Patches already merged and so removed:
* 019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch
* 020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch
* 021-2.7-bpo-35121-prefix-dot-in-domain-for-proper-subdom.patch
* 027-bpo-38243-Escape-the-server-title-of-DocXMLRPCServer.patch
* 028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
Patches no longer necessary and so removed:
* 017_lib2to3_fix_pyc_search.patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 83b300aa83)
This seems to have slipped for some time. No idea if it ever worked.
It could be that this worked at some point.
In any case, the shebang is properly updated now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit 1b96dc0171)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(bump PKG_RELEASE for python3-pip)
CVE-2013-7459 and CVE-2018-6594. Both patches taken from Fedora.
Also took the liberty to update the PKG_SOURCE_URL to a standard one.
Updated the home URL as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 32b23e28ad)
Currently, all files in usr/bin (presumably all Python scripts) are run
through sed to replace the shebang; sed will overwrite the file whether
or not a match is found. This causes symlinks to be overridden and made
into copies of their targets. python[3]-base and python[3]-dev are
affected by this.
This adds the --follow-symlinks flag to sed, in addition to using
$(SED), so that symlinks are not overridden.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This extends the Python[3] shebang fixup to all packages.
Only Python scripts in `/usr/bin` will be handled at the moment. Later it
may make sense to also cover executables in `/bin`, though typically Python
executables shouldn't be placed there.
Previously the shebang handling was only done for python[3]-pip &
python[3]-setuptools.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This change updates Python to version 2.7.16, which is a bugfix release
in the Python 2.7 series.
This also removes patches back-ported from upstream.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3.6.9 is the latest security fix release of Python 3.6.
- Fixes: CVE-2018-20852, CVE-2019-9948, CVE-2019-9740, CVE-2019-5010
- Refreshed patches
- Removed a few backports patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
- Fixes CVE-2019-9740, CVE-2019-11324
- RFC 3986 compliant
- Fix TITLE, which was too long for make menuconfig
- Add PKG_LICENSE_FILES
- Remove current maintainer
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This was copied over from python-packages, when support for installing
packages host-side (via pip) was added.
Based on the discussion on this commit:
612c53fc6c
it was mentioned that removing this may add more benefit in terms of
reducing build time, because packages won't get reinstalled every time.
I'm not entirely sure about any potential side-effects of this, but it's
worth trying it out.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This also updates pip and setuptools.
With this occasion, they also get PKG_RELEASEs of their own.
Dropped patch 011-remove-setupterm-definition.patch
Manually re-applied 005-fix-bluetooth-support.patch
Ran make package/python/refresh to refresh other patches.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
zlib is now a host tool and the zlib/host package was removed. this
dependency is not needed any more as there will always be a zlib host
library.
Signed-off-by: Hauke Mehrtens <hauke@hauke-m.de>
Report https://github.com/openwrt/packages/issues/5638
It was mentioned that this causes build failures on Mac OS X.
The default behavior [in the setup.py script] is to check whether
`--with-system-ffi` is present in the CONFIG_ARGS env var.
However that back-fires a bit when `--with-system-ffi=no`, because the
condition `not '--with-system-ffi' in sysconfig.get_config_var("CONFIG_ARGS")`
evaluates to true.
This is a small bug in the `setup.py` script, but it looks like the
easiest/cleanest way to address it on our end is to just remove it entirely
from the HOST_CONFIGURE_ARGS.
At least that's how it looks like when testing on a Linux machine.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This change was introduced in commit 1c54e2b0fb to address build
issues on Ubuntu 12.04.
However it was reported to cause issues on Mac OS X.
Report: https://github.com/openwrt/packages/issues/5310
It was also reported that removing this on MacOS X fixes the issue.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Following a discussion on bugs.python.org:
* https://bugs.python.org/issue29708
* https://bugs.python.org/msg313384
It seems that setting a fixed value to PYTHONHASHSEED guarantees that
the bytecodes are generated consistently/in a reproducible manner.
Hopefully, this is the last bit to make Python3 build reproducible.
Tested this locally on a few files [that were not reproducible without
this change].
The PYTHONHASHSEED is only assigned to the host Python/Python3 during
compilation of byte-codes [from python source].
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
There have been some new dependencies added in recent versions of
Twisted (mostly internal classes that have been spun out into their own
libraries):
* constantly (#5453), since 16.5.0
* incremental (#5454), since 16.5.0
* Automat (#5456), since 17.1.0
* hyperlink (#5455) since 17.5.0
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
For python `src` packages we should clear out the DEPENDS
to prevent recursive deps from happening.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
