Tree - rpms/rh-python36-python-pip

rpms / rh-python36-python-pip

Files

Blob Blame History Raw
%{?scl:%scl_package python-setuptools}
%{!?scl:%global pkg_name %{name}}

%if (! 0%{?rhel}) || 0%{?rhel} > 6
%global build_wheel 1
%endif
%if 0%{?rhel} && 0%{?rhel} < 6
%{!?python_sitelib: %global python_sitelib %(%{__python} -c "from distutils.sysconfig import get_python_lib; print(get_python_lib())")}
%endif

%global srcname pip
%if 0%{?build_wheel}
%global python3_wheelname %{srcname}-%{version}-py2.py3-none-any.whl
%endif

Name:           %{?scl_prefix}python-%{srcname}
Version:        9.0.1
Release:        5%{?dist}
Summary:        A tool for installing and managing Python packages

Group:          Development/Libraries

# We bundle a lot of libraries with pip, which itself is under MIT license.
# Here is the list of the libraries with corresponding licenses:

# appdirs: MIT
# distlib: Python
# distro: ASL 2.0
# html5lib: MIT
# six: MIT
# colorama: BSD
# CacheControl: ASL 2.0
# lockfile: MIT
# progress: ISC
# ipaddress: Python
# packaging: ASL 2.0 or BSD
# pyparsing: MIT
# retrying: ASL 2.0
# requests: ASL 2.0
# chardet: LGPLv2
# urllib3: MIT
# certifi: MPLv2.0
# setuptools: MIT
# webencodings: BSD
# backports.ssl_match_hostname: Python

License:        MIT and Python and ASL 2.0 and BSD and ISC and LGPLv2 and MPLv2.0 and (ASL 2.0 or BSD)
URL:            http://www.pip-installer.org
Source0:        https://files.pythonhosted.org/packages/source/p/pip/%{srcname}-%{version}.tar.gz
Patch0:         allow-stripping-given-prefix-from-wheel-RECORD-files.patch

# Use the system level root certificate instead of the one bundled in requests
# https://bugzilla.redhat.com/show_bug.cgi?id=1826520
Patch4:         dummy-certifi.patch

# Fix CVE-2019-20916: directory traversal in _download_http_url() function
# Backported from upstream: https://github.com/pypa/pip/pull/6418
Patch5:         CVE-2019-20916.patch

BuildRoot:      %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)

BuildArch:      noarch
BuildRequires:  %{?scl_prefix}python-devel
BuildRequires:  %{?scl_prefix}python-setuptools
%if 0%{?build_wheel}
BuildRequires:  %{?scl_prefix}python-pip
BuildRequires:  %{?scl_prefix}python-wheel
%endif
BuildRequires:  ca-certificates
Requires:       ca-certificates
Requires:       %{?scl_prefix}python-setuptools


# Virtual provides for the packages bundled by pip.
# You can find the versions in pip/_vendor/vendor.txt file.
Provides: bundled(python-appdirs) = 1.4.0
Provides: bundled(python-cachecontrol) = 0.11.7
Provides: bundled(python-colorama) = 0.3.7
Provides: bundled(python-distlib) = 0.2.4
Provides: bundled(python-distro) = 1.0.1
Provides: bundled(python-html5lib) = 1.0b10
Provides: bundled(python-ipaddress) = 1.0.17
Provides: bundled(python-lockfile) = 0.12.2
Provides: bundled(python-packaging) = 16.8
Provides: bundled(python-setuptools) = 28.8.0
Provides: bundled(python-progress) = 1.2
Provides: bundled(python-pyparsing) = 2.1.10
Provides: bundled(python-requests) = 2.11.1
Provides: bundled(python-retrying) = 1.3.3
Provides: bundled(python-six) = 1.10.0
Provides: bundled(python-webencodings) = 0.5

# Bundled within the requests bundle
Provides: bundled(python-chardet) = 2.3.0
Provides: bundled(python-urllib3) = 1.16

# Bundled within the urllib3 bundle of the requests bundle
Provides: bundled(python-backports-ssl_match_hostname) = 3.4.0.2

%description
Pip is a replacement for `easy_install
<http://peak.telecommunity.com/DevCenter/EasyInstall>`_.  It uses mostly the
same techniques for finding packages, so packages that were made
easy_installable should be pip-installable as well.


%prep
%{?scl:scl enable %{scl} - << \EOF}
%setup -q -n %{srcname}-%{version}

%patch0 -p1
%patch4 -p1
%patch5 -p1

%{__sed} -i '1d' pip/__init__.py

# this goes together with patch4
rm pip/_vendor/requests/*.pem
sed -i '/\.pem$/d' pip.egg-info/SOURCES.txt

# Remove ordereddict as it is only required for python <= 2.6
rm pip/_vendor/ordereddict.py
rm pip/_vendor/requests/packages/urllib3/packages/ordered_dict.py

%{?scl:EOF}


%build
%{?scl:scl enable %{scl} - << \EOF}
%if 0%{?build_wheel}
%{__python3} setup.py bdist_wheel
%else
%{__python3} setup.py build
%endif
%{?scl:EOF}


%install
%{__rm} -rf %{buildroot}

%{?scl:scl enable %{scl} - << \EOF}
%if 0%{?build_wheel}
pip3 install -I dist/%{python3_wheelname} --root %{buildroot} --strip-file-prefix %{buildroot}
%else
%{__python3} setup.py install --skip-build --root %{buildroot}
%endif
%{?scl:EOF}


%clean
%{__rm} -rf %{buildroot}

# unfortunately, pip's test suite requires virtualenv >= 1.6 which isn't in
# fedora yet. Once it is, check can be implemented

%files
%defattr(-,root,root,-)
%doc LICENSE.txt README.rst docs
%attr(755,root,root) %{_bindir}/pip
%attr(755,root,root) %{_bindir}/pip3*
%{python3_sitelib}/pip*

%changelog
* Mon Sep 21 2020 Charalampos Stratakis <cstratak@redhat.com> - 9.0.1-5
- Security fix for CVE-2019-20916
Resolves: rhbz#1877249

* Wed Sep 16 2020 Charalampos Stratakis <cstratak@redhat.com> - 9.0.1-4
- Use the system level root certificate instead of the one bundled in requests
Resolves: rhbz#1826520

* Tue Sep 08 2020 Charalampos Stratakis <cstratak@redhat.com> - 9.0.1-3
- Add virtual provides for the bundled libraries
- Correct the license information to reflect the bundled libraries
Resolves: rhbz#1774951

* Wed Jun 14 2017 Charalampos Stratakis <cstratak@redhat.com> - 9.0.1-2
- Rebuild as wheel

* Wed Jun 14 2017 Charalampos Stratakis <cstratak@redhat.com> - 9.0.1-1
- Update to 9.0.1 for rh-python36

* Sat Feb 13 2016 Robert Kuska <rkuska@redhat.com> - 7.1.0-2
- Rebuilt with rewheel

* Sat Feb 13 2016 Robert Kuska <rkuska@redhat.com> - 7.1.0-1
- Rebuilt for rh-python35

* Mon Jan 19 2015 Matej Stuchlik <mstuchli@redhat.com> - 1.5.6-4
- Rebuild as wheel

* Tue Nov 18 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.6-3
- Added patch for local dos with predictable temp dictionary names
  (http://seclists.org/oss-sec/2014/q4/655)

* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.5.6-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild

* Sun May 25 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.6-1
- Update to 1.5.6

* Fri Apr 25 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.4-4
- Rebuild as wheel for Python 3.4

* Thu Apr 24 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.4-3
- Disable build_wheel

* Thu Apr 24 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.4-2
- Rebuild as wheel for Python 3.4

* Mon Apr 07 2014 Matej Stuchlik <mstuchli@redhat.com> - 1.5.4-1
- Updated to 1.5.4

* Mon Oct 14 2013 Tim Flink <tflink@fedoraproject.org> - 1.4.1-1
- Removed patch for CVE 2013-2099 as it has been included in the upstream 1.4.1 release
- Updated version to 1.4.1

* Sun Aug 04 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.3.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild

* Tue Jul 16 2013 Toshio Kuratomi <toshio@fedoraproject.org> - 1.3.1-4
- Fix for CVE 2013-2099

* Thu May 23 2013 Tim Flink <tflink@fedoraproject.org> - 1.3.1-3
- undo python2 executable rename to python-pip. fixes #958377
- fix summary to match upstream

* Mon May 06 2013 Kevin Kofler <Kevin@tigcc.ticalc.org> - 1.3.1-2
- Fix main package Summary, it's for Python 2, not 3 (#877401)

* Fri Apr 26 2013 Jon Ciesla <limburgher@gmail.com> - 1.3.1-1
- Update to 1.3.1, fix for CVE-2013-1888.

* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.2.1-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild

* Tue Oct 09 2012 Tim Flink <tflink@fedoraproject.org> - 1.2.1-2
- Fixing files for python3-pip

* Thu Oct 04 2012 Tim Flink <tflink@fedoraproject.org> - 1.2.1-1
- Update to upstream 1.2.1
- Change binary from pip-python to python-pip (RHBZ#855495)
- Add alias from python-pip to pip-python, to be removed at a later date

* Tue May 15 2012 Tim Flink <tflink@fedoraproject.org> - 1.1.0-1
- Update to upstream 1.1.0

* Sat Jan 14 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild

* Sat Oct 22 2011 Tim Flink <tflink@fedoraproject.org> - 1.0.2-1
- update to 1.0.2 and added python3 subpackage

* Wed Jun 22 2011 Tim Flink <tflink@fedoraproject.org> - 0.8.3-1
- update to 0.8.3 and project home page

* Tue Feb 08 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 0.8.2-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild

* Mon Dec 20 2010 Luke Macken <lmacken@redhat.com> - 0.8.2-1
- update to 0.8.2 of pip
* Mon Aug 30 2010 Peter Halliday <phalliday@excelsiorsystems.net> - 0.8-1
- update to 0.8 of pip
* Thu Jul 22 2010 David Malcolm <dmalcolm@redhat.com> - 0.7.2-5
- Rebuilt for https://fedoraproject.org/wiki/Features/Python_2.7/MassRebuild

* Wed Jul 7 2010 Peter Halliday <phalliday@excelsiorsystems.net> - 0.7.2-1
- update to 0.7.2 of pip
* Sun May 23 2010 Peter Halliday <phalliday@excelsiorsystems.net> - 0.7.1-1
- update to 0.7.1 of pip
* Fri Jan 1 2010 Peter Halliday <phalliday@excelsiorsystems.net> - 0.6.1.4
- fix dependency issue
* Fri Dec 18 2009 Peter Halliday <phalliday@excelsiorsystems.net> - 0.6.1-2
- fix spec file 
* Thu Dec 17 2009 Peter Halliday <phalliday@excelsiorsystems.net> - 0.6.1-1
- upgrade to 0.6.1 of pip
* Mon Aug 31 2009 Peter Halliday <phalliday@excelsiorsystems.net> - 0.4-1
- Initial package
rpms / rh-python36-python-pip

Source Code

Files
