From 709d81fb0b473570b9a0694161875452c60310cd857b7be6a189890a5d3598f9 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Thu, 14 Aug 2025 11:15:08 +0000 Subject: [PATCH] - Update to 0.5.5 * Fix #249: Handle fetching GPG version when not the first item in the configuration. * Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys. * Fix #255: Improve handling of exceptions raised in background threads. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-gnupg?expand=0&rev=38 --- .gitattributes | 23 ++++ .gitignore | 1 + python-gnupg-0.5.2.tar.gz | 3 + python-gnupg-0.5.3.tar.gz | 3 + python-gnupg-0.5.4.tar.gz | 3 + python-gnupg-0.5.5.tar.gz | 3 + python-python-gnupg.changes | 203 ++++++++++++++++++++++++++++++++++++ python-python-gnupg.spec | 64 ++++++++++++ 8 files changed, 303 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 python-gnupg-0.5.2.tar.gz create mode 100644 python-gnupg-0.5.3.tar.gz create mode 100644 python-gnupg-0.5.4.tar.gz create mode 100644 python-gnupg-0.5.5.tar.gz create mode 100644 python-python-gnupg.changes create mode 100644 python-python-gnupg.spec diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/python-gnupg-0.5.2.tar.gz b/python-gnupg-0.5.2.tar.gz new file mode 100644 index 0000000..48e9437 --- /dev/null +++ b/python-gnupg-0.5.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:01d8013931c9fa3f45824bbea7054c03d6e11f258a72e7e086e168dbcb91854c +size 64531 diff --git a/python-gnupg-0.5.3.tar.gz b/python-gnupg-0.5.3.tar.gz new file mode 100644 index 0000000..caaf099 --- /dev/null +++ b/python-gnupg-0.5.3.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:290d8ddb9cd63df96cfe9284b9b265f19fd6e145e5582dc58fd7271f026d0a47 +size 65457 diff --git a/python-gnupg-0.5.4.tar.gz b/python-gnupg-0.5.4.tar.gz new file mode 100644 index 0000000..6b7b5e7 --- /dev/null +++ b/python-gnupg-0.5.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:f2fdb5fb29615c77c2743e1cb3d9314353a6e87b10c37d238d91ae1c6feae086 +size 65705 diff --git a/python-gnupg-0.5.5.tar.gz b/python-gnupg-0.5.5.tar.gz new file mode 100644 index 0000000..8082f98 --- /dev/null +++ b/python-gnupg-0.5.5.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:3fdcaf76f60a1b948ff8e37dc398d03cf9ce7427065d583082b92da7a4ff5a63 +size 66467 diff --git a/python-python-gnupg.changes b/python-python-gnupg.changes new file mode 100644 index 0000000..aa171b3 --- /dev/null +++ b/python-python-gnupg.changes @@ -0,0 +1,203 @@ +------------------------------------------------------------------- +Thu Aug 14 09:54:33 UTC 2025 - John Paul Adrian Glaubitz + +- Update to 0.5.5 + * Fix #249: Handle fetching GPG version when not the first item in the configuration. + * Fix #250: Capture uid info in a uid_map attribute of ScanKeys/ListKeys. + * Fix #255: Improve handling of exceptions raised in background threads. + +------------------------------------------------------------------- +Mon Feb 17 03:29:13 UTC 2025 - Steve Kowalik + +- Switch to pyproject macros. +- No more greedy globs in %files. + +------------------------------------------------------------------- +Thu Feb 13 10:37:11 UTC 2025 - John Paul Adrian Glaubitz + +- Update to 0.5.4 + * Fix #242: Handle exceptions in the on_data callable. + +------------------------------------------------------------------- +Tue Oct 1 12:42:05 UTC 2024 - Dirk Müller + +- update to 0.5.3: + * Add WKD (Web Key Directory) support for auto-locating keys. + * Ensure local variable is initialized even when an exception + occurs. + * Fix #239: Remove logging of decryption result. + +------------------------------------------------------------------- +Thu Dec 14 20:56:28 UTC 2023 - Dirk Müller + +- update to 0.5.2: + * Fix #228: Clarify documentation for encryption/decryption. + * Make I/O buffer size configurable via ``buffer_size`` attribute + on a ``GPG`` instance. + +------------------------------------------------------------------- +Fri Dec 1 17:09:22 UTC 2023 - Dirk Müller + +- update to 0.5.1: + * Added ``TRUST_EXPIRED`` to ``trust_keys``. Thanks to Leif Liddy + for the patch. + * Fix #206: Remove deprecated ``--always-trust`` in favour of + ``--trust-model always`` + * Fix #208: Add ``status_detail`` attribute to result objects which + * is populated when the status is ``'invalid recipient'`` + (encryption/decryption) or ``'invalid signer'`` + (signing). This attribute will be set when the result object's + ``status`` attribute is set to ``invalid recipient`` and will + contain more information about the failure in the form of + ``reason:ident`` where ``reason`` is a text description of the + reason, and ``ident`` identifies the recipient key. + + * Add ``scan_keys_mem()`` function to scan keys in a string. Thanks + to Sky Moore for the patch. + * Fix #214: Handle multiple signatures when one of them is invalid + or unverified. + * A ``problems`` attribute was added which holds problems reported + by ``gpg`` during verification. This is a list of dictionaries, + one for each reported problem. Each dictionary will have + ``status`` and ``keyid`` keys indicating + the problem and the corresponding key; other information in the + dictionaries will be error specific. + * Fix #217: Use machine-readable interface to query the ``gpg`` + version. + * Added the ability to export keys to a file. + +------------------------------------------------------------------- +Fri May 5 11:10:16 UTC 2023 - Johannes Kastl + +- add sle15_python_module_pythons + +------------------------------------------------------------------- +Sat Sep 17 07:21:39 UTC 2022 - Dirk Müller + +- update to 0.5.0: + * Fixed #181: Added the ability to pass file paths to encrypt_file, decrypt_file, + sign_file, verify_file, get_recipients_file and added import_keys_file. + * Fixed #183: Handle FAILURE and UNEXPECTED conditions correctly. Thanks to sebbASF for + the patch. + * Fixed #185: Handle VALIDSIG arguments more robustly. + * Fixed #188: Remove handling of DECRYPTION_FAILED from Verify code, as not required + there. Thanks to sebbASF for the patch. + * Fixed #190: Handle KEY_CREATED more robustly. + * Fixed #191: Handle NODATA messages during verification. + * Fixed #196: Don't log chunk data by default, as it could contain sensitive + information (during decryption, for example). + * Added the ability to pass an environment to the gpg executable. Thanks to Edvard + Rejthar for the patch. + +------------------------------------------------------------------- +Sat Jun 4 13:54:10 UTC 2022 - Dirk Müller + +- update to 0.4.9: + * Added a status attribute to the returned object from gen_key() + * Provide the ability to add subkeys. + * Add keygrip values to the information collected when keys are listed. + * Added extra_args keyword argument to send_keys(), recv_keys() and + search_keys() to allow passing options relating to key servers. + +------------------------------------------------------------------- +Mon Nov 29 11:57:11 UTC 2021 - Dirk Müller + +- update to 0.4.8: + * Return gpg's return code in all result instances. + * Add check for invalid file objects. + * Provide more useful status message when a secret key is absent. + * Added a get_recipients() API to find the recipients of an encrypted + message without decrypting it. + +------------------------------------------------------------------- +Sun Aug 1 09:24:35 UTC 2021 - Dirk Müller + +- update to 0.4.7: + * Added support for no passphrase during key generation. + * Improved permission-denied test. + * Updated logging to only show partial results. + * Allowed a passphrase to be passed to import_keys(). + +------------------------------------------------------------------- +Wed Aug 5 13:20:26 UTC 2020 - Marketa Calabkova + +- Update to 0.4.6 + * Fixed #128: Added ECC support by changing key generation parameters. (The Key-Length + value isn't added if a curve is specified.) + * More bugfixes. + * Support for Python versions 3.5 and under is discontinued, except for Python 2.7. + +------------------------------------------------------------------- +Tue Sep 10 11:08:04 UTC 2019 - Tomáš Chvátal + +- Update to 0.4.5: + * various bugfixes + +------------------------------------------------------------------- +Wed Apr 17 10:39:48 CEST 2019 - Matej Cepl + +- Switch to pytest runner, which seems to be a way more stable in + providing the results. + +------------------------------------------------------------------- +Thu Jan 24 10:07:27 UTC 2019 - Tomáš Chvátal + +- Enable tests + +------------------------------------------------------------------- +Thu Jan 24 09:31:19 UTC 2019 - Karol Babioch + +- Update to 0.4.4: + * Changed how any return value from the ``on_data`` callable is processed. In + earlier versions, the return value was ignored. In this version, if the + return value is ``False``, the data received from ``gpg`` is not buffered. + Otherwise (if the value is ``None`` or ``True``, for example), the data is + buffered as normal. This functionality can be used to do your own + buffering, or to prevent buffering altogether. The ``on_data`` callable is + also called once with an empty byte-string to signal the end of data from + ``gpg``. + * Added an additional attribute ``check_fingerprint_collisions`` to + ``GPG`` instances, which defaults to ``False``. It seems that ``gpg`` is + happy to have duplicate keys and fingerprints in a keyring, so we can't be + too strict. A user can set this attribute of an instance to ``True`` to + trigger a check for collisions. + * With GnuPG 2.2.7 or later, provide the fingerprint of a signing key for a + failed signature verification, if available. + * For verification where multiple signatures are involved, a mapping of + signature_ids to fingerprint, keyid, username, creation date, creation + timestamp and expiry timestamp is provided. + * Added a check to disallow certain control characters ('\r', '\n', NUL) in + passphrases (CVE-2019-6690 bsc#1123498) + +------------------------------------------------------------------- +Tue Dec 4 12:53:04 UTC 2018 - Matej Cepl + +- Remove superfluous devel dependency for noarch package + +------------------------------------------------------------------- +Wed Jun 13 19:37:41 UTC 2018 - astieger@suse.com + +- uppate to 0.4.3: + * Add --no-verbose to the gpg command line, in case verbose is + specified is gpg.conf. + * This is mitigation against CVE-2018-12020 boo#1096745 +- includes changes from 0.4.2: + * Subkey information is now collected and returned in a + subkey_info dictionary keyed by the subkey's ID + * Add expect_passphrase password for use on GnuPG >= 2.1 when + passing passphrase to gpg via pinentry + * Provid a trust_keys method to allow setting the trust level + for keys + * When the gpg executable is not found, note the path used in the + exception message + * Make error messages nor informational + +------------------------------------------------------------------- +Mon Sep 11 15:33:08 UTC 2017 - jengelh@inai.de + +- Ensure description neutrality. + +------------------------------------------------------------------- +Wed Sep 6 17:29:32 UTC 2017 - toddrme2178@gmail.com + +- Initial version diff --git a/python-python-gnupg.spec b/python-python-gnupg.spec new file mode 100644 index 0000000..0a68e7d --- /dev/null +++ b/python-python-gnupg.spec @@ -0,0 +1,64 @@ +# +# spec file for package python-python-gnupg +# +# Copyright (c) 2025 SUSE LLC +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{?sle15_python_module_pythons} +Name: python-python-gnupg +Version: 0.5.5 +Release: 0 +Summary: A wrapper for the GNU Privacy Guard (GPG or GnuPG) +License: BSD-3-Clause +URL: https://pythonhosted.org/python-gnupg/index.html +Source: https://files.pythonhosted.org/packages/source/p/python-gnupg/python-gnupg-%{version}.tar.gz +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pytest} +BuildRequires: %{python_module setuptools} +BuildRequires: fdupes +BuildRequires: gpg2 +BuildRequires: python-rpm-macros +Requires: gpg2 +Obsoletes: python-gnupg < %{version} +Provides: python-gnupg = %{version} +BuildArch: noarch +%python_subpackages + +%description +This module allows access to GnuPG's key management, +encryption and signature functionality from Python programs. + +%prep +%setup -q -n python-gnupg-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install +%python_expand %fdupes %{buildroot}%{$python_sitelib} + +%check +export NO_EXTERNAL_TESTS=true +%pytest test_gnupg.py + +%files %{python_files} +%license LICENSE.txt +%doc README.rst +%{python_sitelib}/gnupg.py +%pycache_only %{python_sitelib}/__pycache__/gnupg.*.pyc +%{python_sitelib}/python_gnupg-%{version}.dist-info + +%changelog