py3-certifi/2025.06.15 package update

[octo-sts]

[octo-sts]

🩹 Build Failed: Patch Application Failed

Hunk #3 FAILED at 70.
Hunk #4 FAILED at 99.
2 out of 4 hunks FAILED -- saving rejects to file certifi/core.py.rej

Build Details

Category	Details
Build System	Melange (Wolfi package build system)
Failure Point	patch -p1 --fuzz=2 --verbose < use-alpine-system-certs.patch

Root Cause Analysis 🔍

The patch file 'use-alpine-system-certs.patch' failed to apply cleanly to the certifi/core.py file. While hunks #1 and #2 applied successfully (with some fuzz/offset), hunks #3 and #4 failed to apply. This indicates the target file has changed significantly from what the patch was created for, making parts of the patch incompatible with the current source code.

---

🔍 Build failure fix suggestions

Found similar build failures that have been fixed in the past and analyzed them to suggest a fix:

Suggested Changes

File: use-alpine-system-certs.patch

• replace at line N/A (The entire patch file needs to be updated)
  Original:

entire patch file

Replacement:

An updated patch file that matches the current structure of certifi/core.py

Content:

The patch file needs to be regenerated to match the current structure of the certifi/core.py file in the 2025.06.15 version. This requires:

1. Checking out the source code
2. Examining the current certifi/core.py file structure
3. Creating a new patch that modifies the file to use Alpine system certificates
4. The new patch should accommodate the changes in hunks #3 and #4 that failed at lines 70 and 99

File: pipeline steps in melange.yaml

• add at line Before the patch step (After the git-checkout step)
  Replacement:

A diagnostic step to view the file content

Content:

  - runs: |
      # Examine the structure of certifi/core.py to identify how it's changed
      cat certifi/core.py
      # This is a temporary step to help diagnose the structure before creating a proper patch

Click to expand fix analysis

Analysis

The build failure occurs because the patch file 'use-alpine-system-certs.patch' cannot be applied cleanly to the certifi/core.py file. Specifically, hunks #3 and #4 failed to apply. This indicates that the upstream source code has changed since the patch was created. The failure is happening with certifi version 2025.06.15, which appears to be a very recent version (potentially even a future version given the 2025 date). Without examples of similar fixes, the primary approach would be to update the patch file to match the current structure of the source code.

Click to expand fix explanation

Explanation

The build failure occurs because the patch file 'use-alpine-system-certs.patch' was created for an older version of certifi, and the current version (2025.06.15) has significant changes in its source code structure. The error message shows that hunks #3 and #4 failed to apply at lines 70 and 99, indicating that those sections of the file have changed substantially.

The primary solution is to update the patch file to match the current structure of the certifi/core.py file. The 'use-alpine-system-certs.patch' is likely attempting to modify certifi to use the system certificate store instead of its bundled certificates, which is a common practice in Linux distributions to ensure system-wide certificate management.

Without seeing the actual content of the current certifi/core.py file or the patch file, I can't provide the exact updated patch content. However, the approach would be to:

1. Examine the current certifi/core.py file structure in version 2025.06.15
2. Understand what the original patch was trying to accomplish (likely redirecting certifi to use system certificates)
3. Create a new patch that achieves the same goal but works with the current file structure
4. Test the new patch to ensure it applies cleanly and achieves the desired functionality

The actual implementation would require analyzing how certifi has changed its certificate handling in the newer version and adjusting the patch accordingly.

Click to expand alternative approaches

Alternative Approaches

• Instead of updating the patch file, consider implementing the changes directly in the Melange build pipeline. After the source is checked out, you could add a 'runs' step that directly modifies the certifi/core.py file to use system certificates.
• Consider checking if there's a newer version of the 'use-alpine-system-certs.patch' file available in Alpine Linux packages that might be compatible with newer certifi versions.
• Examine if certifi now has a built-in way to use system certificates that could be enabled through configuration rather than patching. Some Python packages have evolved to support this use case more elegantly.

---

Was this comment helpful? Please use 👍 or 👎 reactions on this comment.