From 306b1e8aa1ba1aae72b66d6d31e4d286c99fd8e9f094d5ee81f9ddf6d9c65c88 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Mark=C3=A9ta=20Machov=C3=A1?= Date: Tue, 8 Apr 2025 15:11:45 +0000 Subject: [PATCH] - Update to 2025.1.31 * Added certs - Subject: CN=D-TRUST BR Root CA 2 2023 O=D-Trust GmbH - Subject: CN=D-TRUST EV Root CA 2 2023 O=D-Trust GmbH * Removed certs - Subject: CN=SwissSign Silver CA - G2 O=SwissSign AG - from version 2024.12.14 * Upload attestations to PyPI * Added 3.13 classifier (#322) * Test against 3.13 final * Added certs - Subject: CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH * Removed certs - Subject: CN=SecureSign RootCA11 O=Japan Certification Services, Inc. - Subject: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for authorized use only - Subject: CN=Security Communication RootCA3 O=SECOM Trust Systems CO.,LTD. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-certifi?expand=0&rev=81 --- .gitattributes | 23 ++ .gitignore | 1 + certifi-2024.7.4.tar.gz | 3 + certifi-2024.8.30.tar.gz | 3 + certifi-2025.1.31.tar.gz | 3 + ...on-certifi-shipped-requests-cabundle.patch | 126 ++++++ python-certifi.changes | 379 ++++++++++++++++++ python-certifi.spec | 77 ++++ two-basic-unit-tests.patch | 83 ++++ 9 files changed, 698 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 certifi-2024.7.4.tar.gz create mode 100644 certifi-2024.8.30.tar.gz create mode 100644 certifi-2025.1.31.tar.gz create mode 100644 python-certifi-shipped-requests-cabundle.patch create mode 100644 python-certifi.changes create mode 100644 python-certifi.spec create mode 100644 two-basic-unit-tests.patch diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/certifi-2024.7.4.tar.gz b/certifi-2024.7.4.tar.gz new file mode 100644 index 0000000..effdf42 --- /dev/null +++ b/certifi-2024.7.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5a1e7645bc0ec61a09e26c36f6106dd4cf40c6db3a1fb6352b0244e7fb057c7b +size 164065 diff --git a/certifi-2024.8.30.tar.gz b/certifi-2024.8.30.tar.gz new file mode 100644 index 0000000..02e7cef --- /dev/null +++ b/certifi-2024.8.30.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:bec941d2aa8195e248a60b31ff9f0558284cf01a52591ceda73ea9afffd69fd9 +size 168507 diff --git a/certifi-2025.1.31.tar.gz b/certifi-2025.1.31.tar.gz new file mode 100644 index 0000000..6e95a39 --- /dev/null +++ b/certifi-2025.1.31.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3d5da6925056f6f18f119200434a4780a94263f10d1c21d032a6f6b2baa20651 +size 167577 diff --git a/python-certifi-shipped-requests-cabundle.patch b/python-certifi-shipped-requests-cabundle.patch new file mode 100644 index 0000000..8f7e172 --- /dev/null +++ b/python-certifi-shipped-requests-cabundle.patch @@ -0,0 +1,126 @@ +Index: certifi-2024.7.4/certifi/core.py +=================================================================== +--- certifi-2024.7.4.orig/certifi/core.py ++++ certifi-2024.7.4/certifi/core.py +@@ -3,112 +3,19 @@ certifi.py + ~~~~~~~~~~ + + This module returns the installation location of cacert.pem or its contents. ++Patched by openSUSE: return the system bundle + """ +-import sys +-import atexit ++import io + +-def exit_cacert_ctx() -> None: +- _CACERT_CTX.__exit__(None, None, None) # type: ignore[union-attr] + ++def read_text(_module=None, _path=None, encoding="ascii"): ++ with io.open(where(), "r", encoding=encoding) as data: ++ return data.read() + +-if sys.version_info >= (3, 11): + +- from importlib.resources import as_file, files +- +- _CACERT_CTX = None +- _CACERT_PATH = None +- +- def where() -> str: +- # This is slightly terrible, but we want to delay extracting the file +- # in cases where we're inside of a zipimport situation until someone +- # actually calls where(), but we don't want to re-extract the file +- # on every call of where(), so we'll do it once then store it in a +- # global variable. +- global _CACERT_CTX +- global _CACERT_PATH +- if _CACERT_PATH is None: +- # This is slightly janky, the importlib.resources API wants you to +- # manage the cleanup of this file, so it doesn't actually return a +- # path, it returns a context manager that will give you the path +- # when you enter it and will do any cleanup when you leave it. In +- # the common case of not needing a temporary file, it will just +- # return the file system location and the __exit__() is a no-op. +- # +- # We also have to hold onto the actual context manager, because +- # it will do the cleanup whenever it gets garbage collected, so +- # we will also store that at the global level as well. +- _CACERT_CTX = as_file(files("certifi").joinpath("cacert.pem")) +- _CACERT_PATH = str(_CACERT_CTX.__enter__()) +- atexit.register(exit_cacert_ctx) +- +- return _CACERT_PATH +- +- def contents() -> str: +- return files("certifi").joinpath("cacert.pem").read_text(encoding="ascii") +- +-elif sys.version_info >= (3, 7): +- +- from importlib.resources import path as get_path, read_text +- +- _CACERT_CTX = None +- _CACERT_PATH = None +- +- def where() -> str: +- # This is slightly terrible, but we want to delay extracting the +- # file in cases where we're inside of a zipimport situation until +- # someone actually calls where(), but we don't want to re-extract +- # the file on every call of where(), so we'll do it once then store +- # it in a global variable. +- global _CACERT_CTX +- global _CACERT_PATH +- if _CACERT_PATH is None: +- # This is slightly janky, the importlib.resources API wants you +- # to manage the cleanup of this file, so it doesn't actually +- # return a path, it returns a context manager that will give +- # you the path when you enter it and will do any cleanup when +- # you leave it. In the common case of not needing a temporary +- # file, it will just return the file system location and the +- # __exit__() is a no-op. +- # +- # We also have to hold onto the actual context manager, because +- # it will do the cleanup whenever it gets garbage collected, so +- # we will also store that at the global level as well. +- _CACERT_CTX = get_path("certifi", "cacert.pem") +- _CACERT_PATH = str(_CACERT_CTX.__enter__()) +- atexit.register(exit_cacert_ctx) +- +- return _CACERT_PATH +- +- def contents() -> str: +- return read_text("certifi", "cacert.pem", encoding="ascii") +- +-else: +- import os +- import types +- from typing import Union +- +- Package = Union[types.ModuleType, str] +- Resource = Union[str, "os.PathLike"] +- +- # This fallback will work for Python versions prior to 3.7 that lack the +- # importlib.resources module but relies on the existing `where` function +- # so won't address issues with environments like PyOxidizer that don't set +- # __file__ on modules. +- def read_text( +- package: Package, +- resource: Resource, +- encoding: str = 'utf-8', +- errors: str = 'strict' +- ) -> str: +- with open(where(), encoding=encoding) as data: +- return data.read() +- +- # If we don't have importlib.resources, then we will just do the old logic +- # of assuming we're on the filesystem and munge the path directly. +- def where() -> str: +- f = os.path.dirname(__file__) ++def where(): ++ return "/etc/ssl/ca-bundle.pem" + +- return os.path.join(f, "cacert.pem") + +- def contents() -> str: +- return read_text("certifi", "cacert.pem", encoding="ascii") ++def contents() -> str: ++ return read_text(encoding="ascii") diff --git a/python-certifi.changes b/python-certifi.changes new file mode 100644 index 0000000..5ffa5fd --- /dev/null +++ b/python-certifi.changes @@ -0,0 +1,379 @@ +------------------------------------------------------------------- +Tue Apr 8 13:14:58 UTC 2025 - John Paul Adrian Glaubitz + +- Update to 2025.1.31 + * Added certs + - Subject: CN=D-TRUST BR Root CA 2 2023 O=D-Trust GmbH + - Subject: CN=D-TRUST EV Root CA 2 2023 O=D-Trust GmbH + * Removed certs + - Subject: CN=SwissSign Silver CA - G2 O=SwissSign AG +- from version 2024.12.14 + * Upload attestations to PyPI + * Added 3.13 classifier (#322) + * Test against 3.13 final + * Added certs + - Subject: CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH + * Removed certs + - Subject: CN=SecureSign RootCA11 O=Japan Certification Services, Inc. + - Subject: CN=Entrust Root Certification Authority - G4 O=Entrust, Inc. + OU=See www.entrust.net/legal-terms/(c) 2015 Entrust, Inc. - for + authorized use only + - Subject: CN=Security Communication RootCA3 O=SECOM Trust Systems CO.,LTD. + +------------------------------------------------------------------- +Thu Nov 7 09:18:40 UTC 2024 - Matej Cepl + +- Make the test suite working just with the standard library. + +------------------------------------------------------------------- +Wed Oct 9 06:43:31 UTC 2024 - Dirk Müller + +- update to 2024.8.30: + added certs: + * TWCA CYBER Root CA O=TAIWAN-CA OU=Root CA + * SecureSign Root CA12 O=Cybertrust Japan Co., Ltd. + * SecureSign Root CA14 O=Cybertrust Japan Co., Ltd. + * SecureSign Root CA15 O=Cybertrust Japan Co., Ltd. + +------------------------------------------------------------------- +Tue Jul 9 06:36:13 UTC 2024 - Daniel Garcia + +- Refresh patches python-certifi-shipped-requests-cabundle.patch and + two-basic-unit-tests.patch +- Remove executable bit from core.py file +- Update to 2024.7.4 (CVE-2024-39689, bsc#1227519): + Removed certs: + * Subject: CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH + +- 2024.06.02 + Added certs: + * Subject: CN=FIRMAPROFESIONAL CA ROOT-A WEB O=Firmaprofesional SA + +- 2024.02.02 + Added certs: + * Subject: CN=Telekom Security TLS ECC Root 2020 O=Deutsche Telekom Security GmbH + * Subject: CN=Telekom Security TLS RSA Root 2023 O=Deutsche Telekom Security GmbH + Removed certs: + * Subject: O=SECOM Trust.net OU=Security Communication RootCA1 + + * Fix leaking certificate issue + +------------------------------------------------------------------- +Tue Nov 28 09:10:25 UTC 2023 - Dirk Müller + +- update to 2023.11.17: + Added certs: + * Subject: CN=TrustAsia Global Root CA G3 O=TrustAsia Technologies, Inc. + * Subject: CN=TrustAsia Global Root CA G4 O=TrustAsia Technologies, Inc. + * Subject: CN=CommScope Public Trust ECC Root-01 O=CommScope + * Subject: CN=CommScope Public Trust ECC Root-02 O=CommScope + * Subject: CN=CommScope Public Trust RSA Root-01 O=CommScope + * Subject: CN=CommScope Public Trust RSA Root-02 O=CommScope + Removed certs: + * Subject: CN=Autoridad de Certificacion Firmaprofesional CIF A62634068 + +------------------------------------------------------------------- +Wed Aug 9 07:54:58 UTC 2023 - Dirk Müller + +- update to 2023.7.22: + Added certs: + # CN=Sectigo Public Server Authentication Root E46 O=Sectigo Limited + # CN=Sectigo Public Server Authentication Root R46 O=Sectigo Limited + # CN=SSL.com TLS RSA Root CA 2022 O=SSL Corporation + # CN=SSL.com TLS ECC Root CA 2022 O=SSL Corporation + # CN=Atos TrustedRoot Root CA ECC TLS 2021 O=Atos + # CN=Atos TrustedRoot Root CA RSA TLS 2021 O=Atos + Removed certs: + # CN=Hongkong Post Root CA 1 O=Hongkong Post + # CN=E-Tugra Certification Authority O=E-Tu\u011fra EBG Bili\u015fim + Teknolojileri ve Hizmetleri A.\u015e. OU=E-Tugra Sertifikasyon Merkezi + # CN=E-Tugra Global Root CA RSA v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center + # CN=E-Tugra Global Root CA ECC v3 O=E-Tugra EBG A.S. OU=E-Tugra Trust Center + +------------------------------------------------------------------- +Mon May 8 18:01:26 UTC 2023 - Dirk Müller + +- update to 2023.5.7: + Added certs: + * CN=BJCA Global Root CA1 O=BEIJING CERTIFICATE AUTHORITY + +------------------------------------------------------------------- +Wed May 3 15:36:56 UTC 2023 - Dirk Müller + +- update to 2022.12.7 (bsc#1206212 CVE-2022-23491): + * obsoletes removeTrustCor.patch in older dists + Removed certs: + * CN=Network Solutions Certificate Authority O=Network Solutions L.L.C. + * CN=Staat der Nederlanden EV Root CA O=Staat der Nederlanden + * CN=TrustCor RootCert CA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority + * CN=TrustCor RootCert CA-2 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority + * CN=TrustCor ECA-1 O=TrustCor Systems S. de R.L. OU=TrustCor Certificate Authority + +------------------------------------------------------------------- +Fri Apr 21 12:23:08 UTC 2023 - Dirk Müller + +- add sle15_python_module_pythons (jsc#PED-68) + +------------------------------------------------------------------- +Thu Apr 13 22:40:27 UTC 2023 - Matej Cepl + +- Make calling of %{sle15modernpython} optional. + +------------------------------------------------------------------- +Thu Nov 17 09:31:30 UTC 2022 - John Paul Adrian Glaubitz + +- Update to 2022.9.24: + * (no changes) +- from version 2022.09.24: + * (no changes) +- from version 2022.09.14: + * (no changes) +- from version 2022.06.15.2: + * Only use importlib.resources's new files() / + Traversable API on Python ≥3.11 (#204) +- from version 2022.06.15.1: + * Fix deprecation warning on Python 3.11 (#199) + * fixes #198 -- update link in license +- from version 2022.06.15: + * Add py.typed to MANIFEST.in to package in sdist (#196) +- from version 2022.05.18.1: + * Add support for Python 3.10 and drop EOL 3.5 (#167) +- from version 2022.05.18: + * Automatically lock github issues after + they've been closed for 90 days (#189) + * Remove universal wheel, python 2 is unsupported (#187) + * Add type annotations to package + * Added Required Python Version (#152) + * Fix homepage link (#145) +- Refresh patches for new version + * python-certifi-shipped-requests-cabundle.patch + +------------------------------------------------------------------- +Sat Jan 15 17:54:53 UTC 2022 - Dirk Müller + +- update to 2021.10.8: + added certs: + * CN=TunTrust Root CA O=Agence Nationale de Certification Electronique + * CN=HARICA TLS ECC Root CA 2021 O=Hellenic Academic and Research Institutions CA + +------------------------------------------------------------------- +Thu Jun 17 20:53:23 UTC 2021 - Dirk Müller + +- update to 2021.5.30: + Added certs: + * CN=AC RAIZ FNMT-RCM SERVIDORES SEGUROS O=FNMT-RCM OU=Ceres + * CN=GlobalSign Root R46 O=GlobalSign nv-sa + * CN=GlobalSign Root E46 O=GlobalSign nv-sa + * CN=GLOBALTRUST 2020 O=e-commerce monitoring GmbH + * CN=ANF Secure Server Root CA O=ANF Autoridad de Certificacion OU=ANF CA Raiz + * CN=Certum EC-384 CA O=Asseco Data Systems S.A. OU=Certum Certification Authority + * CN=Certum Trusted Root CA O=Asseco Data Systems S.A. OU=Certum Certification Authority + +------------------------------------------------------------------- +Sat Dec 19 10:43:30 UTC 2020 - Dirk Müller + +- update to 2020.12.5 + +------------------------------------------------------------------- +Thu Nov 26 09:21:35 UTC 2020 - Dirk Mueller + +- update to 2020.11.8: + * Python 3.8+ support + +------------------------------------------------------------------- +Wed Nov 25 11:41:29 UTC 2020 - Matej Cepl + +- Add two-basic-unit-tests.patch which includes two at least simple test + patches (gh#certifi/python-certifi#137). + +------------------------------------------------------------------- +Sun Aug 16 17:45:09 UTC 2020 - Benjamin Greiner + +- Update package description +- Fix the butchered python-certifi-shipped-requests-cabundle.patch + broken by last update. +- Add comment about missing tests gh#certifi/python-certifi#136 + +------------------------------------------------------------------- +Sat Aug 15 17:09:57 UTC 2020 - Arun Persaud + +- specfile: + * update line numbers and whitespace in patch + +- update to version 2020.6.20: + * Updates in enabled CAs + +- changes from version 2020.04.05.2: + * Document policy for cert addition (#127) + * Clarify trust origin is Mozilla (#126) + * Fix where() so that it works with importlib.resources when + available + * Goodbye python 2 + +------------------------------------------------------------------- +Wed Jun 3 11:12:41 UTC 2020 - Dirk Mueller + +- update to 2020.4.5.1: + adds Agencia Catalana de Certificacio (NIF Q-0801176-I) OU=Serveis + Publics de Certificacio/Vegeu + +------------------------------------------------------------------- +Fri Jan 24 15:06:39 UTC 2020 - Marketa Calabkova + +- update to 2019.11.28 + * Updates in enabled CAs + +------------------------------------------------------------------- +Fri Sep 20 12:43:15 UTC 2019 - Tomáš Chvátal + +- Sync to the latest 2019.9.11: + * Updates in enabled CAs + +------------------------------------------------------------------- +Wed Jul 24 09:12:13 UTC 2019 - pgajdos@suse.com + +- version update to 2019.6.16 + * remove Certinomis Root CA + +------------------------------------------------------------------- +Mon Mar 11 09:58:08 UTC 2019 - Tomáš Chvátal + +- Update to 2019.3.9: + * Add emSign Root CA - G1 + * Add emSign ECC Root CA - G3 + * Add Hongkong Post Root CA 3 +- Rebase python-certifi-shipped-requests-cabundle.patch + +------------------------------------------------------------------- +Mon Feb 11 22:29:47 UTC 2019 - John Vandenberg + +- Update to 2018.11.29 + * Deprecated old_where() has been removed + * Removed certificates + + Visa eCommerce Root + + Certplus Root CA G1 + + Certplus Root CA G2 + + OpenTrust Root CA G1 + + OpenTrust Root CA G2 + + OpenTrust Root CA G3 + +------------------------------------------------------------------- +Tue Jan 8 23:55:51 UTC 2019 - Jonathan Brownell + +- Limit SUSE certificate patch to exclude Red Hat platforms since + the relevant /etc/ssl/ca-bundle.pem does not exist there + +- %py_compile and %py3_compile macros do not exist on Red Hat; + substitute them with equivalent %python_exec invocations + +------------------------------------------------------------------- +Tue Dec 4 12:46:35 UTC 2018 - Matej Cepl + +- Remove superfluous devel dependency for noarch package + +------------------------------------------------------------------- +Tue Apr 17 10:53:35 UTC 2018 - michael@stroeder.com + +- update to 2018.4.16 + * Remove Elektronik Sertifika Hizket from cacert.pem +- This is noop as we use our cacert list from /etc/ssl/ca-bundle.pem + +------------------------------------------------------------------- +Sun Feb 4 00:36:29 UTC 2018 - arun@gmx.de + +- specfile: + * update copyright year + +- update to version 2018.1.18: + * Remove 1024-bit root certificates + * Include license in the list of trove classifiers + * Include license file in the generated wheel package + +------------------------------------------------------------------- +Tue Nov 14 23:19:14 UTC 2017 - dmueller@suse.com + +- update to 2017.11.5: + * Sync with bundle mozilla release +- remove python-certifi-fix-version-string.patch: obsolete + +------------------------------------------------------------------- +Wed Oct 18 17:23:39 UTC 2017 - jmatejek@suse.com + +- fix macros to support not having python2 + +------------------------------------------------------------------- +Thu Oct 12 08:52:57 UTC 2017 - adrian.glaubitz@suse.com + +- add patch to fix version string from 2017.07.27.1 to + 2017.7.27.1 to fix the build on SLE12_SP3 and earlier + + python-certifi-fix-version-string.patch + +------------------------------------------------------------------- +Tue Oct 3 05:42:11 UTC 2017 - arun@gmx.de + +- updated patch + +- update to version 2017.7.27.1: + * Use a more expressive API for getting the dir a path is in + * set zip_safe=False to help out setuptools (#63) + * Change license from ISC to MPL-2.0 in setup.py + * Add trove classifiers for missing supported Python versions + * Rename [wheel] section to [bdist_wheel] as the former is legacy + +------------------------------------------------------------------- +Mon Jul 10 18:42:12 UTC 2017 - toddrme2178@gmail.com + +- Fix wrong-script-interpreter rpmlint error. +- Fix script-without-shebang rpmlint warning. + +------------------------------------------------------------------- +Sun Jun 11 20:37:21 UTC 2017 - dmueller@suse.com + +- require ca-certificates-mozilla, otherwise certifi does not + provide any ca bundle (the bundled one that openSUSE patches + out is the mozilla bundle as well) + +------------------------------------------------------------------- +Sat Jun 10 08:46:52 UTC 2017 - dmueller@suse.com + +- update to 2017.4.17 + +------------------------------------------------------------------- +Sat Apr 8 17:51:03 UTC 2017 - aloisio@gmx.com + +- Updated to version 2017.1.23 +- Converted to single-spec +- Updated source URL + +------------------------------------------------------------------- +Fri Jun 3 23:00:13 UTC 2016 - jacobwinski@gmail.com + +- Update to version 2016.2.28 +- Update copyright year in spec file +- Fix executable warning (fix taken from python3-certifi) + +------------------------------------------------------------------- +Fri Jan 22 12:22:53 UTC 2016 - michael@stroeder.com + +- Update to version 2015.11.20.1 + +------------------------------------------------------------------- +Sat Sep 26 10:27:12 UTC 2015 - toddrme2178@gmail.com + +- Update to version 2015.9.6.2: + * Actually ship weak cert bundle. + * Provide old cert bundle. + * Use secure roots by default. + * Update scripts to use mkcert.org + * Concatenate the two roots + * Add the needed 1024-bit roots + * Move mkcert output to non-core file +- Fix dependencies on SLES 11 +- Certifi is released under MPL-2.0; fix the license tag +- Rebase python-certifi-shipped-requests-cabundle.patch + +------------------------------------------------------------------- +Wed Apr 22 13:31:54 UTC 2015 - mcihar@suse.cz + +- Initial packaging + diff --git a/python-certifi.spec b/python-certifi.spec new file mode 100644 index 0000000..c4ef3c0 --- /dev/null +++ b/python-certifi.spec @@ -0,0 +1,77 @@ +# +# spec file for package python-certifi +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{?sle15_python_module_pythons} +Name: python-certifi +Version: 2025.1.31 +Release: 0 +Summary: Python package for providing Mozilla's CA Bundle +License: MPL-2.0 +Group: Development/Languages/Python +URL: https://github.com/certifi/python-certifi +Source: https://files.pythonhosted.org/packages/source/c/certifi/certifi-%{version}.tar.gz +# PATCH-FIX-SUSE -- prefer SUSE certificates +Patch0: python-certifi-shipped-requests-cabundle.patch +# PATCH-FEATURE-UPSTREAM two-basic-unit-tests.patch gh#certifi/python-certifi#137 mcepl@suse.com +# Add at least primitive test suite (by bnavigator) +Patch1: two-basic-unit-tests.patch +BuildRequires: %{python_module setuptools} +BuildRequires: ca-certificates +BuildRequires: ca-certificates-mozilla +BuildRequires: fdupes +BuildRequires: python-rpm-macros +Requires: ca-certificates +Requires: ca-certificates-mozilla +BuildArch: noarch +%python_subpackages + +%description +Certifi provides Mozilla's carefully curated collection of Root Certificates +for validating the trustworthiness of SSL certificates while verifying the +identity of TLS hosts. It has been extracted from the Requests project. + +Note that on SUSE packages the used CA bundle is actually the system bundle + +%prep +%autosetup -p1 -n certifi-%{version} + +%build +%python_build + +%install +%python_install + +%{python_expand # + rm %{buildroot}%{$python_sitelib}/certifi/cacert.pem +} + +%python_expand $python -m compileall %{buildroot}%{$python_sitelib}/certifi/ +%python_expand $python -O -m compileall %{buildroot}%{$python_sitelib}/certifi/ + +%python_expand %fdupes %{buildroot}%{$python_sitelib} + +%check +%pyunittest -v certifi.tests.test_certifi + +%files %{python_files} +%license LICENSE +%doc README.rst +%{python_sitelib}/certifi/ +%{python_sitelib}/certifi-%{version}-py*.egg-info + +%changelog diff --git a/two-basic-unit-tests.patch b/two-basic-unit-tests.patch new file mode 100644 index 0000000..b39bc06 --- /dev/null +++ b/two-basic-unit-tests.patch @@ -0,0 +1,83 @@ +From 7d617ff9dddee73bde86b79c9aa2f1c98f19e339 Mon Sep 17 00:00:00 2001 +From: Benjamin Greiner +Date: Sun, 16 Aug 2020 20:17:39 +0200 +Subject: [PATCH 1/2] add 2 basic unit tests + +--- + .github/workflows/python-package.yml | 40 +++++++++++++++++++++++++++++++++++ + certifi/tests/__init__.py | 2 + + certifi/tests/test_certifi.py | 19 ++++++++++++++++ + 3 files changed, 61 insertions(+) + create mode 100644 certifi/tests/__init__.py + create mode 100755 certifi/tests/test_certifi.py + +--- /dev/null ++++ b/certifi/tests/__init__.py +@@ -0,0 +1,2 @@ ++# certifi.tests module ++ +--- /dev/null ++++ b/certifi/tests/test_certifi.py +@@ -0,0 +1,19 @@ ++# -*- coding: utf-8 -*- ++""" ++unit tests to make sure everything behaves as expected ++""" ++ ++import os ++import unittest ++ ++import certifi ++ ++ ++class TestCertifi(unittest.TestCase): ++ def test_cabundle_exists(self): ++ """Check that the reported bundle exists""" ++ self.assertTrue(os.path.exists(certifi.where())) ++ ++ def test_read_contents(self): ++ """Check that the returned contents contain a certificate""" ++ self.assertIn("-----BEGIN CERTIFICATE-----", certifi.contents()) +--- /dev/null ++++ b/.github/workflows/python-package.yml +@@ -0,0 +1,40 @@ ++# This workflow will install Python dependencies, run tests and lint with a variety of Python versions ++# For more information see: https://help.github.com/actions/language-and-framework-guides/using-python-with-github-actions ++ ++name: Python package ++ ++on: ++ push: ++ branches: [ master ] ++ pull_request: ++ branches: [ master ] ++ ++jobs: ++ build: ++ ++ runs-on: ubuntu-latest ++ strategy: ++ matrix: ++ python-version: [3.5, 3.6, 3.7, 3.8] ++ ++ steps: ++ - uses: actions/checkout@v2 ++ - name: Set up Python ${{ matrix.python-version }} ++ uses: actions/setup-python@v2 ++ with: ++ python-version: ${{ matrix.python-version }} ++ - name: Install test dependencies ++ run: | ++ python -m pip install --upgrade pip ++ pip install pytest ++ # pip install flake8 pytest ++ # if [ -f requirements.txt ]; then pip install -r requirements.txt; fi ++ #- name: Lint with flake8 ++ # run: | ++ # # stop the build if there are Python syntax errors or undefined names ++ # flake8 . --count --select=E9,F63,F7,F82 --show-source --statistics ++ # # exit-zero treats all errors as warnings. The GitHub editor is 127 chars wide ++ # flake8 . --count --exit-zero --max-complexity=10 --max-line-length=127 --statistics ++ - name: Test with pytest ++ run: | ++ pytest