Changes:
- Only fallback to YAML if UCL parsing fails
- pkg2ng: Hide warnings about @mtree, @stopdaemon, @comment
@display and @conflicts
- Fix escaping issues with COMMENT
- pkg add: Fix -A to properly mark package as automatic
- pkg2ng: Fix over NFS
- pkg2ng: Show message while analyzing shared libraries
- Update to 1.00.2014.03.11
- Deprecate do-build: target
Changes:
* Support git-based port trees in the `diff` command
* Emit NO_STAGE deprecation warning (By: Hans Fredrik Nordhaug)
PR: ports/187366
Submitted by: Johannes Jost Meixner <xmj@chaot.net> (maintainer)
GCC 4.6.4 to GCC 4.7.3. This entails updating the lang/gcc port as
well as changing the default in Mk/bsd.default-versions.mk.
Part II, Bump PORTREVISIONs.
PR: 182136
Supported by: Christoph Moench-Tegeder <cmt@burggraben.net> (fixing many ports)
Tested by: bdrewery (two -exp runs)
- Remove NetBSD support, its completely bitrotted
- Suggest to set DEVELOPER=yes in /etc/make.conf if committer flag specified in command line
- Fix WARN: Makefile: [11]: possible direct use of command "libtool" found...
- Small fixes:
* 'WWW: UR:' -> 'WWW: URL'
* @option_helpers -> remove leading '_' use _$m instead
* fix a few 'undefined variable' warnings
- Make MAN{X} checks NO_STAGE only (consolidate/simplify check)
- Make some checks in checkplist NO_STAGE only
- Convert PERL_CONFIGURE check to USE_PERL5=configure
- Make "use .if ${PORT_OPTIONS:MDOCS} to wrap installation of files into
$localbase/share/doc" warning NO_STAGE only
- Add special case for global options(DOCS/EXAMPLES/NLS/IPV6) in
OPTIONS_DEFINE, but not in PORT_OPTIONS:M$i
- Check for relative path (/../) in *DEPENDS
- Remove MASTER_SITES that don't resolve or returns 5xx
- Remove LINTSKIP check that was commented since 1997
PR: 186639
Submitted by: ak
- Fix package build on i386 envs that were identified by pkg.absolight.net
- Update to 1.00.2014.02.18
PR: ports/186884
Submitted by: Johannes Jost Meixner <xmj@chaot.net>
Approved by: maintainer
- add LICENSE (Beerware, maintainer is author of the port)
- support staging
- add dependency on ports-mgmt/portaudit for FreeBSD < 10
PR: 186757
Submitted by: Philipp Wuensche <cryx-freebsd@h3q.com> (maintainer)
- do not require files given on command line are regular files,
but accept any non-directory (for instance, symlinks).
Workaround for previous versions: use --no-find if you intend to
look up non-regular files.
OPTIONS_DEFINE. This policy has been implemented only recently that's why we
have many ports violating this policy.
This patch adds the default options specified in the Porter's Handbook to
OPTIONS_DEFINE where they are being used. Ports maintained by
gnome@FreeBSD.org, kde@FreeBSD.org and x11@FreeBSD.org have been excluded.
Approved by: portmgr (bapt)
* Check for old-style LIB_DEPENDS
* Don't emit a warning if there is only one MASTER_SITE, but that MASTER_SITE
is known in our list of site macros. [1]
* Attempt to find corrupt DESKTOP_ENTRIES that do not specify a proper
startupnotify value. [1]
Reported by: Hardy Schumacher <hardy.schumacher@gmx.de>
Update to 20140110
- Support for pkg(8)
Tweak WRKSRC setting from the original submission so staging and
packaging works properly. The distfile unpacks directly into $PWD,
which is not considered the best practice.
PR: 185649
Submitted by: Alexander Wittig
This update includes a security update for possible arbitrary code
execution from package manifest parsing. All users are advised to
upgrade ASAP. The base pkg(7) was never affected by this. [1]
Changes:
* Fix libyaml head-based buffer overflow [1]
* Fix pkg info -E support for ports, which namely affected
net/openldap* usage. [2]
* Fix packages registering themselves as dependencies [3]
* Bash autocompletion fixes [4]
* autoremove: Don't try to remove locked packages
* Support 'pkg bootstrap -f', which will force a reinstall of pkg
on FreeBSD 10.0+
* Fix %t timestamp formatter with %{...%} modifiers [5]
* pkg info: Show date installed
* Add $daily_status_security_pkgaudit_quiet to control 410.pkg-audit.in
output verbosity level
* Add an error when trying to update repository and none are defined [6]
* Fix typos in manpages [7]
Security: CVE-2013-6393 [1]
Reported by: secteam (delphij) [1]
PR: ports/184797 [2]
Reported by: Pavel Timofeev <timp87@gmail.com> [2], many
Submitted by: smh@ [3]
Submitted by: brd@ [4]
Submitted by: Jamie Landeg Jones [5]
Submitted by: Rodrigo Osorio [6]
Submitted by: Michael Gehring, wblock [7]
With hat: portmgr
MFH: 2014Q1
Changes:
* bulk: Support port origins ending in /
* ATOMIC_PACKAGE_REPOSITORY: Fix bulk/testport when running on 9.1,8.4,8.3
as they do not support mv(1) -h to rename a symlink. This is fixed by
adding a custom rename(1) that just calls rename(2) on the arguments
to ensure an atomic rename(2) is done.
- Update LICENSE format
Changes:
- Add a BUILDER_HOSTNAME that can be set to define the hostname
for package building
- Add PRESERVE_TIMESTAMP (default off) to allow preserving timestamps
in svn checkouts
- Auto clean packages when their version does not match the jail's version
- jail -l: Add -n to only show name
- Ensure /sbin:/usr/sbin is in PATH
- jail: Add -r to rename jails (jail -r newname -j oldname)
- Fix ipv6-only usage
- Require sem(4) kernel support as some ports require it
Changes:
* Fix dependencies when existing packages have their origins moved
via MOVED by now loading and parsing MOVED for existing packages
only.
* Force umount some directories to avoid desktop utils traversing them
causing them to remain mounted.
* Fix stage orphan false-positives with KDE4_PREFIX
* Fix a race condition in bulk which could lead to 'unknown stuck queue bug'
* Fix usage of cpdup(1) -X [no functional change]
* Speedup bulk startup by not rolling back fresh builder jails
* Various parallel execution fixes
* Parallel execution errors now wait up to 30 seconds for children to
finish before ending the build.
* Ignore home directory of users created by ports during leftover check
Changes:
- Fix hang in sanity check
- Fix race causing "unknown stuck queue" after ports finish building
- Fix PARALLEL_JOBS always set to prepare number
- Cache fixes
- cpdup -X usage fixes
- bulk: Avoid rollback on first startup (speeds up startup)
- Cleanup some error handling with parallel processes,
errors will now cause a 30 second wait for other processes
to cleanly exist instead of sending a SIGKILL right away.
- Fix KEEP_OLD_PACKAGES_COUNT when package root
is a symlink
- Ignore home directory of users created by ports during
leftover check
- Load MOVED on startup and use it to track changed origins
in existing packages, which fixes more invalid dependency errors
and "new dependency" deletions in sanity check.
- Checksum is now done as root in case it needs to refetch
- testport: Remove extra -J description
- Manpage improvements
- fix $auditfile in pkg audit periodic script
- Fix repo-*.sqlite being corrupted when pkg update is interrupted by the user
- pkg add now tells the version of the package missing
- Strop decoding/encoding all fields, only scripts and description are now encoded/decoded
- Update HACKAGE_SITE to follow changes in upstream
- MAKE_ENV now sets LC_ALL and DESTDIR for Haskell Cabal ports
- Further minor cosmetical changes: replace USE_GMAKE with USES, get rid of
${DO_NADA}, some refactoring
Obtained from: FreeBSD Haskell
the iconv changes (basically GHCi was rendered unusable)
- Fix build for x11-toolkits/hs-wxc, while here
- Bump port revision for all Haskell Cabal ports as they have to be rebuilt
PR: ports/184806
Reported by: many
Obtained from: FreeBSD Haskell
MFH: 2014Q1
* Correct some unitialized problems that pop up with certain ports
* Replace USE_DOS2UNIX with USES=dos2unix
* Do not check for direct use of commands in OPTIONS descriptions
Reported by: Hardy Schumacher <hardy.schumacher@gmx.de>
Changes:
* Fix sanity checking not properly recursively deleting dependencies.
* bulk/testport: Add PREPARE_PARALLEL_JOBS and -J n[:P] where P is
used for pre-build parallel jobs which may be more IO-bound
* Typo fixes in manpage
* Do not warn on direct use of "false" if it is found in DESKTOP_ENTRIES. [1]
* Make sure the DESKTOP_ENTRIES true/false parameter does not include quotes.
* Remove an unreferenced variable dereference. [2]
* Add some additional variables to avoid explicit command use checks. [3]
PR: 185086 [1]
185225 [2]
185110 [3]
- BSD2CLAUSE license
- OPTIONS helpers
- remove code from pkg-install.in that was duplicating functionality
already performed from pkg-plist.
This version drops support for the old-style OPTIONS variable, and
looks for both OPTIONSFILE and OPTIONS_FILE if OPTIONS_DEFINE is not
empty.
Changes:
* Add new MAX_MEMORY and TMPFS_LIMIT to allow limiting memory
* bulk: Show (-C) when used when deleting existing packages
* bulk: for install,deinstall,package,extract limit execution
time to 1 hour to avoid endless loops like devel/meta-cvs in
r337304
* Allow BUILDNAME to be overridden in poudriere.conf, such as:
BUILDNAME=$(TZ=UTC date +%Y%m%dT%H%M%SZ)
Changes:
* Package builds are now atomic. They will not update the
package repository directory until the build finishes.
This can be disabled with ATOMIC_PACKAGE_REPOSITORY (default yes).
This will convert the repository to a new format on first build.
If a build fails, all of the successful packages are retained
for the next attempt, but the old packages do not get modified.
* Disabling COMMIT_PACKAGES_ON_FAILURE (default yes) will have it
not touch the repository if the build fails; the package repository
will only be updated once a build succeeds.
* bulk now has a dry run mode (-n). Requires ATOMIC_PACKAGE_REPOSITORY
* Add KEEP_OLD_PACKAGES which will keep KEEP_OLD_PACKAGES_COUNT
number of old repositories. This can be useful for rollbacks
or bisecting. Requires ATOMIC_PACKAGE_REPOSITORY
* Add RESTRICT_NETWORKING (default yes) which can be used to disable
the network restrictions outside of 'fetch' phase.
* Add new PORTTESTING_FATAL (default yes) which can be disabled so that
failed ports (leftovers) do not cause ports depending on that port to be
skipped. This is useful for QAT.
* Fix stage orphans excluding /var/run/PORTNAME
* Stage orphan fixes for ports using kdeprefix
* /proc and /compat/linux/proc now excluded for leftovers
* nmtree fixes for head
* Misc performance improvements
* build_fs_violation was broken
* Poudriere now requires pkg-1.2 in its ports tree
It only happens if one has list or key/value list in pkg.conf
a workaround to update is to comment it out the time to upgrade
Reported by: many
Pointyhat to: bapt (again)
Changes:
- Fix segfault in pkg audit -F [1]
- Fix multiple segfault when using eventpipe [2]
- Fix REPOS_DIR being appended instead of overwritten when modified from pkg.conf
Reported by: many [1]
Reported by: kmoore [2]
Changes in this release include:
- Major rework of dependency calculations for initial Makefile building.
Dependencies are now built inside of Build jails to prevent any
cross-contamination. OPTIONS are handled properly via a new static d4p
port (needs to be installed on the host).
- Fix enterbuild so that the sleepme file can be properly deleted
- Add support for protocol flag in createJail command when using LFTP
update method.
- Add some more variable exceptions that are used by bmake
- Fix ports fetching on IPv6 hosts
- Correct some clang issues, typos and style problems in pnohang
- Add support for 11.X
- Force CC and CXX to be the GNU versions for FreeBSD < 9
PR: 184391
Submitted by: ohauer
Approved by: maintainer timeout (14 days)
Changes:
- Workaround a bug in bsd.*.mk on FreeBSD 8.x
- Fix a pkg repo segfault
- Document aliases in pkg.conf(5)
- Be more verbose when refusing a repository configuration file
- Sync libucl with upstream (bug fixes)
- Fix a fd leak in pkg repo
- Fix memory leaks due bad usage of libarchive
NO_ARCH=yes
While here, fix a few other niggles:
net/phpldapadmin -- remove indefinite article from COMMENT
www/p5-RT* -- fix comments referencing the different versions of RT
x11-fonts/gentium-{basic,plus} -- mention ${STAGEDIR} explicitly in the
install targets; rework the handling of ${FONTPATH}
Changelog:
- Fix pkg which returns bogus non-zero exit status on success
- Better check libucl returns
- Fix bad build system resulting in broken binaries on arm and ia64
- Update pkg.conf documentation
- Add manpage for pkg config
- OOTB support for dragonfly
- Lots of fixes in libucl
- Fix pkg register complaining about shared libraries not found
- Do not resume a jailed or chrooted pkg(8) upgrade
- Document the plist format (in pkg-create(8))
- Pet mandoc -Tlint
- Add manpage for pkg_repos(3)
- Fix dependencies losing portepoch information
- pkg-[r]query: Add %q to display architecture
- Fix pkg add allowing to install package with missing dependencies
- Fix description being stored escaped
Special thanks to mat@ (for bug busting) and cognet@ (tracking down 2 issues
on arm and as a side effect fixing on ia64
* Fix issue with pkgng when the dependent packages are not installed
PR: ports/184528
Submitted by: Ken DEGUCHI <kdeguchi@sz.tokoha-u.ac.jp> (maintainer)
Changes:
* Fix date parsing with pkg_install
* Show proper origin in 'portupgrade' when duplicates detected
* Fix crash when attempting to upgrade bsdpan packages
PR: ports/184428
PR: ports/184426
Submitted by: Yoshiaki Kasahara <kasahara@nc.kyushu-u.ac.jp>
Changes:
* Fix date parsing with pkg_install
* Show proper origin in 'portupgrade' when duplicates detected
* Fix crash when attempting to upgrade bsdpan packages
PR: ports/184428
PR: ports/184426
Submitted by: Yoshiaki Kasahara <kasahara@nc.kyushu-u.ac.jp>
With the PKG_PORTSDIR make argument set, Release 1.2.2 will properly build
pkg when PORTSDIR doesn't equal the default /usr/ports, as is the standard
case with DragonFly.
Additionally, pkg(8) and pkg-static(8) man pages are conditionally edited
to remove references to the -j option when libjail isn't found on the
system. This extra-patch should never be used on FreeBSD.
- Support pkgNG. Known issue is that pkg which returns bogus exit codes,
spamming your screen. pkgs_which works nonetheless.
https://github.com/freebsd/pkg/issues/657
Note that pkgNG always uses --nocache implictly for speed:
https://github.com/freebsd/pkg/issues/658
Known issue: the pkgNG detection is a hack. It just looks for the
executable and the database in default locations, but does not attempt
to run "pkg -N".
Changes:
- Fix pkg rquery always printing index like lines
- Fix pkg -vv suggestion so it print something actually usable
- Fix shlib's -P and -R options were swapped round.
- Replace broken pkg_repos_count() by pkg_repos_total_count() and pkg_repos_activated_count()
- Fix parsing of options (in manifest)
- pkg add http:// now fetch to a temporary location and cleanup after itself
- Fix generation of the manifest digest
- Properly calculate how many packages where removed
- Fix support for dependencies with the same name (grrrr Fix you port if they have package name collision !!!!)
- Fix pkg info -R in case multiple dependencies has the same name
Changelog:
- Improved build system
- Allow to hook plugins, before closing the local db if it was opened in RW mode
- Allow ARCH to be printed by pkg info
- New pkg bootstrap subcommand that is the counter part of the pkg(7) bootstrap subcommand
- Use port specified in the SRV entries to connect to a given mirror
- Properly support srv priority/weigh when ordering mirrors
- Lots of spelling/grammar fixes
- Broken incremental pkg repo support was removed.
- ABI is now checked again using globs:
* a 'noarch' package should just specify: ARCH: 'freebsd:*'
* a package working on both i386 and amd64: ARCH: 'freebsd:9:x86:*'
- new pkg config subcommand to allow direct query of options
- options can now have a description
- pkg repo can now take new arguments:
pkg repo [path] [rsa_key|'signing_command: <command>']
This allow calling external command to perform the signing and
pass the checksum to be signed in the command stdin.
- in case pkg info is querying a file or is a single direct match
query then default on -f
- pkg info -q is now equivalent of pkg info -qa
- expat is now always bundled (for vuxml)
- vuxml is now the default source for pkg audit
- Accept empty/comment only configuration files
- Print a pkg name only once - even if multiple vulns were found - when using -q
in pkg audit
- pkg info now default on glob matching
- Support for pkg+foo url scheme where foo can be (http, https, ftp).
- pkg add is now able to read the packages from a pipe or a non-regular
file '-' is an alias for stdin, this also works from pipes, fifos,
unix domain sockets etc.
- New 'fingerprint' kind of signature:
if a repository is declared using the fingerprint type of
signature, a fingerprint directory should also be provided.
Inside that fingerprint directory should be 2 directories:
trusted and revoked. Those directories will contains files (in
yaml/ucl format) containing the fingerprint of the trusted
certificated and the revoked ones:
--- begins --
function: sha256
fingerprint: an_hex_representation_of_the_fingerprint
--- ends ---
All unknown attribute will be silently ignored to allow extending
in the future.
It also support multiple signatures inside the catalog. the
catalog should provide the signature in the following form:
name.sig
name.cert
- packagesite in pkg.conf is deprecated in favour using dedicated
repository configuration files
- REPO_DIR is now a list instead of a simple string
- New git like aliases to allow creating custom commands
- Allow using '?' operator in pkg query expressions
- Fix ssh:// support
- New PKG_SSH_ARGS to allow passing custom arguments to ssh command
used for the ssh:// protocol
- Do not generate catalogs in pkg 1.0 format anymore.
- YAML is replaced by UCL format:
Both formats are really simular. pkg(8) will falls back on parsing YAML
when the UCL parser fail. And will emit a warning to the
user showing a syntax that is compatible with both YAML and UCL.
More informations on UCL: https://github.com/vstakhov/libucl
- Dependencies on library is now automatic via pkg register and pkg
create
- Auto upgrade of pkg(8) now restart the upgrade process automatically
- Lots of bug fixes discovered by Coverity Scan
- New debug level traces
- Bug fixes in zsh completion
- rquery can now take a -I argument to output index like lines (needed for
bsdconfig)
- Skip self upgrade with -F is passed
- Autodetect if libelf should be used bundled
- Lots of bug fixes
Thanks a lot to all people allowed this release to happen, may that be from providing
code, ideas, submitting bugs, documenting or just supporting.
- changes since 1.2.0 rc1:
* Couple of style fixes
* Fix loading yaml keywords
* Fix building on Dragonfly
* Autodetect if libelf should be used bundled
* Fix a bug if pkg audit -F got interrupted
* Allow 'enabled' entry from repo configuration to be a string and raise a warning about it
Changes:
* Fix leftover detection on HEAD due to new nmtree
* Fix jail rollback on HEAD due to new nmtree which manifested
as missing dependencies in /new_packages
* Don't exclude anything when looking for stage orphans, which
fixes finding /var/run/PORTNAME as an orphan
- Changes:
* Fix loading of fingerprints
* Fix ssh transport by refactoring
* Skip self upgrade with -F is passed
* Fix pkg info -[q]O
* Fix pkg info -q (with no other options)
* Make fingerprints signature checking actually working
Changes:
* When using SRV mirrors, order the mirrors by the advertised
priority and weight. This should fix 'pkg update' using mirror
A while 'pkg upgrade' and 'pkg fetch' end up using mirrors
A, B and C, resulting in checksum errors due to not all mirrors
being updated at the same time.
* Add support for 'pkg+http://' URL scheme and deprecate
'http://' when using SRV mirroring. This is only a cosmetic change
that encourages users to not try loading the PACKAGESITE into
a browser to view it.
Discussed with: bapt
With hat: portmgr
Obtained from: upstream git
- let the ports-secteam maintain this port instead of secteam. This should assign PRs to the appropriate place. [1]
- recent freebsd versions should use pkg audit instead of portaudit
- stagify
- remove mention of preference file format changes which changed in 2004
PR: ports/184004 (partial
Discussed with: simon (many months ago) [1]
- Update bundled libucl code (which fixes bugs)
- Fix double escaped \n for script and messages
- Fix rquery with -e not properly working [1]
- rquery can now take a -I argument to output index like lines (needed for bsdconfig)
- Fix local database creation (initial)
- With build with older bsd.prog.mk
- Improved documentation for pkg query
Reported by: mat [1]
Changes:
- Bug fixes in zsh completion
- Lots of bug fixes discovered by Coverity Scan
- New debug level traces
- Auto upgrade of pkg(8) now restart the upgrade process automatically
- Dependencies on library is now automatic via pkg register and pkg
create
- YAML is replaced by UCL format:
Both formats are really simular. pkg(8) will falls back on parsing YAML
when the UCL parser fail. And will emit a warning to the
user showing a syntax that is compatible with both YAML and UCL.
More informations on UCL: https://github.com/vstakhov/libucl
- Do not generate catalogs in pkg 1.0 format anymore.
- Working ssh protocol supported for repositories
- New PKG_SSH_ARGS to allow passing custom arguments to ssh command
used for the ssh:// protocol
- Allow using '?' operator in pkg query expressions
- New git like aliases to allow creating custom commands
- REPO_DIR is now a list instead of a simple string
- packagesite in pkg.conf is deprecated in favour using dedicated
repository configuration files
- New 'fingerprint' kind of signature:
if a repository is declared using the fingerprint type of
signature, a fingerprint directory should also be provided.
Inside that fingerprint directory should be 2 directories:
trusted and revoked. Those directories will contains files (in
yaml/ucl format) containing the fingerprint of the trusted
certificated and the revoked ones:
--- begins --
function: sha256
fingerprint: an_hex_representation_of_the_fingerprint
--- ends ---
All unknown attribute will be silently ignored to allow extending
in the future.
It also support multiple signatures inside the catalog. the
catalog should provide the signature in the following form:
name.sig
name.cert
- pkg add is now able to read the packages from a pipe or a non-regular
file '-' is an alias for stdin, this also works from pipes, fifos,
unix domain sockets etc.
- Support for pkg+foo url scheme where foo can be (http, https, ftp).
- pkg info now default on glob matching
- Print a pkg name only once - even if multiple vulns were found -
when using -q
- Accept empty/comment only configuration files
- vuxml is now the default source for pkg audir
- expat is now bundled (for vuxml)
- pkg info -q is now equivalent of pkg info -qa
- in case pkg info is querying a file or is a single direct match
query then default on -f
- pkg repo can now take new arguments:
pkg repo [path] [rsa_key|'signing_command: <command>']
This allow calling external command to perform the signing and
pass the checksum to be signed in the command stdin.
- options can now have a description
- new pkg config subcommand to allow direct query of options
- ABI is now checked again using globs:
a 'noarch' package should just specify: ARCH: 'freebsd:*'
a package working on both i386 and amd64: ARCH: 'freebsd:9:x86:*'
- Broken incremental pkg repo support was removed.
- Lots of spelling/grammar fixes
- Properly support srv priority/weigh when ordering mirrors
- Use port specified in the SRV entries to connect to a given mirror
- New pkg bootstrap subcommand that is the counter part of the
pkg(7) bootstrap subcommand
- Allow ARCH to be printed by pkg info
- Allow to hook plugins, before closing the local db if it was
opened in RW mode
- Improved build system
