6 changed files with 2 additions and 196 deletions
--- a/0001-fix-1065-gevent-1.3.0-removes-fast-wsgi-implementati.patch
+++ b/0001-fix-1065-gevent-1.3.0-removes-fast-wsgi-implementati.patch
@ -1,37 +0,0 @@
-From 19a12f898b7343e16f0d08821de6aac169143752 Mon Sep 17 00:00:00 2001
-From: Marcel Hellkamp <marc@gsites.de>
-Date: Tue, 27 Nov 2018 19:27:54 +0100
-Subject: [PATCH] fix #1065 gevent-1.3.0 removes 'fast' wsgi implementation.
-
---
- bottle.py | 10 ++++++----
- 1 file changed, 6 insertions(+), 4 deletions(-)
-
-diff --git a/bottle.py b/bottle.py
-index 3a51b38..cb46893 100644
--- a/bottle.py
-+++ b/bottle.py
-@@ -2904,14 +2904,16 @@ class GeventServer(ServerAdapter):
-         * See gevent.wsgi.WSGIServer() documentation for more options.
-     """
-     def run(self, handler):
-        from gevent import wsgi, pywsgi, local
-+        from gevent import pywsgi, local
-         if not isinstance(threading.local(), local.local):
-             msg = "Bottle requires gevent.monkey.patch_all() (before import)"
-             raise RuntimeError(msg)
-        if not self.options.pop('fast', None): wsgi = pywsgi
-        self.options['log'] = None if self.quiet else 'default'
-+        if self.options.pop('fast', None):
-+            depr('The "fast" option has been deprecated and removed by Gevent.')
-+        if self.quiet:
-+            self.options['log'] = None
-         address = (self.host, self.port)
-        server = wsgi.WSGIServer(address, handler, **self.options)
-+        server = pywsgi.WSGIServer(address, handler, **self.options)
-         if 'BOTTLE_CHILD' in os.environ:
-             import signal
-             signal.signal(signal.SIGINT, lambda s, f: server.stop())
-- 
-2.39.0.windows.2
-
--- a/0002-Fix-930-DeprecationWarning-Flags-not-at-the-start-of.patch
+++ b/0002-Fix-930-DeprecationWarning-Flags-not-at-the-start-of.patch
@ -1,39 +0,0 @@
-From 0c3db605e927e6a58cefaecae3a3c6ef1e34dad5 Mon Sep 17 00:00:00 2001
-From: Marcel Hellkamp <marc@gsites.de>
-Date: Sat, 1 Dec 2018 17:35:14 +0100
-Subject: [PATCH] Fix #930: DeprecationWarning: Flags not at the start of the
- expression
-
-Backported from 0.13-dev
---
- bottle.py | 7 ++++---
- 1 file changed, 4 insertions(+), 3 deletions(-)
-
-diff --git a/bottle.py b/bottle.py
-index fd663f7..dae4f56 100644
--- a/bottle.py
-+++ b/bottle.py
-@@ -3420,7 +3420,7 @@ class StplParser(object):
-     _re_cache = {} #: Cache for compiled re patterns
-     # This huge pile of voodoo magic splits python code into 8 different tokens.
-     # 1: All kinds of python strings (trust me, it works)
-    _re_tok = '((?m)[urbURB]?(?:\'\'(?!\')|""(?!")|\'{6}|"{6}' \
-+    _re_tok = '([urbURB]?(?:\'\'(?!\')|""(?!")|\'{6}|"{6}' \
-                '|\'(?:[^\\\\\']|\\\\.)+?\'|"(?:[^\\\\"]|\\\\.)+?"' \
-                '|\'{3}(?:[^\\\\]|\\\\.|\\n)+?\'{3}' \
-                '|"{3}(?:[^\\\\]|\\\\.|\\n)+?"{3}))'
-@@ -3443,8 +3443,9 @@ class StplParser(object):
-     # Match the start tokens of code areas in a template
-     _re_split = '(?m)^[ \t]*(\\\\?)((%(line_start)s)|(%(block_start)s))(%%?)'
-     # Match inline statements (may contain python strings)
-    _re_inl = '%%(inline_start)s((?:%s|[^\'"\n]*?)+)%%(inline_end)s' % _re_inl
-
-+    _re_inl = '(?m)%%(inline_start)s((?:%s|[^\'"\n]*?)+)%%(inline_end)s' % _re_inl
-+    _re_tok = '(?m)' + _re_tok
-+    
-     default_syntax = '<% %> % {{ }}'
- 
-     def __init__(self, source, syntax=None, encoding='utf8'):
-- 
-2.39.0.windows.2
-
--- a/0003-fix-1115-Some-modules-set-file-as-None.patch
+++ b/0003-fix-1115-Some-modules-set-file-as-None.patch
@ -1,27 +0,0 @@
-From 076f41759ceacb1a804517270392f0ef75adb07f Mon Sep 17 00:00:00 2001
-From: Marcel Hellkamp <marc@gsites.de>
-Date: Thu, 13 Dec 2018 08:26:27 +0100
-Subject: [PATCH] fix #1115: Some modules set __file__ as None
-
-This is not allowed (the __file__ attribute MUST be either a string, or unset),
-but seems to happen anyway and is easy to work around in bottle.
---
- bottle.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/bottle.py b/bottle.py
-index 01b581e..f254bac 100644
--- a/bottle.py
-+++ b/bottle.py
-@@ -3156,7 +3156,7 @@ class FileCheckerThread(threading.Thread):
-         files = dict()
- 
-         for module in list(sys.modules.values()):
-            path = getattr(module, '__file__', '')
-+            path = getattr(module, '__file__', '') or ''
-             if path[-4:] in ('.pyo', '.pyc'): path = path[:-1]
-             if path and exists(path): files[path] = mtime(path)
- 
-- 
-2.39.0.windows.2
-
--- a/CVE-2020-28473.patch
+++ b/CVE-2020-28473.patch
@ -1,27 +0,0 @@
-From 57a2f22e0c1d2b328c4f54bf75741d74f47f1a6b Mon Sep 17 00:00:00 2001
-From: Marcel Hellkamp <marc@gsites.de>
-Date: Wed, 11 Nov 2020 19:24:29 +0100
-Subject: [PATCH] Do not split query strings on `;` anymore.
-
-Using `;` as a separator instead of `&` was allowed a long time ago,
-but is now obsolete and actually invalid according to the 2014 W3C
-recommendations. Even if this change is technically backwards-incompatible,
-no real-world application should depend on broken behavior. If you REALLY
-need this functionality, monkey-patch the _parse_qsl() function.
---
- bottle.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/bottle.py b/bottle.py
-index bcfc5e62..417b01b9 100644
--- a/bottle.py
-+++ b/bottle.py
-@@ -2585,7 +2585,7 @@ def parse_range_header(header, maxlen=0):
- 
- def _parse_qsl(qs):
-     r = []
-    for pair in qs.replace(';','&').split('&'):
-+    for pair in qs.split('&'):
-         if not pair: continue
-         nv = pair.split('=', 1)
-         if len(nv) != 2: nv.append('')
--- a/CVE-2022-31799.patch
+++ b/CVE-2022-31799.patch
@ -1,40 +0,0 @@
-From e140e1b54da721a660f2eb9d58a106b7b3ff2f00 Mon Sep 17 00:00:00 2001
-From: Marcel Hellkamp <marc@gsites.de>
-Date: Thu, 26 May 2022 14:49:32 +0200
-Subject: [PATCH] Gracefully handle errors during early request binding.
-
---
- bottle.py | 16 +++++++++-------
- 1 file changed, 9 insertions(+), 7 deletions(-)
-
-diff --git a/bottle.py b/bottle.py
-index 04ccf7da..035f99ec 100644
--- a/bottle.py
-+++ b/bottle.py
-@@ -848,17 +848,19 @@ def default_error_handler(self, res):
-         return tob(template(ERROR_PAGE_TEMPLATE, e=res))
- 
-     def _handle(self, environ):
-        path = environ['bottle.raw_path'] = environ['PATH_INFO']
-        if py3k:
-            try:
-                environ['PATH_INFO'] = path.encode('latin1').decode('utf8')
-            except UnicodeError:
-                return HTTPError(400, 'Invalid path string. Expected UTF-8')
-
-         try:
-+
-             environ['bottle.app'] = self
-             request.bind(environ)
-             response.bind()
-+
-+            path = environ['bottle.raw_path'] = environ['PATH_INFO']
-+            if py3k:
-+                try:
-+                    environ['PATH_INFO'] = path.encode('latin1').decode('utf8')
-+                except UnicodeError:
-+                    return HTTPError(400, 'Invalid path string. Expected UTF-8')
-+
-             try:
-                 self.trigger_hook('before_request')
-                 route, args = self.router.match(environ)
--- a/python-bottle.spec
+++ b/python-bottle.spec
@ -1,16 +1,10 @@
 Name:           python-bottle
 Version:        0.12.13
-Release:        14
+Release:        8
 Summary:        WSGI micro web-framework for Python.
 License:        MIT
 URL:            https://github.com/bottlepy/bottle
 Source0:        https://github.com/bottlepy/bottle/archive/%{version}/bottle-%{version}.tar.gz
-Patch0000:      CVE-2020-28473.patch
-#https://github.com/bottlepy/bottle/commit/e140e1b54da721a660f2eb9d58a106b7b3ff2f00
-Patch0001:      CVE-2022-31799.patch
-Patch0002:      0001-fix-1065-gevent-1.3.0-removes-fast-wsgi-implementati.patch
-Patch0003:      0002-Fix-930-DeprecationWarning-Flags-not-at-the-start-of.patch
-Patch0004:      0003-fix-1115-Some-modules-set-__file__-as-None.patch
 BuildArch:      noarch
 BuildRequires:  python3-devel python3-setuptools

@ -29,7 +23,7 @@ It is distributed as a single file module and has no dependencies other than
 the Python Standard Library.

 %prep
-%autosetup -n bottle-%{version} -p1
+%autosetup -n bottle-%{version}
 sed -i '/^#!/d' bottle.py

 %build
@ -48,24 +42,6 @@ sed -i '/^#!/d' bottle.py
 %exclude %{_bindir}/bottle.py

 %changelog
-* Tue May 28 2024 Ge Wang <wang__ge@126.com> - 0.12.13-14
- rebuild for openEuler-22.03-LTS-SP4
-
-* Tue May 28 2024 Ge Wang <wang__ge@126.com> - 0.12.13-13
- Fix #1115: Some modules set __file__ as None
-
-* Wed Nov 22 2023 zhangliangpengkun<zhangliangpengkun@xfusion.com> - 0.12.13-12
- Fix #930: DeprecationWarning: Flags not at the start of the expression
-
-* Thu Nov 09 2023 zhangliangpengkun<zhangliangpengkun@xfusion.com> - 0.12.13-11
- fix #1065 gevent-1.3.0 removes 'fast' wsgi implementation.
-
-* Tue Jun 14 2022 yaoxin <yaoxin30@h-partners.com> - 0.12.13-10
- Fix CVE-2022-31799
-
-* Fri Feb 19 2021 zhanghua <zhanghua40@huawei.com> - 0.12.13-9
- fix CVE-2020-28473
-
 * Wed Oct 21 2020 chengzihan <chengzihan2@huawei.com> - 0.12.13-8
 - Modify url and remove subpackage python2-bottle