RestrictedPython 7.0a1.dev1__tar.gz → 7.1__tar.gz

RestrictedPython-7.1/.readthedocs.yaml

@@ -0,0 +1,25 @@
+# Generated from:
+# https://github.com/zopefoundation/meta/tree/master/config/pure-python
+# Read the Docs configuration file
+# See https://docs.readthedocs.io/en/stable/config-file/v2.html for details
+
+# Required
+version: 2
+
+# Set the version of Python and other tools you might need
+build:
+  os: ubuntu-22.04
+  tools:
+    python: "3.11"
+
+# Build documentation in the docs/ directory with Sphinx
+sphinx:
+  configuration: docs/conf.py
+
+# We recommend specifying your dependencies to enable reproducible builds:
+# https://docs.readthedocs.io/en/stable/guides/reproducible-builds.html
+python:
+  install:
+  - requirements: docs/requirements.txt
+  - method: pip
+    path: .

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/CHANGES.rst

@@ -1,8 +1,14 @@
 Changes
 =======
 
-7.0a1.dev1 (2023-09-06)
------------------------
+7.1 (2024-03-14)
+----------------
+
+- Add support for the matmul (``@``) operator.
+
+
+7.0 (2023-11-17)
+----------------
 
 Backwards incompatible changes
 ++++++++++++++++++++++++++++++
@@ -12,8 +18,7 @@ Backwards incompatible changes
 Features
 ++++++++
 
-- Allow to use the package with Python 3.12 -- Caution: No security audit has
-  been done so far.
+- Officially support Python 3.12.
 
 Fixes
 +++++
@@ -23,8 +28,7 @@ Fixes
 - Forbid using some attributes providing access to restricted Python internals.
   (CVE-2023-37271)
 
-- Fix information disclosure problems through
-  Python's "format" functionality
+- Fix information disclosure problems through Python's "format" functionality
   (``format`` and ``format_map`` methods on ``str`` and its instances,
   ``string.Formatter``). (CVE-2023-41039)
 

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/MANIFEST.in

@@ -12,6 +12,7 @@ recursive-include docs *.txt
 recursive-include docs Makefile
 
 recursive-include src *.py
+include *.yaml
 recursive-include docs *.ast
 recursive-include docs *.bat
 recursive-include docs *.jpg

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: RestrictedPython
-Version: 7.0a1.dev1
+Version: 7.1
 Summary: RestrictedPython is a defined subset of the Python language which allows to provide a program input into a trusted environment.
 Home-page: https://github.com/zopefoundation/RestrictedPython
 Author: Zope Foundation and Contributors
@@ -20,13 +20,18 @@ Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Topic :: Security
 Requires-Python: >=3.7, <3.13
 Description-Content-Type: text/x-rst
+License-File: LICENSE.txt
 Provides-Extra: test
+Requires-Dist: pytest; extra == "test"
+Requires-Dist: pytest-mock; extra == "test"
 Provides-Extra: docs
-License-File: LICENSE.txt
+Requires-Dist: Sphinx; extra == "docs"
+Requires-Dist: sphinx_rtd_theme; extra == "docs"
 
 .. image:: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml/badge.svg
     :target: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml
@@ -119,8 +124,14 @@ the documentation `Contributing page
 Changes
 =======
 
-7.0a1.dev1 (2023-09-06)
------------------------
+7.1 (2024-03-14)
+----------------
+
+- Add support for the matmul (``@``) operator.
+
+
+7.0 (2023-11-17)
+----------------
 
 Backwards incompatible changes
 ++++++++++++++++++++++++++++++
@@ -130,8 +141,7 @@ Backwards incompatible changes
 Features
 ++++++++
 
-- Allow to use the package with Python 3.12 -- Caution: No security audit has
-  been done so far.
+- Officially support Python 3.12.
 
 Fixes
 +++++
@@ -141,8 +151,7 @@ Fixes
 - Forbid using some attributes providing access to restricted Python internals.
   (CVE-2023-37271)
 
-- Fix information disclosure problems through
-  Python's "format" functionality
+- Fix information disclosure problems through Python's "format" functionality
   (``format`` and ``format_map`` methods on ``str`` and its instances,
   ``string.Formatter``). (CVE-2023-41039)
 

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/docs/conf.py

@@ -47,7 +47,7 @@ master_doc = 'index'
 
 # General information about the project.
 project = 'RestrictedPython'
-copyright = '2017-2022, Zope Foundation and Contributors'
+copyright = '2017-2023, Zope Foundation and Contributors'
 author = 'The Zope & Plone developer community'
 
 # The version info for the project you're documenting, acts as replacement for
@@ -55,9 +55,9 @@ author = 'The Zope & Plone developer community'
 # built documents.
 #
 # The short X.Y version.
-version = '5.0'
+version = '7.0'
 # The full version, including alpha/beta/rc tags.
-release = '5.0'
+release = '7.0'
 
 # The language for content autogenerated by Sphinx. Refer to documentation
 # for a list of supported languages.
@@ -123,7 +123,7 @@ todo_emit_warnings = True
 
 # The theme to use for HTML and HTML Help pages.  See the documentation for
 # a list of builtin themes.
-html_theme = 'sphinx_rtd_theme'
+html_theme = 'default'
 
 # Theme options are theme-specific and customize the look and feel of a theme
 # further.  For a list of options available for each theme, see the
@@ -217,7 +217,7 @@ html_theme = 'sphinx_rtd_theme'
 # html_search_scorer = 'scorer.js'
 
 # Output file base name for HTML help builder.
-htmlhelp_basename = 'RestrictedPythondoc'
+htmlhelp_basename = 'RestrictedPython_doc'
 
 # -- Options for LaTeX output ---------------------------------------------
 

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/docs/contributing/ast/python3_12.ast

@@ -14,23 +14,27 @@ module Python version "3.12"
                        stmt* body,
                        expr* decorator_list,
                        expr? returns,
-                       string? type_comment)
+                       string? type_comment,
+                       type_param* type_params)
          | AsyncFunctionDef(identifier name,
                             arguments args,
                             stmt* body,
                             expr* decorator_list,
                             expr? returns,
-                            string? type_comment)
+                            string? type_comment,
+                            type_param* type_params)
 
          | ClassDef(identifier name,
                     expr* bases,
                     keyword* keywords,
                     stmt* body,
-                    expr* decorator_list)
+                    expr* decorator_list,
+                    type_param* type_params)
          | Return(expr? value)
 
          | Delete(expr* targets)
          | Assign(expr* targets, expr value, string? type_comment)
+         | TypeAlias(expr name, type_param* type_params, expr value)
          | AugAssign(expr target, operator op, expr value)
          -- 'simple' indicates that we annotate simple name without parens
          | AnnAssign(expr target, expr annotation, expr? value, int simple)
@@ -182,4 +186,9 @@ module Python version "3.12"
              attributes (int lineno, int col_offset, int end_lineno, int end_col_offset)
 
     type_ignore = TypeIgnore(int lineno, string tag)
+
+    type_param = TypeVar(identifier name, expr? bound)
+               | ParamSpec(identifier name)
+               | TypeVarTuple(identifier name)
+               attributes (int lineno, int col_offset, int end_lineno, int end_col_offset)
 }

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/docs/contributing/index.rst

@@ -91,8 +91,8 @@ To enable a certain functionality in RestrictedPython, do the following:
   * icemac
   * loechel
 
-Differences between different Python versions
----------------------------------------------
+Differences between Python versions
+-----------------------------------
 
 A (modified style) Copy of all Abstract Grammar Definitions for the Python versions does live in this Documentation (ast Subfolder) to help finding difference quicker by comparing files.
 
@@ -152,14 +152,14 @@ The ``ast`` module consists of four areas:
 A ``NodeVisitor`` is a class of a node / AST consumer, it reads the data by stepping through the tree without modifying it.
 In contrast, a ``NodeTransformer`` (which inherits from a ``NodeVisitor``) is allowed to modify the tree and nodes.
 
-Technical decissions on how to implement / maintain RestrictedPython (Design, Structure, Tools, ...)
-++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+Technical decisions on how to implement / maintain RestrictedPython (Design, Structure, Tools, ...)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
 
 RestrictedPython is a core Package of the Zope & Plone Stack.
 Until Version 3.6 RestrictedPython was Python 2 only, and a critical blocker for Zope & Plone.
-With RestrictedPython 4.0 an API compatible rewrite has happend, which supports modern Python Versions.
+With RestrictedPython 4.0 an API compatible rewrite has happened, which supports modern Python Versions.
 
-* Use modern python tool stack for maintainance and tests
+* Use modern python tool stack for maintenance and tests
 
   * tox
   * pytest
@@ -179,7 +179,7 @@ With RestrictedPython 4.0 an API compatible rewrite has happend, which supports
   Resolve discussion about how RestrictedPython should be treat new expressions / ``ast.Nodes``.
   This belongs to :ref:`new_python_version`.
 
-  **Option 1 - reduce maintainance burden (prefered by icemac)**
+  **Option 1 - reduce maintenance burden (preferred by icemac)**
 
 
   All AST Nodes without an explicit ``visit_<AST Node>`` method, are denied by default.
@@ -187,7 +187,7 @@ With RestrictedPython 4.0 an API compatible rewrite has happend, which supports
 
   *This is currently the promoted version.*
 
-  **Option 2 - be as explicite as possible (prefered by loechel)**
+  **Option 2 - be as explicit as possible (preferred by loechel)**
 
   If the new AST Node should be disabled by default, add a ``visit_<AST Node>`` method such as the following:
 
@@ -237,12 +237,12 @@ Technical Backgrounds - Links to External Documentation
 
   * AST Grammar of Python (`Status of Python Versions`_)
 
-    * `Python 3.12 AST`_ (development branch - EOL 2028-10)
-    * `Python 3.11 AST`_ (in bugfix phase - EOL 2027-10)
-    * `Python 3.10 AST`_ (in bugfix phase - EOL 2026-10)
-    * `Python 3.9 AST`_ (in security phase - EOL 2025-10)
-    * `Python 3.8 AST`_ (in security phase - EOL 2024-10)
-    * `Python 3.7 AST`_ (in security phase - EOL 2023-06-27)
+    * `Python 3.12 AST`_ (EOL 2028-10)
+    * `Python 3.11 AST`_ (EOL 2027-10)
+    * `Python 3.10 AST`_ (EOL 2026-10)
+    * `Python 3.9 AST`_ (EOL 2025-10)
+    * `Python 3.8 AST`_ (EOL 2024-10)
+    * `Python 3.7 AST`_ (EOL 2023-06-27)
 
   * `AST NodeVistiors Class`_
   * `AST NodeTransformer Class`_

RestrictedPython-7.1/docs/requirements.txt

@@ -0,0 +1 @@
+Sphinx

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/docs/roadmap/index.rst

@@ -26,11 +26,6 @@ Full code coverage tests.
 
     stephan-hof did propose a solution, should be discussed and if approved implemented.
 
-RestrictedPython 4.1+
----------------------
-
-Enhance RestrictedPython, declare  deprecations and possible new restrictions.
-
 RestrictedPython 6.0+
 ---------------------
 

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/setup.py

@@ -32,7 +32,7 @@ tests_require = [
 
 setup(
     name='RestrictedPython',
-    version='7.0a1.dev1',
+    version='7.1',
     url='https://github.com/zopefoundation/RestrictedPython',
     license='ZPL 2.1',
     description=(
@@ -52,6 +52,7 @@ setup(
         'Programming Language :: Python :: 3.9',
         'Programming Language :: Python :: 3.10',
         'Programming Language :: Python :: 3.11',
+        'Programming Language :: Python :: 3.12',
         'Programming Language :: Python :: Implementation :: CPython',
         'Topic :: Security',
     ],

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/src/RestrictedPython/transformer.py

@@ -768,8 +768,8 @@ class RestrictingNodeTransformer(ast.NodeTransformer):
         return self.node_contents_visit(node)
 
     def visit_MatMult(self, node):
-        """Matrix multiplication (`@`) is currently not allowed."""
-        self.not_allowed(node)
+        """Allow multiplication (`@`)."""
+        return self.node_contents_visit(node)
 
     def visit_BoolOp(self, node):
         """Allow bool operator without restrictions."""

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/src/RestrictedPython.egg-info/PKG-INFO

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: RestrictedPython
-Version: 7.0a1.dev1
+Version: 7.1
 Summary: RestrictedPython is a defined subset of the Python language which allows to provide a program input into a trusted environment.
 Home-page: https://github.com/zopefoundation/RestrictedPython
 Author: Zope Foundation and Contributors
@@ -20,13 +20,18 @@ Classifier: Programming Language :: Python :: 3.8
 Classifier: Programming Language :: Python :: 3.9
 Classifier: Programming Language :: Python :: 3.10
 Classifier: Programming Language :: Python :: 3.11
+Classifier: Programming Language :: Python :: 3.12
 Classifier: Programming Language :: Python :: Implementation :: CPython
 Classifier: Topic :: Security
 Requires-Python: >=3.7, <3.13
 Description-Content-Type: text/x-rst
+License-File: LICENSE.txt
 Provides-Extra: test
+Requires-Dist: pytest; extra == "test"
+Requires-Dist: pytest-mock; extra == "test"
 Provides-Extra: docs
-License-File: LICENSE.txt
+Requires-Dist: Sphinx; extra == "docs"
+Requires-Dist: sphinx_rtd_theme; extra == "docs"
 
 .. image:: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml/badge.svg
     :target: https://github.com/zopefoundation/RestrictedPython/actions/workflows/tests.yml
@@ -119,8 +124,14 @@ the documentation `Contributing page
 Changes
 =======
 
-7.0a1.dev1 (2023-09-06)
------------------------
+7.1 (2024-03-14)
+----------------
+
+- Add support for the matmul (``@``) operator.
+
+
+7.0 (2023-11-17)
+----------------
 
 Backwards incompatible changes
 ++++++++++++++++++++++++++++++
@@ -130,8 +141,7 @@ Backwards incompatible changes
 Features
 ++++++++
 
-- Allow to use the package with Python 3.12 -- Caution: No security audit has
-  been done so far.
+- Officially support Python 3.12.
 
 Fixes
 +++++
@@ -141,8 +151,7 @@ Fixes
 - Forbid using some attributes providing access to restricted Python internals.
   (CVE-2023-37271)
 
-- Fix information disclosure problems through
-  Python's "format" functionality
+- Fix information disclosure problems through Python's "format" functionality
   (``format`` and ``format_map`` methods on ``str`` and its instances,
   ``string.Formatter``). (CVE-2023-41039)
 

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/src/RestrictedPython.egg-info/SOURCES.txt

@@ -1,3 +1,4 @@
+.readthedocs.yaml
 CHANGES.rst
 CONTRIBUTING.md
 COPYRIGHT.txt
@@ -16,6 +17,7 @@ docs/idea.rst
 docs/index.rst
 docs/logo.jpg
 docs/make.bat
+docs/requirements.txt
 docs/contributing/changes_from310to311.rst
 docs/contributing/changes_from311to312.rst
 docs/contributing/changes_from36to37.rst

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/tests/transformer/operators/test_arithmetic_operators.py

@@ -1,4 +1,3 @@
-from RestrictedPython import compile_restricted_eval
 from tests.helper import restricted_eval
 
 
@@ -33,8 +32,12 @@ def test_FloorDiv():
 
 
 def test_MatMult():
-    result = compile_restricted_eval('(8, 3, 5) @ (2, 7, 1)')
-    assert result.errors == (
-        'Line None: MatMult statements are not allowed.',
-    )
-    assert result.code is None
+    class Vector:
+        def __init__(self, values):
+            self.values = values
+
+        def __matmul__(self, other):
+            return sum(x * y for x, y in zip(self.values, other.values))
+
+    assert restricted_eval(
+        'Vector((8, 3, 5)) @ Vector((2, 7, 1))', {'Vector': Vector}) == 42

{RestrictedPython-7.0a1.dev1 → RestrictedPython-7.1}/tox.ini

@@ -3,6 +3,7 @@
 [tox]
 minversion = 3.18
 envlist =
+    release-check
     lint
     py37
     py38
@@ -10,6 +11,7 @@ envlist =
     py310
     py311
     py312
+    py313
     docs
     coverage
     py39-datetime
@@ -17,7 +19,9 @@ envlist =
 
 [testenv]
 usedevelop = true
-pip_pre = py312: true
+package = wheel
+wheel_build_env = .pkg
+pip_pre = py313: true
 deps =
     datetime: DateTime
     -cconstraints.txt
@@ -25,6 +29,8 @@ deps =
     Sphinx
 setenv =
     COVERAGE_FILE=.coverage.{envname}
+    py312: VIRTUALENV_PIP=23.1.2
+    py312: PIP_REQUIRE_VIRTUALENV=0
 commands =
     python -V
     pytest --cov=src --cov=tests --cov-report= {posargs}
@@ -48,22 +54,32 @@ commands =
     coverage combine
     coverage html
     coverage report -m --fail-under=100
-depends = py37,py38,py39,py39-datetime,py310,py311,py312coverage
-
-[testenv:lint]
+depends = py37,py38,py39,py39-datetime,py310,py311,py312,coverage
+[testenv:release-check]
+description = ensure that the distribution is ready to release
 basepython = python3
 skip_install = true
+deps =
+    twine
+    build
+    check-manifest
+    check-python-versions >= 0.20.0
+    wheel
 commands =
-    isort --check-only --diff {toxinidir}/src {toxinidir}/setup.py {toxinidir}/tests
-    flake8 src setup.py tests
     check-manifest
     check-python-versions
+    python -m build --sdist --no-isolation
+    twine check dist/*
+
+[testenv:lint]
+basepython = python3
+skip_install = true
 deps =
-    check-manifest
-    check-python-versions >= 0.19.1
-    wheel
-    flake8
     isort
+    flake8
+commands =
+    isort --check-only --diff {toxinidir}/src {toxinidir}/setup.py {toxinidir}/tests
+    flake8 src setup.py tests
 
 [testenv:isort-apply]
 basepython = python3