{"id":22282054,"url":"https://github.com/fedora-infra/python-fedora","last_synced_at":"2025-10-08T06:44:49.759Z","repository":{"id":6468743,"uuid":"7708613","full_name":"fedora-infra/python-fedora","owner":"fedora-infra","description":"A Python library for interacting with, and connecting to, Fedora services.","archived":false,"fork":false,"pushed_at":"2024-06-16T21:30:25.000Z","size":4159,"stargazers_count":35,"open_issues_count":14,"forks_count":43,"subscribers_count":17,"default_branch":"develop","last_synced_at":"2025-10-06T16:00:46.725Z","etag":null,"topics":["api","authentication","fedora-project","python","turbogears"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"lgpl-2.1","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/fedora-infra.png","metadata":{"files":{"readme":"README.rst","changelog":"NEWS","contributing":null,"funding":null,"license":"COPYING","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":"AUTHORS","dei":null,"publiccode":null,"codemeta":null}},"created_at":"2013-01-19T20:48:42.000Z","updated_at":"2025-09-08T13:29:28.000Z","dependencies_parsed_at":"2024-06-19T00:05:44.450Z","dependency_job_id":"f5f04b9b-98e3-4944-89dc-b0d04eda45a9","html_url":"https://github.com/fedora-infra/python-fedora","commit_stats":{"total_commits":1547,"total_committers":90,"mean_commits":17.18888888888889,"dds":0.5908209437621202,"last_synced_commit":"54b015371c944f23a4c49f30ef914fd658ff0c94"},"previous_names":[],"tags_count":34,"template":false,"template_full_name":null,"purl":"pkg:github/fedora-infra/python-fedora","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-infra%2Fpython-fedora","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-infra%2Fpython-fedora/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-infra%2Fpython-fedora/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-infra%2Fpython-fedora/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/fedora-infra","download_url":"https://codeload.github.com/fedora-infra/python-fedora/tar.gz/refs/heads/develop","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/fedora-infra%2Fpython-fedora/sbom","scorecard":{"id":395441,"data":{"date":"2025-08-11","repo":{"name":"github.com/fedora-infra/python-fedora","commit":"54b015371c944f23a4c49f30ef914fd658ff0c94"},"scorecard":{"version":"v5.2.1-40-gf6ed084d","commit":"f6ed084d17c9236477efd66e5b258b9d4cc7b389"},"score":3,"checks":[{"name":"Code-Review","score":5,"reason":"Found 16/27 approved changesets -- score normalized to 5","details":null,"documentation":{"short":"Determines if the project requires human code review before pull requests (aka merge requests) are merged.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#code-review"}},{"name":"Packaging","score":-1,"reason":"packaging workflow not detected","details":["Warn: no GitHub/GitLab publishing workflow detected."],"documentation":{"short":"Determines if the project is published as a package that others can easily download, install, easily update, and uninstall.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#packaging"}},{"name":"Token-Permissions","score":-1,"reason":"No tokens found","details":null,"documentation":{"short":"Determines if the project's workflows follow the principle of least privilege.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#token-permissions"}},{"name":"Maintained","score":0,"reason":"0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0","details":null,"documentation":{"short":"Determines if the project is \"actively maintained\".","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#maintained"}},{"name":"Dangerous-Workflow","score":-1,"reason":"no workflows found","details":null,"documentation":{"short":"Determines if the project's GitHub Action workflows avoid dangerous patterns.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#dangerous-workflow"}},{"name":"Binary-Artifacts","score":10,"reason":"no binaries found in the repo","details":null,"documentation":{"short":"Determines if the project has generated executable (binary) artifacts in the source repository.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#binary-artifacts"}},{"name":"Pinned-Dependencies","score":-1,"reason":"no dependencies found","details":null,"documentation":{"short":"Determines if the project has declared and pinned the dependencies of its build process.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#pinned-dependencies"}},{"name":"CII-Best-Practices","score":0,"reason":"no effort to earn an OpenSSF best practices badge detected","details":null,"documentation":{"short":"Determines if the project has an OpenSSF (formerly CII) Best Practices Badge.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#cii-best-practices"}},{"name":"Security-Policy","score":0,"reason":"security policy file not detected","details":["Warn: no security policy file detected","Warn: no security file to analyze","Warn: no security file to analyze","Warn: no security file to analyze"],"documentation":{"short":"Determines if the project has published a security policy.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#security-policy"}},{"name":"Fuzzing","score":0,"reason":"project is not fuzzed","details":["Warn: no fuzzer integrations found"],"documentation":{"short":"Determines if the project uses fuzzing.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#fuzzing"}},{"name":"Signed-Releases","score":8,"reason":"2 out of the last 2 releases have a total of 2 signed artifacts.","details":["Info: signed release artifact: python-fedora-0.10.0.tar.gz.asc: https://github.com/fedora-infra/python-fedora/releases/tag/0.10.0","Info: signed release artifact: python-fedora-0.9.0.tar.gz.asc: https://github.com/fedora-infra/python-fedora/releases/tag/0.9.0","Warn: release artifact 0.10.0 does not have provenance: https://api.github.com/repos/fedora-infra/python-fedora/releases/9485446","Warn: release artifact 0.9.0 does not have provenance: https://api.github.com/repos/fedora-infra/python-fedora/releases/7322832"],"documentation":{"short":"Determines if the project cryptographically signs release artifacts.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#signed-releases"}},{"name":"License","score":10,"reason":"license file detected","details":["Info: project has a license file: COPYING:0","Info: FSF or OSI recognized license: GNU Lesser General Public License v2.1: COPYING:0"],"documentation":{"short":"Determines if the project has defined a license.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#license"}},{"name":"Branch-Protection","score":0,"reason":"branch protection not enabled on development/release branches","details":["Warn: branch protection not enabled for branch 'develop'"],"documentation":{"short":"Determines if the default and release branches are protected with GitHub's branch protection settings.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#branch-protection"}},{"name":"Vulnerabilities","score":0,"reason":"15 existing vulnerabilities detected","details":["Warn: Project is vulnerable to: PYSEC-2014-14 / GHSA-652x-xj99-gmcc","Warn: Project is vulnerable to: GHSA-9hjg-9r4m-mvj7","Warn: Project is vulnerable to: GHSA-9wx4-h78v-vm56","Warn: Project is vulnerable to: PYSEC-2014-13 / GHSA-cfj3-7x9c-4p3h","Warn: Project is vulnerable to: PYSEC-2018-28 / GHSA-x84v-xcm2-53pg","Warn: Project is vulnerable to: GHSA-34jh-p97f-mpxf","Warn: Project is vulnerable to: PYSEC-2023-212 / GHSA-g4mx-q9vg-27p4","Warn: Project is vulnerable to: PYSEC-2023-207 / GHSA-gwvm-45gx-3cf8","Warn: Project is vulnerable to: PYSEC-2019-133 / GHSA-mh33-7rrq-662w","Warn: Project is vulnerable to: GHSA-pq67-6m6q-mj2v","Warn: Project is vulnerable to: PYSEC-2019-132 / GHSA-r64q-w8jr-g9qp","Warn: Project is vulnerable to: PYSEC-2023-192 / GHSA-v845-jxx5-vc9f","Warn: Project is vulnerable to: PYSEC-2020-148 / GHSA-wqvq-5m8c-6g24","Warn: Project is vulnerable to: PYSEC-2018-32 / GHSA-www2-v7xj-xrc6","Warn: Project is vulnerable to: PYSEC-2021-108"],"documentation":{"short":"Determines if the project has open, known unfixed vulnerabilities.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#vulnerabilities"}},{"name":"SAST","score":0,"reason":"SAST tool is not run on all commits -- score normalized to 0","details":["Warn: 0 commits out of 21 are checked with a SAST tool"],"documentation":{"short":"Determines if the project uses static code analysis.","url":"https://github.com/ossf/scorecard/blob/f6ed084d17c9236477efd66e5b258b9d4cc7b389/docs/checks.md#sast"}}]},"last_synced_at":"2025-08-18T18:52:52.787Z","repository_id":6468743,"created_at":"2025-08-18T18:52:52.787Z","updated_at":"2025-08-18T18:52:52.787Z"},"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":278903016,"owners_count":26065786,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-08T02:00:06.501Z","response_time":56,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["api","authentication","fedora-project","python","turbogears"],"created_at":"2024-12-03T16:25:04.373Z","updated_at":"2025-10-08T06:44:49.742Z","avatar_url":"https://github.com/fedora-infra.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"====================\nPython Fedora Module\n====================\n\n:Author: Patrick Uiterwijk\n:Date: 21 April 2016\n:Version: 0.8.x\n\nThe Fedora module provides a python API for building `Fedora Services`_ and\nclients that connect to them.  It has functions and classes that help to build\nTurboGears_ applications and classes to make building clients of those\nservices much easier.\n\n.. _`Fedora Services`: doc/service.html\n.. _TurboGears: http://www.turbogears.org\n\n.. contents::\n\n-------\nLicense\n-------\n\nThis python module is distributed under the terms of the GNU Lesser General\nPublic License Version 2 or later.\n\n------------\nDependencies\n------------\n\n``python-fedora`` requires the ``munch``, ``kitchen``, and ``requests`` python\nmodules.  It used to use ``pycurl``, but was updated to use ``requests`` as of\nversion ``0.3.32``.\nThe ``flask_fas_openid`` module requires the ``python-openid`` and\n``python-openid-teams`` modules.\n\n----------\nInstalling\n----------\n\n``python-fedora`` is found in rpm form in Fedora proper.  Sometimes a new\nversion will be placed in the Fedora Infrastructure ``yum`` repository for testing\nwithin Infrastructure before being released to the general public.  Installing\nfrom the yum repository should be as easy as::\n\n\t$ yum install python-fedora\n\nIf you want to install from a checkout of the development branch, follow these\nprocedures::\n\n    $ git clone https://github.com/fedora-infra/python-fedora.git\n    $ cd python-fedora\n    $ ./setup.py install\n\nSee the configuration notes in each section for information on configuring\nyour application after install.\n\n-----------------------\nDevelopment Environment\n-----------------------\n\n1) Create and Activate a virtual environment::\n\n        python3 -m venv .venv\n        source .venv/bin/activate\n\n2) Upgrade pip and install Dependencies::\n\n        pip install --upgrade pip\n        pip install -r requirements.txt\n        pip install -r test_requirements.txt\n\n3) Run the unit tests::\n\n        tox test\n\n---------------------------\nFedora Accounts Integration\n---------------------------\n\nWe provide several modules that make connecting to the `Fedora Account\nSystem`_ easier.\n\n.. _`Fedora Account System`: https://fedorahosted.org/fas\n\nGeneral Purpose API\n===================\nThe ``fedora.client.fas2`` module allows code to integrate with the `Fedora\nAccount System`_. It uses the JSON interface provided by the Account System\nservre to retrieve information about users.\n\nNote: This API is not feature complete. If you'd like to help add methods,\ndocument the existing methods, or otherwise aid in development of this API\nplease contact us on the infrastructure list: infrastructure@lists.fedoraproject.org\nor on IRC: lmacken, abadger1999, and ricky in ``#fedora-admin``, ``irc.freenode.net``\n\nUsing the general API requires instantiating an ``AccountSystem`` object. You\nthen use methods on the ``AccountSystem`` to get and set information on the\npeople in the account system.\n\nAt the moment, there are only a few methods implemented. Full documentation on\nthese methods is available from the ``AccountSystem``'s docstrings from the\ninterpreter or, for instance, by running::\n\n    $ pydoc fedora.client.fas2.AccountSystem\n\nHere's an example of using the ``AccountSystem``::\n\n\tfrom fedora.client.fas2 import AccountSystem\n\tfrom fedora.client import AuthError\n\n\t# Get an AccountSystem object.  All AccountSystem methods need to be\n\t# authenticated so you might as well give username and password here.\n\tfas = AccountSystem(username='foo', password='bar')\n\n\tpeople = fas.people_by_id()\n\nTurboGears Interface\n====================\n\nThe TurboGears_ interface also uses the JSON interface to the account system.\nIt provides a TurboGears_ ``visit`` and ``identity`` plugin so a TurboGears_\napplication can authorize via FAS. Since the plugin operates over JSON, it is\npossible to use these plugins on hosts outside of Fedora Infrastructure as\nwell as within.  Remember, however, that entering your Fedora password on a\nthird party website requires you to trust that website. So doing things this\nway is more useful for developers wanting to work on their apps outside of\nFedora Infrastructure than a general purpose solution for allowing Fedora\nUsers to access your web app. (SSL client certificates and OpenID are better\nsolutions to this problem but they are still being implemented in the FAS2\nserver.)\n\nConfiguring\n-----------\nTo configure your TurboGears_ application, you need to set the following\nvariables in your pkgname/config/app.cfg file::\n\n    fas.url='https://admin.fedoraproject.org/accounts/'\n    visit.on=True\n    visit.manager=\"jsonfas\"\n    identity.on=\"True\"\n    identity.failure_url=\"/login\"\n    identity.provider=\"jsonfas\"\n\n---------------\nFedora Services\n---------------\n\n``python-fedora`` provides several helper classes and functions for building a\nTurboGears_ application that works well with other `Fedora Services`_.  the\n`Fedora Services`_ documentation is the best place to learn more about these.\n\n-----------------\nTurboGears Client\n-----------------\nThere is a module to make writing a client for our TurboGears services very\neasy.  Please see the `client documentation`_ for more details\n\n.. _`client documentation`: doc/client.rst\n\n-----------------\nBuilding the docs\n-----------------\n\nYou'll need to install python-sphinx for this::\n\n    yum install python-sphinx\n\nThen run this command::\n\n    python setup.py build_sphinx\n\n------------\nTranslations\n------------\n\nThe strings in python-fedora has mainly error messages.  These are translated\nso we should make sure that translators are able to translate them when\nnecessary.  You will need babel, setuptools, and zanata-client to run these\ncommands::\n\n    yum install babel setuptools zanata-client\n\nMuch information about using zanata for translations can be found in the\n`zanata user's guide`_.  The information in this section is largely from\nexperimenting with the information in the `zanata client documentation`_\n\n.. _`zanata user's guide`: http://zanata.readthedocs.org\n.. _`zanata client documentation`: http://zanata-client.readthedocs.org/en/latest/\n\nUpdating the POT File\n=====================\n\nWhen you make changes that change the translatable strings in the package, you\nshould update the POT file.  Use the following distutils command (provided by\npython-babel) to do that::\n\n    ./setup.py extract_messages -o translations/python-fedora.pot\n    zanata-cli push\n\nThen commit your changes to source control.\n\nUpdating the PO Files\n=====================\n\n`fedora.zanata.org \u003chttps://fedora.zanata.org/\u003e`_ will merge the strings inside the pot file with the already\ntranslated strings.  To merge these, we just need to pull revised versions of\nthe po files::\n\n    zanata-cli pull\n\nThen commit the changes to source control (look for any brand new PO files that\nzanata may have created).\n\nCreating a new PO File\n======================\n\nThe easiest way to create a new po file for a new language is in 's\nweb UI.\n\n* Visit `this \u003chttps://fedora.zanata.org/iteration/view/python-fedora\u003e`_\n\n\nCompiling Message Catalogs\n==========================\n\nMessage catalogs can be compiled for testing and should always be compiled\njust prior to release.  Do this with the following script::\n\n    python releaseutils.py build_catalogs\n\nCompiled message catalogs should not be committed to source control.\n\nInstalling Message Catalogs\n===========================\n\n``python releaseutils.py install_catalogs`` will install the catalogs.  This\ncommand may be customized through the use of environment variables.  See ``python\nreleaseutils.py --help`` for details.\n\n-------\nRelease\n-------\n\n0) Commit all features, hotfixes, etc that you want in the release into the\n   develop branch.\n\n1) Checkout a copy of the repository and setup git flow::\n\n        git clone https://github.com/fedora-infra/python-fedora.git\n        cd python-fedora\n        git flow init\n\n2) Create a release branch for all of our work::\n\n        git flow release start $VERSION\n\n3) Download new translations and verify they are valid by compiling them::\n\n        zanata-cli pull\n        python releaseutils.py build_catalogs\n        # If everything checks out\n        git commit -m 'Merge new translations from fedora.zanata.org'\n\n4) Make sure that the NEWS file is accurate (use ``git log`` if needed).\n\n5) Update python-fedora.spec and fedora/release.py with the new version\n   information.::\n\n        # Make edits to python-fedora.spec and release.py\n        git commit\n\n6) Make sure the docs are proper and publish them::\n\n        # Build docs and check for errors\n        python setup.py build_sphinx\n        # pypi\n        python setup.py upload_docs\n\n7) Push the release branch to the server::\n\n        # Update files\n        git flow release publish $VERSION\n\n8) Go to a temporary directory and checkout a copy of the release::\n\n        cd ..\n        git clone https://github.com/fedora-infra/python-fedora.git release\n        cd release\n        git checkout release/$VERSION\n\n9) Create the tarball in this clean checkout::\n\n        python setup.py sdist\n\n10) copy the dist/python-fedora-VERSION.tar.gz and python-fedora.spec files to\n    where you build Fedora RPMS.  Do a test build::\n\n        cp dist/python-fedora-*.tar.gz python-fedora.spec /srv/git/python-fedora/\n        pushd /srv/git/python-fedora/\n        fedpkg switch-branch master\n        make mockbuild\n\n11) Make sure the build completes.  Run rpmlint on the results.  Install and\n    test the new packages::\n\n        rpmlint *rpm\n        sudo rpm -Uvh *noarch.rpm\n        [test]\n\n12) When satisfied that the build works, create a fresh tarball and upload to\n    pypi::\n\n        popd   # Back to the release directory\n        python setup.py sdist upload --sign\n\n13) copy the same tarball to fedorahosted.  The directory to upload to is\n    slightly different for fedorahosted admins vs normal fedorahosted users:\n    Admin::\n\n        scp dist/python-fedora*tar.gz* fedorahosted.org:/srv/web/releases/p/y/python-fedora/\n\n    Normal contributor::\n\n        scp dist/python-fedora*tar.gz* fedorahosted.org:python-fedora\n\n14) mark the release as finished in git::\n\n        cd ../python-fedora\n        git flow release finish $VERSION\n        git push --all\n        git push --tags\n\n15) Finish building and pushing packages for Fedora.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffedora-infra%2Fpython-fedora","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffedora-infra%2Fpython-fedora","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffedora-infra%2Fpython-fedora/lists"}