easy-thumbnails icon indicating copy to clipboard operation
easy-thumbnails copied to clipboard

add support for Django 4.2 storages

Open PetrDlouhy opened this issue 2 years ago • 1 comments

Fix for #625 and #616 Will need to be polished and tested.

PetrDlouhy avatar Nov 16 '23 15:11 PetrDlouhy

Django 5.1 is up for release this August, how can I help to get this merged?

anderspetersson avatar Mar 23 '24 09:03 anderspetersson

I have rewritten this and added Django 5.1 (pre-release) to the testing. Now all tests are passing on my repo: https://github.com/PetrDlouhy/easy-thumbnails/actions/runs/9267240401

The testing update PR #632 is part of this PR, so preferably pull that one first. @jrief @SmileyChris Would you please look at this?

PetrDlouhy avatar May 28 '24 10:05 PetrDlouhy

Yeah, this would be really helpful!

fsbraun avatar Jul 10 '24 14:07 fsbraun

@PetrDlouhy any idea why test py39-django42-svgfails?

jrief avatar Jul 25 '24 07:07 jrief

@jrief Looking into it. Seems something changed, probably in setuptools that broke easy_thumbnails/version_utils.py.

PetrDlouhy avatar Jul 25 '24 09:07 PetrDlouhy

@jrief Looks like I was looking at the wrong error. The KeyError: 0 is caused by commit https://github.com/SmileyChris/easy-thumbnails/commit/fe51af8ba91511b9eed1882aa599b97c398dc5ac which changes number of version parameters.

Now I will look into the SuspiciousFileOperation errors.

PetrDlouhy avatar Jul 25 '24 09:07 PetrDlouhy

@jrief The SuspiciousFileOperation is caused by security fix in Django 4.2.14 release: https://docs.djangoproject.com/en/5.0/releases/4.2.14/

I will try to figure out how to get around that, probably we would need to change the TemporaryStorage somehow.

PetrDlouhy avatar Jul 25 '24 10:07 PetrDlouhy

I didn't find out how to resolve it. I will return to this, but do you have any idea, @jrief?

PetrDlouhy avatar Jul 25 '24 15:07 PetrDlouhy

@jrief After I spent some time investigating this I realized, that there is already a fix for this issue: https://github.com/SmileyChris/easy-thumbnails/pull/634

I taught, that the change breaks only tests, but it breaks all easy-thumbnail usage with FileSystemStorage and newest Django versions.

PetrDlouhy avatar Jul 26 '24 07:07 PetrDlouhy

That unfortunately didn't solve the problem either.

Btw., for simplicity I prefer to not use tox. With Github actions it is very easy to setup a testing matrix and tox just adds another level of complexity. Therefore I removed tox from all of my projects. What do you think?

jrief avatar Jul 26 '24 07:07 jrief

I don't think, that tox the problem here.

One problem is the commit https://github.com/SmileyChris/easy-thumbnails/commit/fe51af8ba91511b9eed1882aa599b97c398dc5ac changing number of parameters in the VERSION string, as I have already written.

The second problem is, that there are probably more places, where the CVE-2024-39330 fix is exposing problems in easy-thumbnails code, as I have written on #634. I will try to investigate further.

You are the maintainer, so if you want to remove tox, do it. For me the benefits are, that it is easier to run the tests locally. In projects, where the tox configuration present, I think it is reasonable to use it also for GitHub testing, because it gives more coherent results as in local tests and also it ensures the tox.ini is always updated.

PetrDlouhy avatar Jul 26 '24 08:07 PetrDlouhy