Merge pull request #7016 from hugovk/docs-replace-sphinx-issues

Docs: Replace dependency sphinx-issues with builtin sphinx.ext.extlinks

Author: radarhere

.github/workflows/docs.yml

@@ -18,6 +18,9 @@ concurrency:
   group: ${{ github.workflow }}-${{ github.ref }}
   cancel-in-progress: true
 
+env:
+  FORCE_COLOR: 1
+
 jobs:
   build:
 

Makefile

@@ -16,10 +16,16 @@ coverage:
 	python3 -m coverage report
 
 .PHONY: doc
-doc:
+.PHONY: html
+doc html:
 	python3 -c "import PIL" > /dev/null 2>&1 || python3 -m pip install .
 	$(MAKE) -C docs html
 
+.PHONY: htmlview
+htmlview:
+	python3 -c "import PIL" > /dev/null 2>&1 || python3 -m pip install .
+	$(MAKE) -C docs htmlview
+
 .PHONY: doccheck
 doccheck:
 	$(MAKE) doc
@@ -38,7 +44,8 @@ help:
 	@echo "  coverage           run coverage test (in progress)"
 	@echo "  doc                make HTML docs"
 	@echo "  docserve           run an HTTP server on the docs directory"
-	@echo "  html               to make standalone HTML files"
+	@echo "  html               make HTML docs"
+	@echo "  htmlview           open the index page built by the html target in your browser"
 	@echo "  inplace            make inplace extension"
 	@echo "  install            make and install"
 	@echo "  install-coverage   make and install with C coverage"

docs/Makefile

@@ -19,6 +19,7 @@ I18NSPHINXOPTS  = $(PAPEROPT_$(PAPER)) $(SPHINXOPTS) .
 help:
 	@echo "Please use \`make <target>' where <target> is one of"
 	@echo "  html       to make standalone HTML files"
+	@echo "  htmlview   to open the index page built by the html target in your browser"
 	@echo "  serve      to start a local server for viewing docs"
 	@echo "  livehtml   to start a local server for viewing docs and auto-reload on change"
 	@echo "  dirhtml    to make HTML files named index.html in directories"
@@ -45,7 +46,7 @@ clean:
 	-rm -rf $(BUILDDIR)/*
 
 install-sphinx:
-	$(PYTHON) -m pip install --quiet furo olefile sphinx sphinx-copybutton sphinx-inline-tabs sphinx-issues sphinx-removed-in sphinxext-opengraph
+	$(PYTHON) -m pip install --quiet furo olefile sphinx sphinx-copybutton sphinx-inline-tabs sphinx-removed-in sphinxext-opengraph
 
 .PHONY: html
 html:
@@ -196,6 +197,10 @@ doctest:
 	@echo "Testing of doctests in the sources finished, look at the " \
 	      "results in $(BUILDDIR)/doctest/output.txt."
 
+.PHONY: htmlview
+htmlview: html
+	$(PYTHON) -c "import os, webbrowser; webbrowser.open('file://' + os.path.realpath('$(BUILDDIR)/html/index.html'))"
+
 .PHONY: livehtml
 livehtml: html
 	livereload $(BUILDDIR)/html -p 33233

docs/conf.py

@@ -28,11 +28,11 @@
 # ones.
 extensions = [
     "sphinx.ext.autodoc",
+    "sphinx.ext.extlinks",
     "sphinx.ext.intersphinx",
     "sphinx.ext.viewcode",
     "sphinx_copybutton",
     "sphinx_inline_tabs",
-    "sphinx_issues",
     "sphinx_removed_in",
     "sphinxext.opengraph",
 ]
@@ -317,8 +317,17 @@ def setup(app):
     app.add_css_file("css/dark.css")
 
 
-# GitHub repo for sphinx-issues
-issues_github_path = "python-pillow/Pillow"
+# sphinx.ext.extlinks
+# This config is a dictionary of external sites,
+# mapping unique short aliases to a base URL and a prefix.
+# https://www.sphinx-doc.org/en/master/usage/extensions/extlinks.html
+_repo = "https://github.com/python-pillow/Pillow/"
+extlinks = {
+    "cve": ("https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-%s", "CVE-%s"),
+    "cwe": ("https://cwe.mitre.org/data/definitions/%s.html", "CWE-%s"),
+    "issue": (_repo + "issues/%s", "#%s"),
+    "pr": (_repo + "pull/%s", "#%s"),
+}
 
 # sphinxext.opengraph
 ogp_image = (

docs/deprecations.rst

@@ -261,7 +261,7 @@ FreeType 2.7
 Support for FreeType 2.7 has been removed.
 
 We recommend upgrading to at least `FreeType`_ 2.10.4, which fixed a severe
-vulnerability introduced in FreeType 2.6 (:cve:`CVE-2020-15999`).
+vulnerability introduced in FreeType 2.6 (:cve:`2020-15999`).
 
 .. _FreeType: https://freetype.org/
 

docs/make.bat

@@ -19,6 +19,7 @@ if "%1" == "help" (
 	:help
 	echo.Please use `make ^<target^>` where ^<target^> is one of
 	echo.  html       to make standalone HTML files
+	echo.  htmlview   to open the index page built by the html target in your browser
 	echo.  dirhtml    to make HTML files named index.html in directories
 	echo.  singlehtml to make a single large HTML file
 	echo.  pickle     to make pickle files
@@ -44,12 +45,23 @@ if "%1" == "clean" (
 	goto end
 )
 
-if "%1" == "html" (
+set html=false
+if "%1%" == "html" set html=true
+if "%1%" == "htmlview" set html=true
+if "%html%" == "true" (
 	%SPHINXBUILD% -b html %ALLSPHINXOPTS% %BUILDDIR%/html
 	if errorlevel 1 exit /b 1
 	echo.
 	echo.Build finished. The HTML pages are in %BUILDDIR%/html.
-	goto end
+
+    if "%1" == "htmlview" (
+        if EXIST "%BUILDDIR%\html\index.html" (
+            echo.Opening "%BUILDDIR%\html\index.html" in the default web browser...
+            start "" "%BUILDDIR%\html\index.html"
+        )
+    )
+
+    goto end
 )
 
 if "%1" == "dirhtml" (

docs/releasenotes/3.1.1.rst

@@ -6,7 +6,7 @@ CVE-2016-0740 -- Buffer overflow in TiffDecode.c
 ------------------------------------------------
 
 Pillow 3.1.0 and earlier when linked against libtiff >= 4.0.0 on x64
-may overflow a buffer when reading a specially crafted tiff file (:cve:`CVE-2016-0740`).
+may overflow a buffer when reading a specially crafted tiff file (:cve:`2016-0740`).
 
 Specifically, libtiff >= 4.0.0 changed the return type of
 ``TIFFScanlineSize`` from ``int32`` to machine dependent
@@ -24,7 +24,7 @@ CVE-2016-0775 -- Buffer overflow in FliDecode.c
 -----------------------------------------------
 
 In all versions of Pillow, dating back at least to the last PIL 1.1.7
-release, FliDecode.c has a buffer overflow error (:cve:`CVE-2016-0775`).
+release, FliDecode.c has a buffer overflow error (:cve:`2016-0775`).
 
 Around line 192:
 
@@ -53,7 +53,7 @@ CVE-2016-2533 -- Buffer overflow in PcdDecode.c
 -----------------------------------------------
 
 In all versions of Pillow, dating back at least to the last PIL 1.1.7
-release, ``PcdDecode.c`` has a buffer overflow error (:cve:`CVE-2016-2533`).
+release, ``PcdDecode.c`` has a buffer overflow error (:cve:`2016-2533`).
 
 The ``state.buffer`` for ``PcdDecode.c`` is allocated based on a 3
 bytes per pixel sizing, where ``PcdDecode.c`` wrote into the buffer

docs/releasenotes/3.1.2.rst

@@ -7,7 +7,7 @@ CVE-2016-3076 -- Buffer overflow in Jpeg2KEncode.c
 
 Pillow between 2.5.0 and 3.1.1 may overflow a buffer when writing
 large Jpeg2000 files, allowing for code execution or other memory
-corruption (:cve:`CVE-2016-3076`).
+corruption (:cve:`2016-3076`).
 
 This occurs specifically in the function ``j2k_encode_entry``, at the line:
 

docs/releasenotes/6.2.0.rst

@@ -69,7 +69,7 @@ Security
 ========
 
 This release catches several buffer overruns, as well as addressing
-:cve:`CVE-2019-16865`. The CVE is regarding DOS problems, such as consuming large
+:cve:`2019-16865`. The CVE is regarding DOS problems, such as consuming large
 amounts of memory, or taking a large amount of time to process an image.
 
 In RawDecode.c, an error is now thrown if skip is calculated to be less than

docs/releasenotes/6.2.2.rst

@@ -6,13 +6,13 @@ Security
 
 This release addresses several security problems.
 
-:cve:`CVE-2019-19911` is regarding FPX images. If an image reports that it has a large
+:cve:`2019-19911` is regarding FPX images. If an image reports that it has a large
 number of bands, a large amount of resources will be used when trying to process the
 image. This is fixed by limiting the number of bands to those usable by Pillow.
 
-Buffer overruns were found when processing an SGI (:cve:`CVE-2020-5311`),
-PCX (:cve:`CVE-2020-5312`) or FLI image (:cve:`CVE-2020-5313`). Checks have been added
+Buffer overruns were found when processing an SGI (:cve:`2020-5311`),
+PCX (:cve:`2020-5312`) or FLI image (:cve:`2020-5313`). Checks have been added
 to prevent this.
 
-:cve:`CVE-2020-5310`: Overflow checks have been added when calculating the size of a
+:cve:`2020-5310`: Overflow checks have been added when calculating the size of a
 memory block to be reallocated in the processing of a TIFF image.