diff --git a/0001-relax-cryptography-dependency-version-requirement.patch b/0001-relax-cryptography-dependency-version-requirement.patch deleted file mode 100644 index 4ed7e31..0000000 --- a/0001-relax-cryptography-dependency-version-requirement.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 4e39aa55098734f27f83f4ade53fbb71879255dc Mon Sep 17 00:00:00 2001 -From: Dan Callaghan -Date: Sun, 18 Jul 2021 13:18:10 +1000 -Subject: [PATCH] relax cryptography dependency version requirement - -In Fedora, python-cryptography does not bundle OpenSSL, so it's always -up to date. This strict version requirement is not necessary. See: - -https://bugzilla.redhat.com/show_bug.cgi?id=1978949 ---- - synapse/python_dependencies.py | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py -index 1dd39f06cf..2b83353b76 100644 ---- a/synapse/python_dependencies.py -+++ b/synapse/python_dependencies.py -@@ -78,9 +78,7 @@ REQUIREMENTS = [ - "bleach>=1.4.3", - # We use `ParamSpec`, which was added in `typing-extensions` 3.10.0.0. - "typing-extensions>=3.10.0", -- # We enforce that we have a `cryptography` version that bundles an `openssl` -- # with the latest security patches. -- "cryptography>=3.4.7", -+ "cryptography>=3.4", - # ijson 3.1.4 fixes a bug with "." in property names - "ijson>=3.1.4", - "matrix-common~=1.1.0", --- -2.35.1 diff --git a/matrix-synapse.spec b/matrix-synapse.spec index 64a1902..d2478e8 100644 --- a/matrix-synapse.spec +++ b/matrix-synapse.spec @@ -2,7 +2,7 @@ # Version suffix in URL when building release candidates %global rcx %{nil} -%global ghversion 1.57.0 +%global ghversion 1.620 %{?python_enable_dependency_generator} @@ -24,62 +24,17 @@ Source2: synapse.service Source4: synapse@.service Source3: matrix-synapse.sysusers -# non-upstreamable patch to accept any version of python-cryptography, see RHBZ#1978949 -Patch1: 0001-relax-cryptography-dependency-version-requirement.patch BuildArch: noarch +Recommends: %{name}+postgres +Recommends: %{name}+systemd + BuildRequires: python3-devel -BuildRequires: python3-setuptools - -# Test dependencies -BuildRequires: python3-parameterized >= 0.7.0 BuildRequires: /usr/bin/openssl - -# Package dependencies -#BuildRequires: python3-txacme >= 0.9.2 -BuildRequires: (python3-attrs >= 19.2.0 without python3-attrs = 21.1.0) -BuildRequires: python3-authlib -BuildRequires: python3-bcrypt >= 3.1.0 -BuildRequires: python3-bleach >= 1.4.3 -BuildRequires: python3-canonicaljson >= 1.4.0 -# v3.4.7 affects only the binary distribution, so using v3.4.6 is fine. -BuildRequires: python3-cryptography >= 3.4.6 -BuildRequires: python3-daemonize >= 2.3.1 -BuildRequires: (python3-frozendict without python3-frozendict = 2.1.2) -BuildRequires: python3-idna >= 2.5 -BuildRequires: python3-ijson -BuildRequires: python3-jinja2 -BuildRequires: python3-jsonschema -BuildRequires: python3-jwt -BuildRequires: python3-lxml -BuildRequires: python3-matrix-common -BuildRequires: python3-matrix-synapse-ldap3 >= 0.1 -BuildRequires: python3-msgpack >= 0.5.2 -BuildRequires: python3-netaddr >= 0.7.18 -BuildRequires: python3-phonenumbers >= 8.2.0 -BuildRequires: python3-pillow -BuildRequires: python3-prometheus_client -BuildRequires: python3-pyOpenSSL >= 16.0.0 -BuildRequires: python3-pyasn1 >= 0.1.9 -BuildRequires: python3-pyasn1-modules >= 0.0.7 -BuildRequires: python3-pymacaroons-pynacl >= 0.13.0 -BuildRequires: python3-pynacl >= 1.2.1 -BuildRequires: python3-pysaml2 >= 4.5.0 -BuildRequires: python3-pyyaml >= 3.11 -BuildRequires: python3-service-identity >= 18.1.0 -BuildRequires: python3-signedjson >= 1.1.0 -BuildRequires: python3-sortedcontainers >= 1.4.4 -BuildRequires: python3-systemd >= 231 -BuildRequires: python3-treq >= 15.1 -BuildRequires: python3-twisted >= 18.9.0 -BuildRequires: python3-typing-extensions -BuildRequires: python3-unpaddedbase64 >= 1.1.0 -BuildRequires: systemd +BuildRequires: systemd-rpm-macros +# Workaround missing python-saml2 dependencies in f35 and f36. BuildRequires: xmlsec1 - -Requires(pre): shadow-utils -Requires: systemd -%{?systemd_requires} +BuildRequires: xmlsec1-openssl %description Matrix is an ambitious new ecosystem for open federated Instant Messaging and @@ -89,6 +44,8 @@ to showcase the concept of Matrix and let folks see the spec in the context of a coded base and let you run your own homeserver and generally help bootstrap the ecosystem. +%pyproject_extras_subpkg -n %{name} matrix-synapse-ldap3 postgres saml2 oidc systemd url_preview jwt cache_memory + %prep %autosetup -p1 -n %{srcname}-%{ghversion}%{rcx} @@ -100,17 +57,20 @@ the ecosystem. rm -rf synapse/static +%generate_buildrequires +# Missing: sentry,opentracing,redis +%pyproject_buildrequires -x test,matrix-synapse-ldap3,postgres,saml2,oidc,systemd,url_preview,jwt,cache_memory + + + %build -%py3_build +%pyproject_wheel %install -%py3_install - -# Synapse includes some benchmarks in a separate Python package named "synmark" -# which is installed by default. Remove it to avoid shipping it in the Fedora -# package, since it is unlikely to be useful to end users. -rm -r %{buildroot}%{python3_sitelib}/synmark/ +%pyproject_install +%py3_shebang_fix %{buildroot}%{python3_sitelib}/%{srcname}/_scripts +%pyproject_save_files %{srcname} install -p -D -T -m 0644 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/synapse/log_config.yaml install -p -D -T -m 0644 %{SOURCE1} %{buildroot}%{_sysconfdir}/sysconfig/synapse @@ -120,30 +80,44 @@ install -p -d -m 755 %{buildroot}/%{_sharedstatedir}/synapse install -p -D -m 0644 %{SOURCE3} %{buildroot}%{_sysusersdir}/%{name}.conf %check -PYTHONPATH=. trial-3 tests +set -o pipefail +PYTHONPATH=%{buildroot}%{python3_sitearch}:%{buildroot}%{python3_sitelib}:$PWD trial-3 tests | tee trial.stdout + +# Guard against new types of tests being skipped. +WHITELIST="Requires hiredis +Requires jaeger_client +Requires Postgres +\`BaseFederationServlet\` does not support cancellation yet." +REASONS=$(cat trial.stdout | sed -n '/^\[SKIPPED\]$/{n;p;}') +SKIPPED=$(comm -23 <(echo "$REASONS" | sort | uniq) <(echo "$WHITELIST" | sort | uniq)) +if [ ! -z "$SKIPPED" ]; then + echo -e "Failing, because tests were skipped:\n$SKIPPED" + exit 1 +fi %pre %sysusers_create_compat %{SOURCE3} + %post %systemd_post synapse.service %systemd_post synapse@*.service + %preun %systemd_preun synapse.service %systemd_preun synapse@*.service + %postun %systemd_postun_with_restart synapse.service %systemd_postun_with_restart synapse@*.service -%files +%files -f %{pyproject_files} %license LICENSE %doc *.rst %config(noreplace) %{_sysconfdir}/sysconfig/synapse -%{python3_sitelib}/synapse/ -%{python3_sitelib}/matrix_synapse*.egg-info/ %{_bindir}/* %{_unitdir}/synapse.service %{_unitdir}/synapse@.service @@ -154,7 +128,32 @@ PYTHONPATH=. trial-3 tests %changelog -* Thu Apr 05 2022 Kai A. Hiller - 1.56.0-1 +* Thu Jul 14 2022 Kai A. Hiller - 1.62.0-1 +- Update to v1.62.0 + +* Wed Jun 29 2022 Kai A. Hiller - 1.61.1-1 +- Update to v1.61.1 +- Fix CVE-2022-31052 + +* Tue Jun 14 2022 Kai A. Hiller - 1.61.0-1 +- Update to v1.61.0 + +* Thu Jun 09 2022 Kai A. Hiller - 1.60.0-1 +- Update to v1.60.0 + +* Thu May 19 2022 Kai A. Hiller - 1.59.1-1 +- Update to v1.59.1 + +* Wed May 18 2022 Kai A. Hiller - 1.59.0-1 +- Update to v1.59.0 + +* Wed May 04 2022 Kai A. Hiller - 1.58.0-1 +- Update to v1.58.0 + +* Thu Apr 21 2022 Dan Callaghan - 1.57.0-1 +- Update to v1.57.0 + +* Tue Apr 05 2022 Kai A. Hiller - 1.56.0-1 - Update to v1.56.0 * Thu Mar 24 2022 Kai A. Hiller - 1.55.0-1