[gentoo-dev] Re: [gentoo-dev-announce] Last rites: app-text/cook
On Sat, Nov 28, 2020 at 09:49:21PM +0100, David Seifert wrote: > # David Seifert (2020-11-28) > # Last release in 2002, multiple open bugs, no maintainer, no revdeps. > # Bug #709512, #713300, #729518, Removal in 30 days. > app-text/cook -- Robin Hugh Johnson Gentoo Linux: Dev, Infra Lead, Foundation Treasurer E-Mail : robb...@gentoo.org GnuPG FP : 11ACBA4F 4778E3F6 E4EDF38E B27B944E 34884E85 GnuPG FP : 7D0B3CEB E9B85B1F 825BCECF EE05E6F6 A48F6136
[gentoo-dev] [PATCH 4/4] dev-python/flake8: Use distutils_enable_tests --install
Signed-off-by: Michał Górny
---
dev-python/flake8/flake8-3.8.3-r1.ebuild | 8 +---
1 file changed, 1 insertion(+), 7 deletions(-)
diff --git a/dev-python/flake8/flake8-3.8.3-r1.ebuild
b/dev-python/flake8/flake8-3.8.3-r1.ebuild
index 55e6d64f8d8d..1bfc0de53548 100644
--- a/dev-python/flake8/flake8-3.8.3-r1.ebuild
+++ b/dev-python/flake8/flake8-3.8.3-r1.ebuild
@@ -38,10 +38,4 @@ BDEPEND="${RDEPEND}
PATCHES=( "${FILESDIR}/${P}-pytest6.patch" )
distutils_enable_sphinx docs/source dev-python/sphinx-prompt
dev-python/sphinx_rtd_theme
-distutils_enable_tests pytest
-
-python_test() {
- # Otherwise some tests fail if the package isn't installed
- distutils_install_for_testing
- pytest -vv || die "Tests fail with ${EPYTHON}"
-}
+distutils_enable_tests --install pytest
--
2.29.2
[gentoo-dev] [PATCH 3/4] distutils-r1.eclass: Accept distutils_enable_tests --install
Add a convenience --install option to distutils_enable_tests to call
distutils_install_for_testing.
Signed-off-by: Michał Górny
---
eclass/distutils-r1.eclass | 74 +-
1 file changed, 58 insertions(+), 16 deletions(-)
diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 9e862a949275..24fcf13b74d7 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -378,7 +378,7 @@ distutils_enable_sphinx() {
}
# @FUNCTION: distutils_enable_tests
-# @USAGE:
+# @USAGE: [--install]
# @DESCRIPTION:
# Set up IUSE, RESTRICT, BDEPEND and python_test() for running tests
# with the specified test runner. Also copies the current value
@@ -389,6 +389,10 @@ distutils_enable_sphinx() {
# - setup.py: setup.py test (no deps included)
# - unittest: for built-in Python unittest module
#
+# Additionally ,if --install is passed as the first parameter,
+# 'distutils_install_for_testing --via-root' is called before running
+# the test suite.
+#
# This function is meant as a helper for common use cases, and it only
# takes care of basic setup. You still need to list additional test
# dependencies manually. If you have uncommon use case, you should
@@ -398,33 +402,71 @@ distutils_enable_sphinx() {
# declared. Take care not to overwrite the variables set by it.
distutils_enable_tests() {
debug-print-function ${FUNCNAME} "${@}"
- [[ ${#} -eq 1 ]] || die "${FUNCNAME} takes exactly one argument:
test-runner"
+ local do_install=
+ case ${1} in
+ --install)
+ do_install=1
+ shift
+ ;;
+ esac
+
+ [[ ${#} -eq 1 ]] || die "${FUNCNAME} takes exactly one argument:
test-runner"
local test_pkg
case ${1} in
nose)
test_pkg=">=dev-python/nose-1.3.7-r4"
- python_test() {
- nosetests -v || die "Tests fail with ${EPYTHON}"
- }
+ if [[ ${do_install} ]]; then
+ python_test() {
+ distutils_install_for_testing --via-root
+ nosetests -v || die "Tests fail with
${EPYTHON}"
+ }
+ else
+ python_test() {
+ nosetests -v || die "Tests fail with
${EPYTHON}"
+ }
+ fi
;;
pytest)
test_pkg=">=dev-python/pytest-4.5.0"
- python_test() {
- pytest -vv || die "Tests fail with ${EPYTHON}"
- }
+ if [[ ${do_install} ]]; then
+ python_test() {
+ distutils_install_for_testing --via-root
+ pytest -vv || die "Tests fail with
${EPYTHON}"
+ }
+ else
+ python_test() {
+ pytest -vv || die "Tests fail with
${EPYTHON}"
+ }
+ fi
;;
setup.py)
- python_test() {
- nonfatal esetup.py test --verbose ||
- die "Tests fail with ${EPYTHON}"
- }
+ if [[ ${do_install} ]]; then
+ python_test() {
+ distutils_install_for_testing --via-root
+ nonfatal esetup.py test --verbose ||
+ die "Tests fail with ${EPYTHON}"
+ }
+ else
+ python_test() {
+ nonfatal esetup.py test --verbose ||
+ die "Tests fail with ${EPYTHON}"
+ }
+ fi
;;
unittest)
- python_test() {
- "${EPYTHON}" -m unittest discover -v ||
- die "Tests fail with ${EPYTHON}"
- }
+ if [[ ${do_install} ]]; then
+ python_test() {
+ distutils_install_for_testing --via-root
+ "${EPYTHON}" -m unittest discover -v ||
+ die "Tests fail with ${EPYTHON}"
+ }
+ else
+
[gentoo-dev] [PATCH 2/4] dev-python/hypothesis: Use dift --via-root API
Signed-off-by: Michał Górny
---
dev-python/hypothesis/hypothesis-5.41.4.ebuild | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/dev-python/hypothesis/hypothesis-5.41.4.ebuild
b/dev-python/hypothesis/hypothesis-5.41.4.ebuild
index 30e83a217730..7cd8e4bcc527 100644
--- a/dev-python/hypothesis/hypothesis-5.41.4.ebuild
+++ b/dev-python/hypothesis/hypothesis-5.41.4.ebuild
@@ -48,11 +48,7 @@ python_prepare() {
}
python_test() {
- local -x PYTHONPATH="${BUILD_DIR}/install/lib"
- esetup.py install \
- --root="${BUILD_DIR}/install" \
- --install-lib=lib
-
+ distutils_install_for_testing --via-root
pytest -vv tests/cover tests/pytest tests/quality \
-n "$(makeopts_jobs "${MAKEOPTS}" "$(get_nproc)")" ||
die "Tests fail with ${EPYTHON}"
--
2.29.2
[gentoo-dev] [PATCH 1/4] distutils-r1.eclass: Introduce install_for_testing --via-root
Introduce a new --via-root mode for distutils_install_for_testing
function. The legacy --via-home seems to no longer work for a lot
of packages but before we can confirm that --via-root is good enough
for every single one of them, let's have two variants to choose from.
The general recommendation is to try --via-root, and explicitly specify
--via-home if the former does not work. Once all packages have explicit
--via-*, we will decide how to proceed.
Signed-off-by: Michał Górny
---
eclass/distutils-r1.eclass | 50 +++---
1 file changed, 41 insertions(+), 9 deletions(-)
diff --git a/eclass/distutils-r1.eclass b/eclass/distutils-r1.eclass
index 25cb67b78a31..9e862a949275 100644
--- a/eclass/distutils-r1.eclass
+++ b/eclass/distutils-r1.eclass
@@ -492,7 +492,7 @@ esetup.py() {
}
# @FUNCTION: distutils_install_for_testing
-# @USAGE: [...]
+# @USAGE: [--via-root|--via-home] [...]
# @DESCRIPTION:
# Install the package into a temporary location for running tests.
# Update PYTHONPATH appropriately and set TEST_DIR to the test
@@ -503,11 +503,19 @@ esetup.py() {
# namespaces (and therefore proper install needs to be done to enforce
# PYTHONPATH) or tests rely on the results of install command.
# For most of the packages, tests built in BUILD_DIR are good enough.
+#
+# The function supports two install modes. The current default is
+# the legacy --via-home mode. However, it has problems with newer
+# versions of setuptools (50.3.0+). The --via-root mode generally
+# works for these packages, and it will probably become the default
+# in the future, once we test all affected packages. Please note
+# that proper testing sometimes requires unmerging the package first.
distutils_install_for_testing() {
debug-print-function ${FUNCNAME} "${@}"
# A few notes:
- # 1) because of namespaces, we can't use 'install --root',
+ # 1) because of namespaces, we can't use 'install --root'
+ #(NB: this is probably no longer true with py3),
# 2) 'install --home' is terribly broken on pypy, so we need
#to override --install-lib and --install-scripts,
# 3) non-root 'install' complains about PYTHONPATH and missing dirs,
@@ -522,14 +530,38 @@ distutils_install_for_testing() {
PATH=${bindir}:${PATH}
PYTHONPATH=${libdir}:${PYTHONPATH}
- local add_args=(
- install
- --home="${TEST_DIR}"
- --install-lib="${libdir}"
- --install-scripts="${bindir}"
- )
+ local install_method=home
+ case ${1} in
+ --via-home)
+ install_method=home
+ shift
+ ;;
+ --via-root)
+ install_method=root
+ shift
+ ;;
+ esac
+
+ case ${install_method} in
+ home)
+ local add_args=(
+ install
+ --home="${TEST_DIR}"
+ --install-lib="${libdir}"
+ --install-scripts="${bindir}"
+ )
+ mkdir -p "${libdir}" || die
+ ;;
+ root)
+ local add_args=(
+ install
+ --root="${TEST_DIR}"
+ --install-lib=lib
+ --install-scripts=scripts
+ )
+ ;;
+ esac
- mkdir -p "${libdir}" || die
esetup.py "${add_args[@]}" "${@}"
}
--
2.29.2
[gentoo-dev] Python 2 cleanup: remaining packages, Dec 2020 update
Hi, Here's an update on where we're standing right now. Including only non- masked packages. Please note that there's only month left. Afterwards, the offending packages will be cleaned up / last rited (except for build-time deps). Waiting for cleanup of old (non-trivial!): - dev-db/percona-server - media-tv/mythtv - x11-plugins/enigmail Build-time deps, only old versions: - dev-lang/spidermonkey Build-time deps, to stay for the time being: - dev-python/pypy* - dev-qt/qtwebengine - games-strategy/0ad - www-client/chromium Waiting for py3 port (likely last rite candidates): - games-engines/renpy Dependencies of other packages on the list: - dev-python/numpy-python2 (games-engines/renpy) - dev-python/pygame_sdl2 (likewise) -- Best regards, Michał Górny signature.asc Description: This is a digitally signed message part
[gentoo-dev] Last rites: app-text/cook
# David Seifert (2020-11-28) # Last release in 2002, multiple open bugs, no maintainer, no revdeps. # Bug #709512, #713300, #729518, Removal in 30 days. app-text/cook signature.asc Description: This is a digitally signed message part
Re: [gentoo-dev] PSA: switching default tmpfiles virtual provider
On 25.11.2020 13:57, Georgy Yakovlev wrote: > Hi, > > In case you don't know, opentmpfiles has an open CVE > CVE-2017-18925: root privilege escalation by symlink attack > https://github.com/OpenRC/opentmpfiles/issues/4 > It has been an issue for quite a while, reported 3 years ago, > and not much changed since. > Also it lacks any sort of testing, and master branch is in a non-working > state at time of writing, latest version is masked.[0] > > Due to nature of opentmpfiles (it's a POSIX sh script), > it may be impossible to fix symlink handling and TOCTOU races. > As a consequence I'll be switching default tmpfiles > provider to sys-apps/systemd-tmpfiles by the end of the week by updating > virtual/tmpfiles ebuild. > > pros of systemd-tmpfiles: > 0) Secure. > 1) Reference implementation. > 2) Supports all features, because ^. > 3) Has working tests. > 4) Has millions of users as part of systemd. > 5) upstream supports standalone usecase/build our ebuild uses. [1][2] > 6) drop-in replacement, just emerge and forget. > > systemd-tmpfiles does not depend on any systemd-isms, does not need dbus, > and is just a drop-in replacement, the only step needed is to emerge the > package. > it's a simple single binary + manpage, binary links to libacl and couple other > system libs. > > existing installations will not be affected, but openrc users are welcome to > opt-in by running 'emerge --oneshot systemd-tmpfiles' > > [0] https://bugs.gentoo.org/751739 > [1] https://github.com/systemd/systemd/pull/16061 > [2] > https://github.com/systemd/systemd/pull/16061/commits/db64ba81c62afa0e0d3e95c4a3e1ec3dd9a471a4 This is done in https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ab23417927d8454c8bb1c0ae52a5cac79d140b94 signature.asc Description: PGP signature
[gentoo-dev] Slotted Lua: eclass migration status
Let me begin by giving my sincere thanks to everyone who has already
taken time in the last several weeks to either migrate their
Lua-dependent packages to lua{,-single}.eclass or otherwise made sure
said packages will not block migration to slotted dev-lang/lua. Your
efforts have been VERY much appreciated!
On the less positive side, the slotted-Lua tracker bug [1] has still got
119 open "migrate to lua eclasses" tickets attached to it. You can find
the complete list at [2]. While the migration of some of depends on
various Lua modules which have not themselves been migrated (from a
glance at the dependency tree, it seems dev-lua/lpeg and
dev-lua/LuaBitOp are the ones we need the most urgently), the vast
majority of these packages depend on dev-lang/lua only i.e. could
already be migrated.
[1] https://bugs.gentoo.org/657722
[2] https://dev.gentoo.org/~marecki/open_lua_eclass_bugs-20201128184637.txt
--
MS
OpenPGP_signature
Description: OpenPGP digital signature
