diff options
author | Marius Bakke <marius@gnu.org> | 2021-12-01 01:31:46 +0100 |
---|---|---|
committer | Marius Bakke <marius@gnu.org> | 2021-12-05 14:40:08 +0100 |
commit | f63fb61d0caff7cb592cadfe36802940517c1ea8 (patch) | |
tree | 69321e4bd78820870597148d38276bbdff5c3664 /guix/import | |
parent | e166e6acf672d0350e16f47996b5157531e72ef5 (diff) |
import: PyPI: Validate GPG signatures when applicable.
* guix/import/pypi.scm (<distribution>): Fix funny typo.
(latest-release): When the distribution has a cryptographic signature, pass it
along to UPSTREAM-SOURCE.
Diffstat (limited to 'guix/import')
-rw-r--r-- | guix/import/pypi.scm | 11 |
1 files changed, 8 insertions, 3 deletions
diff --git a/guix/import/pypi.scm b/guix/import/pypi.scm index 418a3556ec..bbbabe4c09 100644 --- a/guix/import/pypi.scm +++ b/guix/import/pypi.scm @@ -10,6 +10,7 @@ ;;; Copyright © 2020 Arun Isaac <arunisaac@systemreboot.net> ;;; Copyright © 2020 Martin Becze <mjbecze@riseup.net> ;;; Copyright © 2021 Xinglu Chen <public@yoctocell.xyz> +;;; Copyright © 2021 Marius Bakke <marius@gnu.org> ;;; ;;; This file is part of GNU Guix. ;;; @@ -113,7 +114,7 @@ (url distribution-url) ;string (digests distribution-digests) ;list of string pairs (file-name distribution-file-name "filename") ;string - (has-signature? distribution-has-signature? "hash_sig") ;Boolean + (has-signature? distribution-has-signature? "has_sig") ;Boolean (package-type distribution-package-type "packagetype") ;"bdist_wheel" | ... (python-version distribution-package-python-version "python_version")) @@ -540,10 +541,14 @@ VERSION, SOURCE-URL, HOME-PAGE, SYNOPSIS, DESCRIPTION, and LICENSE." (guard (c ((missing-source-error? c) #f)) (let* ((info (pypi-project-info pypi-package)) (version (project-info-version info)) - (url (distribution-url - (source-release pypi-package)))) + (dist (source-release pypi-package)) + (url (distribution-url dist))) (upstream-source (urls (list url)) + (signature-urls + (if (distribution-has-signature? dist) + (list (string-append url ".asc")) + #f)) (input-changes (changed-inputs package (pypi->guix-package pypi-name))) |