Created attachment 231274 [details] Update diff Update to 1.50.2
Patch looks fine to me and passes the testsuite as usual (Ran 2133 tests in 1094.757s, PASSED (skips=35, successes=2098)), builds in poudriere and runs fine on my production server. Seeing as the update is rather critical I'd say let's get this merged. :) On that note: Since the update fixes something that arguably classifies as a denial of service problem, we should probably merge this to quarterly as well (at least upstream strongly suggested this when asked about the severity of the issue). 2022Q1 is still close to main as far as I can see. If my git-foo serves me well, the only dependencies in 2022Q1 that differ from main are: devel/py-jsonschema devel/py-frozendict security/py-pynacl devel/py-attrs www/py-pyjwt devel/py-matrix-common databases/py-psycopg2 Of those changed ports, only devel/py-frozendict, devel/py-attrs and databases/py-psycopg2 are actual version changes, and each of those is just a minor revision, so backporting synapse *should* be moderatly easy, with only the synapse port as well as devel/py-matrix-common needing to be merged and tested for.
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=0d1d216c839f0f2159ac9b27edfa5d0eb78dad23 commit 0d1d216c839f0f2159ac9b27edfa5d0eb78dad23 Author: Ashish SHUKLA <ashish@FreeBSD.org> AuthorDate: 2022-01-24 15:36:14 +0000 Commit: Ashish SHUKLA <ashish@FreeBSD.org> CommitDate: 2022-01-24 17:15:40 +0000 net-im/py-matrix-synapse: Update to 1.50.2 PR: 261430 Approved by: Sascha Biberhofer <ports at skyforge dot at> (maintainer) MFH: 2022Q1 net-im/py-matrix-synapse/Makefile | 2 +- net-im/py-matrix-synapse/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
The MFH to quarterly branch is tricky because it involves cherry picking a commit 0290f284f4285c2f5d98bdeeb85868503639af02 which results in a merge conflict which require merging another cherry-pick for unrelated port. I checked with portmgr to see if it's okay to skip this port, and merge the other commits in the cherry-pick queue, and resolving merge conflict (py-pyjwt1 -> py-pyjwt) by hand. They have approved given that it does not cause any breakage. Let's perform some testing on quarterly, and then we can merge keeping the py-pyjwt1 dependency as is from 2022Q1.
Created attachment 231284 [details] MFH patches Let me know if you see any problem with the patches. To apply the patches on the quarterly branch (2022Q1): % git log -1 commit c5ed11f909acf494d498173e58f8c8ed00d39a77 (HEAD -> 2022Q1, origin/2022Q1) Author: Jan Beich <jbeich@FreeBSD.org> Date: Mon Jan 24 17:44:54 2022 +0000 www/gallery-dl: update to 1.20.2 Changes: https://github.com/mikf/gallery-dl/releases/tag/v1.20.2 Reported by: GitHub (watch releases) (cherry picked from commit 17eaddfe7a78576b6fa44abacf98cd6e7e6dbac2) % git am < /tmp/py-matrix-synapse.patch % git log -1 commit cb8eb1a31b97a343e682b5a83c2c5487ad60dfa2 (HEAD -> 2022Q1) Author: Ashish SHUKLA <ashish@FreeBSD.org> Date: Mon Jan 24 15:36:14 2022 +0000 net-im/py-matrix-synapse: Update to 1.50.2 PR: 261430 Approved by: Sascha Biberhofer <ports at skyforge dot at> (maintainer) MFH: 2022Q1 (cherry picked from commit 0d1d216c839f0f2159ac9b27edfa5d0eb78dad23) HTH
(In reply to Ashish SHUKLA from comment #4) Patch looks perfectly fine to me. I've built the quarterly branch packages using poudriere and ran the testsuite for both devel/py-matrix-common and net-im/py-matrix-synapse, both of which pass without any issue whatsoever: synapse: Ran 2133 tests in 2048.331s, PASSED (skips=35, successes=2098) matrix-common: Ran 6 tests in 0.169s, PASSED (successes=6) I can't really run this package in production, since the only server I have runs latest ports, but I don't think that there's going to be any problem here as the only significant difference is the pyjwt-version, which we were using *anyway* until recently and which is still officially supported by upstream.
A commit in branch 2022Q1 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=ae7de958d392a1ab6547d77a99709999cd9eb701 commit ae7de958d392a1ab6547d77a99709999cd9eb701 Author: Ashish SHUKLA <ashish@FreeBSD.org> AuthorDate: 2022-01-24 15:36:14 +0000 Commit: Ashish SHUKLA <ashish@FreeBSD.org> CommitDate: 2022-01-25 16:35:55 +0000 net-im/py-matrix-synapse: Update to 1.50.2 PR: 261430 Approved by: Sascha Biberhofer <ports at skyforge dot at> (maintainer) MFH: 2022Q1 (cherry picked from commit 0d1d216c839f0f2159ac9b27edfa5d0eb78dad23) net-im/py-matrix-synapse/Makefile | 2 +- net-im/py-matrix-synapse/distinfo | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-)
Committed, thanks!