Commit Graph

70187 Commits

Author SHA1 Message Date
Bernd Kuhls
b8c92f7d48 {linux, linux-headers}: bump 4.{14, 19}.x / 5.{4, 10, 15}.x / 6.{1, 5, 6}.x series
Signed-off-by: Bernd Kuhls <bernd@kuhls.net>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-11-11 14:38:16 +01:00
James Hilliard
90cfa7b1e9 package/python-lmdb: bump to version 1.4.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:17:54 +01:00
James Hilliard
d8ae2986a0 package/python-libusb1: bump to version 3.1.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:17:22 +01:00
James Hilliard
26b8b6c7cf package/python-lark: bump to version 1.1.8
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:17:00 +01:00
James Hilliard
b23e072065 package/python-kiwisolver: bump to version 1.4.5
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:16:41 +01:00
Adam Duskett
ab3d5a5f5e package/scons: bump version to 4.5.2
- Switch to setuptools
- Update License hash due to a year change: 2019 -> 2021
- Install the packages to the site-packages directory, or else packages using
  scons fail to build with import errors.

Tested with benejson, gpsd, and mongodb.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:09:24 +01:00
Adam Duskett
6273b2f85d package/python-constantly: bump version to 23.10.4
This package now requires host-python-versioneer to build.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:06:16 +01:00
Adam Duskett
53931943eb package/python-versioneer: new package
Used with the latest version of python-constantly. It is only needed as a
host package.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:06:12 +01:00
Adam Duskett
80adc6bee2 package/python-systemd: bump version to 235
Remove the "# Should be kept in sync with $(SYSTEMD_VERSION)" line from
python-systemd.mk, as this package is not updated on a regular basis and does
not keep up to date with systemd.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:06:00 +01:00
James Hilliard
37a1a194b1 package/python-keyring: bump to version 24.2.0
Add new python-jaraco-classes runtime dependency.

Add new python-jeepney runtime dependency.

License hash changed due to copyright notice removal:
5957d58266

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:50 +01:00
James Hilliard
554ecdf49a package/python-jeepney: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:49 +01:00
James Hilliard
64fc2dd727 package/python-jsonschema: bump to version 4.19.2
Drop no longer required python-pyrsistent runtime dependency.

Add new python-jsonschema-specifications runtime dependency.

Add new python-referencing runtime dependency.

Add new python-rpds-py runtime dependency.

Propagate python-rpds-py target rust support requirement to
python-jsonschema reverse dependencies.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:48 +01:00
James Hilliard
94e985fdc3 package/python-jsonschema-specifications: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:47 +01:00
James Hilliard
2a36024a63 package/python-referencing: new package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:46 +01:00
James Hilliard
aaa315b6a7 package/python-filelock: bump to version 3.13.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:45 +01:00
James Hilliard
013061755d package/python-hatchling: bump to version 1.18.0
Add new host-python-trove-classifiers build dependency.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:44 +01:00
James Hilliard
10e7866f39 package/python-trove-classifiers: new host package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:43 +01:00
James Hilliard
257c88b75e package/python-calver: new host package
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Arnout Vandecappelle <arnout@mind.be>
2023-11-10 22:01:42 +01:00
Adam Duskett
c079912374 package/python-pyxb: Drop package
The last time python-pyxb was updated according to pypi.org is in 2017.
As there are no maintainers listed for the package, and the package uses
distutils which has been removed in Python 3.12.0, remove the package.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 22:49:45 +01:00
James Hilliard
e759e927b3 package/python-pygame: switch from distutils to setuptools
distutils will be dropped with python 3.12.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 22:49:36 +01:00
Yann E. MORIN
74ceb71a52 package/python-kmod: fix licensing
Commit 2add559e50 (package/python-kmod: new package) listed LGPL-2.1+
(aka -or-later) as the licensed applicable. However, thode contains the
following blurbs:

    # python-kmod is free software: you can redistribute it and/or modify it under
    # the terms of the GNU Lesser General Public License version 2.1 as published
    # by the Free Software Foundation.

There is no mention of the usual "or, at your option, any later
version".

As such, the license is reall LGPL-2.1-only.

Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 22:32:08 +01:00
Adam Duskett
2add559e50 package/python-kmod: new package
This package is currently used in Fedora39 to provide python bindings
for kmod, and it is Python 3.12.0 compatible.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
[yann.morin.1998@free.fr: LGPL in in COPYING.LESSER]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 22:26:18 +01:00
Adam Duskett
e5467ad9f5 package/kmod: drop python support
The python bindings provided by kmod were last updated 9 years ago.
  - They are not compatible with Python 3.12.
  - No major distribution uses this option.

Remove the option.

Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 22:13:28 +01:00
James Hilliard
1c56620ee9 package/python-networkx: bump to version 3.2.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:49 +01:00
James Hilliard
0a073da1d1 package/python-netaddr: bump to version 0.9.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:44 +01:00
James Hilliard
85b803fafa package/python-mypy-extensions: bump to version 1.0.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:37 +01:00
James Hilliard
eb5e6a6500 package/python-mutagen: bump to version 1.47.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:31 +01:00
James Hilliard
ece72fffdc package/python-munch: bump to version 4.0.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:25 +01:00
James Hilliard
014a66fcde package/python-msgpack: bump to version 1.0.7
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:19 +01:00
James Hilliard
c616c640d2 package/python-msgfy: bump to version 0.2.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:13 +01:00
James Hilliard
8903773f7e package/python-more-itertools: bump to version 10.1.0
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:07 +01:00
James Hilliard
4ab85dc04e package/python-modbus-tk: bump to version 1.1.3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:58:01 +01:00
James Hilliard
20d6625eb1 package/python-mistune: bump to version 3.0.2
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:55 +01:00
James Hilliard
24872df678 package/python-mbstrdecoder: bump to version 1.1.3
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:49 +01:00
James Hilliard
bea0baf6ba package/python-marshmallow: bump to version 3.20.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:43 +01:00
James Hilliard
d6e9553bef package/python-markdown2: bump to version 2.4.10
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:37 +01:00
James Hilliard
f9c7fb6806 package/python-markdown: bump to version 3.5.1
Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:31 +01:00
James Hilliard
713ce6547d package/python-m2crypto: bump to version 0.40.1
Drop patch and associated CVE ignore which is now upstream.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
[yann.morin.1998@free.fr: update .checkpackageignore]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-09 21:57:03 +01:00
Woodrow Douglass
a01490397e package/opencv4: security bump to version 4.8.1
Also, bump package/opencv4-contrib to in lock-step.

This addresses both CVE-2023-2617 and CVE-2023-2618, that have been
fixed in OpenCV 4.8.0.

Signed-off-by: Woodrow Douglass <wdouglass@carnegierobotics.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 23:28:53 +01:00
Maxim Kochetkov
e3e844a1f9 package/libosmium: add optional GDAL dependency
Signed-off-by: Maxim Kochetkov <fido_max@inbox.ru>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 23:26:58 +01:00
Waldemar Brodkorb
14ae33c669 support/testing/tests/package/test_ruby.py: new runtime test
Signed-off-by: Waldemar Brodkorb <wbx@openadk.org>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 23:18:52 +01:00
Fabrice Fontaine
4d208906c7 package/atop: fix musl build
Fix the following build failure with musl raised since bump to version
2.9.0 in commit 8c70374c4f:

atop.h:157:1: error: unknown type name 'time_t'
  157 | time_t          normalize_epoch(time_t, long);
      | ^~~~~~
atop.h:157:1: note: 'time_t' is defined in header '<time.h>'; did you forget to '#include <time.h>'?
atop.h:157:40: error: expected ')' before 'long'
  157 | time_t          normalize_epoch(time_t, long);
      |                                        ^~~~~
      |                                        )

Fixes:
 - http://autobuild.buildroot.org/results/e7ec8d16f2299320f374a0198c8e9b18a102b037

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 23:05:41 +01:00
Daniel Lang
c3c5320ce2 support/scripts/pkg-stats: check all files for warnings
Instead of only checking .mk and Config.in{,.host}, check
all files in a package directory.
.checkpackageignore isn't considered here, therefore the shown number
includes ignored warnings as well.
Add another css class to signal some warning, compared to a lot (>5),
similar to patches.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 22:14:27 +01:00
Daniel Lang
1aa198f728 support/scripts/pkg-stats: ignore more makefiles that aren't packages
Some packages are grouped and have a general makefile that defines
reusable variables. These makefiles have no relevant information for
pkg-stats and should be excluded.

Signed-off-by: Daniel Lang <dalang@gmx.at>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2023-11-08 21:59:50 +01:00
Christian Stewart
fd41e442f0 package/containerd: bump version to v1.7.8
The eighth patch release for containerd 1.7 contains various fixes and updates.

https://github.com/containerd/containerd/releases/tag/v1.7.8

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-11-08 08:08:54 +01:00
Christian Stewart
bf1d1a9b7a package/go: security bump to go1.21.4
Go version 1.21.4 includes the following security fixes:

CVE-2023-45283: path/filepath: recognize \??\ as a Root Local Device path prefix.
CVE-2023-45284: path/filepath: recognize device names with trailing spaces and superscripts

https://go.dev/doc/devel/release#go1.21.4

Signed-off-by: Christian Stewart <christian@aperture.us>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-11-08 08:07:44 +01:00
Christian Hitz
b660402b57 package/network-manager: add patch for compatibility with curl 8.4
This upstream patch restores the connectivity check functionality with
libcurl 8.4.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=15835

Signed-off-by: Christian Hitz <christian.hitz@bbv.ch>
Reviewed-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-07 22:54:53 +01:00
Giulio Benetti
359eb5072d package/nodejs: fix build of modules with native code
When installing node modules with native code, said code needs to be
built for the target; npm will delegate that to an internal copy of gyp,
node_gyp, which uses a python script to generate the build configuration
matching the target.

That script is generated by the nodejs build system (at configure time),
and eventually installed to staging alongside the headers.

Currently, we tell node_gyp to use the script in the nodejs build
directory, with the npm_config_nodedir environment variable:
    npm_config_nodedir=$(BUILD_DIR)/nodejs-$(NODEJS_VERSION)

However, that is no longer working since commit 4cbc2af604
(package/nodejs: rename to nodejs-src and convert to virtual package),
for two reasons:

  - the version variable NODEJS_VERSION was renamed to
    NODEJS_COMMON_VERSION;

  - the actual build directory is that of nodejs-src, not nodejs.

When installing node modules with NODEJS_SRC_MODULES_LIST, we happen to
still be running in the nodejs-src package, so it kinda makes sense that
we use the file in nodejs-src build directory. But the NPM macro can
also be called from other packages, in which case it looks uglier to
have to look into nosejs-src build dir from another package context.

Looking at the documentation for node-gyp [0], we can see that nodedir
is meant to point to the path of the node source code;

    | `--nodedir=$path`                 | Set the path to the node source code

However, that is only valid when building natively; here we are more
similar to the "Third Party Node.js Runtimes", where the runtime nodejs
is not the one doing the build; in that case, the following looks more
appropriate:

    [...] you
    should use `--dist-url` or `--nodedir` flags to specify the headers of the
    runtime to build for.

    Also when `--dist-url` or `--nodedir` flags are passed, node-gyp will use the
    `config.gypi` shipped in the headers distribution to generate build
    configurations [...]

So, we are going that route, and point npm_config_nodedir to the staging
dir, where the headers are to be found. This is valid when installing
modules with NODEJS_SRC_MODULES_LIST, as nodejs is already installed in
staging at that time, as the package infra guarantees that staging is
installed before target; it alsop works for modules installed in later
packages (as long as they have nodejs in their dependencies, of course).

Fixes: https://bugs.busybox.net/show_bug.cgi?id=15826

[0] https://github.com/nodejs/node/blob/main/deps/npm/node_modules/node-gyp/README.md

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
[yann.morin.1998@free.fr:
  - use STAGING_DIR/usr, not TARGET_DIR/usr
  - extend commit log to explain what and why
]
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-07 22:34:57 +01:00
Giulio Benetti
cbc5691ab2 package/nodejs/nodejs-src: fix arch check on additional modules
Node modules available on the npm registry, may contain prebuild
binaries for various targets and/or ABIs; for example., there might be
ARM. AArch64, x86_64 binaries for glibc or musl, for Linux or Darwin.
Needless to say, those binaries will most often not match the current
target architecture; as such, check-bin-arch will whine loudly as
reported in #15823:

    ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv6.node" is "ARM", should be "AArch64"
    ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/android-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
    ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-arm/node.napi.armv7.node" is "ARM", should be "AArch64"
    ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.glibc.node" is "Advanced Micro Devices X86-64", should be "AArch64"
    ERROR: architecture for "/usr/lib/node_modules/node-red-node-serialport/node_modules/@serialport/bindings-cpp/prebuilds/linux-x64/node.napi.musl.node" is "Advanced Micro Devices X86-64", should be "AArch64"

The proper solution would be to remove all those prebuilt binaries, and
request npm to forcefully rebuild the proper binary for the current
architecture; alas, there is no option to tell npm to do so.

Doing it manually would not be easy either, as such modules might be
retrieved as part of the "vendoring" for another module that the user
has requested, and be pretty deep in the dependency chain; trying to fix
this properly would be a nightmare: it would require that we manually
inspect the depednency chain, and install dependent modules one by one,
recursively, re-implementing the same logic npm has when multiple
verions of the same module are installed as part of different branches
of the depenency tree, all while detecting prebuilds and removing them
before installing the mpdule (hence decorrelating download and install,
which is not trivial to do with npm alone).

We also can't simply remove all the prebuilds, because it is not known
whether the location ("<module>/prebuilds/") is standardised, or a
convention with the path noted somewhere in the package metadata, and
how deep they would be in the tree, and whether that could conflict with
arbitrary files...

Instead, we will consider that npm has a sane heuristic to detect
whether it should indeed rebuilt the modules, and that node has a sane
heuristic to know which binary to load at runtime, and we will leave the
prebuilt binaries in place and just exclude them from being checked.

Fixes: https://bugs.busybox.net/show_bug.cgi?id=15823

Signed-off-by: Giulio Benetti <giulio.benetti@benettiengineering.com>
Reviewed-by: Yegor Yefremov <yegorslists@googlemail.com>
Tested-by: Marcus Hoffmann <marcus.hoffmann@othermo.de>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-07 22:31:43 +01:00
James Hilliard
f59da331af package/python-rpds-py: bump to version 0.12.0
Migrate from generic pep517 infrastructure to maturin infrastructure.

Verified license is still MIT after hash changed.

Signed-off-by: James Hilliard <james.hilliard1@gmail.com>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-11-07 11:51:00 +01:00