Re: Upgrade to Xcode 14.0.1 on Monterey

[John Chivian]

I have had no issues with Xcode 14.0.1.  Make sure to actually run Xcode once 
after installation to complete the process.

> On Oct 28, 2022, at 13:57, Sriranga Veeraraghavan  
> wrote:
> 
> Hi,
> 
> I recently upgraded my MacBook Air (M1) to Monterey (12.6.1) and the App 
> Store now says that I can install Xcode 14.0.1.  I currently am running 
> MacPorts 2.8.0 with Xcode 13.2.1 and everything seems fine.  
> 
> I was wondering if I should stick to Xcode 13.2.1 or if it is okay to upgrade 
> to Xcode 14.0.1.  I didn't see anything in the migration instructions about 
> this.
> 
> Does anyone know if there is something special I should do or anything I 
> should look out for? 
> 
> Thanks,
> 
> -ranga 
> 

Re: certificate update for old Macs

[John Chivian]

Digital certificates are built from layers of encryption based on a trusted 
authority.  Trust in the authority is assumed, implied, and required.  

From the human standpoint, you trust that the industry accepted certificate 
authority organization has done all the required due diligence to verify and 
validate certificate requests as legitimate, and you trust that authority to 
hold its base cryptographic key data secure as part of their company crown 
jewels.  It’s not cheap for a reason, a lot of work and resources can be 
involved.  An additional layer of verification is assumed, and an additional 
layer of encryption is added, with each link in the certificate chain.

It is in a very real sense a simple form of blockchain in which previous blocks 
cannot be forged.  Until quantum computers render the modern forms of 
encryption-based-trust obsolete (still some years away) it’s as good as you can 
get assuming robust cyphers and deep bit-depths.


> On Jan 4, 2022, at 13:37, Michael  wrote:
> 
> 
> On 2022-01-03, at 4:12 PM, Richard L. Hamilton  wrote:
> 
>> The only problem with that or anything similar, is that unless you go to 
>> quite a lot of work to just download rather than install the PEM file, and 
>> convert it into something human readable WITHOUT installing it, and 
>> investigate every certificate in there, you're trusting that the site you 
>> got it from is not only legit, but is secure and hasn't been hacked to alter 
>> the file to provide some very bogus certificates that could work together 
>> with some sort DNS spoofing to get you to feed sensitive information (ie 
>> bank passwords, etc) via an untrusted site that would capture it.
> 
> Makes sense. Now, how do you go about turning a certificate into something 
> human readable? Serious question, I have *never* seen this discussed anywhere.
> 
> Everyone just says "As long as the roots are good you can trust the chain", 
> and that's never made sense to me. The whole "trust what strangers say" 
> system seems more like "Find a way for companies to make money" than any good 
> security system.
> 

Re: Build servers offline due to failed SSD

[John Chivian]

The “on/off” switches in SSD’s are fragile and essentially break after too many 
read/write cycles.  As pointed out, it’s a get what you pay for world and cheap 
SSD’s are just that… cheap.   The expensive ones are more reliable because they 
actually make available only a portion of their total capacity, reserving the 
rest as replacements for such failures.  Intelligent software within the 
firmware manages this so that the end user experiences a much longer device 
lifespan.

There’s lots of technical documentation for such.  Google knows.

Regards,


> On Mar 7, 2021, at 18:15, Michael A. Leonetti via macports-users 
>  wrote:
> 
> I’d really love to know more about what you’re saying here. Up until I just 
> read what you wrote, I thought SSDs were the savior of HDDs.
> 
> Michael A. Leonetti
> As warm as green tea
> 
>> 3/7/21 午後5:26、Dave Horsfall のメール:
>> 
>> On Sat, 6 Mar 2021, Dave C via macports-users wrote:
>> 
>>> Isn’t SSD a bad choice for server duty? No server farms use them, 
>>> apparently due to short lifespan.
>> 
>> If you knew how SSDs worked then you wouldn't use them at all without many 
>> backups.  Give me spinning rust any day...
>> 
>> -- Dave
> 

Re: macOS 11 Big Sur and MacPorts

[John Chivian]

@Ryan - When I start Xcode after updating it tells me it is installing 
needed components, and command line tools *is* one of the components 
updated.  It tells me that explicitly during the install.  Again, the 
"xcode-select install" is not something I've done manually either of the 
last two times I've updated MacPorts.  For me, that step was not 
required when I did the MacPorts update after the Catalina install, or 
just now after the Big Sur install.  MacPorts continues to function as 
expected retrieving and building packages as needed.  I don't mean to 
argue, I am just relaying what I've personally experienced.  Perhaps the 
action is remembered somewhere in Xcode?


On 11/15/20 17:28, Ryan Schmidt wrote:


On Nov 15, 2020, at 16:53, John Chivian wrote:


For me, every time Xcode is updated, the first time I start it following its 
update I am prompted to update components,

Yes.


and the current version command line tools are installed.

No. "Components" are not "command line tools". You must also update the command 
line tools separately.


Perhaps the manual xcode-select is required if you don't actually start Xcode 
the application following its update.

My experience with MacPorts and Big Sur (as before with Catalina) was to simply 
follow the MacPorts update instructions, after updating and starting Xcode as 
described above, but without that manual xcode-select step.

You *MUST* update the Xcode command line tools separately in addition to 
updating Xcode.

Re: macOS 11 Big Sur and MacPorts

[John Chivian]

My perception is that the "xcode-select --install" is not needed, as the 
message below indicates.  For me, every time Xcode is updated, the first 
time I start it following its update I am prompted to update components, 
and the current version command line tools are installed.  Perhaps the 
manual xcode-select is required if you don't actually start Xcode the 
application following its update.


My experience with MacPorts and Big Sur (as before with Catalina) was to 
simply follow the MacPorts update instructions, after updating and 
starting Xcode as described above, but without that manual xcode-select 
step.


Regards,

On 11/15/20 11:57, Csaba Endre Simon wrote:

  % xcode-select --install
  xcode-select: error: command line tools are already installed, use "Software 
Update" to install updates


I did the following:
$ sudo rm -rf /Library/Developer/CommandLineTools
$ xcode-select —install
$ ls /Library/Developer/CommandLineTools/SDKs
MacOSX.sdk  MacOSX10.15.sdk  MacOSX11.0.sdk

Regards,
Csaba

Re: how use bash 5.0 port

[John Chivian]

I have always been too cautious to change the default shell on MacOS to 
anything other than one that is officially provided, especially for the 
root account, even if those shell versions are as old as the hills.   
For scripts and launchd process simply put the #!/path/to/bash5 at the 
top and that's what they run as.  For interactive sessions simply put 
the new bash exec in the PATH and run it first thing after login, 
perhaps even automatically by insertion into default shell startup 
file.  If you really want to change the default you can using the chsh 
command (man chsh), but I've never done so for the root or startup user. 
Too much experience based paranoia I guess.


Just my 2c.

Regards

On 8/31/20 11:32 AM, Murray Eisenberg wrote:
I want to upgrade the built-ub bash 3.2 shell on my macOS Catalina 
(10.15.6) to bash 5.0.


I tried to do this by building from scratch, using the methods given 
at 
https://scriptingosx.com/2019/02/install-bash-5-on-macos/?unapproved=66418&moderation-hash=e680aa22ae89f6f565cadd63e63d04e0#comment-66418. 
But the final step, “sudo make install” gave a fatal error of 
‘libintl.h’ file not found.


So then I successfully installed the MacPorts port bash @5.0.17_0.

—> But how do I make this bash 5.0 my shell when I open Terminal?

---
Murray eisenbergmurrayeisenb...@gmail.com 


503 King Farm Blvd #101Home (240)-246-7240
Rockville, MD 20850-6667Mobile (413)-427-5334

Re: python2.7 throws bus error when issuing `help("modules")'

[John Chivian]

The maintainers of MacPorts cannot and should not be expected to 
maintain and fix bugs in projects!  That is the job of the project 
maintainer, not the team that voluntarily provides ports of the open 
source software.


If you want the ability to audit software control and accountability, so 
that you can hold someone else's feet to the fire, go and pay the big 
money for a commercial product with a legally binding support contract, 
and make sure you get those clauses written in before you sign it.


If you insist on using open source software for free, regardless of who 
provides it, then you have the ultimate responsibility for making it 
work properly in your environment, and fixing (or hoping the project 
maintainer will fix) any issues that you might uncover and report.


Yes, the audits people have to go through are decidedly real, but you as 
the auditee cannot deflect the consequences of your own choices to 
someone else.


Just my 2cents

On 8/24/20 5:32 PM, Jeffrey Walton wrote:

On Mon, Aug 24, 2020 at 6:13 PM Daniel J. Luke  wrote:

On Aug 24, 2020, at 5:41 PM, Jeffrey Walton  wrote:

It's also super-silly to expect that MacPorts is taking "responsibility" for 
all upstream projects.

How so?

It is a standard audit item.

please cite what "standard" you believe you are auditing MacPorts under.

Sorry, I have no idea what standard processes Macports adheres to. I
assume there's something in place (other than, "It compiles on my Mac
Intel, ship it").

If you would like to see an example, then try FIPS SP800-53A, item
SA-12. Or just search the document for "supply chain". ISO also has
similar processes and audits.


Please explain what the enforcement mechanism is if MacPorts fails this 
imaginary audit (ie, do you get something other than a refund of the $0 you 
paid?). How does this audit compel volunteers to fix an issue for you for free?

$0 means nothing.

There are no enforcement mechanisms. You could plead to the developer
hoping they will take pride in their workmanship. It is hit or miss
whether it works.

Sometimes we find gems, like Botan and cURL, but they are few and far
between. Folks like Jack and Daniel are constantly improving their
processes. When someone finds a gap they try to address it. They don't
say "go talk to someone else" when it affects their project.


I'm also curious what imaginary audit wouldn't first point out that python2.7 
was sunset on January 1, 2020.

No, the audits folks have to go through are real.

A finding on Python 2.7 is irrelevant. What is the point?


You don't get to claim you are using
software X and any problems are someone else's responsibility.

I'm pretty sure I can claim whatever I want ;-)

You certainly can.

The most curious responses often come from folks who have never been
exposed to project management, development lifecycles or SDLCs. They
are literally the group that does not know what they don't know.


If you
don't want to be responsible for software X, then you don't use it.

Ok, so I guess you are also responsible for MacPorts and all of the software 
that ports exist for because you use it.


MacPorts is a community-sourced collection of build recipes. It also hosts some 
mirrors for files referenced in those build recipes and the cached results of 
those build recipes.

It's all done by volunteers and if you paid someone for access to them, you 
should follow-up with whomever you paid.

The only thing super silly is not taking responsibility for it and
then pushing it onto unsuspecting users.

I think you misunderstand what MacPorts is. Please re-read the sentence: "MacPorts 
is a community-sourced collection of build recipes."

I don't believe I have a misunderstanding. Macports is a supplier of
software for OS X. Macports is responsible for the software they
provide.

Jeff

missing nrpe?

[John Chivian]

Hello List:

   Any idea what happened to the *nrpe* port for Darwin 18?

        nrpe @2.12_0 (active) platform='darwin 17' archs='x86_64' 
date='2018-04-21T19:17:15-0500'


   Now "port info" says it doesn't exist.  I really don't want to add 
brew to resolve so any help is appreciated.


Regards,