Created attachment 250899 [details] update port to 7.0.3 Update port to 7.0.3 Release Notes: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#7-0-3 Bump also necessary because of go122 1.22.3 While here, add required (but so far missing) directories to plist.
^Triage: Maintainer-feedback flag (+) not required unless requested (?) first. ^Triage: Please set the maintainer-approval attachment flag (to +) on patches for ports you maintain to signify approval. Thanks!
====> Running Q/A tests (stage-qa) ====> Checking for pkg-plist issues (check-plist) ===> Parsing plist ===> Checking for items in STAGEDIR missing from pkg-plist Error: Orphaned: @dir /var/db/forgejo/data ===> Checking for items in pkg-plist which are not in STAGEDIR ===> Error: Plist issues found. *** Error code 1 /var/db/forgejo/data was created in the makefile but it is not handled in the pkg-plist. No need to update a new patch, I have it fixed locally. You can just use poudriere to catch these things, it is a great tool :-)
A commit in branch main references this bug: URL: https://cgit.FreeBSD.org/ports/commit/?id=b7a05632d12830f7ee8020e7006eb9e5ef3c5305 commit b7a05632d12830f7ee8020e7006eb9e5ef3c5305 Author: Stefan Bethke <stb@lassitu.de> AuthorDate: 2024-05-23 15:47:24 +0000 Commit: Fernando Apesteguía <fernape@FreeBSD.org> CommitDate: 2024-05-24 17:50:09 +0000 www/forgejo: update to 7.0.3 (fixes CVE) ChangeLog: https://codeberg.org/forgejo/forgejo/src/branch/forgejo/RELEASE-NOTES.md#7-0-3 PR: 279250 Reported by: stb@lassitu.de (maintainer) MFH: 2024Q2 (security fix) Security: CVE-2024-24788 www/forgejo/Makefile | 6 +++++- www/forgejo/distinfo | 6 +++--- www/forgejo/pkg-plist | 5 +++++ 3 files changed, 13 insertions(+), 4 deletions(-)
Committed, Not merging to 2024Q2 since this is a major version change and the bug is not present (in Q2 we have go 1.21 and the bug was introduced in go 1.22). Thanks!