From 35d8c831fcca142e76060667de48710f756ed677 Mon Sep 17 00:00:00 2001 From: Renbo Date: Tue, 2 Jul 2024 14:03:48 +0800 Subject: [PATCH 1/2] update to python-pip-9.0.3-24.src.rpm Signed-off-by: Renbo --- 0001-add-pip-loongarch.conf.patch | 49 ------------------- ...rfile.patch => cve-2007-4559-tarfile.patch | 0 dist | 1 + pip-loongarch.conf | 8 --- python-pip.spec | 21 ++------ 5 files changed, 5 insertions(+), 74 deletions(-) delete mode 100644 0001-add-pip-loongarch.conf.patch rename CVE-2007-4559-tarfile.patch => cve-2007-4559-tarfile.patch (100%) create mode 100644 dist delete mode 100644 pip-loongarch.conf diff --git a/0001-add-pip-loongarch.conf.patch b/0001-add-pip-loongarch.conf.patch deleted file mode 100644 index b527f6d..0000000 --- a/0001-add-pip-loongarch.conf.patch +++ /dev/null @@ -1,49 +0,0 @@ -From 50fc975fe0f6dfca8cdfa95985543b1661e23b78 Mon Sep 17 00:00:00 2001 -From: Jingyun Hua -Date: Tue, 26 Jul 2022 01:40:05 +0000 -Subject: [PATCH] add pip-loongarch.conf - -Signed-off-by: Jingyun Hua ---- - pip/locations.py | 12 ++++++++++++ - 1 file changed, 12 insertions(+) - -diff --git a/pip/locations.py b/pip/locations.py -index e598ef1..3db0391 100644 ---- a/pip/locations.py -+++ b/pip/locations.py -@@ -5,6 +5,7 @@ import os - import os.path - import site - import sys -+import platform - - from distutils import sysconfig - from distutils.command.install import install, SCHEME_KEYS # noqa -@@ -83,6 +84,7 @@ src_prefix = os.path.abspath(src_prefix) - site_packages = sysconfig.get_python_lib() - user_site = site.USER_SITE - user_dir = expanduser('~') -+os_arch = platform.machine() - if WINDOWS: - bin_py = os.path.join(sys.prefix, 'Scripts') - bin_user = os.path.join(user_site, 'Scripts') -@@ -98,6 +100,16 @@ if WINDOWS: - legacy_storage_dir, - config_basename, - ) -+elif os_arch == 'loongarch64': -+ bin_py = os.path.join(sys.prefix, 'bin') -+ bin_user = os.path.join(user_site, 'bin') -+ user_conf = os.path.join(user_dir,'.pip/pip.conf') -+ if os.path.exists(user_conf): -+ config_basename = 'pip.conf' -+ legacy_config_file = user_conf -+ else: -+ config_basename = 'pip-loongarch.conf' -+ legacy_config_file = '/etc/pip3/pip-loongarch.conf' - else: - bin_py = os.path.join(sys.prefix, 'bin') - bin_user = os.path.join(user_site, 'bin') --- -2.27.0 diff --git a/CVE-2007-4559-tarfile.patch b/cve-2007-4559-tarfile.patch similarity index 100% rename from CVE-2007-4559-tarfile.patch rename to cve-2007-4559-tarfile.patch diff --git a/dist b/dist new file mode 100644 index 0000000..9c0e36e --- /dev/null +++ b/dist @@ -0,0 +1 @@ +an8 diff --git a/pip-loongarch.conf b/pip-loongarch.conf deleted file mode 100644 index fd77def..0000000 --- a/pip-loongarch.conf +++ /dev/null @@ -1,8 +0,0 @@ -[global] -timeout = 60 -index-url = https://pypi.loongnix.cn/loongson/pypi -extra-index-url = https://pypi.org/simple -[install] -trusted-host = - pypi.loongnix.cn - pypi.org diff --git a/python-pip.spec b/python-pip.spec index aba78b5..f14ccf0 100644 --- a/python-pip.spec +++ b/python-pip.spec @@ -10,12 +10,11 @@ %endif %global bashcompdir %(b=$(pkg-config --variable=completionsdir bash-completion 2>/dev/null); echo ${b:-%{_sysconfdir}/bash_completion.d}) -%define anolis_release .0.1 Name: python-%{srcname} # When updating, update the bundled libraries versions bellow! Version: 9.0.3 -Release: 23%{anolis_release}%{?dist}.1 +Release: 24%{?dist} Summary: A tool for installing and managing Python packages Group: Development/Libraries @@ -61,7 +60,6 @@ BuildRequires: bzr %if %{with tests} Source1: pip-%{version}-tests.tar.gz %endif -Source100: pip-loongarch.conf # Patch until the following issue gets implemented upstream: # https://github.com/pypa/pip/issues/1351 @@ -136,9 +134,7 @@ Patch12: skip_yanked_releases.patch # proposed in https://github.com/pypa/pip/pull/12214 # - Patch for vendored distlib, accepted upstream: # https://github.com/pypa/distlib/pull/201 -Patch13: CVE-2007-4559-tarfile.patch - -Patch1000: 0001-add-pip-loongarch.conf.patch +Patch13: cve-2007-4559-tarfile.patch %global _description \ pip is a package management system used to install and manage software packages \ @@ -290,8 +286,6 @@ popd %patch12 -p1 %patch13 -p1 -%patch1000 -p1 - # this goes together with patch4 rm pip/_vendor/certifi/*.pem rm pip/_vendor/requests/*.pem @@ -335,9 +329,6 @@ popd rm %{buildroot}%{_bindir}/pip -install -d %{buildroot}%{_sysconfdir}/pip3/ -install %{SOURCE100} %{buildroot}%{_sysconfdir}/pip3/ - %if %{with doc} install -d %{buildroot}%{_mandir}/man1 install -pm0644 docs/_build/man/*.1 %{buildroot}%{_mandir}/man1/pip3.1 @@ -391,7 +382,6 @@ py.test-%{python3_version} -m 'not network' %{_bindir}/pip-%{python3_version} %dir %{bashcompdir} %{bashcompdir}/pip* -%{_sysconfdir}/pip3/* %if %{with doc} %files doc @@ -409,12 +399,9 @@ py.test-%{python3_version} -m 'not network' %endif %changelog -* Wed Apr 17 2024 huajingyun - 9.0.3-23.0.1.1 -- Add pypi.loongnix.cn - -* Wed Feb 14 2024 Lumír Balhar - 9.0.3-23.1 +* Wed Feb 14 2024 Lumír Balhar - 9.0.3-24 - Require Python with tarfile filters -Resolves: RHEL-25449 +Resolves: RHEL-25446 * Tue Aug 08 2023 Petr Viktorin - 9.0.3-23 - Use tarfile.data_filter for extracting (CVE-2007-4559, PEP-721, PEP-706) -- Gitee From f6e61ce442f3526c5180dcbbf02e243c59d56fd7 Mon Sep 17 00:00:00 2001 From: Jingyun Hua Date: Fri, 22 Jul 2022 07:59:45 +0000 Subject: [PATCH 2/2] Default use pypi.loongnix.cn on loongarch64 Signed-off-by: Jingyun Hua --- 0001-add-pip-loongarch.conf.patch | 49 +++++++++++++++++++++++++++++++ pip-loongarch.conf | 8 +++++ python-pip.spec | 15 +++++++++- 3 files changed, 71 insertions(+), 1 deletion(-) create mode 100644 0001-add-pip-loongarch.conf.patch create mode 100644 pip-loongarch.conf diff --git a/0001-add-pip-loongarch.conf.patch b/0001-add-pip-loongarch.conf.patch new file mode 100644 index 0000000..b527f6d --- /dev/null +++ b/0001-add-pip-loongarch.conf.patch @@ -0,0 +1,49 @@ +From 50fc975fe0f6dfca8cdfa95985543b1661e23b78 Mon Sep 17 00:00:00 2001 +From: Jingyun Hua +Date: Tue, 26 Jul 2022 01:40:05 +0000 +Subject: [PATCH] add pip-loongarch.conf + +Signed-off-by: Jingyun Hua +--- + pip/locations.py | 12 ++++++++++++ + 1 file changed, 12 insertions(+) + +diff --git a/pip/locations.py b/pip/locations.py +index e598ef1..3db0391 100644 +--- a/pip/locations.py ++++ b/pip/locations.py +@@ -5,6 +5,7 @@ import os + import os.path + import site + import sys ++import platform + + from distutils import sysconfig + from distutils.command.install import install, SCHEME_KEYS # noqa +@@ -83,6 +84,7 @@ src_prefix = os.path.abspath(src_prefix) + site_packages = sysconfig.get_python_lib() + user_site = site.USER_SITE + user_dir = expanduser('~') ++os_arch = platform.machine() + if WINDOWS: + bin_py = os.path.join(sys.prefix, 'Scripts') + bin_user = os.path.join(user_site, 'Scripts') +@@ -98,6 +100,16 @@ if WINDOWS: + legacy_storage_dir, + config_basename, + ) ++elif os_arch == 'loongarch64': ++ bin_py = os.path.join(sys.prefix, 'bin') ++ bin_user = os.path.join(user_site, 'bin') ++ user_conf = os.path.join(user_dir,'.pip/pip.conf') ++ if os.path.exists(user_conf): ++ config_basename = 'pip.conf' ++ legacy_config_file = user_conf ++ else: ++ config_basename = 'pip-loongarch.conf' ++ legacy_config_file = '/etc/pip3/pip-loongarch.conf' + else: + bin_py = os.path.join(sys.prefix, 'bin') + bin_user = os.path.join(user_site, 'bin') +-- +2.27.0 diff --git a/pip-loongarch.conf b/pip-loongarch.conf new file mode 100644 index 0000000..fd77def --- /dev/null +++ b/pip-loongarch.conf @@ -0,0 +1,8 @@ +[global] +timeout = 60 +index-url = https://pypi.loongnix.cn/loongson/pypi +extra-index-url = https://pypi.org/simple +[install] +trusted-host = + pypi.loongnix.cn + pypi.org diff --git a/python-pip.spec b/python-pip.spec index f14ccf0..0646ea8 100644 --- a/python-pip.spec +++ b/python-pip.spec @@ -10,11 +10,12 @@ %endif %global bashcompdir %(b=$(pkg-config --variable=completionsdir bash-completion 2>/dev/null); echo ${b:-%{_sysconfdir}/bash_completion.d}) +%define anolis_release .0.1 Name: python-%{srcname} # When updating, update the bundled libraries versions bellow! Version: 9.0.3 -Release: 24%{?dist} +Release: 24%{anolis_release}%{?dist} Summary: A tool for installing and managing Python packages Group: Development/Libraries @@ -60,6 +61,7 @@ BuildRequires: bzr %if %{with tests} Source1: pip-%{version}-tests.tar.gz %endif +Source100: pip-loongarch.conf # Patch until the following issue gets implemented upstream: # https://github.com/pypa/pip/issues/1351 @@ -136,6 +138,8 @@ Patch12: skip_yanked_releases.patch # https://github.com/pypa/distlib/pull/201 Patch13: cve-2007-4559-tarfile.patch +Patch1000: 0001-add-pip-loongarch.conf.patch + %global _description \ pip is a package management system used to install and manage software packages \ written in Python. Many packages can be found in the Python Package Index \ @@ -286,6 +290,8 @@ popd %patch12 -p1 %patch13 -p1 +%patch1000 -p1 + # this goes together with patch4 rm pip/_vendor/certifi/*.pem rm pip/_vendor/requests/*.pem @@ -329,6 +335,9 @@ popd rm %{buildroot}%{_bindir}/pip +install -d %{buildroot}%{_sysconfdir}/pip3/ +install %{SOURCE100} %{buildroot}%{_sysconfdir}/pip3/ + %if %{with doc} install -d %{buildroot}%{_mandir}/man1 install -pm0644 docs/_build/man/*.1 %{buildroot}%{_mandir}/man1/pip3.1 @@ -382,6 +391,7 @@ py.test-%{python3_version} -m 'not network' %{_bindir}/pip-%{python3_version} %dir %{bashcompdir} %{bashcompdir}/pip* +%{_sysconfdir}/pip3/* %if %{with doc} %files doc @@ -399,6 +409,9 @@ py.test-%{python3_version} -m 'not network' %endif %changelog +* Tue Jul 02 2024 huajingyun - 9.0.3-24.0.1 +- Add pypi.loongnix.cn + * Wed Feb 14 2024 Lumír Balhar - 9.0.3-24 - Require Python with tarfile filters Resolves: RHEL-25446 -- Gitee