Compare commits

..

No commits in common. "c8" and "c10s" have entirely different histories.
c8 ... c10s

15 changed files with 835 additions and 501 deletions

7
.gitignore vendored
View File

@ -1 +1,6 @@
SOURCES/setuptools-39.2.0.zip /setuptools-*.tar.gz
/setuptools-*.zip
/setuptools-*/
/pkg_resources-tests-data-*.tar.gz
/results_python-setuptools/
*.rpm

View File

@ -1 +0,0 @@
83e75ec6b04423735e0a9a384b465c68f5206bcf SOURCES/setuptools-39.2.0.zip

View File

@ -0,0 +1,41 @@
From 58f33f0aef5b137287e6f425b922a03123735a77 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Wed, 20 Sep 2023 17:18:47 +0200
Subject: [PATCH] Adjust the setup.py install deprecation message and URL
But only when building RPM packages.
---
setuptools/command/install.py | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/setuptools/command/install.py b/setuptools/command/install.py
index 606cce9..0af1631 100644
--- a/setuptools/command/install.py
+++ b/setuptools/command/install.py
@@ -1,6 +1,7 @@
from distutils.errors import DistutilsArgError
import inspect
import glob
+import os
import platform
import distutils.command.install as orig
@@ -40,8 +41,13 @@ class install(orig.install):
Please avoid running ``setup.py`` directly.
Instead, use pypa/build, pypa/installer or other
standards-based tools.
- """,
- see_url="https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html",
+ """
+ + ("""
+ Follow the current Python packaging guidelines when building
+ Python RPM packages.
+ """ if "RPM_BUILD_ROOT" in os.environ else ""),
+ see_url=("https://blog.ganssle.io/articles/2021/10/setup-py-deprecated.html" +
+ ("\nand https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/" if "RPM_BUILD_ROOT" in os.environ else "")),
# TODO: Document how to bootstrap setuptools without install
# (e.g. by unziping the wheel file)
# and then add a due_date to this warning.
--
2.41.0

116
CVE-2024-6345.patch Normal file
View File

@ -0,0 +1,116 @@
From 472528deea4063f20c5d9525f0faf64ae0cd0a90 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Wed, 24 Jul 2024 14:26:09 +0200
Subject: [PATCH] CVE-2024-6345
---
setuptools/package_index.py | 21 +++++----------------
setuptools/tests/test_packageindex.py | 20 ++++++++++----------
2 files changed, 15 insertions(+), 26 deletions(-)
diff --git a/setuptools/package_index.py b/setuptools/package_index.py
index 7095585..1368bde 100644
--- a/setuptools/package_index.py
+++ b/setuptools/package_index.py
@@ -1,5 +1,6 @@
"""PyPI and direct package downloading."""
+import subprocess
import sys
import os
import re
@@ -881,17 +882,11 @@ class PackageIndex(Environment):
url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
self.info("Doing git clone from %s to %s", url, filename)
- os.system("git clone --quiet %s %s" % (url, filename))
+ subprocess.check_call(["git", "clone", "--quiet", url, filename])
if rev is not None:
self.info("Checking out %s", rev)
- os.system(
- "git -C %s checkout --quiet %s"
- % (
- filename,
- rev,
- )
- )
+ subprocess.check_call(["git", "-C", filename, "checkout", "--quiet", rev])
return filename
@@ -900,17 +895,11 @@ class PackageIndex(Environment):
url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
self.info("Doing hg clone from %s to %s", url, filename)
- os.system("hg clone --quiet %s %s" % (url, filename))
+ subprocess.check_call(["hg", "clone", "--quiet", url, filename])
if rev is not None:
self.info("Updating to %s", rev)
- os.system(
- "hg --cwd %s up -C -r %s -q"
- % (
- filename,
- rev,
- )
- )
+ subprocess.check_call(["hg", "--cwd", filename, "up", "-C", "-r", rev, "-q"])
return filename
diff --git a/setuptools/tests/test_packageindex.py b/setuptools/tests/test_packageindex.py
index 0287063..c136e8d 100644
--- a/setuptools/tests/test_packageindex.py
+++ b/setuptools/tests/test_packageindex.py
@@ -190,37 +190,37 @@ class TestPackageIndex:
url = 'git+https://github.example/group/project@master#egg=foo'
index = setuptools.package_index.PackageIndex()
- with mock.patch("os.system") as os_system_mock:
+ with mock.patch("subprocess.check_call") as subprocess_check_call_mock:
result = index.download(url, str(tmpdir))
- os_system_mock.assert_called()
+ subprocess_check_call_mock.assert_called()
expected_dir = str(tmpdir / 'project@master')
expected = (
'git clone --quiet ' 'https://github.example/group/project {expected_dir}'
- ).format(**locals())
- first_call_args = os_system_mock.call_args_list[0][0]
+ ).format(**locals()).split()
+ first_call_args = subprocess_check_call_mock.call_args_list[0][0]
assert first_call_args == (expected,)
tmpl = 'git -C {expected_dir} checkout --quiet master'
- expected = tmpl.format(**locals())
- assert os_system_mock.call_args_list[1][0] == (expected,)
+ expected = tmpl.format(**locals()).split()
+ assert subprocess_check_call_mock.call_args_list[1][0] == (expected,)
assert result == expected_dir
def test_download_git_no_rev(self, tmpdir):
url = 'git+https://github.example/group/project#egg=foo'
index = setuptools.package_index.PackageIndex()
- with mock.patch("os.system") as os_system_mock:
+ with mock.patch("subprocess.check_call") as subprocess_check_call_mock:
result = index.download(url, str(tmpdir))
- os_system_mock.assert_called()
+ subprocess_check_call_mock.assert_called()
expected_dir = str(tmpdir / 'project')
expected = (
'git clone --quiet ' 'https://github.example/group/project {expected_dir}'
- ).format(**locals())
- os_system_mock.assert_called_once_with(expected)
+ ).format(**locals()).split()
+ subprocess_check_call_mock.assert_called_once_with(expected)
def test_download_svn(self, tmpdir):
url = 'svn+https://svn.example/project#egg=foo'
--
2.45.2

View File

@ -1,26 +1,25 @@
From ff1c62ede76e29a9d00bbbad266afa59ee153e51 Mon Sep 17 00:00:00 2001 From 19d6fa7fcb22aef8192dcbc0adb920c12cb6a648 Mon Sep 17 00:00:00 2001
From: "Jason R. Coombs" <jaraco@jaraco.com> From: "Jason R. Coombs" <jaraco@jaraco.com>
Date: Sat, 19 Apr 2025 13:03:47 -0400 Date: Sat, 19 Apr 2025 13:03:47 -0400
Subject: [PATCH] Add a check to ensure the name resolves relative to the Subject: [PATCH] Add a check to ensure the name resolves relative to the
tmpdir. tmpdir.
Closes #4946 Closes #4946
--- ---
setuptools/package_index.py | 4 ++++ setuptools/package_index.py | 4 ++++
1 file changed, 4 insertions(+) 1 file changed, 4 insertions(+)
diff --git a/setuptools/package_index.py b/setuptools/package_index.py diff --git a/setuptools/package_index.py b/setuptools/package_index.py
index 1d3e5b4..79953f8 100755 index f52592a..ebafe9f 100644
--- a/setuptools/package_index.py --- a/setuptools/package_index.py
+++ b/setuptools/package_index.py +++ b/setuptools/package_index.py
@@ -808,6 +808,10 @@ class PackageIndex(Environment): @@ -828,6 +828,10 @@ class PackageIndex(Environment):
filename = os.path.join(tmpdir, name) filename = os.path.join(tmpdir, name)
+ # ensure path resolves within the tmpdir + # ensure path resolves within the tmpdir
+ if not filename.startswith(str(tmpdir)): + if not filename.startswith(str(tmpdir)):
+ raise ValueError("Invalid filename {filename}".format(filename = filename)) + raise ValueError(f"Invalid filename {filename}")
+ +
# Download the file # Download the file
# #

View File

@ -0,0 +1,48 @@
From 850efbc4dfe5b8c64dd21617bc856ba0d4e3a082 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Wed, 20 Sep 2023 19:47:05 +0200
Subject: [PATCH] Remove optional or unpackaged test deps
---
setup.cfg | 14 --------------
1 file changed, 14 deletions(-)
diff --git a/setup.cfg b/setup.cfg
index c7aaf14..33b9cd7 100644
--- a/setup.cfg
+++ b/setup.cfg
@@ -42,17 +42,7 @@ exclude =
[options.extras_require]
testing =
pytest >= 6
- pytest-checkdocs >= 2.4
- pytest-black >= 0.3.7; \
- python_implementation != "PyPy"
- pytest-cov; \
- python_implementation != "PyPy"
- pytest-mypy >= 0.9.1; \
- python_implementation != "PyPy"
- pytest-enabler >= 2.2
- pytest-ruff; sys_platform != "cygwin"
- flake8-2020
virtualenv>=13.0.0
wheel
pip>=19.1 # For proper file:// URLs support.
@@ -60,13 +50,9 @@ testing =
pytest-xdist
jaraco.path>=3.2.0
build[virtualenv]
- filelock>=3.4.0
ini2toml[lite]>=0.9
tomli-w>=1.0.0
pytest-timeout
- pytest-perf; \
- sys_platform != "cygwin"
- jaraco.develop >= 7.21; python_version >= "3.9" and sys_platform != "cygwin"
testing-integration =
pytest
pytest-xdist
--
2.41.0

View File

@ -1,30 +0,0 @@
diff --git a/setuptools/package_index.py b/setuptools/package_index.py
index b6407be..bdcf4a6 100755
--- a/setuptools/package_index.py
+++ b/setuptools/package_index.py
@@ -212,7 +212,7 @@ def unique_values(func):
return wrapper
-REL = re.compile(r"""<([^>]*\srel\s*=\s*['"]?([^'">]+)[^>]*)>""", re.I)
+REL = re.compile(r"""<([^>]*\srel\s{0,10}=\s{0,10}['"]?([^'" >]+)[^>]*)>""", re.I)
# this line is here to fix emacs' cruddy broken syntax highlighting
diff --git a/setuptools/tests/test_packageindex.py b/setuptools/tests/test_packageindex.py
index 63b9294..49bd819 100644
--- a/setuptools/tests/test_packageindex.py
+++ b/setuptools/tests/test_packageindex.py
@@ -223,6 +223,12 @@ class TestPackageIndex:
assert dists[0].version == ''
assert dists[1].version == vc
+ def test_REL_DoS(self):
+ """
+ REL should not hang on a contrived attack string.
+ """
+ setuptools.package_index.REL.search('< rel=' + ' ' * 2**12)
+
class TestContentCheckers:
def test_md5(self):

View File

@ -1,83 +0,0 @@
From 8af1b3e03edc8a38565558aff3bf1689c1ca3545 Mon Sep 17 00:00:00 2001
From: Lumir Balhar <lbalhar@redhat.com>
Date: Fri, 26 Jul 2024 13:49:11 +0200
Subject: [PATCH] CVE-2024-6345
---
setuptools/package_index.py | 23 +++++++++--------------
1 file changed, 9 insertions(+), 14 deletions(-)
diff --git a/setuptools/package_index.py b/setuptools/package_index.py
index bdcf4a6..1d3e5b4 100755
--- a/setuptools/package_index.py
+++ b/setuptools/package_index.py
@@ -1,4 +1,5 @@
"""PyPI and direct package downloading"""
+import subprocess
import sys
import os
import re
@@ -848,7 +849,7 @@ class PackageIndex(Environment):
def _download_svn(self, url, filename):
url = url.split('#', 1)[0] # remove any fragment for svn's sake
- creds = ''
+ creds = []
if url.lower().startswith('svn:') and '@' in url:
scheme, netloc, path, p, q, f = urllib.parse.urlparse(url)
if not netloc and path.startswith('//') and '/' in path[2:]:
@@ -857,14 +858,14 @@ class PackageIndex(Environment):
if auth:
if ':' in auth:
user, pw = auth.split(':', 1)
- creds = " --username=%s --password=%s" % (user, pw)
+ creds = ["--username=" + user, "--password=" + pw]
else:
- creds = " --username=" + auth
+ creds = ["--username=" + auth]
netloc = host
parts = scheme, netloc, url, p, q, f
url = urllib.parse.urlunparse(parts)
self.info("Doing subversion checkout from %s to %s", url, filename)
- os.system("svn checkout%s -q %s %s" % (creds, url, filename))
+ subprocess.check_call(["svn", "checkout"] + creds + ["-q", url, filename])
return filename
@staticmethod
@@ -890,14 +891,11 @@ class PackageIndex(Environment):
url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
self.info("Doing git clone from %s to %s", url, filename)
- os.system("git clone --quiet %s %s" % (url, filename))
+ subprocess.check_call(["git", "clone", "--quiet", url, filename])
if rev is not None:
self.info("Checking out %s", rev)
- os.system("(cd %s && git checkout --quiet %s)" % (
- filename,
- rev,
- ))
+ subprocess.check_call(["git", "-C", filename, "checkout", "--quiet", rev])
return filename
@@ -906,14 +904,11 @@ class PackageIndex(Environment):
url, rev = self._vcs_split_rev_from_url(url, pop_prefix=True)
self.info("Doing hg clone from %s to %s", url, filename)
- os.system("hg clone --quiet %s %s" % (url, filename))
+ subprocess.check_call(["hg", "clone", "--quiet", url, filename])
if rev is not None:
self.info("Updating to %s", rev)
- os.system("(cd %s && hg up -C -r %s -q)" % (
- filename,
- rev,
- ))
+ subprocess.check_call(["hg", "--cwd", filename, "up", "-C", "-r", rev, "-q"])
return filename
--
2.45.2

View File

@ -1,17 +0,0 @@
diff --git a/setuptools/command/easy_install.py b/setuptools/command/easy_install.py
index 91c48b3..0c9b0f4 100755
--- a/setuptools/command/easy_install.py
+++ b/setuptools/command/easy_install.py
@@ -446,6 +446,12 @@ class easy_install(Command):
instdir = normalize_path(self.install_dir)
pth_file = os.path.join(instdir, 'easy-install.pth')
+ if not os.path.exists(instdir):
+ try:
+ os.makedirs(instdir)
+ except (OSError, IOError):
+ self.cant_write_to_target()
+
# Is it a configured, PYTHONPATH, implicit, or explicit site dir?
is_site_dir = instdir in self.all_site_dirs

View File

@ -1,367 +1,320 @@
%global srcname setuptools * Fri Jan 26 2024 Fedora Release Engineering <releng@fedoraproject.org> - 68.2.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
# WARNING When bootstrapping, disable tests as well,
# because tests need pip. * Mon Jan 22 2024 Fedora Release Engineering <releng@fedoraproject.org> - 68.2.2-2
%bcond_with bootstrap - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
%bcond_without tests
* Wed Sep 20 2023 Lumír Balhar <lbalhar@redhat.com> - 68.2.2-1
%bcond_with py2_wheel - Update to 68.2.2 (rhbz#2208644)
%if 0%{?rhel} && 0%{?rhel} <= 7 * Fri Jul 21 2023 Fedora Release Engineering <releng@fedoraproject.org> - 67.7.2-7
%global _without_python3 1 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
# define some macros for RHEL 6
%global __python2 %__python * Wed Jul 12 2023 Python Maint <python-maint@redhat.com> - 67.7.2-6
%global python2_sitelib %python_sitelib - Rebuilt for Python 3.12
%endif
* Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 67.7.2-5
# Note(hguemar): overrides must be placed *before* those - Bootstrap for Python 3.12
# Otherwise it doesn't work
%bcond_without python2 * Tue Jun 13 2023 Python Maint <python-maint@redhat.com> - 67.7.2-4
%bcond_without python3 - Bootstrap for Python 3.12
%if %{without bootstrap} * Fri May 05 2023 Miro Hrončok <mhroncok@redhat.com> - 67.7.2-2
%global python_wheelname %{srcname}-%{version}-py2.py3-none-any.whl - Adjust the `setup.py install` deprecation notice when building RPM packages
%if %{with python2}
%global python2_wheelname %python_wheelname * Fri Apr 21 2023 Charalampos Stratakis <cstratak@redhat.com> - 67.7.2-1
%global python2_record %{python2_sitelib}/%{srcname}-%{version}.dist-info/RECORD - Update to 67.7.2
%global python2_wheeldir %{_datadir}/python2-wheels - Fixes: rhbz#2144132
%endif # with python2
%if %{with python3} * Thu Apr 20 2023 Charalampos Stratakis <cstratak@redhat.com> - 67.6.1-1
%global python3_wheelname %python_wheelname - Update to 67.6.1
%global python3_record %{python3_sitelib}/%{srcname}-%{version}.dist-info/RECORD - Fixes: rhbz#2144132
%global python3_wheeldir %{_datadir}/python3-wheels
%endif # with python3 * Tue Mar 28 2023 Miro Hrončok <mhroncok@redhat.com> - 65.5.1-3
%endif # without bootstrap - Fix tests with wheel 0.40
Name: python-setuptools * Fri Jan 20 2023 Fedora Release Engineering <releng@fedoraproject.org> - 65.5.1-2
Version: 39.2.0 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
Release: 9%{?dist}
Summary: Easily build and distribute Python packages * Tue Nov 08 2022 Miro Hrončok <mhroncok@redhat.com> - 65.5.1-1
- Update to 65.5.1
Group: Applications/System - Fixes: rhbz#2140209
License: MIT
URL: https://pypi.python.org/pypi/%{srcname} * Fri Oct 14 2022 Miro Hrončok <mhroncok@redhat.com> - 65.5.0-1
Source0: https://files.pythonhosted.org/packages/source/s/%{srcname}/%{srcname}-%{version}.zip - Update to 65.5.0
- Fixes: rhbz#2129562
# In Fedora, sudo setup.py install installs to /usr/local/lib/pythonX.Y/site-packages
# But pythonX doesn't own that dir, that would be against FHS * Thu Oct 13 2022 Miro Hrončok <mhroncok@redhat.com> - 65.4.1-1
# We need to create it if it doesn't exist - Update to 65.4.1
# https://bugzilla.redhat.com/show_bug.cgi?id=1576924 - Update the RPM License field to use SPDX expressions
Patch0: create-site-packages.patch
* Tue Sep 13 2022 Lumír Balhar <lbalhar@redhat.com> - 65.3.0-1
# Security fix for CVE-2022-40897 - Update to 65.3.0
# Regular Expression Denial of Service (ReDoS) in package_index.py Resolves: rhbz#2102402
# Resolved upstream: https://github.com/pypa/setuptools/commit/43a9c9bfa6aa626ec2a22540bea28d2ca77964be
Patch1: CVE-2022-40897.patch * Thu Jul 28 2022 Tomáš Hrnčiar <thrnciar@redhat.com> - 65.0.2-1
- Update to 65.0.2
# Security fix for CVE-2024-6345 - Fixes: rhbz#2102402
# Remote code execution via download functions in the package_index module
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=2297771 * Fri Jul 22 2022 Fedora Release Engineering <releng@fedoraproject.org> - 62.6.0-2
# Upstream solution: https://github.com/pypa/setuptools/pull/4332 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
# Patch simplified because upstream doesn't support SVN anymore.
Patch2: CVE-2024-6345.patch * Tue Jun 14 2022 Charalampos Stratakis <cstratak@redhat.com> - 62.6.0-1
- Update to 62.6.0
# Security fix for CVE-2025-47273 - Fixes: rhbz#2064842
# Path traversal in PackageIndex.download leads to Arbitrary File Write
# Upstream solution: https://github.com/pypa/setuptools/pull/4951/ * Tue Jun 14 2022 Python Maint <python-maint@redhat.com> - 60.9.3-5
Patch3: CVE-2025-47273.patch - Rebuilt for Python 3.11
* Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 60.9.3-4
BuildArch: noarch - Bootstrap for Python 3.11
BuildRequires: gcc * Mon Jun 13 2022 Python Maint <python-maint@redhat.com> - 60.9.3-3
%if %{with python2} - Bootstrap for Python 3.11
BuildRequires: python2-devel
%if %{with py2_wheel} * Tue Apr 19 2022 Tomáš Hrnčiar <thrnciar@redhat.com> - 60.9.3-2
BuildRequires: python2-pip - No longer use the deprecated sre_constants module in bundled pyparsing
BuildRequires: python2-wheel - Fixes: rhbz#2075487
%endif # with py2_wheel
%endif # with python2 * Wed Feb 16 2022 Karolina Surma <ksurma@redhat.com> - 60.9.3-1
- Update to 60.9.3
%if %{with python3} - Fixes rhbz#2033860
BuildRequires: python3-devel
%if %{with tests} * Fri Jan 21 2022 Fedora Release Engineering <releng@fedoraproject.org> - 59.6.0-2
BuildRequires: python3-pip - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
BuildRequires: python3-pytest
BuildRequires: python3-mock * Wed Dec 08 2021 Tomáš Hrnčiar <thrnciar@redhat.com> - 59.6.0-1
%endif # with tests - Update to 59.6.0
%if %{without bootstrap} - Fixes: rhbz#2023119
BuildRequires: python3-pip - Fixes: rhbz#2031556
BuildRequires: python3-wheel
%endif # without bootstrap * Wed Nov 10 2021 Karolina Surma <ksurma@redhat.com> - 58.5.3-1
%endif # with python3 - Update to 58.5.3
- Fixes rhbz#2016715
# We're now back to setuptools as the package.
# Keep the python-distribute name active for a few releases. Eventually we'll * Tue Oct 19 2021 Tomáš Hrnčiar <thrnciar@redhat.com> - 58.2.0-1
# want to get rid of the Provides and just keep the Obsoletes - Update to 58.2.0
Provides: python-distribute = %{version}-%{release} - Fixes rhbz#2001228
Obsoletes: python-distribute < 0.6.36-2
* Tue Aug 03 2021 Miro Hrončok <mhroncok@redhat.com> - 57.4.0-1
%global _description \ - Update to 57.4.0
Setuptools is a collection of enhancements to the Python distutils that allow \ - https://setuptools.readthedocs.io/en/latest/history.html#v57-4-0
you to more easily build and distribute Python packages, especially ones that \ - Fixes rhbz#1982493
have dependencies on other packages. \
\ * Fri Jul 23 2021 Fedora Release Engineering <releng@fedoraproject.org> - 57.1.0-3
This package also contains the runtime components of setuptools, necessary to \ - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
execute the software that requires pkg_resources.py.
* Mon Jul 19 2021 Miro Hrončok <mhroncok@redhat.com> - 57.1.0-2
%description %_description - Modernize packaging
%if %{with python3} * Fri Jul 09 2021 Tomas Hrnciar <thrnciar@redhat.com> - 57.1.0-1
%package -n platform-python-setuptools - Update to 57.1.0
Summary: Easily build and distribute Python 3 packages - Fixes rhbz#1979122
Group: Applications/System
Conflicts: python3-setuptools < 39.2.0-4%{?dist} * Thu Jun 17 2021 Lumír Balhar <lbalhar@redhat.com> - 57.0.0-1
- Update to 57.0.0
%description -n platform-python-setuptools %_description Resolves: rhbz#1963411
%endif # with python3 * Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 56.2.0-4
- Rebuilt for Python 3.10
%if %{with python2} * Tue Jun 01 2021 Python Maint <python-maint@redhat.com> - 56.2.0-3
%package -n python2-setuptools - Bootstrap for Python 3.10
Summary: Easily build and distribute Python packages
%{?python_provide:%python_provide python2-setuptools} * Tue Jun 01 2021 Python Maint <python-maint@redhat.com> - 56.2.0-2
- Bootstrap for Python 3.10
%description -n python2-setuptools %_description
* Mon May 17 2021 Miro Hrončok <mhroncok@redhat.com> - 56.2.0-1
%endif # with python2 - Update to 56.2.0
- Fixes rhbz#1958677
%if %{with python3} * Thu May 06 2021 Tomas Hrnciar <thrnciar@redhat.com> - 56.1.0-1
%package -n python3-setuptools - Update to 56.1.0
Summary: Easily build and distribute Python 3 packages
Group: Applications/System * Thu Apr 22 2021 Miro Hrončok <mhroncok@redhat.com> - 56.0.0-2
Requires: platform-python-setuptools = %{version}-%{release} - Provide python3-pkg_resources
%{?python_provide:%python_provide python3-setuptools} - Provide python3-pkg-resources
%description -n python3-setuptools %_description * Fri Apr 09 2021 Tomas Hrnciar <thrnciar@redhat.com> - 56.0.0-1
- Update to 56.0.0
%endif # with python3
* Tue Mar 16 2021 Tomas Hrnciar <thrnciar@redhat.com> - 54.1.2-1
%if %{without bootstrap} - Update to 54.1.2
%if %{with py2_wheel}
%if %{with python2} * Tue Feb 02 2021 Miro Hrončok <mhroncok@redhat.com> - 53.0.0-1
%package -n python2-setuptools-wheel - Update to 53.0.0
Summary: The setuptools wheel - https://setuptools.readthedocs.io/en/latest/history.html#v53-0-0
- Fixes: rhbz#1923249
%description -n python2-setuptools-wheel
A Python wheel of setuptools to use with venv. * Tue Jan 26 2021 Lumír Balhar <lbalhar@redhat.com> - 52.0.0-1
%endif #with python2 - Update to 52.0.0 (#1917060)
%endif #with py2_wheel - Removes easy_install module and executable
%if %{with python3} * Mon Jan 11 2021 Miro Hrončok <mhroncok@redhat.com> - 51.1.2-1
%package -n python3-setuptools-wheel - Update to 51.1.2
Summary: The setuptools wheel - Removes tests from the wheel
- https://setuptools.readthedocs.io/en/latest/history.html#v51-1-2
%description -n python3-setuptools-wheel - Fixes: rhbz#1914481
A Python wheel of setuptools to use with venv.
%endif #with python3 * Tue Dec 29 2020 Miro Hrončok <mhroncok@redhat.com> - 51.1.1-1
%endif #with bootstrap - Update to 51.1.1
- Fixes test failures with pip 20.3 as well as with pytest 6.2+
%prep - Fixes: rhbz#1909575
%autosetup -p1 -n %{srcname}-%{version}
* Fri Dec 4 2020 Miro Hrončok <mhroncok@redhat.com> - 50.3.2-2
# We can't remove .egg-info (but it doesn't matter, since it'll be rebuilt): - Disable tests in Fedora ELN (and RHEL)
# The problem is that to properly execute setuptools' setup.py,
# it is needed for setuptools to be loaded as a Distribution * Tue Oct 20 2020 Tomas Hrnciar <thrnciar@redhat.com> - 50.3.2-1
# (with egg-info or .dist-info dir), it's not sufficient - Update to 50.3.2 (#1889093)
# to just have them on PYTHONPATH
# Running "setup.py install" without having setuptools installed * Fri Sep 04 2020 Tomas Hrnciar <thrnciar@redhat.com> - 50.1.0-1
# as a distribution gives warnings such as - Update to 50.1.0 (#1873889)
# ... distutils/dist.py:267: UserWarning: Unknown distribution option: 'entry_points'
# and doesn't create "easy_install" and .egg-info directory * Fri Aug 21 2020 Petr Viktorin <pviktori@redhat.com> - 49.6.0-1
# Note: this is only a problem if bootstrapping wheel or building on RHEL, - Update to 49.6.0 (#1862791)
# otherwise setuptools are installed as dependency into buildroot
* Wed Jul 29 2020 Miro Hrončok <mhroncok@redhat.com> - 49.1.3-1
# Strip shbang - Update to 49.1.3 (#1853597)
find setuptools -name \*.py | xargs sed -i -e '1 {/^#!\//d}' - https://setuptools.readthedocs.io/en/latest/history.html#v49-1-3
# Remove bundled exes
rm -f setuptools/*.exe * Wed Jul 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 47.3.1-2
# These tests require internet connection - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
rm setuptools/tests/test_integration.py
* Fri Jun 26 2020 Miro Hrončok <mhroncok@redhat.com> - 47.3.1-1
%build - Update to 47.3.1 (#1847049)
- https://setuptools.readthedocs.io/en/latest/history.html#v47-3-1
%if %{with python2}
%if %{with py2_wheel} && %{without bootstrap} * Mon Jun 01 2020 Charalampos Stratakis <cstratak@redhat.com> - 47.1.1-1
export RHEL_ALLOW_PYTHON2_FOR_BUILD=1 - Update to 47.1.1 (#1841123)
%py2_build_wheel - https://setuptools.readthedocs.io/en/latest/history.html#v47-1-1
%else
export RHEL_ALLOW_PYTHON2_FOR_BUILD=1 * Sun May 24 2020 Miro Hrončok <mhroncok@redhat.com> - 46.4.0-4
%py2_build - Rebuilt for Python 3.9
%endif # without bootstrap + py2_wheel
%endif # with python2 * Thu May 21 2020 Miro Hrončok <mhroncok@redhat.com> - 46.4.0-3
- Bootstrap for Python 3.9
%if %{with python3}
%if %{without bootstrap} * Thu May 21 2020 Miro Hrončok <mhroncok@redhat.com> - 46.4.0-2
%py3_build_wheel - Bootstrap for Python 3.9
%else
%py3_build * Mon May 18 2020 Tomas Hrnciar <thrnciar@redhat.com> - 46.4.0-1
%endif # without bootstrap - Update to 46.4.0 (#1835411)
%endif # with python3 - https://setuptools.readthedocs.io/en/latest/history.html#v46-4-0
* Tue May 12 2020 Tomas Hrnciar <thrnciar@redhat.com> - 46.2.0-1
%install - Update to 46.2.0 (#1833826)
# Must do the python3 install first because the scripts in /usr/bin are - https://setuptools.readthedocs.io/en/latest/history.html#v46-2-0
# overwritten with every setup.py install (and we want the python2 version to
# be the default for now). * Thu Mar 26 2020 Miro Hrončok <mhroncok@redhat.com> - 46.1.3-1
%if %{with python3} - Upgrade to 46.1.3 (#1817189)
%if %{without bootstrap} - https://setuptools.readthedocs.io/en/latest/history.html#v46-1-3
%py3_install_wheel %{python3_wheelname}
* Tue Mar 10 2020 Miro Hrončok <mhroncok@redhat.com> - 46.0.0-1
# Remove /usr/bin/easy_install from the record as later on we delete the file - Upgrade to 46.0.0 (#1811340)
sed -i '/\/usr\/bin\/easy_install,/d' %{buildroot}%{python3_record} - https://setuptools.readthedocs.io/en/latest/history.html#v46-0-0
%else
%py3_install * Tue Feb 11 2020 Miro Hrončok <mhroncok@redhat.com> - 45.2.0-1
%endif - Upgrade to 45.2.0 (#1775943)
- https://setuptools.readthedocs.io/en/latest/history.html#v45-2-0
# TODO: we have to remove this by hand now, but it'd be nice if we wouldn't have to - No longer supports Python 2
# (pip install wheel doesn't overwrite)
rm %{buildroot}%{_bindir}/easy_install * Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 41.6.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
rm -rf %{buildroot}%{python3_sitelib}/setuptools/tests
%if %{without bootstrap} * Mon Nov 04 2019 Tomas Orsava <torsava@redhat.com> - 41.6.0-1
sed -i '/^setuptools\/tests\//d' %{buildroot}%{python3_record} - Upgrade to 41.6.0 (#1758945).
%endif - https://setuptools.readthedocs.io/en/latest/history.html#v41-6-0
- Disabled a failing upstream test: https://github.com/pypa/setuptools/issues/1896
find %{buildroot}%{python3_sitelib} -name '*.exe' | xargs rm -f
%endif # with python3 * Tue Sep 03 2019 Randy Barlow <bowlofeggs@fedoraproject.org> - 41.2.0-1
- Upgrade to 41.2.0 (#1742718).
- https://setuptools.readthedocs.io/en/latest/history.html#v41-2-0
%if %{with python2}
export RHEL_ALLOW_PYTHON2_FOR_BUILD=1 * Mon Aug 26 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-9
%if %{with py2_wheel} - Move python2-setuptools to a separate package
%py2_install_wheel %{python2_wheelname}
%else * Sun Aug 18 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-8
%py2_install - Rebuilt for Python 3.8
%endif #with py2_wheel
* Wed Aug 14 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-7
rm -rf %{buildroot}%{python2_sitelib}/setuptools/tests - Bootstrap for Python 3.8
%if %{with py2_wheel}
sed -i '/^setuptools\/tests\//d' %{buildroot}%{python2_record} * Wed Aug 14 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-6
%endif # with py2_wheel - Provide pythonXdist(setuptools) when bootstrapping
find %{buildroot}%{python2_sitelib} -name '*.exe' | xargs rm -f * Wed Aug 14 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-5
%endif # with python2 - Bootstrap for Python 3.8
# Don't ship these * Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 41.0.1-4
rm -r docs/{Makefile,conf.py,_*} - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
%if %{without bootstrap} * Tue Jul 16 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-3
%if %{with py2_wheel} - Make /usr/bin/easy_install Python 3
%if %{with python2} - Drop obsoleted Obsoletes
mkdir -p %{buildroot}%{python2_wheeldir}
install -p dist/%{python2_wheelname} -t %{buildroot}%{python2_wheeldir} * Fri Jun 21 2019 Petr Viktorin <pviktori@redhat.com> - 41.0.1-2
%endif #with python2 - Remove optional test dependencies for Python 2
%endif #with py2_wheel - Skip test_virtualenv on Python 2
%if %{with python3} * Thu Apr 25 2019 Miro Hrončok <mhroncok@redhat.com> - 41.0.1-1
mkdir -p %{buildroot}%{python3_wheeldir} - Update to 41.0.1 (#1695846)
install -p dist/%{python3_wheelname} -t %{buildroot}%{python3_wheeldir} - https://github.com/pypa/setuptools/blob/v41.0.1/CHANGES.rst
%endif #with python3
%endif #with bootstrap * Tue Feb 05 2019 Miro Hrončok <mhroncok@redhat.com> - 40.8.0-1
- Update to 40.8.0 (#1672756)
- https://github.com/pypa/setuptools/blob/v40.8.0/CHANGES.rst
%if %{with tests}
%check * Sun Feb 03 2019 Miro Hrončok <mhroncok@redhat.com> - 40.7.3-1
%if %{with python3} - Hotfix update to 40.7.3 (#1672084)
# --ignore=setuptools/tests/test_virtualenv.py: because virtualenv executable - https://github.com/pypa/setuptools/blob/v40.7.3/CHANGES.rst
# is configured only for Python 2 version of virtualenv—this needs to be fixed
# in the `python-pytest-virtualenv` package * Sat Feb 02 2019 Miro Hrončok <mhroncok@redhat.com> - 40.7.2-1
PYTHONDONTWRITEBYTECODE=1 PYTHONPATH=$(pwd) py.test-%{python3_version} --ignore=setuptools/tests/test_virtualenv.py - Hotfix update to 40.7.2 (#1671608)
%endif # with python3 - https://github.com/pypa/setuptools/blob/v40.7.2/CHANGES.rst
%endif # with tests
* Sat Feb 02 2019 Fedora Release Engineering <releng@fedoraproject.org> - 40.7.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
%if %{with python2}
%files -n python2-setuptools * Tue Jan 29 2019 Miro Hrončok <mhroncok@redhat.com> - 40.7.1-1
%license LICENSE - Hotfix update to 40.7.1 (#1670243)
%doc docs/* CHANGES.rst README.rst - https://github.com/pypa/setuptools/blob/v40.7.1/CHANGES.rst
%{python2_sitelib}/*
%{_bindir}/easy_install * Mon Jan 28 2019 Miro Hrončok <mhroncok@redhat.com> - 40.7.0-1
%{_bindir}/easy_install-2.* - Update to 40.7.0 (#1669876)
%endif # with python2 - https://github.com/pypa/setuptools/blob/v40.7.0/CHANGES.rst
%if %{with python3} * Mon Sep 24 2018 Miro Hrončok <mhroncok@redhat.com> - 40.4.3-1
%files -n python3-setuptools - Update to 40.4.3 to fix dire DeprecationWarnings (#1627071)
%license LICENSE - List vendored libraries
%doc docs/* CHANGES.rst README.rst - https://github.com/pypa/setuptools/blob/v40.4.3/CHANGES.rst
# The easy_install-3 binary is created using alternatives
# defined in the python36 package * Wed Sep 19 2018 Randy Barlow <bowlofeggs@fedoraproject.org> - 40.4.1-1
%{_bindir}/easy_install-3.* - Update to 40.4.1 (#1599307).
- https://github.com/pypa/setuptools/blob/v40.4.1/CHANGES.rst
%files -n platform-python-setuptools
%license LICENSE * Wed Aug 15 2018 Petr Viktorin <pviktori@redhat.com> - 39.2.0-7
%doc docs/* CHANGES.rst README.rst - Add a subpackage with wheels
%{python3_sitelib}/easy_install.py - Remove the python3 bcond
%{python3_sitelib}/pkg_resources/ - Remove macros for RHEL 6
%{python3_sitelib}/setuptools*/
%{python3_sitelib}/__pycache__/* * Thu Jul 19 2018 Miro Hrončok <mhroncok@redhat.com> - 39.2.0-6
%endif # with python3 - Create /usr/local/lib/pythonX.Y when needed (#1576924)
%if %{without bootstrap} * Sat Jul 14 2018 Fedora Release Engineering <releng@fedoraproject.org> - 39.2.0-5
%if %{with py2_wheel} - Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
%if %{with python2}
%files -n python2-setuptools-wheel * Mon Jun 18 2018 Miro Hrončok <mhroncok@redhat.com> - 39.2.0-4
%license LICENSE - Rebuilt for Python 3.7
# we own the dir for simplicity
%dir %{python2_wheeldir}/ * Wed Jun 13 2018 Miro Hrončok <mhroncok@redhat.com> - 39.2.0-3
%{python2_wheeldir}/%{python2_wheelname} - Bootstrap for Python 3.7
%endif #with python2
%endif #with py2_wheel * Wed Jun 13 2018 Miro Hrončok <mhroncok@redhat.com> - 39.2.0-2
- Bootstrap for Python 3.7
%if %{with python3}
%files -n python3-setuptools-wheel * Wed May 23 2018 Charalampos Stratakis <cstratak@redhat.com> - 39.2.0-1
%license LICENSE
# we own the dir for simplicity
%dir %{python3_wheeldir}/
%{python3_wheeldir}/%{python3_wheelname}
%endif #with python3
%endif #with bootstrap
%changelog
* Wed Jun 18 2025 Tomáš Hrnčiar <thrnciar@redhat.com> - 39.2.0-9
- Security fix for CVE-2025-47273
Resolves: RHEL-96802
* Wed Jul 24 2024 Lumír Balhar <lbalhar@redhat.com> - 39.2.0-8
- Security fix for CVE-2024-6345
Resolves: RHEL-50470
* Wed Jan 11 2023 Charalampos Stratakis <cstratak@redhat.com> - 39.2.0-7
- Security fix for CVE-2022-40897
Resolves: rhbz#2158559
* Wed Mar 25 2020 Charalampos Stratakis <cstratak@redhat.com> - 39.2.0-6
- Create /usr/local/lib/pythonX.Y when needed
Resolves: rhbz#1808301
* Wed Apr 17 2019 Petr Viktorin <pviktori@redhat.com> - 39.2.0-5
- Add subpackages with wheels
Resolves: rhbz#1718032
* Mon Oct 22 2018 Lumír Balhar <lbalhar@redhat.com> - 39.2.0-4
- New subpackage platform-python-setuptools without files from /usr/bin/*
- python3-setuptools contains only files from /usr/bin/* and depends
on platform-python-setuptools
- Resolves: rhbz#1641973
* Mon Jun 25 2018 Petr Viktorin <pviktori@redhat.com> - 39.2.0-3
- Allow Python 2 for build
see https://hurl.corp.redhat.com/rhel8-py2
* Fri Jun 22 2018 Petr Viktorin <pviktori@redhat.com> - 39.2.0-2
- Do not use wheel on Python 2
* Tue Jun 19 2018 Charalampos Stratakis <cstratak@redhat.com> - 39.2.0-1
- update to 39.2.0 Fixes bug #1572889 - update to 39.2.0 Fixes bug #1572889
* Thu Jun 07 2018 Petr Viktorin <pviktori@redhat.com> - 39.0.1-2
- Remove test requirements on python2 packages and some exotic packages
- Skip tests on Python 2
* Tue Mar 20 2018 Charalampos Stratakis <cstratak@redhat.com> - 39.0.1-1 * Tue Mar 20 2018 Charalampos Stratakis <cstratak@redhat.com> - 39.0.1-1
- update to 39.0.1 Fixes bug #1531527 - update to 39.0.1 Fixes bug #1531527
@ -886,7 +839,7 @@ Resolves: rhbz#1718032
* Thu Feb 04 2010 Toshio Kuratomi <toshio@fedoraproject.org> - 0.6.10-3 * Thu Feb 04 2010 Toshio Kuratomi <toshio@fedoraproject.org> - 0.6.10-3
- First build with python3 support enabled. - First build with python3 support enabled.
* Fri Jan 29 2010 Toshio Kuratomi <toshio@fedoraproject.org> - 0.6.10-2 * Fri Jan 29 2010 Toshio Kuratomi <toshio@fedoraproject.org> - 0.6.10-2
- Really disable the python3 portion - Really disable the python3 portion

5
gating.yaml Normal file
View File

@ -0,0 +1,5 @@
--- !Policy
decision_context: osci_compose_gate
rules:
- !PassingTestCaseRule {test_case_name: osci.brew-build.tier0.functional}

View File

@ -0,0 +1,14 @@
# let's not report duplicate __init__s
addFilter(r'W: files-duplicate .+__init__\.py ')
# setuptools and pkg_resources have duplicated vendored libraries
# we might want to de-duplicate this somehow in the future, but not yet
# regex a bit complex to allow arbitrary order
addFilter(r'W: files-duplicate .+/(setuptools/_vendor/.+ .+/pkg_resources|pkg_resources/_vendor/.+ .+/setuptools)/_vendor/')
# When duplicate files are found, this errors is produced
# as long as we filter out the warnings, we need to filter the error as well
addFilter(r'E: files-duplicated-waste')
# no %doc in the wheel packages
addFilter(r'python-setuptools-wheel.noarch: (E|W): no-documentation')

247
python-setuptools.spec Normal file
View File

@ -0,0 +1,247 @@
%global srcname setuptools
# used when bootstrapping new Python versions
%bcond bootstrap 0
# Similar to what we have in pythonX.Y.spec files.
# If enabled, provides unversioned executables and other stuff.
# Disable it if you build this package in an alternative stack.
%bcond main_python 1
# The original RHEL N+1 content set is defined by (build)dependencies
# of the packages in Fedora ELN. Hence we disable tests and documentation here
# to prevent pulling many unwanted packages in.
# We intentionally keep this enabled on EPEL.
%bcond tests %[%{without bootstrap} && (%{defined fedora} || %{defined epel})]
%global python_wheel_name %{srcname}-%{version}-py3-none-any.whl
Name: python-setuptools
# When updating, update the bundled libraries versions bellow!
Version: 69.0.3
Release: %autorelease
Summary: Easily build and distribute Python packages
# setuptools is MIT
# platformdirs is MIT
# more-itertools is MIT
# ordered-set is MIT
# packaging is BSD-2-Clause OR Apache-2.0
# importlib-metadata is Apache-2.0
# importlib-resources is Apache-2.0
# jaraco.text is MIT
# typing-extensions is Python-2.0.1
# zipp is MIT
# nspektr is MIT
# tomli is MIT
# the setuptools logo is MIT
License: MIT AND Apache-2.0 AND (BSD-2-Clause OR Apache-2.0) AND Python-2.0.1
URL: https://pypi.python.org/pypi/%{srcname}
Source0: %{pypi_source %{srcname} %{version}}
# Some test deps are optional and either not desired or not available in Fedora, thus this patch removes them.
Patch: Remove-optional-or-unpackaged-test-deps.patch
# The `setup.py install` deprecation notice might be confusing for RPM packagers
# adjust it, but only when $RPM_BUILD_ROOT is set
Patch: Adjust-the-setup.py-install-deprecation-message.patch
# Security fix for CVE-2024-6345
# Remote code execution via download functions in the package_index module
# Tracking bug: https://bugzilla.redhat.com/show_bug.cgi?id=2297771
# Upstream solution: https://github.com/pypa/setuptools/pull/4332
# Patch simplified because upstream doesn't support SVN anymore.
Patch: CVE-2024-6345.patch
# Security fix for CVE-2025-47273
# Path traversal in PackageIndex.download leads to Arbitrary File Write
# Upstream solution: https://github.com/pypa/setuptools/pull/4951/
Patch: CVE-2025-47273.patch
BuildArch: noarch
BuildRequires: python%{python3_pkgversion}-devel
%if %{with tests}
BuildRequires: gcc
%endif
# python3 bootstrap: this is built before the final build of python3, which
# adds the dependency on python3-rpm-generators, so we require it manually
# The minimal version is for bundled provides verification script to accept multiple files as input
BuildRequires: python3-rpm-generators >= 12-8
%if %{without bootstrap}
BuildRequires: pyproject-rpm-macros >= 0-44
# Not to use the pre-generated egg-info, we use setuptools from previous build to generate it
BuildRequires: python%{python3_pkgversion}-setuptools
%endif
%description
Setuptools is a collection of enhancements to the Python distutils that allow
you to more easily build and distribute Python packages, especially ones that
have dependencies on other packages.
This package also contains the runtime components of setuptools, necessary to
execute the software that requires pkg_resources.
# Virtual provides for the packages bundled by setuptools.
# Bundled packages are defined in multiple files. Generate the list with:
# %%{_rpmconfigdir}/pythonbundles.py --namespace 'python%%{python3_pkgversion}dist' */_vendor/vendored.txt
%global bundled %{expand:
Provides: bundled(python%{python3_pkgversion}dist(importlib-metadata)) = 6
Provides: bundled(python%{python3_pkgversion}dist(importlib-resources)) = 5.10.2
Provides: bundled(python%{python3_pkgversion}dist(jaraco-text)) = 3.7
Provides: bundled(python%{python3_pkgversion}dist(more-itertools)) = 8.8
Provides: bundled(python%{python3_pkgversion}dist(ordered-set)) = 3.1.1
Provides: bundled(python%{python3_pkgversion}dist(packaging)) = 23.1
Provides: bundled(python%{python3_pkgversion}dist(platformdirs)) = 2.6.2
Provides: bundled(python%{python3_pkgversion}dist(tomli)) = 2.0.1
Provides: bundled(python%{python3_pkgversion}dist(typing-extensions)) = 4.0.1
Provides: bundled(python%{python3_pkgversion}dist(typing-extensions)) = 4.4
Provides: bundled(python%{python3_pkgversion}dist(zipp)) = 3.7
}
%package -n python%{python3_pkgversion}-setuptools
Summary: Easily build and distribute Python 3 packages
%{bundled}
# For users who might see ModuleNotFoundError: No module named 'pkg_resoureces'
# NB: Those are two different provides: one contains underscore, the other hyphen
%py_provides python%{python3_pkgversion}-pkg_resources
%py_provides python%{python3_pkgversion}-pkg-resources
%description -n python%{python3_pkgversion}-setuptools
Setuptools is a collection of enhancements to the Python 3 distutils that allow
you to more easily build and distribute Python 3 packages, especially ones that
have dependencies on other packages.
This package also contains the runtime components of setuptools, necessary to
execute the software that requires pkg_resources.
%if %{without bootstrap}
%package -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
Summary: The setuptools wheel
%{bundled}
%description -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
A Python wheel of setuptools to use with venv.
%endif
%prep
%autosetup -p1 -n %{srcname}-%{version}
%if %{without bootstrap}
# If we don't have setuptools installed yet, we use the pre-generated .egg-info
# See https://github.com/pypa/setuptools/pull/2543
# And https://github.com/pypa/setuptools/issues/2550
# WARNING: We cannot remove this folder since Python 3.11.1,
# see https://github.com/pypa/setuptools/issues/3761
#rm -r %%{srcname}.egg-info
%endif
# Strip shbang
find setuptools pkg_resources -name \*.py | xargs sed -i -e '1 {/^#!\//d}'
# Remove bundled exes
rm -f setuptools/*.exe
# Don't ship these
rm -r docs/conf.py
%if %{without bootstrap}
%generate_buildrequires
%pyproject_buildrequires -r %{?with_tests:-x testing}
%endif
%build
%if %{with bootstrap}
%py3_build
%else
%pyproject_wheel
%endif
%install
%if %{with bootstrap}
# The setup.py install command tries to import distutils
# but the distutils-precedence.pth file is not yet respected
# and Python 3.12+ no longer has distutils in the standard library.
ln -s setuptools/_distutils distutils
PYTHONPATH=$PWD %py3_install
unlink distutils
%else
%pyproject_install
%pyproject_save_files setuptools pkg_resources _distutils_hack
%endif
# https://github.com/pypa/setuptools/issues/2709
rm -rf %{buildroot}%{python3_sitelib}/pkg_resources/tests/
%if %{without bootstrap}
sed -i '/\/pkg_resources\/tests\b/d' %{pyproject_files}
# Install the wheel for the python-setuptools-wheel package
mkdir -p %{buildroot}%{python_wheel_dir}
install -p %{_pyproject_wheeldir}/%{python_wheel_name} -t %{buildroot}%{python_wheel_dir}
%endif
%check
# Verify bundled provides are up to date
%{_rpmconfigdir}/pythonbundles.py */_vendor/vendored.txt --namespace 'python%{python3_pkgversion}dist' --compare-with '%{bundled}'
# Regression test, the tests are not supposed to be installed
test ! -d %{buildroot}%{python3_sitelib}/pkg_resources/tests
test ! -d %{buildroot}%{python3_sitelib}/setuptools/tests
%if %{without bootstrap}
# Regression test, the wheel should not be larger than 900 kB
# https://bugzilla.redhat.com/show_bug.cgi?id=1914481#c3
test $(stat --format %%s %{_pyproject_wheeldir}/%{python_wheel_name}) -lt 900000
%pyproject_check_import
%endif
%if %{with tests}
# https://github.com/pypa/setuptools/discussions/2607
rm pyproject.toml
# Upstream tests
# --ignore=setuptools/tests/test_integration.py
# --ignore=setuptools/tests/integration/
# --ignore=setuptools/tests/config/test_apply_pyprojecttoml.py
# -k "not test_pip_upgrade_from_source"
# the tests require internet connection
# --ignore=setuptools/tests/test_editable_install.py
# the tests require pip-run which we don't have in Fedora
PRE_BUILT_SETUPTOOLS_WHEEL=%{_pyproject_wheeldir}/%{python_wheel_name} \
PYTHONPATH=$(pwd) %pytest \
--ignore=setuptools/tests/test_integration.py \
--ignore=setuptools/tests/integration/ \
--ignore=setuptools/tests/test_editable_install.py \
--ignore=setuptools/tests/config/test_apply_pyprojecttoml.py \
--ignore=tools/finalize.py \
-k "not test_pip_upgrade_from_source and not test_setup_requires_honors_fetch_params"
%endif # with tests
%files -n python%{python3_pkgversion}-setuptools %{?!with_bootstrap:-f %{pyproject_files}}
%license LICENSE
%doc docs/* NEWS.rst README.rst
%{python3_sitelib}/distutils-precedence.pth
%if %{with bootstrap}
%{python3_sitelib}/setuptools-%{version}-py%{python3_version}.egg-info/
%{python3_sitelib}/pkg_resources/
%{python3_sitelib}/setuptools/
%{python3_sitelib}/_distutils_hack/
%endif
%if %{without bootstrap}
%files -n %{python_wheel_pkg_prefix}-%{srcname}-wheel
%license LICENSE
# we own the dir for simplicity
%dir %{python_wheel_dir}/
%{python_wheel_dir}/%{python_wheel_name}
%endif
%changelog
%autochangelog

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (setuptools-69.0.3.tar.gz) = 11df934931f4b73f7e07ea5713479593c6baa134d423556b2ae7aff0f1e5bdbdee1f5b516131adb169c838231ceb0293441fbf275ef7030dabecf74122565b6d

36
tests/tests.yml Normal file
View File

@ -0,0 +1,36 @@
---
- hosts: localhost
roles:
- role: standard-test-basic
tags:
- classic
repositories:
- repo: "https://gitlab.com/redhat/centos-stream/tests/python.git"
dest: "python"
- repo: "https://gitlab.com/redhat/centos-stream/rpms/pyproject-rpm-macros.git"
dest: "pyproject-rpm-macros"
tests:
- smoke312:
dir: python/smoke
run: VERSION=3.12 ./venv.sh
- smoke312_virtualenv:
dir: python/smoke
run: VERSION=3.12 METHOD=virtualenv ./venv.sh
- pyproject_pytest:
dir: pyproject-rpm-macros/tests
run: ./mocktest.sh python-pytest
- pyproject_pluggy:
dir: pyproject-rpm-macros/tests
run: ./mocktest.sh python-pluggy
- import_test:
run: python3 -c "import setuptools"
required_packages:
- https://dl.fedoraproject.org/pub/epel/epel-release-latest-10.noarch.rpm
- gcc
- virtualenv
- python3.12
- python3-devel
- tox
- mock
- rpmdevtools
- rpm-build