From b803d853555f47d5c7ccceeab956d4b3028647bcbbe878b5c347c2af4e90e959 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Tue, 30 Sep 2025 12:32:19 +0000 Subject: [PATCH] - update to 0.10.4: * Fixed a thread-safety issue when configuring the internal `ssl.SSLContext` object. * Added support for the system certificate bundle in Fedora 43 and later. * Release failed to publish to PyPI due to outdated build tools. * Created new release (0.10.3) after updating `build` to 1.2.2.post1. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-truststore?expand=0&rev=15 --- .gitattributes | 23 +++++++++++ .gitignore | 1 + python-truststore.changes | 87 +++++++++++++++++++++++++++++++++++++++ python-truststore.spec | 69 +++++++++++++++++++++++++++++++ truststore-0.10.1.tar.gz | 3 ++ truststore-0.10.4.tar.gz | 3 ++ 6 files changed, 186 insertions(+) create mode 100644 .gitattributes create mode 100644 .gitignore create mode 100644 python-truststore.changes create mode 100644 python-truststore.spec create mode 100644 truststore-0.10.1.tar.gz create mode 100644 truststore-0.10.4.tar.gz diff --git a/.gitattributes b/.gitattributes new file mode 100644 index 0000000..9b03811 --- /dev/null +++ b/.gitattributes @@ -0,0 +1,23 @@ +## Default LFS +*.7z filter=lfs diff=lfs merge=lfs -text +*.bsp filter=lfs diff=lfs merge=lfs -text +*.bz2 filter=lfs diff=lfs merge=lfs -text +*.gem filter=lfs diff=lfs merge=lfs -text +*.gz filter=lfs diff=lfs merge=lfs -text +*.jar filter=lfs diff=lfs merge=lfs -text +*.lz filter=lfs diff=lfs merge=lfs -text +*.lzma filter=lfs diff=lfs merge=lfs -text +*.obscpio filter=lfs diff=lfs merge=lfs -text +*.oxt filter=lfs diff=lfs merge=lfs -text +*.pdf filter=lfs diff=lfs merge=lfs -text +*.png filter=lfs diff=lfs merge=lfs -text +*.rpm filter=lfs diff=lfs merge=lfs -text +*.tbz filter=lfs diff=lfs merge=lfs -text +*.tbz2 filter=lfs diff=lfs merge=lfs -text +*.tgz filter=lfs diff=lfs merge=lfs -text +*.ttf filter=lfs diff=lfs merge=lfs -text +*.txz filter=lfs diff=lfs merge=lfs -text +*.whl filter=lfs diff=lfs merge=lfs -text +*.xz filter=lfs diff=lfs merge=lfs -text +*.zip filter=lfs diff=lfs merge=lfs -text +*.zst filter=lfs diff=lfs merge=lfs -text diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..57affb6 --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +.osc diff --git a/python-truststore.changes b/python-truststore.changes new file mode 100644 index 0000000..04372b0 --- /dev/null +++ b/python-truststore.changes @@ -0,0 +1,87 @@ +------------------------------------------------------------------- +Tue Sep 30 12:32:08 UTC 2025 - Dirk Müller + +- update to 0.10.4: + * Fixed a thread-safety issue when configuring the internal + `ssl.SSLContext` object. + * Added support for the system certificate bundle in Fedora 43 + and later. + * Release failed to publish to PyPI due to outdated build + tools. + * Created new release (0.10.3) after updating `build` to + 1.2.2.post1. + +------------------------------------------------------------------- +Mon Feb 24 10:44:14 UTC 2025 - Dirk Müller + +- update to 0.10.1: + * Fixed the patching of Requests' globally-cached + `ssl.SSLContext` object to work automagically with + ``truststore.inject_into_ssl()`` regardless of import-order. + * Speed up import times by skipping feature-checking for known + Python implementations (CPython and PyPy). + +------------------------------------------------------------------- +Tue Jan 28 10:07:25 UTC 2025 - John Paul Adrian Glaubitz + +- Update to 0.10.0 + * Added support for macOS 10.13 and earlier using the `SecTrustEvaluate` + API. Note that this API doesn't return fine-grained errors like + `SecTrustEvaluateWithError` (requires macOS 10.14+). + * Added `SSLContext.set_default_verify_paths()` method. + * Changed method for disabling hostname verification for macOS and + Windows. Previously would ignore hostname verification errors if + `SSLContext.check_hostname` was `False`. + Now for both macOS and Windows the certificate verification policy + is configured to not check certificate hostname. This should have + no effect on users. +- from version 0.9.2 + * Fixed an issue where implementations supporting Python 3.10 but not + the peer certificate chain APIs would fail during the handshake instead + of when importing the `truststore` module. The module now raises an error + immediately instead of on first handshake. This was added for the GraalPy + implementation specifically, but there may be others. +- Skip test_wrong_host_succeeds_with_hostname_verification_disabled test + +------------------------------------------------------------------- +Thu Oct 3 05:43:57 UTC 2024 - Steve Kowalik + +- Add missing BuildRequires on pyOpenSSL for the testsuite, rather than + depending on it transitivity. + +------------------------------------------------------------------- +Wed Aug 14 05:38:45 UTC 2024 - Steve Kowalik + +- Update to 0.9.1: + * Fixed an issue for CPython 3.13 where `ssl.SSLSocket` and `ssl.SSLObject` + certificate chain APIs would return different types. + * Added support for Python 3.13. + * Fixed loading additional certificates on macOS. +- Drop patch no-network-testing.patch, not required. + +------------------------------------------------------------------- +Sat Mar 2 08:02:57 UTC 2024 - Andreas Schneider + +- Use sle15_python_module_pythons + +------------------------------------------------------------------- +Fri Sep 29 17:56:07 UTC 2023 - Ondřej Súkup + +- update to 0.8.0 +- refresh no-network-testing.patch + * Added documentation for how to use truststore with urllib3, + Requests, aiohttp, and pip. + * Added pass-through implementations for many ssl.SSLContext methods + like load_cert_chain(), set_alpn_protocols(), etc. + * Added inject_into_ssl() and extract_from_ssl() to enable Truststore + for all packages using ssl.SSLContext automatically + * Added support for setting check_hostname, verify_mode, and verify_flags. + * Fixed issue where a RecursionError that would be raised when setting + SSLContext.minimum_version or .maximum_version + +------------------------------------------------------------------- +Thu Jul 28 15:00:19 UTC 2022 - Matej Cepl + +- Initial packaging effort for truststore 0.4.0. +- Add no-network-testing.patch to skip networked tests + (gh#sethmlarson/truststore#65). diff --git a/python-truststore.spec b/python-truststore.spec new file mode 100644 index 0000000..36ce74d --- /dev/null +++ b/python-truststore.spec @@ -0,0 +1,69 @@ +# +# spec file for package python-truststore +# +# Copyright (c) 2025 SUSE LLC and contributors +# +# All modifications and additions to the file contributed by third parties +# remain the property of their copyright owners, unless otherwise agreed +# upon. The license for this file, and modifications and additions to the +# file, is the same license as for the pristine package itself (unless the +# license for the pristine package is not an Open Source License, in which +# case the license is the MIT License). An "Open Source License" is a +# license that conforms to the Open Source Definition (Version 1.9) +# published by the Open Source Initiative. + +# Please submit bugfixes or comments via https://bugs.opensuse.org/ +# + + +%{?sle15_python_module_pythons} +Name: python-truststore +Version: 0.10.4 +Release: 0 +Summary: Verify certificates using OS trust stores +License: MIT +URL: https://github.com/sethmlarson/truststore +Source: https://github.com/sethmlarson/truststore/archive/refs/tags/v%{version}.tar.gz#/truststore-%{version}.tar.gz +BuildRequires: %{python_module aiohttp} +BuildRequires: %{python_module flaky} +BuildRequires: %{python_module flit-core} +BuildRequires: %{python_module httpx} +BuildRequires: %{python_module pip} +BuildRequires: %{python_module pyOpenSSL} +BuildRequires: %{python_module pytest-asyncio} +BuildRequires: %{python_module pytest-httpserver} +BuildRequires: %{python_module pytest} +BuildRequires: %{python_module requests} +BuildRequires: %{python_module trustme} +BuildRequires: %{python_module urllib3} +BuildRequires: %{python_module wheel} +BuildRequires: fdupes +BuildRequires: python-rpm-macros +BuildArch: noarch +%python_subpackages + +%description +Verify certificates using OS trust stores. Supports macOS, +Windows, and Linux (with OpenSSL). This project should be +considered experimental. + +%prep +%autosetup -p1 -n truststore-%{version} + +%build +%pyproject_wheel + +%install +%pyproject_install +%python_expand %fdupes %{buildroot}%{$python_sitelib} + +%check +%pytest -s -k 'not internet and not test_wrong_host_succeeds_with_hostname_verification_disabled' + +%files %{python_files} +%doc README.md +%license LICENSE +%{python_sitelib}/truststore +%{python_sitelib}/truststore-%{version}.dist-info + +%changelog diff --git a/truststore-0.10.1.tar.gz b/truststore-0.10.1.tar.gz new file mode 100644 index 0000000..5fee1bb --- /dev/null +++ b/truststore-0.10.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:a470d2763875f9b9a148d5726af330d15b65d2a83f70610c262de8888ee94b4e +size 29120 diff --git a/truststore-0.10.4.tar.gz b/truststore-0.10.4.tar.gz new file mode 100644 index 0000000..36746cf --- /dev/null +++ b/truststore-0.10.4.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:206df24198a4a1257e3f9d9a02bbf09a526211d59fcc5f9f7e9b71b5079a9aa9 +size 30349