Re: If a submitted port is in "enlightenment" category, who should maintain it?

2018-02-26 Thread Mathieu Arnold 
On Sun, Feb 25, 2018 at 02:45:17PM -0800, Yuri wrote:
> Can it/should it be assigned to enlightenm...@freebsd.org?
> 
> Does enlightenm...@freebsd.org need to be asked if they want to maintain it?
> 
> Or the submitter should maintain it?

New ports must be maintained by their submitter.

-- 
Mathieu Arnold


signature.asc
Description: PGP signature

FreeBSD ports you maintain which are out of date

2018-02-26 Thread portscout 
Dear port maintainer,

The portscout new distfile checker has detected that one or more of your
ports appears to be out of date. Please take the opportunity to check
each of the ports listed below, and if possible and appropriate,
submit/commit an update. If any ports have already been updated, you can
safely ignore the entry.

You will not be e-mailed again for any of the port/version combinations
below.

Full details can be found at the following URL:
http://portscout.freebsd.org/po...@freebsd.org.html


Port| Current version | New version
+-+
devel/distcc| 3.1 | v3.2rc1.1
+-+
devel/py-pyvisa | 1.8 | 1.9.0
+-+
devel/py-spyder | 2.3.7   | v3.2.7
+-+


If any of the above results are invalid, please check the following page
for details on how to improve portscout's detection and selection of
distfiles on a per-port basis:

http://portscout.freebsd.org/info/portscout-portconfig.txt

Thanks.
___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"

Re: poudriere: "Permission denied" in the extract phase?

2018-02-26 Thread Marcin Cieslak 
On Sun, 25 Feb 2018, Yuri wrote:

> On 02/25/18 05:37, Marcin Cieslak wrote:
> > Yes, this is my private port that I am using to produce FreeBSD binaries
> > for node-sass. Getting binary npm modules into our ports tree is another
> > conversation.
> > 
> > The problem here is that a whole thing worked for me before for months
> > so I am aware of all those limitations for particular build phases
> > (it took me long to figure out that).
> 
> 
> npm is an extremely volatile technology. Some package might work now, and then
> break in a week due to a dependency package update.
> 
> It continuously automatically updates files that are downloaded as
> dependencies.
> 
> NodeJS is largely incompatible with the FreeBSD ports system because of this
> volatility.
> 
> NodeJS is also a very insecure technology. It brings files directly from
> github without any vetting. So if somebody will update some github package
> with malware, it is extremely likely that next day this malware will end up on
> your production servers. There is nobody in between, you have to always trust
> hundreds of parties.

I think I have some idea how we can tame this somewhat without allowing for
a wild fetch.

It seems that I need to learn more about the code that checks the completness
of the distfiles, since "make checksum" insists on redoing things all again:

# rm -rf distinfo 
# make makesum
# cat distinfo
TIMESTAMP = 1519691985
SHA256 (sass-node-sass-v4.7.2_GH0.tar.gz) = 
21cdea5c6bf73825eaec06e78a0bcc54ed75c0953e05c72fe4b4316d756b9e35
SIZE (sass-node-sass-v4.7.2_GH0.tar.gz) = 398635
# env TERM=dumb make checksum
===>  License MIT accepted by the user
===>   node-sass-4.7.2 depends on file: /usr/local/sbin/pkg - found
===>   node-sass-4.7.2 depends on package: npm>=0 - found
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /usr/ports/distfiles/node-sass
/bin/mkdir -p /usr/ports/distfiles/npm
cp -f /home/saper/sw/FreeBSD/ports/textproc/node-sass/files/package-lock.json 
/usr/ports/distfiles/node-sass
cp -f /home/saper/sw/FreeBSD/ports/textproc/node-sass/files/package.json 
/usr/ports/distfiles/node-sass
(cd /usr/ports/distfiles/node-sass && /usr/bin/env 
NPM_CONFIG_CACHE=/usr/ports/distfiles/npm npm install --ignore-scripts)
npm WARN lifecycle node-sass@4.7.2~install: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 node scripts/install.js /usr/ports/distfiles/node-sass
npm WARN lifecycle node-sass@4.7.2~postinstall: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 node scripts/build.js /usr/ports/distfiles/node-sass
npm WARN prepublish-on-install As of npm@5, `prepublish` scripts are deprecated.
npm WARN prepublish-on-install Use `prepare` for build steps and 
`prepublishOnly` for upload-only.
npm WARN prepublish-on-install See the deprecation note in `npm help scripts` 
for more information.
npm WARN lifecycle node-sass@4.7.2~prepublish: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 not-in-install && node scripts/prepublish.js || in-install 
/usr/ports/distfiles/node-sass
up to date in 1.952s
=> SHA256 Checksum OK for sass-node-sass-v4.7.2_GH0.tar.gz.
# env TERM=dumb make checksum
===>  License MIT accepted by the user
===>   node-sass-4.7.2 depends on file: /usr/local/sbin/pkg - found
===>   node-sass-4.7.2 depends on package: npm>=0 - found
===> Fetching all distfiles required by node-sass-4.7.2 for building
/bin/mkdir -p /usr/ports/distfiles/node-sass
/bin/mkdir -p /usr/ports/distfiles/npm
cp -f /home/saper/sw/FreeBSD/ports/textproc/node-sass/files/package-lock.json 
/usr/ports/distfiles/node-sass
cp -f /home/saper/sw/FreeBSD/ports/textproc/node-sass/files/package.json 
/usr/ports/distfiles/node-sass
(cd /usr/ports/distfiles/node-sass && /usr/bin/env 
NPM_CONFIG_CACHE=/usr/ports/distfiles/npm npm install --ignore-scripts)
npm WARN lifecycle node-sass@4.7.2~install: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 node scripts/install.js /usr/ports/distfiles/node-sass
npm WARN lifecycle node-sass@4.7.2~postinstall: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 node scripts/build.js /usr/ports/distfiles/node-sass
npm WARN prepublish-on-install As of npm@5, `prepublish` scripts are deprecated.
npm WARN prepublish-on-install Use `prepare` for build steps and 
`prepublishOnly` for upload-only.
npm WARN prepublish-on-install See the deprecation note in `npm help scripts` 
for more information.
npm WARN lifecycle node-sass@4.7.2~prepublish: cannot run in wd %s %s (wd=%s) 
node-sass@4.7.2 not-in-install && node scripts/prepublish.js || in-install 
/usr/ports/distfiles/node-sass
up to date in 1.921s
=> SHA256 Checksum OK for sass-node-sass-v4.7.2_GH0.tar.gz.

So this is not poudriere's fault.

Marcin

smime.p7s
Description: S/MIME Cryptographic Signature

Re: poudriere: "Permission denied" in the extract phase?

2018-02-26 Thread Marcin Cieslak 
On Tue, 27 Feb 2018, Marcin Cieslak wrote:

> On Sun, 25 Feb 2018, Yuri wrote:
> 
> > On 02/25/18 05:37, Marcin Cieslak wrote:
> > > Yes, this is my private port that I am using to produce FreeBSD binaries
> > > for node-sass. Getting binary npm modules into our ports tree is another
> > > conversation.
> > > 
> > > The problem here is that a whole thing worked for me before for months
> > > so I am aware of all those limitations for particular build phases
> > > (it took me long to figure out that).
> > 
> > 
> > npm is an extremely volatile technology. Some package might work now, and 
> > then
> > break in a week due to a dependency package update.
> > 
> > It continuously automatically updates files that are downloaded as
> > dependencies.
> > 
> > NodeJS is largely incompatible with the FreeBSD ports system because of this
> > volatility.
> > 
> > NodeJS is also a very insecure technology. It brings files directly from
> > github without any vetting. So if somebody will update some github package
> > with malware, it is extremely likely that next day this malware will end up 
> > on
> > your production servers. There is nobody in between, you have to always 
> > trust
> > hundreds of parties.
> 
> I think I have some idea how we can tame this somewhat without allowing for
> a wild fetch.
> 
> It seems that I need to learn more about the code that checks the completness
> of the distfiles, since "make checksum" insists on redoing things all again:
> 
> # rm -rf distinfo 
> # make makesum
> 

(...)

So I don't know what has changed and why but the temporary fix is to
use "if" to check if the desired files are not already there, and
then proceeding with "post-fetch" only if the files are not found.

Marcin

smime.p7s
Description: S/MIME Cryptographic Signature

New port: net/gobgp -- BGP routing daemon implemented in golang

2018-02-26 Thread John W. O'Brien 
Hello FreeBSD ports,

This new port [0] has not gotten any committer love for the last two
weeks since it was last refreshed. I would appreciate feedback or to
have it added to the ports tree, as I'm sure nork (maintainer) would too.

[0] net/gobgp: Add a new port GoBGP, which is a BGP routing daemon
implemented in golang.
https://bugs.freebsd.org/218678

-- 
John W. O'Brien
OpenPGP keys:
0x33C4D64B895DBF3B
0x474ABD3C1A7B3F70 (expires 2018-03-14)



signature.asc
Description: OpenPGP digital signature

Re: committer for textproc/p5-XML-SAX

2018-02-26 Thread Walter Schwarzenfeld 
There were some posts about checksum mismatches on pipermail. One of the 
oldest problems is p5-XML-SAX. Over theĀ  time Tatsuki Makino 
 has submitted four or more patches. 
This was never committed. Original PR dates from 2015-01-22..


___
freebsd-ports@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-ports
To unsubscribe, send any mail to "freebsd-ports-unsubscr...@freebsd.org"