* [PATCH 1/3] gnu: Add python-pip.
2015-09-21 22:31 [PATCH 0/3] Add python-bandit Cyril Roelandt
@ 2015-09-21 22:31 ` Cyril Roelandt
2015-09-22 14:30 ` Mathieu Lirzin
2015-09-21 22:31 ` [PATCH 2/3] gnu: Update python-fixtures Cyril Roelandt
2015-09-21 22:31 ` [PATCH 3/3] gnu: Add python-bandit Cyril Roelandt
2 siblings, 1 reply; 11+ messages in thread
From: Cyril Roelandt @ 2015-09-21 22:31 UTC (permalink / raw)
To: guix-devel
* gnu/packages/python.scm (python-pip, python2-pip): New variables.
---
gnu/packages/python.scm | 32 ++++++++++++++++++++++++++++++++
1 file changed, 32 insertions(+)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index 798a22f..a8d811e 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -4916,3 +4916,35 @@ printing of sub-tables by specifying a row range.")
(define-public python2-prettytable
(package-with-python2 python-prettytable))
+
+(define-public python-pip
+ (package
+ (name "python-pip")
+ (version "7.1.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://pypi.python.org/packages/source/p/pip/pip-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0xx4aypfgchxdknxq7gyqghd8wb221zrzyqlbabzm32jy237j16a"))))
+ (build-system python-build-system)
+ (inputs
+ `(("python-setuptools" ,python-setuptools)
+ ("python-virtualenv" ,python-virtualenv)
+ ;; Tests
+ ("python-mock" ,python-mock)
+ ("python-pytest" ,python-pytest)
+ ("python-scripttest" ,python-scripttest)))
+ (home-page "https://pip.pypa.io/")
+ (synopsis
+ "The PyPA recommended tool for installing Python packages")
+ (description
+ "Pip is a package manager for Python software, that finds packages on the
+Python Package Index (PyPI).")
+ (license license:expat)))
+
+(define-public python2-pip
+ (package-with-python2 python-pip))
--
2.1.4
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH 1/3] gnu: Add python-pip.
2015-09-21 22:31 ` [PATCH 1/3] gnu: Add python-pip Cyril Roelandt
@ 2015-09-22 14:30 ` Mathieu Lirzin
0 siblings, 0 replies; 11+ messages in thread
From: Mathieu Lirzin @ 2015-09-22 14:30 UTC (permalink / raw)
To: Cyril Roelandt; +Cc: guix-devel
Cyril Roelandt <tipecaml@gmail.com> writes:
> * gnu/packages/python.scm (python-pip, python2-pip): New variables.
> ---
> gnu/packages/python.scm | 32 ++++++++++++++++++++++++++++++++
> 1 file changed, 32 insertions(+)
[...]
> + (home-page "https://pip.pypa.io/")
> + (synopsis
> + "The PyPA recommended tool for installing Python packages")
^^^
IMO Pypa recommandations are not relevant in Guix context. What about
something more neutral like “Xenophobic package manager”? ;) Just
kidding.
I would prefer
(synopsis "Package manager for Python software")
> + (description
> + "Pip is a package manager for Python software, that finds packages on the
> +Python Package Index (PyPI).")
It would be nice to have a more verbose description, for example
describing its main features... Sorry I can't help much :)
> + (license license:expat)))
> +
> +(define-public python2-pip
> + (package-with-python2 python-pip))
Otherwise LGTM!
--
Mathieu Lirzin
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH 2/3] gnu: Update python-fixtures
2015-09-21 22:31 [PATCH 0/3] Add python-bandit Cyril Roelandt
2015-09-21 22:31 ` [PATCH 1/3] gnu: Add python-pip Cyril Roelandt
@ 2015-09-21 22:31 ` Cyril Roelandt
2015-09-22 15:11 ` Mathieu Lirzin
2015-09-22 19:16 ` Thompson, David
2015-09-21 22:31 ` [PATCH 3/3] gnu: Add python-bandit Cyril Roelandt
2 siblings, 2 replies; 11+ messages in thread
From: Cyril Roelandt @ 2015-09-21 22:31 UTC (permalink / raw)
To: guix-devel
* gnu/packages/python.scm (python-fixtures): Update.
* gnu/packages/python.scm (python-fixtures-0.3.16,
python2-fixtures-0.3.16, python-pbr-0.11,
python2-pbr-0.11): New variables.
* gnu/packages/python.scm (python-testrepository): Use python-fxitures-0.3.16
instead of python-fixtures in the inputs.
---
gnu/packages/python.scm | 75 +++++++++++++++++++++++++++++++++++++++++++++++--
1 file changed, 73 insertions(+), 2 deletions(-)
diff --git a/gnu/packages/python.scm b/gnu/packages/python.scm
index a8d811e..a3de1a7 100644
--- a/gnu/packages/python.scm
+++ b/gnu/packages/python.scm
@@ -1675,7 +1675,14 @@ protocol.")
(define-public python2-subunit
(package-with-python2 python-subunit))
-(define-public python-fixtures
+;; Recent versions of python-fixtures need a recent version of python-pbr,
+;; which needs a recent version of python-fixtures. To fix this circular
+;; dependency, we keep old versions of python-fixtures and python-pbr to
+;; bootstrap the whole thing:
+;; - python-fixtures-0.3.16 is used to build python-pbr-0.11
+;; - python-pbr-0.11 is used to build python-fixtures
+;; - python-fixtures is used to build python-pbr
+(define-public python-fixtures-0.3.16
(package
(name "python-fixtures")
(version "0.3.16")
@@ -1700,6 +1707,70 @@ protocol.")
Python tests.")
(license (list bsd-3 asl2.0)))) ; at user's option
+(define-public python2-fixtures-0.3.16
+ (package-with-python2 python-fixtures-0.3.16))
+
+(define-public python-pbr-0.11
+ (package
+ (name "python-pbr")
+ (version "0.11.0")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://pypi.python.org/packages/source/p/pbr/pbr-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "0v9gb7gyqf7q9s99l0nnjj9ww9b0jvyqlwm4d56pcyinxydddw6p"))))
+ (build-system python-build-system)
+ (arguments
+ `(#:tests? #f)) ;; Most tests seem to use the Internet.
+ (inputs
+ `(("python-fixtures-0.3.16" ,python-fixtures-0.3.16)
+ ("python-pip" ,python-pip)
+ ("python-setuptools" ,python-setuptools)))
+ (home-page "https://launchpad.net/pbr")
+ (synopsis "Change the default behavior of Python’s setuptools")
+ (description
+ "Python Build Reasonableness (PBR) is a library that injects some useful
+and sensible default behaviors into your setuptools run.")
+ (license asl2.0)))
+
+(define-public python2-pbr-0.11
+ (package-with-python2 python-pbr-0.11))
+
+(define-public python-fixtures
+ (package
+ (name "python-fixtures")
+ (version "1.3.1")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://pypi.python.org/packages/source/f/fixtures/fixtures-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "1khpywdh91ijryhxjxiyyi5rmbimhl8hwbbf8lazhgzq6yxz6g5n"))))
+ (build-system python-build-system)
+ (propagated-inputs
+ `(("python-six" ,python-six)
+ ("python-pbr-0.11" ,python-pbr-0.11)))
+ (inputs
+ `(("python-pip" ,python-pip)
+ ("python-setuptools" ,python-setuptools)
+ ;; Tests
+ ("python-testtools" ,python-testtools)))
+ (arguments
+ '(#:tests? #f)) ; no setup.py test command
+ (home-page "https://launchpad.net/python-fixtures")
+ (synopsis "Python test fixture library")
+ (description
+ "Fixtures provides a way to create reusable state, useful when writing
+Python tests.")
+ (license (list bsd-3 asl2.0)))) ; at user's option
+
(define-public python2-fixtures
(package-with-python2 python-fixtures))
@@ -1718,7 +1789,7 @@ Python tests.")
"1ssqb07c277010i6gzzkbdd46gd9mrj0bi0i8vn560n2k2y4j93m"))))
(build-system python-build-system)
(propagated-inputs
- `(("python-fixtures" ,python-fixtures)
+ `(("python-fixtures-0.3.16" ,python-fixtures-0.3.16)
("python-testtools" ,python-testtools)))
(inputs
`(("python-setuptools" ,python-setuptools)
--
2.1.4
^ permalink raw reply related [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-09-21 22:31 ` [PATCH 2/3] gnu: Update python-fixtures Cyril Roelandt
@ 2015-09-22 15:11 ` Mathieu Lirzin
2015-09-22 19:16 ` Thompson, David
1 sibling, 0 replies; 11+ messages in thread
From: Mathieu Lirzin @ 2015-09-22 15:11 UTC (permalink / raw)
To: Cyril Roelandt; +Cc: guix-devel
I can't help much about the circular dependency problem. I think it is
important to avoid propagation of inputs from old versions, but I don't
know if this is feasible. Here are my usual cosmetic comments :)
Cyril Roelandt <tipecaml@gmail.com> writes:
> * gnu/packages/python.scm (python-fixtures): Update.
> * gnu/packages/python.scm (python-fixtures-0.3.16,
> python2-fixtures-0.3.16, python-pbr-0.11,
> python2-pbr-0.11): New variables.
> * gnu/packages/python.scm (python-testrepository): Use python-fxitures-0.3.16
^^^
fixtures
> instead of python-fixtures in the inputs.
[...]
> +(define-public python-pbr-0.11
> + (package
> + (name "python-pbr")
> + (version "0.11.0")
> + (source
> + (origin
> + (method url-fetch)
> + (uri (string-append
> + "https://pypi.python.org/packages/source/p/pbr/pbr-"
> + version ".tar.gz"))
> + (sha256
> + (base32
> + "0v9gb7gyqf7q9s99l0nnjj9ww9b0jvyqlwm4d56pcyinxydddw6p"))))
> + (build-system python-build-system)
> + (arguments
> + `(#:tests? #f)) ;; Most tests seem to use the Internet.
`(#:tests? #f)) ;most tests seem to use the internet
--
Mathieu Lirzin
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-09-21 22:31 ` [PATCH 2/3] gnu: Update python-fixtures Cyril Roelandt
2015-09-22 15:11 ` Mathieu Lirzin
@ 2015-09-22 19:16 ` Thompson, David
2015-09-22 21:45 ` Cyril Roelandt
1 sibling, 1 reply; 11+ messages in thread
From: Thompson, David @ 2015-09-22 19:16 UTC (permalink / raw)
To: Cyril Roelandt; +Cc: guix-devel
On Mon, Sep 21, 2015 at 6:31 PM, Cyril Roelandt <tipecaml@gmail.com> wrote:
> * gnu/packages/python.scm (python-fixtures): Update.
> * gnu/packages/python.scm (python-fixtures-0.3.16,
> python2-fixtures-0.3.16, python-pbr-0.11,
> python2-pbr-0.11): New variables.
> * gnu/packages/python.scm (python-testrepository): Use python-fxitures-0.3.16
> instead of python-fixtures in the inputs.
One package update or new package per patch, please.
- Dave
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-09-22 19:16 ` Thompson, David
@ 2015-09-22 21:45 ` Cyril Roelandt
2015-09-27 20:17 ` Ludovic Courtès
0 siblings, 1 reply; 11+ messages in thread
From: Cyril Roelandt @ 2015-09-22 21:45 UTC (permalink / raw)
To: Thompson, David; +Cc: guix-devel
On 09/22/2015 09:16 PM, Thompson, David wrote:
> On Mon, Sep 21, 2015 at 6:31 PM, Cyril Roelandt <tipecaml@gmail.com> wrote:
>> * gnu/packages/python.scm (python-fixtures): Update.
>> * gnu/packages/python.scm (python-fixtures-0.3.16,
>> python2-fixtures-0.3.16, python-pbr-0.11,
>> python2-pbr-0.11): New variables.
>> * gnu/packages/python.scm (python-testrepository): Use python-fxitures-0.3.16
>> instead of python-fixtures in the inputs.
>
> One package update or new package per patch, please.
>
I know it is usually done like this, but I feel this is a bit special,
since all these changes are only done in order to update
python-fixtures. I could have:
1) renamed python-fixtures to python-fixtures-0.3.16 and changed inputs
from "python-fixtures" to "python-fixtures-0.3.16" for all packages that
depend on fixtures
2) added python-pbr-0.11
3) added python-fixtures
4) changed inputs from "python-fixtures-0.3.16" to "python-fixtures" for
all packages that depend on fixtures
But I feel it would be incredibly confusing when looking at "git log". WDYT?
Cyril.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-09-22 21:45 ` Cyril Roelandt
@ 2015-09-27 20:17 ` Ludovic Courtès
2015-10-08 21:41 ` Cyril Roelandt
0 siblings, 1 reply; 11+ messages in thread
From: Ludovic Courtès @ 2015-09-27 20:17 UTC (permalink / raw)
To: Cyril Roelandt; +Cc: guix-devel
Cyril Roelandt <tipecaml@gmail.com> skribis:
> On 09/22/2015 09:16 PM, Thompson, David wrote:
>> On Mon, Sep 21, 2015 at 6:31 PM, Cyril Roelandt <tipecaml@gmail.com> wrote:
>>> * gnu/packages/python.scm (python-fixtures): Update.
>>> * gnu/packages/python.scm (python-fixtures-0.3.16,
>>> python2-fixtures-0.3.16, python-pbr-0.11,
>>> python2-pbr-0.11): New variables.
>>> * gnu/packages/python.scm (python-testrepository): Use python-fxitures-0.3.16
>>> instead of python-fixtures in the inputs.
>>
>> One package update or new package per patch, please.
>>
>
> I know it is usually done like this, but I feel this is a bit special,
> since all these changes are only done in order to update
> python-fixtures. I could have:
>
> 1) renamed python-fixtures to python-fixtures-0.3.16 and changed inputs
> from "python-fixtures" to "python-fixtures-0.3.16" for all packages that
> depend on fixtures
> 2) added python-pbr-0.11
> 3) added python-fixtures
> 4) changed inputs from "python-fixtures-0.3.16" to "python-fixtures" for
> all packages that depend on fixtures
>
> But I feel it would be incredibly confusing when looking at "git log". WDYT?
Yeah, two commits would do IMO: one to add python-pbr-0.11, and the
other one for the rest.
Could you do that? This patch series needs to go in before it
accumulates dust.
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-09-27 20:17 ` Ludovic Courtès
@ 2015-10-08 21:41 ` Cyril Roelandt
2015-10-09 12:18 ` Ludovic Courtès
0 siblings, 1 reply; 11+ messages in thread
From: Cyril Roelandt @ 2015-10-08 21:41 UTC (permalink / raw)
To: Ludovic Courtès; +Cc: guix-devel
On 09/27/2015 10:17 PM, Ludovic Courtès wrote:
> Yeah, two commits would do IMO: one to add python-pbr-0.11, and the
> other one for the rest.
>
> Could you do that? This patch series needs to go in before it
> accumulates dust.
No, it'd be a bloody pain.
If I just add python-pbr-0.11, then I'd have to change its inputs in the
next patch (python-fixtures -> python-fixtures-0.3.16), so it adds weird
stuff in the next commit.
The thing is, this is a terrible mess, and the only way to have
something easily understandable in the git history is to do this in one
single, clean commit. I'm already having a hard time resisting the urge
of writing a 3-paragraph commit log to explain everything ;)
Cyril.
^ permalink raw reply [flat|nested] 11+ messages in thread
* Re: [PATCH 2/3] gnu: Update python-fixtures
2015-10-08 21:41 ` Cyril Roelandt
@ 2015-10-09 12:18 ` Ludovic Courtès
0 siblings, 0 replies; 11+ messages in thread
From: Ludovic Courtès @ 2015-10-09 12:18 UTC (permalink / raw)
To: Cyril Roelandt; +Cc: guix-devel
Cyril Roelandt <tipecaml@gmail.com> skribis:
> On 09/27/2015 10:17 PM, Ludovic Courtès wrote:
>> Yeah, two commits would do IMO: one to add python-pbr-0.11, and the
>> other one for the rest.
>>
>> Could you do that? This patch series needs to go in before it
>> accumulates dust.
>
> No, it'd be a bloody pain.
>
> If I just add python-pbr-0.11, then I'd have to change its inputs in the
> next patch (python-fixtures -> python-fixtures-0.3.16), so it adds weird
> stuff in the next commit.
>
> The thing is, this is a terrible mess, and the only way to have
> something easily understandable in the git history is to do this in one
> single, clean commit. I'm already having a hard time resisting the urge
> of writing a 3-paragraph commit log to explain everything ;)
Well OK, if that’s what it takes, let’s do it.
Thanks,
Ludo’.
^ permalink raw reply [flat|nested] 11+ messages in thread
* [PATCH 3/3] gnu: Add python-bandit.
2015-09-21 22:31 [PATCH 0/3] Add python-bandit Cyril Roelandt
2015-09-21 22:31 ` [PATCH 1/3] gnu: Add python-pip Cyril Roelandt
2015-09-21 22:31 ` [PATCH 2/3] gnu: Update python-fixtures Cyril Roelandt
@ 2015-09-21 22:31 ` Cyril Roelandt
2 siblings, 0 replies; 11+ messages in thread
From: Cyril Roelandt @ 2015-09-21 22:31 UTC (permalink / raw)
To: guix-devel
* gnu/packages/openstack.scm (python-bandit, python2-bandit): New variables.
---
gnu/packages/openstack.scm | 40 ++++++++++++++++++++++++++++++++++++++++
1 file changed, 40 insertions(+)
diff --git a/gnu/packages/openstack.scm b/gnu/packages/openstack.scm
index 39584d5..4fd1c80 100644
--- a/gnu/packages/openstack.scm
+++ b/gnu/packages/openstack.scm
@@ -25,6 +25,46 @@
#:select (asl2.0))
#:use-module (guix packages))
+(define-public python-bandit
+ (package
+ (name "python-bandit")
+ (version "0.13.2")
+ (source
+ (origin
+ (method url-fetch)
+ (uri (string-append
+ "https://pypi.python.org/packages/source/b/bandit/bandit-"
+ version ".tar.gz"))
+ (sha256
+ (base32
+ "03g3cflvrc99ncjd611iy5nnnscsc2vgnrx4mjaqyx8glbfw8y7g"))))
+ (build-system python-build-system)
+ (propagated-inputs
+ `(("python-appdirs" ,python-appdirs)
+ ("python-pyyaml" ,python-pyyaml)
+ ("python-six" ,python-six)
+ ("python-stevedore" ,python-stevedore)))
+ (inputs
+ `(("python-pbr" ,python-pbr)
+ ("python-setuptools" ,python-setuptools)
+ ;; Tests
+ ("python-fixtures" ,python-fixtures)
+ ("python-mock" ,python-mock)
+ ("python-testrepository" ,python-testrepository)
+ ("python-testscenarios" ,python-testscenarios)
+ ("python-testtools" ,python-testtools)))
+ (home-page "https://wiki.openstack.org/wiki/Security/Projects/Bandit")
+ (synopsis "Security oriented static analyser for python code.")
+ (description
+ "Bandit is a tool designed to find common security issues in Python code.
+To do this Bandit processes each file, builds an AST from it, and runs
+appropriate plugins against the AST nodes. Once Bandit has finished scanning
+all the files it generates a report.")
+ (license asl2.0)))
+
+(define-public python2-bandit
+ (package-with-python2 python-bandit))
+
(define-public python-debtcollector
(package
(name "python-debtcollector")
--
2.1.4
^ permalink raw reply related [flat|nested] 11+ messages in thread