I have some servers that require XML support of postgresql server. In theory, I can just build postgresql myself, enabling the XML option. In practise, compiling postgresql server implies building llvm. But: building llvm is no fun - it is big and consumes lots of memory and cpu cycles. In the end, my adopted package takes just 40 KByte (!) more disk space. Could the maintainer please consider adding XML by default or, if there are reasons to not do so, add a flavour? This would be great. Thank you a lot for considering this.
Orbeon Forms requires this too.
So, best way would be to add XML ON as default, and possibly add flavour for noxml? The original rationale around removing XML from the default build was that the xml packages had bad reputation for security flaws. This is always the case with XML, I guess, but I don't think it actually motivates not linking the library. You most oftenly actually need to USE the xml features to expose yourself to any security problems.
I'd also like to add LLVM is moving to include libxml support. On a machine, I had already libxml installed, through a llvm package (not the base system). So that could become standard. And yes, there are still XML security issues, including for libxml: https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=778499d5c21d30c2f04acd7b85cb311c8236534a commit 778499d5c21d30c2f04acd7b85cb311c8236534a Author: Palle Girgensohn <girgen@FreeBSD.org> AuthorDate: 2024-11-14 15:25:42 +0000 Commit: Palle Girgensohn <girgen@FreeBSD.org> CommitDate: 2024-11-14 16:30:50 +0000 databases/postgresql??-*: Update to latest versions PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released! The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. This release fixes 4 security vulnerabilities and over 35 bugs reported over the last several months. Also add XML back as an active default option due to popular demand. [1] Clean up the ports a bit. PR: 269115 [1] Release notes: https://www.postgresql.org/docs/release/ Security: a03636f4-a29f-11ef-af48-6cc21735f730 Security: 12e3feab-a29f-11ef-af48-6cc21735f730 Security: a61ef21b-a29e-11ef-af48-6cc21735f730 Security: 3831292b-a29d-11ef-af48-6cc21735f730 databases/postgresql12-server/Makefile | 2 +- databases/postgresql12-server/distinfo | 6 +++--- databases/postgresql12-server/pkg-plist-client | 2 ++ databases/postgresql13-server/Makefile | 2 +- databases/postgresql13-server/distinfo | 6 +++--- databases/postgresql13-server/pkg-plist-client | 3 +++ databases/postgresql14-server/Makefile | 2 +- databases/postgresql14-server/distinfo | 6 +++--- databases/postgresql14-server/pkg-plist-client | 3 +++ databases/postgresql15-server/Makefile | 2 +- databases/postgresql15-server/distinfo | 6 +++--- databases/postgresql15-server/pkg-plist-client | 2 ++ databases/postgresql16-server/Makefile | 9 +++------ databases/postgresql16-server/distinfo | 6 +++--- databases/postgresql16-server/pkg-plist-client | 2 ++ databases/postgresql17-server/Makefile | 21 +++------------------ databases/postgresql17-server/distinfo | 6 +++--- databases/postgresql17-server/pkg-plist-client | 2 ++ 18 files changed, 42 insertions(+), 46 deletions(-)
@girgen Thanks a lot! You really save me a lot of build time!
A commit in branch 2024Q4 references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=cb3c46630aa1601681e9e5e635a7fb1c216f1f16 commit cb3c46630aa1601681e9e5e635a7fb1c216f1f16 Author: Palle Girgensohn <girgen@FreeBSD.org> AuthorDate: 2024-11-14 15:25:42 +0000 Commit: Palle Girgensohn <girgen@FreeBSD.org> CommitDate: 2024-12-02 15:48:56 +0000 databases/postgresql??-*: Update to latest versions PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released! The PostgreSQL Global Development Group has released an update to all supported versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21. This release fixes 4 security vulnerabilities and over 35 bugs reported over the last several months. Also add XML back as an active default option due to popular demand. [1] Clean up the ports a bit. PR: 269115 [1] Release notes: https://www.postgresql.org/docs/release/ Security: a03636f4-a29f-11ef-af48-6cc21735f730 Security: 12e3feab-a29f-11ef-af48-6cc21735f730 Security: a61ef21b-a29e-11ef-af48-6cc21735f730 Security: 3831292b-a29d-11ef-af48-6cc21735f730 (cherry picked from commit 778499d5c21d30c2f04acd7b85cb311c8236534a) databases/postgresql12-server/Makefile | 2 +- databases/postgresql12-server/distinfo | 6 +++--- databases/postgresql12-server/pkg-plist-client | 2 ++ databases/postgresql13-server/Makefile | 2 +- databases/postgresql13-server/distinfo | 6 +++--- databases/postgresql13-server/pkg-plist-client | 3 +++ databases/postgresql14-server/Makefile | 2 +- databases/postgresql14-server/distinfo | 6 +++--- databases/postgresql14-server/pkg-plist-client | 3 +++ databases/postgresql15-server/Makefile | 2 +- databases/postgresql15-server/distinfo | 6 +++--- databases/postgresql15-server/pkg-plist-client | 2 ++ databases/postgresql16-server/Makefile | 9 +++------ databases/postgresql16-server/distinfo | 6 +++--- databases/postgresql16-server/pkg-plist-client | 2 ++ databases/postgresql17-server/Makefile | 21 +++------------------ databases/postgresql17-server/distinfo | 6 +++--- databases/postgresql17-server/pkg-plist-client | 2 ++ 18 files changed, 42 insertions(+), 46 deletions(-)