From: Michael Olbrich <m.olbrich@pengutronix.de>
To: Bruno Thomsen <bruno.thomsen@gmail.com>
Cc: ptxdist@pengutronix.de
Subject: Re: [ptxdist] [PATCH 1/2] python3-gunicorn: new package
Date: Wed, 18 May 2022 15:47:33 +0200 [thread overview]
Message-ID: <YoT49V+B15WfOC4T@pengutronix.de> (raw)
In-Reply-To: <CAH+2xPAWS3G+RoJgo7Rzmy2wRY7H1JZ7xa0+WAg1m3_zeiWBmQ@mail.gmail.com>
On Sat, May 14, 2022 at 12:50:33PM +0200, Bruno Thomsen wrote:
> Den fre. 13. maj 2022 kl. 09.15 skrev Michael Olbrich
> <m.olbrich@pengutronix.de>:
> > On Mon, May 09, 2022 at 02:05:47PM +0200, Bruno Thomsen wrote:
> > > Gunicorn 'Green Unicorn' is a Python WSGI HTTP Server for UNIX.
> > >
> > > Requirement for python3-falcon package.
> > >
> > > Signed-off-by: Bruno Thomsen <bruno.thomsen@gmail.com>
> > > ---
> > > rules/python3-gunicorn.in | 11 +++++++
> > > rules/python3-gunicorn.make | 57 +++++++++++++++++++++++++++++++++++++
> > > 2 files changed, 68 insertions(+)
> > > create mode 100644 rules/python3-gunicorn.in
> > > create mode 100644 rules/python3-gunicorn.make
>
> > > +# Paths and names
> > > +#
> > > +PYTHON3_GUNICORN_VERSION := 20.1.0
> > > +PYTHON3_GUNICORN_MD5 := ac6254576d53c2ede3456561af3f0549
> >
> > ptxdist: error: Wrong md5sum for 'python3-gunicorn' (.../src/gunicorn-20.1.0.tar.gz)
> >
> > What's going on here?
> >
>
> Hi Michael,
>
> That is strange so I will dig deeper into this.
>
> Our 3rd party dependencies are stored in a maven repository so I can
> easily go back and get the old hash file.
>
> ac6254576d53c2ede3456561af3f0549:
> Downloaded from ptx/mirror-pypi 4/4-22.
>
> db8a7c5c2064000af70286534803bf1d:
> Downloaded from ptx/mirror-pypi 14/5-22.
>
> ----------------8<-----------------------------
>
> ls -l
> total 724
> drwxrwxr-x. 7 bruno bruno 4096 12 feb 2021
> gunicorn-20.1.0.ac6254576d53c2ede3456561af3f0549
> drwxr-xr-x. 7 bruno bruno 4096 27 mar 2021
> gunicorn-20.1.0.db8a7c5c2064000af70286534803bf1d
> -rw-r--r--. 1 bruno bruno 354960 14 maj 11:55
> gunicorn-20.1.0.tar.gz.ac6254576d53c2ede3456561af3f0549
> -rw-r--r--. 1 bruno bruno 370601 14 maj 11:55
> gunicorn-20.1.0.tar.gz.db8a7c5c2064000af70286534803bf1d
>
> ----------------8<-----------------------------
>
> Something has changed in the file even if it's the same package version.
> The new file is around 15K bigger then the old one.
>
> Let's locate added/removed/changed files.
>
> ----------------8<-----------------------------
>
> cd gunicorn-20.1.0.ac6254576d53c2ede3456561af3f0549/; find . -type f
> -exec md5sum {} + | awk '{print $2 " " $1}' | sort > ../ac62.log; cd -
> cd gunicorn-20.1.0.db8a7c5c2064000af70286534803bf1d/; find . -type f
> -exec md5sum {} + | awk '{print $2 " " $1}' | sort > ../db8a.log; cd -
>
> diff -u --color ac62.log db8a.log
> --- ac62.log 2022-05-14 12:24:23.879695053 +0200
> +++ db8a.log 2022-05-14 12:24:29.658740539 +0200
> @@ -1,5 +1,3 @@
> -./appveyor.yml bf726b6d38fe739d0ce85347b6920b1a
> -./CONTRIBUTING.md c90900532ee96f9f0628996678ad847e
> ./docs/gunicorn_ext.py 92e1e306d274bc426936d7d869c83e24
> ./docs/logo/gunicorn.png 2f1ea5be10f85687cf3aa18c2c8630d4
> ./docs/logo/gunicorn.svg a3a7ea42b3244422f7a893e7e79300ee
> @@ -138,6 +136,13 @@
> ./gunicorn/arbiter.py 21989aa239bcb2e08b82937d694372fc
> ./gunicorn/config.py 497e9a051d2b578fb4da7f4f0e1b80ad
> ./gunicorn/debug.py 380b0787c429aa7b9e4982f0f40c5a5a
> +./gunicorn.egg-info/dependency_links.txt 68b329da9893e34099c7d8ad5cb9c940
> +./gunicorn.egg-info/entry_points.txt 99220ac82ecf0327be9a9408bb4e7264
> +./gunicorn.egg-info/not-zip-safe 68b329da9893e34099c7d8ad5cb9c940
> +./gunicorn.egg-info/PKG-INFO 2cc0989287a8ec45c837c23386a7e5fc
> +./gunicorn.egg-info/requires.txt 432b975e80c2fd6a8a90fa9656cf3f59
> +./gunicorn.egg-info/SOURCES.txt 802689c49aa6bb426dba36c9fbcd904f
> +./gunicorn.egg-info/top_level.txt b4e582fbec7d7ee5253b0afcf4063449
> ./gunicorn/errors.py ed93944e0b91e1546220686e9ce983bb
> ./gunicorn/glogging.py 015ea63387d08f09e4ef6cbaadf171d3
> ./gunicorn/http/body.py 175b02e961bc2f81adaaa07a6f95c6eb
> @@ -166,16 +171,13 @@
> ./gunicorn/workers/sync.py 659cb0f8197a0916c9ec5a2b9ce49a3e
> ./gunicorn/workers/workertmp.py 4d961797f72bc61868b2e218fbf9857f
> ./LICENSE f75f3fb94cdeab1d607e2adaa6077752
> -./MAINTAINERS dfbfe4c49e8a0e2835b5a6e0305d1719
> -./Makefile f655c000182827cff72803ac4e6be357
> ./MANIFEST.in ea4e22f5a74bd4b6039ba6840f27a47c
> ./NOTICE 4ff3dba58ace0076580106c9f300ae68
> -./.pylintrc ec0d83fb315bf216c6e2fff9434bcc78
> +./PKG-INFO 2cc0989287a8ec45c837c23386a7e5fc
> ./README.rst 99bc9aa2bc6875dc46d65beb8f0fb1ae
> ./requirements_dev.txt b553389a8cf923276becc7faed4b4899
> ./requirements_test.txt a1677998f8d772c35e48601cfb885a43
> -./scripts/update_thanks.py bd9c215fe3200edf433f2a68a1167440
> -./setup.cfg 837af3a24e0c3f201c4a81226bb019bf
> +./setup.cfg 2d3f98eaab1812a5edd280bb18f243d3
> ./setup.py a748b86c25e165c86175ce6d2d1b6dfa
> ./tests/config/__init__.py d41d8cd98f00b204e9800998ecf8427e
> ./tests/config/test_cfg_alt.py 284d27ff498c3badae9f164550c0fed7
> @@ -315,5 +317,3 @@
> ./tests/workers/test_geventlet.py 5cbb5945a1a816d26af38e012a250bae
> ./tests/workers/test_ggevent.py 7bd10538d8df95c35c0da1ea20b44b63
> ./THANKS 4d2ec48c381175c4f003309016691eae
> -./tox.ini d4ce66c531dded8c8403fdad1cfbc858
> -./.travis.yml ec6cb8c8410da9f824195880f9306ecb
>
> ----------------8<-----------------------------
>
> So some egg and pkg info has been added and some CI has
> been removed. Let's look into the setup.cfg as that might be
> the most interesting files that has changed.
>
> ----------------8<-----------------------------
>
> diff -u --color
> gunicorn-20.1.0.ac6254576d53c2ede3456561af3f0549/setup.cfg
> gunicorn-20.1.0.db8a7c5c2064000af70286534803bf1d/setup.cfg
> --- gunicorn-20.1.0.ac6254576d53c2ede3456561af3f0549/setup.cfg
> 2021-02-12 22:43:44.000000000 +0100
> +++ gunicorn-20.1.0.db8a7c5c2064000af70286534803bf1d/setup.cfg
> 2021-03-27 02:49:35.000000000 +0100
> @@ -5,3 +5,8 @@
>
> [metadata]
> license_file = LICENSE
> +
> +[egg_info]
> +tag_build =
> +tag_date = 0
> +
>
> ----------------8<-----------------------------
>
> I have looked into the other added files and I don't think this
> is a malicious change but most likely a fixup of a semi broken
> release. IMHO they should have patch/bugfix bumped the
> package.
>
> I will send a version 2 of the patch.
Thanks for digging into this. Unfortunately python3-falcon seems to have
the same issue now :-/.
Michael
--
Pengutronix e.K. | |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
next prev parent reply other threads:[~2022-05-18 13:48 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-05-09 12:05 Bruno Thomsen
2022-05-09 12:05 ` [ptxdist] [PATCH 2/2] python3-falcon: " Bruno Thomsen
2022-05-13 7:15 ` [ptxdist] [PATCH 1/2] python3-gunicorn: " Michael Olbrich
2022-05-14 10:50 ` Bruno Thomsen
2022-05-18 13:47 ` Michael Olbrich [this message]
2022-05-19 16:24 ` Bruno Thomsen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YoT49V+B15WfOC4T@pengutronix.de \
--to=m.olbrich@pengutronix.de \
--cc=bruno.thomsen@gmail.com \
--cc=ptxdist@pengutronix.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox