Jan Lindemann
8d174f03bd
All checks were successful
Standard CI tests / Packaging - Kali Linux (pull_request) Successful in 3m17s
Standard CI tests / Packaging - OpenSUSE Tumbleweed (pull_request) Successful in 3m35s
Standard CI tests / Packaging test - All supported platforms (pull_request) Successful in 0s
Standard CI tests / Packaging - Kali Linux (push) Successful in 3m18s
Standard CI tests / Packaging - OpenSUSE Tumbleweed (push) Successful in 3m19s
Standard CI tests / Packaging test - All supported platforms (push) Successful in 0s
Running pyright in a minimal docker container gives this error:
$ pyright /usr/bin/npm-default: No such file or directory Traceback (most recent call last): File "/usr/bin/pyright-3.13", line 6, in <module> sys.exit(entrypoint()) ~~~~~~~~~~^^ File "/usr/lib/python3.13/site-packages/pyright/cli.py", line 31, in entrypoint sys.exit(main(sys.argv[1:])) ~~~~^^^^^^^^^^^^^^ File "/usr/lib/python3.13/site-packages/pyright/cli.py", line 18, in main return run(*args, **kwargs).returncode ~~~^^^^^^^^^^^^^^^^^ File "/usr/lib/python3.13/site-packages/pyright/cli.py", line 22, in run pkg_dir = install_pyright(args, quiet=None) File "/usr/lib/python3.13/site-packages/pyright/_utils.py", line 69, in install_pyright node.run( ~~~~~~~~^ 'npm', ^^^^^^ ...<5 lines>... stderr=subprocess.PIPE if silent else sys.stderr, ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ ) ^ File "/usr/lib/python3.13/site-packages/pyright/node.py", line 144, in run subprocess.run(node_args, **kwargs), ~~~~~~~~~~~~~~^^^^^^^^^^^^^^^^^^^^^ File "/usr/lib64/python3.13/subprocess.py", line 577, in run raise CalledProcessError(retcode, process.args, output=stdout, stderr=stderr) subprocess.CalledProcessError: Command '['/usr/bin/npm', 'install', \ 'pyright@1.1.409']' returned non-zero exit status 255.This means that on openSUSE, python3-pyright tries to pull in packages from the NPM registry. This increases the CI supply chain attack surface inacceptably, so remove pyright from the release prerequisites. That should be enough to remove it from the prerequisites of target check as well and allow it to succeed.
The pyright check machinery itself remains useful, so keep it in place for developers who install python3-pyright manually.
Signed-off-by: Jan Lindemann <jan@janware.com>
47 lines
1 KiB
Text
47 lines
1 KiB
Text
[summary]
|
|
janware GmbH software build system
|
|
|
|
[description]
|
|
A package providing a lightweight cross-platform software build and packaging
|
|
system, for use both standalone and from within a janware software build tree.
|
|
|
|
[global]
|
|
group = "Development/Tools/Building"
|
|
subpackages = run devel
|
|
license = LGPL 2
|
|
jw-maintainer = jan
|
|
|
|
[build]
|
|
libname = none
|
|
|
|
[pkg.requires.jw]
|
|
devel = jw-pkg-run = VERSION-REVISION
|
|
|
|
[pkg.requires.os]
|
|
run = bash, python3
|
|
build = make, time, xdg-utils, coreutils, cpio, xdg-utils, git-core
|
|
devel = sudo, gawk, pkg-config
|
|
release = mypy, python3-isort, python3-yapf
|
|
|
|
[pkg.requires.centos]
|
|
run = hostname, python
|
|
build = epel-release, pkgconfig
|
|
release = rpm-build
|
|
|
|
[pkg.requires.ubuntu-16]
|
|
build = realpath
|
|
|
|
[pkg.requires.ubuntu-14]
|
|
build = realpath
|
|
|
|
[pkg.requires.suse]
|
|
run = python3
|
|
release = rpmbuild, python3-base
|
|
|
|
[pkg.requires.debian]
|
|
run = python3
|
|
release = devscripts, debhelper, dput, libparse-debcontrol-perl, fakeroot, build-essential:native, yapf3
|
|
|
|
[pkg.requires.yocto]
|
|
run = python3-core
|
|
build = coreutils-native, xdg-utils-native
|