Accepting request 827088 from home:bnavigator:branches:devel:languages:python

- Update package description - Fix the butchered python-certifi-shipped-requests-cabundle.patch broken by last update. - Add comment about missing tests gh#certifi/python-certifi#136 OBS-URL: https://build.opensuse.org/request/show/827088 OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-certifi?expand=0&rev=48
2020-08-16 21:59:25 +00:00 · 2020-08-16 21:59:25 +00:00 · 3746aa922f
commit 3746aa922f
parent 69f6369ee5
3 changed files with 77 additions and 13 deletions
--- a/python-certifi-shipped-requests-cabundle.patch
+++ b/python-certifi-shipped-requests-cabundle.patch
@ -1,13 +1,68 @@
-Index: certifi-2020.6.20/certifi/core.py
-===================================================================
--- certifi-2020.6.20.orig/certifi/core.py
-+++ certifi-2020.6.20/certifi/core.py
-@@ -53,7 +53,7 @@ except ImportError:
-     def where():
-         f = os.path.dirname(__file__)
+diff -ur certifi-2020.6.20.o/certifi/core.py certifi-2020.6.20/certifi/core.py
+--- certifi-2020.6.20.o/certifi/core.py	2020-06-07 11:35:28.000000000 +0200
+++ certifi-2020.6.20/certifi/core.py	2020-08-16 19:38:17.167625302 +0200
+@@ -5,56 +5,18 @@
+ ~~~~~~~~~~
+ 
+ This module returns the installation location of cacert.pem or its contents.
+-"""
+-import os
+ 
+-try:
+-    from importlib.resources import path as get_path, read_text
+Patched by openSUSE: return the system bundle
+"""
+ 
+-    _CACERT_CTX = None
+-    _CACERT_PATH = None
+def read_text(_module=None, _path=None, encoding="ascii"):
+    with open(where(), "r", encoding=encoding) as data:
+        return data.read()
+ 
+-    def where():
+-        # This is slightly terrible, but we want to delay extracting the file
+-        # in cases where we're inside of a zipimport situation until someone
+-        # actually calls where(), but we don't want to re-extract the file
+-        # on every call of where(), so we'll do it once then store it in a
+-        # global variable.
+-        global _CACERT_CTX
+-        global _CACERT_PATH
+-        if _CACERT_PATH is None:
+-            # This is slightly janky, the importlib.resources API wants you to
+-            # manage the cleanup of this file, so it doesn't actually return a
+-            # path, it returns a context manager that will give you the path
+-            # when you enter it and will do any cleanup when you leave it. In
+-            # the common case of not needing a temporary file, it will just
+-            # return the file system location and the __exit__() is a no-op.
+-            #
+-            # We also have to hold onto the actual context manager, because
+-            # it will do the cleanup whenever it gets garbage collected, so
+-            # we will also store that at the global level as well.
+-            _CACERT_CTX = get_path("certifi", "cacert.pem")
+-            _CACERT_PATH = str(_CACERT_CTX.__enter__())
+-
+-        return _CACERT_PATH
+-
+-
+-except ImportError:
+-    # This fallback will work for Python versions prior to 3.7 that lack the
+-    # importlib.resources module but relies on the existing `where` function
+-    # so won't address issues with environments like PyOxidizer that don't set
+-    # __file__ on modules.
+-    def read_text(_module, _path, encoding="ascii"):
+-        with open(where(), "r", encoding=encoding) as data:
+-            return data.read()
+-
+-    # If we don't have importlib.resources, then we will just do the old logic
+-    # of assuming we're on the filesystem and munge the path directly.
+-    def where():
+-        f = os.path.dirname(__file__)
 
 -        return os.path.join(f, "cacert.pem")
-+        return "/etc/ssl/ca-bundle.pem"
+def where():
+    return "/etc/ssl/ca-bundle.pem"
 
 
 def contents():
+-    return read_text("certifi", "cacert.pem", encoding="ascii")
+    return read_text(encoding="ascii")
--- a/python-certifi.changes
+++ b/python-certifi.changes
@ -1,3 +1,11 @@
+-------------------------------------------------------------------
+Sun Aug 16 17:45:09 UTC 2020 - Benjamin Greiner <code@bnavigator.de>
+
+- Update package description
+- Fix the butchered python-certifi-shipped-requests-cabundle.patch
+  broken by last update.
+- Add comment about missing tests gh#certifi/python-certifi#136
+
 -------------------------------------------------------------------
 Sat Aug 15 17:09:57 UTC 2020 - Arun Persaud <arun@gmx.de>

--- a/python-certifi.spec
+++ b/python-certifi.spec
@ -37,11 +37,11 @@ BuildArch:      noarch
 %python_subpackages

 %description
-This installable Python package contains a CA Bundle that you can reference
-in your Python code. This is useful for verifying HTTP requests, for example.
+Certifi provides Mozilla's carefully curated collection of Root Certificates
+for validating the trustworthiness of SSL certificates while verifying the
+identity of TLS hosts. It has been extracted from the Requests project.

-This is the same CA Bundle which ships with the Requests codebase, and is
-derived from Mozilla Firefox's canonical set.
+Note that on SUSE packages the used CA bundle is actually the system bundle

 %prep
 %setup -q -n certifi-%{version}
@ -68,7 +68,8 @@ derived from Mozilla Firefox's canonical set.
 %python_expand %fdupes %{buildroot}%{$python_sitelib}

 %check
-# no upstream tests found
+# There are no upstream unit tests https://github.com/certifi/python-certifi/issues/136
+# Please check that downstream packages like python-requests still build after an update of certifi

 %files %{python_files}
 %license LICENSE