Verify upstream sources with GPG
This is now a recommended thing to do: https://docs.fedoraproject.org/en-US/packaging-guidelines/#_source_file_verification Regardless if it adds actual security, it should prevent problems like this one: https://mail.python.org/archives/list/python-dev@python.org/message/OYNQS2BZYABXACBRHBHV4RCEPQU5R6EP/
This commit is contained in:
parent
e0704196d3
commit
853a0fc587
11542
pubkeys.txt
Normal file
11542
pubkeys.txt
Normal file
File diff suppressed because it is too large
Load Diff
@ -159,6 +159,7 @@ BuildRequires: gdbm-devel
|
||||
BuildRequires: glibc-all-langpacks
|
||||
BuildRequires: glibc-devel
|
||||
BuildRequires: gmp-devel
|
||||
BuildRequires: gnupg2
|
||||
BuildRequires: libappstream-glib
|
||||
BuildRequires: libffi-devel
|
||||
BuildRequires: libnsl2-devel
|
||||
@ -209,7 +210,9 @@ BuildRequires: python%{pyshortver}
|
||||
# Source code and patches
|
||||
# =======================
|
||||
|
||||
Source: https://www.python.org/ftp/python/%{general_version}/Python-%{upstream_version}.tar.xz
|
||||
Source0: %{url}ftp/python/%{general_version}/Python-%{upstream_version}.tar.xz
|
||||
Source1: %{url}ftp/python/%{general_version}/Python-%{upstream_version}.tar.xz.asc
|
||||
Source2: %{url}static/files/pubkeys.txt
|
||||
|
||||
# A simple script to check timestamps of bytecode files
|
||||
# Run in check section with Python that is currently being built
|
||||
@ -570,6 +573,7 @@ version once Python %{pybasever} is stable.
|
||||
# ======================================================
|
||||
|
||||
%prep
|
||||
%gpgverify -k2 -s1 -d0
|
||||
%setup -q -n Python-%{upstream_version}
|
||||
# Remove all exe files to ensure we are not shipping prebuilt binaries
|
||||
# note that those are only used to create Microsoft Windows installers
|
||||
|
1
sources
1
sources
@ -1 +1,2 @@
|
||||
SHA512 (Python-3.8.0.tar.xz) = 5f9bfcb3acdf592770a9d5abd2c32c68c55a49b92f958ded069e3ef31cf2d415e67112b4f6738fab237dc29e5c622298719946d2e9471e7e78e3a6bdf2fac1d1
|
||||
SHA512 (Python-3.8.0.tar.xz.asc) = 4741bcb9b79019f190fded565dd9851158911f1b0ba71f5972906c267ca6576ebfae7c1e649f8bd9fee6ce2cabb325ef1d85a28ab5962fc9275072d35229d06d
|
||||
|
Loading…
Reference in New Issue
Block a user