| Message ID | 20220110200151.830192-1-ju.o@free.fr |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/1] package/python-gnupg: new package | expand |
Hello Julien, On Mon, 10 Jan 2022 21:01:51 +0100 Julien Olivain <ju.o@free.fr> wrote: > DEVELOPERS | 1 + > package/Config.in | 1 + > package/python-gnupg/Config.in | 15 +++++++++++++++ > package/python-gnupg/python-gnupg.hash | 5 +++++ > package/python-gnupg/python-gnupg.mk | 13 +++++++++++++ > 5 files changed, 35 insertions(+) Thanks for the patch, which I have applied, with a change (see below). However, more importantly, could you write and contribute a test case for python-gnupg in our runtime test infrastructure ? See https://buildroot.org/downloads/manual/manual.html#_using_the_runtime_tests_framework for some amount of details. > +config BR2_PACKAGE_PYTHON_GNUPG > + bool "python-gnupg" > + select BR2_PACKAGE_GNUPG2 if !BR2_PACKAGE_GNUPG # runtime This generates a circular dependency reported by kconfig, because another package does exactly the opposite. So I have inverted the logic here: select BR2_PACKAGE_GNUPG if !BR2_PACKAGE_GNUPG2 # runtime Best regards, Thomas
Hi Thomas, On 13/01/2022 21:51, Thomas Petazzoni wrote: > Hello Julien, > > On Mon, 10 Jan 2022 21:01:51 +0100 > Julien Olivain <ju.o@free.fr> wrote: > >> [...] >> +config BR2_PACKAGE_PYTHON_GNUPG >> + bool "python-gnupg" >> + select BR2_PACKAGE_GNUPG2 if !BR2_PACKAGE_GNUPG # runtime > > This generates a circular dependency reported by kconfig, because > another package does exactly the opposite. So I have inverted the logic > here: > > select BR2_PACKAGE_GNUPG if !BR2_PACKAGE_GNUPG2 # runtime What do you think about reversing the logic of all Buildroot packages selecting gnupg so they default to gnupg2? Quoting: https://gnupg.org/download/index.html """ GnuPG 1.4 is the old, single binary version which still support the unsafe PGP-2 keys. This branch has no dependencies on the above listed libraries or the Pinentry. However, it lacks many modern features and will receive only important updates. """ There is currently only two packages selecting gnupg: gpgme and python-gnupg Most Linux distributions are now shipping gnupg2 by default. gnupg v1 is now more for legacy/compatibility cases. If you agree, I can send a patch for this. Best regards, Julien.
On 16/01/2022 11:55, Julien Olivain wrote: > Hi Thomas, > > On 13/01/2022 21:51, Thomas Petazzoni wrote: >> Hello Julien, >> >> On Mon, 10 Jan 2022 21:01:51 +0100 >> Julien Olivain <ju.o@free.fr> wrote: >> >>> [...] >>> +config BR2_PACKAGE_PYTHON_GNUPG >>> + bool "python-gnupg" >>> + select BR2_PACKAGE_GNUPG2 if !BR2_PACKAGE_GNUPG # runtime >> >> This generates a circular dependency reported by kconfig, because >> another package does exactly the opposite. So I have inverted the logic >> here: >> >> select BR2_PACKAGE_GNUPG if !BR2_PACKAGE_GNUPG2 # runtime > > What do you think about reversing the logic of all Buildroot packages > selecting gnupg so they default to gnupg2? > > Quoting: https://gnupg.org/download/index.html > """ > GnuPG 1.4 is the old, single binary version which still support the > unsafe PGP-2 keys. This branch has no dependencies on the above listed > libraries or the Pinentry. However, it lacks many modern features and > will receive only important updates. > """ > > There is currently only two packages selecting gnupg: > gpgme and python-gnupg > > Most Linux distributions are now shipping gnupg2 by default. gnupg v1 > is now more for legacy/compatibility cases. Perhaps we should simply remove gnupg instead. We've had gnupg2 for 7.5 years now, that should be enough to migrate. Regards, Arnout > > If you agree, I can send a patch for this. > > Best regards, > > Julien. > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
Hi Arnout, On 16/01/2022 13:01, arnout at mind.be wrote: > On 16/01/2022 11:55, Julien Olivain wrote: >> Hi Thomas, >> >> On 13/01/2022 21:51, Thomas Petazzoni wrote: >>> Hello Julien, >>> >>> On Mon, 10 Jan 2022 21:01:51 +0100 >>> Julien Olivain <ju.o at free.fr> wrote: >>> >>>> ?[...] >>>> +config BR2_PACKAGE_PYTHON_GNUPG >>>> +??? bool "python-gnupg" >>>> +??? select BR2_PACKAGE_GNUPG2 if !BR2_PACKAGE_GNUPG # runtime >>> >>> This generates a circular dependency reported by kconfig, because >>> another package does exactly the opposite. So I have inverted the >>> logic >>> here: >>> >>> select BR2_PACKAGE_GNUPG if !BR2_PACKAGE_GNUPG2 # runtime >> >> What do you think about reversing the logic of all Buildroot packages >> selecting gnupg so they default to gnupg2? >> >> Quoting: https://gnupg.org/download/index.html >> """ >> GnuPG 1.4 is the old, single binary version which still support the >> unsafe PGP-2 keys. This branch has no dependencies on the above listed >> libraries or the Pinentry. However, it lacks many modern features and >> will receive only important updates. >> """ >> >> There is currently only two packages selecting gnupg: >> gpgme and python-gnupg >> >> Most Linux distributions are now shipping gnupg2 by default.? gnupg v1 >> is now more for legacy/compatibility cases. > > Perhaps we should simply remove gnupg instead. We've had gnupg2 for > 7.5 years > now, that should be enough to migrate. I think gnupg (version 1) should be kept in Buildroot: - it's still maintained (only for important updates), - it has a smaller footprint (compared to v2), - it has less dependencies (only zlib), - it has less build dependencies (can build static, no need for MMU/threads, ...) gnupg1 might still be useful in some specific cases. This is why I was mentioning to switch the default version to v2, rather than removing v1. Best regards, Julien. > Regards, > Arnout > >> >> If you agree, I can send a patch for this. >> >> Best regards, >> >> Julien. >> _______________________________________________ >> buildroot mailing list >> buildroot at buildroot.org >> https://lists.buildroot.org/mailman/listinfo/buildroot
diff --git a/DEVELOPERS b/DEVELOPERS index 12777e8d61..036e752d84 100644 --- a/DEVELOPERS +++ b/DEVELOPERS @@ -1595,6 +1595,7 @@ F: package/fluidsynth/ F: package/glslsandbox-player/ F: package/ptm2human/ F: package/python-distro/ +F: package/python-gnupg/ F: package/python-pyalsa/ N: Julien Viard de Galbert <julien@vdg.name> diff --git a/package/Config.in b/package/Config.in index 3a2ad30df9..af09209905 100644 --- a/package/Config.in +++ b/package/Config.in @@ -1038,6 +1038,7 @@ menu "External python modules" source "package/python-futures/Config.in" source "package/python-git/Config.in" source "package/python-gitdb2/Config.in" + source "package/python-gnupg/Config.in" source "package/python-gobject/Config.in" source "package/python-gpiozero/Config.in" source "package/python-greenlet/Config.in" diff --git a/package/python-gnupg/Config.in b/package/python-gnupg/Config.in new file mode 100644 index 0000000000..54f8fb6a29 --- /dev/null +++ b/package/python-gnupg/Config.in @@ -0,0 +1,15 @@ +config BR2_PACKAGE_PYTHON_GNUPG + bool "python-gnupg" + select BR2_PACKAGE_GNUPG2 if !BR2_PACKAGE_GNUPG # runtime + help + A wrapper for the Gnu Privacy Guard (GPG or GnuPG). + + The gnupg module allows Python programs to make use of the + functionality provided by the GNU Privacy Guard (abbreviated + GPG or GnuPG). Using this module, Python programs can + encrypt and decrypt data, digitally sign documents and + verify digital signatures, manage (generate, list and + delete) encryption keys, using Public Key Infrastructure + (PKI) encryption technology based on OpenPGP. + + https://docs.red-dove.com/python-gnupg/ diff --git a/package/python-gnupg/python-gnupg.hash b/package/python-gnupg/python-gnupg.hash new file mode 100644 index 0000000000..fa0e8ae6e5 --- /dev/null +++ b/package/python-gnupg/python-gnupg.hash @@ -0,0 +1,5 @@ +# md5, sha256 from https://pypi.org/pypi/python-gnupg/json +md5 02c5d77b8db9dfba0741627560d89bd5 python-gnupg-0.4.8.tar.gz +sha256 b64de1ae5cedf872b437201a566fa2c62ce0c95ea2e30177eb53aee1258507d7 python-gnupg-0.4.8.tar.gz +# Locally computed sha256 checksums +sha256 9620da3d3afdfca7dea53c4375c1507ab2d3a4af4e706827023acb49a9ec4a5e LICENSE.txt diff --git a/package/python-gnupg/python-gnupg.mk b/package/python-gnupg/python-gnupg.mk new file mode 100644 index 0000000000..f16910e517 --- /dev/null +++ b/package/python-gnupg/python-gnupg.mk @@ -0,0 +1,13 @@ +################################################################################ +# +# python-gnupg +# +################################################################################ + +PYTHON_GNUPG_VERSION = 0.4.8 +PYTHON_GNUPG_SITE = https://files.pythonhosted.org/packages/b1/90/75e15ead9693028c05fc7abd25c756c0d1da27bf04a27d6f5c4139d8ee10 +PYTHON_GNUPG_LICENSE = BSD-3-Clause +PYTHON_GNUPG_LICENSE_FILES = LICENSE.txt +PYTHON_GNUPG_SETUP_TYPE = setuptools + +$(eval $(python-package))
A wrapper for the Gnu Privacy Guard (GPG or GnuPG). The gnupg module allows Python programs to make use of the functionality provided by the GNU Privacy Guard (abbreviated GPG or GnuPG). Using this module, Python programs can encrypt and decrypt data, digitally sign documents and verify digital signatures, manage (generate, list and delete) encryption keys, using Public Key Infrastructure (PKI) encryption technology based on OpenPGP. https://docs.red-dove.com/python-gnupg/ Signed-off-by: Julien Olivain <ju.o@free.fr> --- DEVELOPERS | 1 + package/Config.in | 1 + package/python-gnupg/Config.in | 15 +++++++++++++++ package/python-gnupg/python-gnupg.hash | 5 +++++ package/python-gnupg/python-gnupg.mk | 13 +++++++++++++ 5 files changed, 35 insertions(+) create mode 100644 package/python-gnupg/Config.in create mode 100644 package/python-gnupg/python-gnupg.hash create mode 100644 package/python-gnupg/python-gnupg.mk