diff --git a/.gitignore b/.gitignore index d909b1e..877b407 100644 --- a/.gitignore +++ b/.gitignore @@ -52,3 +52,4 @@ /archlinux-keyring-20231207.tar.gz /archlinux-keyring-20231222.tar.gz /archlinux-keyring-20240208.tar.gz +/archlinux-keyring-20240313.tar.gz diff --git a/0001-Revert-fix-libkeyringctl-Adapt-to-CLI-churn-in-sequo.patch b/0001-Revert-fix-libkeyringctl-Adapt-to-CLI-churn-in-sequo.patch new file mode 100644 index 0000000..09efe94 --- /dev/null +++ b/0001-Revert-fix-libkeyringctl-Adapt-to-CLI-churn-in-sequo.patch @@ -0,0 +1,61 @@ +From 4b984f2583b05496585d8ed8cfab9f2dcb6827b8 Mon Sep 17 00:00:00 2001 +From: Frantisek Sumsal +Date: Wed, 20 Mar 2024 17:14:46 +0100 +Subject: [PATCH] Revert "fix(libkeyringctl): Adapt to CLI churn in sequoia-sq + 0.34.0" + +Drop this once we have sequoia-sq 0.34.0 in Fedora. + +This reverts commit 10252b287d7d3bc338d0aa3e5d2e6c0fc6d1653d. +--- + libkeyringctl/sequoia.py | 6 +++--- + libkeyringctl/verify.py | 2 +- + 2 files changed, 4 insertions(+), 4 deletions(-) + +diff --git a/libkeyringctl/sequoia.py b/libkeyringctl/sequoia.py +index 34206a5..1e73149 100644 +--- a/libkeyringctl/sequoia.py ++++ b/libkeyringctl/sequoia.py +@@ -49,7 +49,7 @@ def keyring_split(working_dir: Path, keyring: Path, preserve_filename: bool = Fa + keyring_dir = Path(mkdtemp(dir=working_dir, prefix="keyring-")).absolute() + + with cwd(keyring_dir): +- system(["sq", "toolbox", "keyring", "split", str(keyring)]) ++ system(["sq", "keyring", "split", str(keyring)]) + + keyrings: List[Path] = list(natural_sort_path(keyring_dir.iterdir())) + +@@ -75,7 +75,7 @@ def keyring_merge(certificates: List[Path], output: Optional[Path] = None, force + The result if no output file has been used + """ + +- cmd = ["sq", "toolbox", "keyring", "merge"] ++ cmd = ["sq", "keyring", "merge"] + if force: + cmd.insert(1, "--force") + if output: +@@ -103,7 +103,7 @@ def packet_split(working_dir: Path, certificate: Path) -> Iterable[Path]: + packet_dir = Path(mkdtemp(dir=working_dir, prefix="packet-")).absolute() + + with cwd(packet_dir): +- system(["sq", "toolbox", "packet", "split", "--prefix", "''", str(certificate)]) ++ system(["sq", "toolbox", "packet", "split", str(certificate)]) + return natural_sort_path(packet_dir.iterdir()) + + +diff --git a/libkeyringctl/verify.py b/libkeyringctl/verify.py +index 29c64d8..a0c582b 100644 +--- a/libkeyringctl/verify.py ++++ b/libkeyringctl/verify.py +@@ -71,7 +71,7 @@ def verify( # noqa: ignore=C901 + keyring_fd = Popen(("sq", "dearmor", f"{str(keyring_path)}"), stdout=PIPE) + print(system(["hokey", "lint"], _stdin=keyring_fd.stdout), end="") + if lint_sq_keyring: +- print(system(["sq", "toolbox", "keyring", "lint", f"{str(keyring_path)}"]), end="") ++ print(system(["sq", "keyring", "lint", f"{str(keyring_path)}"]), end="") + + + def verify_integrity(certificate: Path, all_fingerprints: Set[Fingerprint]) -> None: # noqa: ignore=C901 +-- +2.44.0 + diff --git a/archlinux-keyring-revert_to_sq-keyring-linter.diff b/archlinux-keyring-revert_to_sq-keyring-linter.diff deleted file mode 100644 index ddad6f8..0000000 --- a/archlinux-keyring-revert_to_sq-keyring-linter.diff +++ /dev/null @@ -1,93 +0,0 @@ -From a8e44708937708290e62ad66898119902fd6425f Mon Sep 17 00:00:00 2001 -From: Michel Lind -Date: Thu, 7 Sep 2023 11:11:00 -0500 -Subject: [PATCH] Revert "feat: Replace sq-keyring-linter with sq >= 0.31.0" - -For use in distribution packages where sq has not been updated - -This reverts commit 3365f8607cadf4c5e87b8e5d582cdbb021c0d267. ---- - README.md | 3 ++- - libkeyringctl/ci.py | 2 +- - libkeyringctl/cli.py | 2 +- - libkeyringctl/verify.py | 6 +++--- - 4 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/README.md b/README.md -index 102e9c3..f409fc5 100644 ---- a/README.md -+++ b/README.md -@@ -24,11 +24,12 @@ Build: - Runtime: - - * python --* sequoia-sq >= 0.31.0 -+* sequoia-sq - - Optional: - - * hopenpgp-tools (verify) -+* sq-keyring-linter (verify) - * git (ci) - - ## Usage -diff --git a/libkeyringctl/ci.py b/libkeyringctl/ci.py -index 7200709..31b0210 100644 ---- a/libkeyringctl/ci.py -+++ b/libkeyringctl/ci.py -@@ -10,7 +10,7 @@ from .verify import verify - - - def ci(working_dir: Path, keyring_root: Path, project_root: Path) -> None: -- """Verify certificates against modern expectations using `sq keyring lint` and hokey -+ """Verify certificates against modern expectations using sq-keyring-linter and hokey - - Currently only newly added certificates will be checked against the expectations as existing - keys are not all fully compatible with those assumptions. -diff --git a/libkeyringctl/cli.py b/libkeyringctl/cli.py -index 020f64b..3334c17 100644 ---- a/libkeyringctl/cli.py -+++ b/libkeyringctl/cli.py -@@ -118,7 +118,7 @@ verify_parser.add_argument( - ) - verify_parser.add_argument("--no-lint-hokey", dest="lint_hokey", action="store_false", help="Do not run hokey lint") - verify_parser.add_argument( -- "--no-lint-sq-keyring", dest="lint_sq_keyring", action="store_false", help="Do not run sq keyring lint" -+ "--no-lint-sq-keyring", dest="lint_sq_keyring", action="store_false", help="Do not run sq-keyring-linter" - ) - verify_parser.set_defaults(lint_hokey=True, lint_sq_keyring=True) - -diff --git a/libkeyringctl/verify.py b/libkeyringctl/verify.py -index a0c582b..5b7fc7d 100644 ---- a/libkeyringctl/verify.py -+++ b/libkeyringctl/verify.py -@@ -29,7 +29,7 @@ def verify( # noqa: ignore=C901 - lint_hokey: bool = True, - lint_sq_keyring: bool = True, - ) -> None: -- """Verify certificates against modern expectations using `sq keyring lint` and hokey -+ """Verify certificates against modern expectations using sq-keyring-linter and hokey - - Parameters - ---------- -@@ -38,7 +38,7 @@ def verify( # noqa: ignore=C901 - sources: A list of username, fingerprint or directories from which to read PGP packet information - (defaults to `keyring_root`) - lint_hokey: Whether to run hokey lint -- lint_sq_keyring: Whether to run sq keyring lint -+ lint_sq_keyring: Whether to run sq-keyring-linter - """ - - if not sources: -@@ -71,7 +71,7 @@ def verify( # noqa: ignore=C901 - keyring_fd = Popen(("sq", "dearmor", f"{str(keyring_path)}"), stdout=PIPE) - print(system(["hokey", "lint"], _stdin=keyring_fd.stdout), end="") - if lint_sq_keyring: -- print(system(["sq", "keyring", "lint", f"{str(keyring_path)}"]), end="") -+ print(system(["sq-keyring-linter", f"{str(keyring_path)}"]), end="") - - - def verify_integrity(certificate: Path, all_fingerprints: Set[Fingerprint]) -> None: # noqa: ignore=C901 --- -2.41.0 - diff --git a/archlinux-keyring.spec b/archlinux-keyring.spec index fc6d3d4..6c4b5fe 100644 --- a/archlinux-keyring.spec +++ b/archlinux-keyring.spec @@ -1,9 +1,10 @@ Name: archlinux-keyring -Version: 20240208 +Version: 20240313 Release: %autorelease Url: https://archlinux.org/packages/core/any/archlinux-keyring/ Source0: https://gitlab.archlinux.org/archlinux/archlinux-keyring/-/archive/%{version}/archlinux-keyring-%{version}.tar.gz -Patch: archlinux-keyring-revert_to_sq-keyring-linter.diff +# Revert this patch once we have sequoia-sq 0.34.0 in Fedora +Patch: 0001-Revert-fix-libkeyringctl-Adapt-to-CLI-churn-in-sequo.patch # see https://wiki.archlinux.org/index.php/Pacman-key for introduction License: LicenseRef-Fedora-Public-Domain Summary: GPG keys used by Arch Linux distribution to sign packages diff --git a/sources b/sources index bbae4c7..dc49c52 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (archlinux-keyring-20240208.tar.gz) = 47ab241044701821d00dfa83b15ebbe60c5d4aa004aebec2235fca42e4d65566533ee14b43db443ba03cc50a2078667c6126d8f740e55b8c910b334d52eff660 +SHA512 (archlinux-keyring-20240313.tar.gz) = 8caedebccd31a62264cb7c5e8d4c7f3e326f018b6e9148ab31e19e58a60b64c0ee2a641090c77a40bcfba93ef4ce13132b721241a0404816b40e28da4fd36f9b