Fixes timewarp-standards-version lintian warning:
The source package refers to a Standards-Version that was released
after the date of the most recent debian/changelog entry.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Drop debian/compat and replace "debhelper (>= 12~)" with
"debhelper-compat (= 12)" in debian/control.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Used these instructions as guide to create debian metadata:
https://wiki.debian.org/Packaging/Intro#The_packaging_work_flowhttps://wiki.debian.org/Python/LibraryStyleGuide
Debian build instructions for upstream release 0.11.2.dev3:
-----------------------------------------------------------
# Assuming sbuild is installed and chroot is created
# https://wiki.debian.org/sbuild
# Download upstream tarball + signature and rename to expected pattern
wget https://github.com/theupdateframework/tuf/releases/download/v0.11.2.dev3/tuf-0.11.2.dev3.tar.gz \
-O python-tuf_0.11.2.dev3.orig.tar.gz
wget https://github.com/theupdateframework/tuf/releases/download/v0.11.2.dev3/tuf-0.11.2.dev3.tar.gz.asc \
-O python-tuf_0.11.2.dev3.orig.tar.gz.asc
# Extract upstream tarball
tar xf python-tuf_0.11.2.dev3.orig.tar.gz
# Clone upstream repo for debian files and tests
git clone https://github.com/theupdateframework/tuf.git \
tuf-upstream
# Copy debian files (from debian branch)
git -C tuf-upstream checkout debian --
cp -r tuf-upstream/debian tuf-0.11.2.dev3/
# Change to unpacked tarball
cd tuf-0.11.2.dev3
# Build (w/o tests)
# NOTE: (1) Securessystemslib is not yet in debian, you need to first build it
# locally (see instructions at
# 9d36a9fb3c)
# and pass it as `--extra-package`
# NOTE: (2) `--extra-package` does not seem to work for tests during sbuild,
# hence the nocheck option. This should be easier once securesystemslib is in.
DEB_BUILD_OPTIONS=nocheck sbuild -A -s -d unstable \
--extra-package /path/to/python3-securesystemslib_0.11.3-1_all.deb
# Sign debian files (replace keyid if necessary)
debsign -k 8BA69B87D43BE294F23E812089A2AD3C07D962E8
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Dependabot pushes to main repository and ends up triggering two builds
every time (one for PR, one for push): limit the rule for build-on-push
to apply to develop branch only.
If release branches are used later on they should be added to list here.
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
On Python3 bump cryptography from 3.3.1 to 3.4.5.
On python2 bump from 3.3.1 to 3.3.2 (3.3-branch is the last branch
with python2 support).
Signed-off-by: Jussi Kukkonen <jkukkonen@vmware.com>
If you follow the instructions we provide for our contributors in
docs/CONTRIBUTORS.rst your sys.path (used to search for imports)
will put securesystemlib project directory first and tuf directory
second.
This creates a problem with imports from tuf modules because we can
import the wrong file or on relative imports (as currently we
use in the tests when we import utils), the imports cannot be resolved.
If we change the installation order, then tuf directory will be the
first in the import resolution path and those problems will be fixed.
PS: I want to express my gratitude towards Jussi who helped me find
this problem.
Signed-off-by: Martin Vrachev <mvrachev@vmware.com>
The Dependabot status badge no longer works, since having
migrated from stand-alone to GitHub native in #1258.
The issue is tracked upstream in dependabot/dependabot-core#1912.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
A recent commit reinstates publishing of coverage data to
coveralls.io. This commit re-adds the corresponding badge which
was temporarily removed in #1242.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Prior to this commit our GitHub workflow would set up one Python
version only for each build, which means that the commands to run
the tests and publish coverage (tox and coveralls) were run with
the same Python version as tox runs the tests in.
Given that the coveralls CLI tool dropped py2 a couple of releases
ago, this commit sets up an additional service py3 to run coveralls
(and tox) on when building for py2.
To prevent tox from using the wrong Python version to run the tests
on, this commit changes the toxenv value from the generic 'py'
(uses default python on path) to 'py27'.
For convenience and readability we use the environment variable
TOXENV instead of the tox -e option.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
New releases of the transitive (via 'requests') dependency 'idna'
break Python 2.7 builds. To fix this we configure dependabot to not
bump 'idna' in requirements-pinned.txt, which lists and
auto-updates all immediate and transitive dependencies for CI/CD
testing.
An alternative would be to add and restrict 'idna' in
'requirements.txt' but this is less preferable because
'requirements.txt' should only have direct dependencies.
For consulted dependabot config docs see:
https://docs.github.com/en/free-pro-team@latest/github/administering-a-repository/enabling-and-disabling-version-updates#disabling-dependabot-version-updates
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
The newly add GitHub workflow, which replaces Travis and Appveyor
does not support publishing coverage (coveralls) and license
(fossa) data yet (formerly done by Travis).
This commit removes the corresponding badges from README. It shall
be reverted once coveralls and fossa are re-enabled.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
Replace mentions of travis/appveyor with GitHub Actions in
governance (contribution) and readme (badges) documents.
Signed-off-by: Lukas Puehringer <lukas.puehringer@nyu.edu>
