| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
had common dependencies. This change hopefully fixes that.
|
|
|
|
From Aleksej Saushev.
|
|
"pkg_admin audit-history" command to print the full list of
vulnerabilities and use further pkg_admin pmatch logic to mark them as
fixed or still open. For pkg_install versions before 20080415, skip the
vulnerability processing.
Discussed with: dmcmahill
|
|
|
|
* Add DOWNLOAD_VULN_LIST var
* Get AUDIT_PACKAGES and DOWNLOAD_VULN_LIST to point to the right binaries
taking into consideration OPSYS and pkg_install version
* Replace all references to audit-packages and download-vulnerability-list
with AUDIT_PACKAGES and DOWNLOAD_VULN_LIST
|
|
checked, which is handled the same by every implementation of test(1).
Removed the comment saying that absolute directories can be handled. It
doesn't work.
|
|
Export PKGTOOLS_VERSION so that genreadme.awk can use it
This will sync the output between './mkreadme' and 'make readme'
|
|
fi". There is an easier way to solve the same problem with much less
code.
|
|
|
|
|
|
|
|
and to support the "inet6" option instead.
Remaining usage of USE_INET6 was solely for the benefit of the scripts
that generate the README.html files. Replace:
BUILD_DEFS+= USE_INET6
with
BUILD_DEFS+= IPV6_READY
and teach the README-generation tools to look for that instead.
This nukes USE_INET6 from pkgsrc proper. We leave a tiny bit of code
to continue to support USE_INET6 for pkgsrc-wip until it has been nuked
from there as well.
|
|
README.html generation are broken. It will not find vulnerabilities in any
packages that have complex names in the pkg-vulnerabilties file.
e.g. php{4,5}-perl and sun-{jdk,jre}15
Post pkg_install-20070714 this is now fixed and only currently known
vulnerabilities are shown in the generated README.html files for packages.
You will need to update to pkg_install>=20070714 to get this fix.
|
|
PKGVULNDIR; else extract the current setting using audit-packages -Q and use
that. In addition to this mkreadme can still be called with -V to specify
a pkg-vulnerabilities file that will override any automatic detection.
|
|
shell script. Just specify everything on the command line. Also,
since shlib-type is a plain-old shell script with no bells and whistles,
we can safely run it with "sh" and not "${SH}", which is necessary
because "${SH}" isn't defined at this point.
|
|
/bin/sh).
|
|
on platforms that need it.
XXX Right now, if the platform needs it, then it runs for every package.
XXX This needs to be fixed to only run for packages that install shared
XXX libraries.
* Move mk/plist/shlib-type to mk/scripts.
* Move definition of SHLIB_TYPE from mk/plist/plist.mk to bsd.pkg.mk.
* Move inclusion of bsd.pkginstall.mk below bsd.tools.mk so that it
can use SHLIB_TYPE. This is necessary because SHLIB_TYPE's value
is the result of evaluating a command, and the command needs "TOOL"
definitions provided by bsd.tools.mk.
|
|
|
|
* Add the necessary changes to allow genreadme.awk to process the v1.1.0
format pkg-vulnerabilities file.
* Changes are fully backward compatable i.e. mkreadme should be able to
parse v1.0.0 and v1.1.0 format files.
|
|
|
|
command, making it return with a non-zero exit status.
The first use of it is in a command called FAIL_MSG, which prints an
error message and exits immediately. ERROR_MSG itself doesn't do that.
|
|
|
|
|
|
|
|
Elipot.
|
|
|
|
if requested. Suggested by Joerg Sonnenberger.
|
|
the cache files left by the README.html generation. This is indended
to be used to monitor a ftp server, not for generating a file list for
uploading to a ftp server.
|
|
some extra processing to ensure that we have a list of unique directories.
Otherwise we end up with two problems:
- cache files get rebuilt all the time because they get built once for each
path to the directory in question and since the path ends up in the cache,
it is always declared out of date.
- we end up with multiple links to the same binary package in the README.html
files.
Committed during the freeze becuase this is a real bug which is encountered
daily.
|
|
|
|
packages, use -follow. Hopefully this will pick up all of the binary
packages again after the ftp.netbsd.org reorganization.
|
|
subdirectories of pkgsrc/mk. Move the following files around for
locality:
pkgsrc/mk/scripts/extract -> pkgsrc/mk/extract/extract
pkgsrc/mk/bsd.sites.mk -> pkgsrc/mk/fetch/sites.mk
Also get rid of the recursive make for the "fetch" and "extract"
targets. This basically merges the "fetch" and "extract" phases into
the "patch" phase.
There is still much more work to do to simplify the fetch code, but
this is a good start.
|
|
|
|
${BMAKE} show-subdir-var VARNAME=SUBDIR
instead of just grepping through the makefiles. This seems
to be a litle more robust. Suggested by Joerg Sonnenberger.
|
|
|
|
|
|
plist/libtool-expand after the plist module was committed.
|
|
|
|
- Added "set -u" at the top of the file to prevent spelling errors.
- Renamed UNZIP to UNZIP_CMD, since that is used by the rest of pkgsrc.
- Found a singleton use of $extract_options and replaced it with
${EXTRACT_OPTS_LHA}.
- Took the default assignment for TMPDIR out of the block. All other
entries are tools.
- Removed unnecessary variables.
- Make sure that distfile can always be resolved, even if the current
working directory is changed.
- Provide default values for all EXTRACT_OPTS_* variables, as close as
possible to the point where they are used.
- Replaced all "$@" with ${1+"$@"} to avoid errors when no parameters are
given.
- Made the removal of the temporary file for .tar extraction more robust.
|
|
|
|
|
|
in the case where the user makes bad option choices on the command line.
|
|
allows us to distinguish the case where everything is what we expect, and
any deviations from that main case.
|
|
|
|
stack in the reverse order that show-depends-pkgpaths outputs them.
This makes the top element of the stack the first child dependency
that was marked as "pushed". This change orders the default "postfix"
output of this script in such a way that for any package listed in
the output, there is no earlier package that depends on it.
In other words, you can take the default output and install from first
to last and never need to install any dependencies, because any
dependencies are guaranteed to have already been installed earlier.
|
|
|
|
extraction.
|
|
to remove "".
|
|
line from extraction when using tar (it already knew how to do it for pax).
|
