diff --git a/python-sigstore.changes b/python-sigstore.changes index 255387a..fb8d662 100644 --- a/python-sigstore.changes +++ b/python-sigstore.changes @@ -1,3 +1,12 @@ +------------------------------------------------------------------- +Wed Apr 16 01:48:26 UTC 2025 - Steve Kowalik + +- Update to 3.6.2: + * Fixed issue where a trust root with multiple rekor keys was not considered + valid. + * Upgraded python-tuf dependency to 6.0. + * Updated the embedded TUF root to version 12 + ------------------------------------------------------------------- Tue Jan 21 08:19:18 UTC 2025 - Daniel Garcia diff --git a/python-sigstore.spec b/python-sigstore.spec index d1c0fb8..ca84ef8 100644 --- a/python-sigstore.spec +++ b/python-sigstore.spec @@ -1,7 +1,7 @@ # # spec file for package python-sigstore # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,7 +16,6 @@ # - %if 0%{?suse_version} > 1500 %bcond_without libalternatives %else @@ -25,53 +24,53 @@ %{?sle15_python_module_pythons} Name: python-sigstore -Version: 3.6.1 +Version: 3.6.2 Release: 0 Summary: A tool for signing Python package distributions License: Apache-2.0 URL: https://github.com/sigstore/sigstore-python Source: https://github.com/sigstore/sigstore-python/archive/v%{version}.tar.gz#/sigstore-%{version}.tar.gz -BuildRequires: python-rpm-macros -BuildRequires: %{python_module flit-core >= 3.2} -BuildRequires: %{python_module pip} -BuildRequires: %{python_module rfc3161-client} +BuildRequires: %{python_module PyJWT >= 2.1} BuildRequires: %{python_module cryptography >= 42} +BuildRequires: %{python_module flit-core >= 3.2} BuildRequires: %{python_module id >= 1.1.0} +BuildRequires: %{python_module pip} BuildRequires: %{python_module platformdirs >= 4.2} +BuildRequires: %{python_module pyOpenSSL >= 23.0.0} BuildRequires: %{python_module pyasn1 >= 0.6} BuildRequires: %{python_module pydantic >= 2} -BuildRequires: %{python_module PyJWT >= 2.1} -BuildRequires: %{python_module pyOpenSSL >= 23.0.0} BuildRequires: %{python_module requests} +BuildRequires: %{python_module rfc3161-client} BuildRequires: %{python_module rfc8785 >= 0.1.2} BuildRequires: %{python_module rich >= 13.0} BuildRequires: %{python_module sigstore-protobuf-specs == 0.3.2} BuildRequires: %{python_module sigstore-rekor-types == 0.0.18} -BuildRequires: %{python_module tuf >= 5.0} +BuildRequires: %{python_module tuf >= 6.0} +BuildRequires: python-rpm-macros # SECTION test requirements BuildRequires: %{python_module coverage} -BuildRequires: %{python_module pretend} -BuildRequires: %{python_module pytest} -BuildRequires: %{python_module pytest-cov} BuildRequires: %{python_module importlib_resources if %python-base < 3.11} +BuildRequires: %{python_module pretend} +BuildRequires: %{python_module pytest-cov} +BuildRequires: %{python_module pytest} # /SECTION BuildRequires: fdupes +Requires: python-PyJWT >= 2.1 Requires: python-cryptography >= 42 Requires: python-id >= 1.1.0 Requires: python-platformdirs >= 4.2 +Requires: python-pyOpenSSL >= 23.0.0 Requires: python-pyasn1 >= 0.6 Requires: python-pydantic >= 2 -Requires: python-PyJWT >= 2.1 -Requires: python-pyOpenSSL >= 23.0.0 Requires: python-requests +Requires: python-rfc3161-client Requires: python-rfc8785 >= 0.1.2 Requires: python-rich >= 13.0 Requires: python-sigstore-protobuf-specs == 0.3.2 Requires: python-sigstore-rekor-types == 0.0.18 -Requires: python-tuf >= 5.0 +Requires: python-tuf >= 6.0 Requires: (python-importlib_resources if python-base < 3.11) -Requires: python-rfc3161-client %if %{with libalternatives} BuildRequires: alts Requires: alts diff --git a/sigstore-3.6.2.tar.gz b/sigstore-3.6.2.tar.gz new file mode 100644 index 0000000..2103ad6 --- /dev/null +++ b/sigstore-3.6.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:59f7d6f58a4c55e5fd8b6c8fa7c01ab58960da5c22320c336299a089af2f0dc5 +size 277160