summaryrefslogtreecommitdiffstats
path: root/Tools
diff options
context:
space:
mode:
authorMiss Islington (bot) <31488909+miss-islington@users.noreply.github.com>2024-03-27 22:16:19 (GMT)
committerGitHub <noreply@github.com>2024-03-27 22:16:19 (GMT)
commit8d42c57789b11f838da40cdc3f129b2115368dd9 (patch)
tree89ca5ee14d8f9354b3ae63e48ab9ca220b60f19b /Tools
parent17a82a1d16a46b6c008240bcc698619419ce5554 (diff)
downloadcpython-8d42c57789b11f838da40cdc3f129b2115368dd9.zip
cpython-8d42c57789b11f838da40cdc3f129b2115368dd9.tar.gz
cpython-8d42c57789b11f838da40cdc3f129b2115368dd9.tar.bz2
[3.12] gh-99108: Update and check HACL* version information (GH-117295) (GH-117302)
gh-99108: Update and check HACL* version information (GH-117295) (cherry picked from commit 669ef49c7d42f35da6f7ee280102353b9b37f83e) Co-authored-by: Seth Michael Larson <seth@python.org>
Diffstat (limited to 'Tools')
-rw-r--r--Tools/build/generate_sbom.py14
1 files changed, 14 insertions, 0 deletions
diff --git a/Tools/build/generate_sbom.py b/Tools/build/generate_sbom.py
index 6aa4946..5c1851f 100644
--- a/Tools/build/generate_sbom.py
+++ b/Tools/build/generate_sbom.py
@@ -183,6 +183,20 @@ def check_sbom_packages(sbom_data: dict[str, typing.Any]) -> None:
),
)
+ # HACL* specifies its expected rev in a refresh script.
+ if package["name"] == "hacl-star":
+ hacl_refresh_sh = (CPYTHON_ROOT_DIR / "Modules/_hacl/refresh.sh").read_text()
+ hacl_expected_rev_match = re.search(
+ r"expected_hacl_star_rev=([0-9a-f]{40})",
+ hacl_refresh_sh
+ )
+ hacl_expected_rev = hacl_expected_rev_match and hacl_expected_rev_match.group(1)
+
+ error_if(
+ hacl_expected_rev != version,
+ "HACL* SBOM version doesn't match value in 'Modules/_hacl/refresh.sh'"
+ )
+
# License must be on the approved list for SPDX.
license_concluded = package["licenseConcluded"]
error_if(