Package: dput
Version: 0.11.0
Severity: normal
Tags: patch
Thanks for resolving #835598 by switching to a python wrapper of
gpgme. Alas, the ecosystem for using gpg from python is a cluttered
one and it's easy to settle on a problematic choice.
The "gpg" python module is maintained by the upstream maintainers of
GPGME and is now released with each new version of GPGME. The "gpgme"
python module is maintained by a third party, and has lagged behind
gpgme development, including having difficulty working with newer
versions of GnuPG itself.
It makes more sense to rely in a consolidated way on the active
upstream maintainers where possible.
The attached cleanup/migration patch is mostly cleanup of the very
extensive test suite to more closely match how python-gpg maps to the
GPGME interface.
I've also pushed it to the use-upstream-maintained-gpg-python-module
branch on https://anonscm.debian.org/git/collab-maint/dput.git should
you prefer to pull it directly from there.
Regards,
--dkg
-- System Information:
Debian Release: stretch/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing'), (200,
'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1,
'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.8.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
>From 0826424165d542e8d1248f94f07efd55840871a8 Mon Sep 17 00:00:00 2001
From: Daniel Kahn Gillmor
Date: Wed, 23 Nov 2016 17:52:35 -0500
Subject: [PATCH] Convert from "gpgme" python module to "gpg" python module
The "gpg" python module is maintained by the upstream maintainers of
GPGME and is now released with each new version of GPGME. The "gpgme"
python module is maintained externally, and has lagged behind gpgme
development.
It makes more sense to rely in a consolidated way on the active
upstream maintainers where possible.
---
debian/control | 2 +-
debian/pydist-overrides | 5 --
dput/crypto.py | 29 +
dput/dput.py| 2 +-
setup.py| 4 +-
test/test_crypto.py | 161 +---
test/test_dput.py | 4 +-
7 files changed, 103 insertions(+), 104 deletions(-)
delete mode 100644 debian/pydist-overrides
diff --git a/debian/control b/debian/control
index 3b3310b..bae5b9e 100644
--- a/debian/control
+++ b/debian/control
@@ -9,7 +9,7 @@ Build-Depends-Indep:
python-testscenarios,
python-httpretty,
python-debian,
-python-gpgme,
+python-gpg,
python-setuptools,
python (>= 2.7),
debconf-utils (>= 1.1.1),
diff --git a/debian/pydist-overrides b/debian/pydist-overrides
deleted file mode 100644
index 704af8e..000
--- a/debian/pydist-overrides
+++ /dev/null
@@ -1,5 +0,0 @@
-# debian/pydist-overrides
-# Mapping from distribution name to Debian package name.
-# Documentation: ‘/usr/share/doc/dh-python/README.PyDist’.
-
-pygpgme python-gpgme; PEP386
diff --git a/dput/crypto.py b/dput/crypto.py
index c527eda..f84f195 100644
--- a/dput/crypto.py
+++ b/dput/crypto.py
@@ -13,13 +13,13 @@ from __future__ import (absolute_import, unicode_literals)
import sys
-import gpgme
+import gpg,gpg.results
def characterise_signature(signature):
""" Make a phrase characterising a GnuPG signature.
-:param signature: A `gpgme.Signature` instance.
+:param signature: A `gpg.results.Signature` instance.
:return: A simple text phrase characterising the `signature`.
* If the signature is valid, the result is "valid".
@@ -29,11 +29,11 @@ def characterise_signature(signature):
"""
text = "UNKNOWN"
-if (signature.summary & gpgme.SIGSUM_VALID):
+if (signature.summary & gpg.constants.SIGSUM_VALID):
text = "valid"
-elif (signature.summary & gpgme.SIGSUM_RED):
+elif (signature.summary & gpg.constants.SIGSUM_RED):
text = "bad"
-elif (signature.summary & gpgme.SIGSUM_GREEN):
+elif (signature.summary & gpg.constants.SIGSUM_GREEN):
text = "good"
return text
@@ -42,7 +42,7 @@ def characterise_signature(signature):
def describe_signature(signature):
""" Make a message describing a GnuPG signature.
-:param signature: A `gpgme.Signature` instance.
+:param signature: A `gpg.result.Signature` instance.
:return: A text description of the salient points of the
`signature`.
@@ -65,26 +65,25 @@ def check_file_signature(infile):
:param infile: The file containing a signed message.
:return: ``None``.
-:raise gpgme.GpgmeError: When the signature verification fails.
+:raise gpg.errors.GPGMEError: When the signature verification fails.
The `infile` is a file-like object, open for reading, that
contains a