Skip to content

Commit

Permalink
[3.12] gh-99108: Update and check HACL* version information (GH-117295)…
Browse files Browse the repository at this point in the history
… (GH-117302)

gh-99108: Update and check HACL* version information (GH-117295)

(cherry picked from commit 669ef49)

Co-authored-by: Seth Michael Larson <seth@python.org>
  • Loading branch information
miss-islington and sethmlarson authored Mar 27, 2024
1 parent 17a82a1 commit 8d42c57
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 4 deletions.
8 changes: 4 additions & 4 deletions Misc/sbom.spdx.json

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

14 changes: 14 additions & 0 deletions Tools/build/generate_sbom.py
Original file line number Diff line number Diff line change
Expand Up @@ -183,6 +183,20 @@ def check_sbom_packages(sbom_data: dict[str, typing.Any]) -> None:
),
)

# HACL* specifies its expected rev in a refresh script.
if package["name"] == "hacl-star":
hacl_refresh_sh = (CPYTHON_ROOT_DIR / "Modules/_hacl/refresh.sh").read_text()
hacl_expected_rev_match = re.search(
r"expected_hacl_star_rev=([0-9a-f]{40})",
hacl_refresh_sh
)
hacl_expected_rev = hacl_expected_rev_match and hacl_expected_rev_match.group(1)

error_if(
hacl_expected_rev != version,
"HACL* SBOM version doesn't match value in 'Modules/_hacl/refresh.sh'"
)

# License must be on the approved list for SPDX.
license_concluded = package["licenseConcluded"]
error_if(
Expand Down

0 comments on commit 8d42c57

Please sign in to comment.