[PATCH gpgme] Fix prerelease Python sdist tarball creation and add PEP517 support

David Runge dave at sleepmap.de
Tue Nov 29 16:31:23 CET 2022

On 2022-11-29 15:05:03 (+0100), Bernhard Reiter wrote:
> So, they'll be useful for those who find them here.

Unfortunately, that is not the case, as Python projects developed in
virtualenvs (arguably a large chunk of today's projects) can not
integrate the existing sdist tarball from pypi.org [1], because it is so
outdated and can not be built/installed.
Adding the PEP517 integration (as done in my patches) is only the
preparation. It is also required that GPGME is released and to push an
up-to-date sdist tarball (which has to be generated by a make target) to
pypi.org (which only the maintainers of this project can do).

In its current state the only way the Python integration can be used is
if one's operating system (e.g. a Linux distribution) provides it as a
package (built alongside gpgme). This renders testing in virtualenvs,
where dependencies can be pinned and built reproducibly impossible

> Have you've done the steps in
> https://github.com/gpg/gpgme/blob/master/doc/HACKING#license-policy
> yet?

Thanks for pointing that out! I had not, but have just sent it.


[1] https://pypi.org/project/gpg/

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20221129/5a5cfa52/attachment.sig>

More information about the Gnupg-devel mailing list