commit: e172bd677fe11bb073517ac058b154c80b3abecf Author: Tomáš Mózes <hydrapolic <AT> gmail <DOT> com> AuthorDate: Wed Sep 28 08:49:07 2022 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Thu Sep 29 02:16:02 2022 +0000 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=e172bd67
www-apps/gitea: security bump to 1.17.2 Bug: https://bugs.gentoo.org/868996 Signed-off-by: Tomáš Mózes <hydrapolic <AT> gmail.com> Closes: https://github.com/gentoo/gentoo/pull/27506 Signed-off-by: Sam James <sam <AT> gentoo.org> www-apps/gitea/Manifest | 1 + www-apps/gitea/gitea-1.17.2.ebuild | 125 +++++++++++++++++++++++++++++++++++++ 2 files changed, 126 insertions(+) diff --git a/www-apps/gitea/Manifest b/www-apps/gitea/Manifest index 7fa6b63e737a..67c39f569b76 100644 --- a/www-apps/gitea/Manifest +++ b/www-apps/gitea/Manifest @@ -1,3 +1,4 @@ DIST gitea-1.16.7.tar.gz 53657579 BLAKE2B ae9d67fa633bcc5156036f033a4ed084b5b6ac0d71ec6a1ec0d0c88848233f3f0f0c22ca1c33289dc0e9950a8b299e26a88417e03643972f6721f94097b37d85 SHA512 7a31330e46078e215eecfbb2ec28373be1a176790720afbcf9674f3530d66f300d8ef9e47b9b9124cda9ce585d26d40c975e4897e5a3477dcec28b6f2b16735c DIST gitea-1.16.9.tar.gz 53660093 BLAKE2B f289a6525b046efa56b0250a997c1b1957c58447b87d7b0f5a65754ff3278da5dd37e1cf090b6d27c61d779fe2f19c4405aff9be526c5689935fba88c8488ad5 SHA512 b27da6b77ac33829ba3108e54c8fab59fe80f2ce88cc5eeb95ec38186da4b34508cdfb1a5fe0a68013001403a69080ebddb8d5116a73e1cf47e27ee4cc3095f1 DIST gitea-1.17.1.tar.gz 52649181 BLAKE2B b8a444900a3efc9911cad17b32933ada7995dd3424bc92c034222fdf50ea7629fc0b190fad7563c4694228021784c66196ae2f5df533bbcc36e6e2eccd9e57c0 SHA512 9afa5e58e90fcda957f8f5eba76931d5a933554c47965180371c9b73c887810aa67e8e87fc619a1abcb954379de23750e9e93654d518c6ab77b2ca944eb186d6 +DIST gitea-1.17.2.tar.gz 52668293 BLAKE2B 02f50ee5ef30887fb5daf5d3543bdb4b0fe2e4f3903c29beedc134d861fe23df92f4d379d6faacfd984ff203eefff6d6c7dca06e6b974538557e3694f1f2a03b SHA512 fe0176cb4dee724ec91e5f44cb71851368d0e4234c20f17bcccbb422f90c6545184d1f620bbd5999ca24c477e0cf0de7c4a21ce93e3532f29e0b2bba7d03ffb9 diff --git a/www-apps/gitea/gitea-1.17.2.ebuild b/www-apps/gitea/gitea-1.17.2.ebuild new file mode 100644 index 000000000000..c0f056208ec7 --- /dev/null +++ b/www-apps/gitea/gitea-1.17.2.ebuild @@ -0,0 +1,125 @@ +# Copyright 2016-2022 Gentoo Authors +# Distributed under the terms of the GNU General Public License v2 + +EAPI=8 + +inherit fcaps go-module tmpfiles systemd flag-o-matic + +DESCRIPTION="A painless self-hosted Git service" +HOMEPAGE="https://gitea.io https://github.com/go-gitea/gitea"; + +if [[ ${PV} == *9999 ]]; then + inherit git-r3 + EGIT_REPO_URI="https://github.com/go-gitea/gitea.git"; +else + SRC_URI="https://github.com/go-gitea/gitea/releases/download/v${PV}/gitea-src-${PV}.tar.gz -> ${P}.tar.gz" + KEYWORDS="~amd64 ~arm ~arm64 ~x86" +fi + +S="${WORKDIR}/${PN}-src-${PV}" + +LICENSE="Apache-2.0 BSD BSD-2 ISC MIT MPL-2.0" +SLOT="0" +IUSE="+acct pam sqlite pie" + +DEPEND=" + acct? ( + acct-group/git + acct-user/git[gitea] ) + pam? ( sys-libs/pam )" +RDEPEND="${DEPEND} + dev-vcs/git" + +DOCS=( + custom/conf/app.example.ini CONTRIBUTING.md README.md +) +FILECAPS=( + -m 711 cap_net_bind_service+ep usr/bin/gitea +) + +RESTRICT="test" + +src_prepare() { + default + + local sedcmds=( + -e "s#^ROOT =#ROOT = ${EPREFIX}/var/lib/gitea/gitea-repositories#" + -e "s#^ROOT_PATH =#ROOT_PATH = ${EPREFIX}/var/log/gitea#" + -e "s#^APP_DATA_PATH = data#APP_DATA_PATH = ${EPREFIX}/var/lib/gitea/data#" + -e "s#^HTTP_ADDR = 0.0.0.0#HTTP_ADDR = 127.0.0.1#" + -e "s#^MODE = console#MODE = file#" + -e "s#^LEVEL = Trace#LEVEL = Info#" + -e "s#^LOG_SQL = true#LOG_SQL = false#" + -e "s#^DISABLE_ROUTER_LOG = false#DISABLE_ROUTER_LOG = true#" + ) + + sed -i "${sedcmds[@]}" custom/conf/app.example.ini || die + if use sqlite ; then + sed -i -e "s#^DB_TYPE = .*#DB_TYPE = sqlite3#" custom/conf/app.example.ini || die + fi +} + +src_configure() { + # bug 832756 - PIE build issues + filter-flags -fPIE + filter-ldflags -fPIE -pie +} + +src_compile() { + local gitea_tags=( + bindata + $(usev pam) + $(usex sqlite 'sqlite sqlite_unlock_notify' '') + ) + local gitea_settings=( + "-X code.gitea.io/gitea/modules/setting.CustomConf=${EPREFIX}/etc/gitea/app.ini" + "-X code.gitea.io/gitea/modules/setting.CustomPath=${EPREFIX}/var/lib/gitea/custom" + "-X code.gitea.io/gitea/modules/setting.AppWorkPath=${EPREFIX}/var/lib/gitea" + ) + local makeenv=( + DRONE_TAG="${PV}" + LDFLAGS="-extldflags \"${LDFLAGS}\" ${gitea_settings[*]}" + TAGS="${gitea_tags[*]}" + ) + + GOFLAGS="" + if use pie ; then + GOFLAGS+="-buildmode=pie" + fi + + env "${makeenv[@]}" emake EXTRA_GOFLAGS="${GOFLAGS}" backend +} + +src_install() { + dobin gitea + + einstalldocs + + newconfd "${FILESDIR}/gitea.confd-r1" gitea + newinitd "${FILESDIR}/gitea.initd-r3" gitea + newtmpfiles - gitea.conf <<-EOF + d /run/gitea 0755 git git + EOF + systemd_newunit "${FILESDIR}"/gitea.service-r3 gitea.service + + insinto /etc/gitea + newins custom/conf/app.example.ini app.ini + if use acct; then + fowners root:git /etc/gitea/{,app.ini} + fperms g+w,o-rwx /etc/gitea/{,app.ini} + + diropts -m0750 -o git -g git + keepdir /var/lib/gitea /var/lib/gitea/custom /var/lib/gitea/data + keepdir /var/log/gitea + fi +} + +pkg_postinst() { + fcaps_pkg_postinst + tmpfiles_process gitea.conf + + ewarn "The default JWT signing algorithm changed in 1.15.0 from HS256 (symmetric) to" + ewarn "RS256 (asymmetric). Gitea OAuth2 tokens (and potentially client secrets) will" + ewarn "need to be regenerated unless you change your JWT_SIGNING_ALGORITHM back to HS256." + ewarn "For other breaking changes, see <https://github.com/go-gitea/gitea/releases/tag/v1.15.0>." +}
