Commit Graph

72440 Commits

Author SHA1 Message Date
Francois Perrad
9f84196986 package/lua-lightningmdb: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 22:01:48 +02:00
Francois Perrad
eb60c4054c package/lmdb: new package
Signed-off-by: Francois Perrad <francois.perrad@gadz.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 21:56:48 +02:00
Leo Soares
f80b393d45 package/janus-gateway: add staging installation
Install janus to staging directory so that external plugins can be built.

Signed-off-by: Leo Soares <leojrfs@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 21:55:27 +02:00
Julien Olivain
92ae6d75c1 support/testing: add gnuplot runtime test
Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 14:03:10 +02:00
Bernd Kuhls
91848e73ae package/libdrm: fix install of test programs
Buildroot commit f95069814b disabled the
build of test programs unconditionally without considering the option
BR2_PACKAGE_LIBDRM_INSTALL_TESTS.

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 14:01:53 +02:00
Fabrice Fontaine
f1f926adc7 package/paho-mqtt-cpp: bump to version 1.3.2
License updated to EPL-2.0 with
a7e9b12042

https://github.com/eclipse/paho.mqtt.cpp/blob/v1.3.2/CHANGELOG.md

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 14:00:04 +02:00
Adam Duskett
35cecc4408 package/setools: bump version to 4.4.4
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:36 +02:00
Adam Duskett
4c11ee14fd package/selinux-python: bump version to 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:27 +02:00
Adam Duskett
e23558e957 package/semodule-utils: bump version to 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:23 +02:00
Adam Duskett
7412d99e8f package/restorecond: bump version to 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:18 +02:00
Adam Duskett
5342d40cbd package/checkpolicy: bump version to 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:13 +02:00
Adam Duskett
a4023ae75d package/policycoreutils: bump version to 3.6
setsebool/Makefile now unconditionally links against libsepol.
As such, it is now a new dependency.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:48:02 +02:00
Adam Duskett
5f7275787a package/libselinux: bump version to 3.6
Changes:
 - Remove 0001-fix-musl-build.patch
   Fixed with commit d88597798fdb1a2b344ca47e48f2f80ad433fd95 differently.
   """
   libselinux: drop usage of _D_ALLOC_NAMLEN

   _D_ALLOC_NAMLEN is not very portable. Currently, the code
   mallocs based on _D_ALLOC_NAMLEN() and then strcpy's dirent
   d_name into the buffer. Instead, just use strdup.

   Change-Id: I5c8ca47da2c593ea2726caba5781f5e9d9d910ae
   Signed-off-by: William Roberts <william.c.roberts@intel.com>
   """

 - Remove 0003-libselinux-set-CFLAGS-for-pip-installation.patch
   Fixed with commit 89dd980c1e9a800f104c1db2b4c9e77be532ca35.
   """
   Add CPPFLAGS to Makefiles

   This patch adds CPPFLAGS to all of the Makefiles as suggested.

   Signed-off-by: Cameron Williams <ckwilliams.work@gmail.com>
   Acked-by: James Carter <jwcart2@gmail.com>
   """

 - Rename 0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch to
   0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch

 - Remove "package/libselinux/0001-fix-musl-build.patch Upstream" from
   .checkpackageignore

 - Rename "0002-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch" to
   "0001-Do-not-use-PYCEXT-and-rely-on-the-installed-file-nam.patch" in the
   .checkpackageignore

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:47:48 +02:00
Adam Duskett
1bcda5be8a package/libsemanage: bump version to 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:44:53 +02:00
Adam Duskett
1cc8a1b211 package/libsepol: bump to version 3.6
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:44:49 +02:00
Bernd Kuhls
8ca56912ab package/intel-mediadriver: bump version to 24.2.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:24:01 +02:00
Bernd Kuhls
9d54712fab package/onevpl-intel-gpu: bump version to 24.2.1
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:23:56 +02:00
Bernd Kuhls
e1e4237dc7 package/{mesa3d, mesa3d-headers}: bump version to 24.0.6
Release notes:
https://lists.freedesktop.org/archives/mesa-announce/2024-April/000754.html
https://lists.freedesktop.org/archives/mesa-announce/2024-April/000755.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:22:15 +02:00
Bernd Kuhls
c4f8728e70 package/clamav: bump version to 1.0.6
Release notes:
https://blog.clamav.net/2024/04/clamav-131-123-106-patch-versions.html

Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:22:09 +02:00
Zenichi Amano
20373e0be8 package/pcsc-lite: bump version to 2.1.0
add configuration to disable polkit if it is not available since polkit is enabled by default in 2.0.1.

https://github.com/LudovicRousseau/PCSC/releases/tag/2.1.0
https://github.com/LudovicRousseau/PCSC/releases/tag/2.0.3
https://github.com/LudovicRousseau/PCSC/releases/tag/2.0.2
https://github.com/LudovicRousseau/PCSC/releases/tag/2.0.1

Signed-off-by: Zenichi Amano <zenichi.amano@gahojin.co.jp>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-10 13:20:45 +02:00
Fabrice Fontaine
2cf2491a23 package/mariadb: really use system fmt
Commit 821f9dee81 wrongly used WITH_FMT
instead of WITH_LIBFMT resulting in the following build failure:

[  0%] Creating directories for 'libfmt'
[  0%] Performing download step (download, verify and extract) for 'libfmt'
make[3]: Leaving directory '/home/buildroot/autobuild/run/instance-0/output-1/build/mariadb-10.11.6'
make[3]: Leaving directory '/home/buildroot/autobuild/run/instance-0/output-1/build/mariadb-10.11.6'
-- Downloading...
   dst='/home/buildroot/autobuild/run/instance-0/output-1/build/mariadb-10.11.6/extra/libfmt/src/8.0.1.zip'
   timeout='none'
   inactivity timeout='none'
-- Using src='https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip'
CMake Error at libfmt-stamp/download-libfmt.cmake:170 (message):
  Each download failed!

    error: downloading 'https://github.com/fmtlib/fmt/archive/refs/tags/8.0.1.zip' failed
          status_code: 1
          status_string: "Unsupported protocol"
          log:
          --- LOG BEGIN ---
          Protocol "https" not supported or disabled in libcurl

  Closing connection

          --- LOG END ---

Fixes: 821f9dee81
 - http://autobuild.buildroot.org/results/fbe3bc347a83a810ffbbbff93a45994963712bee

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 23:19:20 +02:00
Sergey Bobrenok
21335682a1 package/sdbus-cpp: fix required gcc version
Since bump to version 2.0.0 in commit
0f5bb364c6 sdbus-cpp package requires
designated initializers support (C++20 feature), and fails to compile
with gcc < 8:

/home/buildroot/autobuild/run/instance-2/output-1/build/host-sdbus-cpp-2.0.0/src/Proxy.cpp: In member function 'virtual sdbus::Slot sdbus::internal::Proxy::callMethodAsync(const sdbus::MethodCall&, sdbus::async_reply_handler, uint64_t, sdbus::return_slot_t)':
/home/buildroot/autobuild/run/instance-2/output-1/build/host-sdbus-cpp-2.0.0/src/Proxy.cpp:146:90: sorry, unimplemented: non-trivial designated initializers not supported
                                                                       , .floating = true });

Fixes: 0f5bb364c6
 - http://autobuild.buildroot.net/results/1764ce0d48b390e430d2d8f54388013d3700e9d7

Signed-off-by: Sergey Bobrenok <bobrofon@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 23:11:23 +02:00
Fabrice Fontaine
776dc1ed50 package/python-mpmath: add CPE variables
cpe:2.3🅰️mpmath:mpmath is a valid CPE identifier for this package:

  https://nvd.nist.gov/products/cpe/detail/2EF05D03-432D-470D-80AB-1àF50D308BD85

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 23:10:59 +02:00
Fabrice Fontaine
981d25e5bc package/privoxy: fix build with root
Set GROUP_T when installing configuration files as root to avoid the
following build failure raised since commit
b6816034eb:

/usr/bin/install: missing destination file operand after '/home/buildroot/instance-0/output-1/target/etc'

Fixes: b6816034eb
 - http://autobuild.buildroot.org/results/eb4ccf248c9c5048e9b71058bb0311b1e0763883

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 23:05:37 +02:00
Yegor Yefremov
8660d11b08 package/libxmlb: new package
Signed-off-by: Yegor Yefremov <yegorslists@googlemail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 23:03:33 +02:00
Baruch Siach
e28418dd41 linux: add option to include git submodules
Some kernel users find it useful to store submodules in the kernel
source tree for cross source trees definitions. Add option to download
these submodules.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2024-05-09 22:55:06 +02:00
Yann E. MORIN
72bcff3081 support/download: force fetching tags
Our git download backend switches the remote of our local clone, and
fetches all refs and tags from that remote.

When the local clone has a tag fetched from another remote, and the new
remote also has a tag by the same name, and that tag points to another
commit, then git refuses to fetch the new tag and exits in error, as it
considers that the new tag would clobber the existing one. This is safe
and sane behaviour when run interactively with a human that can take a
decision.

However, in our case, we don't care about any tags that were present
before, as only the last one makes sense in our case: the one from the
remote the user has requested for the current build.

Tell git to forcefully pull tags, even if they would clobber existing
ones.

Note that, although this changes the git backend, it does not change the
content of generated archives, so we do not need to bump the suffix
version.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:14 +02:00
Yann E. MORIN
bc71274a34 docs/manual: update archives version suffixes
Since tar *will* generate different archives, virtually all hashes will
change, so drop the blurb that states they usually would not.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: say explicitly that the has will change]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:12 +02:00
Yann E. MORIN
de5ed80212 {boot, package}: update hashes for generated archives
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:11 +02:00
Yann E. MORIN
5b847f88fe board: update hashes for generated achives
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: also update acmesystems/acqua-a5]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:10 +02:00
Yann E. MORIN
8eea9f5783 support/testing: update hashes for generated archives
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:09 +02:00
Yann E. MORIN
b11956fb66 support/dependencies: require tar >= 1.35
We can't stay in the past forever and ever...

Since tar 1.35, the way some fields (devmajor and devminor) are stored
has changed. These fields exist for each file in the tarball, but only
used for device nodes. In previous versions of GNU tar, they were set to
zero; since 1.35, they are set to empty.

Although this doesn't change anything about the content of the tarball,
and it will be extracted in exactly the same way regardless of the tar
version used for extracting, it does change the hash of the tarball.
Therefore, we have to
- make sure that the correct version of tar is used;
- update the format version so that the filename is different from
  before.

Increment all BR_FMT_VERSION by one.

Require tar >= 1.35 instead of < 1.35.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: also increment BR_FMT_VERSION and extend the commit message]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:07 +02:00
Fabrice Fontaine
c68d67bfad package/tar: security bump to version 1.35
Fix CVE-2022-48303: GNU Tar through 1.34 has a one-byte out-of-bounds
read that results in use of uninitialized memory for a conditional
jump. Exploitation to change the flow of control has not been
demonstrated. The issue occurs in from_header in list.c via a V7
archive in which mtime has approximately 11 whitespace characters.

With the bump to 1.35, the build will fail on systems that are not
Y2038, such as some uClibc configurations.

In order to preserve the previous behavior, pass --disable-year2038.
See the gnulib documentation for details [1]. Contrary to what the
option name might suggest, it doesn't really disable Y2038 support,
but only the check that the system is Y2038 compliant. So even with
--disable-year2038, if the system is Y2038 compliant (uses a 64-bit
arch, uses the musl C library, or uses the glibc C library with
BR2_TIME_BITS_64=y), tar will be Y2038 compliant.

Update hash of COPYING (http replaced by https)

[0] https://lists.gnu.org/archive/html/info-gnu/2023-07/msg00005.html
[1] https://www.gnu.org/software/gnulib/manual/html_node/Avoiding-the-year-2038-problem.html

For the version bump:

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit d4d483451f)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>

For the Y2038 fix:

Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
(cherry picked from commit 7f1088f9ca)
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:06 +02:00
Yann E. MORIN
c316a83a8e docs/manual: document new archive version suffix
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: add sed scripts for hash file update]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:05 +02:00
Yann E. MORIN
e527bdd8a9 board: update hashes of git archives
Replace the names of the tarballs in the hash files to -git3.

Linux and U-Boot sources do contain symlinks, so the hashes change.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
[Arnout: also update acmesystems/acqua-a5]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:03 +02:00
Yann E. MORIN
d8000791e3 {boot, package}: update hashes of git, svn, go, and cargo archives
Replace all git and svn packages archive names in hash files:

    $ sed -r -i -e 's/-br2/-git3/; s/-br3/-svn4/' $(
        git grep -l -E -- '-br2|-br3' '*.hash'
    )

    $ sed -r -i -e 's/(\.tar\.gz)$/-go1\1/' $(
        git grep -l -E '\$\(eval \$\((host-)?golang-package\)\)' '*.mk' \
        |sed -r -e 's/\.mk$/.hash/' \
        |sort -u
    )

    $ sed -r -i -e 's/(\.tar\.gz)$/-cargo1\1/' $(
        git grep -l -E '\$\(eval \$\((host-)?cargo-package\)\)' '*.mk' \
        |sed -r -e 's/\.mk$/.hash/' \
        |sort -u
    )

Then a bit of make source (based on: git diff --name-only), a lot of
sweat, and carefully checking the new archives to verify that only
modes have changed...

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:02 +02:00
Yann E. MORIN
2c3c1fa788 support/testing: update git tests
Replace the names of the tarballs in the hash files to -git3.

We don't have any symlinks in the tests, so the hashes themselves don't
change.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:45:01 +02:00
Yann E. MORIN
3035fc23de support/download: even more reproducible archives (until next time)
Currently, when we generate archives, we rely on a few assumptions and
mechanisms to ensure reproducilibity. So far, we mostly accounted for
the content (i.e. content, filenames, and path) of the files we
archived, and this is OK (git and svn should provide reproducilbe
content by design, and cargo and go vendoring are also supposed to be
generating reproducible content.

However, tarballs do not only contain the content of the files; they
also have a few metadata about those files. Beyond filenames and paths,
which are already reproducible, there is the timestamp, the user and
group name and ID. Those are also accounted for and made reproducible.

The final touch (so far!) is that files have access rights (aka mode),
and those too are stored in tarballs. So far we accounted for those by
ensuring that Buildroot would always run under a known umask, thus
generating files with reproducible modes.

That falls short in one case that we did not envision, though: a shared
download directory, where extended attributes are set to provide a
default ACL that is permissive, to allow two or more users (with
different uid and gid) to all read and write to such a directory. This
is trivially achieved with something like:

    $ mkdir -p "${BR2_DL_DIR}"
    $ setfacl -m 'default:user::rwx' "${BR2_DL_DIR}"
    $ setfacl -m 'default:group::rwx' "${BR2_DL_DIR}"
    $ setfacl -m 'default:other::rwx' "${BR2_DL_DIR}"

This has the effect that:

  - files below BR2_DL_DIR are all set with user, group, and world read
    and write access,
  - files executable by the owner will also be group and world
    executable,
  - directories are user, group, and world readable, writable, and
    searchable.

This means that all the archives we generate from files in BR2_DL_DIR
will have modes that are different from those generated on other systems,
where only the traditional umask is used.

There are various solutions to solve that issue:

  - detect the situation and abort: that's not nice, because users have
    a legitimiate reason to want to share that directory,

  - find a solution for each affected download mechanism: git, svn, hg,
    cvs, bzr... and for each of the affected vendoring mechanism: go and
    cargo [0]; this is not nice, because it means a lot of repetition,
    with the risk that they diverge over time (e.g. one is fixed for a
    newer issue, while the others are left out due to an oversight...)

  - find a single, common solution that works in all cases, whatever the
    download mechanism and/or vendoring: this is the best, because we
    can extend and fix it once and everything else benefits from it.

We obviously go for the third option.

The common solution is rather simple. When creating the tarball in
support/download/helpers, give an option to tar to set the group and
other permissions to those of the user, but without write permission.

This implies that we must bump the version-suffix for the download
backends [1] and for the vendoring post-processes. It also implies that
the hash may change, under the following circumstances:

- Symlinks normally have permissions 0777 (because symlink permissions
  are in fact meaningless). They will now have permission 0755 in the
  tarball.
- If the original tarball (for vendored go and cargo packages) contained
  files that are readable or executable by owner but not by group or
  other, they will now be readable resp. executable by group and other
  too. Note that for writeable it is not the case, because those were
  already handled by our 0022 umask (which makes them not writeable by
  group and other).

Because the hash may change, we need to update the BR_FMT_VERSION for
everything that creates tarballs. Go and cargo didn't have one up to
now, the the previous commit added the possibility to give one. The ones
for git and svn have to be updated. Since it is now possible to have a
suffix for both the VCS and the post-processing, change the suffix to
something more descriptive than "-brX", i.e. -git3 for git, -go1 for
golang, etc.

The hash updates and filename changes will be handled in a follow-up
commit.

[0] Note however that the vendoring is currently not done in a
sub-directory of BR2_DL_DIR, but the cargo and go caches are located
there. Files that get copied from there to the vendoring area would be
tainted as well, and thus we want to address that situation as well.

[1] we currently do not have a CVS version suffix, because we do not
guarantee the reproducilibity of CVS archives (we can't); for hg, we are
currently using hg's own archive tool, and presumably that does not have
the mode issue because it is not using the checked-out files. Still,
doing the mode fix in a single location will help extend those two
backends in the future (if that ever happens...).

Reported-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:59 +02:00
Yann E. MORIN
1e87da9eab package/pkg-utils: add vendoring mechanism into generated archive filename
When we change the way we vendor packages, either because our download
backend or helpers evolve, or when the vendoring tools themselves change,
we must avoid generating new archives with the same name, or there would
be confusion when using older archives with newer Buildroot versions, or
the other way around (and that would mess with local caches, like the
one we share on s.b.o).

This is going to be the case for example, when we enforce a better and
more reproducible set of modes on archived files in the following
commits.

Introduce a version suffix for post-processed downloads, that we can
bump when needed.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:58 +02:00
Yann E. MORIN
a1155dc8f4 docs/manual: document git backend handling of export-subst attribute
Add the changes about export-subst in the git backend, to the migrating
section of the manual.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
[Arnout: slightly extend the message, add sed command to update hash
files]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:56 +02:00
Yann E. MORIN
32dcc92655 *: update filename for git-download packages
The version suffix for the git-generated archives has changed, so update
the filenames accordingly in the hash files. The content of the archives
has not changed, though.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:55 +02:00
Yann E. MORIN
0bd17778b2 package/*: update hashes for packages with export-subst git attibute
Those packages use the export-subst git attribute, so the content of
the generated archives change.

Update the hashes accordingly.

For pcm-tools, we no longer need the post-extract hook, as the git
attribute is properly handled in the git download backend.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:54 +02:00
Yann E. MORIN
a6182475b0 support/testing: add test for export-subst support in git-download
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:52 +02:00
Yann E. MORIN
ac92ce4961 support/download/git: handle git attributes
Files in a git repository can be given attributes, like the usual eol
that can convert to-from crlf, cr, lf; those are applied when comitting
or checking-out a file.

There are also two attributes that are meant to be used when generating
an archive (with git archive): export-subst, and export-ignore, that
respectively substitutes format placeholders in a file, and excludes a
file from the archive.

Some package (e.g. pcm-tools, luajit) use the export-subst attribute
to generate versioning information. luajit, specifically, uses the UNIX
timestamp of the commit as the patch-level for its semantic versioning.

We don't use git-archive, because we need to get submodules and LFS
blob, which git-archive does not handle. So, our git backend tries to
impersonate git-archive as much as possible, but the support for git
attributes was lost when we converted it from using git-archive to
manually creating the tarball in 3abd5ba424 (support/download/git: do
not use git archive, handle it manually) in preparation for f109e7eeb5
(support/download/git: add support for submodules) (arguably, a long
time ago...)

Extend the git backend to handle the export-subst attribute. There is
no git tool (that we could find) that does that automatically, except
git-archive, which we can't use; "git check-attr" however can report
whether a file has a specific attribute (and git check-attr can work
with \0-delimited fields and records).

So, we iterate over all the files in the repository, and filter those
that have the export-subst attribute set. Then for each file, we use a
bit of awk to do the replacement:

  - for each line (managed natively by awk), we iterate over each
    format placeholder,
  - for each placeholer, we query "git log" with the requested format,
  - we emit the replacement.

When doing the replacement, we decided to force abbreviating short
hashes to 40 chars, which is the length of a full sha1, rather than
actually abbreviating them:

  - letting git decide of the length is not reproducible over time:
    - as new commits are added, the short length will increase to avoid
      collisions,
    - newer git versions may decide on a different heuristic to shorten
      hashes,
    - users may have local settings with an arbitrary length (in their
      ~/.gitconfig for example);

  - deciding on our side of an "small" arbitrary value would not be
    viable long term either, as it might be too large to be minimum, or
    too short to avoid collisions.

The only reproducible solution is to use unabbreviated hashes.

Handling git-attributes also implies that the format of the generated
archives has changed, since we now expand placeholders, so we bump our
git format version.

Hash files for all git-downloaded packages will be updated in followup
commits.

Of all our git-downloaded packages, 5 are affected, and their hashes
will be updated in a followup commit too:

  - pcm-tools, which was known, and the one that triggered this commit;
    since we now expand placeholders, we can drop the post-extract hook;
    switching to a full hash in replacements also changes the hash of
    the generated archive;

  - qt5knx, qt5location, qt5mqtt, and qt5opcua: the file .tag at the
    repository root, contains only the full hash placeholder; that file
    is not used at all during the build (AFAICS);

Finally, a sixth package, luajit, uses export-subst; it currently relies
on the github-generated archive (because it happens to currently use a
format that is reproducible); it will also be converted in a follow-up
patch.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Woody Douglass <wdouglass@carnegierobotics.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Cc: Francois Perrad <fperrad@gmail.com>
Cc: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:51 +02:00
Yann E. MORIN
1bcb51517c package/luajit: drop useless post-extract hook
Since version 2.1, LuaJIT follows a rolling-release scheme, which means
that any commit is as good as any other; LuaJIT uses the comitter's UNIX
timestamp as its semver patch level. It uses the git-attribute
export-subst for the .relver file that contains the %ct placeholder for
git-archive to expand it.

In c9dcd9e459 (package/luajit: bump to version 41fb94defa8f...), we
switched to such an upstream version. There was some confusion around
the handling of the git-attribute and where/when it is generated, and
the first revision of the patch used the git download method, so had to
use post-extract hooks to do the replacement, but the second iteration
kept retrieving the archive generated by github, which has the
replacement already done, but the post-extract hooks were not dropped
although now useless...

With the current code, it is easy to bump the LuaJit version and forget
to update the timestamp stored in the .relver file, which would override
the value that was generated on the github side.

Since the post-extract hook is useless, drop it.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Francois Perrad <fperrad@gmail.com>
Cc: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:50 +02:00
Yann E. MORIN
4b5e158596 package/flutter-packages: fix and comment the shared _SOURCE variable
Commit 631647f4a7 (package/flutter-packages/flutter-markdown-example:
new package) introduced a set of flutter packages, all sharing the same
upstream location and sources, and thus introduced a set of shared
variables (not unlike the qt5, qt6, and a few other similar packages).

Especially, it introduced the corresponding _SOURCE variable, that is
referenced by each sub-package of flutter-packages. Defining this
variable is required, because flutter-packages itself is not a package
in Buildroot parlance: it does not call any of the *-package macro. As
such, the default _SOURCE variable is not automatically generated.

The value for the variable was suffixed with the -br1 version-suffix as
used for the archives generated by the git backend.

However, this archive is not generated with our git download backend,
but is generated remotely by github, as the _SITE is computed with our
github helper macro.

So, the -br1 suffix is both superfluous and confusing.

Drop the suffix to avoid any confusion in the future, and add a little
blurb explaining the situation close to where the variable is set, and
add a check-package disable line.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Cc: Adam Duskett <adam.duskett@amarulasolutions.com>
[Arnout: use check-package disable comment instead of ignoring the file]
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:49 +02:00
Yann E. MORIN
b1977d933b package/am33x-cm3: switch upstream
The upstream host, arago-project.org, has vanished, bringing down the
git repository with it.

Switch to another, github-hosted repository, that has the commit we're
interested in.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:47 +02:00
Yann E. MORIN
1b189f5491 package/docker-compose: bump version
The current version of docker-compose is un-vendorable, because the
dependencies it referenmces (directly or indirectly) are not available:

go: github.com/docker/compose/v2/cmd/compose imports
        github.com/moby/buildkit/util/progress/progressui:
        github.com/crazy-max/buildkit@v0.7.1-0.20240130133234-d9aa289bd124:
        invalid version: unknown revision d9aa289bd124

And indeed, that commit does not exist in that repository. The v0.7.1
tag does exist, but there is not commit that matches the short hash
d9aa289bd124, or even the whole version string. Sigh...

There is no way anyone can vendor the version we currently package, and
all they and us can hope for is that we never lose s.b.o ever.

Bump the version. That one can be vendored. Well, at least it can
_still_ be vendored _now_...

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2024-05-09 22:44:46 +02:00
Alexander Egorenkov
0bab157dc8 package/s390-tools: bump version to 2.32.0
Signed-off-by: Alexander Egorenkov <egorenar@linux.ibm.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 22:31:21 +02:00
Julien Olivain
d46b0936ce package/python-sympy: new package
SymPy is a Python library for symbolic mathematics. It aims
to become a full-featured computer algebra system (CAS)
while keeping the code as simple as possible in order to be
comprehensible and easily extensible. SymPy is written
entirely in Python.

https://www.sympy.org/

Signed-off-by: Julien Olivain <ju.o@free.fr>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2024-05-09 22:31:05 +02:00