Bluetooth support requires bluez-libs present, but they are only required
for the build, and don't seem to be needed to be present on the target.
There isn't any linking required to libbluetooth. It's only the bluetooth.h
header that is required for building BT support into Python.
For testing, this snippet was used from `Lib/test/test_socket.py` (inside
cpython):
```
def _have_socket_bluetooth():
"""Check whether AF_BLUETOOTH sockets are supported on this host."""
try:
# RFCOMM is supported by all platforms with bluetooth support. Windows
# does not support omitting the protocol.
s = socket.socket(socket.AF_BLUETOOTH, socket.SOCK_STREAM, socket.BTPROTO_RFCOMM)
except (AttributeError, OSError):
return False
else:
s.close()
return True
```
Fixes: https://github.com/openwrt/packages/issues/16544
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Without -ldl linker flag .so extensions are not loaded
when glibc is used. Fix it by providing adjusted LDFLAGS
for this case.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Without -ldl linker flag .so extensions are not loaded
when glibc is used. Fix it by providing adjusted LDFLAGS
for this case.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Changed:
- Require Python 3.5 or a later version. Python 2 and 3.4 are no
longer supported
- Raise ValueError if quote_mode isn't one of always, auto or never
in set_key
- When writing a value to a .env file with set_key or dotenv set
<key> <value>
Added:
- The dotenv_path argument of set_key and unset_key now has a type of
Union[str, os.PathLike] instead of just os.PathLike
Signed-off-by: Javier Marcet <javier@marcet.info>
Bugfixes:
- Fix disable_buffering regression
- Bring back support for ssh identity file
- Cleanup remaining python-2 dependencies
- Fix image save example in docs
Miscellaneous:
- Bump urllib3 to 1.26.5
- Bump requests to 2.26.0
Signed-off-by: Javier Marcet <javier@marcet.info>
Refreshed patches.
And apply hack for line-endings in pep517 (from pip).
Hack comment:
# FIXME: [1] get rid of this asap; 'patch' doesn't like Windows endings, and this file is full of them...
# I actually tried this in a number of ways and the only way to fix this is to implement
# a poor-man's dos2unix using sed.
# The issue is with the pip package; it seems that it throws in some Windows line-endings
# and 'patch' won't handle them. So, we do a "dos2unix" and then patch.
# We can get rid of this once this is solved upstream and in pip:
# https://github.com/pypa/pep517/pull/130
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The addressed issue is related to #6893 as its resolution
is actually causing the problem.
When changing the priority of the config file it happens
that after a sysupgrade the previous file is restored
and the new file is added, ending up in a situation
like this:
/etc/php7/15_openssl.ini
/etc/php7/20_openssl.ini
Causing a double extension=openssl.so to be parsed,
which is not appropriate and leads to error message.
The same problem might also occur for mysqli since there
was also a priority change - let's take care about this
at the same time.
The solution is to remove one of the files. Since it is
a configuration file, the user might have adjusted it, so
lets just use the previous version to replace the new
installed version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Changelog:
- Bumped upper bound of the chardet runtime dependency to allow their v4.0 version stream.
From a1158c5389/CHANGES.rst
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
It often happens that we update a package to a new version (e.g. cffi) to a
newer version, but we forget to update the version for cffi in the
`lang/python/host-pip-requirements/cffi.txt` file.
This check adds a minimal check, so that when a build occurs for a Python
package, if there is a mention/listing of this package in
`lang/python/host-pip-requirements/` it will check that the versions match.
This way, when we update a package, we get a build failure and update the
host version as well.
This will omit packages (like Cython) that are not packaged for OpenWrt,
but are host-side dependencies only.
But until we find some mechanism to check for those, we will probably only
notice to update them when another build occurs (at the very least).
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Django 1.11 (host-build) is only needed for Seahub.
And won't ever be needed for anything else (hopefully).
This change moves it to the Seahub folder.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
* update license (changed in 1.2.0)
* removed python3-six dependency (removed in 1.0.0)
* do not install tests
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
I tried to install matplotlib by using pip and it failed with the following output:
2021-08-18T11:52:26,171 Collecting matplotlib
2021-08-18T11:52:26,173 Created temporary directory: /tmp/pip-unpack-wuth2u0e
2021-08-18T11:52:26,565 Using cached matplotlib-3.4.3.tar.gz (37.9 MB)
2021-08-18T11:52:38,659 Added matplotlib from https://files.pythonhosted.org/packages/21/37/ 197e68df384ff694f78d687a49ad39f96c67b8d75718bc61503e1676b617/matplotlib-3.4.3.tar. gz#sha256=fc4f526dfdb31c9bd6b8ca06bf9fab663ca12f3ec9cdf4496fb44bc680140318 to build tracker '/tmp/pip- req-tracker-u30x8pht'
2021-08-18T11:52:38,660 Running setup.py (path:/tmp/pip-install-afiyiers/ matplotlib_8e717e38862f4976a3d6cb1832ba3261/setup.py) egg_info for package matplotlib
2021-08-18T11:52:38,661 Created temporary directory: /tmp/pip-pip-egg-info-kbtiezxq
2021-08-18T11:52:38,662 Running command python setup.py egg_info
2021-08-18T11:52:38,831 Traceback (most recent call last):
2021-08-18T11:52:38,832 File "<string>", line 1, in <module>
2021-08-18T11:52:38,832 File "/usr/lib/python3.9/site-packages/setuptools/__init__.py", line 8, in <module>
2021-08-18T11:52:38,833 ModuleNotFoundError: No module named '_distutils_hack'
More details about it:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968410
Once I applied the patch from the bug tracker, I got further to install
it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Avoid parallel relinking and usage of the host perl binary by wrapping
its usage around flock calls.
Sometimes, two packages will try to relink the static host perl binary
at the same time. Neither of them will have the other's module linked
in, and one of them will unavoidably clobber the other one's binary.
This will lead to errors when a package will not be able to find a
module that was supposed to be installed.
To fix that, an exclusive flock is used when relinking, with a 900
seconds timeout to avoid locking up the build process forever.
This is not enough because the binary may be concurrently used to build
another module package; perl is used in Configure, Compile, and Install
procedures. If timing is right, a package will fail with a "permission
denied" error.
So a shared flock call is added in Configure, Compile, and Install
definitions for host and target, with a shorter, 300 seconds timeout.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Changelog:
PycURL 7.44.0 - 2021-08-08
--------------------------
This release reinstates best effort Python 2 support, adds Python 3.9 and
Python 3.10 alpha support and implements support for several libcurl options.
Official Windows builds are currently not being produced.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
If TOPDIR starts with /usr, then the configure script will use the
staging tree hierarchy instead of using plain /usr/lib. For example, if
TOPDIR=/usr/src/openwrt, then the files will not be available under
$(PKG_INSTALL_DIR)/usr/lib/lua/5.1/, as expected, but under
$(PKG_INSTALL_DIR)/usr/src/openwrt/staging_dir/hostpkg/lib/lua/5.1/.
Set the correct path when calling 'make'. As a bonus, the hardcoded
version number in the Makefile can be dropped.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
When installing a host perl module, the host perl binary in the staging
dir is replaced by using 'cp'. However, if the binary is running in a
parallel job, cp will fail with a text file busy error. Use
$(INSTALL_BIN), which unliks the file first to avoid the error.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
- BACKWARDS COMPATIBILITY:
- Deprecated the distro.linux_distribution() function. Use
distro.id(), distro.version() and distro.name() instead [#296]
- Deprecated Python 2.7, 3.4 and 3.5 support. Further releases will
only support Python 3.6+
- ENHANCEMENTS:
- Added type hints to distro module [#269]
- Added __version__ for checking distro version [#292]
- Added support for arbitrary rootfs via the root_dir parameter
[#247]
- Added the --root-dir option to CLI [#161]
- Added fallback to /usr/lib/os-release when /etc/os-release isn't
available [#262]
- BUG FIXES:
- Fixed subprocess.CalledProcessError when running lsb_release
[#261]
- Ignore /etc/iredmail-release file while parsing distribution
[#268]
- Use a binary file for /dev/null to avoid TextIOWrapper overhead
[#271]
- RELEASE:
- Moved repository from nir0s/distro to python-distro/distro on
GitHub.
Signed-off-by: Javier Marcet <javier@marcet.info>
This package was updated without a hash change.
Fixes: c157522580 ("pyodbc: update to version 4.0.31")
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
July 2021 Security Releases:
Use after free on close http2 on stream canceling (High) (CVE-2021-22930)
Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Also bump Cython version to 0.29.23.
And add support for OpenBLAS.
Currently optional, but will be enabled by default on some architectures
later.
Depends on PR https://github.com/openwrt/packages/pull/15685
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This version prefers charset_normalizer instead of chardet.
chardet is still usable if available.
Dropping patches for idna. Not required anymore.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Includes fix for CVE-2021-34558 (crypto/tls: clients can panic when
provided a certificate of the wrong type for the negotiated parameters).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Python works with GNU DBM and with Berkley DBM.
Berkley DBM has been under Oracle for some time.
And it's not clear how many Python users actually use DBM.
In the packages feed, we have both libdb47 (which is now under Oracle) and
GNU DBM. The GNU DBM has a compatibility layer for Berkley DBM.
There are newer versions than libdb47, but it's probably not worth having
them yet. The libbd47 tarball is ~40+ MB. Odds are newer versions will be
bigger and more bloated.
This change merges the old `python3-gdbm` package into the `python3-dbm`
package, since they are effectively using the same underlying library now,
i.e. gdbm.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
I seem to forget to check/select setuptools and pip (that come bundled with
Python).
This change will do a simple 'ls' on the 2 wheel files, so that the build
fails even if just building Python.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Dropped patches:
0004-Replace-EVP_CIPHER_CTX_cleanup-with-EVP_CIPHER_CTX_r.patch
0005-Switch-get_-Update-APIs-to-get0.patch
Reworked patches:
0001-Add-new-ASN1_STRING_get0_data-API.patch
0006-Add-X509_STORE_CTX_trusted_stack-compatibility-macro.patch
These 2 require that we keep only the CUSTOMIZATIONS stuff for now. Maybe
later we can drop this.
Ran 'make package/python-cryptography/refresh'.
Added patch:
0004-disable-rust.patch
upstream did a sloppy job with the CRYPTOGRAPHY_DONT_BUILD_RUST logic; we
need to patch it, to make sure the setuptools-rust isn't installed.
We may need to carry this patch in our tree for a bit longer than upstream,
because in newer versions, CRYPTOGRAPHY_DONT_BUILD_RUST logic gets removed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
By adding these dependencies, it is much easier for users (both
applications that use Twisted and end users) to have secure
communications by default.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
1.16.1 included fixes for:
* CVE-2021-27918 - encoding/xml: infinite loop when using
xml.NewTokenDecoder with a custom TokenReader
* CVE-2021-27919 - archive/zip: can panic when calling Reader.Open
1.16.4 included fixes for:
* CVE-2021-31525 - net/http: ReadRequest can stack overflow due to
recursion with very large headers
1.16.5 includes fixes for:
* CVE-2021-33195 - net: Lookup functions may return invalid host names
* CVE-2021-33196 - archive/zip: malformed archive may cause panic or
memory exhaustion
* CVE-2021-33197 - net/http/httputil: ReverseProxy forwards Connection
headers if first one is empty
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Python3 comes with a built-in readline module. It wasn't included up until
now; mostly because it wasn't considered.
This change introduces it as a sub-package of the main Python3 package.
readline support is included in Python.
libreadline pulls libncursesw as a package, so python3-ncurses was
updated to pull libncursesw as well.
It should be the same package; mostly done for consistency.
Resolves the issue reported here:
https://forum.openwrt.org/t/python3-repl-missing-readline/90039
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Notable Changes:
Diagnostics channel (experimental module)
UUID support in the crypto module
Experimental support for AbortController and AbortSignal
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Refreshed Python patches.
Updated pip & setuptools version.
For pip, patch '001-pep517-pyc-fix.patch' was reworked.
Also, the current version of the bundled pip (21.1.1) no longer supports
Python2, so the 'py2.py3' suffix gets replaced with just py3.
For setuptools, there is no longer a script/module:
https://github.com/pypa/setuptools/pull/2544
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Related to discussion:
https://github.com/openwrt/packages/pull/14060
Every once in a while a version bump will occur that requires an ABI
change. Example: Python 3.8 to 3.9. When this happens some Python packages
would need to be rebuilt. In setups where everything gets rebuilt, this
isn't a problem.
It's usually a bigger problem when needing to upgrade something via
opkg.
To accommodate for this, we add a libpython with it's own ABI_VERSION
flag. If this ABI_VERSION changes, then this should propagate forward.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes: https://github.com/openwrt/packages/issues/15370
This is inspired from:
330bc94dcc/lang/python-greenlet/Makefile
The `PKG_USE_MIPS16:=0` is not taken into consideration when building
Python modules. That's because the sysconfig is used.
This is only an issue with greenlet (on MIPS) so far.
One option is to do `PKG_USE_MIPS16:=0` in the core Python package.
But, since we know that the `wlanslovenija` group has successfully used
greenlet on MIPS with this construct, we might as well adopt it until GCC10
becomes the main compiler.
As noted here:
https://github.com/openwrt/packages/issues/15370#issuecomment-817015484
GCC10 doesn't have this problem.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes two CVEs:
CVE-2021-28965: XML round-trip vulnerability in REXML
CVE-2021-28966: Path traversal in Tempfile on Windows
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Faster to compile.
Add license information.
Several cleanups for consistency between packages.
Small patch fix now that uClibc-ng is gone.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Swith to building with CMake to avoid huge patching of the stock
Makefile.
Reorganize Makefile for consistency between packages.
Add patch to fix deprecated OpenSSL functions.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
faster to compile.
A small selection of packages was tested going from:
Executed in 696.30 secs fish external
usr time 82.98 mins 395.00 micros 82.98 mins
sys time 9.02 mins 0.00 micros 9.02 mins
to:
Executed in 592.20 secs fish external
usr time 84.84 mins 361.00 micros 84.84 mins
sys time 8.85 mins 57.00 micros 8.85 mins
Tested by running make -j 12 and wiping staging/build_dir/target_x
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Use AUTORELEASE for simplicity
Switch to compilation with ninja as it's faster.
Use the proper install paths to install ev.so
Use codeload for simplicity.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Bugfixes:
- Remove LD_LIBRARY_PATH and SSL_CERT_FILE environment variables when
shelling out to the ssh client.
Signed-off-by: Javier Marcet <javier@marcet.info>
Add --with-imagick=$(STAGING_DIR)/usr so that configure picks
MagickWand-config from there, before it finds an eventual host-installed
version.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
When building with QUILT, unlike the regular build, Build/Prepare does
not apply the patches. So when buildconf is called with QUILT on, at
the end of Build/Prepare, it will not have the patched sources, and
build will fail.
To fix the problem, run buildconf in Build/Prepare only when QUILT is
off, and do it in Build/Configure otherwise.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Commit d741a64b7 ("lang/php7: Don't run phpize7 with QUILT") changed
pecl.mk to not run phpize7 during Package/prepare if QUILT is set. The
intention was to allow prepare, refresh and update targets to run
without building dependencies.
As a side-effect, Package/configure and Package/compile fail when QUILT
is defined because they can't find ./configure or a Makefile. It also
impacts the github tests run with pull requests, because QUILT is
defined there.
To avoid that failure and still keep the prepare, refresh, and update
speedup, call phpize7 before Package/Configure if QUILT is defined.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Update to v14.16.0
February 2021 Security Releases
- HTTP2 'unknownProtocol' cause Denial of Service by resource exhaustion (Critical) (CVE-2021-22883)
- DNS rebinding in --inspect (CVE-2021-22884)
- OpenSSL - Integer overflow in CipherUpdate (CVE-2021-23840)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Psycopg is the most popular PostgreSQL adapter for the Python programming language
It's used by the python-sqlalchemy for postgresql
This package was removed by this commit for lacking python3 support:
c37b15e1c4
Version 2.8.6 used in this package now supports pyhton3
Signed-off-by: Daniel Danzberger <daniel@dd-wrt.com>
Includes fixes for:
* CVE-2021-3177 - ctypes: Buffer overflow in PyCArg_repr
* CVE-2021-23336 - urllib parse_qsl(): Web cache poisoning - semicolon
as a query args separator
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The crude loop I wrote to come up with this changeset:
find -L package/feeds/packages/ -name patches | \
sed 's/patches$/refresh/' | sort | xargs make
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Add the necessary new package to build the latest version of adguardhome.
See this thread : https://github.com/openwrt/packages/pull/14717
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Made the necessary changes to build the latest version of adguardhome.
See this thread : https://github.com/openwrt/packages/pull/14717
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
The Python version of python-config is installed when building on macOS,
rather than the shell script version when building on Linux. When run on
macOS, the Python version of python-config will return values with
Mac-specific customizations.
This patches the python-config install recipe so that which version is
installed can be controlled by the package makefile. When building on
macOS, this installs the Python version for host Python and the shell
script version for target Python.
This also updates Host/Compile and Host/Install to use the default host
build recipes, so that the various HOST_* variables are taken into
account automatically.
Fixes https://github.com/openwrt/packages/issues/14652
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
quilt cannot handle two patches in one file. It ends up merging them
and removing the description from the second. To avoid this, split into
two.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Added a check for macOS 11 and newer to resolve a compile error:
*** Unexpected product version 11.2.
Added Internals::getcwd.
Fallback to the built-in getcwd to resolve compile errors on macOS:
Can't locate Errno.pm in @INC
/miniperl not found
Signed-off-by: Georgi Valkov <gvalkov@abv.bg>
Allows targets such as prepare, refresh, or update to be run without
building dependencies for easier patch maintenance.
This is d741a64b7 applied to php8.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
The build process uses a minilua helper for code generation
which must not be compiled with target cross-compiler but
the host compiler.
This error was spotted by buildbots:
ext/opcache/minilua /builder/shared-workdir/build/sdk/build_dir/
target-x86_64_musl/php-8.0.1/ext/opcache/jit/dynasm/dynasm.lua
-D X64=1 -o ext/opcache/jit/zend_jit_x86.c /builder/shared-workdir
/build/sdk/build_dir/target-x86_64_musl/php-8.0.1/ext/opcache/jit/zend_jit_x86.dasc
/bin/bash: ext/opcache/minilua: No such file or directory
Makefile:406: recipe for target 'ext/opcache/jit/zend_jit_x86.c' failed
make[4]: *** [ext/opcache/jit/zend_jit_x86.c] Error 127
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Allows targets such as prepare, refresh, or update to be run without
building dependencies for easier patch maintenance.
Signed-off-by: Ilya Lipnitskiy <ilya.lipnitskiy@gmail.com>
This includes fixes for:
* CVE-2021-3114: crypto/elliptic: incorrect operations on the P-224
curve
* CVE-2021-3115: cmd/go: packages using cgo can cause arbitrary code
execution on Windows
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This properly disables compilation on ARC, where perl is not supported.
Also matches dependencies with other perl packages.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
No package version bump as no change to built package. URL now points
to current useful webpage, and description is based on current release.
Signed-off-by: Karl Palsson <karlp@tweak.net.au>
This became a requirement in libwww-perl 6.17.
Note that there are two other missing "soft" dependencies, Authen::Ntlm
as used by LWP::Authen::Ntlm, and Data::Dump as used by
LWP::Debug::TraceHTTP, that are not required for basic functionality.
Signed-off-by: Matt Merhar <mattmerhar@protonmail.com>
Add spamc and spamc-ssl SpamAssassin client packages.
Also package SpamAssassin Perl backend, but that still lacks many
features due to Perl packages missing in OpenWrt.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Disable native code for now as it fails due to the package's
build-system not considering STAGING_DIR.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
Regenerated patches from:
https://github.com/pyca/cryptography/pull/4920
The patch names were kept as generated via 'git format-patch 3.3.1..'
And ran through quilt.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Because of e52d0487e88c3c8c57e1310d1a02b18eae0d142e , these flags no
longer get passed. Add them back to fix compilation.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
This release contains intentional incompatibility. Deprecation warnings are
off by default on 2.7.2 and later. You can turn on deprecation warnings by
specifying the -w or -W:deprecated option at the command-line. Please check
the topics below for details.
* Feature #17000 2.7.2 turns off deprecation warnings by default
* Feature #16345 Don’t emit deprecation warnings by default.
This release contains the new version of webrick with a security fix described in the article.
* CVE-2020-25613: Potential HTTP Request Smuggling Vulnerability in WEBrick
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
This includes security fixes for:
* CVE-2020-28362: panic during recursive division of very large numbers
* CVE-2020-28366: arbitrary code can be injected into cgo generated
files
* CVE-2020-28367: improper validation of cgo flags can lead to remote
code execution at build time
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
libudev-zero as well as libudev-fbsd have PROVIDES:=libudev . These
packages have nothing specific that requires one or the other.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
this is a webserver and not a python library, so it makes
sense to have it in the same category other webservers
also are placed in the menuconfig interface
Signed-off-by: Alberto Bursi <bobafetthotmail@gmail.com>
Refreshed patches.
Dropped 'patches-setuptools/004-site-patch.patch'
Does not apply anymore. Setuptools has removed site.py support:
https://github.com/pypa/setuptools/issues/2165
If this is still needed, we may need to re-think it's implementation.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This changes the default build cache directory from $(TOPDIR)/.go-build
to $(TMP_DIR)/go-build, so that the cache directory is ignored by git
and is removed by "make dirclean".
This does not move/remove a build cache directory in the previous
location; it will need to be removed manually.
Fixes https://github.com/openwrt/packages/issues/13675.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This also adds GO_PKG_INSTALL_BIN_PATH which determines the path where
binaries are installed by GoPackage/Package/Install/Bin (this was
previously hard-coded to /usr/bin).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
In Go 1.15, the linker now defaults to internal linking mode for
-buildmode=pie on amd64 and arm64[1], however this results in go tool
binaries with the wrong dynamic linker/interpreter.
External linking is still used when PIE is enabled for other platforms,
whereas internal linking is used when PIE is not enabled.
This changes target Go to always use external linking, to fix PIE
binaries for amd64/arm64 and for consistency.
[1]: https://golang.org/doc/go1.15#linker
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Reuse GO_PKG_ENABLE_PIE from golang-package.mk
* Replace $(if ...) with $(or ...) to get default values
* Refactor vars common to each compile stage into variable
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This also adds a config option GOLANG_BUILD_CACHE_DIR to customize the
location of the build cache directory.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This also adds a config option GOLANG_MOD_CACHE_WORLD_READABLE; if
enabled, chmod is run after a Go package build to make all
files/directories in the module cache world-readable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Developers of click decided to change their tarball, so it does no
longer contains capital C and because of that, we can throw
PYPI_SOURCE_NAME.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
1.15.1 includes a fix for CVE-2020-24553:
net/http/cgi,net/http/fcgi: Cross-Site Scripting (XSS) when Content-Type
is not specified
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Vulnerabilities fixed:
* CVE-2020-8201: HTTP Request Smuggling due to CR-to-Hyphen conversion (High).
* CVE-2020-8252: fs.realpath.native on may cause buffer overflow (Medium).
Imported patches from the debian package.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[strip C library after adding it to openwrt repository]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
[strip C library after adding it to openwrt repository]]
Signed-off-by: W. Michael Petullo <mike@flyn.org>
PycURL changeLog:
Version 7.43.0.6 - 2020-09-02
-----------------------------------------------------------------
This release improves SSL backend detection on various systems, adds support for libcurl’s multiple SSL backend functionality and adds support for several libcurl options.
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
Compile tested: x86_64
OpenWrt added pcre/host recently. When it is available (installed)
erlang finds staging_dir/hostpkg/include/pcre.h before it finds its own
copy and the build fails.
CC obj/x86_64-pc-linux-gnu/opt/smp/erl_bif_chksum.o
CC obj/x86_64-pc-linux-gnu/opt/smp/erl_bif_re.o
beam/erl_bif_re.c: In function 'erts_init_bif_re':
beam/erl_bif_re.c:96:5: error: 'erts_pcre_malloc' undeclared (first use in this function)
erts_pcre_malloc = &erts_erts_pcre_malloc;
^~~~~~~~~~~~~~~~
beam/erl_bif_re.c:96:5: note: each undeclared identifier is reported only once for each function it appears in
beam/erl_bif_re.c:97:5: error: 'erts_pcre_free' undeclared (first use in this function)
erts_pcre_free = &erts_erts_pcre_free;
^~~~~~~~~~~~~~
This adds a patch from Romain Naour and Bernd Kuhls to prevent that.
Patch snatched from buildroot [1].
[1] https://github.com/buildroot/buildroot/blob/master/package/erlang/0002-erts-emulator-reorder-inclued-headers-paths.patch
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>
This also removes PKG_BUILD_PARALLEL:=0 that was added for packages that
use HOST_PYTHON3_PACKAGE_BUILD_DEPENDS.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
In hash-checking mode[1], pip will verify downloaded package archives
(source tarballs in our case) against known SHA256 hashes before
installing the packages.
As a consequence, this requires the use of requirements files[2] and
pinning packages to known versions.
The syntax for package Makefiles has changed slightly;
HOST_PYTHON3_PACKAGE_BUILD_DEPENDS no longer accepts requirement
specifiers like "foo>=1.0", only requirements file names (which are the
same as package names in the most common case).
This also updates affected packages, in particular:
* python-zipp: "setuptools_scm[toml]" has been split into
"setuptools-scm toml" to reuse the requirements file for
setuptools-scm (the extra depends installed by "setuptools_scm[toml]"
is toml).
* python-pycparser: This previously used ply 3.10, whereas the
requirements file will now install 3.11.
[1]: https://pip.pypa.io/en/stable/reference/pip_install/#hash-checking-mode
[2]: https://pip.pypa.io/en/stable/user_guide/#requirements-files
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds a config option PYTHON3_HOST_PIP_CACHE_WORLD_READABLE; if
enabled, chmod will be run after pip install to make all
files/directories in the host pip cache world-readable.
Supersedes https://github.com/openwrt/packages/pull/13012.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This includes a fix for CVE-2020-16845 (encoding/binary: ReadUvarint and
ReadVarint can read an unlimited number of bytes from invalid inputs).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Fixes https://github.com/openwrt/packages/issues/13016
Patch [1] broke compilation for python-pynacl.
The fix is to patch PyNaCl to consider that
PYNACL_HAS_CRYPTO_SCALARMULT_ED25519 is always available.
[1] 3ef28a4ab0
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
upgrade npm to 6.14.6
update openssl to 1.1.1g
Vulnerabilities fixed:
* CVE-2020-8172: TLS session reuse can lead to host certificate verification bypass (High).
* CVE-2020-11080: HTTP/2 Large Settings Frame DoS (Low).
* CVE-2020-8174: napi_get_value_string_*() allows various kinds of memory corruption (High).
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Also:
* Remove patches that are included in the update
* Replace the python3 dependency with a smaller list (python3-urllib is
needed because it is a dependency of python3-email)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This version includes fixes for:
* CVE-2020-15801 - Fixes python3x._pth being ignored on Windows
* CVE-2019-20907 - Avoid infinite loop when reading specially crafted
TAR files using the tarfile module
This also:
* Remove patches that are included in the update
* Add a dependency in python3-distutils for python3-email[1]
[1]: https://github.com/python/cpython/blob/v3.8.5/Lib/distutils/dist.py#L10
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This version includes fixes for:
* CVE-2020-14422: Hash collisions in IPv4Interface and IPv6Interface
* CVE-2020-15523: Python uses invalid DLL path after calling Py_SetPath
on Windows
This version also includes support for OpenSSL 1.1.x builds that use
'no-deprecated' and '--api=1.1.0'[1], and so this removes the previous
OpenSSL-related patches.
This also backports fixes for security issues, including:
* CVE-2019-20907: Infinite loop in the tarfile module
This also updates the setuptools and pip packages to 47.1.0 and 20.1.1,
respectively.
[1]: https://github.com/python/cpython/pull/20566
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds a new Makefile variable, GO_PKG_TAGS, for Go packages. When
set, the value is passed as the parameter of the -tags option for 'go
install'.
This also updates syncthing to use this variable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This reverts commit 33525fa8d5.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
[add me as co-maintainer, bump PKG_RELEASE, Makefile polishing]
Log:
pkg_resources.DistributionNotFound: The 'ciso8601==2.1.3' distribution was not found and is required by homeassistant
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This lets the Python build process set _PYTHON_HOST_PLATFORM instead of
forcing an explicit value.
Also:
* Save the target _PYTHON_HOST_PLATFORM value during Build/InstallDev
for use when building target Python packages (in python3-package.mk).
* Use the (mostly) default PYTHON_FOR_BUILD value, instead patch
configure to remove the platform triplet from the sysconfigdata file
name.
* Remove the "CROSS_COMPILE=yes" make variable (there is no indication
that this variable is necessary).
* Force host pip to build packages from source instead of downloading
binary wheels.
Previously, host pip can download universal (platform-independent)
wheels but not platform-specific wheels, because of the custom
_PYTHON_HOST_PLATFORM value. (Packages that do not have universal
wheels would be compiled from source.)
With a correct _PYTHON_HOST_PLATFORM, host pip can install
platform-specific wheels as well. However, the pre-built shared object
(.so) files in these wheels will have the host's platform triplet in
their file names. When target Python packages are built (using the
target's _PYTHON_HOST_PLATFORM), Python will not use these shared
object files.
By forcing host pip to build packages from source, the built shared
object files will not have the platform triplet in their file names.
(Host Python has been patched to remove the platform triplet from file
names.) This allows these packages to be used when building target
Python packages.
(The net effect of this complete change is that platform-dependent
packages will continue to be compiled from source, while
platform-independent packages will now also be compiled from source.)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The main user for this package was Seafile.
In the meantime, Seafile switch to PyMySQL.
https://pypi.org/project/PyMySQL/
PyMySQL seems to be a replacement for python-mysqlclient, and while it may
not be fully compatible with the MySQL API, it may be that those APIs
wouldn't be used.
This change drops this package.
If there is enough usage/reason to bring it back, we can.
For python-mysqlclient, the tag-line/description is:
```
This is a fork of MySQLdb1.
This project adds Python 3 support and bug fixes. I hope this fork is
merged back to MySQLdb1 like distribute was merged back to setuptools.
```
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Bump host Cython version as well.
Add note near PKG_VERSION to remember to periodically update it.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This adds PKG_BUILD_PARALLEL:=0 to packages that depend on host Python
packages (HOST_PYTHON3_PACKAGE_BUILD_DEPENDS), because installing
packages with multiple concurrent pip processes can lead to errors or
unexpected results[1].
This also:
* Move HOST_PYTHON3_PACKAGE_BUILD_DEPENDS definitions to before
python3-package.mk is included
* Update Python folder readme to include PKG_BUILD_PARALLEL:=0
[1]: https://github.com/pypa/pip/issues/2361
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This evaluates the arguments passed to "go install" during Build/Compile
rather than when golang-package.mk is included.
This also changes build directory-related variables to be recursively
expanded, because PKG_BUILD_DIR depends on BUILD_VARIANT and so can
change during different runs of Build/Compile.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Essentially, this is a re-spin from
https://github.com/openwrt/packages/pull/9797/
But a really trimmed down version.
Only the Py3 variant is added now, which makes the Makefile really small
now.
Cython is needed on the host, to cythonize some files.
The package needs targets with hard-float enabled. This is because on some
soft-float targets floating-point exception constants aren't defined.
We can define some dummy values, but that ends up being a bit too much
work.
So, for that, the package depends on HAS_FPU or KERNEL_MIPS_FPU_EMULATOR.
This way, numpy should be buildable on hard-float, or for MIPS on the FPU
emulator being compiled in.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This also removes a link to pypi.org; the previous sentence already
links to pypi.org, a second link in the same paragraph isn't necessary.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The perl Configure file was matching GCC 10 against "1*" and treating it
as GCC 1, causing ABI breakage and segfaults.
Cherry-pick the upstream patch which fixes it to check against (e.g)
"1.*" instead, which will make it work for hundreds more GCC versions
to come.
https://github.com/Perl/perl5/commit/6bd6308fcea3541
"Adapt Configure to GCC version 10"
Also includes the previous commit just adding GCC 8 and 9 to one case:
https://github.com/Perl/perl5/commit/ae195500577d707
"Add gcc-8 and gcc-9 for FORTIFY_SOURCE"
Signed-off-by: Ken Wong <xinxijishuwyq@gmail.com>
The pycrypto package is not maintained; the last stable release was in
2013.
This also updates python3-cryptodome, from conflicting with
python3-crypto, to providing python3-crypto.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This took a while to get running.
It turns out, the fix is mostly in libxslt.
lxml uses the xsltGetProfileInformation() function, which is disabled from
libxslt via --without-profiler.
This causes a runtime error, since it cannot find the symbol.
So, libxslt is also updated to re-enable the profiler.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Previously, binaries installed by Python packages will have a
non-suffixed Python 2 version and a suffixed Python 3 version, e.g. pip
and pip3. With the removal of Python 2, the non-suffixed names are no
longer taken.
This adds symlinks for the non-suffixed names linking to the suffixed
scripts (or in the case of pip, easy_install, and python-config, to the
fully-versioned scripts).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
When a Python package is installed from source (i.e. using setup.py)
into a custom location (with --home), setuptools may want to create a
site.py file in the custom location. This file is created based on the
source code of site-patch.py, a file bundled with setuptools.
Because the normal OpenWrt setuptools package does not contain Python
source code, this file is missing and the installation will end with an
error.
This copies site-patch.py to site-patch.py.txt so that it will be
included in python3-setuptools, and patches setuptools to look for this
file.
See https://github.com/openwrt/packages/issues/12223
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This is not the newest version but the last version compatible with
Django 1.11.
This also updates the jsonfield dependency to jsonfield2.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This package mainly serves to support django-post-office 3.3.0, as that
version switched its dependency from jsonfield to jsonfield2 (a fork of
jsonfield).
The version packaged in this package (3.0.3) is the last version that
supports Django 1.11.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The ssl module assumes OpenSSL can load the default trust anchors (root
CA certificates).
From https://github.com/openwrt/packages/issues/12209
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds the --enable-optimizations configure option (for
profile-guided optimization) for both host and target Python, and the
--with-lto configure option (for link-time optimization) for target
Python (for non-MIPS platforms).
Currently, compiling Python with LTO leads to link errors on mips and
mipsel. (Compiling with LTO appears to succeed on mips64 but there is
only one mips64 target available for convenient testing.)
This also cleans up the host and target configure options:
* Sort options/variables
- Alphabetically
- Flags/options before child-process environment variables
- Group options by type (enable/disable/with/without)
- Static options/variables before conditional ones
* Remove the prefix/dir options, as they are the same as the defaults
set by the build system
* Remove --with-threads, as it is no longer a valid option (threads are
always enabled)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds a script that searches a Python package's source code to find
imports for separately-packaged standard library modules.
The script can be run by calling make with the configure target and
"PY3=stdlib V=s" arguments, e.g.
make package/python3-lxml/configure PY3=stdlib V=s
This also updates the readme on how to call this script, as well as more
information on Python package dependencies in general.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Because the first stage for building target Go is actually a host build,
the default platform options (GO386, GOARM, etc.) are detected from the
host. These values are written to a source file and kept when building
the second stage.
This modifies this source file to set the appropriate values for the
target platform, and reset values for other platforms to their
cross-compiling / most compatible defaults.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The moves the setting of arguments for "go install" out of the shell
script in GoPackage/Build/Compile and into make.
This also adds the -buildid link flag for reproducible builds.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The variable is a list of shell variables; the new name is more in-line
with other parts the build system (CONFIGURE_VARS, MAKE_VARS, etc.).
GoPackage/Environment is kept (for now) in case other feeds are using
it.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Since RSTRIP is defined in rules.mk as a recursively expanded variable,
there is no need to define it again after setting STRIP in
golang-package.mk.
This also adds a note to the comment for GO_PKG_LDFLAGS to say that -s
and -w flags are not necessary.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The default bootstrap Go (Go 1.4) can only be compiled on a limited
number of platforms compared to newer versions of Go.
This adds a config option to use an external bootstrap Go, e.g.
installed through the build system's package manager or downloaded from
golang.org.
See: https://github.com/openwrt/packages/issues/11731
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Java support is no longer feasible in openwrt. It's outdated, and can't
be usd without classpath, which has been removed.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
This changes the package to download from PyPI (using pypi.mk) and
removes the incorrect PKG_CPE_ID.
The CPE id was for Debian's python-dns package which contains PyDNS
("pydns" on PyPI). This package contains "dnspython" from PyPI.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Host build was added in 2972cc98e ("Add host build") because classpath
required a host java vm. Now that classpath is gone, host build can be
removed as well.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
perl fails to compile on x86_64 with glibc and stack smashing
protection enabled due to libssp not being specified in the
ldflags.
Signed-off-by: Ian Cooper <iancooper@hotmail.com>
Python will record the values of CC, CXX, AR, and READELF (and other
configure options) used during compilation. pip will use these programs
when asked to compile extension modules on the target device.
* If ccache is used during build, CC and CXX will be ccache_cc and
ccache_cxx, respectively, which are not available on-device (#11912).
* If an external toolchain is used during build, the values of these
variables will contain the external toolchain prefix, which may not be
available on target.
* If the normal toolchain is used during build, AR and READELF will
contain the toolchain prefix, but the names of ar and readelf
on-device do not contain the prefix; they are named "ar" and
"readelf".
This changes the values of these variables in Python's files to match
the names available on-device, and without any toolchain prefix.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This also updates all package metadata (it appears this information was
not updated when the package switched from packaging "gnupg" from PyPI
to "python-gnupg"), updates the package to use the default Python
package build recipe, and adds a src package.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
python-django1-common was added to allow both Python 2 and 3 versions of
Django 1.11 to be installed at the same time. With the removal of Python
2, this package is no longer necessary.
This removes this common package and updates the CONFLICTS value for the
django package.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The previous maintainer has removed himself from his other packages
(#11612). This package appears to have been omitted by mistake.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This removes:
* Python 3 variants (VARIANT:=python3)
* "for Python3" from package titles
* Package selection condition from package dependencies, e.g.
+PACKAGE_python3-six:python3-light replaced with +python3-light
* "Default" package information sections, e.g.
Package/python-six/Default removed and package details merged into
Package/python3-six
* "(Variant for Python3)" from package descriptions
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The DBIP geolocation database is generated from sparse data without
compaction. Two different ISP's in the same country might have
adjacent CIDR blocks, and when aggregated as "country" data, may
be merged to conserve space. This package facilitates this.
There are scripts to download and preprocess the GeoIP database
for iptables-mod-geoip which require this Perl module.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
PYTHON_VERSION is a holdover from Python 2; all Python 3 variables are
prefixed with PYTHON3 (or some variation with "3").
This updates all uses of PYTHON_VERSION to PYTHON3_VERSION.
This also sets PYTHON3_PKG_BUILD:=0 before python3-package.mk is
included in the python3 Makefile.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This replaces the use of BUILD_VARIANT with PYTHON3_PKG_BUILD to opt
in/out of the default Python package build recipe (Py3Build/Compile).
PYTHON3_PKG_BUILD defaults to true (1), i.e. if a package includes
python3-package.mk, then by default it will set the package's
Build/Compile to Py3Build/Compile.
If PYTHON3_PKG_BUILD is set to 0 before python3-package.mk is included,
then Build/Compile will not be modified.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
There are no bug reports or other evidence to suggest Python is not
compatible with MIPS16 compilation.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Remove PYTHON3_BIN_DIR, it isn't used anywhere in the repo
* Rephrase *-src package description
* Reduce Py3Package/$(1)/install indentation
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This extracts filespec export and processing into
Py3Package/ProcessFilespec.
This also allows the filespec variable to be explicitly set to an empty
value, to bypass filespec processing. (The default filespec is also
available as Py3Package/filespec/Default to be explicitly assigned to
the filespec variable.)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This moves functionality from python-package-install.sh into
python3-package.mk, so that they can be reused separate from filespec
processing.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Group Python3/* recipes together, group Py3Package and Py3Build
together.
This also adds headings and whitespace to separate major sections.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This renames "internal" recipes to use the Python3/ prefix and clarifies
the names (RunTarget to Run, Mod to ModSetup, Shebang to FixShebang).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This changes the recipe name prefix from Build/Compile/HostPy3 to
HostPython3, and clarifies some of the names (RunHost to Run, Mod to
ModSetup).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
HostPython3 only adds a few environment variables before running host
Python. It has only two users, Build/Compile/HostPy3RunHost and
Build/Compile/HostPy3RunTarget.
HostPython3 also accesses $(PYTHON3PATH), even though python3-host.mk
does not include python3-package.mk, where the variable is defined.
This removes HostPython3 and has its two users run host Python directly.
This also combines the environment variables of HostPython3 and the two
users into HOST_PYTHON3_VARS and PYTHON3_VARS.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Since it only defines variables and canned recipes, it is safe to
include python3-host.mk more than once.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This was needed for Seafile up to a certain version. Since it's not
required anymore by any other package/known-user, remove it.
Should be installable via pip or manually.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This adds a 'Package/<pkg>-src/config' definition with a 'depends on
<pkg>' line, which will hide <pkg>-src unless <pkg> is selected. This
makes the long list of python packages a bit shorter, and also indents
the src package:
<M> python3-base................................ Python 3.8 interpreter
< > python3-base-src................. Python 3.8 interpreter (sources)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Time to make it more official.
Running 'python' should get you an interpreter running, and that one is now
Python3.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Was mostly required for Seafile.
Now it isn't.
It's also pretty ancient.
https://www.saddi.com/software/flup/
Page was last updated in 2005.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This change bumps gunicorn to version 20.0.4.
It also installs the binary for gunicorn without any suffix, via symlink.
And remove gunicorn_paster; that was removed from the package and moved
into the gunicorn library.
Also, now we need to use the full python3-setuptools package for the
gunicorn executable, as it won't start without it.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This fixes a typo with the default PYTHON3_PKG_SETUP_GLOBAL_ARGS.
Since in make context non-defined variables are empty anyway, this doesn't
produce any issues. The fix is more semantic in nature.
Fixes https://github.com/openwrt/packages/issues/11790
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Since cffi is installed by HOST_PYTHON3_PACKAGE_BUILD_DEPENDS, it
shouldn't be necessary to clear setup_requirements anymore.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Currently, python3-pip installs the same script as pip3 and pip3.8 to
usr/bin. This changes pip3 to be a symlink to pip3.8.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Replace the Python 2 pending removal notice/schedule with a brief
message about the removal
* Replace mentions of "Python & Python 3" with just "Python" (references
to the version number are kept only in cases where it is necessary)
* Update Makefile example code to use Python 3 conventions/names
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
These are either libraries that backport Python 3 features for Python 2
programs, or libraries that have not had Python 3 variants added to them
by anyone.
These packages will be added to the abandoned packages feed.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Life changes, I'm no longer avaiable to be an sufficiently active
OpenWrt developer. Therefore removing myself from maintainer from
all packages I maintained in OpenWrt.
All the best for those who keep up the good work!
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
Previously, this packaged "django-jsonfield" on PyPI.
The only (in-tree) package that depends on this package is
django-postoffice.
django-post-office actually depends on "jsonfield" on PyPI.[1][2]
This changes the packaged project from "django-jsonfield" to
"jsonfield".
The version packaged here is not the latest available update, but the
last version compatible with Django 1.11 / Python 2.
[1]: https://github.com/ui/django-post_office/blob/v3.2.1/setup.py#L45
[2]: https://github.com/ui/django-post_office/issues/182
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This patches Django to load byte-compiled (.pyc) db migration scripts,
since Python scripts are often distributed in byte-compiled form in
OpenWrt packages.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* The Makefile creates two packages:
- chicken-scheme-interpreter, same that was created
with the previous version of the Makefile (except
that this one includs Chicken 5.2.0);
- chicken-scheme-full, which includes the compiler,
debugger, profiler, and module manager.
The -full package has some peculiarities:
It is somewhat large, although that is not really
an issue, since it depends on gcc, which already needs
more than 100Mb space.
The binaries are not stripped, because stripped binaries
seem to break the compiler (generated objects are not
properly linked). Since the package is large and depends
on an even larger one, this shouldn't be a problem.
Signed-off-by: Jeronimo Pellegrini <j_p@aleph0.info>
Add some new APIs
V8 was updated to 7.8.279.23. This includes performance improvements to object
destructuring, RegExp match failures and WebAssembly startup time.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This adds a Python 3 version of the django1 package.
This also adds a python-django1-common package that contains a
django-admin script based on the one in Debian[1]. This allows
python-django1 and python3-django1 to be installed at the same time.
python3-django conflicts with python-django1 (via python-django1-common)
and python3-django1.
This also updates older Python 3 Django plugin packages to depend on
python3-django1, and newer plugin packages to depend on "django", which
both python3-django and python3-django1 provide.
Because of this dependency on either version of Django, the MDEPENDS for
Python 3 Django plugin packages no longer functions correctly and has
been removed.
[1]: https://salsa.debian.org/python-team/modules/python-django/blob/debian/buster/debian/django-admin
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Move more environment variables into GoPackage/Environment
* Split GoPackage/Environment into target and build sections
* Do not set GOROOT_FINAL for Go packages (setting it should only affect
the Go compiler and not Go packages)
* Set CGO_LDFLAGS to $(TARGET_LDFLAGS)
* Move GO_TARGET_* variables from golang-values.mk, and GO_VERSION_*
variables from golang-version.mk, into golang/Makefile
This also updates runc, containerd, and docker-ce to reflect the changes
in GoPackage/Environment.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Set GOENV=off when building Go compiler and packages, to ignore user's
environment configuration file
* Set GOCACHE when building host Go
* Unset GOTMPDIR, to use the buildroot temp directory instead of temp
directories in build_dir
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The host utility is used to build other lua modules for the target.
For that, the site config needs to specify the correct arch/system type.
Use target dependent build/staging dirs to avoid issue when switching
between targets
Signed-off-by: Felix Fietkau <nbd@nbd.name>
Split python2 and python3 packages and update to newest versions:
* python-django-restframework version 3.9.4 using django1
* python3-django-restframework version 3.11.0 using django3
This fixes the issue that the restframework cannot import name
'python_2_unicode_compatible' from 'django.utils.encoding', when
using version 3.9.x together with Django 3.y.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
* Replace $(PKG_NAME) with package name in call, define, and eval lines
* Remove extra "define" in $(call define Package/.../description)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Python Interface for libmodbus written with CFFI.
This libmodbus wrapper is compatible with Python 2 and Python 3.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
This backports patches from bpo-34585[1] to fix byte order detection of
floats.
Fixing byte order detection allows the repr() of floats to be shorter (a
feature backported to Python 2.7 from Python 3.1[2]).
sys.float_repr_style should be 'short' instead of 'legacy' on supported
platforms.
See #11134.
[1]: https://bugs.python.org/issue34585
[2]: https://docs.python.org/2.7/whatsnew/2.7.html#python-3-1-features
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
According to the installation guide [1], the support for "sha256_password"
or "caching_sha2_password" for authentication is optional.
This change makes it optional for the OpenWrt package by providing a build
option to enable it.
By default it won't be enabled, and packages can choose to enable it.
[1] https://pymysql.readthedocs.io/en/latest/user/installation.html
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
+ WolfSSL support from upstream => remove 0001-Add-locking-support-to-wolfSSL.patch
PycURL changeLog:
Version 7.43.0.4 - 2020-01-15
-----------------------------------------------------------------
- Minimum supported Python 3 version is now 3.5.
- Python 2 is no longer officially supported.
- Improved thread safety of multi code.
- Added Python 3.8 support (patch by Michael Treanor).
- Fixed link order when linking statically against OpenSSL (patch by Ashley Whetter).
- Fixed Darwin detection.
- Added support for wolfSSL (patch by Eneas U de Queiroz).
- Added PROXY_SSL_VERIFYHOST (patch by Amir Rossert).
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
Compile tested: mipsel_24kc
When during the build the openssl extension is also selected, then
the mysqlnd extension depends on it, too.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
JavaScript obfuscator is a powerful free obfuscator for JavaScript with a wide number of features which provides protection for your source code.
Signed-off-by: Zbyněk Kocur <zbynek.kocur@fel.cvut.cz>
The ASLR PIE option was changed to a tristate option
(openwrt/openwrt@19cbac7d26). This updates
the Go compiler package and golang-package.mk to account for this
change.
This also adds warning messages for when the user has selected PIE but
Go does not have PIE support for the chosen target.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds support to compile position-independent executables for
packages that use golang-package.mk.
Go packages will have PIE enabled if:
* Go supports PIE on the target platform;
* CONFIG_PKG_ASLR_PIE is selected; and
* PKG_ASLR_PIE (for the package) is not set to 0
Go 1.13 supports PIE for x86 and arm targets; mips support is in
progress[1].
[1]: https://github.com/golang/go/issues/21222#issuecomment-542064462
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.
Fixes#10967.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This change adds support for the pymysql package, which is a pure Python
MySQL client. This package will replace the current python-mysqlclient.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The php7-mod-gd package requires that freetype support exist in libgd. The
libgd-full package provides this, whereas the libgd package does only
if explicitly configured.
Ref: https://github.com/openwrt/packages/issues/10944
Signed-off-by: W. Michael Petullo <mike@flyn.org>
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This adds support to compile host and target Go as position-independent
executables.
Host Go will have PIE enabled if Go supports PIE on the host platform.
Target Go will have PIE enabled if Go supports PIE on the target
platform and CONFIG_PKG_ASLR_PIE is selected.
Go 1.13 supports PIE for x86 and arm targets; mips support is in
progress[1].
[1]: https://github.com/golang/go/issues/21222#issuecomment-542064462
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This replaces conditional functions with conditional directives to make
golang-values.mk more readable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This adds calls to the strip function in golang-package.mk when using
variables expected to be set by Go packages.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This changes the formatting of environment variable unexports in
golang-values.mk to be more maintainable, and to document the sources of
variables.
There should be no change to the actual list of variables unexported.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This change:
* bumps the version 1.3.0
* switches to pypi.org download
* removes the python2 variant
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
go invokes the external linker by calling gcc, so -zxxx options in
TARGET_LDFLAGS (in golang-package.mk) need to be formatted as -Wl,z,xxx.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Relevant bits of upstream changelog
New Features
argon2: Support more hashes
scrypt: Now uses python 3.6 stdlib’s hashlib.scrypt() as backend, if present (issue 86).
Bugfixes
Python 3.8 compatibility fixes
passlib.apache.HtpasswdFile: improve compatibility with Apache 2.4's htpasswd
passlib.totp: fix some compatibility issues with older TOTP clients (issue 92)
Fixed error in argon2.parsehash() (issue 97)
Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
go build/install supports multiple -ldflags arguments, but they are not
combined; for each package, the latest match on the command line is
used.[1]
Previously, the main executable would not be affected by the default
ldflags if GO_PKG_LDFLAGS or GO_PKG_LDFLAGS_X were set. (The default
ldflags instructs go to use the external linker.)
This fixes golang-package.mk so that the default ldflags take effect in
all cases.
[1]: https://golang.org/cmd/go/#hdr-Compile_packages_and_dependencies
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
- remove obsolete patches and update other ones
- filter support is now available as an extension module
- php7-mod-hash: this extension is now part of the core binary
and cannot be built as an extension module anymore
- php7-mod-gd:
- do not use bundled libgd, but rely on external one
- this also obsoletes dependencies and configuration options
- php7-mod-zip: requires external libzip now
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This activates following extensions:
* io/nonblock
* io/wait
* openssl
* pathname
* ipper
* socket
* zlib
zlib and socket are required for gem so they should be just enabled
because otherwise it does not make sense to provide host gem at all.
The rest of extensions are activated to support compass.
Signed-off-by: Karel Kočí <karel.koci@nic.cz>
Should fix the no previous prototype errors.
Also fixed the install paths. Now running this should be correct.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
The build throws several (non-fatal) build errors:
-snip-
...
checking for kerberos support... yes, shared
checking path to krb5config tool... no
checking for kerberos KADM5 support... no
checking whether we have krb5config...
./configure: line 3974: --libs: command not found
./configure: line 3975: --cflags: command not found
checking for required linker flags...
checking for required compiler flags...
./configure: line 3988: --version: command not found
checking for kerberos library version...
checking for krb5_free_string... no
checking for krb5_chpw_message... no
checking for krb5_principal_get_realm... no
checking how to print strings... printf
...
-snap-
To fix this give configure the path to krb5-config tool.
The runtime error which is fixed by the change is:
PHP Warning: PHP Startup: Unable to load dynamic library 'krb5.so'
(tried: /usr/lib/php/krb5.so (Error relocating
/usr/lib/php/krb5.so: krb5_get_init_creds_opt_free: symbol not found),
...
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
It seems that OpenSSL is bugged. While OpenSSL uses this code, it doesn't
export these defines anywhere. Match against the API version instead.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
