Bug 269115 - databases/postgresql13-server: request to enable XML option by default or define a flavor
Summary: databases/postgresql13-server: request to enable XML option by default or def...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: --- Affects Some People
Assignee: Palle Girgensohn
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2023-01-23 12:41 UTC by topical
Modified: 2024-12-02 15:51 UTC (History)
4 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description topical 2023-01-23 12:41:06 UTC
I have some servers that require XML support of postgresql server.

In theory, I can just build postgresql myself, enabling the XML option. 

In practise, compiling postgresql server implies building llvm. But: building llvm is no fun - it is big and consumes lots of memory and cpu cycles.

In the end, my adopted package takes just 40 KByte (!) more disk space. 

Could the maintainer please consider adding XML by default or, if there are reasons to not do so, add a flavour? This would be great.

Thank you a lot for considering this.
Comment 1 dereckson 2023-05-25 04:24:48 UTC
Orbeon Forms requires this too.
Comment 2 Palle Girgensohn freebsd_committer freebsd_triage 2023-07-05 14:23:45 UTC
So, best way would be to add XML ON as default, and possibly add flavour for noxml?

The original rationale around removing XML from the default build was that the xml packages had bad reputation for security flaws. This is always the case with XML, I guess, but I don't think it actually motivates not linking the library. You most oftenly actually need to USE the xml features to expose yourself to any security problems.
Comment 3 dereckson 2023-07-06 13:56:52 UTC
I'd also like to add LLVM is moving to include libxml support.

On a machine, I had already libxml installed, through a llvm package (not the base system).

So that could become standard.

And yes, there are still XML security issues, including for libxml:

https://www.cvedetails.com/vulnerability-list/vendor_id-1962/product_id-3311/Xmlsoft-Libxml2.html
Comment 4 commit-hook freebsd_committer freebsd_triage 2024-11-14 16:32:33 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=778499d5c21d30c2f04acd7b85cb311c8236534a

commit 778499d5c21d30c2f04acd7b85cb311c8236534a
Author:     Palle Girgensohn <girgen@FreeBSD.org>
AuthorDate: 2024-11-14 15:25:42 +0000
Commit:     Palle Girgensohn <girgen@FreeBSD.org>
CommitDate: 2024-11-14 16:30:50 +0000

    databases/postgresql??-*: Update to latest versions

    PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released!

    The PostgreSQL Global Development Group has released an update to all
    supported versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14,
    13.17, and 12.21. This release fixes 4 security vulnerabilities and over
    35 bugs reported over the last several months.

    Also add XML back as an active default option due to popular demand. [1]

    Clean up the ports a bit.

    PR:             269115 [1]
    Release notes:  https://www.postgresql.org/docs/release/
    Security:       a03636f4-a29f-11ef-af48-6cc21735f730
    Security:       12e3feab-a29f-11ef-af48-6cc21735f730
    Security:       a61ef21b-a29e-11ef-af48-6cc21735f730
    Security:       3831292b-a29d-11ef-af48-6cc21735f730

 databases/postgresql12-server/Makefile         |  2 +-
 databases/postgresql12-server/distinfo         |  6 +++---
 databases/postgresql12-server/pkg-plist-client |  2 ++
 databases/postgresql13-server/Makefile         |  2 +-
 databases/postgresql13-server/distinfo         |  6 +++---
 databases/postgresql13-server/pkg-plist-client |  3 +++
 databases/postgresql14-server/Makefile         |  2 +-
 databases/postgresql14-server/distinfo         |  6 +++---
 databases/postgresql14-server/pkg-plist-client |  3 +++
 databases/postgresql15-server/Makefile         |  2 +-
 databases/postgresql15-server/distinfo         |  6 +++---
 databases/postgresql15-server/pkg-plist-client |  2 ++
 databases/postgresql16-server/Makefile         |  9 +++------
 databases/postgresql16-server/distinfo         |  6 +++---
 databases/postgresql16-server/pkg-plist-client |  2 ++
 databases/postgresql17-server/Makefile         | 21 +++------------------
 databases/postgresql17-server/distinfo         |  6 +++---
 databases/postgresql17-server/pkg-plist-client |  2 ++
 18 files changed, 42 insertions(+), 46 deletions(-)
Comment 5 topical 2024-11-15 07:24:37 UTC
@girgen Thanks a lot! You really save me a lot of build time!
Comment 6 commit-hook freebsd_committer freebsd_triage 2024-12-02 15:51:02 UTC
A commit in branch 2024Q4 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=cb3c46630aa1601681e9e5e635a7fb1c216f1f16

commit cb3c46630aa1601681e9e5e635a7fb1c216f1f16
Author:     Palle Girgensohn <girgen@FreeBSD.org>
AuthorDate: 2024-11-14 15:25:42 +0000
Commit:     Palle Girgensohn <girgen@FreeBSD.org>
CommitDate: 2024-12-02 15:48:56 +0000

    databases/postgresql??-*: Update to latest versions

    PostgreSQL 17.1, 16.5, 15.9, 14.14, 13.17, and 12.21 Released!

    The PostgreSQL Global Development Group has released an update to all
    supported versions of PostgreSQL, including 17.1, 16.5, 15.9, 14.14,
    13.17, and 12.21. This release fixes 4 security vulnerabilities and over
    35 bugs reported over the last several months.

    Also add XML back as an active default option due to popular demand. [1]

    Clean up the ports a bit.

    PR:             269115 [1]
    Release notes:  https://www.postgresql.org/docs/release/
    Security:       a03636f4-a29f-11ef-af48-6cc21735f730
    Security:       12e3feab-a29f-11ef-af48-6cc21735f730
    Security:       a61ef21b-a29e-11ef-af48-6cc21735f730
    Security:       3831292b-a29d-11ef-af48-6cc21735f730

    (cherry picked from commit 778499d5c21d30c2f04acd7b85cb311c8236534a)

 databases/postgresql12-server/Makefile         |  2 +-
 databases/postgresql12-server/distinfo         |  6 +++---
 databases/postgresql12-server/pkg-plist-client |  2 ++
 databases/postgresql13-server/Makefile         |  2 +-
 databases/postgresql13-server/distinfo         |  6 +++---
 databases/postgresql13-server/pkg-plist-client |  3 +++
 databases/postgresql14-server/Makefile         |  2 +-
 databases/postgresql14-server/distinfo         |  6 +++---
 databases/postgresql14-server/pkg-plist-client |  3 +++
 databases/postgresql15-server/Makefile         |  2 +-
 databases/postgresql15-server/distinfo         |  6 +++---
 databases/postgresql15-server/pkg-plist-client |  2 ++
 databases/postgresql16-server/Makefile         |  9 +++------
 databases/postgresql16-server/distinfo         |  6 +++---
 databases/postgresql16-server/pkg-plist-client |  2 ++
 databases/postgresql17-server/Makefile         | 21 +++------------------
 databases/postgresql17-server/distinfo         |  6 +++---
 databases/postgresql17-server/pkg-plist-client |  2 ++
 18 files changed, 42 insertions(+), 46 deletions(-)