Stowage/cpython
2
0
Fork 0
mirror of https://github.com/python/cpython.git synced 2025-12-08 06:10:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

[3.13] gh-139330: Check expat version/checksum in SBOM with refresh.sh

Browse source 
gh-139330: Check expat version/checksum in SBOM with refresh.sh

Check expat version/checksum in SBOM with refresh.sh
(cherry picked from commit 89b5571025)

Co-authored-by: Seth Michael Larson <seth@python.org>
This commit is contained in:
Miss Islington (bot) 2025-09-25 20:05:09 +02:00 committed by GitHub
parent d1f6b392e4
commit 11d6c460b8
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 9 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

4
Tools/build/generate_sbom.py
View file

@ -245,14 +245,14 @@ def check_sbom_packages(sbom_data: dict[str, typing.Any]) -> None:
)
# libexpat specifies its expected rev in a refresh script.
if package["name"] == "libexpat":
if package["name"] == "expat":
libexpat_refresh_sh = (CPYTHON_ROOT_DIR / "Modules/expat/refresh.sh").read_text()
libexpat_expected_version_match = re.search(
r"expected_libexpat_version=\"([0-9]+\.[0-9]+\.[0-9]+)\"",
libexpat_refresh_sh
)
libexpat_expected_sha256_match = re.search(
r"expected_libexpat_sha256=\"[a-f0-9]{40}\"",
r"expected_libexpat_sha256=\"([a-f0-9]{64})\"",
libexpat_refresh_sh
)
libexpat_expected_version = libexpat_expected_version_match and libexpat_expected_version_match.group(1)