Not quite as exciting as the news from Christian, but maybe for a different set of people: Yesterday I forked the python-gnutls project into PyGnuTLS.
At the moment to create a PKCS-7 signature on the LVFS I write all the inputs to disk, call certtool
(via bubblewrap
for security) and then read back the written file from disk. This is the current signing bottleneck we have when re-signing lots of firmware archives at the same time.
This convoluted process was because the python-gnutls maintainer didn’t want to merge any patches that added functionality he did not need himself, and also because there was no interest in porting to Python 3 or adding any documentation.
I’ve spent most of today tidying up the codebase, creating unit tests (!) and merging the historically NAKd patches from various people and then porting to Python 3. Next week I’ll upload PyGnuTLS to PyPI and when that’s available there’s already a branch for the LVFS that can use this super-new project.
If you’re a Pythonista, and have 15 minutes, I’d appreciate some review of the project so far. Unlike the previous maintainer, I’m accepting patches too.