1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
|
%global _empty_manifest_terminate_build 0
Name: python-requestes
Version: 0.0.1
Release: 1
Summary: Python Module Security Admonition
License: BSD
URL: https://github.com/davidfischer/requestes
Source0: https://mirrors.aliyun.com/pypi/web/packages/0f/58/7dd0d1b8fda382ed9440614c8bca77210fa4e8158261d744bab53f395fd2/requestes-0.0.1.tar.gz
BuildArch: noarch
%description
If you are reading this admonition while running pip, I'd like to take
this time to inform you that you just ran arbitrary code from the untrusted
internet (maybe even as root?). The fact that this was so easy is a bit of a
problem.
Remember when RubyGems.org got compromised and was down since they weren't
sure whether there were any problems with the gems themselves? That could
have just as easily been PyPI. Adding SSL to PyPI and certificate checking
to pip were big steps forward, but we need to make shipping and installing
modules securely even easier. I'm not sure whether that means developer
certificates or package signing or something else, but we need to find a
way to run only trusted code. As long as a one character typo can root your
box, the problem persists.
https://github.com/davidfischer/requestes
%package -n python3-requestes
Summary: Python Module Security Admonition
Provides: python-requestes
BuildRequires: python3-devel
BuildRequires: python3-setuptools
BuildRequires: python3-pip
%description -n python3-requestes
If you are reading this admonition while running pip, I'd like to take
this time to inform you that you just ran arbitrary code from the untrusted
internet (maybe even as root?). The fact that this was so easy is a bit of a
problem.
Remember when RubyGems.org got compromised and was down since they weren't
sure whether there were any problems with the gems themselves? That could
have just as easily been PyPI. Adding SSL to PyPI and certificate checking
to pip were big steps forward, but we need to make shipping and installing
modules securely even easier. I'm not sure whether that means developer
certificates or package signing or something else, but we need to find a
way to run only trusted code. As long as a one character typo can root your
box, the problem persists.
https://github.com/davidfischer/requestes
%package help
Summary: Development documents and examples for requestes
Provides: python3-requestes-doc
%description help
If you are reading this admonition while running pip, I'd like to take
this time to inform you that you just ran arbitrary code from the untrusted
internet (maybe even as root?). The fact that this was so easy is a bit of a
problem.
Remember when RubyGems.org got compromised and was down since they weren't
sure whether there were any problems with the gems themselves? That could
have just as easily been PyPI. Adding SSL to PyPI and certificate checking
to pip were big steps forward, but we need to make shipping and installing
modules securely even easier. I'm not sure whether that means developer
certificates or package signing or something else, but we need to find a
way to run only trusted code. As long as a one character typo can root your
box, the problem persists.
https://github.com/davidfischer/requestes
%prep
%autosetup -n requestes-0.0.1
%build
%py3_build
%install
%py3_install
install -d -m755 %{buildroot}/%{_pkgdocdir}
if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi
if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi
if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi
if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi
pushd %{buildroot}
if [ -d usr/lib ]; then
find usr/lib -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/lib64 ]; then
find usr/lib64 -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/bin ]; then
find usr/bin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
if [ -d usr/sbin ]; then
find usr/sbin -type f -printf "\"/%h/%f\"\n" >> filelist.lst
fi
touch doclist.lst
if [ -d usr/share/man ]; then
find usr/share/man -type f -printf "\"/%h/%f.gz\"\n" >> doclist.lst
fi
popd
mv %{buildroot}/filelist.lst .
mv %{buildroot}/doclist.lst .
%files -n python3-requestes -f filelist.lst
%dir %{python3_sitelib}/*
%files help -f doclist.lst
%{_docdir}/*
%changelog
* Thu Jun 08 2023 Python_Bot <Python_Bot@openeuler.org> - 0.0.1-1
- Package Spec generated
|
