diff options
| author | Paul Moore <p.f.moore@gmail.com> | 2014-05-29 06:24:17 +0100 |
|---|---|---|
| committer | Paul Moore <p.f.moore@gmail.com> | 2014-05-29 06:24:17 +0100 |
| commit | b87321fb24a21acab468607f49d57c6cc64d1249 (patch) | |
| tree | b9efde126161e092402af254d12d063870f69c57 | |
| parent | 5ace29fdebdc7ebc38d4859c93c733a15dfeefaa (diff) | |
| parent | 52efeac97fd65c3006dea9e03d60f93ccc8e4478 (diff) | |
| download | pip-1.5.X.tar.gz | |
Merge pull request #1844 from pfmoore/distlib-0191.5.X
Re-vendor distlib
| -rw-r--r-- | pip/_vendor/distlib/__init__.py | 2 | ||||
| -rw-r--r-- | pip/_vendor/distlib/index.py | 49 | ||||
| -rw-r--r-- | pip/_vendor/distlib/t32.exe | bin | 91136 -> 91136 bytes | |||
| -rw-r--r-- | pip/_vendor/distlib/t64.exe | bin | 94720 -> 95232 bytes | |||
| -rw-r--r-- | pip/_vendor/distlib/w32.exe | bin | 87040 -> 88064 bytes | |||
| -rw-r--r-- | pip/_vendor/distlib/w64.exe | bin | 91648 -> 92160 bytes | |||
| -rw-r--r-- | pip/_vendor/distlib/wheel.py | 2 | ||||
| -rw-r--r-- | pip/_vendor/vendor.txt | 2 |
8 files changed, 40 insertions, 15 deletions
diff --git a/pip/_vendor/distlib/__init__.py b/pip/_vendor/distlib/__init__.py index f9081bb84..5a52a306e 100644 --- a/pip/_vendor/distlib/__init__.py +++ b/pip/_vendor/distlib/__init__.py @@ -6,7 +6,7 @@ # import logging -__version__ = '0.1.8' +__version__ = '0.1.9' class DistlibException(Exception): pass diff --git a/pip/_vendor/distlib/index.py b/pip/_vendor/distlib/index.py index 83004b13f..73037c97b 100644 --- a/pip/_vendor/distlib/index.py +++ b/pip/_vendor/distlib/index.py @@ -148,7 +148,8 @@ class PackageIndex(object): logger.debug('%s: %s' % (name, s)) stream.close() - def get_sign_command(self, filename, signer, sign_password): + def get_sign_command(self, filename, signer, sign_password, + keystore=None): """ Return a suitable command for signing a file. @@ -156,12 +157,17 @@ class PackageIndex(object): :param signer: The identifier of the signer of the file. :param sign_password: The passphrase for the signer's private key used for signing. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. :return: The signing command as a list suitable to be passed to :class:`subprocess.Popen`. """ cmd = [self.gpg, '--status-fd', '2', '--no-tty'] - if self.gpg_home: - cmd.extend(['--homedir', self.gpg_home]) + if keystore is None: + keystore = self.gpg_home + if keystore: + cmd.extend(['--homedir', keystore]) if sign_password is not None: cmd.extend(['--batch', '--passphrase-fd', '0']) td = tempfile.mkdtemp() @@ -206,7 +212,7 @@ class PackageIndex(object): t2.join() return p.returncode, stdout, stderr - def sign_file(self, filename, signer, sign_password): + def sign_file(self, filename, signer, sign_password, keystore=None): """ Sign a file. @@ -214,10 +220,14 @@ class PackageIndex(object): :param signer: The identifier of the signer of the file. :param sign_password: The passphrase for the signer's private key used for signing. + :param keystore: The path to a directory which contains the keys + used in signing. If not specified, the instance's + ``gpg_home`` attribute is used instead. :return: The absolute pathname of the file where the signature is stored. """ - cmd, sig_file = self.get_sign_command(filename, signer, sign_password) + cmd, sig_file = self.get_sign_command(filename, signer, sign_password, + keystore) rc, stdout, stderr = self.run_command(cmd, sign_password.encode('utf-8')) if rc != 0: @@ -226,7 +236,7 @@ class PackageIndex(object): return sig_file def upload_file(self, metadata, filename, signer=None, sign_password=None, - filetype='sdist', pyversion='source'): + filetype='sdist', pyversion='source', keystore=None): """ Upload a release file to the index. @@ -242,6 +252,9 @@ class PackageIndex(object): :param pyversion: The version of Python which the release relates to. For code compatible with any Python, this would be ``source``, otherwise it would be e.g. ``3.2``. + :param keystore: The path to a directory which contains the keys + used in signing. If not specified, the instance's + ``gpg_home`` attribute is used instead. :return: The HTTP response received from PyPI upon submission of the request. """ @@ -255,7 +268,8 @@ class PackageIndex(object): if not self.gpg: logger.warning('no signing program available - not signed') else: - sig_file = self.sign_file(filename, signer, sign_password) + sig_file = self.sign_file(filename, signer, sign_password, + keystore) with open(filename, 'rb') as f: file_data = f.read() md5_digest = hashlib.md5(file_data).hexdigest() @@ -306,7 +320,8 @@ class PackageIndex(object): request = self.encode_request(fields, files) return self.send_request(request) - def get_verify_command(self, signature_filename, data_filename): + def get_verify_command(self, signature_filename, data_filename, + keystore=None): """ Return a suitable command for verifying a file. @@ -314,17 +329,23 @@ class PackageIndex(object): signature. :param data_filename: The pathname to the file containing the signed data. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. :return: The verifying command as a list suitable to be passed to :class:`subprocess.Popen`. """ cmd = [self.gpg, '--status-fd', '2', '--no-tty'] - if self.gpg_home: - cmd.extend(['--homedir', self.gpg_home]) + if keystore is None: + keystore = self.gpg_home + if keystore: + cmd.extend(['--homedir', keystore]) cmd.extend(['--verify', signature_filename, data_filename]) logger.debug('invoking: %s', ' '.join(cmd)) return cmd - def verify_signature(self, signature_filename, data_filename): + def verify_signature(self, signature_filename, data_filename, + keystore=None): """ Verify a signature for a file. @@ -332,12 +353,16 @@ class PackageIndex(object): signature. :param data_filename: The pathname to the file containing the signed data. + :param keystore: The path to a directory which contains the keys + used in verification. If not specified, the + instance's ``gpg_home`` attribute is used instead. :return: True if the signature was verified, else False. """ if not self.gpg: raise DistlibException('verification unavailable because gpg ' 'unavailable') - cmd = self.get_verify_command(signature_filename, data_filename) + cmd = self.get_verify_command(signature_filename, data_filename, + keystore) rc, stdout, stderr = self.run_command(cmd) if rc not in (0, 1): raise DistlibException('verify command failed with error ' diff --git a/pip/_vendor/distlib/t32.exe b/pip/_vendor/distlib/t32.exe Binary files differindex 43f39f31e..8465d05e9 100644 --- a/pip/_vendor/distlib/t32.exe +++ b/pip/_vendor/distlib/t32.exe diff --git a/pip/_vendor/distlib/t64.exe b/pip/_vendor/distlib/t64.exe Binary files differindex 73e2f4052..a1bedfa60 100644 --- a/pip/_vendor/distlib/t64.exe +++ b/pip/_vendor/distlib/t64.exe diff --git a/pip/_vendor/distlib/w32.exe b/pip/_vendor/distlib/w32.exe Binary files differindex 09e76354f..6fe40c54b 100644 --- a/pip/_vendor/distlib/w32.exe +++ b/pip/_vendor/distlib/w32.exe diff --git a/pip/_vendor/distlib/w64.exe b/pip/_vendor/distlib/w64.exe Binary files differindex 29e44e1f8..69f3df657 100644 --- a/pip/_vendor/distlib/w64.exe +++ b/pip/_vendor/distlib/w64.exe diff --git a/pip/_vendor/distlib/wheel.py b/pip/_vendor/distlib/wheel.py index d67d4bc5d..5a161409c 100644 --- a/pip/_vendor/distlib/wheel.py +++ b/pip/_vendor/distlib/wheel.py @@ -383,7 +383,7 @@ class Wheel(object): # Now distinfo. Assumed to be flat, i.e. os.listdir is enough. files = os.listdir(distinfo) for fn in files: - if fn not in ('RECORD', 'INSTALLER', 'SHARED'): + if fn not in ('RECORD', 'INSTALLER', 'SHARED', 'WHEEL'): p = fsdecode(os.path.join(distinfo, fn)) ap = to_posix(os.path.join(info_dir, fn)) archive_paths.append((ap, p)) diff --git a/pip/_vendor/vendor.txt b/pip/_vendor/vendor.txt index 9bd96cc19..52f7685af 100644 --- a/pip/_vendor/vendor.txt +++ b/pip/_vendor/vendor.txt @@ -1,4 +1,4 @@ -distlib==0.1.8
+distlib==0.1.9
html5lib==1.0b3
six==1.6.1
colorama==0.3.1
|