kumquat-buildroot/package/python-pip/python-pip.mk

################################################################################
#
# python-pip
#
################################################################################

PYTHON_PIP_VERSION = 22.3.1
PYTHON_PIP_SOURCE = pip-$(PYTHON_PIP_VERSION).tar.gz
PYTHON_PIP_SITE = https://files.pythonhosted.org/packages/a3/50/c4d2727b99052780aad92c7297465af5fe6eec2dbae490aa9763273ffdc1
PYTHON_PIP_SETUP_TYPE = setuptools
PYTHON_PIP_LICENSE = MIT
PYTHON_PIP_LICENSE_FILES = LICENSE.txt
PYTHON_PIP_CPE_ID_VENDOR = pypa
PYTHON_PIP_CPE_ID_PRODUCT = pip
# Disputed CVE: things work as designed, and only affects the
# --extra-index-url option. This CVE will never be fixed.
PYTHON_PIP_IGNORE_CVES += CVE-2018-20225

$(eval $(python-package))
$(eval $(host-python-package))
python-pip: new package A useful tool for managing and installing python packages. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-08-07 00:46:15 +02:00			`################################################################################`
			`#`
			`# python-pip`
			`#`
			`################################################################################`

package/python-pip: bump to version 22.3.1 Signed-off-by: James Hilliard <james.hilliard1@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2022-12-14 15:38:58 +01:00			`PYTHON_PIP_VERSION = 22.3.1`
python-pip: new package A useful tool for managing and installing python packages. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-08-07 00:46:15 +02:00			`PYTHON_PIP_SOURCE = pip-$(PYTHON_PIP_VERSION).tar.gz`
package/python-pip: bump to version 22.3.1 Signed-off-by: James Hilliard <james.hilliard1@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2022-12-14 15:38:58 +01:00			`PYTHON_PIP_SITE = https://files.pythonhosted.org/packages/a3/50/c4d2727b99052780aad92c7297465af5fe6eec2dbae490aa9763273ffdc1`
python-pip: new package A useful tool for managing and installing python packages. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-08-07 00:46:15 +02:00			`PYTHON_PIP_SETUP_TYPE = setuptools`
			`PYTHON_PIP_LICENSE = MIT`
			`PYTHON_PIP_LICENSE_FILES = LICENSE.txt`
package/python-pip: add CPE variables cpe:2.3:a:pypa:pip is a valid CPE identifier for this package: https://nvd.nist.gov/products/cpe/search/results?namingFormat=2.3&keyword=cpe%3A2.3%3Aa%3Apypa%3Apip Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2021-04-05 18:59:48 +02:00			`PYTHON_PIP_CPE_ID_VENDOR = pypa`
			`PYTHON_PIP_CPE_ID_PRODUCT = pip`
package/python-pip: ignore CVE-2018-20225 See https://security-tracker.debian.org/tracker/CVE-2018-20225 for the rationale of ignoring this CVE. Things basically work as intended. Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> 2023-09-03 00:14:24 +02:00			`# Disputed CVE: things work as designed, and only affects the`
			`# --extra-index-url option. This CVE will never be fixed.`
			`PYTHON_PIP_IGNORE_CVES += CVE-2018-20225`
python-pip: new package A useful tool for managing and installing python packages. Signed-off-by: Adam Duskett <aduskett@gmail.com> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com> 2018-08-07 00:46:15 +02:00
			`$(eval $(python-package))`
package/python-pip: add host variant Some packages, like libselinux, use pip to perform the installation step of their python bindings. Those packages do have to use our host python when building, so that it matches the target python. So we need to have a host variant of pip that is usable with our host python. Signed-off-by: Adam Duskett <aduskett@gmail.com> [yann.morin.1998@free.fr: reword commit log] Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr> 2023-04-25 19:14:43 +02:00			`$(eval $(host-python-package))`