#1 rawhide: update to new upstream version 1.8.1, use GPG-based source file verification, use %license macro
Opened 18 days ago by fschwarz. Modified 2 days ago
rpms/ fschwarz/libgsasl master  into  master

file modified
+27 -7

@@ -1,15 +1,25 @@ 

  Name:           libgsasl

- Version:        1.8.0 

- Release:        16%{?dist}

+ Version:        1.8.1

+ Release:        1%{?dist}

  Summary:        GNU SASL library 

  License:        LGPLv2+ 

- URL:            http://www.gnu.org/software/gsasl/

- Source0:        ftp://ftp.gnu.org/gnu/gsasl/%{name}-%{version}.tar.gz

+ URL:            https://www.gnu.org/software/gsasl/

+ Source0:        https://download.savannah.nongnu.org/releases/gsasl/%{name}-%{version}.tar.gz

+ Source1:        https://download.savannah.nongnu.org/releases/gsasl/%{name}-%{version}.tar.gz.sig

+ # key retrieved via

+ #   wget -O memberlist-gpgkeys.asc \

+ #       https://savannah.gnu.org/project/memberlist-gpgkeys.php?group=gsasl&download=1

+ # Using the URL above directly as "Source2" does not work as spectool/mock do

+ # no not like the query string.

+ Source2:        memberlist-gpgkeys.asc

+ 

+ BuildRequires:  gnupg2

  BuildRequires:  gcc

  BuildRequires:  libidn-devel

  BuildRequires:  krb5-devel

  BuildRequires:  libntlm-devel

  BuildRequires:  pkgconfig

+ BuildRequires:  libgcrypt-devel >= 1.4.4

  

  %description

  The library includes support for the SASL framework

@@ -27,7 +37,8 @@ 

  developing applications that use %{name}.

  

  %prep

- %setup -q

+ %{gpgverify} --keyring='%{SOURCE2}' --signature='%{SOURCE1}' --data='%{SOURCE0}'

+ %autosetup

  

  %build

  %configure --disable-static --disable-rpath --with-gssapi-impl=mit

@@ -41,16 +52,25 @@ 

  %ldconfig_scriptlets

  

  %files -f %{name}.lang

- %doc AUTHORS COPYING NEWS README THANKS

+ %license COPYING

+ %doc AUTHORS NEWS README THANKS

  %{_libdir}/libgsasl.so.*

  

  %files devel

- %doc COPYING

+ %license COPYING

  %{_includedir}/gsasl*

  %{_libdir}/libgsasl.so

  %{_libdir}/pkgconfig/libgsasl.pc

  

  %changelog

+ * Tue Nov 19 2019 Felix Schwarz <fschwarz@fedoraproject.org> - 1.8.1-1

+ - new upstream version

+ 

+ * Mon Nov 18 2019 Felix Schwarz <fschwarz@fedoraproject.org> - 1.8.0-17

+ - modernize macros

+ - use https for homepage/sources

+ - enable GPG-based source file verification

+ 

  * Thu Jul 25 2019 Fedora Release Engineering <releng@fedoraproject.org> - 1.8.0-16

  - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

  

@@ -0,0 +1,25 @@ 

+ GPG keys of Simon Josefsson <jas>

+ -----BEGIN PGP PUBLIC KEY BLOCK-----

+ 

+ mDMEXJLOtBYJKwYBBAHaRw8BAQdACIcrZIvhrxDBkK9fV+QlTmXxo2naObDuGtw5

+ 8YaxlOu0JVNpbW9uIEpvc2Vmc3NvbiA8c2ltb25Aam9zZWZzc29uLm9yZz6IlgQT

+ FggAPhYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJcks60AhsDBQkBHMQABQsJCAcC

+ BhUICQoLAgQWAgMBAh4BAheAAAoJENc89jjFPAa+mrABAM8bSSGjIEtriABJteUo

+ A/GAWJ+VnLoR44kc5QmQxhKsAQCNdRzLXCvDvYIAOIblRRetsGdFI0zdXA/Ey/NA

+ 0B9yALg4BFySz2oSCisGAQQBl1UBBQEBB0AxlRumDW6nZY7A+VCfek9VpEx6PJmd

+ JyYPt3lNHMd6HAMBCAeIfgQYFggAJhYhBLHSvRN1vst4TPT4xNc89jjFPAa+BQJc

+ ks9qAhsMBQkBHMQAAAoJENc89jjFPAa+4kMBAILG9rwrhcPSAvay4XDgJ8SqDHm8

+ AsKA3E7zirxVq5X9AQCNlXB+RWh7yX61utkJrziBqQti/j3vHKX6c3yU4FLNC7gz

+ BFySz3UWCSsGAQQB2kcPAQEHQLzCFcHHrKzVSPDDarZPYqn89H5TPaxwcORgRg+4

+ DagEiH4EGBYIACYWIQSx0r0Tdb7LeEz0+MTXPPY4xTwGvgUCXJLPdQIbIAUJARzE

+ AAAKCRDXPPY4xTwGvuSSAP9+QE0ODSVcRYsmSMXzEEOaCwlthh22A1CmXoV5s1yu

+ mwD/aVUqVN1Q0mSE6iab47Q2EklsCBTl8cSq/A1DcewQKQi4MwRcks+BFgkrBgEE

+ AdpHDwEBB0DsUwiDmnlwMSNoSF+ByvW0E6TVXou9PKDa9SpZvKghioj1BBgWCAAm

+ FiEEsdK9E3W+y3hM9PjE1zz2OMU8Br4FAlySz4ECGwIFCQEcxAAAgQkQ1zz2OMU8

+ Br52IAQZFggAHRYhBKPMnIcLnTEKutTPL1FyKwj+R0WiBQJcks+BAAoJEFFyKwj+

+ R0Wip0wBAKAfjlqx5mAivAo69Q4D1B+yZ4TwZkdg24UeYz0URBLoAPoDjHlpi+hj

+ qWj3ymC3DYc8OGZwJcUi2NcKtXgDQaYkDgouAQC5P99kv6H+PL9Bb3J9KLgFPno8

+ ZTuf8yhTOM7Abx+WPgEA4Kb5+ouGszRJDPOMDSp0KuxMr/usFJn3Ty1s1g5rCA4=

+ =CBvd

+ -----END PGP PUBLIC KEY BLOCK-----

+ 

file modified
+2 -1

@@ -1,1 +1,2 @@ 

- 5dbdf859f6e60e05813370e2b193b92b  libgsasl-1.8.0.tar.gz

+ SHA512 (libgsasl-1.8.1.tar.gz) = 52bda3a962a2cbb598009fd02c547a4f8b5b9a4243511aa8104df97b4737023281ab57dbbcf839db3cad73c64cbc72bbd89b49da8b0379dd635220ffb642aa22

+ SHA512 (libgsasl-1.8.1.tar.gz.sig) = 06ca9f2d378cea69bda0e3f0a5b93873d57f5117755f1aa8596e2592df73ccea471a879492b5d8e6fb2a08a8264e8f31a68c007baac5de130b9a212aea93b5fd

(I noticed that pagure automatically adds new commits to existing pull requests so this one also also includes the new version update - feel free to cherry-pick only some commits if you like)

  • new upstream version 1.8.1 (released in August 2019)
  • source file integrity is now verified with GPG before unpacking as recommended by the packaging guidelines
  • also license text is included via %license so docs can be stripped without creating a non-compliant binary distribution

1 new commit added

  • new upstream version
18 days ago

The .so file should be compatible: libgsasl.so.7.9.6 -> libgsasl.so.7.9.7

I should also mention that I did not upload the new sources to the lookaside cache. I justed edited "sources" manually.

ping :-)

(If you are looking for help maintaining this, I maybe I could take care of this, mostly for exim in EPEL8 though)