From: Nicolas Graves via Guix-patches via <guix-patches@gnu.org>
To: Zheng Junjie <zhengjunjie@iscas.ac.cn>, 74184@debbugs.gnu.org
Subject: [bug#74184] [PATCH] gnu: darkhttpd: Update to 1.16.
Date: Sun, 03 Nov 2024 16:47:58 +0100 [thread overview]
Message-ID: <87y120pbdd.fsf@ngraves.fr> (raw)
In-Reply-To: <877c9kqs12.fsf@ngraves.fr>
On 2024-11-03 16:02, Nicolas Graves wrote:
> Hi Zheng,
>
> I have a patch for this in 74035, which introduces security fixes for
> nearly all packages that have a CVE and have only a few dependent
> packages.
>
> For some reason, QA didn't accept it, I can resubmit a patch.
>
> Given the state of CI, and the time it takes to build guix, I think it's
> better to focus on this kind of small series for the time being. I
> would have to resubmit it so that QA accepts it, but in the meantime,
> feel free to review that!
Actually, to be more precise, the work I did on CVEs can be found in the
following patch series :
- 74034 adds properties for the guix lint cve checker so that we can be
more flexible when ignoring CVEs, then adds those properties for a bunch
of packages.
- 74035 adds quick&easy security fixes
- 74050 is the remaining part of 74034 before its v2, so that it makes
it clearer what is linked to the guix lint cve checker and what is not
And I also have some more focussed contributions for other packages:
73988, 73699, 73896
The particular case of postgresql:
- 74038 (probably should wait for some branch to pick that up), 74058
(should be merged rapidly IMO)
I think 74035 is a good start because it's independent from the rest,
quite easy to review and build, and fixes a lot of CVEs.
>
> Best,
> Nicolas
>
> On 2024-11-03 19:23, Zheng Junjie wrote:
>
>> * gnu/packages/web.scm (darkhttpd): Update to 1.16.
>> [native-inputs]: Add which and python-minimal.
>> [arguments]: Use G-expression. Add #:test-target "test"
>>
>> Change-Id: Ieb4f73d15e42efbdbb5bc310f37ff7b2763e7b36
>> ---
>> gnu/packages/web.scm | 27 ++++++++++++++-------------
>> 1 file changed, 14 insertions(+), 13 deletions(-)
>>
>> diff --git a/gnu/packages/web.scm b/gnu/packages/web.scm
>> index 34739bf088e..4848a7738de 100644
>> --- a/gnu/packages/web.scm
>> +++ b/gnu/packages/web.scm
>> @@ -6417,7 +6417,7 @@ (define-public surfraw
>> (define-public darkhttpd
>> (package
>> (name "darkhttpd")
>> - (version "1.13")
>> + (version "1.16")
>> (source
>> (origin
>> (method git-fetch)
>> @@ -6426,20 +6426,21 @@ (define-public darkhttpd
>> (commit (string-append "v" version))))
>> (file-name (git-file-name name version))
>> (sha256
>> - (base32 "0w11xq160q9yyffv4mw9ncp1n0dl50d9plmwxb0yijaaxls9i4sk"))))
>> + (base32 "15mmq1v8p50mm9wx5w6g4rlr40b7d044lw7rs1wyzdiw9lcnihvm"))))
>> (build-system gnu-build-system)
>> (arguments
>> - `(#:make-flags
>> - (list (string-append "CC=" ,(cc-for-target)))
>> - #:tests? #f ; No test suite
>> - #:phases
>> - (modify-phases %standard-phases
>> - (delete 'configure) ; no configure script
>> - (replace 'install
>> - (lambda* (#:key outputs #:allow-other-keys)
>> - (install-file "darkhttpd"
>> - (string-append (assoc-ref outputs "out")
>> - "/bin")))))))
>> + (list #:make-flags
>> + #~(list (string-append "CC=" #$(cc-for-target)))
>> + #:test-target "test"
>> + #:phases
>> + #~(modify-phases %standard-phases
>> + (delete 'configure) ; no configure script
>> + (replace 'install
>> + (lambda* (#:key outputs #:allow-other-keys)
>> + (install-file "darkhttpd"
>> + (string-append #$output "/bin")))))))
>> + (native-inputs
>> + (list which python-minimal))
>> (synopsis "Simple static web server")
>> (description "darkhttpd is a simple static web server. It is
>> standalone and does not need inetd or ucspi-tcp. It does not need any
>>
>> base-commit: a26ba23cdd476cb5eb8378c4785ccf1bc4145f17
>> prerequisite-patch-id: bc4ec5762b626a7ae22d68aac1744a4f1c6ffcff
>> prerequisite-patch-id: d9314911732a6e7420aee9888a6335b1fee67274
>> prerequisite-patch-id: 2004d3d10bba51deea93634b8a5ddeae1d049287
--
Best regards,
Nicolas Graves
prev parent reply other threads:[~2024-11-03 15:49 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-03 11:23 [bug#74184] [PATCH] gnu: darkhttpd: Update to 1.16 Zheng Junjie
2024-11-03 15:02 ` Nicolas Graves via Guix-patches via
2024-11-03 15:47 ` Nicolas Graves via Guix-patches via [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://guix.gnu.org/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87y120pbdd.fsf@ngraves.fr \
--to=guix-patches@gnu.org \
--cc=74184@debbugs.gnu.org \
--cc=ngraves@ngraves.fr \
--cc=zhengjunjie@iscas.ac.cn \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/guix.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).