From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 95DC1158046 for ; Sat, 12 Oct 2024 18:58:32 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 601322BC057; Sat, 12 Oct 2024 18:57:14 +0000 (UTC) Received: from smtp.gentoo.org (woodpecker.gentoo.org [140.211.166.183]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 1EC152BC054 for ; Sat, 12 Oct 2024 18:57:14 +0000 (UTC) From: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= To: gentoo-dev@lists.gentoo.org Cc: =?UTF-8?q?Micha=C5=82=20G=C3=B3rny?= Subject: [gentoo-dev] [PATCH 5/5] dev-lang/python: Use sigstore in 3.13.0 (example) Date: Sat, 12 Oct 2024 20:52:06 +0200 Message-ID: <20241012185704.771370-6-mgorny@gentoo.org> X-Mailer: git-send-email 2.47.0 In-Reply-To: <20241012185704.771370-1-mgorny@gentoo.org> References: <20241012185704.771370-1-mgorny@gentoo.org> Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-dev@lists.gentoo.org Reply-to: gentoo-dev@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-Archives-Salt: e7d9e1a0-af58-491e-a44a-72ab1820bd81 X-Archives-Hash: 86531d7e6136e01f9c42b70f3033d256 Signed-off-by: Michał Górny --- dev-lang/python/Manifest | 2 +- dev-lang/python/python-3.13.0.ebuild | 8 +++++--- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/dev-lang/python/Manifest b/dev-lang/python/Manifest index daddb0dad1f4..7663f0072d2a 100644 --- a/dev-lang/python/Manifest +++ b/dev-lang/python/Manifest @@ -9,7 +9,7 @@ DIST Python-3.12.6.tar.xz.asc 963 BLAKE2B d5f9e4c5053610a1a53769278e69d8a25e2fb0 DIST Python-3.12.7.tar.xz 20444032 BLAKE2B eed8744261cab3b401963ec5187a8b814adb9a18f8d0a6a3d59c027a83cf8408524af9b20204b0a0861d173cc33c45ae37bb1542a1ace3344dc59c649087ff1f SHA512 4a363d3f852ad8f4fd1484aa4cec35494a3811be48ef67fadb2bdf2e2489ed07dc78fad6ab475257db503ddd64d39f9800f23a1c94b6bbd15b7f632cff0c90ae DIST Python-3.12.7.tar.xz.asc 963 BLAKE2B 8c7db3d1971d93a10c611a2e6dd3679d0b331b48df87b5fe410b089061e48753d98af67084d4f051a31ae803fce3aa3c7af7cba9c692640f50068bd1e46f40e6 SHA512 4d0a7a0da2c81888e93d8ff89ca2ed4bb85a7b0bd00f0d54a14e2c201affac2677ef3984d2b5aea253e624f6465548d9032eefdd9033c1eb3864d82cfd8d3df0 DIST Python-3.13.0.tar.xz 22532980 BLAKE2B 4a4e397199402de8c9fe8e4d63443ed972cbe8a4f541743908d699c7987127d159d600fd14145b6a946e8671426279d230c9155fdc5863c1e49a945eedcbf21b SHA512 44a143c9b96b55b01885ec020c3364265bda55289615cd7d5071915b0d0178a6f35e7551a89090001fcb7f3172d38177a56bf8b8532b15c9dbc50295c9210152 -DIST Python-3.13.0.tar.xz.asc 963 BLAKE2B d05f02692a9fea42b73dbfe5dc42bd6533555e5ecb848510d2b94bb7f0e55d4a0f89bcd20b073ed2c7f7a68be35b12cb6dbff6bc16fc9a4592ded2c339ada7fd SHA512 1b8bb0fe4eb93e31ec1770e90b94d44b5864c0391aad5dcba3a30d8e505d9b17107385414353c0060007f8a536254f49b8e919f36ddf6421a6e4330f817f1a3e +DIST Python-3.13.0.tar.xz.sigstore 5067 BLAKE2B a774f8d3947bd114ea9cd8d028ba06d30a11385a5295d2f0535f507789e08697e290a920df23064add58496f3a8765aeb1ce3bad4e5548613e78e2b283852ff8 SHA512 6c9d99299ed3f1d221deca6e0a7abc9a89a7c87d2c74225c1175691b1c21ccc5d55da17d69dc9893f94d91deaf1870c1a2a4be0905fc2dbed16d34a4110e3ec2 DIST Python-3.8.20.tar.xz 18962788 BLAKE2B 715c75e0c0a3d3b77af7f07478311bb0554b80aac72915be703aa2d0dd6459a972e5669808e64da14a0b91bb183e00655055c1726f302dc3ccd8721e3b4ae3e6 SHA512 3c9341ee1fd33cb687958dcf2b7c0c7700489726c4d530c3e9d9537d46a6ab534541a4b312232d8505bea395a07e4518c42d75fb7571103e6b266f8f44115c61 DIST Python-3.8.20.tar.xz.asc 833 BLAKE2B 5c86c15a1090b42e42bb7512565b1a7ad9d2137d59e9fd1ab0f83fdfc37dfcf184389418d6703db809e9c8c04a169af292665a2b58bf5dc61b7724ecbb4132d9 SHA512 a751ae0407a593d97acac4d5f8a0456580c753efa12a7d960125c219b4897fdb26fc1ffd43d8ea33ad1449162dd3b2904c16b6c51c57561ba73de3ffa62e0eed DIST Python-3.9.20.tar.xz 19648968 BLAKE2B 80a337ff406130599b8320068d11bc275d23473cedd7c85fcb9e40134f0f2d533be6e712139e788a6423cdc74cea938f306aa37c2a5099e3051f3e390159279c SHA512 c828f33edf1704e3149499d6d34e89264cb5cdb2b09ff05561641b359716d7996f0fe928629e09f006b1fd7850fdaf937275919c7fdd83f5efc32707c64d814b diff --git a/dev-lang/python/python-3.13.0.ebuild b/dev-lang/python/python-3.13.0.ebuild index 9216c5683e4c..c2b8106373ab 100644 --- a/dev-lang/python/python-3.13.0.ebuild +++ b/dev-lang/python/python-3.13.0.ebuild @@ -25,7 +25,7 @@ SRC_URI=" https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz https://dev.gentoo.org/~mgorny/dist/python/${PATCHSET}.tar.xz verify-sig? ( - https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz.asc + https://www.python.org/ftp/python/${PV%%_*}/${MY_P}.tar.xz.sigstore ) " S="${WORKDIR}/${MY_P}" @@ -105,7 +105,9 @@ if [[ ${PV} != *_alpha* ]]; then " fi -VERIFY_SIG_OPENPGP_KEY_PATH=/usr/share/openpgp-keys/python.org.asc +VERIFY_SIG_METHOD=sigstore +VERIFY_SIG_CERT_IDENTITY=thomas@python.org +VERIFY_SIG_CERT_OIDC_ISSUER=https://accounts.google.com # large file tests involve a 2.5G file being copied (duplicated) CHECKREQS_DISK_BUILD=5500M @@ -150,7 +152,7 @@ pkg_setup() { src_unpack() { if use verify-sig; then - verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.asc} + verify-sig_verify_detached "${DISTDIR}"/${MY_P}.tar.xz{,.sigstore} fi default } -- 2.47.0