Path: csiph.com!news.samoylyk.net!gothmog.csi.it!bofh.it!news.nic.it!robomod From: Simon Josefsson Newsgroups: linux.debian.maint.python Subject: python-sigstore / python-tuf: request for packaging help Date: Thu, 05 Dec 2024 23:40:01 +0100 Message-ID: X-Mailbox-Line: From debian-python-request@lists.debian.org Thu Dec 5 22:39:40 2024 Old-Return-Path: X-Amavis-Spam-Status: No, score=-14.5 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, LDO_WHITELIST=-5, PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no X-Policyd-Weight: using cached result; rate: -4.6 X-Hashcash: 1:23:241205:debian-python@lists.debian.org::1mu2480tN1jGvGlz:7bGG Openpgp: id=B1D2BD1375BECB784CF4F8C4D73CF638C53C06BE; url=https://josefsson.org/key-20190320.txt User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.1 (gnu/linux) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="=-=-="; micalg=pgp-sha256; protocol="application/pgp-signature" X-Mailing-List: archive/latest/22624 List-ID: List-URL: List-Archive: https://lists.debian.org/msgid-search/878qstsqjn.fsf@kaka.sjd.se Approved: robomod@news.nic.it Lines: 73 Organization: linux.* mail to news gateway Sender: robomod@news.nic.it X-Original-Date: Thu, 05 Dec 2024 23:39:24 +0100 X-Original-Message-ID: <878qstsqjn.fsf@kaka.sjd.se> Xref: csiph.com linux.debian.maint.python:16539 --=-=-= Content-Type: text/plain Hi I am new to python debian packaging, and I'm looking for guidance and review my packaging. I'm happy to team-maintain these packages if someone can add me to the salsa group. Right now I am working on python-sigstore and my packaging is here: https://salsa.debian.org/jas/sigstore-python/ as you can see in the pipeline, it currently fails due to lacking tuf: https://salsa.debian.org/jas/sigstore-python/-/jobs/6706412 It seems python-tuf has an old ITP/RFS report here: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=934151 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=931178 I started from scratch on python-tuf with the latest upstream version, instead of trying to understand the old packaging work that I couldn't get to work. Upstream evolved a lot. My packaging is here: https://salsa.debian.org/jas/python-tuf/ The self-tests tries seems to open some files which fails and I suspect it is because srcdir != builddir reasons, or something similar, see errors here: https://salsa.debian.org/jas/python-tuf/-/jobs/6707693 ==================================== ERRORS ==================================== ______________ ERROR collecting tests/test_metadata_generation.py ______________ tests/test_metadata_generation.py:10: in from tests.generated_data.generate_md import generate_all_files tests/generated_data/generate_md.py:60: in os.mkdir(OUT_DIR) E FileNotFoundError: [Errno 2] No such file or directory: 'generated_data/ed25519_metadata' How is this (seamingly common) problem solved normally? Do we copy test data files into the build directory somehow? Do we include them in the package? Do we patch hard-coded paths like this to make it work? If anyone can review my python-tuf and python-sigstore packages, that would be appreciated -- all nit-picks and style advice is most recommended, as I have not worked on python packaging before. Don't assume I understand any of the debian/* content so feel free to question some decision. If you want to build python-tuf locally, it depends on a more recent version of python3-securesystemslib and you can find it here: https://salsa.debian.org/jas/securesystemslib/ https://salsa.debian.org/jas/securesystemslib/-/pipelines/774721 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089125 Thanks, /Simon --=-=-= Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZ1IrnBQcc2ltb25Aam9z ZWZzc29uLm9yZwAKCRBRcisI/kdFonl5AP9407P5j2HjSg1tp72r7+8R0wpQYXJa zOGoZCw6NI2C2AEA/MznxTl3QTIrwm9IkHNZu4jzRhUDFsUmNfs3Eap0tgI= =BMi2 -----END PGP SIGNATURE----- --=-=-=--