Stop using deprecated cgi.escape

cgi.escape has been deprecated since python 3.2 and removed in 3.8
2025-04-17 10:10:20 +00:00 · 2020-07-18 12:40:21 +02:00 · 2020-07-18 12:40:21 +02:00 · 41b8aa5482
commit 41b8aa5482
parent 2bbee65987
3 changed files with 9 additions and 8 deletions
--- a/changelog/57983.fixed
+++ b/changelog/57983.fixed
@ -0,0 +1 @@
+Replace deprecated `cgi.escape()` with `html.escape()` after it was removed from Python 3.8.
--- a/salt/returners/highstate_return.py
+++ b/salt/returners/highstate_return.py
@ -79,7 +79,7 @@ the time of execution.
 """
 from __future__ import absolute_import, print_function, unicode_literals

-import cgi
+import html
 import logging
 import smtplib
 from email.mime.text import MIMEText
@ -226,7 +226,7 @@ def _generate_html_table(data, out, level=0, extra_style=""):
                                "td",
                                [cell_style, second_style, "value", new_extra_style],
                            ),
-                            cgi.escape(six.text_type(value)),
+                            html.escape(six.text_type(value)),
                        ),
                        file=out,
                    )
@ -251,7 +251,7 @@ def _generate_html_table(data, out, level=0, extra_style=""):
                    _lookup_style(
                        "td", [cell_style, first_style, "value", extra_style]
                    ),
-                    cgi.escape(six.text_type(subdata)),
+                    html.escape(six.text_type(subdata)),
                ),
                file=out,
            )
--- a/salt/returners/nagios_nrdp_return.py
+++ b/salt/returners/nagios_nrdp_return.py
@ -51,7 +51,7 @@ To override individual configuration items, append --return_kwargs '{"key:": "va
 from __future__ import absolute_import, print_function, unicode_literals

 # Import python libs
-import cgi
+import html
 import logging

 import salt.ext.six.moves.http_client
@ -125,20 +125,20 @@ def _prepare_xml(options=None, state=None):
            + six.text_type(options["checktype"])
            + "'>"
        )
-        xml += "<hostname>" + cgi.escape(options["hostname"], True) + "</hostname>"
-        xml += "<servicename>" + cgi.escape(options["service"], True) + "</servicename>"
+        xml += "<hostname>" + html.escape(options["hostname"]) + "</hostname>"
+        xml += "<servicename>" + html.escape(options["service"]) + "</servicename>"
    else:
        xml += (
            "<checkresult type='host' checktype='"
            + six.text_type(options["checktype"])
            + "'>"
        )
-        xml += "<hostname>" + cgi.escape(options["hostname"], True) + "</hostname>"
+        xml += "<hostname>" + html.escape(options["hostname"]) + "</hostname>"

    xml += "<state>" + _state + "</state>"

    if "output" in options:
-        xml += "<output>" + cgi.escape(options["output"], True) + "</output>"
+        xml += "<output>" + html.escape(options["output"]) + "</output>"

    xml += "</checkresult>"
				`@ -0,0 +1 @@`
				Replace deprecated `cgi.escape()` with `html.escape()` after it was removed from Python 3.8.