- Move not mandatory requirements to Suggests

- Update to version 1.1.0: * SigstoreSigner: Re-enable compatibility with Sigstore (#781) - 1.0.0: Added * Signer: add public_key attribute to interface (#756) * VaultSigner: Signer implementation for HashiCorp Vault (#800) * CryptoSigner: support ecdsa keytype that is no longer in spec (#711) * CryptoSigner: add private_bytes property (#799) * CryptoSigner: add "file2" signer uri (#759) * test: use localstack to test AWSSigner (#777) Removed * CryptoSigner: remove "file" signer uri (#759) * migration script for legacy keys (#770) * SSlibSigner class and *_securesystemslib_key methods (#771) * legacy key key*, interface, util and schema modules (#772, #773, #776) * unused functions in hash, and formats module (#774, #776) * unused global key constants (#806) Changed * SSlibKey: strengthen input validation (#780, #795) * AWSSigner: support default scheme and add stronger input validation (#724, #778) * dsse: change Envelope.signatures type to dict (#743) * vendor: update ed25519 copy (#793) * docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796) * test: improve and temporarily disable SigstoreSigner test (#779, #785) * ci: use dependabot groups, update weekly (#735) * ci: test macOS and Windows on latest Python only (#797) * Make securessystemslib.gpg internal (#792) Fixed * Fix check-upstream-ed25519 workflow permission (#706) OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-securesystemslib?expand=0&rev=6
2024-10-31 07:37:47 +00:00 · 2024-10-31 07:37:47 +00:00 · 2d13b6df7d
commit 2d13b6df7d
9 changed files with 218 additions and 0 deletions
--- a/.gitattributes
+++ b/.gitattributes
@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.osc
--- a/15
+++ b/15
@ -0,0 +1,15 @@
+<services>
+  <service name="obs_scm" mode="manual">
+    <param name="url">https://github.com/secure-systems-lab/securesystemslib</param>
+    <param name="scm">git</param>
+    <param name="version">1.1.0</param>
+    <param name="revision">v1.1.0</param>
+  </service>
+  <service mode="manual" name="set_version" />
+
+  <service mode="buildtime" name="tar" />
+  <service mode="buildtime" name="recompress">
+    <param name="file">*.tar</param>
+    <param name="compression">xz</param>
+  </service>
+</services>
--- a/python-securesystemslib.changes
+++ b/python-securesystemslib.changes
@ -0,0 +1,52 @@
+-------------------------------------------------------------------
+Thu Oct 31 07:30:30 UTC 2024 - Daniel Garcia <daniel.garcia@suse.com>
+
+- Move not mandatory requirements to Suggests
+- Update to version 1.1.0:
+  * SigstoreSigner: Re-enable compatibility with Sigstore (#781)
+- 1.0.0:
+  Added
+  * Signer: add public_key attribute to interface (#756)
+  * VaultSigner: Signer implementation for HashiCorp Vault (#800)
+  * CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
+  * CryptoSigner: add private_bytes property (#799)
+  * CryptoSigner: add "file2" signer uri (#759)
+  * test: use localstack to test AWSSigner (#777)
+  Removed
+  * CryptoSigner: remove "file" signer uri (#759)
+  * migration script for legacy keys (#770)
+  * SSlibSigner class and *_securesystemslib_key methods (#771)
+  * legacy key key*, interface, util and schema modules (#772, #773, #776)
+  * unused functions in hash, and formats module (#774, #776)
+  * unused global key constants (#806)
+  Changed
+  * SSlibKey: strengthen input validation (#780, #795)
+  * AWSSigner: support default scheme and add stronger input validation (#724, #778)
+  * dsse: change Envelope.signatures type to dict (#743)
+  * vendor: update ed25519 copy (#793)
+  * docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
+  * test: improve and temporarily disable SigstoreSigner test (#779, #785)
+  * ci: use dependabot groups, update weekly (#735)
+  * ci: test macOS and Windows on latest Python only (#797)
+  * Make securessystemslib.gpg internal (#792)
+  Fixed
+  * Fix check-upstream-ed25519 workflow permission (#706)
+  * SSlibKey: fix default scheme and test for ecdsa nistp384 key (#763 #794)
+[...]
+Other release notes can be found in the CHANGELOG.md file:
+https://github.com/secure-systems-lab/securesystemslib/blob/v1.1.0/CHANGELOG.md
+
+-------------------------------------------------------------------
+Mon Mar 27 05:47:20 UTC 2023 - Steve Kowalik <steven.kowalik@suse.com>
+
+- Add patch use_python3_interpreter_in_tests.diff:
+  * Call python3, not python.
+- Actually run the testsuite. 
+- Fix the Summary, and run fdupes to fix the most egregious rpmlint issues.
+- Stop using %{python_sitelib}/*.
+
+-------------------------------------------------------------------
+Fri Dec 10 12:14:29 UTC 2021 - Adrian Schröter <adrian@suse.de>
+
+- initial package of version 0.21.0
+
--- a/python-securesystemslib.spec
+++ b/python-securesystemslib.spec
@ -0,0 +1,71 @@
+#
+# spec file for package python-securesystemslib
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+Name:           python-securesystemslib
+Version:        1.1.0
+Release:        0
+License:        MIT
+Summary:        Cryptographic and general routines for Secure Systems Lab
+URL:            https://github.com/secure-systems-lab/securesystemslib
+Source:         securesystemslib-%{version}.tar.xz
+BuildRequires:  %{python_module PyKCS11}
+BuildRequires:  %{python_module asn1crypto}
+BuildRequires:  %{python_module cryptography >= 3.3.2}
+BuildRequires:  %{python_module ed25519}
+BuildRequires:  %{python_module hatchling}
+BuildRequires:  %{python_module pip}
+BuildRequires:  %{python_module pytest}
+BuildRequires:  fdupes
+BuildRequires:  python-rpm-macros
+Suggests:       python-asn1crypto
+Suggests:       python-cryptography
+Suggests:       python-PyKCS11
+
+BuildArch:      noarch
+%python_subpackages
+
+%description
+Cryptographic and general-purpose routines for Secure Systems Lab projects at NYU
+
+%prep
+%autosetup -p1 -n securesystemslib-%version
+# Remove exec permission from python scripts
+find . -type f -name *.py -exec chmod 0644 {} \;
+
+%build
+%pyproject_wheel
+
+%install
+%pyproject_install
+# Remove not needed files
+%{python_expand #
+rm -rf %{buildroot}%{$python_sitelib}/securesystemslib/_vendor/ed25519/.gitignore
+}
+%python_expand %fdupes %{buildroot}%{$python_sitelib}
+
+%check
+donttest="test_ed25519_kat or test_checkparams"
+# spinhcs+ key support requires the pyspx library
+donttest+=" or test_sphincs"
+%pytest -k "not ($donttest)"
+
+%files %{python_files}
+%{python_sitelib}/securesystemslib
+%{python_sitelib}/securesystemslib-%{version}*info
+
+%changelog
--- a/securesystemslib-0.21.0.obscpio
+++ b/securesystemslib-0.21.0.obscpio
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3b762bac882d98a9f2b8ac46974792c4097fc1b6ef282589bda53ae8b097bf66
+size 3133452
--- a/securesystemslib-1.1.0.obscpio
+++ b/securesystemslib-1.1.0.obscpio
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:27769b9b809ec8a00ec29ab52034814ef91cb8328eef12e88fe4041975e2afbd
+size 2984460
--- a/securesystemslib.obsinfo
+++ b/securesystemslib.obsinfo
@ -0,0 +1,4 @@
+name: securesystemslib
+version: 1.1.0
+mtime: 1717502370
+commit: c70d7be2b89659265d9fb50df4b6968780de30ab
--- a/use_python3_interpreter_in_tests.diff
+++ b/use_python3_interpreter_in_tests.diff
@ -0,0 +1,46 @@
+Description: Use python3 in tests
+ Some upstream tests for the custom `process` module call the python interpreter
+ in a subprocess. In Debian, where we only build for python3, "python" is not
+ available during build and thus makes those tests fail. This patch replaces
+ "python" with "python3" where applicable.
+Author: Lukas Puehringer <lukas.puehringer@nyu.edu>
+Forwarded: not-needed
+
+--- python-securesystemslib-0.16.0.orig/tests/test_process.py
+++ python-securesystemslib-0.16.0/tests/test_process.py
+@@ -38,7 +38,7 @@ class Test_Process(unittest.TestCase):
+ 
+     stdin_file = open(path)
+     cmd = \
+-        "python -c \"import sys; assert(sys.stdin.read() == '{}')\""
+        "python3 -c \"import sys; assert(sys.stdin.read() == '{}')\""
+ 
+     # input is used in favor of stdin
+     securesystemslib.process.run(cmd.format("use input kwarg"),
+@@ -57,7 +57,7 @@ class Test_Process(unittest.TestCase):
+   def test_run_duplicate_streams(self):
+     """Test output as streams and as returned.  """
+     # Command that prints 'foo' to stdout and 'bar' to stderr.
+-    cmd = ("python -c \""
+    cmd = ("python3 -c \""
+         "import sys;"
+         "sys.stdout.write('foo');"
+         "sys.stderr.write('bar');\"")
+@@ -101,7 +101,7 @@ class Test_Process(unittest.TestCase):
+ 
+   def test_run_cmd_arg_return_code(self):
+     """Test command arg as string and list using return code. """
+-    cmd_str = ("python -c \""
+    cmd_str = ("python3 -c \""
+         "import sys;"
+         "sys.exit(100)\"")
+     cmd_list = shlex.split(cmd_str)
+@@ -117,7 +117,7 @@ class Test_Process(unittest.TestCase):
+   def test_run_duplicate_streams_timeout(self):
+     """Test raise TimeoutExpired. """
+     with self.assertRaises(securesystemslib.process.subprocess.TimeoutExpired):
+-      securesystemslib.process.run_duplicate_streams("python --version",
+      securesystemslib.process.run_duplicate_streams("python3 --version",
+           timeout=-1)
+ 
+