From c71a1fcae85bdd95c50c16860d295cb1b7bb65d5f339363220d9276db0e824d0 Mon Sep 17 00:00:00 2001 From: Matej Cepl Date: Fri, 13 Nov 2020 18:54:07 +0000 Subject: [PATCH] - Add wheel subpackage with the generated wheel for this package (bsc#1176262, CVE-2019-20916). - Make wheel a separate build run to avoid the setuptools/wheel build cycle. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-pip?expand=0&rev=84 --- _multibuild | 1 + python-pip.changes | 8 ++++++++ python-pip.spec | 37 +++++++++++++++++++++++++++++++++++-- 3 files changed, 44 insertions(+), 2 deletions(-) diff --git a/_multibuild b/_multibuild index fcc7b97..6222fa7 100644 --- a/_multibuild +++ b/_multibuild @@ -1,3 +1,4 @@ test + wheel diff --git a/python-pip.changes b/python-pip.changes index 37eea89..cf694f9 100644 --- a/python-pip.changes +++ b/python-pip.changes @@ -1,3 +1,11 @@ +------------------------------------------------------------------- +Fri Nov 13 18:51:09 UTC 2020 - Matej Cepl + +- Add wheel subpackage with the generated wheel for this package + (bsc#1176262, CVE-2019-20916). +- Make wheel a separate build run to avoid the setuptools/wheel build + cycle. + ------------------------------------------------------------------- Fri Oct 30 00:18:04 UTC 2020 - Benjamin Greiner diff --git a/python-pip.spec b/python-pip.spec index 3cd55fa..b54ac37 100644 --- a/python-pip.spec +++ b/python-pip.spec @@ -21,9 +21,16 @@ %if "%{flavor}" == "test" %define psuffix -test %bcond_without test +%bcond_with wheel +%else +%if "%{flavor}" == "wheel" +%define psuffix -wheel +%bcond_without wheel %else %define psuffix %{nil} %bcond_with test +%bcond_without wheel +%endif %endif Name: python-pip%{psuffix} Version: 20.2.3 @@ -67,6 +74,9 @@ BuildRequires: ca-certificates BuildRequires: git BuildRequires: subversion %endif +%if %{with wheel} +BuildRequires: %{python_module wheel} +%endif %python_subpackages %description @@ -74,6 +84,15 @@ Pip is a replacement for easy_install. It uses mostly the same techniques for finding packages, so packages that were made easy_installable should be pip-installable as well. +%if %{with wheel} +%package wheel +Summary: Wheels for %{name} +BuildArch: noarch + +%description wheel +Generated wheels for %{name}. +%endif + %prep %setup -q -n pip-%{version} # Unbundling is not advised by upstream. See src/pip/_vendor/README.rst @@ -91,9 +110,13 @@ for f in $(find src -name \*.py -exec grep -l '^#!%{_bindir}/env' {} \;); do done %build +%if ! %{with wheel} %python_build +%else +%python_exec setup.py bdist_wheel --universal +%endif -%if ! %{with test} +%if !%{with test} && !%{with wheel} %install %python_install %python_clone -a %{buildroot}%{_bindir}/pip @@ -103,7 +126,11 @@ rm -f %{buildroot}%{_bindir}/pip3-2* %python_expand %fdupes %{buildroot}%{$python_sitelib} %endif -%if %{with test} +%if %{with wheel} +%python_expand install -D -m 0644 -t %{buildroot}%{$python_sitelib}/../wheels dist/*.whl +%endif + +%if !%{with test} && !%{with wheel} %check export PYTHONPATH=$(pwd)/build/lib # no network on OBS @@ -153,4 +180,10 @@ donttest+=" or test_from_link_vcs_without_source_dir" %{python_sitelib}/pip %endif +%if %{with wheel} +%files %{python_files wheel} +%dir %{python_sitelib}/../wheels +%{python_sitelib}/../wheels/* +%endif + %changelog