Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-josepy for openSUSE:Factory checked in at 2025-11-06 18:14:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-josepy (Old) and /work/SRC/openSUSE:Factory/.python-josepy.new.1980 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-josepy" Thu Nov 6 18:14:32 2025 rev:18 rq:1315904 version:2.2.0 Changes: -------- --- /work/SRC/openSUSE:Factory/python-josepy/python-josepy.changes 2025-04-22 17:29:36.918439108 +0200 +++ /work/SRC/openSUSE:Factory/.python-josepy.new.1980/python-josepy.changes 2025-11-06 18:17:24.334079931 +0100 @@ -1,0 +2,10 @@ +Thu Nov 6 00:12:25 UTC 2025 - Steve Kowalik <[email protected]> + +- Update to 2.2.0: + * Added support for Python 3.14. + * Dropped support for Python 3.9.0 and 3.9.1 for compatibility with newer + versions of the cryptography Python package. Python 3.9.2+ is still + supported. +- Clean up {Build,}Requires. + +------------------------------------------------------------------- Old: ---- josepy-2.0.0.tar.gz New: ---- josepy-2.2.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-josepy.spec ++++++ --- /var/tmp/diff_new_pack.OplDVm/_old 2025-11-06 18:17:25.030109790 +0100 +++ /var/tmp/diff_new_pack.OplDVm/_new 2025-11-06 18:17:25.038110133 +0100 @@ -1,7 +1,7 @@ # # spec file for package python-josepy # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,7 +19,7 @@ %define libname josepy %{?sle15_python_module_pythons} Name: python-%{libname} -Version: 2.0.0 +Version: 2.2.0 Release: 0 Summary: JOSE protocol implementation in Python License: Apache-2.0 @@ -30,15 +30,11 @@ BuildRequires: %{python_module coverage >= 4.0} BuildRequires: %{python_module cryptography >= 1.5} BuildRequires: %{python_module pip} -BuildRequires: %{python_module poetry >= 1.0.8} -BuildRequires: %{python_module pyOpenSSL >= 0.13} +BuildRequires: %{python_module poetry-core >= 2.0.0} BuildRequires: %{python_module pytest >= 2.8.0} -BuildRequires: %{python_module setuptools >= 1.0} -BuildRequires: %{python_module wheel} BuildRequires: fdupes BuildRequires: python-rpm-macros Requires: python-cryptography >= 1.5 -Requires: python-pyOpenSSL >= 0.13 Conflicts: python-acme < 0.21.0 Obsoletes: python-%{libname}-doc BuildArch: noarch @@ -75,7 +71,6 @@ %doc CHANGELOG.rst CONTRIBUTING.md %{python_sitelib}/%{libname} %{python_sitelib}/%{libname}-%{version}.dist-info -%pycache_only %{python_sitelib}/%{libname}/__pycache__ # following the certbot-packaging guide, "jws" should not be packaged %exclude %{_bindir}/jws ++++++ josepy-2.0.0.tar.gz -> josepy-2.2.0.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/CHANGELOG.rst new/josepy-2.2.0/CHANGELOG.rst --- old/josepy-2.0.0/CHANGELOG.rst 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/CHANGELOG.rst 1970-01-01 01:00:00.000000000 +0100 @@ -1,6 +1,20 @@ Changelog ========= +2.2.0 (2025-10-14) +------------------ + +* Support for Python 3.9 has been deprecated and will be removed in the next + scheduled release. + +2.1.0 (2025-07-08) +------------ + +* Added support for Python 3.14. +* Dropped support for Python 3.9.0 and 3.9.1 for compatibility with newer + versions of the cryptography Python package. Python 3.9.2+ is still + supported. + 2.0.0 (2025-02-10) ------------------ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/PKG-INFO new/josepy-2.2.0/PKG-INFO --- old/josepy-2.0.0/PKG-INFO 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/PKG-INFO 1970-01-01 01:00:00.000000000 +0100 @@ -1,21 +1,22 @@ -Metadata-Version: 2.3 +Metadata-Version: 2.4 Name: josepy -Version: 2.0.0 +Version: 2.2.0 Summary: JOSE protocol implementation in Python -License: Apache-2.0 +License-Expression: Apache-2.0 +License-File: LICENSE.txt Author: Certbot Project Author-email: [email protected] -Requires-Python: >=3.9,<4.0 +Requires-Python: >=3.9.2 Classifier: Development Status :: 5 - Production/Stable Classifier: Intended Audience :: Developers -Classifier: License :: OSI Approved :: Apache Software License Classifier: Programming Language :: Python Classifier: Programming Language :: Python :: 3 -Classifier: Programming Language :: Python :: 3.9 Classifier: Programming Language :: Python :: 3.10 Classifier: Programming Language :: Python :: 3.11 Classifier: Programming Language :: Python :: 3.12 Classifier: Programming Language :: Python :: 3.13 +Classifier: Programming Language :: Python :: 3.14 +Classifier: Programming Language :: Python :: 3.9 Classifier: Topic :: Internet :: WWW/HTTP Classifier: Topic :: Security Provides-Extra: docs diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/docs/conf.py new/josepy-2.2.0/docs/conf.py --- old/josepy-2.0.0/docs/conf.py 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/docs/conf.py 1970-01-01 01:00:00.000000000 +0100 @@ -63,9 +63,9 @@ # built documents. # # The short X.Y version. -version = "2.0" +version = "2.2" # The full version, including alpha/beta/rc tags. -release = "2.0.0" +release = "2.2.0" # The language for content autogenerated by Sphinx. Refer to documentation # for a list of supported languages. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/pyproject.toml new/josepy-2.2.0/pyproject.toml --- old/josepy-2.0.0/pyproject.toml 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/pyproject.toml 1970-01-01 01:00:00.000000000 +0100 @@ -1,33 +1,41 @@ # PEP-517 build [build-system] -requires = ["poetry_core>=1.0.8"] +requires = ["poetry_core>=2.2.0"] build-backend = "poetry.core.masonry.api" -# Poetry tooling configuration - -[tool.poetry] +[project] name = "josepy" -version = "2.0.0" +version = "2.2.0" +license = "Apache-2.0" +license-files = ["LICENSE.txt"] description = "JOSE protocol implementation in Python" -license = "Apache License 2.0" +readme = "README.rst" +authors = [{ name = "Certbot Project", email = "[email protected]" }] +# python 3.9.2 is used as a lower bound here because newer versions of +# cryptography dropped support for python 3.9.0 and 3.9.1. see +# https://github.com/pyca/cryptography/pull/12045. when we drop support for +# python 3.9 altogether, this line can be changed to the simpler 'python = "^3.10"'. +# This should be kept in sync with the value of tool.poetry.dependencies.python below. +requires-python = ">=3.9.2" +dynamic = ["classifiers", "dependencies"] + +[project.urls] +Homepage = "https://github.com/certbot/josepy"; + +# Poetry tooling configuration +[tool.poetry] classifiers = [ "Development Status :: 5 - Production/Stable", "Intended Audience :: Developers", - "License :: OSI Approved :: Apache Software License", "Programming Language :: Python", "Programming Language :: Python :: 3", + # Version specific classifiers are added automatically based on requires-python. + # Except for 3.9 since the lower bound is 3.9.2 currently. "Programming Language :: Python :: 3.9", - "Programming Language :: Python :: 3.10", - "Programming Language :: Python :: 3.11", - "Programming Language :: Python :: 3.12", - "Programming Language :: Python :: 3.13", "Topic :: Internet :: WWW/HTTP", "Topic :: Security", ] -homepage = "https://github.com/certbot/josepy"; -authors = ["Certbot Project <[email protected]>"] -readme = "README.rst" include = [ "CHANGELOG.rst", "CONTRIBUTING.md", @@ -35,9 +43,8 @@ ] [tool.poetry.dependencies] -# This should be kept in sync with the value of target-version in our -# configuration for black below. -python = "^3.9" +# This should be kept in sync with the value of project.requires-python above. +python = ">=3.9.2,<4.0" # load_pem_private/public_key (>=0.6) # rsa_recover_prime_factors (>=0.8) # add sign() and verify() to asymetric keys (RSA >=1.4, ECDSA >=1.5) @@ -72,9 +79,6 @@ # Black tooling configuration [tool.black] line-length = 100 -# This should be kept in sync with the version of Python specified in poetry's -# dependencies above. -target-version = ['py39', 'py310', 'py311', 'py312', 'py313'] # Mypy tooling configuration @@ -89,6 +93,8 @@ [tool.pytest.ini_options] filterwarnings = [ "error", + # We ignore our own warning about dropping Python 3.9 support. + "ignore:Python 3.9 support will be dropped:DeprecationWarning", ] norecursedirs = "*.egg .eggs dist build docs .tox" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/src/josepy/__init__.py new/josepy-2.2.0/src/josepy/__init__.py --- old/josepy-2.0.0/src/josepy/__init__.py 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/src/josepy/__init__.py 1970-01-01 01:00:00.000000000 +0100 @@ -26,6 +26,9 @@ """ +import sys +import warnings + # flake8: noqa from josepy.b64 import b64decode, b64encode from josepy.errors import ( @@ -72,3 +75,10 @@ ComparableRSAKey, ImmutableMap, ) + +if sys.version_info[:2] == (3, 9): + warnings.warn( + "Python 3.9 support will be dropped in the next scheduled release of " + "josepy. Please upgrade your Python version.", + DeprecationWarning, + ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/src/josepy/json_util.py new/josepy-2.2.0/src/josepy/json_util.py --- old/josepy-2.0.0/src/josepy/json_util.py 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/src/josepy/json_util.py 1970-01-01 01:00:00.000000000 +0100 @@ -10,6 +10,7 @@ import abc import binascii import logging +import sys from typing import ( Any, Callable, @@ -27,6 +28,9 @@ from josepy import b64, errors, interfaces, util +if sys.version_info >= (3, 14): + import annotationlib + logger = logging.getLogger(__name__) @@ -233,7 +237,19 @@ if isinstance(value, _TypedField): # Ensure the type annotation has been set for the field. # Error out if it is not the case. - if key not in namespace.get("__annotations__", {}): + if "__annotations__" in namespace: + annotations = namespace["__annotations__"] + elif sys.version_info >= (3, 14): + annotate = annotationlib.get_annotate_from_class_namespace(namespace) + if annotate: + annotations = annotationlib.call_annotate_function( + annotate, format=annotationlib.Format.FORWARDREF + ) + else: + annotations = {} + else: + annotations = {} + if key not in annotations: raise ValueError( f"Field `{key}` in JSONObject `{name}` has no type annotation." ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/src/josepy/jws.py new/josepy-2.2.0/src/josepy/jws.py --- old/josepy-2.0.0/src/josepy/jws.py 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/src/josepy/jws.py 1970-01-01 01:00:00.000000000 +0100 @@ -396,8 +396,8 @@ @classmethod def sign(cls, args: argparse.Namespace) -> None: """Sign.""" - key = args.alg.kty.load(args.key.read()) - args.key.close() + with open(args.key, "rb") as fp: + key = args.alg.kty.load(fp.read()) if args.protect is None: args.protect = [] if args.compact: @@ -426,8 +426,8 @@ if args.key is not None: assert args.kty is not None - key = args.kty.load(args.key.read()).public_key() - args.key.close() + with open(args.key, "rb") as fp: + key = args.kty.load(fp.read()).public_key() else: key = None @@ -459,13 +459,13 @@ subparsers = parser.add_subparsers() parser_sign = subparsers.add_parser("sign") parser_sign.set_defaults(func=cls.sign) - parser_sign.add_argument("-k", "--key", type=argparse.FileType("rb"), required=True) + parser_sign.add_argument("-k", "--key", required=True) parser_sign.add_argument("-a", "--alg", type=cls._alg_type, default=jwa.RS256) parser_sign.add_argument("-p", "--protect", action="append", type=cls._header_type) parser_verify = subparsers.add_parser("verify") parser_verify.set_defaults(func=cls.verify) - parser_verify.add_argument("-k", "--key", type=argparse.FileType("rb"), required=False) + parser_verify.add_argument("-k", "--key", required=False) parser_verify.add_argument("--kty", type=cls._kty_type, required=False) parsed = parser.parse_args(args) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/josepy-2.0.0/tests/init_tests.py new/josepy-2.2.0/tests/init_tests.py --- old/josepy-2.0.0/tests/init_tests.py 1970-01-01 01:00:00.000000000 +0100 +++ new/josepy-2.2.0/tests/init_tests.py 1970-01-01 01:00:00.000000000 +0100 @@ -0,0 +1,25 @@ +import importlib +import re +import sys +import warnings + +import pytest + +import josepy + + [email protected](sys.version_info[:2] != (3, 9), reason="requires Python 3.9") +def test_warns() -> None: + with pytest.warns(DeprecationWarning, match=re.escape(r"Python 3.9 support")): + importlib.reload(josepy) + + [email protected](sys.version_info[:2] == (3, 9), reason="requires Python != 3.9") +def test_does_not_warn() -> None: + with warnings.catch_warnings(): + warnings.simplefilter("error") + importlib.reload(josepy) + + +if __name__ == "__main__": + sys.exit(pytest.main(sys.argv[1:] + [__file__])) # pragma: no cover
