- Switch to setuptools
- Update License hash due to a year change: 2019 -> 2021
- Install the packages to the site-packages directory, or else packages using
scons fail to build with import errors.
Tested with benejson, gpsd, and mongodb.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
This package now requires host-python-versioneer to build.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Used with the latest version of python-constantly. It is only needed as a
host package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Remove the "# Should be kept in sync with $(SYSTEMD_VERSION)" line from
python-systemd.mk, as this package is not updated on a regular basis and does
not keep up to date with systemd.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
Drop no longer required python-pyrsistent runtime dependency.
Add new python-jsonschema-specifications runtime dependency.
Add new python-referencing runtime dependency.
Add new python-rpds-py runtime dependency.
Propagate python-rpds-py target rust support requirement to
python-jsonschema reverse dependencies.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
The last time python-pyxb was updated according to pypi.org is in 2017.
As there are no maintainers listed for the package, and the package uses
distutils which has been removed in Python 3.12.0, remove the package.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
distutils will be dropped with python 3.12.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Commit 2add559e50 (package/python-kmod: new package) listed LGPL-2.1+
(aka -or-later) as the licensed applicable. However, thode contains the
following blurbs:
# python-kmod is free software: you can redistribute it and/or modify it under
# the terms of the GNU Lesser General Public License version 2.1 as published
# by the Free Software Foundation.
There is no mention of the usual "or, at your option, any later
version".
As such, the license is reall LGPL-2.1-only.
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
This package is currently used in Fedora39 to provide python bindings
for kmod, and it is Python 3.12.0 compatible.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: LGPL in in COPYING.LESSER]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
The python bindings provided by kmod were last updated 9 years ago.
- They are not compatible with Python 3.12.
- No major distribution uses this option.
Remove the option.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Drop patch and associated CVE ignore which is now upstream.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Also, bump package/opencv4-contrib to in lock-step.
This addresses both CVE-2023-2617 and CVE-2023-2618, that have been
fixed in OpenCV 4.8.0.
Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Fix the following build failure with musl raised since bump to version
2.9.0 in commit 8c70374c4f:
atop.h:157:1: error: unknown type name 'time_t'
157 | time_t normalize_epoch(time_t, long);
| ^~~~~~
atop.h:157:1: note: 'time_t' is defined in header '<time.h>'; did you forget to '#include <time.h>'?
atop.h:157:40: error: expected ')' before 'long'
157 | time_t normalize_epoch(time_t, long);
| ^~~~~
| )
Fixes:
- http://autobuild.buildroot.org/results/e7ec8d16f2299320f374a0198c8e9b18a102b037
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Instead of only checking .mk and Config.in{,.host}, check
all files in a package directory.
.checkpackageignore isn't considered here, therefore the shown number
includes ignored warnings as well.
Add another css class to signal some warning, compared to a lot (>5),
similar to patches.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
Some packages are grouped and have a general makefile that defines
reusable variables. These makefiles have no relevant information for
pkg-stats and should be excluded.
Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
The eighth patch release for containerd 1.7 contains various fixes and updates.
https://github.com/containerd/containerd/releases/tag/v1.7.8
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Go version 1.21.4 includes the following security fixes:
CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device path prefix.
CVE-2023-45284: path/filepath: recognize device names with trailing spaces and superscripts
https://go.dev/doc/devel/release#go1.21.4
Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This upstream patch restores the connectivity check functionality with
libcurl 8.4.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15835
Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
When installing node modules with native code, said code needs to be
built for the target; npm will delegate that to an internal copy of gyp,
node_gyp, which uses a python script to generate the build configuration
matching the target.
That script is generated by the nodejs build system (at configure time),
and eventually installed to staging alongside the headers.
Currently, we tell node_gyp to use the script in the nodejs build
directory, with the npm_config_nodedir environment variable:
npm_config_nodedir=$(BUILD_DIR)/nodejs-$(NODEJS_VERSION)
However, that is no longer working since commit 4cbc2af604
(package/nodejs: rename to nodejs-src and convert to virtual package),
for two reasons:
- the version variable NODEJS_VERSION was renamed to
NODEJS_COMMON_VERSION;
- the actual build directory is that of nodejs-src, not nodejs.
When installing node modules with NODEJS_SRC_MODULES_LIST, we happen to
still be running in the nodejs-src package, so it kinda makes sense that
we use the file in nodejs-src build directory. But the NPM macro can
also be called from other packages, in which case it looks uglier to
have to look into nosejs-src build dir from another package context.
Looking at the documentation for node-gyp [0], we can see that nodedir
is meant to point to the path of the node source code;
| `--nodedir=$path` | Set the path to the node source code
However, that is only valid when building natively; here we are more
similar to the "Third Party Node.js Runtimes", where the runtime nodejs
is not the one doing the build; in that case, the following looks more
appropriate:
[...] you
should use `--dist-url` or `--nodedir` flags to specify the headers of the
runtime to build for.
Also when `--dist-url` or `--nodedir` flags are passed, node-gyp will use the
`config.gypi` shipped in the headers distribution to generate build
configurations [...]
So, we are going that route, and point npm_config_nodedir to the staging
dir, where the headers are to be found. This is valid when installing
modules with NODEJS_SRC_MODULES_LIST, as nodejs is already installed in
staging at that time, as the package infra guarantees that staging is
installed before target; it alsop works for modules installed in later
packages (as long as they have nodejs in their dependencies, of course).
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15826
[0] https://github.com/nodejs/node/blob/main/deps/npm/node_modules/node-gyp/README.md
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
- use STAGING_DIR/usr, not TARGET_DIR/usr
- extend commit log to explain what and why
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Node modules available on the npm registry, may contain prebuild
binaries for various targets and/or ABIs; for example., there might be
ARM. AArch64, x86_64 binaries for glibc or musl, for Linux or Darwin.
Needless to say, those binaries will most often not match the current
target architecture; as such, check-bin-arch will whine loudly as
reported in #15823:
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv6.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/android-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.glibc.node" is "Advanced Micro Devices X86-64", should be "AArch64"
ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.musl.node" is "Advanced Micro Devices X86-64", should be "AArch64"
The proper solution would be to remove all those prebuilt binaries, and
request npm to forcefully rebuild the proper binary for the current
architecture; alas, there is no option to tell npm to do so.
Doing it manually would not be easy either, as such modules might be
retrieved as part of the "vendoring" for another module that the user
has requested, and be pretty deep in the dependency chain; trying to fix
this properly would be a nightmare: it would require that we manually
inspect the depednency chain, and install dependent modules one by one,
recursively, re-implementing the same logic npm has when multiple
verions of the same module are installed as part of different branches
of the depenency tree, all while detecting prebuilds and removing them
before installing the mpdule (hence decorrelating download and install,
which is not trivial to do with npm alone).
We also can't simply remove all the prebuilds, because it is not known
whether the location ("<module>/prebuilds/") is standardised, or a
convention with the path noted somewhere in the package metadata, and
how deep they would be in the tree, and whether that could conflict with
arbitrary files...
Instead, we will consider that npm has a sane heuristic to detect
whether it should indeed rebuilt the modules, and that node has a sane
heuristic to know which binary to load at runtime, and we will leave the
prebuilt binaries in place and just exclude them from being checked.
Fixes: https://bugs.busybox.net/show_bug.cgi?id=15823
Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
Migrate from generic pep517 infrastructure to maturin infrastructure.
Verified license is still MIT after hash changed.
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
