Accepting request 1219775 from home:dgarcia:branches:security

- Move not mandatory requirements to Suggests
- Update to version 1.1.0:
  * SigstoreSigner: Re-enable compatibility with Sigstore (#781)
- 1.0.0:
  Added
  * Signer: add public_key attribute to interface (#756)
  * VaultSigner: Signer implementation for HashiCorp Vault (#800)
  * CryptoSigner: support ecdsa keytype that is no longer in spec (#711)
  * CryptoSigner: add private_bytes property (#799)
  * CryptoSigner: add "file2" signer uri (#759)
  * test: use localstack to test AWSSigner (#777)
  Removed
  * CryptoSigner: remove "file" signer uri (#759)
  * migration script for legacy keys (#770)
  * SSlibSigner class and *_securesystemslib_key methods (#771)
  * legacy key key*, interface, util and schema modules (#772, #773, #776)
  * unused functions in hash, and formats module (#774, #776)
  * unused global key constants (#806)
  Changed
  * SSlibKey: strengthen input validation (#780, #795)
  * AWSSigner: support default scheme and add stronger input validation (#724, #778)
  * dsse: change Envelope.signatures type to dict (#743)
  * vendor: update ed25519 copy (#793)
  * docs: improve user and contributor docs (#744, #745, #746, #749, #759, #796)
  * test: improve and temporarily disable SigstoreSigner test (#779, #785)
  * ci: use dependabot groups, update weekly (#735)
  * ci: test macOS and Windows on latest Python only (#797)
  * Make securessystemslib.gpg internal (#792)
  Fixed
  * Fix check-upstream-ed25519 workflow permission (#706)

OBS-URL: https://build.opensuse.org/request/show/1219775
OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-securesystemslib?expand=0&rev=6

python-securesystemslib.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package python-securesystemslib
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,28 +17,24 @@
 
 
 Name:           python-securesystemslib
-Version:        0.21.0
+Version:        1.1.0
 Release:        0
 License:        MIT
 Summary:        Cryptographic and general routines for Secure Systems Lab
 URL:            https://github.com/secure-systems-lab/securesystemslib
 Source:         securesystemslib-%{version}.tar.xz
-# PATCH-FIX-UPSTREAM Contained in debian/patches directory
-Patch0:         use_python3_interpreter_in_tests.diff
-BuildRequires:  %{python_module PyNaCl}
+BuildRequires:  %{python_module PyKCS11}
 BuildRequires:  %{python_module asn1crypto}
 BuildRequires:  %{python_module cryptography >= 3.3.2}
 BuildRequires:  %{python_module ed25519}
 BuildRequires:  %{python_module hatchling}
 BuildRequires:  %{python_module pip}
 BuildRequires:  %{python_module pytest}
-BuildRequires:  %{python_module setuptools}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
-Requires:       python-PyNaCl
-Requires:       python-asn1crypto
-Requires:       python-colorama
-Requires:       python-cryptography >= 3.3.2
+Suggests:       python-asn1crypto
+Suggests:       python-cryptography
+Suggests:       python-PyKCS11
 
 BuildArch:      noarch
 %python_subpackages
@@ -48,16 +44,25 @@ Cryptographic and general-purpose routines for Secure Systems Lab projects at NY
 
 %prep
 %autosetup -p1 -n securesystemslib-%version
+# Remove exec permission from python scripts
+find . -type f -name *.py -exec chmod 0644 {} \;
 
 %build
-%python_build
+%pyproject_wheel
 
 %install
-%python_install
+%pyproject_install
+# Remove not needed files
+%{python_expand #
+rm -rf %{buildroot}%{$python_sitelib}/securesystemslib/_vendor/ed25519/.gitignore
+}
 %python_expand %fdupes %{buildroot}%{$python_sitelib}
 
 %check
-%pytest -k 'not (test_ed25519_kat or test_checkparams)'
+donttest="test_ed25519_kat or test_checkparams"
+# spinhcs+ key support requires the pyspx library
+donttest+=" or test_sphincs"
+%pytest -k "not ($donttest)"
 
 %files %{python_files}
 %{python_sitelib}/securesystemslib