%global _empty_manifest_terminate_build 0 Name: python-requestes Version: 0.0.1 Release: 1 Summary: Python Module Security Admonition License: BSD URL: https://github.com/davidfischer/requestes Source0: https://mirrors.nju.edu.cn/pypi/web/packages/0f/58/7dd0d1b8fda382ed9440614c8bca77210fa4e8158261d744bab53f395fd2/requestes-0.0.1.tar.gz BuildArch: noarch %description If you are reading this admonition while running pip, I'd like to take this time to inform you that you just ran arbitrary code from the untrusted internet (maybe even as root?). The fact that this was so easy is a bit of a problem. Remember when RubyGems.org got compromised and was down since they weren't sure whether there were any problems with the gems themselves? That could have just as easily been PyPI. Adding SSL to PyPI and certificate checking to pip were big steps forward, but we need to make shipping and installing modules securely even easier. I'm not sure whether that means developer certificates or package signing or something else, but we need to find a way to run only trusted code. As long as a one character typo can root your box, the problem persists. https://github.com/davidfischer/requestes %package -n python3-requestes Summary: Python Module Security Admonition Provides: python-requestes BuildRequires: python3-devel BuildRequires: python3-setuptools BuildRequires: python3-pip %description -n python3-requestes If you are reading this admonition while running pip, I'd like to take this time to inform you that you just ran arbitrary code from the untrusted internet (maybe even as root?). The fact that this was so easy is a bit of a problem. Remember when RubyGems.org got compromised and was down since they weren't sure whether there were any problems with the gems themselves? That could have just as easily been PyPI. Adding SSL to PyPI and certificate checking to pip were big steps forward, but we need to make shipping and installing modules securely even easier. I'm not sure whether that means developer certificates or package signing or something else, but we need to find a way to run only trusted code. As long as a one character typo can root your box, the problem persists. https://github.com/davidfischer/requestes %package help Summary: Development documents and examples for requestes Provides: python3-requestes-doc %description help If you are reading this admonition while running pip, I'd like to take this time to inform you that you just ran arbitrary code from the untrusted internet (maybe even as root?). The fact that this was so easy is a bit of a problem. Remember when RubyGems.org got compromised and was down since they weren't sure whether there were any problems with the gems themselves? That could have just as easily been PyPI. Adding SSL to PyPI and certificate checking to pip were big steps forward, but we need to make shipping and installing modules securely even easier. I'm not sure whether that means developer certificates or package signing or something else, but we need to find a way to run only trusted code. As long as a one character typo can root your box, the problem persists. https://github.com/davidfischer/requestes %prep %autosetup -n requestes-0.0.1 %build %py3_build %install %py3_install install -d -m755 %{buildroot}/%{_pkgdocdir} if [ -d doc ]; then cp -arf doc %{buildroot}/%{_pkgdocdir}; fi if [ -d docs ]; then cp -arf docs %{buildroot}/%{_pkgdocdir}; fi if [ -d example ]; then cp -arf example %{buildroot}/%{_pkgdocdir}; fi if [ -d examples ]; then cp -arf examples %{buildroot}/%{_pkgdocdir}; fi pushd %{buildroot} if [ -d usr/lib ]; then find usr/lib -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/lib64 ]; then find usr/lib64 -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/bin ]; then find usr/bin -type f -printf "/%h/%f\n" >> filelist.lst fi if [ -d usr/sbin ]; then find usr/sbin -type f -printf "/%h/%f\n" >> filelist.lst fi touch doclist.lst if [ -d usr/share/man ]; then find usr/share/man -type f -printf "/%h/%f.gz\n" >> doclist.lst fi popd mv %{buildroot}/filelist.lst . mv %{buildroot}/doclist.lst . %files -n python3-requestes -f filelist.lst %dir %{python3_sitelib}/* %files help -f doclist.lst %{_docdir}/* %changelog * Tue May 30 2023 Python_Bot - 0.0.1-1 - Package Spec generated