Files @ fa3365c94064
Branch filter:

Location: kallithea/setup.py

fa3365c94064 5.9 KiB text/x-python Show Annotation Show as Raw Download as Raw
Mads Kiilerich
repos: introduce low level check of clone URIs to prevent direct file system access to local repos

This is already checked in web form validation, but also check at low level to
make sure API access enforce the same invariants.

This issue was found and reported by
Kacper Szurek
https://security.szurek.pl/
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
#!/usr/bin/env python2
# -*- coding: utf-8 -*-
import os
import sys
import platform

if sys.version_info < (2, 6):
    raise Exception('Kallithea requires python 2.6 or 2.7')


here = os.path.abspath(os.path.dirname(__file__))


def _get_meta_var(name, data, callback_handler=None):
    import re
    matches = re.compile(r'(?:%s)\s*=\s*(.*)' % name).search(data)
    if matches:
        if not callable(callback_handler):
            callback_handler = lambda v: v

        return callback_handler(eval(matches.groups()[0]))

_meta = open(os.path.join(here, 'kallithea', '__init__.py'), 'rb')
_metadata = _meta.read()
_meta.close()

callback = lambda V: ('.'.join(map(str, V[:3])) + '.'.join(V[3:]))
__version__ = _get_meta_var('VERSION', _metadata, callback)
__license__ = _get_meta_var('__license__', _metadata)
__author__ = _get_meta_var('__author__', _metadata)
__url__ = _get_meta_var('__url__', _metadata)
# defines current platform
__platform__ = platform.system()

is_windows = __platform__ in ['Windows']

requirements = [
    "setuptools<34", # setuptools==34 has an undeclared requirement of pyparsing >=2.1, but celery<2.3 requires pyparsing<2
    "waitress==0.8.8",
    "webob>=1.0.8,<=1.1.1",
    "webtest==1.4.3",
    "Pylons>=1.0.0,<=1.0.3",
    "Beaker==1.6.4",
    "WebHelpers==1.3",
    "formencode>=1.2.4,<=1.2.6",
    "SQLAlchemy==0.7.10",
    "Mako>=0.9.0,<=1.0.0",
    "pygments>=1.5",
    "whoosh>=2.4.0,<=2.5.7",
    "celery>=2.2.5,<2.3",
    "babel>=0.9.6,<=1.3",
    "python-dateutil>=1.5.0,<2.0.0",
    "markdown==2.2.1",
    "docutils>=0.8.1,<=0.11",
    "mock",
    "URLObject==2.3.4",
    "Routes==1.13",
    "dulwich>=0.9.9,<=0.9.9",
    "mercurial>=2.9,<4.3",
]

if sys.version_info < (2, 7):
    requirements.append("importlib==1.0.1")
    requirements.append("unittest2")
    requirements.append("argparse")

if not is_windows:
    requirements.append("py-bcrypt>=0.3.0,<=0.4")


dependency_links = [
]

classifiers = [
    'Development Status :: 4 - Beta',
    'Environment :: Web Environment',
    'Framework :: Pylons',
    'Intended Audience :: Developers',
    'License :: OSI Approved :: GNU General Public License (GPL)',
    'Operating System :: OS Independent',
    'Programming Language :: Python',
    'Programming Language :: Python :: 2.6',
    'Programming Language :: Python :: 2.7',
    'Topic :: Software Development :: Version Control',
]


# additional files from project that goes somewhere in the filesystem
# relative to sys.prefix
data_files = []

# additional files that goes into package itself
package_data = {'kallithea': ['i18n/*/LC_MESSAGES/*.mo', ], }

description = ('Kallithea is a fast and powerful management tool '
               'for Mercurial and Git with a built in push/pull server, '
               'full text search and code-review.')

keywords = ' '.join([
    'kallithea', 'mercurial', 'git', 'code review',
    'repo groups', 'ldap', 'repository management', 'hgweb replacement',
    'hgwebdir', 'gitweb replacement', 'serving hgweb',
])

# long description
README_FILE = 'README.rst'
CHANGELOG_FILE = 'docs/changelog.rst'
try:
    long_description = open(README_FILE).read() + '\n\n' + \
        open(CHANGELOG_FILE).read()

except IOError as err:
    sys.stderr.write(
        "[WARNING] Cannot find file specified as long_description (%s)\n or "
        "changelog (%s) skipping that file" % (README_FILE, CHANGELOG_FILE)
    )
    long_description = description

try:
    from setuptools import setup, find_packages
except ImportError:
    from ez_setup import use_setuptools
    use_setuptools()
    from setuptools import setup, find_packages

# monkey patch setuptools to use distutils owner/group functionality
from setuptools.command import sdist
sdist_org = sdist.sdist
class sdist_new(sdist_org):
    def initialize_options(self):
        sdist_org.initialize_options(self)
        self.owner = self.group = 'root'
sdist.sdist = sdist_new

# packages
packages = find_packages(exclude=['ez_setup'])

setup(
    name='Kallithea',
    version=__version__,
    description=description,
    long_description=long_description,
    keywords=keywords,
    license=__license__,
    author=__author__,
    author_email='kallithea@sfconservancy.org',
    dependency_links=dependency_links,
    url=__url__,
    install_requires=requirements,
    classifiers=classifiers,
    setup_requires=["PasteScript>=1.6.3"],
    data_files=data_files,
    packages=packages,
    include_package_data=True,
    test_suite='nose.collector',
    package_data=package_data,
    message_extractors={'kallithea': [
            ('**.py', 'python', None),
            ('templates/**.mako', 'mako', {'input_encoding': 'utf-8'}),
            ('templates/**.html', 'mako', {'input_encoding': 'utf-8'}),
            ('public/**', 'ignore', None)]},
    zip_safe=False,
    paster_plugins=['PasteScript', 'Pylons'],
    entry_points="""
    [console_scripts]
    kallithea-api =    kallithea.bin.kallithea_api:main
    kallithea-gist =   kallithea.bin.kallithea_gist:main
    kallithea-config = kallithea.bin.kallithea_config:main

    [paste.app_factory]
    main = kallithea.config.middleware:make_app

    [paste.app_install]
    main = pylons.util:PylonsInstaller

    [paste.global_paster_command]
    setup-db=kallithea.lib.paster_commands.setup_db:Command
    cleanup-repos=kallithea.lib.paster_commands.cleanup:Command
    update-repoinfo=kallithea.lib.paster_commands.update_repoinfo:Command
    make-rcext=kallithea.lib.paster_commands.make_rcextensions:Command
    repo-scan=kallithea.lib.paster_commands.repo_scan:Command
    cache-keys=kallithea.lib.paster_commands.cache_keys:Command
    ishell=kallithea.lib.paster_commands.ishell:Command
    make-index=kallithea.lib.paster_commands.make_index:Command
    upgrade-db=kallithea.lib.dbmigrate:UpgradeDb
    celeryd=kallithea.lib.celerypylons.commands:CeleryDaemonCommand
    install-iis=kallithea.lib.paster_commands.install_iis:Command

    [nose.plugins]
    pylons = pylons.test:PylonsPlugin
    """,
)
This site is powered by Kallithea 0.7.0, which is © 2010–2025 by various authors & licensed under GPLv3.