diff options
| author | Miss Islington (bot) <31488909+miss-islington@users.noreply.github.com> | 2024-03-27 22:16:19 (GMT) |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-27 22:16:19 (GMT) |
| commit | 8d42c57789b11f838da40cdc3f129b2115368dd9 (patch) | |
| tree | 89ca5ee14d8f9354b3ae63e48ab9ca220b60f19b | |
| parent | 17a82a1d16a46b6c008240bcc698619419ce5554 (diff) | |
| download | cpython-8d42c57789b11f838da40cdc3f129b2115368dd9.zip cpython-8d42c57789b11f838da40cdc3f129b2115368dd9.tar.gz cpython-8d42c57789b11f838da40cdc3f129b2115368dd9.tar.bz2 | |
[3.12] gh-99108: Update and check HACL* version information (GH-117295) (GH-117302)
gh-99108: Update and check HACL* version information (GH-117295)
(cherry picked from commit 669ef49c7d42f35da6f7ee280102353b9b37f83e)
Co-authored-by: Seth Michael Larson <seth@python.org>
| -rw-r--r-- | Misc/sbom.spdx.json | 8 | ||||
| -rw-r--r-- | Tools/build/generate_sbom.py | 14 |
2 files changed, 18 insertions, 4 deletions
diff --git a/Misc/sbom.spdx.json b/Misc/sbom.spdx.json index fb9dd7c..5612c9c 100644 --- a/Misc/sbom.spdx.json +++ b/Misc/sbom.spdx.json @@ -1584,14 +1584,14 @@ "checksums": [ { "algorithm": "SHA256", - "checksumValue": "c23ac158b238c368389dc86bfc315263e5c0e57785da74144aea2cab9a3d51a2" + "checksumValue": "e31e4ca10da91c585793c0eaf1b98aee3cb43e3a58d3d8d478593e5a6bd82927" } ], - "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/521af282fdf6d60227335120f18ae9309a4b8e8c.zip", + "downloadLocation": "https://github.com/hacl-star/hacl-star/archive/bb3d0dc8d9d15a5cd51094d5b69e70aa09005ff0.zip", "externalRefs": [ { "referenceCategory": "SECURITY", - "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:521af282fdf6d60227335120f18ae9309a4b8e8c:*:*:*:*:*:*:*", + "referenceLocator": "cpe:2.3:a:hacl-star:hacl-star:bb3d0dc8d9d15a5cd51094d5b69e70aa09005ff0:*:*:*:*:*:*:*", "referenceType": "cpe23Type" } ], @@ -1599,7 +1599,7 @@ "name": "hacl-star", "originator": "Organization: HACL* Developers", "primaryPackagePurpose": "SOURCE", - "versionInfo": "521af282fdf6d60227335120f18ae9309a4b8e8c" + "versionInfo": "bb3d0dc8d9d15a5cd51094d5b69e70aa09005ff0" }, { "SPDXID": "SPDXRef-PACKAGE-libb2", diff --git a/Tools/build/generate_sbom.py b/Tools/build/generate_sbom.py index 6aa4946..5c1851f 100644 --- a/Tools/build/generate_sbom.py +++ b/Tools/build/generate_sbom.py @@ -183,6 +183,20 @@ def check_sbom_packages(sbom_data: dict[str, typing.Any]) -> None: ), ) + # HACL* specifies its expected rev in a refresh script. + if package["name"] == "hacl-star": + hacl_refresh_sh = (CPYTHON_ROOT_DIR / "Modules/_hacl/refresh.sh").read_text() + hacl_expected_rev_match = re.search( + r"expected_hacl_star_rev=([0-9a-f]{40})", + hacl_refresh_sh + ) + hacl_expected_rev = hacl_expected_rev_match and hacl_expected_rev_match.group(1) + + error_if( + hacl_expected_rev != version, + "HACL* SBOM version doesn't match value in 'Modules/_hacl/refresh.sh'" + ) + # License must be on the approved list for SPDX. license_concluded = package["licenseConcluded"] error_if( |