Checking for PTEST_ENABLED 1 is the preferred method for enabling
and disabling ptests for packages.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Change "Submitted" in 0001-Remove-whitespace-in-operator.patch to "Backport"
with the appropraite link to the relevant commit hash.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Shellcheck -oall warnings fixed:
- exit 1 if `cd tests` failes (SC2164)
- Double quote `./${atest}` to prevent globbing and word splitting. (SC2086)
- Check the test exit code directly intead of using $? (SC2181)
Other fixes:
- The shebang sould traditionally be /usr/bin/env sh in case
sh is not located in /bin.
- Do not remove tests.log for every test.
Signed-off-by: Adam Duskett <adam.duskett@amarulasolutions.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Rate limiting for flask applications. Add recipe for release 4.1.1:
- Ensure cli commands fail gracefully when cli dependencies
are not installed.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Rate limiting utilities. Add recipe for release 5.8.0:
- Allow explicit keyword arguments for storage options for
username & password for storages that support it.
- Allow explicitly specifying startup_nodes through keyword
arguments for all redis cluster storages.
- Support IPv6 addresses in cluster locators in storage URI
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The old link does not work anymore.
New page found based on other linuxfoundation.org link redirects.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The old link does not work anymore.
New page found based on other linuxfoundation.org link redirects.
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 3.24.2:
- docs: restructure using Diataxis framework
- fix(test): resolve flaky write non-starvation test
- fix(rw): close sqlite3 cursors and skip SoftFileLock Windows race
License-Update: Move from Unlicense to MIT
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.17.3:
- Fix bug with resources
- Fix VA/RVA confusion in the PE's builder
This work was sponsored by GOVCERT.LU.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
webkitgtk3 requires this feature.
Also add wayland as an optional required feature, to match the
requirements of webkitgtk3.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 0.33.0:
Bugfixes:
- Start supporting Android's new "android" sys.platform.
Deprecations and removals:
- Both trio.testing.RaisesGroup and trio.testing.Matcher have
been deprecated. Pytest alternatives pytest.RaisesGroup and
pytest.RaisesExc (respectively) are considered correct
replacement.
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 13.0.1:
- Check for listener's existence before attempting to remove it
- Update pytest configuration to support pytest 9
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Upgrade to release 4.5.0:
- Restored the check_argument_types() and check_return_type()
functions that were dropped in v3.0.0, for users who want more
fine-grained control over run-time type checking
- Added support for extra_items in TypedDict, allowing users to
specify the types for the values of "leftover" keys in a typed
dict (keys that weren't explicitly defined in the TypedDict subclass)
- Fixed NameError when evaluating forward references on Python 3.14
- Fixed protocol check incorrectly rejecting inherited classmethods
and staticmethods
- Fixed missing TypeCheckError when checking TypedDict with
Required[...] annotations
- Fixed type aliases (e.g. type Foo = list[int]) not being resolved
during type checking
- Fixed type-checked assignments to a single tuple target
(e.g. x, = ("foo",)) falsely raising TypeCheckedError
Signed-off-by: Leon Anavi <leon.anavi@konsulko.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The latest version of webkitgtk3 requires opengl DISTRO_FEATURE, so the
webkit PACKAGECONFIG should be enabled only when opengl is available.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The original SRC_URI became inaccessible a while ago. Switch to a working source.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The SRC_URI has became inaccessible some time ago, falling back to the
Yocto mirror. Instead use the Github mirror.
I ran a diff on the files of this revision and the files of the original
tarball, and the contents were bit-identical.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
ver 3.11:
Fix issue with interface registration before acquiring name.
Signed-off-by: Markus Volk <f_l_k@t-online.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
1. Backport following patch to solve build and runtime issue
0001-c_comment_scanner-fix-function-prototypes.patch
0002-avoid-third-party-backports-dependency-on-sufficient.patch
0003-CMake-4-compatibility.patch
2. Add do_configure:prepend() to solve buildpaths QA check
do_package_qa: QA Issue: File /usr/lib/python3.14/site-packages/hotdoc/parsers/cmark.cpython-314-x86_64-linux-gnu.so in package hotdoc contains reference to TMPDIR [buildpaths]
3. Add 0004-Use-flex-with-noline-option-to-prevent.patch to solve buildpaths QA check
do_package_qa:QA Issue: File /usr/src/debug/hotdoc/0.17.4/hotdoc/parsers/c_comment_scanner/scanner.c in package hotdoc-src contains reference to TMPDIR [buildpaths]
4. Add clang as RDEPENDS for following reason
Hotdoc has some Extensions including c-Extension.
The c-Extension needs llvm and clang in runtime as introduced in doc of hotdoc.
https://hotdoc.github.io/c-extension.html#c-extension
"The extension uses Clang to build and walk an AST from the source code"
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Use tag=${BP} in SRC_URI in order to ensure that the SRCREV is correctly
updated together with the package version.
Signed-off-by: Dmitry Baryshkov <dmitry.baryshkov@oss.qualcomm.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
wayland-scanner++ is only used during development so it's not usually
required to be installed on the target. wayland-scanner++.pc is already
in the -dev package.
Signed-off-by: Mike Crowe <mac@mcrowe.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
These seds were added to remove reproducibility QA errors about
TMPDIR being present in the binaries. The root of the problem was
changed LDFLAGS in oe-core, and after adding back these LDFLAGS
to this recipe[1], the QA error is also gone - the binaries require
no changes due to this.
Also remove the INSANE_SKIP, which was most likely fixed by the
same LDFLAGS issue - it doesn't happen anymore.
[1]: https://git.openembedded.org/meta-openembedded/commit/?id=e8981bf43163d2fe90ea28b2952a2443ceaea934
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The resulting pybind11_jsonTargets.cmake in the dev-package adds an
absolute path to python include directories in the target properties:
set_target_properties(pybind11_json PROPERTIES
INTERFACE_INCLUDE_DIRECTORIES "/usr/include/python3.13;${_IMPORT_PREFIX}/include"
)
The patch removes ${PYTHON_INCLUDE_DIRS} which is set by pybind11 from
set_target_properties to remove the poisonous host path.
Signed-off-by: Tafil Avdyli <tafil@tafhub.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
License-Update: copyright year bump.
Changelog:
1.29.5:
- Security: an attacker might inject plain text data in the response
from an SSL backend (CVE-2026-1642).
- Bugfix: use-after-free might occur after switching to the next gRPC
or HTTP/2 backend.
- Bugfix: an invalid HTTP/2 request might be sent after switching to
the next upstream.
- Bugfix: a response with multiple ranges might be larger than the
source response.
- Bugfix: fixed setting HTTP_HOST when proxying to FastCGI, SCGI, and
uwsgi backends.
- Bugfix: fixed warning when compiling with MSVC 2022 x86.
- Change: the logging level of the "ech_required" SSL error has been
lowered from "crit" to "info".
1.29.4:
- Feature: the ngx_http_proxy_module supports HTTP/2.
- Feature: Encrypted ClientHello TLS extension support when using
OpenSSL ECH feature branch; the "ssl_ech_file" directive.
Thanks to Stephen Farrell.
- Change: validation of host and port in the request line, "Host"
header field, and ":authority" pseudo-header field has been changed
to follow RFC 3986.
- Change: now a single LF used as a line terminator in a chunked
request or response body is considered an error.
- Bugfix: when using HTTP/3 with OpenSSL 3.5.1 or newer a segmentation
fault might occur in a worker process; the bug had appeared in
1.29.1.
Thanks to Jan Svojanovsky.
- Bugfix: a segmentation fault might occur in a worker process if the
"try_files" directive and "proxy_pass" with a URI were used.
1.29.3:
- Feature: the "add_header_inherit" and "add_trailer_inherit"
directives.
- Feature: the $request_port and $is_request_port variables.
- Feature: the $ssl_sigalg and $ssl_client_sigalg variables.
- Feature: the "volatile" parameter of the "geo" directive.
- Feature: now certificate compression is available with BoringSSL.
- Bugfix: now certificate compression is disabled with OCSP stapling.
1.29.2
- Feature: now nginx can be built with AWS-LC.
Thanks Samuel Chiang.
- Bugfix: now the "ssl_protocols" directive works in a virtual server
different from the default server when using OpenSSL 1.1.1 or newer.
- Bugfix: SSL handshake always failed when using TLSv1.3 with OpenSSL
and client certificates and resuming a session with a different SNI
value; the bug had appeared in 1.27.4.
- Bugfix: the "ignoring stale global SSL error" alerts might appear in
logs when using QUIC and the "ssl_reject_handshake" directive; the
bug had appeared in 1.29.0.
Thanks to Vladimir Homutov.
- Bugfix: in delta-seconds processing in the "Cache-Control" backend
response header line.
- Bugfix: an XCLIENT command didn't use the xtext encoding.
Thanks to Igor Morgenstern of Aisle Research.
- Bugfix: in SSL certificate caching during reconfiguration.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Changelog:
- Security: an attacker might inject plain text data in the response
from an SSL backend (CVE-2026-1642).
- Bugfix: use-after-free might occur after switching to the next gRPC
or HTTP/2 backend.
- Bugfix: fixed warning when compiling with MSVC 2022 x86.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The llhttp vendored dependency of nodejs takes advantage of Arm NEON
instructions when they are available, however they are detected by
checking for an outdated CPU feature macro: it checks for __ARM_NEON__,
however it is not defined by new compilers for aarch64, rather they
set __ARM_NEON. The Arm C extension guide[1] refers to __ARM_NEON macro
aswell.
This patch changes the detection to check for both macros when detecting
the availability of NEON instructions.
The code this patch modifies is generated, so the patch itself isn't
suitable for upstream submission, as the root cause of the error is
in the generator itself. A PR has been submitted[2] to the generator
project to rectify this issue.
[1]: https://developer.arm.com/documentation/ihi0053/d/ - pdf, section 6.9
[2]: https://github.com/nodejs/llparse/pull/84
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The llhttp dependency of nodejs uses NEON intrinsics when they
are available, however some of these calls are incorrect: they
the call they use don't match the parameters passed, and so
the compilation fail (unless the error is suppressed):
| ../deps/llhttp/src/llhttp.c: In function 'llhttp__internal__run':
| ../deps/llhttp/src/llhttp.c:2645:9: note: use '-flax-vector-conversions' to permit conversions between vectors with differing element types or numbers of subparts
| 2645 | );
| | ^
| ../deps/llhttp/src/llhttp.c:2643:11: error: incompatible type for argument 1 of 'vandq_u16'
| 2643 | vcgeq_u8(input, vdupq_n_u8(' ')),
There is a patch upstream that fixes it (though it is not merged
yet). This patch is a port of that fix.
This allows us to remove the extra CFLAGS also from the recipe that
suppressed this error.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The rsyslog recipe incorrectly passes the permission mode as a
positional argument to install -d. In this form, the value is treated
as a directory name rather than as a mode, which will create an additional directory
and may result in unexpected behavior during installation.
Use the -m option to ensure the directory is created with the intended
permissions.
Signed-off-by: Mikhail Anikin <mikhail.anikin@solid-run.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
In Yocto builds, zstd is built via Makefile and does not install
CMake package configuration files. As a result, Findzstd.cmake
fails to detect ZSTD_INCLUDE_DIRS.
Add pkg-config based detection as a fallback to properly locate
zstd headers and libraries.
Signed-off-by: Minjae Kim <flowergom@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
The project Makefile uses a script (sysinfo.sh) to non-atomically generate
two .c files (sysinfo.c, sysinfoc.c) which are then included in the build.
Since the script always overwrites both .c files, the Makefile should only
invoke it once, not twice in parallel. Otherwise the .c files may be
corrupted and cause random build failures in parallel builds.
Requires at least GNU make 4.3, for Grouped Targets support [1].
[1] https://lists.gnu.org/archive/html/info-gnu/2020-01/msg00004.html
Reviewed-by: Silvio Fricke <silvio.fricke@gin.de>
Signed-off-by: Daniel Klauer <daniel.klauer@gin.de>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Some new tests expect the PWD to be writable, however this is not the case
when running the tests in $PTEST_PATH with a non-root user. This patch
makes it writable.
Ptests passed, however there is a flaky test. Upstream has a bug[1]
about it:
Ran 18651 tests in 144.573s
OK (skipped=1396, expected failures=5)
Changes:
Contains fixes for CVE-2025-13473, CVE-2025-14550, CVE-2026-1207,
CVE-2026-1285, CVE-2026-2187 and CVE-2026-1312
[1]: https://code.djangoproject.com/ticket/36770
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Dropped patch that is included in this release.
Ptests passed:
Ran 18131 tests in 450.882s
OK (skipped=1389, expected failures=5)
Changelog:
5.2.11:
Contains fixes for CVE-2025-13473, CVE-2025-14550, CVE-2026-1207, CVE-2026-1285,
CVE-2026-1287 and CVE-2026-1312
5.2.10:
* Fixed a bug in Django 5.2 where data exceeding max_length was silently
truncated by QuerySet.bulk_create on PostgreSQL.
* Fixed a bug where management command colorized help (introduced in
Python 3.14) ignored the --no-color option and the DJANGO_COLORS setting.
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
