Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > linux.debian.maint.python > #17503
| Path | csiph.com!pasdenom.info!usenet.goja.nl.eu.org!news.samoylyk.net!gothmog.csi.it!bofh.it!news.nic.it!robomod |
|---|---|
| From | Simon Josefsson <simon@josefsson.org> |
| Newsgroups | linux.debian.maint.python |
| Subject | Re: request for review: python-sigstore-models |
| Date | Thu, 28 May 2026 17:50:01 +0200 |
| Message-ID | <MZL9D-8ylq-7@gated-at.bofh.it> (permalink) |
| References | <MZn7k-8i16-3@gated-at.bofh.it> <MZD2p-8t4Q-3@gated-at.bofh.it> |
| X-Mailbox-Line | From debian-python-request@lists.debian.org Thu May 28 15:46:20 2026 |
| Old-Return-Path | <simon@josefsson.org> |
| X-Amavis-Spam-Status | No, score=-14.4 tagged_above=-10000 required=5.3 tests=[BAYES_00=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FOURLA=0.1, LDO_WHITELIST=-5, PGPSIGNATURE=-5, RCVD_IN_DNSWL_MED=-2.3] autolearn=ham autolearn_force=no |
| X-Policyd-Weight | using cached result; rate: -4.6 |
| Openpgp | id=B1D2BD1375BECB784CF4F8C4D73CF638C53C06BE; url=https://josefsson.org/key-20190320.txt |
| X-Hashcash | 1:23:260528:jcfp@debian.org::DENBK92dVrEU2Uz3:pbEt |
| X-Hashcash | 1:23:260528:debian-python@lists.debian.org::iTBidVlX0NI7ZPDd:fuer |
| User-Agent | Gnus/5.13 (Gnus v5.13) |
| MIME-Version | 1.0 |
| Content-Type | multipart/signed; boundary="=-=-="; micalg=pgp-sha512; protocol="application/pgp-signature" |
| X-Mailing-List | <debian-python@lists.debian.org> archive/latest/23784 |
| List-ID | <debian-python.lists.debian.org> |
| List-URL | <https://lists.debian.org/debian-python/> |
| List-Archive | https://lists.debian.org/msgid-search/87ldd38rjx.fsf@josefsson.org |
| Approved | robomod@news.nic.it |
| Lines | 82 |
| Organization | linux.* mail to news gateway |
| Sender | robomod@news.nic.it |
| X-Original-Cc | debian-python@lists.debian.org |
| X-Original-Date | Thu, 28 May 2026 17:47:14 +0200 |
| X-Original-Message-ID | <87ldd38rjx.fsf@josefsson.org> |
| X-Original-References | <87jysp54uf.fsf@josefsson.org> <20260528070004.16a75481@debian.org> |
| Xref | csiph.com linux.debian.maint.python:17503 |
Show key headers only | View raw
[Multipart message — attachments visible in raw view] - view raw
Jeroen Ploemen <jcfp@debian.org> writes: > On Wed, 27 May 2026 16:01:28 +0200 > Simon Josefsson <simon@josefsson.org> wrote: > >> Hi. >> >> With uv included in Debian, I was able to resume packaging of >> python-sigstore-models. I lack experience with python packaging so >> I would appreciate review of this package before NEW upload: >> >> https://salsa.debian.org/python-team/packages/python-sigstore-models/ >> >> My biggest worry is the lack of upstream self-checks -- >> https://github.com/astral-sh/sigstore-models/issues/3 -- making it >> hard to know if this package is working or not until there are >> consumers of the package (with self-tests). I hope to resume >> packaging of python-sigstore eventually, covering that part: >> https://bugs.debian.org/1084157 > > The upstream repo on github does have tests, it's only the releases > published on pypi that don't. You might want to switch the watch file > to pull from github instead. > > Most issues in the current packaging are related to the lack of > tests, esp. with the package set up as if they actually were present: > * testsuite 'autopkgtest-pkg-pybuild' without build-time tests is the > equivalent of running /bin/true in an autopkgtest context. In that > case, you're better off with autopkgtest-pkg-python (that at least > actually does something, even if superficial). > * build-dep on python3-pydantic is only used while pybuild looks for > unittests that aren't there, and could be ditched if you explicitly > disable tests via 'export PYBUILD_DISABLE=test' in d/rules. > * you should probably build-depend on python3 rather than python3-all > if you're not running any tests on build. > > Obviously, all of the above only applies as long as no tests on run on > build. > > The only other thing that stood out is the unused build-dep on > python3-setuptools. Yay, wonderful, thanks! Fixed in git now, including pulling directly from GitHub instead, so we now have self-tests. I recall seeing self-checks dropped from the pypi tarballs before, so maybe I should make a habit to pull directly from git for future python packages. IIRC the python team policy lead me into the pypi approach. /Simon
Back to linux.debian.maint.python | Previous | Next — Previous in thread | Find similar | Unroll thread
request for review: python-sigstore-models Simon Josefsson <simon@josefsson.org> - 2026-05-27 16:10 +0200
Re: request for review: python-sigstore-models Norwid Behrnd <nbehrnd@yahoo.com> - 2026-05-27 16:20 +0200
Re: request for review: python-sigstore-models Simon Josefsson <simon@josefsson.org> - 2026-05-27 16:40 +0200
Re: request for review: python-sigstore-models Simon Josefsson <simon@josefsson.org> - 2026-05-28 18:10 +0200
Re: request for review: python-sigstore-models Jeroen Ploemen <jcfp@debian.org> - 2026-05-28 09:10 +0200
Re: request for review: python-sigstore-models Simon Josefsson <simon@josefsson.org> - 2026-05-28 17:50 +0200
csiph-web