Skip to content

python3Packages.xmlschema: 4.1.0 -> 4.2.0#452743

Merged
dotlambda merged 2 commits intoNixOS:masterfrom
r-ryantm:auto-update/python3Packages.xmlschema
Nov 11, 2025
Merged

python3Packages.xmlschema: 4.1.0 -> 4.2.0#452743
dotlambda merged 2 commits intoNixOS:masterfrom
r-ryantm:auto-update/python3Packages.xmlschema

Conversation

@r-ryantm
Copy link
Copy Markdown
Contributor

@r-ryantm r-ryantm commented Oct 16, 2025

Automatic update generated by nixpkgs-update tools. This update was made based on information from passthru.updateScript.

meta.description for python3Packages.xmlschema is: XML Schema validator and data conversion library for Python

meta.homepage for python3Packages.xmlschema is: https://github.com/sissaschool/xmlschema

meta.changelog for python3Packages.xmlschema is: https://github.com/sissaschool/xmlschema/blob/v4.2.0/CHANGELOG.rst

Updates performed
  • Ran passthru.UpdateScript
To inspect upstream changes
Impact

Checks done

  • built on NixOS
  • The tests defined in passthru.tests, if any, passed
  • found 4.2.0 with grep in /nix/store/g4jbnchryx98r9dghz9l77yz9jgpqxyi-python3.13-xmlschema-4.2.0
  • found 4.2.0 in filename of file in /nix/store/g4jbnchryx98r9dghz9l77yz9jgpqxyi-python3.13-xmlschema-4.2.0
Rebuild report (if merged into master) (click to expand) 
60 total rebuild path(s)

60 package rebuild(s)

First fifty rebuilds by attrpath

banking
cve-bin-tool
cynthion
freecad
freecad-qt6
freecad-wayland
glasgow
home-assistant-component-tests.fints
matrix-synapse
matrix-synapse-plugins.matrix-synapse-ldap3
matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
matrix-synapse-plugins.matrix-synapse-s3-storage-provider
matrix-synapse-plugins.matrix-synapse-shared-secret-auth
matrix-synapse-plugins.synapse-http-antispam
matrix-synapse-unwrapped
pkgsRocm.freecad
pretix
pretix-banktool
python312Packages.amaranth
python312Packages.amaranth-boards
python312Packages.amaranth-soc
python312Packages.cynthion
python312Packages.djangosaml2
python312Packages.fints
python312Packages.ifcopenshell
python312Packages.lib4sbom
python312Packages.lib4vex
python312Packages.luna-soc
python312Packages.luna-usb
python312Packages.pysaml2
python312Packages.reqif
python312Packages.sbom2dot
python312Packages.sbom4files
python312Packages.sepaxml
python312Packages.xmlschema
python313Packages.amaranth
python313Packages.amaranth-boards
python313Packages.amaranth-soc
python313Packages.cynthion
python313Packages.djangosaml2
python313Packages.fints
python313Packages.ifcopenshell
python313Packages.lib4sbom
python313Packages.lib4vex
python313Packages.luna-soc
python313Packages.luna-usb
python313Packages.pysaml2
python313Packages.reqif
python313Packages.sbom2dot
Instructions to test this update (click to expand)

Either download from the cache:

nix-store -r /nix/store/g4jbnchryx98r9dghz9l77yz9jgpqxyi-python3.13-xmlschema-4.2.0 \
  --option binary-caches 'https://cache.nixos.org/ https://nixpkgs-update-cache.nix-community.org/' \
  --option trusted-public-keys '
  nixpkgs-update-cache.nix-community.org-1:U8d6wiQecHUPJFSqHN9GSSmNkmdiFW7GW7WNAnHW0SM=
  cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
  '

(The nixpkgs-update cache is only trusted for this store-path realization.)
For the cached download to work, your user must be in the trusted-users list or you can use sudo since root is effectively trusted.

Or, build yourself:

nix-build -A python3Packages.xmlschema https://github.com/r-ryantm/nixpkgs/archive/d44056ae07c72ed1b68f3af1709d38193ea3de06.tar.gz

Or:

nix build github:r-ryantm/nixpkgs/d44056ae07c72ed1b68f3af1709d38193ea3de06#python3Packages.xmlschema

After you've downloaded or built it, look at the files and if there are any, run the binaries:

ls -la /nix/store/g4jbnchryx98r9dghz9l77yz9jgpqxyi-python3.13-xmlschema-4.2.0
ls -la /nix/store/g4jbnchryx98r9dghz9l77yz9jgpqxyi-python3.13-xmlschema-4.2.0/bin

Pre-merge build results

We have automatically built all packages that will get rebuilt due to
this change.

This gives evidence on whether the upgrade will break dependent packages.
Note sometimes packages show up as failed to build independent of the
change, simply because they are already broken on the target branch.

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review --extra-nixpkgs-config '{ allowBroken = false; }'
Commit: d44056ae07c72ed1b68f3af1709d38193ea3de06

x86_64-linux

❌ 48 packages failed to build:
  • cynthion (python313Packages.cynthion)
  • cynthion.dist (python313Packages.cynthion.dist)
  • glasgow
  • glasgow.dist
  • matrix-synapse
  • matrix-synapse-plugins.matrix-synapse-ldap3
  • matrix-synapse-plugins.matrix-synapse-ldap3.dist
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam.dist
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider.dist
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth.dist
  • matrix-synapse-plugins.synapse-http-antispam
  • matrix-synapse-plugins.synapse-http-antispam.dist
  • matrix-synapse-unwrapped
  • matrix-synapse-unwrapped.dist
  • python312Packages.amaranth
  • python312Packages.amaranth-boards
  • python312Packages.amaranth-boards.dist
  • python312Packages.amaranth-soc
  • python312Packages.amaranth-soc.dist
  • python312Packages.amaranth.dist
  • python312Packages.cynthion
  • python312Packages.cynthion.dist
  • python312Packages.djangosaml2
  • python312Packages.djangosaml2.dist
  • python312Packages.luna-soc
  • python312Packages.luna-soc.dist
  • python312Packages.luna-usb
  • python312Packages.luna-usb.dist
  • python312Packages.pysaml2
  • python312Packages.pysaml2.dist
  • python313Packages.amaranth
  • python313Packages.amaranth-boards
  • python313Packages.amaranth-boards.dist
  • python313Packages.amaranth-soc
  • python313Packages.amaranth-soc.dist
  • python313Packages.amaranth.dist
  • python313Packages.djangosaml2
  • python313Packages.djangosaml2.dist
  • python313Packages.luna-soc
  • python313Packages.luna-soc.dist
  • python313Packages.luna-usb
  • python313Packages.luna-usb.dist
  • python313Packages.pysaml2
  • python313Packages.pysaml2.dist
  • sby
✅ 49 packages built:
  • cve-bin-tool
  • cve-bin-tool.dist
  • freecad
  • home-assistant-component-tests.fints
  • pretix
  • pretix-banktool
  • pretix-banktool.dist
  • pretix.dist
  • python312Packages.fints
  • python312Packages.fints.dist
  • python312Packages.ifcopenshell
  • python312Packages.lib4sbom
  • python312Packages.lib4sbom.dist
  • python312Packages.lib4vex
  • python312Packages.lib4vex.dist
  • python312Packages.reqif
  • python312Packages.reqif.dist
  • python312Packages.sbom2dot
  • python312Packages.sbom2dot.dist
  • python312Packages.sbom4files
  • python312Packages.sbom4files.dist
  • python312Packages.sepaxml
  • python312Packages.sepaxml.dist
  • python312Packages.xmlschema
  • python312Packages.xmlschema.dist
  • python313Packages.fints
  • python313Packages.fints.dist
  • python313Packages.ifcopenshell
  • python313Packages.lib4sbom
  • python313Packages.lib4sbom.dist
  • python313Packages.lib4vex
  • python313Packages.lib4vex.dist
  • python313Packages.reqif
  • python313Packages.reqif.dist
  • sbom2dot (python313Packages.sbom2dot)
  • sbom2dot.dist (python313Packages.sbom2dot.dist)
  • python313Packages.sbom4files
  • python313Packages.sbom4files.dist
  • python313Packages.sepaxml
  • python313Packages.sepaxml.dist
  • python313Packages.xmlschema
  • python313Packages.xmlschema.dist
  • saldo
  • sbom4files
  • sbom4files.dist
  • sbom4python
  • sbom4python.dist
  • strictdoc
  • strictdoc.dist
Maintainer pings

Tip

As a maintainer, if your package is located under pkgs/by-name/*, you can comment @NixOS/nixpkgs-merge-bot merge to automatically merge this update using the nixpkgs-merge-bot.

Add a 👍 reaction to pull requests you find important.

@nixpkgs-ci nixpkgs-ci bot added 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux. 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 6.topic: python Python is a high-level, general-purpose programming language. 9.needs: reviewer This PR currently has no reviewers requested and needs attention. labels Oct 16, 2025
@dotlambda
Copy link
Copy Markdown
Member

dotlambda commented Nov 9, 2025

@melvyn2 @sumnerevans @Ma27 @fadenb @mguentner @D4ndellion @NickCao @teutat3s You maintain the two packages that depend on pysaml2 (djangosml2 and matrix-synapse). Eventually xmlschema will have to be updated which breaks pysaml2 and thus your package. Please find a solution.
Note that updating pysaml2 to the latest version (as is done in #459972) does not help.

@dotlambda dotlambda added the 1.severity: security Issues which raise a security issue, or PRs that fix one label Nov 9, 2025
@dotlambda
Copy link
Copy Markdown
Member

dotlambda commented Nov 9, 2025

In fact, this release adds protections against DoS (MAX_SCHEMA_SOURCES, MAX_XML_ELEMENTS, MAX_XML_DEPTH) so I'd consider it as fixing a vulnerability and this PR should be merged soon.

@dotlambda
Copy link
Copy Markdown
Member

dotlambda commented Nov 9, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 452743
Commit: d44056ae07c72ed1b68f3af1709d38193ea3de06

x86_64-linux

❌ 21 packages failed to build:
  • matrix-synapse
  • matrix-synapse-plugins.matrix-synapse-ldap3
  • matrix-synapse-plugins.matrix-synapse-ldap3.dist
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam.dist
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider.dist
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth.dist
  • matrix-synapse-plugins.synapse-http-antispam
  • matrix-synapse-plugins.synapse-http-antispam.dist
  • matrix-synapse-unwrapped
  • matrix-synapse-unwrapped.dist
  • python312Packages.djangosaml2
  • python312Packages.djangosaml2.dist
  • python312Packages.pysaml2
  • python312Packages.pysaml2.dist
  • python313Packages.djangosaml2
  • python313Packages.djangosaml2.dist
  • python313Packages.pysaml2
  • python313Packages.pysaml2.dist
✅ 77 packages built:
  • cve-bin-tool
  • cve-bin-tool.dist
  • cynthion (python313Packages.cynthion)
  • cynthion.dist (python313Packages.cynthion.dist)
  • freecad
  • glasgow
  • glasgow.dist
  • home-assistant-component-tests.fints
  • pretix
  • pretix-banktool
  • pretix-banktool.dist
  • pretix.dist
  • python312Packages.amaranth
  • python312Packages.amaranth-boards
  • python312Packages.amaranth-boards.dist
  • python312Packages.amaranth-soc
  • python312Packages.amaranth-soc.dist
  • python312Packages.amaranth.dist
  • python312Packages.cynthion
  • python312Packages.cynthion.dist
  • python312Packages.fints
  • python312Packages.fints.dist
  • python312Packages.ifcopenshell
  • python312Packages.lib4sbom
  • python312Packages.lib4sbom.dist
  • python312Packages.lib4vex
  • python312Packages.lib4vex.dist
  • python312Packages.luna-soc
  • python312Packages.luna-soc.dist
  • python312Packages.luna-usb
  • python312Packages.luna-usb.dist
  • python312Packages.reqif
  • python312Packages.reqif.dist
  • python312Packages.sbom2dot
  • python312Packages.sbom2dot.dist
  • python312Packages.sbom4files
  • python312Packages.sbom4files.dist
  • python312Packages.sepaxml
  • python312Packages.sepaxml.dist
  • python312Packages.xmlschema
  • python312Packages.xmlschema.dist
  • python313Packages.amaranth
  • python313Packages.amaranth-boards
  • python313Packages.amaranth-boards.dist
  • python313Packages.amaranth-soc
  • python313Packages.amaranth-soc.dist
  • python313Packages.amaranth.dist
  • python313Packages.fints
  • python313Packages.fints.dist
  • python313Packages.ifcopenshell
  • python313Packages.lib4sbom
  • python313Packages.lib4sbom.dist
  • python313Packages.lib4vex
  • python313Packages.lib4vex.dist
  • python313Packages.luna-soc
  • python313Packages.luna-soc.dist
  • python313Packages.luna-usb
  • python313Packages.luna-usb.dist
  • python313Packages.reqif
  • python313Packages.reqif.dist
  • sbom2dot (python313Packages.sbom2dot)
  • sbom2dot.dist (python313Packages.sbom2dot.dist)
  • python313Packages.sbom4files
  • python313Packages.sbom4files.dist
  • python313Packages.sepaxml
  • python313Packages.sepaxml.dist
  • python313Packages.xmlschema
  • python313Packages.xmlschema.dist
  • saldo
  • sbom4files
  • sbom4files.dist
  • sbom4python
  • sbom4python.dist
  • sby
  • strictdoc
  • strictdoc.dist
  • tests.pkgs-lib
Error logs: `x86_64-linux`
python312Packages.pysaml2 
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[metasp.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/metasp.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/metasp.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[pdp_meta.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/pdp_meta.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/pdp_meta.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[servera.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/servera.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/servera.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/sp.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/sp.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp_slo_redirect.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/sp_slo_redirect.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/sp_slo_redirect.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[urn-mace-swami.se-swamid-test-1.0-metadata.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[uu.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/uu.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/uu.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[vo_metadata.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/vo_metadata.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/vo_metadata.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[attribute_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/attribute_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/attribute_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[okta_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/okta_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/okta_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[simplesamlphp_authnresponse.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/simplesamlphp_authnresponse.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/simplesamlphp_authnresponse.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml2_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml2_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml2_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_false_signed.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_false_signed.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_false_signed.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_hok.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_hok.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok_invalid.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_hok_invalid.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_hok_invalid.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_signed.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_signed.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_signed.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_unsigned.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_unsigned.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_unsigned.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_partial_doc[encrypted_attribute_statement.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/encrypted_attribute_statement.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/encrypted_attribute_statement.xml'}
FAILED tests/test_schema_validator.py::test_valid_eidas_saml_response_doc[eidas_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/eidas_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/eidas_response.xml'}
= 42 failed, 734 passed, 5 skipped, 5 deselected, 616 warnings in 643.50s (0:10:43) =
python313Packages.pysaml2 
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[metasp.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/metasp.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/metasp.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[pdp_meta.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/pdp_meta.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/pdp_meta.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[servera.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/servera.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/servera.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/sp.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/sp.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[sp_slo_redirect.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/sp_slo_redirect.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/sp_slo_redirect.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[urn-mace-swami.se-swamid-test-1.0-metadata.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/urn-mace-swami.se-swamid-test-1.0-metadata.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[uu.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/uu.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/uu.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_metadata_doc[vo_metadata.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/vo_metadata.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/vo_metadata.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[attribute_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/attribute_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/attribute_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[okta_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/okta_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/okta_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[simplesamlphp_authnresponse.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/simplesamlphp_authnresponse.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/simplesamlphp_authnresponse.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml2_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml2_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml2_response.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_false_signed.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_false_signed.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_false_signed.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_hok.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_hok.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_hok_invalid.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_hok_invalid.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_hok_invalid.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_signed.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_signed.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_signed.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_response_doc[saml_unsigned.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/saml_unsigned.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/saml_unsigned.xml'}
FAILED tests/test_schema_validator.py::test_valid_saml_partial_doc[encrypted_attribute_statement.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/encrypted_attribute_statement.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/encrypted_attribute_statement.xml'}
FAILED tests/test_schema_validator.py::test_valid_eidas_saml_response_doc[eidas_response.xml] - saml2.xml.schema.XMLSchemaError: {'doc': '/build/source/tests/eidas_response.xml', 'error': 'block access to out of sandbox file file:///build/source/tests/eidas_response.xml'}
= 42 failed, 734 passed, 5 skipped, 5 deselected, 616 warnings in 174.26s (0:02:54) =

@melvyn2
Copy link
Copy Markdown
Contributor

melvyn2 commented Nov 10, 2025

djangosaml2 is not used by any other package so it should be somewhat safe to mark pysaml2 as broken and wait for a solution, for what involves me. I originally added it for seafile-server which has been removed.

@teutat3s
Copy link
Copy Markdown
Member

teutat3s commented Nov 10, 2025

It looks like upstream is at least aware of the issue IdentityPython/pysaml2#947.

@dotlambda
python3Packages.pysaml2: mark broken
ea9c00b 
It is incompatible with our version of xmlschema.
@dotlambda dotlambda assigned dotlambda and unassigned dotlambda Nov 11, 2025
@dotlambda
Copy link
Copy Markdown
Member

dotlambda commented Nov 11, 2025

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review pr 452743
Commit: ea9c00b162c441f9ab41f004a1ddc82b5c5c2002

x86_64-linux

❌ 3 packages failed to build:
  • freecad
  • python312Packages.ifcopenshell
  • python313Packages.ifcopenshell
✅ 86 packages built:
  • cve-bin-tool
  • cve-bin-tool.dist
  • cynthion (python313Packages.cynthion)
  • cynthion.dist (python313Packages.cynthion.dist)
  • glasgow
  • glasgow.dist
  • home-assistant-component-tests.fints
  • matrix-synapse
  • matrix-synapse-plugins.matrix-synapse-ldap3
  • matrix-synapse-plugins.matrix-synapse-ldap3.dist
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam
  • matrix-synapse-plugins.matrix-synapse-mjolnir-antispam.dist
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider
  • matrix-synapse-plugins.matrix-synapse-s3-storage-provider.dist
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth
  • matrix-synapse-plugins.matrix-synapse-shared-secret-auth.dist
  • matrix-synapse-plugins.synapse-http-antispam
  • matrix-synapse-plugins.synapse-http-antispam.dist
  • matrix-synapse-unwrapped
  • matrix-synapse-unwrapped.dist
  • pretix
  • pretix-banktool
  • pretix-banktool.dist
  • pretix.dist
  • python312Packages.amaranth
  • python312Packages.amaranth-boards
  • python312Packages.amaranth-boards.dist
  • python312Packages.amaranth-soc
  • python312Packages.amaranth-soc.dist
  • python312Packages.amaranth.dist
  • python312Packages.cynthion
  • python312Packages.cynthion.dist
  • python312Packages.fints
  • python312Packages.fints.dist
  • python312Packages.lib4sbom
  • python312Packages.lib4sbom.dist
  • python312Packages.lib4vex
  • python312Packages.lib4vex.dist
  • python312Packages.luna-soc
  • python312Packages.luna-soc.dist
  • python312Packages.luna-usb
  • python312Packages.luna-usb.dist
  • python312Packages.reqif
  • python312Packages.reqif.dist
  • python312Packages.sbom2dot
  • python312Packages.sbom2dot.dist
  • python312Packages.sbom4files
  • python312Packages.sbom4files.dist
  • python312Packages.sepaxml
  • python312Packages.sepaxml.dist
  • python312Packages.xmlschema
  • python312Packages.xmlschema.dist
  • python313Packages.amaranth
  • python313Packages.amaranth-boards
  • python313Packages.amaranth-boards.dist
  • python313Packages.amaranth-soc
  • python313Packages.amaranth-soc.dist
  • python313Packages.amaranth.dist
  • python313Packages.fints
  • python313Packages.fints.dist
  • python313Packages.lib4sbom
  • python313Packages.lib4sbom.dist
  • python313Packages.lib4vex
  • python313Packages.lib4vex.dist
  • python313Packages.luna-soc
  • python313Packages.luna-soc.dist
  • python313Packages.luna-usb
  • python313Packages.luna-usb.dist
  • python313Packages.reqif
  • python313Packages.reqif.dist
  • sbom2dot (python313Packages.sbom2dot)
  • sbom2dot.dist (python313Packages.sbom2dot.dist)
  • python313Packages.sbom4files
  • python313Packages.sbom4files.dist
  • python313Packages.sepaxml
  • python313Packages.sepaxml.dist
  • python313Packages.xmlschema
  • python313Packages.xmlschema.dist
  • saldo
  • sbom4files
  • sbom4files.dist
  • sbom4python
  • sbom4python.dist
  • sby
  • strictdoc
  • strictdoc.dist
Error logs: `x86_64-linux`
python312Packages.ifcopenshell 
compilation terminated.
make[2]: *** [CMakeFiles/geometry_kernel_cgal.dir/build.make:93: CMakeFiles/geometry_kernel_cgal.dir/build/source/src/ifcgeom/kernels/cgal/CgalKernel.cpp.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:596: CMakeFiles/geometry_kernel_cgal.dir/all] Error 2
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x2.cpp.o
g++: fatal error: Killed signal terminated program cc1plus
compilation terminated.
make[2]: *** [CMakeFiles/geometry_kernel_cgal_simple.dir/build.make:79: CMakeFiles/geometry_kernel_cgal_simple.dir/build/source/src/ifcgeom/kernels/cgal/CgalConversionResult.cpp.o] Error 1
make[1]: *** [CMakeFiles/Makefile2:628: CMakeFiles/geometry_kernel_cgal_simple.dir/all] Error 2
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x2-schema.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3-schema.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_tc1.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_tc1-schema.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add1.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add1-schema.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add2.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add2-schema.cpp.o
[  8%] Linking CXX shared library libIfcParse.so
[  8%] Built target IfcParse
make: *** [Makefile:156: all] Error 2
python313Packages.ifcopenshell 
make[1]: *** [CMakeFiles/Makefile2:596: CMakeFiles/geometry_kernel_cgal.dir/all] Error 2
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x1-schema.cpp.o
g++: fatal error: Killed signal terminated program cc1plus
compilation terminated.
make[2]: *** [CMakeFiles/geometry_kernel_cgal_simple.dir/build.make:93: CMakeFiles/geometry_kernel_cgal_simple.dir/build/source/src/ifcgeom/kernels/cgal/CgalKernel.cpp.o] Error 1
make[2]: *** Waiting for unfinished jobs....
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x2.cpp.o
make[1]: *** [CMakeFiles/Makefile2:628: CMakeFiles/geometry_kernel_cgal_simple.dir/all] Error 2
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x2-schema.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3-schema.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_tc1.cpp.o
[  7%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_tc1-schema.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add1.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add1-schema.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add2.cpp.o
[  8%] Building CXX object CMakeFiles/IfcParse.dir/build/source/src/ifcparse/Ifc4x3_add2-schema.cpp.o
[  8%] Linking CXX shared library libIfcParse.so
[  8%] Built target IfcParse
make: *** [Makefile:156: all] Error 2

@dotlambda dotlambda added this pull request to the merge queue Nov 11, 2025
Merged via the queue into NixOS:master with commit c41f4f8 Nov 11, 2025
25 of 29 checks passed
@nixpkgs-ci
Copy link
Copy Markdown
Contributor

nixpkgs-ci bot commented Nov 11, 2025

Backport failed for release-25.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-25.05
git worktree add -d .worktree/backport-452743-to-release-25.05 origin/release-25.05
cd .worktree/backport-452743-to-release-25.05
git switch --create backport-452743-to-release-25.05
git cherry-pick -x d44056ae07c72ed1b68f3af1709d38193ea3de06 ea9c00b162c441f9ab41f004a1ddc82b5c5c2002

hatch01 pushed a commit to hatch01/nixpkgs that referenced this pull request Nov 11, 2025
@dotlambda @hatch01
python3Packages.xmlschema: 4.1.0 -> 4.2.0 (NixOS#452743)
4ab307f
@r-ryantm r-ryantm deleted the auto-update/python3Packages.xmlschema branch November 12, 2025 00:32
@dotlambda dotlambda mentioned this pull request Dec 11, 2025
Open
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 6.topic: python Python is a high-level, general-purpose programming language. 9.needs: reviewer This PR currently has no reviewers requested and needs attention. 10.rebuild-darwin: 11-100 This PR causes between 11 and 100 packages to rebuild on Darwin. 10.rebuild-linux: 11-100 This PR causes between 11 and 100 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@r-ryantm @dotlambda @melvyn2 @teutat3s