updating security/nss

Mikhail Teterin mi+kde at aldan.algebra.com
Thu Jul 28 05:43:48 GMT 2005 

On Thursday 28 July 2005 12:34 am, Joe Marcus Clarke wrote:
= > Great. I hope, you'll find it possible to use some of the features
= > of my version nevertheless. In particular:
= > 
= > 	. do not build/use NSS' own version of -lz;
= > 	. do not build/use NSS' own version of db (patch-sysdb);
= > 	. patch the tests, so they can be used automatically;
= > 	. fix a lot of compiler warnings and some warning-identified
= > 	  bugs.

= The tests will not be run automatically. Most users don't care about
= this,

_Users_ may not care (how do you know, BTW?), but you (the maintainers)
should. Wouldn't you rather learn, that "test such and such failed",
than "evolution crashed"? Also, if some change in the OS breaks a test,
we better learn about quickly -- and with automated tests in post-build
we will. If you read the change I submitted, you'll see, that the
vendors' tests run only if BATCH is defined -- is that a compromise?

= and Kris is working on creating a regression framework for package
= builds on the cluster.

Whatever regression framework Kris (CC-ed) comes up with, it should
be using software vendors' own self-tests, whenever such tests are
available. In fact, one of the ways to do it would be to check if a port
has a "test" (or "do-test") target.

My version of the update (for both NSPR and NSS) provide such a target
to each and I've spent considerable amounts of both time and effort to
make the tests easy to run and to avoid bogus failures.

These are live and kicking regression tests available today...
 
= As for the other things, you're free to modify the diff I sent out to
= the gnome list.

Can you give me a URL?

= > P.S. I just realized, that our recent upgrade of devel/nspr
= > should've bumped the major library version(s) :-( The new version
= > provides some stuff, that is required to build the browsers --
= > without the major number bump, the browsers will not be able to
= > LIB_DEPEND properly.
=
= The browsers use their own version of nspr.

They should not. I'm attaching your e-mail from 6 months ago, which
points at the then-current NSPR being too old as the only barrier to
using it instead of browsers' own versions. That e-mail prompted me
to file:

	https://bugzilla.mozilla.org/show_bug.cgi?id=276891

which was finally (partially) solved a few weeks ago...

Browsers' configure scripts have the

	--with-system-nspr

option and we should definetly use it. Installing include/mozilla/nspr,
include/firefox/nspr, and include/nspr is SO WRONG, I can't believe, we
are even discussing this...

On top of that, we should consider something like --with-system-nss too.

At any rate, the need for the major-version bump for -lnspr4 follows
from the simple fact, that it provides new symbols. Things, which don't
care (gaim, evolution) should have their LIB_DEPENDS cleaned up to not
insist on a particular version of nspr.

Browsers (when changed) will need to LIB_DEPEND on:

	nspr.[2-9]:${PORTSDIR}/devel/nspr

Yours,

	-mi

-------------- next part --------------
An embedded message was scrubbed...
From: Joe Marcus Clarke <marcus at marcuscom.com>
Subject: Re: mozilla vs. nspr
Date: Sat, 01 Jan 2005 16:34:00 -0500
Size: 2959
Url: http://lists.freebsd.org/pipermail/freebsd-gnome/attachments/20050728/d6f9ef99/mozillavs.mht

More information about the freebsd-gnome mailing list