Fixes the commit 105fa3920e which was intended to make rust/host build
on aarch64 darwin working again. However, the fix contains a mistake
because it sets RUSTC_TARGET_ARCH instead of RUSTC_HOST_ARCH. Thus, the
fix doesn't work.
This properly sets the correct variable RUSTC_HOST_ARCH.
Fixes: 105fa3920e ("rust: fix host build on aarch64 darwin")
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
100_add_cross_platform_build_ability.patch was submitted upstream in
https://github.com/giampaolo/psutil/pull/2068, but that pull request was
closed without being merged.
This replaces that patch with a simpler version that only updates
setup.py, leaving the run-time library code unchanged.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
rust/host failed to compile on macOS running on Apple Silicon M1 Pro
because the host target triple is autogenerated to be
'arm64-unknown-linux-'. Rust doesn't have such a target triple, thus the
build failes because there are no pre-built artifacts for bootstrapping.
Fix this by setting RUSTC_HOST_ARCH to 'aarch64-apple-darwin' in case
our host is HOST_ARCH=arm64 and HOST_OS=darwin.
Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
The initial fix was done in a2e76e497.
Later we could revert it with 5779ae4c5 since a global fix
in gcc was deployed.
But now, PHP itself applied a workaround/fix in 8.2.8,
so that we now require the initial fix again.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Upstream has updated the Go compiler to not use gold when building for
arm, and is waiting for a fix to binutils (released in 2.41) before
doing the same for aarch64.[1]
Based on the above, it does not appear that
https://github.com/golang/go/pull/49748 will be merged. This removes the
patch from that pull request.
[1]: https://github.com/golang/go/issues/22040
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Update to v18.17.1
This is a security release.
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-32002: Policies can be bypassed via Module._load (High)
* CVE-2023-32006: Policies can be bypassed by module.constructor.createRequire (Medium)
* CVE-2023-32559: Policies can be bypassed via process.binding (Medium)
* OpenSSL Security Releases (Depends on shared library provided by OpenWrt)
* OpenSSL security advisory 14th July.
* OpenSSL security advisory 19th July.
* OpenSSL security advisory 31st July
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
On host PC using GCC 13, stackctrl.c fails to compile
with the following error:
../py/stackctrl.c: In function 'mp_stack_ctrl_init':
../py/stackctrl.c:32:32: error: storing the address of
local variable 'stack_dummy'
in 'mp_state_ctx.thread.stack_top' [-Werror=dangling-pointer=]
32 | MP_STATE_THREAD(stack_top) = (char *)&stack_dummy;
../py/stackctrl.c:31:18: note: 'stack_dummy' declared here
31 | volatile int stack_dummy;
| ^~~~~~~~~~~
In file included from ../py/runtime.h:29,
from ../py/stackctrl.c:27:
../py/mpstate.h:296:23: note: 'mp_state_ctx' declared here
296 | extern mp_state_ctx_t mp_state_ctx;
| ^~~~~~~~~~~~
cc1: all warnings being treated as errors
Fixed accordingly by ignoring -dangling-pointer warning
inside mp_stack_ctrl_init function.
Signed-off-by: Jean-Paul Etienne <fractalclone@gmail.com>
Version 1.71.1 (2023-08-03)
===========================
- Fix CVE-2023-38497: Cargo did not respect the umask when extracting dependencies
- Fix bash completion for users of Rustup
- Do not show `suspicious_double_ref_op` lint when calling `borrow()`
- Fix ICE: substitute types before checking inlining compatibility
- Fix ICE: don't use `can_eq` in `derive(..)` suggestion for missing method
- Fix building Rust 1.71.0 from the source tarball
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Includes fix for CVE-2023-29409 (crypto/tls: verifying certificate
chains containing large RSA keys is slow).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This loads the module, which should return the path of the CA bundle
and verifies that the file exists.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This renames the source package to python-sqlparse to match other Python
packages.
This also updates the build dependencies; package now uses the flit-core
build backend.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
frozenlist.FrozenList is a list-like structure which implements
collections.abc.MutableSequence. The list is mutable until
FrozenList.freeze is called, after which list modifications raise
RuntimeError.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
A library that helps you read text from an unknown charset encoding.
Motivated by chardet, I'm trying to resolve the issue by taking a new
approach. All IANA character set names for which the Python core library
provides codecs are supported.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This renames the source package to python-pyroute2 to match other Python
packages.
This also updates/simplifies the package dependencies.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Notable Changes:
*Ada 2.0
Node.js v18.17.0 comes with the latest version of the URL parser, Ada. This update brings significant performance improvements to URL parsing, including enhancements to the url.domainToASCII and url.domainToUnicode functions in node:url.
*Web Crypto API
Web Crypto API functions' arguments are now coerced and validated as per their WebIDL definitions like in other Web Crypto API implementations. This further improves interoperability with other implementations of Web Crypto API.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
When user runs `make clean` command, everything in `$(STAGING_DIR)`
(where we installed rust) will be removed, but `$(BUILD_DIR_HOST)`
(where we compiled rust and stored build stage) is untouched.
So when user starts a new build after that, OpenWrt buildroot will
still consider `rust` is installed already, resulting the build error
"cargo: command not found".
Fix this by moving to target build dir as well.
Fixes: f489e019ac ("rust: compile host package per target")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
While the compiled binaries are intended to run on the host system, the
rust/host package does include the target matching the configured
OpenWrt target.
If using (for example) ./scripts/env to switch between different
OpenWrt configurations, this will cause issues if the different
configuration is for a different target. In such case there will be a
mismatch between the available Rust target and OpenWrt target and the
following error will be printed:
> error[E0463]: can't find crate for `core`
> note: the `XXX` target may not be installed
This fix will add the RUSTC_TARGET_ARCH as HOST_BUILD_DIR and CARGO_HOME
suffix, such that rust/host will be compiled in case an OpenWrt
configuration change causes the RUSTC_TARGET_ARCH to change.
Fixes: #21530
Signed-off-by: Orne Brocaar <info@brocaar.com>
[Applied Jeffery To's suggestion for build and install path]
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
Includes fix for CVE-2023-29406 (net/http: insufficient sanitization of
Host header).
This also updates the copyright information for various Go packaging
files.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Mako was removed in 60ce07b9a1d5c7a53297f177f10af68f3304be9e; at the
time we were using host pip to install host Python packages and so
having this package was not necessary.
With the move away from host pip and toward proper host packages, it
would be better to have a Mako host-only package here to support the
mesa package in the video feed.
This re-imports the package from the abandoned packages feed, updates
the makefile with current Python package conventions, and updates the
package to the latest version.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This renames the source package to python-click to match other Python
packages.
This also updates the package dependencies, licence file, package title
and description.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
- 1.0.0:
- What's Changed:
- Handle situations where the cwd does not exist.
- Add python-decouple as a related project
- Drop support for python 3.7, add python 3.12-dev
- 0.21.1:
- Added:
- Use Python 3.11 non-beta in CI
- Modernize variables code
- Modernize main.py and parser.py code
- Improve conciseness of cli.py and init.py
- Improve error message for get and list commands when env file
can't be opened
- Updated Licence to align with BSD OSI template
Signed-off-by: Javier Marcet <javier@marcet.info>
- 1.6.1
- Fix Dispatcher keyboard interrupt. Should solve reconnect loop
with rel
- 1.6.0
- Fix teardown issue when ping thread is not properly ended
- Fix double ping wait time on first ping
- Minor typehints improvements
- 1.5.3
- Add logic to avoid error in the case where content-length header
does not exist, bug introduced in 1.5.2
- Fix wsdump.py script typing, bug introduced in 1.5.2
- 1.5.2
- Add typehints
- Fix pytype errors
- Fix args passed to logging function
- Standardize PEP 3101 formatting
- Add more verbose exception for unsuccessful handshake
Signed-off-by: Javier Marcet <javier@marcet.info>
This also removes the dependency on gnupg as there are two packages for
gpg, gnupg and gnupg2; this library should work with either one.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Update to v18.16.1
The following CVEs are fixed in this release:
* CVE-2023-30581: mainModule.__proto__ Bypass Experimental Policy Mechanism (High)
* CVE-2023-30585: Privilege escalation via Malicious Registry Key manipulation during Node.js installer repair process (Medium)
* CVE-2023-30588: Process interuption due to invalid Public Key information in x509 certificates (Medium)
* CVE-2023-30589: HTTP Request Smuggling via Empty headers separated by CR (Medium)
* CVE-2023-30590: DiffieHellman does not generate keys after setting a private key (Medium)
* OpenSSL Security Releases (Depends on shared library provided by OpenWrt)
* OpenSSL security advisory 28th March.
* OpenSSL security advisory 20th April.
* OpenSSL security advisory 30th May
* c-ares vulnerabilities: (Depends on shared library provided by OpenWrt)
* GHSA-9g78-jv2r-p7vc
* GHSA-8r8p-23f3-64c2
* GHSA-54xr-f67r-4pc4
* GHSA-x6mf-cxr9-8q6v
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
* Rename:
* Source package from python3-libsemanage to python-semanage
* Target package from python3-libsemanage to python3-semanage
* Update dependents with new target package name
* Update package title, license files, and dependencies
* Remove Build/InstallDev (files not used by any other package)
* Use Py3Package to build Python bytecode and source packages
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Rename:
* Source package from python3-libselinux to python-selinux
* Target package from python3-libselinux to python3-selinux
* Update dependents with new target package name
* Remove patches:
* 010-setup-py-custom-cc.patch: LDSHARED is already set as part of
$(PYTHON3_VARS)
* 020-Make-use-of-variables-when-defining-libdir-and-inclu.patch: This
package doesn't install the libselinux.pc file
* Update package title and dependencies
* Remove Build/InstallDev (files not used by any other package)
* Use Py3Package to build Python bytecode and source packages
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This reverts commit a2e76e4978.
Now that the issue is fixed on gcc side (see openwrt/openwrt@7b4a966),
we can revert this workaround here.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This renames the source package to python-asgiref to match other Python
packages.
This also updates the package title and URL.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This package was originally added[1] as it was a dependency of
etesync-server 0.3.0. When etesync-server was renamed to etebase and
upgraded to 0.6.1[2], this dependency was removed. No other package in
the packages feed depends on this package.
Upstream has also archived the git repo[3] and stated that the
repo/package is deprecated. It does not appear that any newer version of
etebase uses this package.
This removes the python3-django-etesync-journal package; it will be
submitted to the abandoned packages repo.
[1]: https://github.com/openwrt/packages/pull/10469
[2]: https://github.com/openwrt/packages/pull/14063
[3]: https://github.com/etesync/journal-manager
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This renames the source package from passlib to python-passlib to match
other Python packages.
This also updates the package URL and list of dependencies.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The buildbots failed for the mentioned platform with the following error:
(I shortened the pathnames and broke long lines a little bit for readability)
.../lib/gcc/riscv64-openwrt-linux-musl/12.3.0/../../../../
riscv64-openwrt-linux-musl/bin/ld: Zend/zend_execute_API.o: in function `.L533':
zend_execute_API.c:(.text+0x1b1c): undefined reference to `__atomic_exchange_1'
.../riscv64-openwrt-linux-musl/bin/ld: Zend/zend_atomic.o:
in function `zend_atomic_bool_exchange':
zend_atomic.c:(.text+0xc): undefined reference to `__atomic_exchange_1'
collect2: error: ld returned 1 exit status
make[4]: *** [Makefile:350: sapi/cli/php] Error 1
Inspired by the blog post[1], linking to libatomic explicitly seems to
do the trick.
[1] A RISC-V gcc pitfall revealed by a glibc update
https://blog.jiejiss.com/A-RISC-V-gcc-pitfall-revealed-by-a-glibc-update
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Jeffery To