aboutsummaryrefslogtreecommitdiff
path: root/lang
Commit message (Collapse)AuthorAge
* python-cffi: Update to 1.15.1, add host buildJeffery To2023-03-31
| | | | | | | The host build replaces the use of the host pip requirements file. This also updates the dependants of cffi to depend on the host build. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-pycparser: Add host buildJeffery To2023-03-31
| | | | Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-ply: Add host buildJeffery To2023-03-31
| | | | | | | The host build replaces the use of the host pip requirements file. This also updates the dependants of ply to depend on the host build. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-cython: Add new host-only packageJeffery To2023-03-31
| | | | | | | The host build replaces the use of the host pip requirements file. This also updates the dependants of Cython to depend on the host build. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-wheel: Add new host-only packageJeffery To2023-03-31
| | | | | | | | | From the README: This library is the reference implementation of the Python wheel packaging standard, as defined in PEP 427. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-build: Add new host-only packageJeffery To2023-03-31
| | | | | | | | | | | From the documentation: A simple, correct PEP 517 build frontend. build will invoke the PEP 517 hooks to build a distribution package. It is a simple build tool and does not perform any dependency management. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-pyproject-hooks: Add new host-only packageJeffery To2023-03-31
| | | | | | | | | | | From the README: This is a low-level library for calling build-backends in pyproject.toml-based project. It provides the basic functionality to help write tooling that generates distribution files from Python projects. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-tomli: Add new host-only packageJeffery To2023-03-31
| | | | | | | | | From the README: Tomli is a Python library for parsing TOML. Tomli is fully compatible with TOML v1.0.0. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-packaging: Update to 23.0, add host buildJeffery To2023-03-31
| | | | | | | | This also adds myself as maintainer, and marks the target package as BROKEN (for now) as the update requires proper support for pyproject.toml-based builds. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-installer: Add host-only packageJeffery To2023-03-31
| | | | | | | | | | From the README: This is a low-level library for installing a Python package from a wheel distribution. It provides basic functionality and abstractions for handling wheels and installing packages from wheels. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python-flit-core: Add host-only packageJeffery To2023-03-30
| | | | | | | | | From the README: This provides a PEP 517 build backend for packages using Flit. The only public interface is the API specified by PEP 517, at flit_core.buildapi. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python: Add pyproject.toml-based builds for host Python packagesJeffery To2023-03-30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Using pip to install host packages with pyproject.toml-based (PEP 517) builds is problematic: * If build isolation is used, pip will create an isolated build environment, install any build dependencies for the requested package, then build the requested package. It does not appear currently possible to have pip install the build dependencies with hash-checking mode enabled[1]. * If build isolation is not used, any build dependencies must be installed in the build environment before invoking pip to build the requested package[2]. This would require creating a package dependency resolution system to install build dependencies, and any dependencies of dependencies, in the correct order. * It is very difficult to patch the packages installed by pip. This adds a new include file (python3-host-build.mk) with recipes to install host Python packages with pyproject.toml-based builds. This is backwards-compatible with packages that require running setup.py. Besides addressing the above issues (the OpenWrt build system already resolves dependencies between packages, checks all source downloads against known hashes, and supports patching packages), host packages also: * Capture package licensing and maintainer information * Enable uscan checking for package updates/CVEs * Are a known concept for OpenWrt packagers/developers The existing functionality of using host pip to install packages will remain for now, but should be considered deprecated and expected to be removed in the future. This also updates Py3Build/CheckHostPipVersionMatch for the case where the host-pip-requirements directory does not exist or is empty. [1]: https://pip.pypa.io/en/stable/user_guide/#changes-to-the-pip-dependency-resolver-in-20-3-2020 [2]: https://pip.pypa.io/en/stable/cli/pip_install/#cmdoption-no-build-isolation Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* python: Unset Python environment variablesJeffery To2023-03-30
| | | | | | | | | | | This will prevent the user's environment variables from affecting host Python, removing the need to manually override these variables. It is also not necessary to set PYTHONPATH (when not working on target Python packages) because the given directories are already included in Python's search path by default. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* Merge pull request #20693 from jefferyto/golang-1.20.2Jeffery To2023-03-30
|\ | | | | golang: Update to 1.20.2, refresh patch
| * golang: Update to 1.20.2, refresh patchJeffery To2023-03-20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Includes fixes for: * 1.20.1: * CVE-2022-41722: path/filepath: path traversal in filepath.Clean on Windows * CVE-2022-41723: net/http: avoid quadratic complexity in HPACK decoding * CVE-2022-41724: crypto/tls: large handshake records may cause panics * CVE-2022-41725: net/http, mime/multipart: denial of service from excessive resource consumption * 1.20.2: * CVE-2023-24532: crypto/elliptic: specific unreduced P-256 scalars produce incorrect results Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* | Merge pull request #20733 from pprindeville/perl-text-csv_xs-update-1.50Philip Prindeville2023-03-29
|\ \ | | | | | | perl-text-csv_xs: Update to 1.50
| * | perl-text-csv_xs: Update to 1.50Philip Prindeville2023-03-26
| | | | | | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | Merge pull request #20732 from pprindeville/perl-cgi-update-4.56Philip Prindeville2023-03-29
|\ \ \ | | | | | | | | perl-cgi: Update to 4.56
| * | | perl-cgi: Update to 4.56Philip Prindeville2023-03-26
| |/ / | | | | | | | | | Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
* | | borgbackup: bump to 1.2.4Julien Malik2023-03-27
| | | | | | | | | | | | Signed-off-by: Julien Malik <julien.malik@paraiso.me>
* | | borgbackup: add missing dependenciesJulien Malik2023-03-27
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The initial package submission was missing some required and optional dependencies due to lack of testing on a system without any python related packages pre-installed. Some optional but highly recommended dependencies were discovered with the stdlib module as described in: https://github.com/openwrt/packages/blob/392a68e24774294590abf9c08ea1832f2cee190d/lang/python/README.md Fixes #20441 Signed-off-by: Julien Malik <julien.malik@paraiso.me>
* | | rust: fix build with glibcTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | Don't set musl-specific options/ldflags when using glibc. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | rust: enable use of prebuilt llvm toolchainTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | | | | llvm-bpf is not ready for generic usage, so use prebuilt llvm toolchain provided by the rust project to speedup build (~1hour faster). Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | maturin: Update to 0.14.15Tianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | | | | Fixed a build error: > unresolved import `time::macros` Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | maturin: adapt new rust build standardTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | While at it, move maturin out of rust directory. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | rust: refactor build helperTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | | | | | | | | | | Added new RustBinPackage, RustBinHostBuild wrapper. Added new RUST_PKG_FEATURES flag. Moved CARGO_HOME to STAGING_DIR_HOSTPKG. Overrode default Build/Compile and Host/Compile to Cargo build. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | rust: remove useless target dependencies and configurationTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | They are for the target build which is not supported yet, drop them. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | rust: remove useless tarball packageTianling Shen2023-03-24
| | | | | | | | | | | | | | | | | | | | | | | | These tarball cannot be reused, so simply drop them. Also move cargo config to a file instead of using echo command. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* | | node: bump to v18.15.0Hirokazu MORIKAWA2023-03-21
|/ / | | | | | | | | | | | | Update to v18.15.0 Fixed bug using system-icu Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
* | Merge pull request #20665 from mhei/php8-update-8.2.3Michael Heimpold2023-03-16
|\ \ | |/ |/| php8: update to 8.2.3
| * php8: update to 8.2.3Michael Heimpold2023-03-14
| | | | | | | | | | | | | | | | | | This fixes: - CVE-2023-0567 - CVE-2023-0568 - CVE-2023-0662 Signed-off-by: Michael Heimpold <mhei@heimpold.de>
* | golang: Update to 1.19.7Jeffery To2023-03-14
|/ | | | | | | | | Includes fix for CVE-2023-2453 (crypto/elliptic: specific unreduced P-256 scalars produce incorrect results). This also includes makefile updates for Go 1.19. Signed-off-by: Jeffery To <jeffery.to@gmail.com>
* rust-lang: update to 1.68.0Luca Barbato2023-03-13
| | | | Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
* rust-lang: Add an Host/Compile helper as wellLuca Barbato2023-03-10
| | | | Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
* rust-lang: Apply suggestions from code reviewLuca Barbato2023-03-10
| | | | | Co-authored-by: Tianling Shen <cnsztl@gmail.com> Signed-off-by: Luca Barbato <luca.barbato@gmail.com>
* maturin: Add packageLuca Barbato2023-03-10
| | | | | | Build tool for rust-python packages. Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
* rust-lang: Add the rust language supportLuca Barbato2023-03-10
| | | | | | Based on work from Donald Hoskins <grommish@gmail.com>. Signed-off-by: Luca Barbato <lu_zero@gentoo.org>
* lua-eco: update to 2.2.0Jianhui Zhao2023-03-10
| | | | Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* lua-eco: update to 2.1.0Jianhui Zhao2023-03-09
| | | | | | | | * updated description * switched default SSL engine to mbedtls * added new network module Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* perl-ack: Update to 3.7.0Tianling Shen2023-03-08
| | | | | Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org> (cherry picked from commit 26b92db22c9a051447ee445acaa11a795fb35a4e)
* lua-eco: update to 2.0.0Jianhui Zhao2023-03-01
| | | | Signed-off-by: Jianhui Zhao <zhaojh329@gmail.com>
* Merge pull request #20540 from stangri/master-curlStan Grishin2023-02-26
|\ | | | | curl: update to 7.88.1
| * perl-www-curl: add patch to ensure compatibility with curl 7.88Stan Grishin2023-02-27
| | | | | | | | | | | | | | | | | | | | | | | | | | Patch comes from https://github.com/openwrt/packages/pull/20540#issuecomment-1439537287 Fixes: /home/username/works/openwrt/staging_dir/target-x86_64_glibc_custom/usr/include/curl/curl.h:2515:3: note: declared here 2515 | CURLFORM_CONTENTTYPE CURL_DEPRECATED(7.56.0, "Use curl_mime_type()"), | ^~~~~~~~~~~~~~~~~~~~ make[3]: *** [Makefile:347: Curl.o] Error 1 Signed-off-by: Stan Grishin <stangri@melmac.ca>
* | node: bump to v18.14.2Hirokazu MORIKAWA2023-02-27
| | | | | | | | | | | | | | Update to v18.14.2 Support for OpenSSL v3.0.x Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
* | golang: Update to 1.19.6Tianling Shen2023-02-22
|/ | | | | | | | | go1.19.6 (released 2023-02-14) includes security fixes to the crypto/tls, mime/multipart, net/http, and path/filepath packages, as well as bug fixes to the go command, the linker, the runtime, and the crypto/x509, net/http, and time packages. Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
* Merge pull request #20525 from nxhack/node_16191Eneas U de Queiroz2023-02-20
|\ | | | | node: bump to v16.19.1
| * node: bump to v16.19.1Hirokazu MORIKAWA2023-02-17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Thursday February 16 2023 Security Releases Notable Changes The following CVEs are fixed in this release: * CVE-2023-23918: Node.js Permissions policies can be bypassed via process.mainModule (High) * CVE-2023-23919: Node.js OpenSSL error handling issues in nodejs crypto library (Medium) * CVE-2023-23936: Fetch API in Node.js did not protect against CRLF injection in host headers (Medium) * CVE-2023-24807: Regular Expression Denial of Service in Headers in Node.js fetch API (Low) * CVE-2023-23920: Node.js insecure loading of ICU data through ICU_DATA environment variable (Low) More detailed information on each of the vulnerabilities can be found in February 2023 Security Releases blog post. Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
* | django: bump to version 4.1.7Alexandru Ardelean2023-02-17
|/ | | | | | | Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-23969 Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
* Jinja2: pass maintainership to Michal VasílekŠimon Bořek2023-02-14
| | | | Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
* Flask: pass maintainership to Michal VasílekŠimon Bořek2023-02-14
| | | | Signed-off-by: Šimon Bořek <simon.borek@nic.cz>
Powered by cgit, Themed by Ted Yin.