search

freedomofpress / dangerzone

Take potentially dangerous PDFs, office documents, or images and convert them to safe PDFs
https://dangerzone.rocks/
GNU Affero General Public License v3.0
3.58k stars 168 forks source link

Replace stdeb with a different way to produce Debian packages #773

Closed apyrgio closed 3 weeks ago

apyrgio commented 5 months ago

Dangerzone has been using stdeb since the very beginning (early 2020). At that time, stdeb was still maintained, but this is not the case anymore. It hasn't seen a new release since October 2020 (see the PyPI releases page). Also, it seems to not work with Python 3.12, since it throws this error:

Traceback (most recent call last):
  File "/root/project/setup.py", line 34, in <module>
    setuptools.setup(
  File "/usr/lib/python3/dist-packages/setuptools/__init__.py", line 107, in setup
    return distutils.core.setup(**attrs)
           ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", line 185, in setup
    return run_commands(dist)
           ^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/setuptools/_distutils/core.py", line 201, in run_commands
    dist.run_commands()
  File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", line 969, in run_commands
    self.run_command(cmd)
  File "/usr/lib/python3/dist-packages/setuptools/dist.py", line 1233, in run_command
    super().run_command(command)
  File "/usr/lib/python3/dist-packages/setuptools/_distutils/dist.py", line 988, in run_command
    cmd_obj.run()
  File "/usr/lib/python3/dist-packages/stdeb/command/sdist_dsc.py", line 30, in run
    debinfo = self.get_debinfo()
              ^^^^^^^^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/stdeb/command/common.py", line 197, in get_debinfo
    debinfo = DebianInfo(
              ^^^^^^^^^^^
  File "/usr/lib/python3/dist-packages/stdeb/util.py", line 802, in __init__
    check_cfg_files(cfg_files, module_name)
  File "/usr/lib/python3/dist-packages/stdeb/util.py", line 733, in check_cfg_files
    cfg = ConfigParser.SafeConfigParser()
          ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
AttributeError: module 'configparser' has no attribute 'SafeConfigParser'. Did you mean: 'RawConfigParser'?

The reason for the above error is that Python 3.12 has removed the long deprecated SafeConfigParser class: https://github.com/python/cpython/issues/89336.

Now that we have a good reason to switch .deb builders, we should strongly consider pybuild, which is also used by SecureDrop.

apyrgio commented 2 months ago

Debian Trixie has started failing as well with the same error: https://app.circleci.com/pipelines/github/freedomofpress/dangerzone/2781/workflows/3660952c-d4ca-4b5b-a2a6-e2b41d417d95/jobs/39053?invite=true#step-106-1987_107

legoktm commented 1 month ago

I would suggest doing kinda what I outlined in https://github.com/freedomofpress/dangerzone/issues/323#issuecomment-1485548943, run python3 setup.py --command-packages=stdeb.command sdist_dsc as a one-time thing, commit the generated debian/, and then build the package using the standard dpkg-buildpackage tools. From then on, changes can be made to the debian files instead of going through stdeb.

Now that we have a good reason to switch .deb builders, we should strongly consider pybuild, which is also used by SecureDrop.

SecureDrop doesn't really use pybuild in any important way, we build our own virtualenv and ship that. But using pybuild is probably the right thing for Dangerzone.