Created attachment 205538 [details] update net-im/py-matrix-synapse to 1.1.0 The following diff should upgrade py-matrix-synapse to 1.1.0. It basically bumps the version number and dependencies, adding a new dependency on dns/py-idna in the process. Starting w/ 1.0.0, the the Jinja2 and bleach dependencies are mandatory deps and I've updated the port to reflect these changes. This obsoletes the EMAIL option of the port. Any feedback is, of course, welcome. It seems to work fine on my homeserver. :)
Created attachment 206082 [details] update net-im/py-matrix-synapse to 1.2.1 (security update) This is an update for net-im/py-matrix-synapse to 1.2.1. This is a security update, see [1]. It's basically an iteration of the 1.1.0 update w/ the version bumped and the patches adapted accordingly. We should probably get this comitted soon and perhaps merge this to quarterly. I'm currently running this version on my homeserver and things work fine[tm]. But feedback is, as usual, very welcome. Cheers, Sascha [1] https://github.com/matrix-org/synapse/releases/tag/v1.2.1
Thank you for the report Sascha If you can confirm the port passes QA (portlint, poudriere, make test (if applicable), and provide a vuxml patch for the vulnerability entry, that would be great
Created attachment 206121 [details] vuln.xml entry for py-matrix-synapse Here's an attempt at a vuxml entry. This passed validation for me and should hopefully contain all the necessary information. I ran the teststuit for this version before submitting the port and got "the usual results": Ran 712 tests in 182.507s FAILED (skips=1, errors=1, successes=710) The one failed test is due to a missing module (parameterized, not in ports and only required for the teststuite). I've had this version running on my production server for the last few days, where it seemed to work fine as well. :)
A commit references this bug: Author: kai Date: Sun Jul 28 17:51:14 UTC 2019 New revision: 507518 URL: https://svnweb.freebsd.org/changeset/ports/507518 Log: security/vuxml: Document net-im/py-matrix-synapse issues PR: 239013 Submitted by: Sascha Biberhofer <ports@skyforge.at> (maintainer) Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: kai Date: Sun Jul 28 21:00:30 UTC 2019 New revision: 507532 URL: https://svnweb.freebsd.org/changeset/ports/507532 Log: net-im/py-matrix-synapse: Update to 1.2.1 * Remove the EMAIL option and convert the dependencies of it as general runtime requirements. While I'm here: * Remove superfluous occurrences of "+=" from PLIST_SUB, SUB_LIST and the *_RUN_DEPENDS option helpers because there are no previous definitions of those variables. * Remove workaround for devel/py-msgpack from the post-patch target that is no longer required. * Do some cleanup and place variables to their intended locations. Changelog: * Note: The support for Python 2.7 was dropped with the 1.1.0 release! https://github.com/matrix-org/synapse/releases/tag/v1.2.1 PR: 239013 Submitted by: Sascha Biberhofer <ports@skyforge.at> (maintainer) MFH: 2019Q3 Security: 38d2df4d-b143-11e9-87e7-901b0e934d69 Changes: head/UPDATING head/net-im/py-matrix-synapse/Makefile head/net-im/py-matrix-synapse/distinfo head/net-im/py-matrix-synapse/files/patch-python_dependencies.py
Committed to the head branch, thank you, Sascha, for submitting the patches and the VuxML entry! Still waiting for approval from the ports-secteam to commit the changed to the 2019Q3 branch.
A commit references this bug: Author: kai Date: Mon Jul 29 06:27:38 UTC 2019 New revision: 507559 URL: https://svnweb.freebsd.org/changeset/ports/507559 Log: MFH: r507532 net-im/py-matrix-synapse: Update to 1.2.1 * Remove the EMAIL option and convert the dependencies of it as general runtime requirements. While I'm here: * Remove superfluous occurrences of "+=" from PLIST_SUB, SUB_LIST and the *_RUN_DEPENDS option helpers because there are no previous definitions of those variables. * Remove workaround for devel/py-msgpack from the post-patch target that is no longer required. * Do some cleanup and place variables to their intended locations. Changelog: * Note: The support for Python 2.7 was dropped with the 1.1.0 release! https://github.com/matrix-org/synapse/releases/tag/v1.2.1 PR: 239013 Submitted by: Sascha Biberhofer <ports@skyforge.at> (maintainer) Security: 38d2df4d-b143-11e9-87e7-901b0e934d69 Approved by: ports-secteam (miwi) Changes: _U branches/2019Q3/ branches/2019Q3/UPDATING branches/2019Q3/net-im/py-matrix-synapse/Makefile branches/2019Q3/net-im/py-matrix-synapse/distinfo branches/2019Q3/net-im/py-matrix-synapse/files/patch-python_dependencies.py
The changes were also committed to the 2019Q3 branch, all done.