Download raw body.
security/py-passlib: fix broking logging
On Thu, 01 May 2025 12:54:21 +0200,
Stuart Henderson <stu@spacehopper.org> wrote:
>
> Good find.
>
> Seeing https://github.com/ThirVondukr/passlib/pull/15#issuecomment-2844561564
> do you think it might be worth waiting to see what gets committed
> upstream first?
>
Absolutley, I'll wait until upstream commit it, or backport his patch.
But we have a solution if anyone complains that 7.7 brokes things :)
> On 2025/05/01 10:14, Kirill A. Korinsky wrote:
> > ports,
> >
> > I had narrowed down the issue with mitmproxy too verbose logging to a the
> > root cause: update of security/py-passlib.
> >
> > The new fork includes
> > https://github.com/ThirVondukr/passlib/commit/650121d0cd7a6da775b2f44573de4c165b80d93c
> > which had switched the code to use logging in the way like logging.debug()
> >
> > One of the casses happens on import, and as documentation stated here
> > https://docs.python.org/3/library/logging.html#logging.debug the call
> > `logging.debug (or similar one) make implicit configuration of the logger
> > and it dismiss the second configuration from user application like mitmproxy
> >
> > We had a few users for security/py-passlib:
> > - productivity/radicale
> > - productivity/radicale2
> > - security/mitmproxy
> > - sysutils/ansible-core
> > - www/odoo
> > - www/py-autobahn
> > which might be impacted by this bug.
> >
> > I had backported this fix to upstream already, and I think that we need
> > backport it to -stable as well.
> >
> > Ok for -current and -stable?
> >
> >
> > Index: security/py-passlib/Makefile
> > ===================================================================
> > RCS file: /cvs/ports/security/py-passlib/Makefile,v
> > diff -u -p -r1.30 Makefile
> > --- security/py-passlib/Makefile 26 Mar 2025 09:42:19 -0000 1.30
> > +++ security/py-passlib/Makefile 1 May 2025 08:04:17 -0000
> > @@ -1,6 +1,7 @@
> > COMMENT= Python module providing a password hashing framework
> >
> > MODPY_DISTV= 1.9.0
> > +REVISION= 0
> > DISTNAME= libpass-${MODPY_DISTV}
> > # libpass is a maintained fork of passlib, providing the same namespace
> > PKGNAME= py-passlib-${MODPY_DISTV}
> > Index: security/py-passlib/patches/patch-passlib_registry_py
> > ===================================================================
> > RCS file: security/py-passlib/patches/patch-passlib_registry_py
> > diff -N security/py-passlib/patches/patch-passlib_registry_py
> > --- /dev/null 1 Jan 1970 00:00:00 -0000
> > +++ security/py-passlib/patches/patch-passlib_registry_py 1 May 2025 08:04:17 -0000
> > @@ -0,0 +1,36 @@
> > +https://github.com/ThirVondukr/passlib/pull/15
> > +
> > +Index: passlib/registry.py
> > +--- passlib/registry.py.orig
> > ++++ passlib/registry.py
> > +@@ -234,7 +234,7 @@ def register_crypt_handler_path(name, path):
> > +
> > + # store location
> > + _locations[name] = path
> > +- logging.debug("registered path to %r handler: %r", name, path)
> > ++ logging.getLogger(__name__).debug("registered path to %r handler: %r", name, path)
> > +
> > +
> > + def register_crypt_handler(handler, force=False, _attr=None):
> > +@@ -278,10 +278,10 @@ def register_crypt_handler(handler, force=False, _attr
> > + other = _handlers.get(name)
> > + if other:
> > + if other is handler:
> > +- logging.debug("same %r handler already registered: %r", name, handler)
> > ++ logging.getLogger(__name__).debug("same %r handler already registered: %r", name, handler)
> > + return
> > + if force:
> > +- logging.warning(
> > ++ logging.getLogger(__name__).warning(
> > + "overriding previously registered %r handler: %r", name, other
> > + )
> > + else:
> > +@@ -291,7 +291,7 @@ def register_crypt_handler(handler, force=False, _attr
> > +
> > + # register handler
> > + _handlers[name] = handler
> > +- logging.debug("registered %r handler: %r", name, handler)
> > ++ logging.getLogger(__name__).debug("registered %r handler: %r", name, handler)
> > +
> > +
> > + def get_crypt_handler(name, default=_UNSET):
> >
> >
> > --
> > wbr, Kirill
> >
>
--
wbr, Kirill
security/py-passlib: fix broking logging