d7e..caf52c76d 100644 --- a/tests/unit/utils/test_urlmatch.py +++ b/tests/unit/utils/test_urlmatch.py @@ -39,6 +39,7 @@ from qutebrowser.utils import urlmatch # pylint: disable=line-too-long + @pytest.mark.parametrize('pattern, error', [ ### Chromium: kMissingSchemeSeparator ## TEST(ExtensionURLPatternTest, ParseInvalid) -- cgit v1.2.3-54-g00ecf From 633efe85ac192085adac465a02e79508d52fa081 Mon Sep 17 00:00:00 2001 From: qutebrowser bot Date: Mon, 8 Nov 2021 04:19:31 +0000 Subject: Update dependencies --- misc/requirements/requirements-dev.txt | 2 +- misc/requirements/requirements-mypy.txt | 2 +- misc/requirements/requirements-pylint.txt | 2 +- misc/requirements/requirements-tests.txt | 6 +++--- misc/requirements/requirements-tox.txt | 6 +++--- 5 files changed, 9 insertions(+), 9 deletions(-) diff --git a/misc/requirements/requirements-dev.txt b/misc/requirements/requirements-dev.txt index 088604a77..34234a50b 100644 --- a/misc/requirements/requirements-dev.txt +++ b/misc/requirements/requirements-dev.txt @@ -12,7 +12,7 @@ idna==3.3 jwcrypto==1.0 manhole==1.8.0 packaging==21.2 -pycparser==2.20 +pycparser==2.21 Pympler==0.9 pyparsing==2.4.7 PyQt-builder==1.12.2 diff --git a/misc/requirements/requirements-mypy.txt b/misc/requirements/requirements-mypy.txt index 5aa36d659..4d5f08e49 100644 --- a/misc/requirements/requirements-mypy.txt +++ b/misc/requirements/requirements-mypy.txt @@ -7,7 +7,7 @@ importlib-resources==5.4.0 inflect==5.3.0 Jinja2==3.0.2 jinja2-pluralize==0.3.0 -lxml==4.6.3 +lxml==4.6.4 MarkupSafe==2.0.1 mypy==0.910 mypy-extensions==0.4.3 diff --git a/misc/requirements/requirements-pylint.txt b/misc/requirements/requirements-pylint.txt index abc6c2812..afb692789 100644 --- a/misc/requirements/requirements-pylint.txt +++ b/misc/requirements/requirements-pylint.txt @@ -14,7 +14,7 @@ jwcrypto==1.0 lazy-object-proxy==1.4.3 mccabe==0.6.1 pefile==2021.9.3 -pycparser==2.20 +pycparser==2.21 pylint==2.4.4 # rq.filter: < 2.5 python-dateutil==2.8.2 ./scripts/dev/pylint_checkers diff --git a/misc/requirements/requirements-tests.txt b/misc/requirements/requirements-tests.txt index 23fb69402..a3a48adea 100644 --- a/misc/requirements/requirements-tests.txt +++ b/misc/requirements/requirements-tests.txt @@ -13,7 +13,7 @@ filelock==3.3.2 Flask==2.0.2 glob2==0.7 hunter==3.3.8 -hypothesis==6.24.1 +hypothesis==6.24.2 icdiff==2.0.4 idna==3.3 iniconfig==1.1.1 @@ -29,7 +29,7 @@ parse==1.19.0 parse-type==0.5.2 pluggy==1.0.0 pprintpp==0.4.0 -py==1.10.0 +py==1.11.0 py-cpuinfo==8.0.0 Pygments==2.10.0 pyparsing==2.4.7 @@ -51,7 +51,7 @@ requests==2.26.0 requests-file==1.5.1 six==1.16.0 sortedcontainers==2.4.0 -soupsieve==2.2.1 +soupsieve==2.3 tldextract==3.1.2 toml==0.10.2 tomli==1.2.2 diff --git a/misc/requirements/requirements-tox.txt b/misc/requirements/requirements-tox.txt index 248c850c2..a069ca44b 100644 --- a/misc/requirements/requirements-tox.txt +++ b/misc/requirements/requirements-tox.txt @@ -7,11 +7,11 @@ packaging==21.2 pip==21.3.1 platformdirs==2.4.0 pluggy==1.0.0 -py==1.10.0 +py==1.11.0 pyparsing==2.4.7 -setuptools==58.4.0 +setuptools==58.5.3 six==1.16.0 toml==0.10.2 tox==3.24.4 -virtualenv==20.9.0 +virtualenv==20.10.0 wheel==0.37.0 -- cgit v1.2.3-54-g00ecf From fa806ad667c37a36323de5effe342364c2e75ddd Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 8 Nov 2021 08:10:24 +0100 Subject: password_fill: Fix quoting for variable expansions See https://github.com/koalaman/shellcheck/wiki/SC2295 --- misc/userscripts/password_fill | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/misc/userscripts/password_fill b/misc/userscripts/password_fill index c46253d41..3ea8fd9f6 100755 --- a/misc/userscripts/password_fill +++ b/misc/userscripts/password_fill @@ -241,7 +241,7 @@ pass_backend() { if $GPG "${GPG_OPTS[@]}" -d "$passfile" \ | grep --max-count=1 -iE "${match_line_pattern}${url}" > /dev/null then - passfile="${passfile#$PREFIX}" + passfile="${passfile#"$PREFIX"}" passfile="${passfile#/}" files+=( "${passfile%.gpg}" ) fi @@ -250,7 +250,7 @@ pass_backend() { if ((match_filename)) ; then # add entries with matching filepath while read -r passfile ; do - passfile="${passfile#$PREFIX}" + passfile="${passfile#"$PREFIX"}" passfile="${passfile#/}" files+=( "${passfile%.gpg}" ) done < <(find -L "$PREFIX" -iname '*.gpg' | grep "$url") @@ -267,7 +267,7 @@ pass_backend() { else if [[ $line =~ $user_pattern ]] ; then # remove the matching prefix "user: " from the beginning of the line - username=${line#${BASH_REMATCH[0]}} + username=${line#"${BASH_REMATCH[0]}"} break fi fi -- cgit v1.2.3-54-g00ecf From b04f7ec2f7499218ea10ba3726e1ba51060dfba3 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 8 Nov 2021 08:17:36 +0100 Subject: scripts: Better lxml changelog URL --- scripts/dev/recompile_requirements.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/scripts/dev/recompile_requirements.py b/scripts/dev/recompile_requirements.py index c013346ae..ed5473971 100644 --- a/scripts/dev/recompile_requirements.py +++ b/scripts/dev/recompile_requirements.py @@ -133,7 +133,7 @@ CHANGELOG_URLS = { 'six': 'https://github.com/benjaminp/six/blob/master/CHANGES', 'altgraph': 'https://github.com/ronaldoussoren/altgraph/blob/master/doc/changelog.rst', 'urllib3': 'https://github.com/urllib3/urllib3/blob/master/CHANGES.rst', - 'lxml': 'https://lxml.de/index.html#old-versions', + 'lxml': 'https://github.com/lxml/lxml/blob/master/CHANGES.txt', 'jwcrypto': 'https://github.com/latchset/jwcrypto/commits/master', 'wrapt': 'https://github.com/GrahamDumpleton/wrapt/blob/develop/docs/changes.rst', 'pep517': 'https://github.com/pypa/pep517/blob/master/doc/changelog.rst', -- cgit v1.2.3-54-g00ecf From 1f641c8c450d21441d36194bd606b64d362a6f75 Mon Sep 17 00:00:00 2001 From: Florian Bruhin Date: Mon, 8 Nov 2021 10:00:44 +0100 Subject: Remove redundant backend assert Not needed after e2a07148e16b69562e28d196768890224a892df9. --- qutebrowser/utils/version.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/qutebrowser/utils/version.py b/qutebrowser/utils/version.py index 8cd244fca..3beb6fb83 100644 --- a/qutebrowser/utils/version.py +++ b/qutebrowser/utils/version.py @@ -773,8 +773,6 @@ def _backend() -> str: if objects.backend == usertypes.Backend.QtWebKit: return 'new QtWebKit (WebKit {})'.format(qWebKitVersion()) elif objects.backend == usertypes.Backend.QtWebEngine: - webengine = usertypes.Backend.QtWebEngine - assert objects.backend == webengine, objects.backend return str(qtwebengine_versions( avoid_init='avoid-chromium-init' in objects.debug_flags)) raise utils.Unreachable(objects.backend) -- cgit v1.2.3-54-g00ecf