bpo-46811: Make test suite support Expat >=2.4.5 #31453
Merged
+16
−8
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/
|
Thank you for doing this. While I'm not an expert on these tests, your work seems well-thought. |
ambv
reviewed
Feb 21, 2022
| self.assertEqual(e.tag, '{${stuff}}localname') | ||
| t = ET.ElementTree(e) | ||
| self.assertEqual(ET.tostring(e), b'<ns0:localname xmlns:ns0="${stuff}" />') | ||
|
|
There was a problem hiding this comment.
I understand the other changes. For this one, can you explain why this needs to be removed?
There was a problem hiding this comment.
Indeed I have not. I have now. This will sadly be a breaking change. Was the elevated strictness here security-related as well?
There was a problem hiding this comment.
This will sadly be a breaking change.
Could you elaborate? I should note that xmlns has also been about URIs.
Was the elevated strictness here security-related as well?
Yes, please see https://github.com/libexpat/libexpat/pull/561/files#diff-d1bcab18f24ba66b34aeb2e156f7fde58ef3de1a165514b0fccf0d04c26838f8R3758-R3767 . This allowed code execution through Expat in another application.
There was a problem hiding this comment.
Could you elaborate?
While the use was incorrect per spec, clearly parsing what seems to be XML template files was a use case that existed in the wild when BPO-3151 was filed. The curly-brace and dollar sign suggest some ZOPE-related template (or JBOSS, or JavaScript, or the Sun Java System Web Server, etc. etc.). Whatever this usage was, it will now break with expat 2.4.5+
But since this is security-related, there's nothing we can do other than move on.
There was a problem hiding this comment.
But since this is security-related, there's nothing we can do other than move on.
@ambv I notice now that (while Expat doesn't do full validation), moving the namespace separator in ElementTree off current } could make this work longer. A space or a newline would be other options, for instance.
There was a problem hiding this comment.
@ambv it's here:
cpython/Modules/_elementtree.c
Line 3660 in 2cae938
There was a problem hiding this comment.
But that may need a closer look, it could be a breaking change too.
ambv
added
needs backport to 3.7
needs backport to 3.9
|
Sorry @hartwork and @ambv, I had trouble checking out the |
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
|
GH-31469 is a backport of this pull request to the 3.9 branch. |
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
|
GH-31470 is a backport of this pull request to the 3.8 branch. |
miss-islington
pushed a commit
to miss-islington/cpython
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
|
GH-31471 is a backport of this pull request to the 3.7 branch. |
ambv
added
needs backport to 3.10
|
GH-31472 is a backport of this pull request to the 3.10 branch. |
ambv
pushed a commit
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
ambv
pushed a commit
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
ned-deily
pushed a commit
that referenced
this pull request
Feb 21, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
ambv
pushed a commit
that referenced
this pull request
Feb 22, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
naveen521kk
pushed a commit
to naveen521kk/cpython
that referenced
this pull request
Mar 8, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
naveen521kk
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Mar 8, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
naveen521kk
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Mar 10, 2022
…thonGH-31472) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
naveen521kk
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Mar 13, 2022
…thonGH-31472) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]>
lazka
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Mar 18, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
gentoo-bot
pushed a commit
to gentoo/cpython
that referenced
this pull request
Mar 18, 2022
Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (rebased for 2.7.18 by Michał Górny)
lazka
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Mar 18, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
algitbot
pushed a commit
to alpinelinux/aports
that referenced
this pull request
Mar 30, 2022
lazka
pushed a commit
to lazka/cpython
that referenced
this pull request
Apr 24, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
lazka
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
Apr 24, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
lazka
pushed a commit
to lazka/cpython
that referenced
this pull request
May 17, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
lazka
pushed a commit
to msys2-contrib/cpython-mingw
that referenced
this pull request
May 18, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
hello-adam
pushed a commit
to hello-adam/cpython
that referenced
this pull request
Jun 2, 2022
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
brainos233
pushed a commit
to brainos233/cpython-mingw
that referenced
this pull request
Apr 17, 2024
…thonGH-31469) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Co-authored-by: Sebastian Pipping <[email protected]>
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
May 10, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
May 10, 2024
Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
May 16, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
Nov 1, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
Dec 2, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
Dec 2, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
mcepl
pushed a commit
to openSUSE-Python/cpython
that referenced
this pull request
Dec 2, 2024
Fix etree XMLPullParser tests for Expat >=2.6.0 with reparse deferral Combined with gh#python/cpython!31453 bpo-46811: Make test suite support Expat >=2.4.5 (pythonGH-31453) Curly brackets were never allowed in namespace URIs according to RFC 3986, and so-called namespace-validating XML parsers have the right to reject them a invalid URIs. libexpat >=2.4.5 has become strcter in that regard due to related security issues; with ET.XML instantiating a namespace-aware parser under the hood, this test has no future in CPython. References: - https://datatracker.ietf.org/doc/html/rfc3968 - https://www.w3.org/TR/xml-names/ Also, test_minidom.py: Support Expat >=2.4.5 (cherry picked from commit 2cae938) Co-authored-by: Sebastian Pipping <[email protected]> Fixes: gh#python#115133 From-PR: gh#python/cpython!115138 Patch: CVE-2023-52425-libexpat-2.6.0-backport-15.6.patch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
https://bugs.python.org/issue46811
Happy to adjust and discuss.
Please check the commit messages for why I'm dropping that one test.