| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
In hash-checking mode[1], pip will verify downloaded package archives
(source tarballs in our case) against known SHA256 hashes before
installing the packages.
As a consequence, this requires the use of requirements files[2] and
pinning packages to known versions.
The syntax for package Makefiles has changed slightly;
HOST_PYTHON3_PACKAGE_BUILD_DEPENDS no longer accepts requirement
specifiers like "foo>=1.0", only requirements file names (which are the
same as package names in the most common case).
This also updates affected packages, in particular:
* python-zipp: "setuptools_scm[toml]" has been split into
"setuptools-scm toml" to reuse the requirements file for
setuptools-scm (the extra depends installed by "setuptools_scm[toml]"
is toml).
* python-pycparser: This previously used ply 3.10, whereas the
requirements file will now install 3.11.
[1]: https://pip.pypa.io/en/stable/reference/pip_install/#hash-checking-mode
[2]: https://pip.pypa.io/en/stable/user_guide/#requirements-files
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |\ \ \ \
| |/ / /
|/| | | |
python-cffi: Update to 1.14.2
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |\ \ \
| | | |
| | | | |
python3: Add config PYTHON3_HOST_PIP_CACHE_WORLD_READABLE
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This adds a config option PYTHON3_HOST_PIP_CACHE_WORLD_READABLE; if
enabled, chmod will be run after pip install to make all
files/directories in the host pip cache world-readable.
Supersedes https://github.com/openwrt/packages/pull/13012.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| | |/ /
|/| |
| | |
| | | |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |/ /
| |
| |
| | |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |\ \
| | |
| | | |
micropython: fix compilation without sys/cdefs
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
sys/cdefs.h is not provided by musl. micropython also includes its own
copy.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
This includes a fix for CVE-2020-16845 (encoding/binary: ReadUvarint and
ReadVarint can read an unlimited number of bytes from invalid inputs).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |\ \ \
| | | |
| | | | |
node-homebridge: update to 1.1.1
|
| | |/ /
| | |
| | |
| | | |
Signed-off-by: Zbyněk Kocur <zbynek.kocur@fel.cvut.cz>
|
| |\ \ \
| | | |
| | | | |
javascript-obfuscator: update to 1.9.0
|
| | |/ /
| | |
| | |
| | |
| | |
| | | |
New version of package node-javascript-obfuscator
Signed-off-by: Zbyněk Kocur <zbynek.kocur@fel.cvut.cz>
|
| |\ \ \
| |/ /
|/| | |
python-pytest-xdist: add new package
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |\ \ \
| | | |
| | | | |
django-restframework: update to version 3.11.1
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
update to newest version.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
|
| |\ \ \ \
| | | | |
| | | | | |
erlang: fix compilation without deprecated OpenSSL APIs
|
| | |/ / /
| | | |
| | | |
| | | | |
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |\ \ \ \
| | | | |
| | | | | |
python3-maxminddb: update to version 2.0.2
|
| | |/ / /
| | | |
| | | |
| | | | |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |/ / /
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Fixes https://github.com/openwrt/packages/issues/13016
Patch [1] broke compilation for python-pynacl.
The fix is to patch PyNaCl to consider that
PYNACL_HAS_CRYPTO_SCALARMULT_ED25519 is always available.
[1] https://github.com/openwrt/packages/commit/3ef28a4ab0cb60877c4ec68f5ba8c276021a1ab6
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Recommended Cython version is 0.29.21
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| | | |
| | |
| | |
| | | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |/ /
| |
| |
| | |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |\ \
| | |
| | | |
python3: fix host compilation with clang
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Matched rpath parameter with Makefile.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |/ /
| |
| |
| |
| |
| | |
Used under macOS.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |/
|
|
| |
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
|
| |\
| |
| | |
python3: Update to 3.8.5
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This version includes fixes for:
* CVE-2020-15801 - Fixes python3x._pth being ignored on Windows
* CVE-2019-20907 - Avoid infinite loop when reading specially crafted
TAR files using the tarfile module
This also:
* Remove patches that are included in the update
* Add a dependency in python3-distutils for python3-email[1]
[1]: https://github.com/python/cpython/blob/v3.8.5/Lib/distutils/dist.py#L10
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |/
|
|
|
|
|
|
|
| |
Also:
* Remove patches that are included in the update
* Replace the python3 dependency with a smaller list (python3-urllib is
needed because it is a dependency of python3-email)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Maxim Storchak <m.storchak@gmail.com>
|
| |
|
|
|
|
| |
Adjusted path linker argument to fix wrong linking to the host.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
| |
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
|
| |\
| |
| | |
python3-django-cors-headers: update to version 3.4.0
|
| | |
| |
| |
| |
| |
| | |
update to latest version changing the URL and DEPENDS, too.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
|
| |/
|
|
|
|
| |
update to latest version.
Signed-off-by: Peter Stadler <peter.stadler@student.uibk.ac.at>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This version includes fixes for:
* CVE-2020-14422: Hash collisions in IPv4Interface and IPv6Interface
* CVE-2020-15523: Python uses invalid DLL path after calling Py_SetPath
on Windows
This version also includes support for OpenSSL 1.1.x builds that use
'no-deprecated' and '--api=1.1.0'[1], and so this removes the previous
OpenSSL-related patches.
This also backports fixes for security issues, including:
* CVE-2019-20907: Infinite loop in the tarfile module
This also updates the setuptools and pip packages to 47.1.0 and 20.1.1,
respectively.
[1]: https://github.com/python/cpython/pull/20566
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
This adds a new Makefile variable, GO_PKG_TAGS, for Go packages. When
set, the value is passed as the parameter of the -tags option for 'go
install'.
This also updates syncthing to use this variable.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
|
| |
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|