stefanor@debian.org writes:

Hi Simon (2024.12.05_22:48:05_+0000)

I'd appreciate help and collaborators on this!

Feel free to add me as an uploader.

Thank you! Added.

I think the Python Team would make sense for it. If you're not a member, https://salsa.debian.org/python-team/tools/python-modules/blob/master/policy.rst#joining-the-team

I have read that file now and accept it. My salsa username is 'jas'.

I'm happy to move python-sigstore and python-tuf to the python-modules namespace, to make it easier for all team members to help.

/Simon

-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZ1Me1hQcc2ltb25Aam9z ZWZzc29uLm9yZwAKCRBRcisI/kdFov0rAQDjBvlON7wSaZxr7GLJ2dnscHiZKddD lnWNub/+uTexsQEAo9tSynLnL1KU0UMsHQp/3xPE6+dJiR/XSBLC8+Fd4Q4=
=Naiu
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On 2024-12-06 10 h 57 a.m., Simon Josefsson wrote:

stefanor@debian.org writes:

Hi Simon (2024.12.05_22:48:05_+0000)

I'd appreciate help and collaborators on this!

Feel free to add me as an uploader.

Thank you! Added.

I think the Python Team would make sense for it. If you're not a member,
https://salsa.debian.org/python-team/tools/python-modules/blob/master/policy.rst#joining-the-team

I have read that file now and accept it. My salsa username is 'jas'.

I'm happy to move python-sigstore and python-tuf to the python-modules namespace, to make it easier for all team members to help.

/Simon

Welcome to the team!

--
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Louis-Philippe Véronneau
⢿⡄⠘⠷⠚⠋ pollo@debian.org / veronneau.org
⠈⠳⣄

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Louis-Philippe V�ronneau <pollo@debian.org> writes:

On 2024-12-06 10 h 57 a.m., Simon Josefsson wrote:

stefanor@debian.org writes:

Hi Simon (2024.12.05_22:48:05_+0000)

I'd appreciate help and collaborators on this!

Feel free to add me as an uploader.

Thank you! Added.

I think the Python Team would make sense for it. If you're not a member, >>> https://salsa.debian.org/python-team/tools/python-modules/blob/master/policy.rst#joining-the-team

I have read that file now and accept it. My salsa username is
'jas'.
I'm happy to move python-sigstore and python-tuf to the
python-modules
namespace, to make it easier for all team members to help.
/Simon

Welcome to the team!

Thank you!

There is now:

https://salsa.debian.org/python-team/packages/python-tuf https://salsa.debian.org/python-team/packages/sigstore-python

The first is stuck waiting for a new version of python-securesystemslib:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1089125

The second is pending other unpackaged dependencies, I'll try to work on
them one by one...

Feel free to help and join by adding yourself to Uploaders and make
commits to these repositories. So far I've force-pushed updates to the
first commit contains everything, but that's a bad idea going forward so
I'll stop.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZ1h8MhQcc2ltb25Aam9z ZWZzc29uLm9yZwAKCRBRcisI/kdFonJaAP4izG0A/dlVbmGgbisuxTUm1wi8JzVk K298K2wRPuA9/QEAjtU3TiI125ppiHyWuOMeXK111fCz9/s7xIHXygkKPAI=qrtR
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Simon Josefsson <simon@josefsson.org> writes:

https://salsa.debian.org/python-team/packages/python-tuf

I have uploaded 5.1.0-2 to unstable, however I would appreciate review
of python-tuf since I'm new to python packaging. My main concern is
about debian/tests/ and if there are better approaches?

https://salsa.debian.org/python-team/packages/sigstore-python

I'm happy to report that this now builds! Please review packaging.

However it does not yet run, there is a failure that shows up during
build too:

https://salsa.debian.org/python-team/packages/sigstore-python/-/jobs/6793076#L1421

For the ones who want to try out bleeding edge and perhaps debug things further, please try something like this (keep in mind that this
downloads untrusted stuff...):

podman run -it --rm debian:unstable
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/python-grpclib/-/jobs/6792419/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/python-betterproto/-/jobs/6792726/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/python-sigstore-rekor-types/-/jobs/6792765/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/python-sigstore-protobuf-specs/-/jobs/6792898/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/rfc8785/-/jobs/6792999/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo "deb [trusted=yes] https://salsa.debian.org/python-team/packages/sigstore-python/-/jobs/6793079/artifacts/raw/aptly unstable main" | tee --append /etc/apt/sources.list.d/add.list
echo >>/etc/apt/apt.conf.d/99verify-peer.conf "Acquire { https::Verify-Peer false }"
apt update
apt install -y sigstore

The error message is below, does anyone have ideas? I wonder if
pydantic in Debian is too old, or something.

/Simon

root@ab7dd93df2f1:/# sigstore
Traceback (most recent call last):
File "/usr/bin/sigstore", line 5, in <module>
from sigstore._cli import main
File "/usr/lib/python3/dist-packages/sigstore/_cli.py", line 38, in <module>
from sigstore import __version__, dsse
File "/usr/lib/python3/dist-packages/sigstore/dsse/__init__.py", line 33, in <module>
from sigstore.hashes import Hashed
File "/usr/lib/python3/dist-packages/sigstore/hashes.py", line 28, in <module>
class Hashed(BaseModel, frozen=True):
File "/usr/lib/python3/dist-packages/pydantic/_internal/_model_construction.py", line 226, in __new__
complete_model_class(
File "/usr/lib/python3/dist-packages/pydantic/_internal/_model_construction.py", line 658, in complete_model_class
schema = cls.__get_pydantic_core_schema__(cls, handler)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/main.py", line 702, in __get_pydantic_core_schema__
return handler(source)
^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_schema_generation_shared.py", line 84, in __call__
schema = self._handler(source_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 610, in generate_schema
schema = self._generate_schema_inner(obj)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 879, in _generate_schema_inner
return self._model_schema(obj)
^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 691, in _model_schema
{k: self._generate_md_field_schema(k, v, decorators) for k, v in fields.items()},
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 1071, in _generate_md_field_schema
common_field = self._common_field_schema(name, field_info, decorators)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 1263, in _common_field_schema
schema = self._apply_annotations(
^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 2056, in _apply_annotations
schema = get_inner_schema(source_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_schema_generation_shared.py", line 84, in __call__
schema = self._handler(source_type)
^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 2037, in inner_handler
schema = self._generate_schema_inner(obj)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 884, in _generate_schema_inner
return self.match_type(obj)
^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 995, in match_type
return self._unknown_type_schema(obj)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
File "/usr/lib/python3/dist-packages/pydantic/_internal/_generate_schema.py", line 513, in _unknown_type_schema
raise PydanticSchemaGenerationError( pydantic.errors.PydanticSchemaGenerationError: Unable to generate pydantic-core schema for <enum 'HashAlgorithm'>. Set `arbitrary_types_allowed=True` in the model_config to ignore this error or implement `__get_pydantic_core_schema__` on your type to
fully support it.

If you got this error by calling handler(<some type>) within `__get_pydantic_core_schema__` then you likely need to call `handler.generate_schema(<some type>)` since we do not call `__get_pydantic_core_schema__` on `<some type>` otherwise to avoid
infinite recursion.

For further information visit https://errors.pydantic.dev/2.10/u/schema-for-unknown-type
root@ab7dd93df2f1:/#

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZ2YTZxQcc2ltb25Aam9z ZWZzc29uLm9yZwAKCRBRcisI/kdFotyfAP974cgU1Y5vu6xfkQkknEVtGzlfA8lt GGgKH1L1TkAJ+gEAiFXu6em2Mn/Y7vzm3X393LBsMAkgaHDjmep3fED0RwE=PJhu
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

On Sat, Dec 21, 2024 at 02:01:27AM +0100, Simon Josefsson wrote:

Simon Josefsson <simon@josefsson.org> writes:

https://salsa.debian.org/python-team/packages/python-tuf

I have uploaded 5.1.0-2 to unstable, however I would appreciate review
of python-tuf since I'm new to python packaging. My main concern is
about debian/tests/ and if there are better approaches?

I haven't done a full review, but a quick note on the point you brought
up: it looks to me as though you could replace the whole of
debian/tests/ with the field "Testsuite: autopkgtest-pkg-pybuild" in the
source stanza of debian/control. See pybuild-autopkgtest(1).

The error message is below, does anyone have ideas? I wonder if
pydantic in Debian is too old, or something.

pydantic in Debian is current (assuming this is unstable, anyway - I did
a small upstream version bump quite recently). Does upstream test with
the latest version?

--
Colin Watson (he/him) [cjwatson@debian.org]

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)

Colin Watson <cjwatson@debian.org> writes:

On Sat, Dec 21, 2024 at 02:01:27AM +0100, Simon Josefsson wrote:

Simon Josefsson <simon@josefsson.org> writes:

https://salsa.debian.org/python-team/packages/python-tuf

I have uploaded 5.1.0-2 to unstable, however I would appreciate review
of python-tuf since I'm new to python packaging. My main concern is
about debian/tests/ and if there are better approaches?

I haven't done a full review, but a quick note on the point you brought
up: it looks to me as though you could replace the whole of
debian/tests/ with the field "Testsuite: autopkgtest-pkg-pybuild" in the source stanza of debian/control. See pybuild-autopkgtest(1).

Thanks -- I had some trouble with autopkgtest-pkg-pybuild when I started packaging, and removed it to simplify things, but later forgot to add it
back in. It work fine for python-tuf:

https://salsa.debian.org/python-team/packages/python-tuf/-/jobs/6802287

I'll try to adapt this for all the new packages too.

The error message is below, does anyone have ideas? I wonder if
pydantic in Debian is too old, or something.

pydantic in Debian is current (assuming this is unstable, anyway - I did
a small upstream version bump quite recently). Does upstream test with
the latest version?

Ah -- I will debug more and will consider that Debian's pydantic may
actually be too new instead.

/Simon

--=-=-Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iIoEARYIADIWIQSjzJyHC50xCrrUzy9RcisI/kdFogUCZ2hPBhQcc2ltb25Aam9z ZWZzc29uLm9yZwAKCRBRcisI/kdForLIAP0elhOfvV14eSJbscVt3FuoPAHqhbH9 5Qq19MgHIfNoAQD/SWu1Ds3gPXefLfEf1UgYjvxgJ+fwb4a0clCzgU/FxgE=jOaG
-----END PGP SIGNATURE-----

--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)