subject:"Bug#1065057\: bookworm\-pu\: package php\-composer\-xdebug\-handler\/3.0.3\-2\+deb12u1"

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

2024-03-28 Thread David Prévot

Hi Adam,

Le Mon, Mar 25, 2024 at 06:44:54PM +, Adam D. Barratt a écrit :
> On Thu, 2024-02-29 at 11:18 +0100, David Prévot wrote:
> > This is a follow up from composer/DSA-5632-1.
[…]
> +  * Track debian/bookworm-security
> 
> Even though this update isn't going to the security archive?

Well, the debian/bookworm branch has already been published, and is
related to version 2 that was (once) the targeted version for Bookworm.
Version 3 was finally pushed to unstable before Bookworm got released
and this old debian/bookworm was forgotten until now. I decided to use
another branch name for this upload instead of messing with Git history
(after all, it’s just a branch name), but I agree it’s a bit of a mess.

Regards,

taffit

signature.asc
Description: PGP signature

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

2024-03-25 Thread Adam D. Barratt

Control: tags -1 + confirmed

On Thu, 2024-02-29 at 11:18 +0100, David Prévot wrote:
> This is a follow up from composer/DSA-5632-1.
> 
> In order to fix a Debian-specific issue related to CVE-2024-24821, we
> agreed with the security team to push related dependencies via the
> next
> point release.

+  * Track debian/bookworm-security

Even though this update isn't going to the security archive?

Please go ahead.

Regards,

Adam

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

2024-02-29 Thread David Prévot

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: php-composer-xdebug-hand...@packages.debian.org, 
t...@security.debian.org
Control: affects -1 + src:php-composer-xdebug-handler
User: release.debian@packages.debian.org
Usertags: pu

[2/9 for bookworm]

This is a follow up from composer/DSA-5632-1.

In order to fix a Debian-specific issue related to CVE-2024-24821, we
agreed with the security team to push related dependencies via the next
point release.

The only change (besides changelog entry) in the binary package is the
following (thanks to diffoscope).

│ │ ├── ./usr/share/php/Composer/XdebugHandler/autoload.php
│ │ │ @@ -1,12 +1,12 @@
│ │ │  diff -Nru php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl
--- php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl	1970-01-01 01:00:00.0 +0100
+++ php-composer-xdebug-handler-3.0.3/debian/autoload.php.tpl	2024-02-13 17:13:43.0 +0100
@@ -0,0 +1,30 @@
+  Tue, 13 Feb 2024 17:13:43 +0100
+
 php-composer-xdebug-handler (3.0.3-2) unstable; urgency=medium
 
   * Upload to unstable for composer 2.3
diff -Nru php-composer-xdebug-handler-3.0.3/debian/clean php-composer-xdebug-handler-3.0.3/debian/clean
--- php-composer-xdebug-handler-3.0.3/debian/clean	2022-01-05 14:42:04.0 +0100
+++ php-composer-xdebug-handler-3.0.3/debian/clean	2024-02-13 17:13:43.0 +0100
@@ -1,6 +1,6 @@
 .phpunit.result.cache
 Composer/
-debian/autoload.php.tpl
 debian/autoload.tests.php.tpl
+Psr
 src/autoload.php
 vendor/
diff -Nru php-composer-xdebug-handler-3.0.3/debian/control php-composer-xdebug-handler-3.0.3/debian/control
--- php-composer-xdebug-handler-3.0.3/debian/control	2022-06-17 19:03:15.0 +0200
+++ php-composer-xdebug-handler-3.0.3/debian/control	2024-02-13 17:13:43.0 +0100
@@ -12,7 +12,7 @@
 Standards-Version: 4.6.1
 Homepage: https://github.com/composer/xdebug-handler
 Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler
-Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/latest
+Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-xdebug-handler.git -b debian/bookworm-security
 Rules-Requires-Root: no
 
 Package: php-composer-xdebug-handler
diff -Nru php-composer-xdebug-handler-3.0.3/debian/gbp.conf php-composer-xdebug-handler-3.0.3/debian/gbp.conf
--- php-composer-xdebug-handler-3.0.3/debian/gbp.conf	2022-01-05 15:28:30.0 +0100
+++ php-composer-xdebug-handler-3.0.3/debian/gbp.conf	2024-02-13 17:13:43.0 +0100
@@ -1,5 +1,5 @@
 [DEFAULT]
-debian-branch = debian/latest
+debian-branch = debian/bookworm-security
 filter = [ '.gitattributes' ]
 pristine-tar = True
 upstream-vcs-tag = %(version%~%-)s
diff -Nru php-composer-xdebug-handler-3.0.3/debian/rules php-composer-xdebug-handler-3.0.3/debian/rules
--- php-composer-xdebug-handler-3.0.3/debian/rules	2022-01-05 14:42:04.0 +0100
+++ php-composer-xdebug-handler-3.0.3/debian/rules	2024-02-13 17:13:43.0 +0100
@@ -3,13 +3,14 @@
 	dh $@
 
 override_dh_auto_build:
-	phpabtpl composer.json > debian/autoload.php.tpl
 	phpab \
 		--output src/autoload.php \
 		--template debian/autoload.php.tpl \
 		src
 	mkdir --parents vendor Composer
-	ln -s ../src Composer/XdebugHandler
+	cp -r src Composer/XdebugHandler
+	ln -s /usr/share/php/Composer/Pcre Composer
+	ln -s /usr/share/php/Psr .
 	phpabtpl \
 		--require composer/xdebug-handler \
 		> debian/autoload.tests.php.tpl


signature.asc
Description: PGP signature

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

Bug#1065057: bookworm-pu: package php-composer-xdebug-handler/3.0.3-2+deb12u1

3 matches

Site Navigation

Mail list logo

Footer information