| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
Based on work from Donald Hoskins <grommish@gmail.com>.
Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
|
| |
|
|
| |
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
|
| |
|
|
|
|
|
|
| |
* updated description
* switched default SSL engine to mbedtls
* added new network module
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
|
| |
|
|
|
| |
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 26b92db22c9a051447ee445acaa11a795fb35a4e)
|
| |
|
|
| |
Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
|
| |\
| |
| | |
curl: update to 7.88.1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Patch comes from
https://github.com/openwrt/packages/pull/20540#issuecomment-1439537287
Fixes:
/home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/usr/include/curl/curl.h:2515:3: note: declared here
2515 | CURLFORM_CONTENTTYPE CURL_DEPRECATED(7.56.0, "Use curl_mime_type()"),
| ^~~~~~~~~~~~~~~~~~~~
make[3]: *** [Makefile:347: Curl.o] Error 1
Signed-off-by: Stan Grishin <stangri@melmac.ca>
|
| | |
| |
| |
| |
| |
| |
| | |
Update to v18.14.2
Support for OpenSSL v3.0.x
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |/
|
|
|
|
|
|
|
| |
go1.19.6 (released 2023-02-14) includes security fixes to the
crypto/tls, mime/multipart, net/http, and path/filepath packages,
as well as bug fixes to the go command, the linker, the runtime,
and the crypto/x509, net/http, and time packages.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |\
| |
| | |
node: bump to v16.19.1
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Thursday February 16 2023 Security Releases
Notable Changes
The following CVEs are fixed in this release:
* CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High)
* CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium)
* CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium)
* CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low)
* CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low)
More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post.
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |/
|
|
|
|
|
| |
Fixes:
https://nvd.nist.gov/vuln/detail/CVE-2023-23969
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |
|
|
| |
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
|
| |
|
|
| |
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
|
| |
|
|
| |
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
|
| |
|
|
| |
Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- 1.5.1
- Fix logic bug that can cause disconnects
- 1.5.0
- Refactor and improve ping/pong logic to resolve several issues,
including an infinite loop issue during reconnect
- Fix issue where `skip_utf8_validation = True` is ignored
- Fix issue where sslopt `is_ssl` is ignored
- Downgrade "websocket connected" message from logging.warning to
logging.info
- Update github actions to newer versions (669fe1b)
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |\
| |
| | |
python3: add 'ensurepip' to python3-pip sub-package
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes:
https://github.com/openwrt/packages/issues/12707
Seems to work.
Looking into the 'venv' lib, it seems it's installing pip & setuptools
inside a virtual environment.
`python3-pip` is already ~6 MB.
This adds another ~3 MB.
But, this gives users the ability to run Python virtual environments, which
is a pretty common feature of Python in production cases (usually web
stuff).
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A new PEP 517 (https://www.python.org/dev/peps/pep-0517/) has defined that
Python packages can be shipped without any `setup.py` file, and that a
`pyproject.toml` file is sufficient.
A `setup.py` shim layer is suggested as a method for running the build.
For these cases, we will add a support in the OpenWrt build-system to
provide the default `setup.py` shim layer in case this file does not exist,
but there is a `pyproject.toml` file.
We also seem to need to tweak the shim layer with the PKG_VERSION,
otherwise the detected version is 0.0.0.
We will need to see if this will be fixed later in setuptools{-scm}.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
|
|
|
| |
When CC is set to e.g. "ccache mips-openwrt-linux-musl-gcc" it needs
to be quoted to avoid word splitting on substitution.
Signed-off-by: Paul Fertser <fercerpav@gmail.com>
|
| |
|
|
| |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| |
|
|
| |
Signed-off-by: Julien Malik <julien.malik@paraiso.me>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Go1.19.5 (released 2023-01-10) includes fixes to the compiler,
the linker, and the crypto/x509, net/http, sync/atomic,
and syscall packages.
Removed upstreamed patch.
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
|
|
| |
Get rid of AUTORELEASE. This barely gets updated.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
| |
The old 2.python-requests.org URL is not reachable on modern browsers,
and is not the current canonical URL for the project. Update to the
current best URL for the project.
Signed-off-by: Karl Palsson <karlp@etactica.com>
|
| |\
| |
| | |
php8: update to 8.2.1
|
| | |
| |
| |
| |
| |
| |
| | |
This fixes:
- CVE-2022-31631
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| | |
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes the following build error:
```
Building targets
runtime
<autogenerated>:1: non-retpoline-compatible: 00200 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:915) JMP (R15)(R12*8)
<autogenerated>:1: non-retpoline-compatible: 00115 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/type.go:614) JMP (AX)(SI*8)
<autogenerated>:1: non-retpoline-compatible: 00028 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:452) JMP (R11)(R10*8)
<autogenerated>:1: non-retpoline-compatible: 00021 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/error.go:261) JMP (DX)(CX*8)
<autogenerated>:1: non-retpoline-compatible: 00050 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:691) JMP (CX)(R12*8)
<autogenerated>:1: non-retpoline-compatible: 00024 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/debuglog.go:616) JMP (CX)(SI*8)
<autogenerated>:1: non-retpoline-compatible: 00079 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/time.go:617) JMP (R9)(R8*8)
<autogenerated>:1: non-retpoline-compatible: 00025 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/cgocall.go:453) JMP (R9)(DX*8)
<autogenerated>:1: non-retpoline-compatible: 00018 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/type.go:66) JMP (DX)(CX*8)
<autogenerated>:1: non-retpoline-compatible: 00020 (/home/username/works/openwrt/staging_dir/hostpkg/lib/go-cross/src/runtime/alg.go:156) JMP (SI)(DX*8)
<autogenerated>:1: too many errors
```
Fixes: #20026
Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
|
| |
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
PycURL changeLog:
-----------------------------------------------------------------
PycURL 7.45.2 - 2022-12-16
-----------------------------------------------------------------
This release fixes several minor issues and adds support for several libcurl options.
-----------------------------------------------------------------
PycURL 7.45.1 - 2022-03-13
-----------------------------------------------------------------
This release fixes build when libcurl < 7.64.1 is used.
-----------------------------------------------------------------
PycURL 7.45.0 - 2022-03-09
-----------------------------------------------------------------
This release adds support for SecureTransport SSL backend (MacOS), adds ability to unset a number of multi options, adds ability to duplicate easy handles and permits pycurl classes to be subclassed.
-----------------------------------------------------------------
PycURL 7.44.1 - 2021-08-15
-----------------------------------------------------------------
This release repairs incorrect Python thread initialization logic which caused operations to hang.
-----------------------------------------------------------------
Signed-off-by: Waldemar Konik <informatyk74@interia.pl>
Compile tested: x86_64
|
| |
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Version 8.1.3
Released 2022-04-28
Use verbose form of typing.Callable for @command and @group.
pallets/click#2255
Show error when attempting to create an option with multiple=True,
is_flag=True. Use count instead. pallets/click#2246
Version 8.1.2
Released 2022-03-31
Fix error message for readable path check that was mixed up with the
executable check. pallets/click#2236
Restore parameter order for Path, placing the executable parameter at
the end. It is recommended to use keyword arguments instead of
positional arguments. pallets/click#2235
Version 8.1.1
Released 2022-03-30
Fix an issue with decorator typing that caused type checking to
report that a command was not callable. pallets/click#2227
Version 8.1.0
Released 2022-03-28
Drop support for Python 3.6. pallets/click#2129
Remove previously deprecated code. pallets/click#2130
Group.resultcallback is renamed to result_callback.
autocompletion parameter to Command is renamed to shell_complete.
get_terminal_size is removed, use shutil.get_terminal_size instead.
get_os_args is removed, use sys.argv[1:] instead.
Rely on PEP 538 and PEP 540 to handle selecting UTF-8 encoding
instead of ASCII. Click’s locale encoding detection is removed.
pallets/click#2198
Single options boolean flags with show_default=True only show the
default if it is True. pallets/click#1971
The command and group decorators can be applied with or without
parentheses. pallets/click#1359
The Path type can check whether the target is executable.
pallets/click#1961
Command.show_default overrides Context.show_default, instead of the
other way around. pallets/click#1963
Parameter decorators and @group handles cls=None the same as not
passing cls. @option handles help=None the same as not passing help.
pallets/click#1959
A flag option with required=True requires that the flag is passed
instead of choosing the implicit default value. pallets/click#1978
Indentation in help text passed to Option and Command is cleaned the
same as using the @option and @command decorators does. A command’s
epilog and short_help are also processed. pallets/click#1985
Store unprocessed Command.help, epilog and short_help strings.
Processing is only done when formatting help text for output.
pallets/click#2149
Allow empty str input for prompt() when confirmation_prompt=True and
default="". pallets/click#2157
Windows glob pattern expansion doesn’t fail if a value is an invalid
pattern. pallets/click#2195
It’s possible to pass a list of params to @command. Any params
defined with decorators are appended to the passed params.
pallets/click#2131
@command decorator is annotated as returning the correct type if a
cls argument is used. pallets/click#2211
A Group with invoke_without_command=True and chain=False will invoke
its result callback with the group function’s return value.
pallets/click#2124
to_info_dict will not fail if a ParamType doesn’t define a name.
pallets/click#2168
Shell completion prioritizes option values with option prefixes over
new options. pallets/click#2040
Options that get an environment variable value using
autoenvvar_prefix treat an empty value as None, consistent with a
direct envvar. pallets/click#2146
Version 8.0.4
Released 2022-02-18
open_file recognizes Path("-") as a standard stream, the same as the
string "-". pallets/click#2106
The option and argument decorators preserve the type annotation of
the decorated function. pallets/click#2155
A callable default value can customize its help text by overriding
__str__ instead of always showing (dynamic). pallets/click#2099
Fix a typo in the Bash completion script that affected file and
directory completion. If this script was generated by a previous
version, it should be regenerated. pallets/click#2163
Fix typing for echo and secho file argument. pallets/click#2174,
pallets/click#2185
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
|