From: "Dr. Arne Babenhauserheide via Guix-patches" via <guix-patches@gnu.org>
To: 70366@debbugs.gnu.org
Subject: [bug#70366] Update Mercurial to 6.7.2 and python-hg-evolve to 11.1.3
Date: Sat, 13 Apr 2024 15:10:15 +0200 [thread overview]
Message-ID: <87sezp1k94.fsf@web.de> (raw)
[-- Attachment #1.1: Type: text/plain, Size: 207 bytes --]
Hi,
the attached patch updates both Mercurial and python-hg-evolve to their
respective newest version.
Both need to be in compatible versions, so I’m sending both together.
Best wishes,
Arne
[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1.2: 0001-gnu-mercurial-and-python-hg-evolve-Update-to-6.7.2-a.patch --]
[-- Type: text/x-patch, Size: 9413 bytes --]
From 9a5aea3eaad92caf8800f0dff7240e8ca77e9416 Mon Sep 17 00:00:00 2001
Message-ID: <9a5aea3eaad92caf8800f0dff7240e8ca77e9416.1713013282.git.arne_bab@web.de>
From: Arne Babenhauserheide <arne_bab@web.de>
Date: Sat, 13 Apr 2024 14:58:08 +0200
Subject: [PATCH] gnu: mercurial and python-hg-evolve: Update to 6.7.2 and
11.1.3
* gnu/packages/version-control.scm (mercurial): Update to 6.7.2.
* gnu/packages/version-control.scm (python-hg-evolve): Update to 11.1.3.
* gnu/packages/patches/mercurial-hg-extension-path.patch: adapt for mercurial 6.7.2
* gnu/packages/patches/mercurial-openssl-compat.patch: delete file
* gnu/local.mk (dist_patch_DATA): remove mercurial-openssl-compat.patch
Change-Id: I1e22d7f38e264576bfa3adef7004fef582a1137e
---
gnu/local.mk | 1 -
.../patches/mercurial-hg-extension-path.patch | 14 +--
.../patches/mercurial-openssl-compat.patch | 89 -------------------
gnu/packages/version-control.scm | 11 ++-
4 files changed, 8 insertions(+), 107 deletions(-)
delete mode 100644 gnu/packages/patches/mercurial-openssl-compat.patch
diff --git a/gnu/local.mk b/gnu/local.mk
index e08b0d1c75..a9f388d06d 100644
--- a/gnu/local.mk
+++ b/gnu/local.mk
@@ -1700,7 +1700,6 @@ dist_patch_DATA = \
%D%/packages/patches/mecab-variable-param.patch \
%D%/packages/patches/memtest86+-build-reproducibly.patch \
%D%/packages/patches/mercurial-hg-extension-path.patch \
- %D%/packages/patches/mercurial-openssl-compat.patch \
%D%/packages/patches/mhash-keygen-test-segfault.patch \
%D%/packages/patches/mia-fix-boost-headers.patch \
%D%/packages/patches/mia-vtk9.patch \
diff --git a/gnu/packages/patches/mercurial-hg-extension-path.patch b/gnu/packages/patches/mercurial-hg-extension-path.patch
index d1073dd01c..8b9d185a89 100644
--- a/gnu/packages/patches/mercurial-hg-extension-path.patch
+++ b/gnu/packages/patches/mercurial-hg-extension-path.patch
@@ -7,15 +7,7 @@ will get this into Mercurial proper.
diff --git a/mercurial/extensions.py b/mercurial/extensions.py
--- a/mercurial/extensions.py
+++ b/mercurial/extensions.py
-@@ -13,6 +13,7 @@
- import imp
- import inspect
- import os
-+import sys
-
- from .i18n import (
- _,
-@@ -108,6 +109,11 @@
+@@ -103,6 +103,11 @@
def _importh(name):
"""import and return the <name> module"""
@@ -24,6 +16,6 @@ diff --git a/mercurial/extensions.py b/mercurial/extensions.py
+ if extension_path is not None:
+ for path in extension_path:
+ sys.path.append(path)
- mod = __import__(pycompat.sysstr(name))
- components = name.split(b'.')
+ mod = __import__(name)
+ components = name.split('.')
for comp in components[1:]:
diff --git a/gnu/packages/patches/mercurial-openssl-compat.patch b/gnu/packages/patches/mercurial-openssl-compat.patch
deleted file mode 100644
index 139356f285..0000000000
--- a/gnu/packages/patches/mercurial-openssl-compat.patch
+++ /dev/null
@@ -1,89 +0,0 @@
-Tweak cipher selection to make TLS < 1.2 work with OpenSSL 3.
-
-Taken from Debian:
-
- https://salsa.debian.org/python-team/packages/mercurial/-/blob/debian/master/debian/patches/openssl_3_cipher_tlsv1.patch
-
---- a/mercurial/sslutil.py
-+++ b/mercurial/sslutil.py
-@@ -117,17 +117,17 @@ def _hostsettings(ui, hostname):
- ciphers = ui.config(b'hostsecurity', b'%s:ciphers' % bhostname, ciphers)
-
- # If --insecure is used, we allow the use of TLS 1.0 despite config options.
- # We always print a "connection security to %s is disabled..." message when
- # --insecure is used. So no need to print anything more here.
- if ui.insecureconnections:
- minimumprotocol = b'tls1.0'
- if not ciphers:
-- ciphers = b'DEFAULT'
-+ ciphers = b'DEFAULT:@SECLEVEL=0'
-
- s[b'minimumprotocol'] = minimumprotocol
- s[b'ciphers'] = ciphers
-
- # Look for fingerprints in [hostsecurity] section. Value is a list
- # of <alg>:<fingerprint> strings.
- fingerprints = ui.configlist(
- b'hostsecurity', b'%s:fingerprints' % bhostname
-@@ -621,17 +621,17 @@ def wrapserversocket(
-
- # Improve forward secrecy.
- sslcontext.options |= getattr(ssl, 'OP_SINGLE_DH_USE', 0)
- sslcontext.options |= getattr(ssl, 'OP_SINGLE_ECDH_USE', 0)
-
- # In tests, allow insecure ciphers
- # Otherwise, use the list of more secure ciphers if found in the ssl module.
- if exactprotocol:
-- sslcontext.set_ciphers('DEFAULT')
-+ sslcontext.set_ciphers('DEFAULT:@SECLEVEL=0')
- elif util.safehasattr(ssl, b'_RESTRICTED_SERVER_CIPHERS'):
- sslcontext.options |= getattr(ssl, 'OP_CIPHER_SERVER_PREFERENCE', 0)
- # pytype: disable=module-attr
- sslcontext.set_ciphers(ssl._RESTRICTED_SERVER_CIPHERS)
- # pytype: enable=module-attr
-
- if requireclientcert:
- sslcontext.verify_mode = ssl.CERT_REQUIRED
---- a/tests/test-https.t
-+++ b/tests/test-https.t
-@@ -356,19 +356,19 @@ Start servers running supported TLS vers
- $ cat ../hg1.pid >> $DAEMON_PIDS
- $ hg serve -p $HGPORT2 -d --pid-file=../hg2.pid --certificate=$PRIV \
- > --config devel.serverexactprotocol=tls1.2
- $ cat ../hg2.pid >> $DAEMON_PIDS
- $ cd ..
-
- Clients talking same TLS versions work
-
-- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT/
-+ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.0 --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 id https://localhost:$HGPORT/
- 5fed3813f7f5
-- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT id https://localhost:$HGPORT1/
-+ $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.1 --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 id https://localhost:$HGPORT1/
- 5fed3813f7f5
- $ P="$CERTSDIR" hg --config hostsecurity.minimumprotocol=tls1.2 id https://localhost:$HGPORT2/
- 5fed3813f7f5
-
- Clients requiring newer TLS version than what server supports fail
-
- $ P="$CERTSDIR" hg id https://localhost:$HGPORT/
- (could not negotiate a common security protocol (tls1.1+) with localhost; the likely cause is Mercurial is configured to be more secure than the server can support)
-@@ -400,17 +400,17 @@ Clients requiring newer TLS version than
-
- $ hg --config hostsecurity.minimumprotocol=tls1.2 id --insecure https://localhost:$HGPORT1/
- warning: connection security to localhost is disabled per current settings; communication is susceptible to eavesdropping and tampering
- 5fed3813f7f5
-
- The per-host config option overrides the default
-
- $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
-- > --config hostsecurity.ciphers=DEFAULT \
-+ > --config hostsecurity.ciphers=DEFAULT:@SECLEVEL=0 \
- > --config hostsecurity.minimumprotocol=tls1.2 \
- > --config hostsecurity.localhost:minimumprotocol=tls1.0
- 5fed3813f7f5
-
- The per-host config option by itself works
-
- $ P="$CERTSDIR" hg id https://localhost:$HGPORT/ \
- > --config hostsecurity.localhost:minimumprotocol=tls1.2
diff --git a/gnu/packages/version-control.scm b/gnu/packages/version-control.scm
index 19f128d45f..d6fdb3fcec 100644
--- a/gnu/packages/version-control.scm
+++ b/gnu/packages/version-control.scm
@@ -2084,16 +2084,15 @@ (define-public python-pre-commit
(define-public mercurial
(package
(name "mercurial")
- (version "6.2.2")
+ (version "6.7.2")
(source (origin
(method url-fetch)
(uri (string-append "https://www.mercurial-scm.org/"
"release/mercurial-" version ".tar.gz"))
- (patches (search-patches "mercurial-hg-extension-path.patch"
- "mercurial-openssl-compat.patch"))
+ (patches (search-patches "mercurial-hg-extension-path.patch"))
(sha256
(base32
- "1pr00hdk3l9095fhq6302fgj0wmbqhqs93y4r457ba4pyjjrvyly"))
+ "01nqvp3cvidlz9z5vm05vpq81r6x10jwwfcaz0gw9anz0l60f8hw"))
(modules '((guix build utils)))
(snippet
'(substitute* (find-files "tests" "\\.(t|sh)$")
@@ -2195,7 +2194,7 @@ (define-public mercurial
(define-public python-hg-evolve
(package
(name "python-hg-evolve")
- (version "10.3.2")
+ (version "11.1.3")
(source
(origin
(method hg-fetch)
@@ -2205,7 +2204,7 @@ (define-public python-hg-evolve
(file-name (hg-file-name name version))
(sha256
(base32
- "0qgk39s5pwxbshfa6x1f1ccxahja3fs265dddxy6q99spy3b3x5h"))))
+ "09rq3hgbb6qjws0kymnh8lbglsc5yjby3b2bc0savs2agf88j83z"))))
(build-system python-build-system)
(arguments
;; Tests need mercurial source code.
base-commit: 15a523ea213065c275e4852673cbb27c72c0ad87
prerequisite-patch-id: 088a72da8c11e5d1c7087b4a5e8bb9c4a3b9b2af
prerequisite-patch-id: a092dba2c994aba4c74f1484621cebe53f548492
prerequisite-patch-id: 09ee3fdfcc708aeec9e6a7a54e2993e857e19aca
prerequisite-patch-id: 7957383d6685c848a7cbfa78e930adeaf528a2e1
--
2.41.0
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 1125 bytes --]
reply other threads:[~2024-04-13 13:11 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87sezp1k94.fsf@web.de \
--to=guix-patches@gnu.org \
--cc=70366@debbugs.gnu.org \
--cc=arne_bab@web.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).