Changes:
- When filtering out shlib archs, compare wordsize first and then ABI arch string
- Fix rquery -e
- Fix install progress output for meta packages
- Fix writing annotations to manifests
- pkg-clean: Show files to delete first
- Add a pkg_symlink_cksumat to fix pkg-delete
- Add packages checksums to digest file to fix broken repo update
- Unbreak pkg-ssh
With hat: pkg@
Changes:
- Fix crash on i386 (thanks to antoine@)
- Ignore duplicates in require/provide
- Add missed call to pkg_list_free for PKG_PROVIDES (thanks to Maxim Ignatenko)
- Print error if we cannot parse manifest
- Select the newest possible package to satisfy dependency
- Check shared libraries architecture and ignore incompatible ones
With hat: pkg@
Changes:
- Print number of upgrade candidates
- Fix request addition
- Suggest manual resolution for UNSAT problems
- Check repository and force update if it is not valid
- Fix issue with seen packages not added to the request
- Use plain .so for all shared libraries requires/provides
With hat: pkg@
Changes:
- Use picosat SAT solver instead of the internal one:
* production grade solver that is extensively tested
* faster than internal one
* has more flexible features
- Fix issues with adding items to the universe
- Fix forced operations
With hat: pkg@
Changes:
- The solver and jobs interface were completely reworked:
* multirepos have now better support
* fix a number of issue with missed shared library dependencies
* upgrade and install are now more clever about chosing repositories
* implement package pinning to a repository
* add heuristic to resolve conflicts between remote packages
* removed tonns of old hacks
* arrays are now used in many places instead of lists for performance
* some hash tables are improved by using direct pointers hash
- Minor fixes
Changes:
- Explicitly pass when passmode should be used with libarchive
- Properly trim end spaces in plist for files and directories
- Fix pkg ssh client
- Fix pkg_env
- Follow symlinks in fstatat otherwise it breaks repos created by poudriere
- Fix sqlite on FS without proper locking mechanism
- Fix pkg install -A
- Do not distinguish anymore between dirrm and drirmtry
- Fix options parsing by libucl
- Rework repo update to avoid early repo destruction
- Fix forced update
- Update errors are now not fatal
- Fix realpath usage
- Fix pkg set -o
- Fix progress bars when not in a tty to give output
- Ignore sigpipe to avoid resources leak
- Read lock is now no-op unles READ_LOCK option is turned on
- Fix incremental repo updates (size missmatch error)
- Add a rootfd to simplify handling of relocation
- Implement a set of *at functions
- Improve documentation
- Tons of minor bugfixes
With hat: pkg@
This build includes all fixes from pkg 1.3.2 plus the following changes:
- Fix an issue with pkg-repo that prevents from getting all packages in the
archive
- Fix an issue with manifests parsing on big-endian platforms
- Add help messages for aliases (by admi3)
- Fix linkage with sbuf (always use bundled sbuf)
With hat: pkg@
This version is equal to pkg 1.3.0 tag.
Changes from 1.3.0.rc4:
- Use rename(2) to install symlink [1]
- Link directly pkg frontend to libsbuf
- Rework installation logic:
If a file is found on the way do the following:
1) Append 12 chars random suffix to the filename;
2) Extract new file to that modified filename;
3) Rename new file to old file.
- or -
3) Remove temporary file in case of error.
- Fix reporting of locked packages [2]
- Fix link with binutils 2.24
Reported by: bdrewery[1], az[2]
With hat: pkg@
Changes:
- Fix output format when a dependency is missing
- Fix typo (dbpath -> dbdir)
- Create repo compatible with pkg 1.2 (path -> repopath)
- Event pipe related fixes
- Fetching now does not use mkstemp(2) to create files
- Change permissions of files fetched to default ones
- Fix fetching for reinstalled packages
- Fix build on mips by proper checking of atomic builtins
With hat: pkg@
Changes:
- Fix bug in upgrade repos schemas from 1.2 [1]
- Fix repos downgrade sql
- Add -r (--recursive) flag to pkg-audit that makes pkg-audit to print all
reverse dependencies of vulnerable packages. This allows users to
upgrade or reinstall potentially vulnerable packages.
- Rework pkg-audit to support pkg names without versions
- pkg-audit now supports multiple patterns in the command line
- Do not throw failed assertion if pattern is empty in [r]query
- Fix symlinks checksum verification in pkg-delete
- Fix bug in libucl variables parsing code
- Add --raw-format to info/search
- Ignore not top level packages with missing fields (for example, missing dependencies)
- Make dependency missing message more informative [1]
- Introduce mirror mode for pkg-fetch
- Add -o flag to pkg-fetch to specify mirroring output directory
Found by: az [1]
With hat: pkg@
Changes:
- Fix critical bug in the solver caused not required packages being installed
- Rework DPLL algorithm to solve tasks quicker by propagating units on each step
- Fix bug with loading of package files and directories
- If all files are downloaded then perform integrity check immediately without extra queries to a user
- Removed incorrect error messages
With hat: pkg@
Changes:
- Fix repo ident for local packages [1]
- Fix pkg-stat
- Improve safety of 1.2 -> 1.3 database migration
- Fix minor bugs in progress bar
- Restart system calls on SIGALARM
Submitted by: des[1]
With hat: pkg@
Changes:
- Quit pkg ssh if an error occurs while reading
- Fix critical issue with manifest fields (path->repopath) [1]
- Set reponame for local packages [1]
- Fix forced upgrade [1]
- Fix packages count in pkg-delete
- Allow override `enabled` state for repos
- Fix message if a pattern has not been found
- Move the pkg_keys[] array from private/pkg.h to pkg.c to reduce duplication [1]
- Add package validation function
- Fix local packages installation
- Validate pkg when changing its uid
- Rework solver initial guessing
- Fix multirepos documentation
- Fix issue with repository metafile updating
- Fix issue with unnecessary fingerprints check
- Fix meta loading
Submitted by: des [1]
With hat: pkg@
Changes:
- Fix pkg-backup display issues
- Fix UID changing when looking for upgrade candidates
- Rework integritycheck procedure to use uids
- Improve searching of local and remote packages
- Lazy load of files and dirs for remote packages
- Fix upgrades with UID changed
- Fix actions count in jobs progress display
- Fix serious bug in pkg-repo by moving to socketpairs from pipes
- Detect SOCK_SEQPACKET support and fallback to SOCK_DGRAM (for 8.x)
With hat: pkg@
Changes:
- Save repo type in the annotation.
- Fix packages fetching for reinstallation
- Convert pkg repo from threads to processes (no more pthread dependency)
- Add progress indicators to repo create
- Implement new repo style:
* Add metafile
* Use data from that metafile
* Use advanced manifest digests format
* Implement legacy repos creation
- Fix symlinks checksums (reported by misha @ #pkgng)
- Fix pkg backup -r messages
- Now pkg is able to delete multiple versions of the same package (e.g. when some packages are
merged into one another)
- Fix repo schema upgrade
- Do not try to re-fetch broken packages infinitely
- Fix couple minor bugs and crashes
With hat: pkg@
The pkg.8 manpage is edited by an extra patch on DragonFly due to
differences in jail operation. The patch no longer applies both due
to file relocation and regular bitrot. Regenerate the patch and
change its name to reflect the new file location. This is a no-op
on all releases of FreeBSD.
Approved by: just-fix-it blanket
Changes:
- repositories system has been reworked to support opaque repository operations
- progress bar has been reworked and simplified
- pkg backups generated by the distributed script are now plain sql files
- fixed some visual issues while installing packages
With hat: pkg@
Changes:
- Now unicity is made on the typle (origin, name) to allow sub packages but cannot be made to only name to break installation from prior sanitization of the names
- Fix pkg stat
- Fix speed regression
- 411.pkg-backup does not hide errors anymore
- Improve documentation
- debug now print stacktrace on freebsd 10+
- globalize common variables
- new option to allow profiling sql queries
- fix flatsize calculation
- improve ui (better output)
- add a new shiny progress bar and start using it everywhere
- create a pkg_checksum api
- fix pkg rquery -I
- rework package digest
- allow to use ldns instead of the FreeBSD dns api if needed
- change the upgrade package path: first rename a file then extract the new file then unlink the renamed one
- add a version script to avoid exposing external third party library symbols
- fix pkg upgrade (it was changing the automatic flags when it shouldn't)
Changes:
- more fixes in pkg audit
- move audit functions into the library
- pkg lock -l now list the locked packages
- database lock behaviour is now configurable
- symlinks now has a checksum to ensure they are valid
- more fixes on the solver
- add long version of the options
Changes:
- pkg audit now accepts vuln.xml with multiple package names
- Prefer SONAME instead of filename for library provides
- Do not require dependencies that are self provided
- pkg upgrade can now have a name in argument to only upgrade a given package and its dependencies
- Lots of bug fixes
Changes:
- Document pkg search -U
- Reduce memory usage when loading a package
- Validate package loading against a ucl schema
- Sandbox signature checking with capsicum
- Update man pages
- Be pedantically correct about units and scale factors
- Now uses sqlite full text search extension
- Allow case insensitive search
- Fix pkg add -f
- Lots of fixes in the solver
exists, libtool will add all libraries libB.la refers to (dependency_libs
field) to the linker command line and store them in the dependency_libs
field of libA.la. So everything that subsequently links with libA will also
link to these extra libraries. This causes too much overlinking.
This commit modifies Mk/Uses/libtool.mk so it empties the dependency_libs
field in .la libraries during staging. However, because .la libraries have
very limited use when dependency_libs is empty it makes sense to completely
remove them during staging.
So with this commit USES=libtool is modified to remove .la libraries and a
new form (USES=libtool:keepla) is introduced in case they need to be kept
(dependency_libs is still emptied).
PORTREVISION is bumped on all ports with USES=libtool that install .la
libraries. Most ports are also changed to add :keepla because .la
libraries have to be kept around as long as there are dependent ports with
.la libraries that refer to them in their dependency_libs field. In most
cases :keepla can be removed again as soon as all dependent ports that
install .la libraries have some form of USES=libtool added to their
Makefile.
PR: ports/188759
Exp-run: bdrewery
Approved by: portmgr (bdrewery)
Changes:
- Detect invalid packages that list directories in plist
- new pkg_emit_query_(yesno|select) to allow the library to ask question to the user
- Reinstall packages on upgrade if remote abi changed (this catches up automatically major upgrade of freebsd)
- Ability the specify the file to read the ABI from
- add --relocate to pkg add and register (this is totally unsafe to use a a normal user, it is intended to be used in the ports tree)
- clean/improvements in the repo handling functions
- validate the directory is actually a port directory when running pkg version against the ports tree
- new pkg audit -f <file> to run pkg audit against a local file
- pkg -j and pkg -c are now able to restart themself
- pkg version against the ports tree now works even if current working directory has been deleted out from underneath us.
- Improved pkg upgrade/install/delete output
- Improve cache handling
- Make pkg update more verbose
- new RUN_SCRIPTS options (default on) to be able to switch of the running pre/post operation scripts
Changes:
- pkg create uses a readonly lock
- pkg create returns non 0 is package creation failed
- rework the cache so that is avoid collision with multirepo and avoid warning the users harmless checksum retry
- do not cache anymore files when using file:// scheme
- Preserve automatic flags of local packages.
- Use installed provides if possible.
- Fix local and remote logic for provides and conflicts.
- Optimize SAT solving slightly.
- Make duplicate-related warning fatal in developer mode
- Continue turning the public api into pkg_objects
Changes:
- pkg delete is not recursive by default
- pkg delete ui now explain why a package will be removed
- pkg which now handle PATH when looking for a file
- shared libraries are now directly resolved in the solver (no need anymore for explicit package dependency)
Changes:
- Added ability to install packages with missing dependencies
- Do not enter in a sandbox if the database is open
- Do not count the lock owner as lock blocker.
- Lots of rework and fixes to improve the solver when trying to upgrade very old package database.
Changes:
- Reimport old pkg add (aliasing it to install was too optimistic at the moment)
- Fix pkg install ./file with package lacking the manifestdigest information)
- Fix a bug resulting in "pkg-static: sqlite: no such savepoint: upgrade"
Changes:
- libpkg: Simplify code but turning annotations into a pkg_object
- libpkg: Simplify dumping the configuration of plugins in pkg -vv
- libpkg: Update libucl to latest version
- libpkg: Fix options emission in the Manifest
- libpkg: fix some multirepository bugs
- pkg: fix pkg delete -f
- pkg: fix pkg register
- pkg: fix pkg upgrade
- pkg: fix pkg shell
- pkg: 'update' now warns user if no repos are enabled
- New solver that can support external solvers using the CUDF format and the internal SAT solver
- pkg-ssh(8) is now sandboxed with capsicum if it is available
- pkg-ssh(8) now uses poll(2)
- Remove StringList usage to improve portability
- Rework the build system to use autotools to help portability
- Now fetching is done to a temporary location and cleaned up if it fails
- Remove PACKAGESITE
- pkg-audit: remove support for portaudit compact database (only VulnXML will be used)
- Improved UI experience based on jmmv write up (http://julipedia.meroh.net/search/label/cli-design)
- Hide the average speed from the progress bar (confusing for users)
- Reworking the database locking mechanism into a finer grain and more clever system
- Dynamic conflict handling if a conflict on files is detected at the sanity check level, try to solve the problem again with the new conflict information
- Fix %t (timestamp) modifier in pkg_printf(3)
- Full output now has a new field "date installed"
- New pkg -o A=B to overwrite configuration from command line without the need of defining environment variables
- pkg-install now can handle local files
- pkg-add is now an alias on pkg-install
- Simplify API by using more and more libucl objects (hidden behind an opaque 'pkg_object')
Special thanks to Vsevolod Stakhov (vsevolod@)
Changes:
- Only fallback to YAML if UCL parsing fails
- pkg2ng: Hide warnings about @mtree, @stopdaemon, @comment
@display and @conflicts
- Fix escaping issues with COMMENT
- pkg add: Fix -A to properly mark package as automatic
- pkg2ng: Fix over NFS
- pkg2ng: Show message while analyzing shared libraries
This update includes a security update for possible arbitrary code
execution from package manifest parsing. All users are advised to
upgrade ASAP. The base pkg(7) was never affected by this. [1]
Changes:
* Fix libyaml head-based buffer overflow [1]
* Fix pkg info -E support for ports, which namely affected
net/openldap* usage. [2]
* Fix packages registering themselves as dependencies [3]
* Bash autocompletion fixes [4]
* autoremove: Don't try to remove locked packages
* Support 'pkg bootstrap -f', which will force a reinstall of pkg
on FreeBSD 10.0+
* Fix %t timestamp formatter with %{...%} modifiers [5]
* pkg info: Show date installed
* Add $daily_status_security_pkgaudit_quiet to control 410.pkg-audit.in
output verbosity level
* Add an error when trying to update repository and none are defined [6]
* Fix typos in manpages [7]
Security: CVE-2013-6393 [1]
Reported by: secteam (delphij) [1]
PR: ports/184797 [2]
Reported by: Pavel Timofeev <timp87@gmail.com> [2], many
Submitted by: smh@ [3]
Submitted by: brd@ [4]
Submitted by: Jamie Landeg Jones [5]
Submitted by: Rodrigo Osorio [6]
Submitted by: Michael Gehring, wblock [7]
With hat: portmgr
MFH: 2014Q1
- Manpage improvements
- fix $auditfile in pkg audit periodic script
- Fix repo-*.sqlite being corrupted when pkg update is interrupted by the user
- pkg add now tells the version of the package missing
- Strop decoding/encoding all fields, only scripts and description are now encoded/decoded
It only happens if one has list or key/value list in pkg.conf
a workaround to update is to comment it out the time to upgrade
Reported by: many
Pointyhat to: bapt (again)
Changes:
- Fix segfault in pkg audit -F [1]
- Fix multiple segfault when using eventpipe [2]
- Fix REPOS_DIR being appended instead of overwritten when modified from pkg.conf
Reported by: many [1]
Reported by: kmoore [2]
Changes:
- Workaround a bug in bsd.*.mk on FreeBSD 8.x
- Fix a pkg repo segfault
- Document aliases in pkg.conf(5)
- Be more verbose when refusing a repository configuration file
- Sync libucl with upstream (bug fixes)
- Fix a fd leak in pkg repo
- Fix memory leaks due bad usage of libarchive
Changelog:
- Fix pkg which returns bogus non-zero exit status on success
- Better check libucl returns
- Fix bad build system resulting in broken binaries on arm and ia64
- Update pkg.conf documentation
- Add manpage for pkg config
- OOTB support for dragonfly
- Lots of fixes in libucl
- Fix pkg register complaining about shared libraries not found
- Do not resume a jailed or chrooted pkg(8) upgrade
- Document the plist format (in pkg-create(8))
- Pet mandoc -Tlint
- Add manpage for pkg_repos(3)
- Fix dependencies losing portepoch information
- pkg-[r]query: Add %q to display architecture
- Fix pkg add allowing to install package with missing dependencies
- Fix description being stored escaped
Special thanks to mat@ (for bug busting) and cognet@ (tracking down 2 issues
on arm and as a side effect fixing on ia64
With the PKG_PORTSDIR make argument set, Release 1.2.2 will properly build
pkg when PORTSDIR doesn't equal the default /usr/ports, as is the standard
case with DragonFly.
Additionally, pkg(8) and pkg-static(8) man pages are conditionally edited
to remove references to the -j option when libjail isn't found on the
system. This extra-patch should never be used on FreeBSD.
Changes:
- Fix pkg rquery always printing index like lines
- Fix pkg -vv suggestion so it print something actually usable
- Fix shlib's -P and -R options were swapped round.
- Replace broken pkg_repos_count() by pkg_repos_total_count() and pkg_repos_activated_count()
- Fix parsing of options (in manifest)
- pkg add http:// now fetch to a temporary location and cleanup after itself
- Fix generation of the manifest digest
- Properly calculate how many packages where removed
- Fix support for dependencies with the same name (grrrr Fix you port if they have package name collision !!!!)
- Fix pkg info -R in case multiple dependencies has the same name
