Update to 0.75

- New upstream release 0.75 - Fix GPG signature parsing logic - MANIFEST.SKIP is no longer consulted unless --skip is given - Properly use open() modes to avoid injection attacks - More protection of @INC from relative paths - Don't try to run the signature test, which needs the network
2015-04-08 09:07:15 +01:00 · 2015-04-08 09:07:15 +01:00 · effd200704
commit effd200704
parent f1f2b2d2a8
2 changed files with 18 additions and 12 deletions
--- a/perl-Module-Signature.spec
+++ b/perl-Module-Signature.spec
@ -1,6 +1,6 @@
 Name:           perl-Module-Signature
-Version:        0.73
+Version:        0.75
-Release:        5%{?dist}
+Release:        1%{?dist}
 Summary:        CPAN signature management utilities and modules
 Group:          Development/Libraries
 License:        CC0
@ -10,6 +10,7 @@ Source1:        AKOENIG.pub
 BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu)
 BuildArch:      noarch
 # Module build
 BuildRequires:  perl
 BuildRequires:  perl(base)
 BuildRequires:  perl(Cwd)
 BuildRequires:  perl(ExtUtils::MakeMaker)
@ -21,6 +22,7 @@ BuildRequires:  perl(Digest::SHA1)
 BuildRequires:  perl(Exporter)
 BuildRequires:  perl(ExtUtils::Manifest)
 BuildRequires:  perl(File::Spec)
 BuildRequires:  perl(File::Temp)
 BuildRequires:  perl(IO::Socket::INET)
 BuildRequires:  perl(Text::Diff)
 # Test suite
@ -36,6 +38,7 @@ Requires:       perl(:MODULE_COMPAT_%(eval "`perl -V:version`"; echo $version))
 Requires:       gnupg
 Requires:       perl(Digest::SHA)
 Requires:       perl(Digest::SHA1)
 Requires:       perl(File::Temp)
 Requires:       perl(IO::Socket::INET)
 Requires:       perl(PAR::Dist)
 Requires:       perl(Text::Diff)
@ -45,10 +48,7 @@ This package contains a command line tool and module for checking and creating
 SIGNATURE files for Perl CPAN distributions.
 %prep
-%setup -q -c -n Module-Signature
+%setup -q -n Module-Signature-%{version}
 # Copy up documentation for convenience with %%doc
 cp -a Module-Signature-%{version}/{AUTHORS,Changes,README,*.pub} .
 # Create a GPG directory for testing, to avoid using ~/.gnupg
 mkdir --mode=0700 gnupghome
@ -59,20 +59,18 @@ gpg --import %{SOURCE1}
 %build
 export GNUPGHOME=$(pwd)/gnupghome
 cd Module-Signature-%{version}
 perl Makefile.PL INSTALLDIRS=vendor --skipdeps </dev/null
 make %{?_smp_mflags}
 cd -
 %install
 rm -rf %{buildroot}
-make -C Module-Signature-%{version} pure_install DESTDIR=%{buildroot}
+make pure_install DESTDIR=%{buildroot}
 find %{buildroot} -type f -name .packlist -exec rm -f {} ';'
 %{_fixperms} %{buildroot}
 %check
 export GNUPGHOME=$(pwd)/gnupghome
-make -C Module-Signature-%{version} test TEST_SIGNATURE=1
+make test
 %clean
 rm -rf %{buildroot}
@ -82,9 +80,17 @@ rm -rf %{buildroot}
 %{_bindir}/cpansign
 %{perl_vendorlib}/Module/
 %{_mandir}/man1/cpansign.1*
-%{_mandir}/man3/Module::Signature.3pm*
+%{_mandir}/man3/Module::Signature.3*
 %changelog
 * Tue Apr  7 2015 Paul Howarth <paul@city-fan.org> - 0.75-1
 - Update to 0.75
  - Fix GPG signature parsing logic
  - MANIFEST.SKIP is no longer consulted unless --skip is given
  - Properly use open() modes to avoid injection attacks
  - More protection of @INC from relative paths
 - Don't try to run the signature test, which needs the network
 * Wed Aug 27 2014 Jitka Plesnikova <jplesnik@redhat.com> - 0.73-5
 - Perl 5.20 rebuild
--- a/2
+++ b/2
@ -1 +1 @@
-de27bbca948ba8a13a7f614414cb623d  Module-Signature-0.73.tar.gz
+2936acfbe0038637c69f066ba8cd457f  Module-Signature-0.75.tar.gz
`@ -1 +1 @@`
	`de27bbca948ba8a13a7f614414cb623d Module-Signature-0.73.tar.gz`	`2936acfbe0038637c69f066ba8cd457f Module-Signature-0.75.tar.gz`