From nobody Thu May 22 20:12:11 2025
X-Original-To: dev-commits-ports-all@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4b3KFl4tPzz5vslV;
	Thu, 22 May 2025 20:12:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (4096 bits) client-digest SHA256)
	(Client CN "mxrelay.nyi.freebsd.org", Issuer "R11" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4b3KFl40M4z3RY5;
	Thu, 22 May 2025 20:12:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim;
	t=1747944731;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=C9RUppgoRIbGRFEASGmu0mFhRfZOSdERannn1ELeKM4=;
	b=LUnC2K+dF5x8O01mVTZMe6enptdgNdL1EtFgc2vexiC/K0UKd/UJQ/oatAKpUn4TA/q6BY
	ElDClztZLxr640gRpGryYE5wo8ChYhO5rHZJmipP4FTs74z8w2AYFXkYbbVOy8MG0f79AR
	sNMEkLpVvM642JOVbN+uH3yw71JNXNFc15ngnFyBwLFOXs0CaWVxWl8NfLvPdahtwBcLQP
	LD/SZo74DXunOXivqEV7BGNQB+9SXRYQyP7PqN8bTtOjfm8SIg7tZdXaAlwY+bC2ntXBW6
	lLO5KPD5Ye/Nka9qxIw497+ePtQk+XA+nv25IicdepwOL6ctvMOCIghoitu7Jw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org;
	s=dkim; t=1747944731;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	 to:to:cc:mime-version:mime-version:content-type:content-type:
	 content-transfer-encoding:content-transfer-encoding;
	bh=C9RUppgoRIbGRFEASGmu0mFhRfZOSdERannn1ELeKM4=;
	b=tCicK9sBTBsgO1M3ggUTZHRTs6OwCZdlV70t9sLHzte8pMWFCV6MrHU+9yGM5pMXMOwkbM
	EOzTW/OX2dlcPsdwAKUliN9PztFx67olDpNRQ0sQ0YlzQblgMPjJBJVIBc89wEhIpqP9Up
	hD/lJg8NcGUAUpWcrj/nDFpiCWZ6tNh7Hrk0r752RdIcEyVRzyMRbcZXgwBGRbHM2ZC2GX
	pbi/n+LVWBjeKP98jpHUdN3oKgyOE8UilLbsmTz5dbZlxZXvhRVL5j8GYPogXxcrZ3NY9p
	WrDaVa23bXdsXsaIHp2DbGRCyP2L5kZKpq6BOUk3twgFEXin5aQh3gzGwlJOYg==
ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1747944731; a=rsa-sha256; cv=none;
	b=oUDDEV/fbpF3hyNZkbbBjmdD8rBdGDgNhW0GzFeCDCP65nVKhQDIcjjsKy1iVZPxezXt9e
	DFRBBQ3u/2CR3UXm67TOMzRoMgxZlSUE34moWCtKCWkpR1EN4735M8R3rV8xz7Rm23lncS
	Vj2xegVXyl7KG+RVE4JxXInDR4GIFrOdLElJY62EiF7r0ox9EWes8PGh4Eb4lJiCmG+GCM
	zvlwo7AA9WKitUYmIZlSHVT7kVbehkGGCli9ktPOG9pkRhqy2nnWjdGIuRNTYrFyN2GukY
	X3b16XG+S20PV6RmkMaidRaAioZOn4aU12kM3m+NJF8Cj+jukZpl36v39eoaww==
ARC-Authentication-Results: i=1;
	mx1.freebsd.org;
	none
Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256)
	(Client did not present a certificate)
	by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4b3KFl3P72zbt5;
	Thu, 22 May 2025 20:12:11 +0000 (UTC)
	(envelope-from git@FreeBSD.org)
Received: from gitrepo.freebsd.org ([127.0.1.44])
	by gitrepo.freebsd.org (8.18.1/8.18.1) with ESMTP id 54MKCB8a051412;
	Thu, 22 May 2025 20:12:11 GMT
	(envelope-from git@gitrepo.freebsd.org)
Received: (from git@localhost)
	by gitrepo.freebsd.org (8.18.1/8.18.1/Submit) id 54MKCBH3051397;
	Thu, 22 May 2025 20:12:11 GMT
	(envelope-from git)
Date: Thu, 22 May 2025 20:12:11 GMT
Message-Id: <202505222012.54MKCBH3051397@gitrepo.freebsd.org>
To: ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org,
        dev-commits-ports-main@FreeBSD.org
From: Vladimir Druzenko <vvd@FreeBSD.org>
Subject: git: d25483005730 - main - www/forgejo: Update 10.0.3 =>
  11.0.1 (fix security issues)
List-Id: Commit messages for all branches of the ports repository <dev-commits-ports-all.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/dev-commits-ports-all
List-Help: <mailto:dev-commits-ports-all+help@freebsd.org>
List-Post: <mailto:dev-commits-ports-all@freebsd.org>
List-Subscribe: <mailto:dev-commits-ports-all+subscribe@freebsd.org>
List-Unsubscribe: <mailto:dev-commits-ports-all+unsubscribe@freebsd.org>
X-BeenThere: dev-commits-ports-all@freebsd.org
Sender: owner-dev-commits-ports-all@FreeBSD.org
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 8bit
X-Git-Committer: vvd
X-Git-Repository: ports
X-Git-Refname: refs/heads/main
X-Git-Reftype: branch
X-Git-Commit: d254830057301d80102a0c918a6da9137662950d
Auto-Submitted: auto-generated

The branch main has been updated by vvd:

URL: https://cgit.FreeBSD.org/ports/commit/?id=d254830057301d80102a0c918a6da9137662950d

commit d254830057301d80102a0c918a6da9137662950d
Author:     Vladimir Druzenko <vvd@FreeBSD.org>
AuthorDate: 2025-05-22 20:05:29 +0000
Commit:     Vladimir Druzenko <vvd@FreeBSD.org>
CommitDate: 2025-05-22 20:05:29 +0000

    www/forgejo: Update 10.0.3 => 11.0.1 (fix security issues)
    
    News:
    https://forgejo.org/2025-04-release-v11-0/
    https://forgejo.org/2025-04-monthly-update/#security-releases-v1101-and-v7015
    
    Relsease notes:
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/11.0.0.md
    https://codeberg.org/forgejo/forgejo/src/branch/forgejo/release-notes-published/11.0.1.md
    
    While here remove go version after default go version was increased to 1.24.
    
    PR:             286296
    Approved by:    Stefan Bethke <stb@lassitu.de> (maintainer, timeout 1 month)
    MFH:            2025Q2
---
 www/forgejo/Makefile        |   5 +-
 www/forgejo/distinfo        |   6 +--
 www/forgejo/files/patch-pam | 115 ++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 120 insertions(+), 6 deletions(-)

diff --git a/www/forgejo/Makefile b/www/forgejo/Makefile
index ac06b47606cc..13181d0b4382 100644
--- a/www/forgejo/Makefile
+++ b/www/forgejo/Makefile
@@ -1,7 +1,6 @@
 PORTNAME=	forgejo
 DISTVERSIONPREFIX=	v
-DISTVERSION=	10.0.3
-PORTREVISION=	1
+DISTVERSION=	11.0.1
 CATEGORIES=	www
 MASTER_SITES=	https://codeberg.org/forgejo/forgejo/releases/download/${DISTVERSIONPREFIX}${DISTVERSION}/
 DISTNAME=	forgejo-src-${DISTVERSION}
@@ -15,7 +14,7 @@ LICENSE_FILE=	${WRKSRC}/LICENSE
 
 RUN_DEPENDS=	git:devel/git
 
-USES=		cpe gmake go:1.23,no_targets
+USES=		cpe gmake go:no_targets
 USE_RC_SUBR=	forgejo
 
 CONFLICTS_INSTALL=	forgejo[0-79]*
diff --git a/www/forgejo/distinfo b/www/forgejo/distinfo
index efbe922d8464..0e31c7002884 100644
--- a/www/forgejo/distinfo
+++ b/www/forgejo/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1742780434
-SHA256 (forgejo-src-10.0.3.tar.gz) = 3d1931908bd30774d5d9d9c90e44848a8f6ea57115cb386fc027efdc47271733
-SIZE (forgejo-src-10.0.3.tar.gz) = 57115818
+TIMESTAMP = 1746741570
+SHA256 (forgejo-src-11.0.1.tar.gz) = b8ae645099821e978d096888d17d7e969b05b2b7576ae1d0f4850238305fedd6
+SIZE (forgejo-src-11.0.1.tar.gz) = 55352620
diff --git a/www/forgejo/files/patch-pam b/www/forgejo/files/patch-pam
new file mode 100644
index 000000000000..78e5366e887b
--- /dev/null
+++ b/www/forgejo/files/patch-pam
@@ -0,0 +1,115 @@
+--- vendor/github.com/msteinert/pam/v2/errors.go.orig	2025-05-02 07:02:58 UTC
++++ vendor/github.com/msteinert/pam/v2/errors.go
+@@ -77,15 +77,6 @@ const (
+ 	ErrAuthtokExpired Error = C.PAM_AUTHTOK_EXPIRED
+ 	// ErrModuleUnknown indicates a module is not known.
+ 	ErrModuleUnknown Error = C.PAM_MODULE_UNKNOWN
+-	// ErrBadItem indicates a bad item passed to pam_*_item().
+-	ErrBadItem Error = C.PAM_BAD_ITEM
+-	// ErrConvAgain indicates a conversation function is event driven and data
+-	// is not available yet.
+-	ErrConvAgain Error = C.PAM_CONV_AGAIN
+-	// ErrIncomplete indicates to please call this function again to complete
+-	// authentication stack. Before calling again, verify that conversation
+-	// is completed.
+-	ErrIncomplete Error = C.PAM_INCOMPLETE
+ )
+ 
+ // Error returns the error message for the given status.
+--- vendor/github.com/msteinert/pam/v2/errors_linux.go.orig	1970-01-01 00:00:00 UTC
++++ vendor/github.com/msteinert/pam/v2/errors_linux.go
+@@ -0,0 +1,21 @@
++//go:build linux
++
++package pam
++
++/*
++#include <security/pam_appl.h>
++*/
++import "C"
++
++// Pam Return types
++const (
++	// ErrBadItem indicates a bad item passed to pam_*_item().
++	ErrBadItem Error = C.PAM_BAD_ITEM
++	// ErrConvAgain indicates a conversation function is event driven and data
++	// is not available yet.
++	ErrConvAgain Error = C.PAM_CONV_AGAIN
++	// ErrIncomplete indicates to please call this function again to complete
++	// authentication stack. Before calling again, verify that conversation
++	// is completed.
++	ErrIncomplete Error = C.PAM_INCOMPLETE
++)
+--- vendor/github.com/msteinert/pam/v2/transaction.c.orig	2025-05-02 07:02:58 UTC
++++ vendor/github.com/msteinert/pam/v2/transaction.c
+@@ -47,15 +47,30 @@ void init_pam_conv(struct pam_conv *conv, uintptr_t ap
+ 	conv->appdata_ptr = (void *)appdata;
+ }
+ 
++#ifdef OPENPAM
++int pam_start_confdir(const char *service_name, const char *user, const struct pam_conv *pam_conversation,
++		      const char *confdir, pam_handle_t **pamh)
++{
++	if (pamh != NULL)
++		*pamh = NULL;
++
++	return PAM_SYSTEM_ERR;
++}
++#else
+ // pam_start_confdir is a recent PAM api to declare a confdir (mostly for
+ // tests) weaken the linking dependency to detect if it’s present.
+ int pam_start_confdir(const char *service_name, const char *user, const struct pam_conv *pam_conversation,
+ 		      const char *confdir, pam_handle_t **pamh) __attribute__((weak));
++#endif
+ 
+ int check_pam_start_confdir(void)
+ {
++#ifdef OPENPAM
++	return 1;
++#else
+ 	if (pam_start_confdir == NULL)
+ 		return 1;
+ 
+ 	return 0;
++#endif
+ }
+--- vendor/github.com/msteinert/pam/v2/transaction.go.orig	2025-05-02 07:02:58 UTC
++++ vendor/github.com/msteinert/pam/v2/transaction.go
+@@ -257,14 +257,6 @@ const (
+ 	Ruser Item = C.PAM_RUSER
+ 	// UserPrompt is the string use to prompt for a username.
+ 	UserPrompt Item = C.PAM_USER_PROMPT
+-	// FailDelay is the app supplied function to override failure delays.
+-	FailDelay Item = C.PAM_FAIL_DELAY
+-	// Xdisplay is the X display name
+-	Xdisplay Item = C.PAM_XDISPLAY
+-	// Xauthdata is the X server authentication data.
+-	Xauthdata Item = C.PAM_XAUTHDATA
+-	// AuthtokType is the type for pam_get_authtok
+-	AuthtokType Item = C.PAM_AUTHTOK_TYPE
+ )
+ 
+ // SetItem sets a PAM information item.
+--- vendor/github.com/msteinert/pam/v2/transaction_linux.go.orig	1970-01-01 00:00:00 UTC
++++ vendor/github.com/msteinert/pam/v2/transaction_linux.go
+@@ -0,0 +1,20 @@
++//go:build linux
++
++package pam
++
++/*
++#include <security/pam_appl.h>
++*/
++import "C"
++
++// PAM Item types.
++const (
++	// FailDelay is the app supplied function to override failure delays.
++	FailDelay Item = C.PAM_FAIL_DELAY
++	// Xdisplay is the X display name
++	Xdisplay Item = C.PAM_XDISPLAY
++	// Xauthdata is the X server authentication data.
++	Xauthdata Item = C.PAM_XAUTHDATA
++	// AuthtokType is the type for pam_get_authtok
++	AuthtokType Item = C.PAM_AUTHTOK_TYPE
++)