Files @ 7aff9a999536
Branch filter:

Location: kallithea/setup.py

7aff9a999536 4.8 KiB text/x-python Show Annotation Show as Raw Download as Raw
Thomas De Schampheleire
templates, controllers: replace webhelpers.html.literal() with webhelpers.html.HTML() where possible

Usage of webhelpers.literal (h.literal) can be a problem when variables are
not correctly escaped. Luckily, this function can be avoided in several
cases.

Several users of the construct:
h.literal(_('..A..') % (..B..))

can be simplified if (..B..) just contains a call to h.link_to. In this
case, there is actually no need to use h.literal, because the object
returned by link_to is already a literal. It is sufficient to use
webhelpers.html.HTML() like so:
h.HTML(_('..A..')) % (..B..)

which is better because it will escape the '..A..' part instead of passing
it literally.

The need to wrap the '..A..' part in HTML() is to make sure the (escaped)
end result is not a plain string but a 'literal' to avoid double escaping
later.

See also the documentation:
https://docs.pylonsproject.org/projects/webhelpers/en/latest/modules/html/builder.html
"
When literal is used in a mixed expression containing both literals and
ordinary strings, it tries hard to escape the strings and return a
literal. However, this depends on which value has “control” of the
expression. literal seems to be able to take control with all
combinations of the + operator, but with % and join it must be on the
left side of the expression. So these all work:

"A" + literal("B")
literal(", ").join(["A", literal("B")])
literal("%s %s") % (16, literal("kg"))

But these return an ordinary string which is prone to double-escaping later:

"\n".join([literal('<span class="foo">Foo!</span>'), literal('Bar!')])
"%s %s" % (literal("16"), literal("&lt;em&gt;kg&lt;/em&gt;"))
"

This same escaping with 'HTML()' was already done by default in mako
templates for constructs like ${_("something")} that do not contain format
specifiers. When the translated string _does_ contain format specifiers, we
want to use the same escaping, but we have to do it explicit and earlier so
the escaping happens already when strings are inserted into the template
string.
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/usr/bin/env python2
# -*- coding: utf-8 -*-
import os
import sys
import platform

if sys.version_info < (2, 6) or sys.version_info >= (3,):
    raise Exception('Kallithea requires python 2.6 or 2.7')


here = os.path.abspath(os.path.dirname(__file__))


def _get_meta_var(name, data, callback_handler=None):
    import re
    matches = re.compile(r'(?:%s)\s*=\s*(.*)' % name).search(data)
    if matches:
        if not callable(callback_handler):
            callback_handler = lambda v: v

        return callback_handler(eval(matches.groups()[0]))

_meta = open(os.path.join(here, 'kallithea', '__init__.py'), 'rb')
_metadata = _meta.read()
_meta.close()

callback = lambda V: ('.'.join(map(str, V[:3])) + '.'.join(V[3:]))
__version__ = _get_meta_var('VERSION', _metadata, callback)
__license__ = _get_meta_var('__license__', _metadata)
__author__ = _get_meta_var('__author__', _metadata)
__url__ = _get_meta_var('__url__', _metadata)
# defines current platform
__platform__ = platform.system()

is_windows = __platform__ in ['Windows']

requirements = [
    "alembic >= 0.8.0, < 1.1",
    "gearbox < 1",
    "waitress >= 0.8.8, < 1.2",
    "WebOb >= 1.7, < 1.8", # turbogears2 2.3.12 requires WebOb<1.8.0
    "backlash >= 0.1.2, < 1",
    "TurboGears2 >= 2.3.10, < 2.4",
    "tgext.routes >= 0.2.0, < 1",
    "Beaker >= 1.7.0, < 2",
    "WebHelpers >= 1.3, < 1.4",
    "FormEncode >= 1.2.4, < 1.4",
    "SQLAlchemy >= 1.1, < 1.3",
    "Mako >= 0.9.0, < 1.1",
    "Pygments >= 2.0, < 2.3",
    "Whoosh >= 2.5.0, < 2.8",
    "celery >= 3.1, < 4.0", # celery 4 doesn't work
    "Babel >= 1.3, < 2.7",
    "python-dateutil >= 1.5.0, < 2.8",
    "Markdown >= 2.2.1, < 2.7",
    "docutils >= 0.11, < 0.15",
    "URLObject >= 2.3.4, < 2.5",
    "Routes >= 1.13, < 2",
    "dulwich >= 0.14.1, < 0.20",
    "mercurial >= 4.1.1, < 4.10",
    "decorator >= 3.3.2, < 4.4",
    "Paste >= 2.0.3, < 3.1",
    "bleach >= 3.0, < 3.1",
    "Click >= 7.0, < 8",
]

if sys.version_info < (2, 7):
    requirements.append("importlib == 1.0.1")
    requirements.append("argparse")

if not is_windows:
    requirements.append("bcrypt >= 3.1.0, < 3.2")

dependency_links = [
]

classifiers = [
    'Development Status :: 4 - Beta',
    'Environment :: Web Environment',
    'Framework :: Pylons',
    'Intended Audience :: Developers',
    'License :: OSI Approved :: GNU General Public License (GPL)',
    'Operating System :: OS Independent',
    'Programming Language :: Python',
    'Programming Language :: Python :: 2.6',
    'Programming Language :: Python :: 2.7',
    'Topic :: Software Development :: Version Control',
]


# additional files from project that goes somewhere in the filesystem
# relative to sys.prefix
data_files = []

description = ('Kallithea is a fast and powerful management tool '
               'for Mercurial and Git with a built in push/pull server, '
               'full text search and code-review.')

keywords = ' '.join([
    'kallithea', 'mercurial', 'git', 'code review',
    'repo groups', 'ldap', 'repository management', 'hgweb replacement',
    'hgwebdir', 'gitweb replacement', 'serving hgweb',
])

# long description
README_FILE = 'README.rst'
try:
    long_description = open(README_FILE).read()
except IOError as err:
    sys.stderr.write(
        "[WARNING] Cannot find file specified as long_description (%s)\n"
        % README_FILE
    )
    long_description = description

import setuptools

# monkey patch setuptools to use distutils owner/group functionality
from setuptools.command import sdist
sdist_org = sdist.sdist
class sdist_new(sdist_org):
    def initialize_options(self):
        sdist_org.initialize_options(self)
        self.owner = self.group = 'root'
sdist.sdist = sdist_new

packages = setuptools.find_packages(exclude=['ez_setup'])

setuptools.setup(
    name='Kallithea',
    version=__version__,
    description=description,
    long_description=long_description,
    keywords=keywords,
    license=__license__,
    author=__author__,
    author_email='kallithea@sfconservancy.org',
    dependency_links=dependency_links,
    url=__url__,
    install_requires=requirements,
    classifiers=classifiers,
    data_files=data_files,
    packages=packages,
    include_package_data=True,
    message_extractors={'kallithea': [
            ('**.py', 'python', None),
            ('templates/**.mako', 'mako', {'input_encoding': 'utf-8'}),
            ('templates/**.html', 'mako', {'input_encoding': 'utf-8'}),
            ('public/**', 'ignore', None)]},
    zip_safe=False,
    entry_points="""
    [console_scripts]
    kallithea-api =    kallithea.bin.kallithea_api:main
    kallithea-gist =   kallithea.bin.kallithea_gist:main
    kallithea-config = kallithea.bin.kallithea_config:main
    kallithea-cli =    kallithea.bin.kallithea_cli:cli

    [paste.app_factory]
    main = kallithea.config.middleware:make_app
    """,
)
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.