Remove this Sigstore version check in favour of existing fail-fast pre-check

hugovk · hugovk · commit e7e01fbeb2f9 · 2025-11-14T16:29:40.000+02:00
diff --git a/add_to_pydotorg.py b/add_to_pydotorg.py
@@ -364,32 +364,6 @@ def has_sigstore_signature(filename: str) -> bool:
             os.path.exists(filename + ".sig") and os.path.exists(filename + ".crt")
         )
 
-    # Ensure that Sigstore CLI installed on the download server is
-    # at least v3.0.0 or later to ensure valid Sigstore bundles are generated.
-    try:
-        sigstore_version_stdout = subprocess.check_output(
-            ["python3", "-m", "sigstore", "--version"]
-        )
-        sigstore_version_match = re.search(
-            r"([0-9][0-9.]*[0-9])", sigstore_version_stdout.decode()
-        )
-        if not sigstore_version_match:
-            error(
-                f"Couldn't determine version of Sigstore CLI: "
-                f"{sigstore_version_stdout.decode()}"
-            )
-        sigstore_version = sigstore_version_match.group(1)
-        sigstore_major_version = int(sigstore_version.partition(".")[0])
-        if sigstore_major_version < 3:
-            error(
-                f"Sigstore v3 or later must be installed "
-                f"(currently {sigstore_version}), "
-                f"run: python -m pip install -r requirements.txt"
-            )
-    except subprocess.CalledProcessError:
-        error("Couldn't determine version of Sigstore CLI")
-    print(f"Sigstore CLI installed is version v{sigstore_version}")
-
     # Skip files that already have a signature (likely source distributions)
     unsigned_files = [
         filename for filename in filenames if not has_sigstore_signature(filename)
