Re: If a submitted port is in "enlightenment" category, who should maintain it?

2018-02-25 Thread Kubilay Kocak 
On 2/26/18 9:45 AM, Yuri wrote:
> Can it/should it be assigned to enlightenm...@freebsd.org?

For new ports, it's a defacto, strongly encouraged guideline that new
ports should be MAINTAINER'd by the person who authored it, for reasons
outlined:

https://www.freebsd.org/doc/en/books/porters-handbook/makefile-maintainer.html

and

https://www.freebsd.org/doc/en_US.ISO8859-1/articles/contributing/ports-contributing.html#maintain-port

> Does enlightenm...@freebsd.org need to be asked if they want to maintain
> it?

Yes, unless a team has explicitly said that its OK (the python team for
python ports is close to this). But this (new port) is different than
existing ports who's maintainers are being reset.

> Or the submitter should maintain it?

Yes, all else being equal, in almost all cases, unless there is a good
reason not to (say its a very important, highly impactful port that
*should* be maintained by the ports team responsible for that software
ecosystem)

> 
> Yuri
> 

___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: poudriere: "Permission denied" in the extract phase?

2018-02-25 Thread Yuri 

On 02/25/18 05:37, Marcin Cieslak wrote:

Yes, this is my private port that I am using to produce FreeBSD binaries
for node-sass. Getting binary npm modules into our ports tree is another 
conversation.

The problem here is that a whole thing worked for me before for months
so I am aware of all those limitations for particular build phases
(it took me long to figure out that).



npm is an extremely volatile technology. Some package might work now, 
and then break in a week due to a dependency package update.


It continuously automatically updates files that are downloaded as 
dependencies.


NodeJS is largely incompatible with the FreeBSD ports system because of 
this volatility.


NodeJS is also a very insecure technology. It brings files directly from 
github without any vetting. So if somebody will update some github 
package with malware, it is extremely likely that next day this malware 
will end up on your production servers. There is nobody in between, you 
have to always trust hundreds of parties.



Yuri


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

If a submitted port is in "enlightenment" category, who should maintain it?

2018-02-25 Thread Yuri 

Can it/should it be assigned to enlightenm...@freebsd.org?

Does enlightenm...@freebsd.org need to be asked if they want to maintain it?

Or the submitter should maintain it?


Yuri


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: Dropping maintainership for pydio / softether / wmconfig

2018-02-25 Thread Hiroki Sato 
Hi,

Koichiro IWAO  wrote
  in 
<01010161bc060e73-5e01b825-b1eb-4f4a-a112-b280ae670da7-000...@us-west-2.amazonses.com>:

me>
me> I'll take the maintainership if nobody wants however
me> I think security/softether and security/softether-devel
me> should be maintained by the same maintainer.
me>
me> Sato-san, would you like to maintain net/softether as well?

 Yes, my time for FreeBSD is quite limited until AsiaBSDCon but I am
 considering to merge the two ports into one at least.  Please send me
 a patch if you have.

-- Hiroki


pgp7fJGYHjdVq.pgp
Description: PGP signature

Re: poudriere: "Permission denied" in the extract phase?

2018-02-25 Thread Marcin Cieslak 
On Sun, 25 Feb 2018, Adam Weinberger wrote:

> > > (full log:
> > > https://gist.github.com/saper/0be3f9b4e9eb819d3ec00f5273705517#file-node-sass-4-7-2-log
> > > )
> > > 
> > > Why are /bin/mkdir -p and /bin/cp commands invoked again in the "extract"
> > > phase?
> > > 
> > > FreeBSD 11.1-STABLE #10 r321629 running poudriere-3.2.4 (I have updated
> > > poudriere today)
> 
> First of all, just so you know, npm module ports won't be added to the ports
> tree. I just wanted to be clear in case you were planning on submitting it.
> There were a couple threads about this a while back.
> 
> With that out of the way, you're hitting errors for two reasons here.

Yes, this is my private port that I am using to produce FreeBSD binaries
for node-sass. Getting binary npm modules into our ports tree is another 
conversation.

The problem here is that a whole thing worked for me before for months
so I am aware of all those limitations for particular build phases
(it took me long to figure out that).

> The first problem is that npm needs network access, and poudriere prevents
> ports from dialing out. You can work around this with the
> ALLOW_NETWORKING_PACKAGES variable in poudriere.conf.
> 
> The other problem you're hitting is that npm saves a cache, and for some
> reason you're trying to run it from /usr/ports/distfiles/node-sass. Ports
> themselves should never, ever have the ability to create files in
> /usr/ports/distfiles. If you run 'npm install' from ${WRKSRC}, then you can
> do:
>   cd ${WRKSRC} && ${SETENV} HOME=/tmp npm install

Aren't ports allowed to write in /usr/ports/distfiles during the fetch phase?
That would be new to me...

This whole thing was working for me before (with older poudriere/bsd.port.mk 
maybe).
I try to force npm to fetch everything (including dependent modules)
in the fetch phase:

 42 post-fetch:
 43 ${MKDIR} ${DISTDIR}/${PORTNAME}
 44 ${MKDIR} ${NPM_CACHE}
 45 ${CP} ${FILESDIR}/package-lock.json ${DISTDIR}/${PORTNAME}
 46 ${CP} ${FILESDIR}/package.json ${DISTDIR}/${PORTNAME}
 47 (cd ${DISTDIR}/${PORTNAME} && ${SETENV} 
NPM_CONFIG_CACHE=${NPM_CACHE} npm install --ignore-scripts)

I copy everything I need from distfiles to ${WRKSRC} in the extract phase:

 49 post-extract:
 50 (cd ${DISTDIR}/${PORTNAME} && ${FIND} node_modules | ${PAX} -rw 
${WRKSRC})
 51 

I build everything without touching the network:

 52 do-build:
 53 (cd ${WRKSRC} && ${SETENV} ${CONFIGURE_ENV} ${MAKE_ENV} 
NPM_CONFIG_CACHE=${NPM_CACHE} npm install --nodedir=${LOCALBASE})

The problem in particular is that "post-fetch" target is invoked ALSO during 
the "extract" target,
I don't know why:

===
   
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
 
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm

It did that already in the fetch phase:

===
===
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm

and it tries that again in the checksum phase:

===
===
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm

Maybe there is an additional check for a successful fetch that I have missed.

Marcin

smime.p7s
Description: S/MIME Cryptographic Signature

Re: poudriere: "Permission denied" in the extract phase?

2018-02-25 Thread Adam Weinberger 

On 24 Feb, 2018, at 19:53, Marcin Cieslak  wrote:

On Sun, 25 Feb 2018, Marcin Cieslak wrote:


Hello,

why is poudriere on 11.1-STABLE trying to build by custom port which has  
the following

in the Makefile:

post-fetch:
${MKDIR} ${DISTDIR}/${PORTNAME}
${MKDIR} ${NPM_CACHE}
${CP} ${FILESDIR}/package-lock.json ${DISTDIR}/${PORTNAME}
${CP} ${FILESDIR}/package.json ${DISTDIR}/${PORTNAME}
(cd ${DISTDIR}/${PORTNAME} && ${SETENV} NPM_CONFIG_CACHE=${NPM_CACHE} 
npm install --ignore-scripts)

( complete port:  
https://github.com/saper/ports-exp/tree/master/textproc/node-sass )


The results are those:

( this was wrong, the full log is also corrected )

===>   Returning to build of node-sass-4.7.2
===
===
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm
/bin/cp /usr/ports/textproc/node-sass/files/package-lock.json  
/portdistfiles/node-sass
/bin/cp /usr/ports/textproc/node-sass/files/package.json  
/portdistfiles/node-sass
(cd /portdistfiles/node-sass && /usr/bin/env  
NPM_CONFIG_CACHE=/portdistfiles/npm npm install --ignore-scripts)
npm WARN lifecycle node-sass@4.7.2~install: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 node scripts/install.js /portdistfiles/node-sass
npm WARN lifecycle node-sass@4.7.2~postinstall: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 node scripts/build.js /portdistfiles/node-sass
npm WARN prepublish-on-install As of npm@5, `prepublish` scripts are  
deprecated.
npm WARN prepublish-on-install Use `prepare` for build steps and  
`prepublishOnly` for upload-only.
npm WARN prepublish-on-install See the deprecation note in `npm help  
scripts` for more information.
npm WARN lifecycle node-sass@4.7.2~prepublish: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 not-in-install && node scripts/prepublish.js ||  
in-install /portdistfiles/node-sass

added 356 packages in 10.684s
===
===
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm
/bin/cp /usr/ports/textproc/node-sass/files/package-lock.json  
/portdistfiles/node-sass
/bin/cp /usr/ports/textproc/node-sass/files/package.json  
/portdistfiles/node-sass
(cd /portdistfiles/node-sass && /usr/bin/env  
NPM_CONFIG_CACHE=/portdistfiles/npm npm install --ignore-scripts)
npm WARN lifecycle node-sass@4.7.2~install: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 node scripts/install.js /portdistfiles/node-sass
npm WARN lifecycle node-sass@4.7.2~postinstall: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 node scripts/build.js /portdistfiles/node-sass
npm WARN prepublish-on-install As of npm@5, `prepublish` scripts are  
deprecated.
npm WARN prepublish-on-install Use `prepare` for build steps and  
`prepublishOnly` for upload-only.
npm WARN prepublish-on-install See the deprecation note in `npm help  
scripts` for more information.
npm WARN lifecycle node-sass@4.7.2~prepublish: cannot run in wd %s %s  
(wd=%s) node-sass@4.7.2 not-in-install && node scripts/prepublish.js ||  
in-install /portdistfiles/node-sass
npm WARN ajv-keywords@1.5.1 requires a peer of ajv@>=4.10.0 but none is  
installed. You must install peer dependencies yourself.


up to date in 2.13s
=> SHA256 Checksum OK for sass-node-sass-v4.7.2_GH0.tar.gz.
===
===
===
===
===>  License MIT accepted by the user
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /portdistfiles/node-sass
/bin/mkdir -p /portdistfiles/npm
/bin/cp /usr/ports/textproc/node-sass/files/package-lock.json  
/portdistfiles/node-sass

cp: /portdistfiles/node-sass/package-lock.json: Permission denied
*** Error code 1

Stop.
make: stopped in /usr/ports/textproc/node-sass
=>> Cleaning up wrkdir
===>  Cleaning for node-sass-4.7.2
build of textproc/node-sass | node-sass-4.7.2 ended at Sun Feb 25  
02:33:55 UTC 2018



(full log:  
https://gist.github.com/saper/0be3f9b4e9eb819d3ec00f5273705517#file-node-sass-4-7-2-log  
)


Why are /bin/mkdir -p and /bin/cp commands invoked again in the  
"extract" phase?


FreeBSD 11.1-STABLE #10 r321629 running poudriere-3.2.4 (I have updated  
poudriere today)


What's wrong? That part of port code didn't change for some time.

Marcin


First of all, just so you know, npm module ports won't be added to the  
ports tree. I just wanted to be clear in case you