Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package python-pyHanko for openSUSE:Factory checked in at 2026-06-03 20:23:54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/python-pyHanko (Old) and /work/SRC/openSUSE:Factory/.python-pyHanko.new.1937 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "python-pyHanko" Wed Jun 3 20:23:54 2026 rev:8 rq:1356850 version:0.35.1 Changes: -------- --- /work/SRC/openSUSE:Factory/python-pyHanko/python-pyHanko.changes 2026-03-10 17:53:31.168059807 +0100 +++ /work/SRC/openSUSE:Factory/.python-pyHanko.new.1937/python-pyHanko.changes 2026-06-03 20:27:13.661171043 +0200 @@ -1,0 +2,36 @@ +Wed Jun 3 04:03:45 UTC 2026 - Steve Kowalik <[email protected]> + +- Update to 0.35.1: + ## Breaking changes + * Remove support for deprecated LTV validation functionality. Call sites + must be updated to use the AdES validation engine. + * Several low-level API changes in generic_cms to allow refactoring the + timestamp handling code. + ## Dependency changes + * Bump cryptography to 48.0.0. + * Relax upper bound for uharfbuzz to <0.55.0. + * Bump cryptography to 47.0.0. + * Relax upper bound on pytest-cov to <7.2. + * Relax upper bound on certomancer to <0.15. + * Introduce certifi as a mandatory dependency for testing. + ## New features and enhancements + * Signing + + Allow signing with ML-DSA + * Validation + + Allow validating ML-DSA signatures + + Properly support harvesting PoE from multiple signature/content + timestamps in the same signature container. + + Add revinfo archival data to local knowledge. + + Restructure algorithm policy handling. Algorithm policy errors will + typically not bubble up outside the validation engine anymore, but will + instead be reflected in the validation status. + ## Bugs fixed + * Fix /AP positioning on field creation. + * Fix annot dict not being re-serialised on signing when split from form + dictionary. + * Improve error handling in parse_pdf_date. +- Switch back to the PyPi tarball that only contains this package. +- Only build this package, rather than all three, due to upstream sorting + out the sdist mess! + +------------------------------------------------------------------- Old: ---- pyhanko-0.34.1.tar.gz New: ---- pyhanko-0.35.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ python-pyHanko.spec ++++++ --- /var/tmp/diff_new_pack.GBmQYV/_old 2026-06-03 20:27:14.489205393 +0200 +++ /var/tmp/diff_new_pack.GBmQYV/_new 2026-06-03 20:27:14.489205393 +0200 @@ -18,26 +18,24 @@ %{?sle15_python_module_pythons} Name: python-pyHanko -Version: 0.34.1 +Version: 0.35.1 Release: 0 Summary: Tools for stamping and signing PDF files License: MIT URL: https://github.com/MatthiasValvekens/pyHanko -Source: https://github.com/MatthiasValvekens/pyHanko/archive/refs/tags/v%{version}.tar.gz#/pyhanko-%{version}.tar.gz +Source: https://files.pythonhosted.org/packages/source/p/pyhanko/pyhanko-%{version}.tar.gz BuildRequires: %{python_module FontTools >= 4.33.3} BuildRequires: %{python_module Pillow} BuildRequires: %{python_module PyYAML >= 6.0} BuildRequires: %{python_module aiohttp} BuildRequires: %{python_module asn1crypto >= 1.5.1} -BuildRequires: %{python_module base >= 3.9} +BuildRequires: %{python_module base >= 3.10} BuildRequires: %{python_module certomancer} -BuildRequires: %{python_module click >= 8.1.3} BuildRequires: %{python_module cryptography >= 43.0.3} BuildRequires: %{python_module freezegun} BuildRequires: %{python_module lxml >= 5.4} -BuildRequires: %{python_module oscrypto >= 1.1} BuildRequires: %{python_module pip} -BuildRequires: %{python_module platformdirs >= 4.3.8} +BuildRequires: %{python_module pyhanko-certvalidator} BuildRequires: %{python_module pytest-aiohttp} BuildRequires: %{python_module pytest-asyncio} BuildRequires: %{python_module pytest} @@ -53,16 +51,15 @@ BuildRequires: %{python_module xsdata >= 24.4} BuildRequires: fdupes BuildRequires: python-rpm-macros +BuildRequires: softhsm Requires: python-PyYAML >= 6.0 Requires: python-asn1crypto >= 1.5.1 -Requires: python-click >= 8.1.3 Requires: python-cryptography >= 43.0.3 Requires: python-lxml >= 5.4 -Requires: python-oscrypto >= 1.1 -Requires: python-platformdirs >= 4.3.8 +Requires: python-pyhanko-certvalidator Requires: python-requests >= 2.31 Requires: python-tzlocal >= 4.3 -Requires: python-uritools >= 3.0.1 +Suggests: python-xsdata >= 24.4 Suggests: python-FontTools >= 4.33.3 Suggests: python-uharfbuzz >= 0.25 Suggests: python-qrcode >= 7.3.1 @@ -70,10 +67,9 @@ Suggests: python-python-barcode Suggests: python-python-pkcs11 >= 0.9 Suggests: python-aiohttp -Suggests: python-xsdata >= 24.4 Suggests: python-signxml >= 4.2 -Obsoletes: python-pyhanko-certvalidator < %{version} -Provides: python-pyhanko-certvalidator = %{version} +# Also provide lowercase name +Provides: python-pyhanko = %{version}-%{release} Requires(post): update-alternatives Requires(postun): update-alternatives BuildArch: noarch @@ -83,52 +79,36 @@ The lack of open-source CLI tooling to handle digitally signing and stamping PDF files was bothering me, so I went ahead and rolled my own. %prep -%autosetup -p1 -n pyHanko-%{version} +%autosetup -p1 -n pyhanko-%{version} +# We need to run this before the tests, and we don't want to use uv +sed -i '/uv run /d' pyhanko_testing_commons/test_data/data/crypto/testing-ca-setup/pkcs11-setup-certomancer.sh %build -for pkg in pkgs/* ; do -pushd $pkg -# Hardcoded versions -sed -i 's/0.0.0.dev1/%{version}/' pyproject.toml %pyproject_wheel -popd -done %install -for pkg in pkgs/* ; do -pushd $pkg %pyproject_install -popd -done %python_expand %fdupes %{buildroot}%{$python_sitelib} -%python_clone -a %{buildroot}%{_bindir}/pyhanko %check -export PYTHONPATH=$(pwd)/internal/common-test-utils/src -pushd pkgs/pyhanko-certvalidator -%pytest -popd -pushd pkgs/pyhanko-cli -%pytest -popd -pushd pkgs/pyhanko +# intial softhsm configuration +export SOFTHSM2_CONF=/tmp/softhsm.conf +mkdir softhsm_tokens +echo "directories.tokendir = $(pwd)/softhsm_tokens" > $SOFTHSM2_CONF +export CERTOMANCER_CONFIG_PATH="pyhanko_testing_commons/test_data/data/crypto/certomancer.yml" +export SOFTHSM2_MODULE_PATH=$(softhsm2-util --show-config default-pkcs11-lib) +export PKCS11_TEST_MODULE=$SOFTHSM2_MODULE_PATH +PYTHONPATH=%{buildroot}%{python3_sitelib} ./pyhanko_testing_commons/test_data/data/crypto/testing-ca-setup/pkcs11-setup-certomancer.sh # Tests that are skipped or ignored require modules that are not shipped -%pytest --ignore tests/test_csc.py -k 'not (test_pades or test_ts_fetch or test_simple_text_stamp_on_page_with_leaky_graphics_state)' -popd - -%post -%python_install_alternative pyhanko - -%postun -%python_uninstall_alternative pyhanko +donttest="" +if [ $(getconf LONG_BIT) -eq 32 ]; then + donttest="not test_pades" +fi +%pytest --ignore tests/test_csc.py -k "$donttest" %files %{python_files} -%doc pkgs/pyhanko/README.md -%license pkgs/pyhanko/LICENSE -%python_alternative %{_bindir}/pyhanko +%doc README.md +%license LICENSE %{python_sitelib}/pyhanko -%{python_sitelib}/pyhanko_certvalidator %{python_sitelib}/pyhanko-%{version}.dist-info -%{python_sitelib}/pyhanko_certvalidator-%{version}.dist-info -%{python_sitelib}/pyhanko_cli-%{version}.dist-info ++++++ pyhanko-0.34.1.tar.gz -> pyhanko-0.35.1.tar.gz ++++++ /work/SRC/openSUSE:Factory/python-pyHanko/pyhanko-0.34.1.tar.gz /work/SRC/openSUSE:Factory/.python-pyHanko.new.1937/pyhanko-0.35.1.tar.gz differ: char 4, line 1
