Maintainer of www/codeigniter or other interested party, CodeIgniter 2.X is EOL as of 31 October 2015. https://github.com/bcit-ci/CodeIgniter/tree/2.2-stable One of two actions are required: - Either this PR requires marking the port DEPRECATED. - Update www/codeigniter to 3.0.x If updating, - The 3.x branch is under the MIT license https://github.com/bcit-ci/CodeIgniter/blob/3.0-stable/license.txt - The port should be changed to use OPTIONS helpers.
There's an update to 2.2.5 out (security fix): http://www.codeigniter.com/userguide2/changelog.html
We can move www/codeigniter to www/codeigniter2 and create new www/codeigniter3 port for CodeIgniter 3.x branch. Any suggestion?
(In reply to Bo-Yi Wu from comment #2) A www/codeigniter2 may have made sense if we did this pro-actively a few months ago. Considering Codeigniter 2.x is EOL in two weeks it doesn't make much sense to do this now. I think updating to 3.x and having an UPDATING entry with guidance on migration is the best way ahead.
It seems to be difficult to move a site from ci2 to ci3, so having the code available for a while looks sensible for those whose corporate decisionmaking keeps them behind.
(In reply to Kurt Jaeger from comment #4) Makes sense. I think we'll just have to mark it as DEPRECATED right from the start and make it clear that it's EOL upstream.
A commit references this bug: Author: junovitch Date: Tue Oct 20 02:33:47 UTC 2015 New revision: 399798 URL: https://svnweb.freebsd.org/changeset/ports/399798 Log: Document multiple XSS vulnerabilities fixed in CodeIgniter PR: 203403 Security: https://vuxml.FreeBSD.org/freebsd/95602550-76cf-11e5-a2a1-002590263bf5.html Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: junovitch Date: Tue Oct 20 02:34:39 UTC 2015 New revision: 399799 URL: https://svnweb.freebsd.org/changeset/ports/399799 Log: www/codeigniter: update 2.2.4 -> 2.2.5 - Convert to USE_GITHUB as 2.2.5 was not available at original MASTER_SITES PR: 203403 Approved by: maintainer timeout (21 days) Security: https://vuxml.FreeBSD.org/freebsd/95602550-76cf-11e5-a2a1-002590263bf5.html MFH: 2015Q4 Changes: head/www/codeigniter/Makefile head/www/codeigniter/distinfo
A commit references this bug: Author: junovitch Date: Wed Oct 21 10:28:19 UTC 2015 New revision: 399898 URL: https://svnweb.freebsd.org/changeset/ports/399898 Log: MFH: r399799 www/codeigniter: update 2.2.4 -> 2.2.5 - Convert to USE_GITHUB as 2.2.5 was not available at original MASTER_SITES PR: 203403 Approved by: maintainer timeout (21 days) Approved by: portmgr (bdrewery) Security: https://vuxml.FreeBSD.org/freebsd/95602550-76cf-11e5-a2a1-002590263bf5.html Changes: _U branches/2015Q4/ branches/2015Q4/www/codeigniter/Makefile branches/2015Q4/www/codeigniter/distinfo
A commit references this bug: Author: junovitch Date: Sun Nov 1 02:10:38 UTC 2015 New revision: 400596 URL: https://svnweb.freebsd.org/changeset/ports/400596 Log: Document multiple vulnerabilities fixed in CodeIgniter PR: 203403 Security: https://vuxml.FreeBSD.org/freebsd/bdd57272-803c-11e5-ab94-002590263bf5.html Changes: head/security/vuxml/vuln.xml
A commit references this bug: Author: junovitch Date: Sun Nov 1 02:24:32 UTC 2015 New revision: 400597 URL: https://svnweb.freebsd.org/changeset/ports/400597 Log: www/codeigniter: update 2.2.5 -> 2.2.6 - Update PORTVERSION and distinfo for security release (2.2.6) - Take MAINTAINER [1] - Register CONFLICTS for upcoming 3.x release - Add additional line breaks into file list - Convert to options helpers and reorder variables - Unmute do-install commands - Fix WWW: - Fix NOAPACHE variable in pkg-plist to match option (APACHE) PR: 203403 Approved by: maintainer timeout (16 months since last submission) [1] Security: https://vuxml.FreeBSD.org/freebsd/bdd57272-803c-11e5-ab94-002590263bf5.html MFH: 2015Q4 Changes: head/www/codeigniter/Makefile head/www/codeigniter/distinfo head/www/codeigniter/pkg-descr head/www/codeigniter/pkg-plist
A commit references this bug: Author: junovitch Date: Sun Nov 1 02:47:22 UTC 2015 New revision: 400598 URL: https://svnweb.freebsd.org/changeset/ports/400598 Log: www/codeigniter*: repo copy in preparation of CodeIgniter 3.x update - Repo copy www/codeigniter -> www/codeigniter22 - Mark www/codeigniter22 as DEPRECATED and add a PKGNAMESUFFIX - Register CONFLICTS - Connect www/codeigniter22 to the build PR: 203403 Changes: head/www/Makefile head/www/codeigniter/Makefile head/www/codeigniter22/ head/www/codeigniter22/Makefile
A commit references this bug: Author: junovitch Date: Sun Nov 1 03:25:27 UTC 2015 New revision: 400599 URL: https://svnweb.freebsd.org/changeset/ports/400599 Log: www/codeigniter: update 2.2.6 -> 3.0.3 - Update PORTVERSION, distinfo, and pkg-plist for 3.0.3 - Add LICENSE - Fix CONFLICTS Changes compared to CodeIgniter 2: * The framework is released under the MIT license * The database drivers have had extensive refactoring * PDO is fully functional with subdrivers * There is a new Session library * There is a new Encryption library * The unit testing has been beefed up, and code coverage improved * PHP 5.4 or newer is recommended, but CI will still work on PHP 5.2.4 UPDATING: - Add entry documenting the steps for updating a legacy site Reference: http://www.codeigniter.com/user_guide/installation/upgrade_300.html PR: 203403 Changes: head/UPDATING head/www/codeigniter/Makefile head/www/codeigniter/distinfo head/www/codeigniter/pkg-plist
A commit references this bug: Author: junovitch Date: Mon Nov 2 23:13:16 UTC 2015 New revision: 400675 URL: https://svnweb.freebsd.org/changeset/ports/400675 Log: MFH: r400597 www/codeigniter: update 2.2.5 -> 2.2.6 - Update PORTVERSION and distinfo for security release (2.2.6) - Take MAINTAINER [1] - Register CONFLICTS for upcoming 3.x release - Add additional line breaks into file list - Convert to options helpers and reorder variables - Unmute do-install commands - Fix WWW: - Fix NOAPACHE variable in pkg-plist to match option (APACHE) PR: 203403 Approved by: maintainer timeout (16 months since last submission) [1] Approved by: ports-secteam (feld) Security: https://vuxml.FreeBSD.org/freebsd/bdd57272-803c-11e5-ab94-002590263bf5.html Changes: _U branches/2015Q4/ branches/2015Q4/www/codeigniter/Makefile branches/2015Q4/www/codeigniter/distinfo branches/2015Q4/www/codeigniter/pkg-descr branches/2015Q4/www/codeigniter/pkg-plist
This is essentially on hold for now. I noticed I need to adjust the pkg-message to match reality when I have the time to review it. Following that, I'll ask portmgr@ and ports-secteam@ for review on the MFH of the 3.x update. Since it brings an UPDATING with it I believe it is against the spirit of the quarterly branch which is why I opted to update the port to the last supported 2.x branch release, 2.2.6, before the update and immediately MFH 2.2.6. In the meantime, the security issues are all resolved.
There hasn't been any security releases or reported issues since the last update. Given 2016Q1 is right around the corner, end users should move their sites to Codeigniter 3.x which is supported. I'll leave 2015Q4 with the last 2.2.6 security update.