automatic import of python-defusedcsv

author: CoprDistGit <infra@openeuler.org> 2023-05-10 06:11:20 +0000
committer: CoprDistGit <infra@openeuler.org> 2023-05-10 06:11:20 +0000
commit: b37d83de0b1cb99d53d70c354fd50f867b0f28ce (patch)
tree: dfc3a37ea51f22db3db21359a6a0f51580607f89
parent: 240a6de388d3abb48537c649b51b7ecab897d343 (diff)
3 files changed, 95 insertions, 0 deletions
diff --git a/.gitignore b/.gitignore
index e69de29..58b1165 100644
--- a/.gitignore
+++ b/.gitignore
@@ -0,0 +1 @@
+/defusedcsv-2.0.0.tar.gz
diff --git a/python-defusedcsv.spec b/python-defusedcsv.spec
new file mode 100644
index 0000000..daa9dce
--- /dev/null
+++ b/python-defusedcsv.spec
@@ -0,0 +1,93 @@
+%global _empty_manifest_terminate_build 0
+Name:		python-defusedcsv
+Version:	2.0.0
+Release:	1
+Summary:	Drop-in replacement for Python's CSV library that tries to mitigate CSV injection attacks
+License:	Apache License 2.0
+URL:		https://github.com/raphaelm/defusedcsv
+Source0:	https://mirrors.nju.edu.cn/pypi/web/packages/09/71/b315ee2dde73f37cc8245c5f31034e790ef72fa31b431f4bd534d9c0a19b/defusedcsv-2.0.0.tar.gz
+BuildArch:	noarch
+
+
+%description
+If your Python application offers CSV export of user-generated data, that user-generated data might contain malicious
+payloads that might trigger vulnerabilities in the spreadsheet software of the user that downloads the file (i.e. MS
+Excel or LibreOffice).
+This library tries to mitigate that by prepending all cells starting with ``@``, ``+``,
+``-``, ``=``, ``|`` or ``%`` with an apostrophe ``'`` and additionally replacing all
+``|`` characters in these cells with ``\|``. This will of course change the resulting
+CSV files, but Excel will not display the ``'`` character to the user.
+Tested with Python 3.8 to 3.10.
+
+%package -n python3-defusedcsv
+Summary:	Drop-in replacement for Python's CSV library that tries to mitigate CSV injection attacks
+Provides:	python-defusedcsv
+BuildRequires:	python3-devel
+BuildRequires:	python3-setuptools
+BuildRequires:	python3-pip
+%description -n python3-defusedcsv
+If your Python application offers CSV export of user-generated data, that user-generated data might contain malicious
+payloads that might trigger vulnerabilities in the spreadsheet software of the user that downloads the file (i.e. MS
+Excel or LibreOffice).
+This library tries to mitigate that by prepending all cells starting with ``@``, ``+``,
+``-``, ``=``, ``|`` or ``%`` with an apostrophe ``'`` and additionally replacing all
+``|`` characters in these cells with ``\|``. This will of course change the resulting
+CSV files, but Excel will not display the ``'`` character to the user.
+Tested with Python 3.8 to 3.10.
+
+%package help
+Summary:	Development documents and examples for defusedcsv
+Provides:	python3-defusedcsv-doc
+%description help
+If your Python application offers CSV export of user-generated data, that user-generated data might contain malicious
+payloads that might trigger vulnerabilities in the spreadsheet software of the user that downloads the file (i.e. MS
+Excel or LibreOffice).
+This library tries to mitigate that by prepending all cells starting with ``@``, ``+``,
+``-``, ``=``, ``|`` or ``%`` with an apostrophe ``'`` and additionally replacing all
+``|`` characters in these cells with ``\|``. This will of course change the resulting
+CSV files, but Excel will not display the ``'`` character to the user.
+Tested with Python 3.8 to 3.10.
+
+%prep
+%autosetup -n defusedcsv-2.0.0
+
+%build
+%py3_build
+
+%install
+%py3_install
+install -d -m755 %{buildroot}/%{_pkgdocdir}
+if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
+if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
+if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
+if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
+pushd %{buildroot}
+if [ -d usr/lib ]; then
+	find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/lib64 ]; then
+	find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/bin ]; then
+	find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+if [ -d usr/sbin ]; then
+	find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst
+fi
+touch doclist.lst
+if [ -d usr/share/man ]; then
+	find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst
+fi
+popd
+mv %{buildroot}/filelist.lst .
+mv %{buildroot}/doclist.lst .
+
+%files -n python3-defusedcsv -f filelist.lst
+%dir %{python3_sitelib}/*
+
+%files help -f doclist.lst
+%{_docdir}/*
+
+%changelog
+* Wed May 10 2023 Python_Bot <Python_Bot@openeuler.org> - 2.0.0-1
+- Package Spec generated
diff --git a/sources b/sources
new file mode 100644
index 0000000..14bec6f
--- /dev/null
+++ b/sources
@@ -0,0 +1 @@
+bae0807cee5a14b74b7c36f4851f0c3e  defusedcsv-2.0.0.tar.gz
author	CoprDistGit <infra@openeuler.org>	2023-05-10 06:11:20 +0000
committer	CoprDistGit <infra@openeuler.org>	2023-05-10 06:11:20 +0000
commit	b37d83de0b1cb99d53d70c354fd50f867b0f28ce (patch)
tree	dfc3a37ea51f22db3db21359a6a0f51580607f89
parent	240a6de388d3abb48537c649b51b7ecab897d343 (diff)