view MoinMoin/version.py @ 5910:7e7e1cbb9d3f

security: fix remote code execution vulnerability in twikidraw/anywikidraw actions We have wikiutil.taintfilename() to make user supplied filenames safe, so that they can't contain any "special" characters like path separators, etc. It is used at many places in moin, but wasn't used here. :|
author Thomas Waldmann <tw AT waldmann-edv DOT de>
date Sat, 29 Dec 2012 15:05:29 +0100
parents 9c7968c832a4
children 86614c2358ff
line wrap: on
line source
#!/usr/bin/env python
# -*- coding: iso-8859-1 -*-
"""
    MoinMoin - Version Information

    @copyright: 2000-2006 Juergen Hermann <jh@web.de>,
                2003-2012 MoinMoin:ThomasWaldmann
    @license: GNU GPL, see COPYING for details.
"""
import sys

try:
    from MoinMoin.patchlevel import patchlevel
except:
    patchlevel = 'release'

project = "MoinMoin"
release = '1.9.6'
release_short = '196' # used for url_prefix_static
revision = patchlevel

def update():
    """ update the version information in package init """
    fname = 'MoinMoin/__init__.py'
    f = file(fname)
    lines = f.readlines()
    f.close()
    f = file(fname, "w")
    version_pattern = "%s Version " % project
    version_string = version_pattern + "%s %s" % (release, revision)
    for line in lines:
        if version_pattern in line:
            f.write("%s\n" % version_string)
        else:
            f.write(line)
    f.close()

if __name__ == '__main__':
    if len(sys.argv) > 1 and sys.argv[1] == "update":
        update()
    else:
        print project, release, revision