diff options
| -rw-r--r-- | .gitignore | 1 | ||||
| -rw-r--r-- | python-requestes.spec | 108 | ||||
| -rw-r--r-- | sources | 1 |
3 files changed, 110 insertions, 0 deletions
@@ -0,0 +1 @@ +/requestes-0.0.1.tar.gz diff --git a/python-requestes.spec b/python-requestes.spec new file mode 100644 index 0000000..ab9540e --- /dev/null +++ b/python-requestes.spec @@ -0,0 +1,108 @@ +%global _empty_manifest_terminate_build 0 +Name: python-requestes +Version: 0.0.1 +Release: 1 +Summary: Python Module Security Admonition +License: BSD +URL: https://github.com/davidfischer/requestes +Source0: https://mirrors.nju.edu.cn/pypi/web/packages/0f/58/7dd0d1b8fda382ed9440614c8bca77210fa4e8158261d744bab53f395fd2/requestes-0.0.1.tar.gz +BuildArch: noarch + + +%description +If you are reading this admonition while running pip, I'd like to take +this time to inform you that you just ran arbitrary code from the untrusted +internet (maybe even as root?). The fact that this was so easy is a bit of a +problem. +Remember when RubyGems.org got compromised and was down since they weren't +sure whether there were any problems with the gems themselves? That could +have just as easily been PyPI. Adding SSL to PyPI and certificate checking +to pip were big steps forward, but we need to make shipping and installing +modules securely even easier. I'm not sure whether that means developer +certificates or package signing or something else, but we need to find a +way to run only trusted code. As long as a one character typo can root your +box, the problem persists. +https://github.com/davidfischer/requestes + +%package -n python3-requestes +Summary: Python Module Security Admonition +Provides: python-requestes +BuildRequires: python3-devel +BuildRequires: python3-setuptools +BuildRequires: python3-pip +%description -n python3-requestes +If you are reading this admonition while running pip, I'd like to take +this time to inform you that you just ran arbitrary code from the untrusted +internet (maybe even as root?). The fact that this was so easy is a bit of a +problem. +Remember when RubyGems.org got compromised and was down since they weren't +sure whether there were any problems with the gems themselves? That could +have just as easily been PyPI. Adding SSL to PyPI and certificate checking +to pip were big steps forward, but we need to make shipping and installing +modules securely even easier. I'm not sure whether that means developer +certificates or package signing or something else, but we need to find a +way to run only trusted code. As long as a one character typo can root your +box, the problem persists. +https://github.com/davidfischer/requestes + +%package help +Summary: Development documents and examples for requestes +Provides: python3-requestes-doc +%description help +If you are reading this admonition while running pip, I'd like to take +this time to inform you that you just ran arbitrary code from the untrusted +internet (maybe even as root?). The fact that this was so easy is a bit of a +problem. +Remember when RubyGems.org got compromised and was down since they weren't +sure whether there were any problems with the gems themselves? That could +have just as easily been PyPI. Adding SSL to PyPI and certificate checking +to pip were big steps forward, but we need to make shipping and installing +modules securely even easier. I'm not sure whether that means developer +certificates or package signing or something else, but we need to find a +way to run only trusted code. As long as a one character typo can root your +box, the problem persists. +https://github.com/davidfischer/requestes + +%prep +%autosetup -n requestes-0.0.1 + +%build +%py3_build + +%install +%py3_install +install -d -m755 %{buildroot}/%{_pkgdocdir} +if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi +if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi +if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi +if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi +pushd %{buildroot} +if [ -d usr/lib ]; then + find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/lib64 ]; then + find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/bin ]; then + find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst +fi +if [ -d usr/sbin ]; then + find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst +fi +touch doclist.lst +if [ -d usr/share/man ]; then + find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst +fi +popd +mv %{buildroot}/filelist.lst . +mv %{buildroot}/doclist.lst . + +%files -n python3-requestes -f filelist.lst +%dir %{python3_sitelib}/* + +%files help -f doclist.lst +%{_docdir}/* + +%changelog +* Mon May 29 2023 Python_Bot <Python_Bot@openeuler.org> - 0.0.1-1 +- Package Spec generated @@ -0,0 +1 @@ +cdebbb98a7ecadb374adbb5d65001f4e requestes-0.0.1.tar.gz |