From 9e71900f79c3fc322f1de47375c6bd22cfcd0da1 Mon Sep 17 00:00:00 2001
From: CoprDistGit <infra@openeuler.org>
Date: Mon, 19 Aug 2024 08:41:31 +0000
Subject: automatic import of python-black

---
 .gitignore           |  1 +
 CVE-2024-21503.patch | 80 +++++++++++++++++++++++++++++++++++++++++++++
 python-black.spec    | 92 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 sources              |  1 +
 4 files changed, 174 insertions(+)
 create mode 100644 CVE-2024-21503.patch
 create mode 100644 python-black.spec
 create mode 100644 sources

diff --git a/.gitignore b/.gitignore
index e69de29..b0527cf 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/black-24.2.0.tar.gz
diff --git a/CVE-2024-21503.patch b/CVE-2024-21503.patch
new file mode 100644
index 0000000..ef91aa3
--- /dev/null
+++ b/CVE-2024-21503.patch
@@ -0,0 +1,80 @@
+From 3ecd05252df7c043d077a8c7ecaa573465e0cc8a Mon Sep 17 00:00:00 2001
+From: Jelle Zijlstra <jelle.zijlstra@gmail.com>
+Date: Fri, 15 Mar 2024 12:06:12 -0700
+Subject: [PATCH ]  CVE-2024-21503
+Fix catastrophic performance in lines_with_leading_tabs_expanded() (#4278)
+
+---
+ src/black/strings.py | 18 ++++++------------
+ tests/test_black.py  | 11 +++++++++++
+ 2 files changed, 17 insertions(+), 12 deletions(-)
+
+diff --git a/src/black/strings.py b/src/black/strings.py
+index 0e0f968..baa8816 100644
+--- a/src/black/strings.py
++++ b/src/black/strings.py
+@@ -14,7 +14,6 @@ STRING_PREFIX_CHARS: Final = "furbFURB"  # All possible string prefix characters
+ STRING_PREFIX_RE: Final = re.compile(
+     r"^([" + STRING_PREFIX_CHARS + r"]*)(.*)$", re.DOTALL
+ )
+-FIRST_NON_WHITESPACE_RE: Final = re.compile(r"\s*\t+\s*(\S)")
+ UNICODE_ESCAPE_RE: Final = re.compile(
+     r"(?P<backslashes>\\+)(?P<body>"
+     r"(u(?P<u>[a-fA-F0-9]{4}))"  # Character with 16-bit hex value xxxx
+@@ -51,18 +50,13 @@ def lines_with_leading_tabs_expanded(s: str) -> List[str]:
+     """
+     lines = []
+     for line in s.splitlines():
+-        # Find the index of the first non-whitespace character after a string of
+-        # whitespace that includes at least one tab
+-        match = FIRST_NON_WHITESPACE_RE.match(line)
+-        if match:
+-            first_non_whitespace_idx = match.start(1)
+-
+-            lines.append(
+-                line[:first_non_whitespace_idx].expandtabs()
+-                + line[first_non_whitespace_idx:]
+-            )
+-        else:
++        stripped_line = line.lstrip()
++        if not stripped_line or stripped_line == line:
+             lines.append(line)
++        else:
++            prefix_length = len(line) - len(stripped_line)
++            prefix = line[:prefix_length].expandtabs()
++            lines.append(prefix + stripped_line)
+     if s.endswith("\n"):
+         lines.append("")
+     return lines
+diff --git a/tests/test_black.py b/tests/test_black.py
+index 41f87cd..1814fb7 100644
+--- a/tests/test_black.py
++++ b/tests/test_black.py
+@@ -47,6 +47,7 @@ from black.debug import DebugVisitor
+ from black.mode import Mode, Preview
+ from black.output import color_diff, diff
+ from black.report import Report
++from black.strings import lines_with_leading_tabs_expanded
+ 
+ # Import other test classes
+ from tests.util import (
+@@ -2054,6 +2055,16 @@ class BlackTestCase(BlackBaseTestCase):
+             b"Cannot use line-ranges in the pyproject.toml file." in result.stderr_bytes
+         )
+ 
++    def test_lines_with_leading_tabs_expanded(self) -> None:
++        # See CVE-2024-21503. Mostly test that this completes in a reasonable
++        # time.
++        payload = "\t" * 10_000
++        assert lines_with_leading_tabs_expanded(payload) == [payload]
++
++        tab = " " * 8
++        assert lines_with_leading_tabs_expanded("\tx") == [f"{tab}x"]
++        assert lines_with_leading_tabs_expanded("\t\tx") == [f"{tab}{tab}x"]
++        assert lines_with_leading_tabs_expanded("\tx\n  y") == [f"{tab}x", "  y"]
+ 
+ class TestCaching:
+     def test_get_cache_dir(
+-- 
+2.37.2.windows.2
+
diff --git a/python-black.spec b/python-black.spec
new file mode 100644
index 0000000..a7cb176
--- /dev/null
+++ b/python-black.spec
@@ -0,0 +1,92 @@
+%global _empty_manifest_terminate_build 0
+%global pypi_name black
+
+Name:           python-%{pypi_name}
+Version:        24.2.0
+Release:        2
+Summary:        The uncompromising code formatter
+License:        MIT
+URL:            https://github.com/psf/black
+Source0:        %{url}/archive/%{version}/%{pypi_name}-%{version}.tar.gz
+
+BuildArch:      noarch
+
+Patch0: CVE-2024-21503.patch
+
+BuildRequires:  python3-devel
+
+# Base build requires
+BuildRequires:	python3-setuptools
+BuildRequires:	python3-setuptools_scm	
+BuildRequires:	python3-pip
+BuildRequires:	python3-wheel
+BuildRequires:	python3-hatch-vcs
+BuildRequires:	python3-hatchling
+BuildRequires:	python3-hatch-fancy-pypi-readme
+
+%global _description %{expand:
+Black is the uncompromising Python code formatter. By using it, you agree to
+cease control over minutiae of hand-formatting. In return, Black gives you
+speed, determinism, and freedom from pycodestyle nagging about formatting.
+You will save time and mental energy for more important matters.}
+
+%description %_description
+
+
+%package -n     python3-%{pypi_name}
+Summary:        %{summary}
+%{?python_provide:%python_provide python3-%{pypi_name}}
+
+%description -n python3-%{pypi_name} %_description
+
+
+%prep
+%autosetup -p1 -n %{pypi_name}-%{version}
+
+%build
+%pyproject_build
+
+
+%install
+%pyproject_install
+
+for exe in black blackd; do
+  ln -sr %{buildroot}%{_bindir}/${exe}{,-%{python3_version}}
+done
+
+%files -n python3-%{pypi_name}
+%license LICENSE
+%doc README.md
+%{_bindir}/black
+%{_bindir}/black-%{python3_version}
+%{_bindir}/blackd
+%{_bindir}/blackd-%{python3_version}
+%{python3_sitelib}/_black_version.py
+%{python3_sitelib}/__pycache__/*
+%{python3_sitelib}/black*
+%{python3_sitelib}/blib2to3/*
+
+%changelog
+* Wed Apr 17 2024 yanjianqing <yanjianqing@kylinos.cn> - 24.2.0-2
+- Fix CVE-2024-21503
+
+* Fri Feb 23 2024 chendexi <chendexi@kylinos.cn> - 24.2.0-1
+- Update package to version 24.2.0
+
+* Mon Jun 19 2023 jiangxinyu <jiangxinyu@kylinos.cn> - 23.11.0-1
+- Update package to version 23.11.0
+
+* Mon Jul 10 2023 Dongxing Wang <dxwangk@isoftstone.com> - 23.3.0-5
+- Add the black extra package file list
+
+* Fri Jul 7 2023 Dongxing Wang <dxwangk@isoftstone.com> - 23.3.0-4
+- Fix the black package name
+
+* Wed Jul 5 2023 li-miaomiao_zhr <mmlidc@isoftstone.com> - 23.3.0-3
+- Change the software packaging name to "python3 black"
+
+* Mon Jun 26 2023 li-miaomiao_zhr <mmlidc@isoftstone.com> - 23.3.0-2
+- add dependency of python-hatch-fancy-pypi-readme
+
+* Wed Jun 7 2023 li-miaomiao_zhr <mmlidc@isoftstone.com> - 23.3.0-1
+- fix issue:add package python-black of version 23.3.0 to warehouse of src-openEuler
diff --git a/sources b/sources
new file mode 100644
index 0000000..0b57bfb
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+6a7dcad6f896566161f18654c3c51eb5  black-24.2.0.tar.gz
-- 
cgit v1.2.3