[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: 7e1e27390394fa64b6c44e87a8c3e737ce9ef2e4
Author: Sam James gentoo org>
AuthorDate: Fri Nov 25 07:10:42 2022 +
Commit: Sam James gentoo org>
CommitDate: Fri Nov 25 07:10:42 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7e1e2739
dev-python/certifi: use importlib
This avoids breaking arbitrary packages on the system because they
happen to use certifi, as certifi will pick up if any other packages
on the system have an unsatisfied requirement - which is often
bogus.
Bug: https://bugs.gentoo.org/826874
Bug: https://bugs.gentoo.org/854294
Bug: https://bugs.gentoo.org/878035
Closes: https://bugs.gentoo.org/878045
Signed-off-by: Sam James gentoo.org>
dev-python/certifi/certifi-3021.3.16-r3.ebuild | 55 +++
.../files/certifi-3021.3.16-use-importlib.patch| 164 +
2 files changed, 219 insertions(+)
diff --git a/dev-python/certifi/certifi-3021.3.16-r3.ebuild
b/dev-python/certifi/certifi-3021.3.16-r3.ebuild
new file mode 100644
index ..a36a91db931b
--- /dev/null
+++ b/dev-python/certifi/certifi-3021.3.16-r3.ebuild
@@ -0,0 +1,55 @@
+# Copyright 1999-2022 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+# please keep this ebuild at EAPI 7 -- sys-apps/portage dep
+EAPI=7
+
+DISTUTILS_USE_PEP517=setuptools
+PYTHON_COMPAT=( python3_{8..11} pypy3 )
+
+inherit distutils-r1
+
+MY_P=certifi-system-store-${PV}
+DESCRIPTION="A certifi hack to use system trust store on Linux/FreeBSD"
+HOMEPAGE="
+ https://github.com/tiran/certifi-system-store/
+ https://pypi.org/project/certifi-system-store/
+"
+SRC_URI="
+ https://github.com/tiran/certifi-system-store/archive/v${PV}.tar.gz
+ -> ${MY_P}.tar.gz
+"
+S=${WORKDIR}/${MY_P}
+
+LICENSE="MPL-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~m68k ~mips ~ppc ~ppc64
~riscv ~s390 ~sparc ~x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos
~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+
+RDEPEND="
+ app-misc/ca-certificates
+ dev-python/setuptools[${PYTHON_USEDEP}]
+"
+
+PATCHES=(
+ "${FILESDIR}"/${P}-use-importlib.patch
+)
+
+EPYTEST_IGNORE=(
+ # requires Internet
+ tests/test_requests.py
+)
+
+distutils_enable_tests pytest
+
+src_prepare() {
+ sed -i -e "s^/etc^${EPREFIX}/etc^" src/certifi/core.py || die
+ distutils-r1_src_prepare
+}
+
+python_compile() {
+ distutils-r1_python_compile
+ cd "${BUILD_DIR}/install$(python_get_sitedir)" || die
+ local distinfo=( certifi_system_store*.dist-info )
+ [[ -d ${distinfo} ]] || die
+ ln -v -s "${distinfo}" "${distinfo/_system_store}" || die
+}
diff --git a/dev-python/certifi/files/certifi-3021.3.16-use-importlib.patch
b/dev-python/certifi/files/certifi-3021.3.16-use-importlib.patch
new file mode 100644
index ..3028bfcb99cf
--- /dev/null
+++ b/dev-python/certifi/files/certifi-3021.3.16-use-importlib.patch
@@ -0,0 +1,164 @@
+1.
https://github.com/tiran/certifi-system-store/commit/6945f34b7be433dbf22946825cdb225d5d2136d5
+2. https://github.com/tiran/certifi-system-store/pull/21
+
+Avoid repeated instances of https://bugs.gentoo.org/878045 when a package
+has too-strict requirements and then affects other, unrelated Python
+packages on the system.
+
+From 6945f34b7be433dbf22946825cdb225d5d2136d5 Mon Sep 17 00:00:00 2001
+From: Christian Heimes
+Date: Tue, 16 Mar 2021 16:00:08 +0100
+Subject: [PATCH] Relax patch checks (#13)
+
+- only check that version matches, not files are identical
+- compare base directories with samefile. This fixes a problem with
+ lib64 symlink in virtual envs.
+
+Signed-off-by: Christian Heimes
+--- a/src/certifi/_patch.py
b/src/certifi/_patch.py
+@@ -28,7 +28,7 @@ def _patch_dist_info():
+ except pkg_resources.DistributionNotFound:
+ pass
+ else:
+-if os.path.samefile(css_dist.egg_info, certifi_dist.egg_info):
++if certifi_dist.version == css_dist.version:
+ return False, css_dist.egg_info, certifi_dist.egg_info
+ else:
+ # blow away certifi's dist-info
+@@ -55,7 +55,9 @@ def _patch_dist_info():
+ certifi_dir = os.path.dirname(os.path.abspath(__file__))
+ dist_dir = os.path.abspath(certifi_dist.egg_info)
+
+-if os.path.dirname(certifi_dir) != os.path.dirname(dist_dir):
++# compare with samefile instead of string comparison to avoid false
++# negatives caused by venv lib64 / lib symlinks
++if not os.path.samefile(os.path.dirname(certifi_dir),
os.path.dirname(dist_dir)):
+ raise RuntimeError(
+ f"'{certifi_dir} and {dist_dir} have different parent
directories."
+ )
+
+From cdec6d20b5d716d9853e72a1519a304070395498 Mon Sep 17 00:00:00 2001
+From: Christian Heimes
+Date: Wed, 22 Jun 2022 10:08:18 +0200
+Subject: [PATCH] Use importlib on Python 3.8+
+
+--- a/setup.cfg
b/setup.cfg
+@@ -38,8 +40,9
[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: 4989b28d138b650e5bd1ca9d0a84b53c967f710f
Author: Michał Górny gentoo org>
AuthorDate: Fri Jun 10 06:26:53 2022 +
Commit: Michał Górny gentoo org>
CommitDate: Fri Jun 10 06:54:16 2022 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4989b28d
dev-python/certifi: Remove old
Signed-off-by: Michał Górny gentoo.org>
dev-python/certifi/certifi-3021.3.16-r1.ebuild | 60 --
.../files/certifi-3021.3.16-setuptools.patch | 21
2 files changed, 81 deletions(-)
diff --git a/dev-python/certifi/certifi-3021.3.16-r1.ebuild
b/dev-python/certifi/certifi-3021.3.16-r1.ebuild
deleted file mode 100644
index cc5fde7ec874..
--- a/dev-python/certifi/certifi-3021.3.16-r1.ebuild
+++ /dev/null
@@ -1,60 +0,0 @@
-# Copyright 1999-2022 Gentoo Authors
-# Distributed under the terms of the GNU General Public License v2
-
-# please keep this ebuild at EAPI 7 -- sys-apps/portage dep
-EAPI=7
-
-PYTHON_COMPAT=( python3_{8..10} pypy3 )
-DISTUTILS_USE_SETUPTOOLS=rdepend
-inherit distutils-r1
-
-MY_P=certifi-system-store-${PV}
-DESCRIPTION="A certifi hack to use system trust store on Linux/FreeBSD"
-HOMEPAGE="
- https://github.com/tiran/certifi-system-store/
- https://pypi.org/project/certifi-system-store/;
-SRC_URI="
- https://github.com/tiran/certifi-system-store/archive/v${PV}.tar.gz
- -> ${MY_P}.tar.gz"
-S=${WORKDIR}/${MY_P}
-
-LICENSE="MPL-2.0"
-SLOT="0"
-KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~loong ~m68k ~mips ppc ppc64
~riscv ~s390 sparc x86 ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos
~x64-macos ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
-
-RDEPEND="app-misc/ca-certificates"
-
-PATCHES=(
- "${FILESDIR}"/${PN}-3021.3.16-setuptools.patch
-)
-
-EPYTEST_IGNORE=(
- # requires Internet
- tests/test_requests.py
-)
-
-distutils_enable_tests --install pytest
-
-src_prepare() {
- sed -i -e "s^/etc^${EPREFIX}/etc^" src/certifi/core.py || die
- distutils-r1_src_prepare
-}
-
-symlink_info() {
- pushd "${1}" >/dev/null || die
- local egginfo=( certifi_system_store*.egg-info )
- [[ -d ${egginfo} ]] || die
- ln -v -s "${egginfo}" "${egginfo/_system_store}" || die
- popd >/dev/null || die
-}
-
-python_test() {
- distutils_install_for_testing
- symlink_info "${TEST_DIR}"/lib
- epytest
-}
-
-python_install() {
- distutils-r1_python_install
- symlink_info "${D}$(python_get_sitedir)"
-}
diff --git a/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
b/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
deleted file mode 100644
index 57154fd0eed9..
--- a/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
+++ /dev/null
@@ -1,21 +0,0 @@
-https://github.com/tiran/certifi-system-store/pull/17
-https://bugs.gentoo.org/822777
-
-From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?=
-Date: Tue, 23 Nov 2021 15:56:33 +0100
-Subject: [PATCH] Add missing install_requires on setuptools
-
-This package is using pkg_resources explicitly, it should therefore
-declare an explicit dependency on setuptools. The missing dependency
-has lead me to actually miss the runtime dependency which caused issues
-for Gentoo users for whom setuptools were cleaned.
a/setup.cfg
-+++ b/setup.cfg
-@@ -40,6 +40,7 @@ zip_safe = True
- setup_requires = setuptools
- # hack to prevent installation on unsupported platforms Windows and macOS
- install_requires =
-+setuptools
- certifi-system-store > 4000; sys_platform == "win32" or sys_platform ==
"darwin"
- python_requires = >=3.6
-
[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: ee35be1dc88fca67d3845bf583d886912ca9bb73
Author: Sam James gentoo org>
AuthorDate: Tue Dec 21 02:13:40 2021 +
Commit: Sam James gentoo org>
CommitDate: Tue Dec 21 02:14:41 2021 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ee35be1d
dev-python/certifi: needs setuptools at runtime
Bug: https://github.com/tiran/certifi-system-store/pull/17
Closes: https://bugs.gentoo.org/822777
Signed-off-by: Sam James gentoo.org>
...3021.3.16.ebuild => certifi-3021.3.16-r1.ebuild} | 7 ++-
.../files/certifi-3021.3.16-setuptools.patch| 21 +
2 files changed, 27 insertions(+), 1 deletion(-)
diff --git a/dev-python/certifi/certifi-3021.3.16.ebuild
b/dev-python/certifi/certifi-3021.3.16-r1.ebuild
similarity index 93%
rename from dev-python/certifi/certifi-3021.3.16.ebuild
rename to dev-python/certifi/certifi-3021.3.16-r1.ebuild
index eedb8a3a3354..6019af2a84af 100644
--- a/dev-python/certifi/certifi-3021.3.16.ebuild
+++ b/dev-python/certifi/certifi-3021.3.16-r1.ebuild
@@ -5,6 +5,7 @@
EAPI=7
PYTHON_COMPAT=( python3_{8..10} pypy3 )
+DISTUTILS_USE_SETUPTOOLS=rdepend
inherit distutils-r1
MY_P=certifi-system-store-${PV}
@@ -23,13 +24,17 @@ KEYWORDS="~alpha amd64 arm arm64 hppa ~ia64 ~m68k ~mips ppc
ppc64 ~riscv ~s390 s
RDEPEND="app-misc/ca-certificates"
-distutils_enable_tests --install pytest
+PATCHES=(
+ "${FILESDIR}"/${PN}-3021.3.16-setuptools.patch
+)
EPYTEST_IGNORE=(
# requires Internet
tests/test_requests.py
)
+distutils_enable_tests --install pytest
+
src_prepare() {
sed -i -e "s^/etc^${EPREFIX}/etc^" src/certifi/core.py || die
distutils-r1_src_prepare
diff --git a/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
b/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
new file mode 100644
index ..57154fd0eed9
--- /dev/null
+++ b/dev-python/certifi/files/certifi-3021.3.16-setuptools.patch
@@ -0,0 +1,21 @@
+https://github.com/tiran/certifi-system-store/pull/17
+https://bugs.gentoo.org/822777
+
+From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?=
+Date: Tue, 23 Nov 2021 15:56:33 +0100
+Subject: [PATCH] Add missing install_requires on setuptools
+
+This package is using pkg_resources explicitly, it should therefore
+declare an explicit dependency on setuptools. The missing dependency
+has lead me to actually miss the runtime dependency which caused issues
+for Gentoo users for whom setuptools were cleaned.
+--- a/setup.cfg
b/setup.cfg
+@@ -40,6 +40,7 @@ zip_safe = True
+ setup_requires = setuptools
+ # hack to prevent installation on unsupported platforms Windows and macOS
+ install_requires =
++setuptools
+ certifi-system-store > 4000; sys_platform == "win32" or sys_platform ==
"darwin"
+ python_requires = >=3.6
+
[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: 7416f248eda0fcb889d78ab014391b6b1038547e
Author: Sebastian Pipping gentoo org>
AuthorDate: Sun Apr 5 21:58:24 2020 +
Commit: Sebastian Pipping gentoo org>
CommitDate: Sun Apr 5 21:59:49 2020 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7416f248
dev-python/certifi: 2020.4.5.1
Signed-off-by: Sebastian Pipping gentoo.org>
Package-Manager: Portage-2.3.92, Repoman-2.3.20
dev-python/certifi/Manifest| 1 +
dev-python/certifi/certifi-2020.4.5.1.ebuild | 43 ++
.../certifi-2020.4.5.1-use-system-cacerts.patch| 30 +++
3 files changed, 74 insertions(+)
diff --git a/dev-python/certifi/Manifest b/dev-python/certifi/Manifest
index 05ee35f9d62..a94c533cbe9 100644
--- a/dev-python/certifi/Manifest
+++ b/dev-python/certifi/Manifest
@@ -1 +1,2 @@
DIST certifi-2019.11.28.tar.gz 156407 BLAKE2B
61fdee083aa1f5467bb4a6a65c9cdff2eb9e88261b4702f9d03b53abebb9f9815499a0cbcb53e983e81d5c54ed40e2ff7b351c19c90b2340373414e7e8afaea6
SHA512
6821444f02db0d9d03ab1891731178af1d7858df3c729f079147a9c588cf97a456e050da3421a0d2a3559145610826669034a8d46cd50b7c76e90249db1b09ad
+DIST certifi-2020.4.5.1.tar.gz 158038 BLAKE2B
988b29097b869b43095363b6ca344e3ce6c895f699b9d8b2576cb7108c5e12ea8a485c5f1dbc3d304d4243bdb09bce231fae15eb6abe47eee30afc1dc4ab4075
SHA512
8b0312aba427c29f6ebaf8140493f9673043e3f76f9bb1002a8fbc7a943303effad15173805e276147548d0978630655763b9ea60410135ba08f413fa77a5738
diff --git a/dev-python/certifi/certifi-2020.4.5.1.ebuild
b/dev-python/certifi/certifi-2020.4.5.1.ebuild
new file mode 100644
index 000..7014988654a
--- /dev/null
+++ b/dev-python/certifi/certifi-2020.4.5.1.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2020 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python2_7 python3_{6,7,8} pypy3 )
+
+inherit distutils-r1 prefix readme.gentoo-r1
+
+DESCRIPTION="Python package for providing Mozilla's CA Bundle"
+HOMEPAGE="http://certifi.io/ https://pypi.org/project/certifi;
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="MPL-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~riscv
~s390 ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos
~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris
~x86-solaris"
+IUSE=""
+
+RDEPEND="app-misc/ca-certificates"
+DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
+
+# Do not drop this patch -- this will affect system's security
+PATCHES=( "${FILESDIR}"/${PN}-2020.4.5.1-use-system-cacerts.patch )
+
+python_prepare_all() {
+ distutils-r1_python_prepare_all
+
+ # Precaution -- nothing should use bundled CA certificates
+ rm certifi/cacert.pem || die "Failed to delete bundled CA certificates"
+
+ eprefixify certifi/core.py
+}
+
+python_install_all() {
+ distutils-r1_python_install_all
+
+ local DOC_CONTENTS="
+ In Gentoo, we don't use certifi's bundled CA certificates.
+ Instead we remove bundled cacert.pem and patch certifi
+ to return system's CA certificates.
+ "
+ readme.gentoo_create_doc
+}
diff --git
a/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch
b/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch
new file mode 100644
index 000..692439a10ea
--- /dev/null
+++ b/dev-python/certifi/files/certifi-2020.4.5.1-use-system-cacerts.patch
@@ -0,0 +1,30 @@
+From f07497e36ccc883626ae5cdfa7f81fcb3fc0d549 Mon Sep 17 00:00:00 2001
+From: Sebastian Pipping
+Date: Sun, 5 Apr 2020 23:43:30 +0200
+Subject: [PATCH] Use system's CA certificate store
+
+---
+ certifi/core.py | 7 +++
+ 1 file changed, 3 insertions(+), 4 deletions(-)
+
+diff --git a/certifi/core.py b/certifi/core.py
+index 56b52a3..467880f 100644
+--- a/certifi/core.py
b/certifi/core.py
+@@ -21,10 +21,9 @@ except ImportError:
+
+
+ def where():
+-f = os.path.dirname(__file__)
+-
+-return os.path.join(f, "cacert.pem")
++return "@GENTOO_PORTAGE_EPREFIX@/etc/ssl/certs/ca-certificates.crt"
+
+
+ def contents():
+-return read_text("certifi", "cacert.pem", encoding="ascii")
++with open(where(), "r", encoding="ascii") as f:
++return f.read()
+--
+2.24.1
+
[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: bb1dbfea18380e02c8c460c144f4deeb30f18429
Author: Michał Górny gentoo org>
AuthorDate: Wed Aug 14 22:00:57 2019 +
Commit: Michał Górny gentoo org>
CommitDate: Wed Aug 14 23:04:49 2019 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bb1dbfea
dev-python/certifi: Bump to 2019.6.16
Signed-off-by: Michał Górny gentoo.org>
dev-python/certifi/Manifest| 1 +
dev-python/certifi/certifi-2019.6.16.ebuild| 43 ++
.../certifi-2018.4.16-use-system-cacerts.patch | 7 +---
3 files changed, 45 insertions(+), 6 deletions(-)
diff --git a/dev-python/certifi/Manifest b/dev-python/certifi/Manifest
index e1534648066..859e4a81c03 100644
--- a/dev-python/certifi/Manifest
+++ b/dev-python/certifi/Manifest
@@ -2,3 +2,4 @@ DIST certifi-2018.10.15.tar.gz 145887 BLAKE2B
695b4236d67022f12639850fdcd1695703
DIST certifi-2018.11.29.tar.gz 153772 BLAKE2B
fb146409560beb85731b136541012f3f114a8e35c1b0ae9a9bac31d10642dc4ff3cad6a7e722e14e1d5092f9d4e3d7f5c4acb231edd2602d3452a6c9cebd323c
SHA512
6a6bf1ff98caefcdbf78a8c83e11e155368bacdd806f0ae0c6afa8f513667df6598e594b3584de61acdca3d6049f4a776937f2aa8672b602bd6db7b737f6074e
DIST certifi-2018.4.16.tar.gz 149967 BLAKE2B
4a69ec495266d54032dfabc9c17d0b1e78ad1467214f9f981feb4fae279c1f4b5f0bc3f7a643c2229b17d19e32c1ea894dc16d73b036a0b32f17faa9ac55615c
SHA512
96369b318df9592ed4ff48d79ae695f89d27d85e8f5de72548fccb19ac15b83a33fb8bc096a3092d7a7f5b201af08805576888418c7927cf48b892df56464682
DIST certifi-2018.8.24.tar.gz 146866 BLAKE2B
92a609bffd777a624d18e612e2fa504b1cd4f0764f979d22bf6785158fb928d30984fba16b839f6b4066395dadcca485e6215c6f0b6b550d891673a79ea77c08
SHA512
bb0af24570dd4806bc80cd438cae42db82f820de815a6148b184f58c19cd91a03f9275815559817a84220dcbd7c87a4a7d12e35cf4a95a1dbad286a1dfecf907
+DIST certifi-2019.6.16.tar.gz 156721 BLAKE2B
3990a9c122dbaf554f4482ad97192efa66f1cf54e83bd4ee67248bbea8797dc4da38ab537230a8263a491a2a2115528138965480ef4da6d6cba9ac2af5bff830
SHA512
4641626bc5073cd0b3a520855ddef1007dcb42933baa7a3469856f936e725581042bcbd5b67e984ba9748e7faa62b9125cba7dc160dcc5db2eafe46461a29f5e
diff --git a/dev-python/certifi/certifi-2019.6.16.ebuild
b/dev-python/certifi/certifi-2019.6.16.ebuild
new file mode 100644
index 000..50b26cdf12c
--- /dev/null
+++ b/dev-python/certifi/certifi-2019.6.16.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2019 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=7
+
+PYTHON_COMPAT=( python2_7 python3_{5,6,7} pypy{,3} )
+
+inherit distutils-r1 prefix readme.gentoo-r1
+
+DESCRIPTION="Python package for providing Mozilla's CA Bundle"
+HOMEPAGE="http://certifi.io/ https://pypi.org/project/certifi;
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="MPL-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux
~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris
~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE=""
+
+RDEPEND="app-misc/ca-certificates"
+DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
+
+# Do not drop this patch -- this will affect system's security
+PATCHES=( "${FILESDIR}"/certifi-2018.4.16-use-system-cacerts.patch )
+
+python_prepare_all() {
+ distutils-r1_python_prepare_all
+
+ eprefixify certifi/core.py
+}
+
+python_install_all() {
+ distutils-r1_python_install_all
+
+ local DOC_CONTENTS="
+ In Gentoo, we don't use certifi's bundled CA certificates.
+ Instead we remove bundled cacert.pem and patch certifi
+ to return system's CA certificates.
+ "
+ readme.gentoo_create_doc
+
+ # Precaution -- nothing should use bundled CA certificates
+ find "${D}" -name 'cacert.pem' -delete || die "Failed to delete bundled
CA certificates"
+}
diff --git
a/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
index 009f21168c1..1c21a2ae1e0 100644
--- a/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
+++ b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
@@ -2,14 +2,9 @@ Use system's CA certificate store
--- a/certifi/core.py
+++ b/certifi/core.py
-@@ -19,9 +19,7 @@ class DeprecatedBundleWarning(DeprecationWarning):
-
-
+@@ -21,4 +21,2 @@ class DeprecatedBundleWarning(DeprecationWarning):
def where():
-f = os.path.dirname(__file__)
-
-return os.path.join(f, 'cacert.pem')
+return "@GENTOO_PORTAGE_EPREFIX@/etc/ssl/certs/ca-certificates.crt"
-
-
- def old_where():
[gentoo-commits] repo/gentoo:master commit in: dev-python/certifi/, dev-python/certifi/files/
commit: 379c608ca8747713fbc50205e254662d3f39517e
Author: Thomas Deutschmann gentoo org>
AuthorDate: Sun Apr 22 20:47:03 2018 +
Commit: Thomas Deutschmann gentoo org>
CommitDate: Mon Apr 23 15:32:26 2018 +
URL:https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=379c608c
dev-python/certifi: Bump to v2018.04.16
Ebuild changes:
===
- We no longer install bundled cacert.pem. Instead we
refer to system's CA store.
Closes: https://github.com/gentoo/gentoo/pull/8109
Closes: https://bugs.gentoo.org/627558
Package-Manager: Portage-2.3.31, Repoman-2.3.9
dev-python/certifi/Manifest| 1 +
dev-python/certifi/certifi-2018.4.16.ebuild| 43 ++
.../certifi-2018.4.16-use-system-cacerts.patch | 15
3 files changed, 59 insertions(+)
diff --git a/dev-python/certifi/Manifest b/dev-python/certifi/Manifest
index a5b98f8228b..45257b772d3 100644
--- a/dev-python/certifi/Manifest
+++ b/dev-python/certifi/Manifest
@@ -4,3 +4,4 @@ DIST certifi-2017.11.5.tar.gz 329246 BLAKE2B
9edb7053cff4bf689d18cc0c11f867cc320
DIST certifi-2017.4.17.tar.gz 373512 BLAKE2B
52c65b06183cf0b96551d9a600b452bbe7832d43935557b0f328b38f22266d35d6368ddc60fd8d88fa7a3350cedbcd5c4f1a95b431033282c978df61a054ed8f
SHA512
0bd054bb2eaa8c196a94a0b7865d2488aea1fcb5e66ddc8c776c68cfa518a198a8c67bed5b485bf55db3f55d26c0ab2b4fc07839bb9175a50cb525e25d3869a5
DIST certifi-2017.7.27.1.tar.gz 348217 BLAKE2B
5c3531b0537df743010c5969c88fc40ebc3dce1e287527626f34cb5f59749d4818cfc807e90817ff20bcb005f5c80df30ff3fd770fe320fc6675f90f1e343237
SHA512
2873c17144e09ba506c62743efa4fda05350d48fcb19a1b8eb895829df2fa276eed86b31c9f7f18636f62ea5acb4bc6b9dee8b69ed8e0ccd1286ebfaa27d02a1
DIST certifi-2018.1.18.tar.gz 151258 BLAKE2B
f3d324d728dbfa46b9473340c894faae381ad8f8d1ab17cf021b9b00bb893fc44c6ccd8fa69bd4d9bb7580cf3bb16c6d9c1c31e727290bc065cf0934e7d30122
SHA512
5a419fcd6ad2dc095e126bcff40127b4549cc0556e19157b142c6f27b284448eb3124fb92a72b147d6734d9f3ff212212dcbf364e127c2691ab94a9736cee032
+DIST certifi-2018.4.16.tar.gz 149967 BLAKE2B
4a69ec495266d54032dfabc9c17d0b1e78ad1467214f9f981feb4fae279c1f4b5f0bc3f7a643c2229b17d19e32c1ea894dc16d73b036a0b32f17faa9ac55615c
SHA512
96369b318df9592ed4ff48d79ae695f89d27d85e8f5de72548fccb19ac15b83a33fb8bc096a3092d7a7f5b201af08805576888418c7927cf48b892df56464682
diff --git a/dev-python/certifi/certifi-2018.4.16.ebuild
b/dev-python/certifi/certifi-2018.4.16.ebuild
new file mode 100644
index 000..bc9a884dd33
--- /dev/null
+++ b/dev-python/certifi/certifi-2018.4.16.ebuild
@@ -0,0 +1,43 @@
+# Copyright 1999-2018 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=6
+
+PYTHON_COMPAT=( python2_7 python3_{4,5,6} pypy pypy3 )
+
+inherit distutils-r1 prefix readme.gentoo-r1 versionator
+
+DESCRIPTION="Python package for providing Mozilla's CA Bundle"
+HOMEPAGE="http://certifi.io/ https://pypi.org/project/certifi;
+SRC_URI="mirror://pypi/${PN:0:1}/${PN}/${P}.tar.gz"
+
+LICENSE="MPL-2.0"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390
~sh ~sparc ~x86 ~ppc-aix ~x64-cygwin ~amd64-fbsd ~x86-fbsd ~amd64-linux
~arm-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint
~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris"
+IUSE=""
+
+RDEPEND="app-misc/ca-certificates"
+DEPEND="dev-python/setuptools[${PYTHON_USEDEP}]"
+
+# Do not drop this patch -- this will affect system's security
+PATCHES=( "${FILESDIR}"/certifi-2018.4.16-use-system-cacerts.patch )
+
+python_prepare_all() {
+ distutils-r1_python_prepare_all
+
+ eprefixify certifi/core.py
+}
+
+python_install_all() {
+ distutils-r1_python_install_all
+
+ local DOC_CONTENTS="
+ In Gentoo, we don't use certifi's bundled CA certificates.
+ Instead we remove bundled cacert.pem and patch certifi
+ to return system's CA certificates.
+ "
+ readme.gentoo_create_doc
+
+ # Precaution -- nothing should use bundled CA certificates
+ find "${D}" -name 'cacert.pem' -delete || die "Failed to delete bundled
CA certificates"
+}
diff --git
a/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
new file mode 100644
index 000..009f21168c1
--- /dev/null
+++ b/dev-python/certifi/files/certifi-2018.4.16-use-system-cacerts.patch
@@ -0,0 +1,15 @@
+Use system's CA certificate store
+
+--- a/certifi/core.py
b/certifi/core.py
+@@ -19,9 +19,7 @@ class DeprecatedBundleWarning(DeprecationWarning):
+
+
+ def where():
+-f = os.path.dirname(__file__)
+-
+-return os.path.join(f, 'cacert.pem')
++return "@GENTOO_PORTAGE_EPREFIX@/etc/ssl/certs/ca-certificates.crt"
+
+
+ def old_where():
