Created attachment 237756 [details] poudriere testport log There is new version of www/webtrees. Because webtrees 1.x supports php 5.3-7.3 maybe it should be removed? If not I've made a patch which updates webtrees. Patch was tested with poudriere.
Created attachment 237757 [details] webtrees update patch
www/webtrees 1.7.x is really only useful now for migrating from phpGedView to webtrees before moving to www/webtrees20. I guess, since upstream says that 1.7.20 will be the last release on the 1.7.x track, it makes sense to still keep this port for now and to apply your update patch. I am unable to test the patch at the moment, but since you've tested on poudrière, I'll okay it. There is a webtrees 2.1.x now too. We should probably rename webtrees20 to webtrees21 or to webtrees2 and update that too. I also do not have time to do that at the moment, either. A big thank you if you'd care to do that too. You are also welcome to take over maintainership of these two if you think you have time to keep them up-to-date. I'm afraid these have become low priority for me.
OK, So I can take maintainership of www/webtrees* I think we can move webtrees20 -> wetrees21 Because php is changing every 2 year maybe webtrees developer team will release wetrees 2.2.x or sth like that. So if you can make comments to bugs #267463 and #267465 Thanks a lot.
Message to committers. After exchanging emails with port maintaainer it is suggested to delete www/webtrees as its based on obsolete php versions. What we should do to delete it?
Message to committer. I (maintainer of www/webtrees) confirm that we have discussed this and that this port is now obsolete as it depends on php73. Ports www/webtrees20 and the new www/webtrees21 are current versions. So I agree that www/webtrees can be deleted. If an entry for MOVED is desired/required, please commit www/webtrees21 and point at that. www/webtrees21 can be found in PR #267463.
^Triage: 1.7.20 is a security release. Pending vuxml entry @J.R Are you able to update your Bugzilla email to match the current MAINTAINER line in the port so we can verify and you can maintainer-approval + the patch? For port removal (after this update), please create a separate issue for marking the port DEPRECATED (include move to newer port message) with EXPIRATION_DATE At deletion time, the MOVED entry can be created
(In reply to Kubilay Kocak from comment #6) Koobs, as far as I can tell, the current MAINTAINER line for the www/webtrees port and my email here are identical! If you are seeing differently, please let me know what needs changing. I have already set the patch and this PR to maintainer-approval "+" .
Created attachment 237841 [details] webtrees update patch -v2 I've made a new patch which changes also maintainership to me. So previous one is obsolete
(In reply to Krzysztof from comment #8) I have added the maintainer-approval flag again. Koobs, as for the merge-quarterly, as you requested, there will be a separate PR to mark this port as DEPRECATED. Do you want to merge this update to quarterly or wait for that PR?
(In reply to J.R. Oldroyd from comment #9) I have twice now tried to add the maintainer-approval flag to the patch but it isn't taking. (I went to the patch details page, set the flag to "+" and clicked on Submit. Is that no longer correct?) Please consider the -v2 patch maintainer-approved.
Created attachment 239117 [details] vuxml entry Document Webtrees vulnerability
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=4eac9929c2b7bbfabd0b8a2ae235b73b30230066 commit 4eac9929c2b7bbfabd0b8a2ae235b73b30230066 Author: Krzysztof <ports@bsdserwis.com> AuthorDate: 2022-12-29 11:35:33 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-12-29 11:35:33 +0000 www/webtrees: Update to 1.7.20 (security release) - Submitter becomes maintainer ChangeLog: https://github.com/fisharebest/webtrees/releases/tag/1.7.20 PR: 267466 MFH: 2022Q4 Security: 140a20e1-8769-11ed-b074-002b67dfc673 www/webtrees/Makefile | 13 +- www/webtrees/distinfo | 6 +- www/webtrees/pkg-plist | 785 +++++++++++++++++++++++-------------------------- 3 files changed, 377 insertions(+), 427 deletions(-)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=92811d197a77b175a0c2099a08eb2cb8a4568894 commit 92811d197a77b175a0c2099a08eb2cb8a4568894 Author: Nuno Teixeira <eduardo@FreeBSD.org> AuthorDate: 2022-12-29 11:22:22 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-12-29 11:22:22 +0000 security/vuxml: Document Webtrees vulnerability PR: 267466 security/vuxml/vuln/2022.xml | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+)
A commit in branch 2022Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=a9ba9254bf6b787720427ec1e0019215fb84c0fd commit a9ba9254bf6b787720427ec1e0019215fb84c0fd Author: Krzysztof <ports@bsdserwis.com> AuthorDate: 2022-12-29 11:35:33 +0000 Commit: Nuno Teixeira <eduardo@FreeBSD.org> CommitDate: 2022-12-29 11:39:54 +0000 www/webtrees: Update to 1.7.20 (security release) - Submitter becomes maintainer ChangeLog: https://github.com/fisharebest/webtrees/releases/tag/1.7.20 PR: 267466 MFH: 2022Q4 Security: 140a20e1-8769-11ed-b074-002b67dfc673 (cherry picked from commit 4eac9929c2b7bbfabd0b8a2ae235b73b30230066) www/webtrees/Makefile | 13 +- www/webtrees/distinfo | 6 +- www/webtrees/pkg-plist | 785 +++++++++++++++++++++++-------------------------- 3 files changed, 377 insertions(+), 427 deletions(-)
Committed, thanks!