svn commit: r552582 - in head/net-im/py-matrix-synapse: . files

Danilo G. Baio dbaio at FreeBSD.org
Sat Oct 17 14:34:52 UTC 2020 

Author: dbaio
Date: Sat Oct 17 14:34:50 2020
New Revision: 552582
URL: https://svnweb.freebsd.org/changeset/ports/552582

Log:
  net-im/py-matrix-synapse: Update to 1.21.2, Fix security issue
  
  Changelog:	https://github.com/matrix-org/synapse/blob/v1.21.2/CHANGES.md
  
  PR:		249948
  Submitted by:	Sascha Biberhofer <ports at skyforge.at> (maintainer)
  MFH:		2020Q4
  Security:	5f39d80f-107c-11eb-8b47-641c67a117d8

Modified:
  head/net-im/py-matrix-synapse/Makefile
  head/net-im/py-matrix-synapse/distinfo
  head/net-im/py-matrix-synapse/files/patch-synapse_python__dependencies.py

Modified: head/net-im/py-matrix-synapse/Makefile
==============================================================================
--- head/net-im/py-matrix-synapse/Makefile	Sat Oct 17 14:32:24 2020	(r552581)
+++ head/net-im/py-matrix-synapse/Makefile	Sat Oct 17 14:34:50 2020	(r552582)
@@ -3,7 +3,7 @@
 
 PORTNAME=	matrix-synapse
 DISTVERSIONPREFIX=	v
-DISTVERSION=	1.19.3
+DISTVERSION=	1.21.2
 CATEGORIES=	net-im python
 PKGNAMEPREFIX=	${PYTHON_PKGNAMEPREFIX}
 
@@ -17,7 +17,7 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}jsonschema>=2.5.1:devel/py-jsonschema@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}frozendict>=1:devel/py-frozendict@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}unpaddedbase64>=1.1.0:devel/py-unpaddedbase64@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}canonicaljson>=1.2.0:devel/py-canonicaljson@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}canonicaljson>=1.4.0:devel/py-canonicaljson@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}signedjson>=1.1.0:security/py-signedjson@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}pynacl>=1.2.1:security/py-pynacl@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}idna>=2.5:dns/py-idna@${PY_FLAVOR} \
@@ -35,7 +35,7 @@ RUN_DEPENDS=	${PYTHON_PKGNAMEPREFIX}jsonschema>=2.5.1:
 		${PYTHON_PKGNAMEPREFIX}pymacaroons>=0.13.0:security/py-pymacaroons@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}msgpack>=0.5.2:devel/py-msgpack@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}phonenumbers>=8.2.0:devel/py-phonenumbers@${PY_FLAVOR} \
-		${PYTHON_PKGNAMEPREFIX}prometheus-client>=0.2.0:net-mgmt/py-prometheus-client@${PY_FLAVOR} \
+		${PYTHON_PKGNAMEPREFIX}prometheus-client>=0.4.0:net-mgmt/py-prometheus-client@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}attrs>19.1.0:devel/py-attrs@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}netaddr>=0.7.18:net/py-netaddr@${PY_FLAVOR} \
 		${PYTHON_PKGNAMEPREFIX}simplejson>=3.10.0:devel/py-simplejson@${PY_FLAVOR} \

Modified: head/net-im/py-matrix-synapse/distinfo
==============================================================================
--- head/net-im/py-matrix-synapse/distinfo	Sat Oct 17 14:32:24 2020	(r552581)
+++ head/net-im/py-matrix-synapse/distinfo	Sat Oct 17 14:34:50 2020	(r552582)
@@ -1,3 +1,3 @@
-TIMESTAMP = 1600536738
-SHA256 (matrix-org-synapse-v1.19.3_GH0.tar.gz) = 50573233efc56c2222e6de35ad7d2eeafe16af0c1dde0dc216c16d4737d47015
-SIZE (matrix-org-synapse-v1.19.3_GH0.tar.gz) = 6778524
+TIMESTAMP = 1602777544
+SHA256 (matrix-org-synapse-v1.21.2_GH0.tar.gz) = ec7073befcda697428c4d634c7a8637ea7d1b01639b3a943d72821ba8110a0bf
+SIZE (matrix-org-synapse-v1.21.2_GH0.tar.gz) = 6930190

Modified: head/net-im/py-matrix-synapse/files/patch-synapse_python__dependencies.py
==============================================================================
--- head/net-im/py-matrix-synapse/files/patch-synapse_python__dependencies.py	Sat Oct 17 14:32:24 2020	(r552581)
+++ head/net-im/py-matrix-synapse/files/patch-synapse_python__dependencies.py	Sat Oct 17 14:34:50 2020	(r552582)
@@ -1,11 +1,11 @@
---- synapse/python_dependencies.py.orig	2020-07-15 20:12:36 UTC
+--- synapse/python_dependencies.py.orig	2020-10-15 15:59:57 UTC
 +++ synapse/python_dependencies.py
-@@ -66,7 +66,7 @@ REQUIREMENTS = [
-     "pymacaroons>=0.13.0",
-     "msgpack>=0.5.2",
-     "phonenumbers>=8.2.0",
--    "prometheus_client>=0.0.18,<0.9.0",
-+    "prometheus_client>=0.0.18",
-     # we use attr.validators.deep_iterable, which arrived in 19.1.0
-     "attrs>=19.1.0",
-     "netaddr>=0.7.18",
+@@ -72,7 +72,7 @@ REQUIREMENTS = [
+     # prom-client has a history of breaking backwards compatibility between
+     # minor versions (https://github.com/prometheus/client_python/issues/317),
+     # so we also pin the minor version.
+-    "prometheus_client>=0.4.0,<0.9.0",
++    "prometheus_client>=0.4.0",
+     # we use attr.validators.deep_iterable, which arrived in 19.1.0 (Note:
+     # Fedora 31 only has 19.1, so if we want to upgrade we should wait until 33
+     # is out in November.)

More information about the svn-ports-all mailing list