diff options
| author | Michał Górny <mgorny@gentoo.org> | 2025-04-06 07:38:12 +0200 |
|---|---|---|
| committer | Michał Górny <mgorny@gentoo.org> | 2025-04-06 07:38:12 +0200 |
| commit | 32aea4bd6cccf99ffc7054d01e54960d598edeba (patch) | |
| tree | 754c23eb09c549a2aac908ab70d598cd7c7e9ffd /dev-python | |
| parent | d078d0f4c0f9cdac99ef7bece398b1658fa7bf08 (diff) | |
| download | gentoo-32aea4bd6cccf99ffc7054d01e54960d598edeba.tar.gz gentoo-32aea4bd6cccf99ffc7054d01e54960d598edeba.tar.bz2 gentoo-32aea4bd6cccf99ffc7054d01e54960d598edeba.zip | |
dev-python/pypi-attestations: New package, v0.0.23
A new package that can be used to verify the "attestations"
(i.e. signatures) of published PyPI uploads.
Signed-off-by: Michał Górny <mgorny@gentoo.org>
Diffstat (limited to 'dev-python')
| -rw-r--r-- | dev-python/pypi-attestations/Manifest | 1 | ||||
| -rw-r--r-- | dev-python/pypi-attestations/metadata.xml | 12 | ||||
| -rw-r--r-- | dev-python/pypi-attestations/pypi-attestations-0.0.23.ebuild | 38 |
3 files changed, 51 insertions, 0 deletions
diff --git a/dev-python/pypi-attestations/Manifest b/dev-python/pypi-attestations/Manifest new file mode 100644 index 000000000000..1fcecc0b06c9 --- /dev/null +++ b/dev-python/pypi-attestations/Manifest @@ -0,0 +1 @@ +DIST pypi_attestations-0.0.23.tar.gz 124046 BLAKE2B 9545680499dcee9241012b9c5e9a86368fc17db0608f0635fa1234769df51d78364fd1b202cb22c155ef6fec5f9ff6877bc996f68d64bbe98c10f680df2ff6db SHA512 1df039d715992b5d5e40fffee9982cf73c950f33ef5b8251382192d29f0652f24d868f83887cf394dfd1a7166b5d98a5fab51812987a9cc49f67ee548772929a diff --git a/dev-python/pypi-attestations/metadata.xml b/dev-python/pypi-attestations/metadata.xml new file mode 100644 index 000000000000..aa810c8f44b7 --- /dev/null +++ b/dev-python/pypi-attestations/metadata.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "https://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer type="project"> + <email>python@gentoo.org</email> + </maintainer> + <stabilize-allarches/> + <upstream> + <remote-id type="github">trailofbits/pypi-attestations</remote-id> + <remote-id type="pypi">pypi-attestations</remote-id> + </upstream> +</pkgmetadata> diff --git a/dev-python/pypi-attestations/pypi-attestations-0.0.23.ebuild b/dev-python/pypi-attestations/pypi-attestations-0.0.23.ebuild new file mode 100644 index 000000000000..ece5b2ff6650 --- /dev/null +++ b/dev-python/pypi-attestations/pypi-attestations-0.0.23.ebuild @@ -0,0 +1,38 @@ +# Copyright 2025 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +DISTUTILS_USE_PEP517=setuptools +PYTHON_COMPAT=( python3_{10..12} ) + +inherit distutils-r1 pypi + +DESCRIPTION="Convert between Sigstore Bundles and PEP-740 Attestation objects" +HOMEPAGE=" + https://github.com/trailofbits/pypi-attestations/ + https://pypi.org/project/pypi-attestations/ +" + +LICENSE="MIT" +SLOT="0" +KEYWORDS="~amd64" + +RDEPEND=" + dev-python/cryptography[${PYTHON_USEDEP}] + dev-python/packaging[${PYTHON_USEDEP}] + =dev-python/pyasn1-0.6*[${PYTHON_USEDEP}] + >=dev-python/pydantic-2.10.0[${PYTHON_USEDEP}] + dev-python/requests[${PYTHON_USEDEP}] + dev-python/rfc3986[${PYTHON_USEDEP}] + <dev-python/sigstore-3.7[${PYTHON_USEDEP}] + dev-python/sigstore-protobuf-specs[${PYTHON_USEDEP}] +" +BDEPEND=" + dev-python/setuptools-scm[${PYTHON_USEDEP}] + test? ( + dev-python/pretend[${PYTHON_USEDEP}] + ) +" + +distutils_enable_tests pytest |