Added SLSA provenance package.

This provenance package is the implementation of the SLSA provenance specifications at https://slsa.dev/spec/v1.0/provenance For now, at least two enhancements are possible: - Some parameters are TypeURI or ResourceURI, but the specification says they are strings. Setting those attributes as `str` and having a check that they fit with TypeURI or ResourceURI classes could be better. Documentation fixes ------------------- Removed some warning about autoapi documentation, and some about possible classes mixes. Still the warning about PIPE import in TYPE_CHECKING could not be resolved. Review changes -------------- - Removed DigestSet and DigestAlgorithm enum. A digest set is considered a dictionary of str: str. The ResourceDescriptor's digest may be set, or new digest added by the add_digest() method. - The dir_hash() method has been moved to ResourceDescriptor ... maybe not the best place though. - Fixed a minor typo in the dsse package documentation - Added `as_dict()`, `as_json()`, `load_dict()` and `load_json()` for all the objects. - Added a provenance file example in the tests, and load it.
AdaCore · Oct 31, 2023 · 0133ca5 · 0133ca5
1 parent 7f5765c
commit 0133ca5
Show file tree

Hide file tree

Showing 9 changed files with 2,888 additions and 9 deletions.
diff --git a/docs/source/conf.py b/docs/source/conf.py
@@ -41,6 +41,9 @@
 templates_path = ["_templates"]
 autoapi_template_dir = "source/autoapi_templates"
 
+# Remove warnings for auto API template.
+exclude_patterns = ["autoapi_templates/index.rst"]
+
 # The suffix(es) of source filenames.
 # You can specify multiple suffix as a list of string:
 #
@@ -52,17 +55,17 @@
 
 # General information about the project.
 project = "e3-core"
-copyright = "2017, AdaCore"  # noqa: A001
+project_copyright = "2017, AdaCore"
 author = "AdaCore"
 
 # The version info for the project you're documenting, acts as replacement for
 # |version| and |release|, also used in various other places throughout the
 # built documents.
 #
 # The short X.Y version.
-version = "21.0"
+version = "24.0"
 # The full version, including alpha/beta/rc tags.
-release = "21.0"
+release = "24.0"
 
 # The name of the Pygments (syntax highlighting) style to use.
 pygments_style = "sphinx"
@@ -75,11 +78,11 @@
 html_theme = "sphinx_rtd_theme"
 html_theme_path = [sphinx_rtd_theme.get_html_theme_path()]
 
-
 # Add any paths that contain custom static files (such as style sheets) here,
 # relative to this directory. They are copied after the builtin static files,
 # so a file named "default.css" will overwrite the builtin "default.css".
-html_static_path = ["_static"]
+# html_static_path = ["_static"]
+html_static_path = []
 
 
 # -- Options for HTMLHelp output ------------------------------------------

diff --git a/setup.py b/setup.py
@@ -71,6 +71,8 @@
         "License :: OSI Approved :: GNU General Public License v3 (GPLv3)",
         "Programming Language :: Python :: 3.9",
         "Programming Language :: Python :: 3.10",
+        "Programming Language :: Python :: 3.11",
+        "Programming Language :: Python :: 3.12",
         "Topic :: Software Development :: Build Tools",
     ],
     packages=find_packages(where="src"),

diff --git a/src/e3/dsse.py b/src/e3/dsse.py
@@ -54,7 +54,7 @@ def verify(self, certificate: str) -> bool:
         The current algorithm is to check that at least one signature correspond
         to the certificate given as parameter. This part should be improved
 
-        :param certifciate: path to the certificate containing the public key
+        :param certificate: path to the certificate containing the public key
         :return: True if one of the signature can be checked with the certificate
         """
         # First get the public key

diff --git a/src/e3/job/walk.py b/src/e3/job/walk.py
@@ -20,6 +20,8 @@
 class Walk:
     """An abstract class scheduling and executing a DAG of actions.
 
+    .. |ReturnValue| replace:: :class:`~e3.anod.status.ReturnValue`
+
     :ivar actions: DAG of actions to perform.
     :vartype actions: DAG
     :ivar prev_fingerprints: A dict of e3.fingerprint.Fingerprint objects,
@@ -35,13 +37,13 @@ class Walk:
         (with the job corresponding to a given entry in the DAG of
         actions).
     :vartype new_fingerprints: dict[str, Fingerprint | None]
-    :ivar job_status: A dictionary of job status (ReturnValue), indexed by
+    :ivar job_status: A dictionary of job status (|ReturnValue|), indexed by
         job unique IDs.
-    :vartype job_status: dict[str, ReturnValue]
+    :vartype job_status: dict[str, |ReturnValue|]
     :ivar scheduler: The scheduler used to schedule and execute all
         the actions.
     :vartype scheduler: e3.job.scheduler.Scheduler
-    """
+    """  # noqa RST304
 
     def __init__(self, actions: DAG):
         """Object initializer.

diff --git a/src/e3/slsa/__init__.py b/src/e3/slsa/__init__.py
@@ -0,0 +1 @@
+"""SLSA (Supply-chain Levels for Software Artifacts) package."""
Original file line number	Diff line number	Diff line change
		@@ -0,0 +1 @@
		"""SLSA (Supply-chain Levels for Software Artifacts) package."""