ports,
I had narrowed down the issue with mitmproxy too verbose logging to a the
root cause: update of security/py-passlib.
The new fork includes
https://github.com/ThirVondukr/passlib/commit/650121d0cd7a6da775b2f44573de4c165b80d93c
which had switched the code to use logging in the way like logging.debug()
One of the casses happens on import, and as documentation stated here
https://docs.python.org/3/library/logging.html#logging.debug the call
`logging.debug (or similar one) make implicit configuration of the logger
and it dismiss the second configuration from user application like mitmproxy
We had a few users for security/py-passlib:
- productivity/radicale
- productivity/radicale2
- security/mitmproxy
- sysutils/ansible-core
- www/odoo
- www/py-autobahn
which might be impacted by this bug.
I had backported this fix to upstream already, and I think that we need
backport it to -stable as well.
Ok for -current and -stable?
Index: security/py-passlib/Makefile
===================================================================
RCS file: /cvs/ports/security/py-passlib/Makefile,v
diff -u -p -r1.30 Makefile
--- security/py-passlib/Makefile 26 Mar 2025 09:42:19 -0000 1.30
+++ security/py-passlib/Makefile 1 May 2025 08:04:17 -0000
@@ -1,6 +1,7 @@
COMMENT= Python module providing a password hashing framework
MODPY_DISTV= 1.9.0
+REVISION= 0
DISTNAME= libpass-${MODPY_DISTV}
# libpass is a maintained fork of passlib, providing the same namespace
PKGNAME= py-passlib-${MODPY_DISTV}
Index: security/py-passlib/patches/patch-passlib_registry_py
===================================================================
RCS file: security/py-passlib/patches/patch-passlib_registry_py
diff -N security/py-passlib/patches/patch-passlib_registry_py
--- /dev/null 1 Jan 1970 00:00:00 -0000
+++ security/py-passlib/patches/patch-passlib_registry_py 1 May 2025 08:04:17 -0000
@@ -0,0 +1,36 @@
+https://github.com/ThirVondukr/passlib/pull/15
+
+Index: passlib/registry.py
+--- passlib/registry.py.orig
++++ passlib/registry.py
+@@ -234,7 +234,7 @@ def register_crypt_handler_path(name, path):
+
+ # store location
+ _locations[name] = path
+- logging.debug("registered path to %r handler: %r", name, path)
++ logging.getLogger(__name__).debug("registered path to %r handler: %r", name, path)
+
+
+ def register_crypt_handler(handler, force=False, _attr=None):
+@@ -278,10 +278,10 @@ def register_crypt_handler(handler, force=False, _attr
+ other = _handlers.get(name)
+ if other:
+ if other is handler:
+- logging.debug("same %r handler already registered: %r", name, handler)
++ logging.getLogger(__name__).debug("same %r handler already registered: %r", name, handler)
+ return
+ if force:
+- logging.warning(
++ logging.getLogger(__name__).warning(
+ "overriding previously registered %r handler: %r", name, other
+ )
+ else:
+@@ -291,7 +291,7 @@ def register_crypt_handler(handler, force=False, _attr
+
+ # register handler
+ _handlers[name] = handler
+- logging.debug("registered %r handler: %r", name, handler)
++ logging.getLogger(__name__).debug("registered %r handler: %r", name, handler)
+
+
+ def get_crypt_handler(name, default=_UNSET):
--
wbr, Kirill
No comments:
Post a Comment