Commit Graph

13553 Commits

Author SHA1 Message Date
Ran Benita 07c6b3fb21
Merge pull request #8516 from bluetech/mktmp
Fix minor temporary directory security issue
2021-04-04 00:33:53 +03:00
Ran Benita c49100cef8 tmpdir: prevent using a non-private root temp directory
pytest uses a root temp directory named `/tmp/pytest-of-<username>`. The
name is predictable, and the directory might already exists from a
previous run, so that's allowed.

This makes it possible for my_user to pre-create
`/tmp/pytest-of-another_user`, thus giving my_user control of
another_user's tempdir.

Prevent this scenario by adding a couple of safety checks. I believe
they are sufficient.

Testing the first check requires changing the owner, which requires
root permissions, so can't be unit-tested easily, but I checked it
manually.
2021-04-03 23:42:53 +03:00
Ran Benita 1278f8b97e tmpdir: fix temporary directories created with world-readable permissions
(Written for a Unix system, but might be applicable to Windows as well).

pytest creates a root temporary directory under /tmp, named
`pytest-of-<username>`, and creates tmp_path's and other under it.
/tmp is shared between all users of the system.

This root temporary directory was created with 0o777&~umask permissions,
which usually becomes 0o755, meaning any user in the system could list
and read the files, which is undesirable.

Use 0o700 permissions instead. Also for subdirectories, because the root
dir is adjustable.
2021-04-03 23:42:53 +03:00
Ran Benita 0dd1e5b4f4 pathlib: inline ensure_reset_dir()
This is only used in TempPathFactory.getbasetemp(). We'll be wanting
further control/care there, so move it into there.
2021-04-03 23:42:53 +03:00
Ran Benita 78122a5304 pathlib: remove useless temporary variable 2021-04-03 23:42:53 +03:00
Ronny Pfannschmidt 9c151a65c8
Merge pull request #8503 from pytest-dev/require_setuptools
monkeypatch.syspath_prepend: Skip fixup_namespace_packages if pkg_resources not imported
2021-04-01 21:49:29 +02:00
Miro Hrončok 778d2b2499 monkeypatch.syspath_prepend: Skip fixup_namespace_packages if pkg_resources not imported
Calling pkg_resources.fixup_namespace_packages() is only needed for packages
that use pkg_resources.declare_namespace() and hence they already imported
pkg_resources. When pkg_resources is not imported, we don't need to use it.

This avoids an unneeded runtime dependency on setuptools.
The code is tested by test_syspath_prepend_with_namespace_packages,
behavior should remain unchanged, hence no new test was added.

When people drop pkg_resources from sys.modules, they are on their own.
If someone has a actual use case making this valid to support,
they can come in and provide a test, a reference and a fix.
2021-04-01 20:24:21 +02:00
Mehera Emrich 0061ec5555
Fix typo (#8504) 2021-04-01 15:13:12 +02:00
Bruno Oliveira b96e229c95
Fix plugin-list label in the docs (#8505)
Last time I "fixed" this I left a `\` at the start of the string
to avoid an initial newline, but didn't realize it was a raw string.

This should fix it now for good.
2021-04-01 15:12:46 +02:00
Bruno Oliveira ca4a7a085e
Merge pull request #8496 from pytest-dev/update-plugin-list/patch-9052a9e
[automated] Update plugin list
2021-03-27 22:53:43 -03:00
pytest bot bfdfab00dd [automated] Update plugin list 2021-03-28 00:18:38 +00:00
Ronny Pfannschmidt 9052a9e313
Merge pull request #8462 from RonnyPfannschmidt/main_fixup_followup
port the rest of the scripts/docs over to the main branch
2021-03-27 15:49:20 +01:00
Bruno Oliveira c1bdff9e69
Merge pull request #8494 from nicoddemus/python-3.10 2021-03-27 11:32:31 -03:00
Bruno Oliveira a7416a535a Add classifier for Python 3.10 and CHANGELOG entry 2021-03-27 11:13:16 -03:00
Bruno Oliveira 913cffa45f Add warnings filter for disutils deprecation
Deprecated in 3.10, scheduled for removal in 3.12
2021-03-27 11:13:16 -03:00
Bruno Oliveira b2954e85d6 Adjust message for Python 3.10
Now the message includes the class name ("Skip.__init__() got multiple...").
2021-03-27 11:13:16 -03:00
Bruno Oliveira 878a51ef53
Merge pull request #8493 from pytest-dev/docs-fix
tweak documentation of report's sections attribute
2021-03-26 07:47:38 -03:00
Bruno Oliveira d9f4cedf17
Merge pull request #8472 from bluetech/rm-unnecessary-py-path-4
testing: stop relying on comparing to py.path in fnmatcher tests
2021-03-26 07:43:37 -03:00
Bruno Oliveira 8c65a4f174 Configure support for Python 3.10 2021-03-26 07:33:24 -03:00
Bruno Oliveira ddbc00d61e
Merge pull request #8391 from nicoddemus/ellipsis-verbose-6682
Increase truncation threshold with -v, disable with -vv
2021-03-26 07:29:36 -03:00
Bruno Oliveira c1e057065c Fix plugin-list label and script
This was changed during the current docs restructing and
we missed that it changed the label.
2021-03-26 07:13:52 -03:00
Bruno Oliveira be8d63e33b Increase truncation threshold with -v, disable with -vv
Fix #6682
Fix #8403
2021-03-26 07:05:30 -03:00
Bruno Oliveira 9e8a6b6eeb
Merge pull request #8477 from evildmp/evolutionary-documentation-restructure 2021-03-26 06:32:26 -03:00
wim glenn 76ab94e4a0
fix some bunk formatting in the CollectReport, and reword the description of the 'sections' attribute 2021-03-25 22:25:19 -05:00
Bruno Oliveira 8d21df0dc6
Merge pull request #8473 from pytest-dev/update-plugin-list/patch-35df3e6
[automated] Update plugin list
2021-03-25 17:36:25 -03:00
Bruno Oliveira 7dfaaa1e16
Merge pull request #8476 from symonk/cmdline-main-docs
Remove note on conftest.py files as part of pytest_cmdline_main hookspec
2021-03-25 17:23:24 -03:00
pre-commit-ci[bot] f28421cc70
[pre-commit.ci] pre-commit autoupdate (#8480)
Co-authored-by: pre-commit-ci[bot] <66853113+pre-commit-ci[bot]@users.noreply.github.com>
2021-03-23 19:05:19 +00:00
Daniele Procida a7d528e058 Restructured 'How to invoke pytest' guide 2021-03-22 22:47:13 +00:00
Simon K a6cf0a0a0e
rename master to main in PULL_REQUEST_TEMPLATE.md (#8481) 2021-03-22 22:06:46 +00:00
Florian Bruhin bc055e8e69
Fix required_plugins with prereleases (#8469)
* Fix required_plugins with prereleases

Fixes #8456

* Fix existing tests

* Update changelog/8456.bugfix.rst

Co-authored-by: Bruno Oliveira <nicoddemus@gmail.com>

Co-authored-by: Bruno Oliveira <nicoddemus@gmail.com>
2021-03-21 22:51:12 +01:00
symonk 42ece0ca81 remove conftest note on pytest_cmdline_main, the hook is invoked 2021-03-21 20:06:18 +00:00
pytest bot 3add1a4d0f [automated] Update plugin list 2021-03-21 00:50:28 +00:00
Ran Benita 945cc0b5a1 testing: stop relying on comparing to py.path in fnmatcher tests 2021-03-20 21:58:45 +02:00
Ronny Pfannschmidt ff6d5ae278 port the rest of the scripts/docs over to the main branch 2021-03-18 22:13:12 +01:00
Bruno Oliveira 35df3e68d5
Merge pull request #8459 from bluetech/unnecessary-py-path-3 2021-03-18 09:05:45 -03:00
Jürgen Gmach fb481c7e6f
fix typo (#8460) 2021-03-18 12:34:01 +01:00
Ran Benita 4690e4c510 reports: support any PathLike instead of only Path, py.path
The goal is to avoid referring to the legacy py.path.
2021-03-18 10:23:48 +02:00
Ran Benita 202dd9f423 pytester: add & use our own copytree instead of py.path's
Fixes the TODO note.
2021-03-18 10:23:48 +02:00
Ran Benita ccdadb64ea main: add Session.startpath, make Session.startdir a property that can be deprecated
Same as in Config.
2021-03-18 10:23:48 +02:00
Ran Benita 6a174afdfe terminal: move startdir attribute to a property that can be deprecated
Same as in Config.
2021-03-18 10:23:48 +02:00
Ran Benita e515264eb1 Remove yet more unnecessary py.path uses 2021-03-18 10:23:48 +02:00
Ran Benita fe215bda6b
Merge pull request #8446 from bluetech/unnecessary-py-path-2
More py.path removal work
2021-03-18 10:20:59 +02:00
Ran Benita f7efb9a01c
Merge pull request #8455 from evildmp/evolutionary-documentation-restructure
Explicitly listed the four documentation sections on index.rst
2021-03-18 09:52:31 +02:00
Ronny Pfannschmidt 6071b2c647
Merge pull request #8449 from pytest-dev/pre-commit-ci-update-config
[pre-commit.ci] pre-commit autoupdate
2021-03-17 15:09:46 +01:00
Kale Kundert dd3709718d
Merge pull request #8453 from encukou/rel-error-message
Fix value in error message about negative relative tolerance
2021-03-16 16:43:31 -04:00
Daniele Procida 6ab461f460 Explicitly listed the four documentation sections on index.rst 2021-03-16 20:26:05 +00:00
pre-commit-ci[bot] da4abd1c82 [pre-commit.ci] auto fixes from pre-commit.com hooks
for more information, see https://pre-commit.ci
2021-03-16 19:10:55 +00:00
Petr Viktorin 43b451e95e Add tests for the error message 2021-03-16 20:09:17 +01:00
Petr Viktorin 1f131afb07 Fix value in error message about negative relative tolerance 2021-03-16 18:54:52 +01:00
Bruno Oliveira 2ce446a75f
Merge pull request #8451 from evildmp/evolutionary-documentation-restructure 2021-03-16 10:52:49 -03:00