Require a newer version of pysequoia to fix signature validation

[dralley]

skopeo standalone-verify creates slightly atypical (but legal) PGP signatures which pysequoia <= 0.1.32 was rejecting (via gpg_verify() from pulpcore).

We need to declare compatibility with the new version

📜 Checklist

• Commits are cleanly separated with meaningful messages (simple features and bug fixes should be squashed to one commit)
• A changelog entry or entries has been added for any significant changes
• Follows the Pulp policy on AI Usage
• (For new features) - User documentation and test coverage has been added

See: Pull Request Walkthrough

[dralley]

2.19, 2.20, and 2.22 need a separate PR for requirements.txt

[patchback]

Backport to 2.26: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply ab9f204 on top of patchback/backports/2.26/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

Backporting merged PR #2331 into main

1. Ensure you have a local repo clone of your fork. Unless you cloned it
   from the upstream, this would be your origin remote.
2. Make sure you have an upstream repo added as a remote too. In these
   instructions you'll refer to it by the name upstream. If you don't
   have it, here's how you can add it:

   $ git remote add upstream https://github.com/pulp/pulp_container.git

3. Ensure you have the latest copy of upstream and prepare a branch
   that will hold the backported code:

   $ git fetch upstream
   $ git checkout -b patchback/backports/2.26/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331 upstream/2.26

4. Now, cherry-pick PR Require a newer version of pysequoia to fix signature validation #2331 contents into that branch:

   $ git cherry-pick -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

   If it'll yell at you with something like fatal: Commit ab9f2041e64fa5926cab3eb03d85a25ae569980d is a merge but no -m option was given., add -m 1 as follows instead:

   $ git cherry-pick -m1 -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

5. At this point, you'll probably encounter some merge conflicts. You must
   resolve them in to preserve the patch from PR Require a newer version of pysequoia to fix signature validation #2331 as close to the
   original as possible.
6. Push this branch to your fork on GitHub:

   $ git push origin patchback/backports/2.26/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

7. Create a PR, ensure that the CI is green. If it's not — update it so that
   the tests and any other checks pass. This is it!
   Now relax and wait for the maintainers to process your pull request
   when they have some cycles to do reviews. Don't worry — they'll tell you if
   any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

[patchback]

Backport to 2.24: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply ab9f204 on top of patchback/backports/2.24/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

Backporting merged PR #2331 into main

1. Ensure you have a local repo clone of your fork. Unless you cloned it
   from the upstream, this would be your origin remote.
2. Make sure you have an upstream repo added as a remote too. In these
   instructions you'll refer to it by the name upstream. If you don't
   have it, here's how you can add it:

   $ git remote add upstream https://github.com/pulp/pulp_container.git

3. Ensure you have the latest copy of upstream and prepare a branch
   that will hold the backported code:

   $ git fetch upstream
   $ git checkout -b patchback/backports/2.24/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331 upstream/2.24

4. Now, cherry-pick PR Require a newer version of pysequoia to fix signature validation #2331 contents into that branch:

   $ git cherry-pick -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

   If it'll yell at you with something like fatal: Commit ab9f2041e64fa5926cab3eb03d85a25ae569980d is a merge but no -m option was given., add -m 1 as follows instead:

   $ git cherry-pick -m1 -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

5. At this point, you'll probably encounter some merge conflicts. You must
   resolve them in to preserve the patch from PR Require a newer version of pysequoia to fix signature validation #2331 as close to the
   original as possible.
6. Push this branch to your fork on GitHub:

   $ git push origin patchback/backports/2.24/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

7. Create a PR, ensure that the CI is green. If it's not — update it so that
   the tests and any other checks pass. This is it!
   Now relax and wait for the maintainers to process your pull request
   when they have some cycles to do reviews. Don't worry — they'll tell you if
   any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.

[patchback]

Backport to 2.27: 💔 cherry-picking failed — conflicts found

❌ Failed to cleanly apply ab9f204 on top of patchback/backports/2.27/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

Backporting merged PR #2331 into main

1. Ensure you have a local repo clone of your fork. Unless you cloned it
   from the upstream, this would be your origin remote.
2. Make sure you have an upstream repo added as a remote too. In these
   instructions you'll refer to it by the name upstream. If you don't
   have it, here's how you can add it:

   $ git remote add upstream https://github.com/pulp/pulp_container.git

3. Ensure you have the latest copy of upstream and prepare a branch
   that will hold the backported code:

   $ git fetch upstream
   $ git checkout -b patchback/backports/2.27/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331 upstream/2.27

4. Now, cherry-pick PR Require a newer version of pysequoia to fix signature validation #2331 contents into that branch:

   $ git cherry-pick -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

   If it'll yell at you with something like fatal: Commit ab9f2041e64fa5926cab3eb03d85a25ae569980d is a merge but no -m option was given., add -m 1 as follows instead:

   $ git cherry-pick -m1 -x ab9f2041e64fa5926cab3eb03d85a25ae569980d

5. At this point, you'll probably encounter some merge conflicts. You must
   resolve them in to preserve the patch from PR Require a newer version of pysequoia to fix signature validation #2331 as close to the
   original as possible.
6. Push this branch to your fork on GitHub:

   $ git push origin patchback/backports/2.27/ab9f2041e64fa5926cab3eb03d85a25ae569980d/pr-2331

7. Create a PR, ensure that the CI is green. If it's not — update it so that
   the tests and any other checks pass. This is it!
   Now relax and wait for the maintainers to process your pull request
   when they have some cycles to do reviews. Don't worry — they'll tell you if
   any improvements are necessary when the time comes!

🤖 @patchback
I'm built with octomachinery and
my source is open — https://github.com/sanitizers/patchback-github-app.