Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

libupnp: 1.12.0 -> 1.14.0 #93048

Merged
merged 1 commit into from Oct 7, 2020
Merged

libupnp: 1.12.0 -> 1.14.0 #93048

merged 1 commit into from Oct 7, 2020

Conversation

@ardumont
Copy link
Contributor

@ardumont ardumont commented Jul 13, 2020

Trying to package gerbera (upnp media server) which requires at least that
dependency version in its build recipe.

  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS linux)
  • Built on platform(s)
    • NixOS,
    • macOS
    • other: debian with nix
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nixpkgs-review pr 93048 [1]
  • Tested execution of all binary files (usually in ./result/bin/)
  • Impact on package closure size: + 1352 (33560928 -> 33562280)
  • Ensured that relevant documentation is up to date
  • Fits CONTRIBUTING.md.

[1] 3 packages broke with this, last one (obs-ndi is in the same state as master, needs a license to build):

$ nix-shell -p nixpkgs-review --run "nixpkgs-review pr 93048"
...
6 package marked as broken and skipped:
libsForQt5.vlc libsForQt512.vlc libsForQt514.vlc retroshare retroshare06 ring-daemon

4 package failed to build:
amule amuleDaemon gmrender-resurrect obs-ndi

Those 3 are fixed with the following PR:

@risicle
Copy link
Contributor

@risicle risicle commented Sep 5, 2020

libupnp itself builds happily on macos 10.14 (all reverse dependencies on macos are marked broken).

@risicle
Copy link
Contributor

@risicle risicle commented Sep 6, 2020

Actually I've noticed libupnp 1.14.0 is now out, and it fixes https://nvd.nist.gov/vuln/detail/CVE-2020-13848 so it'd be useful to rebase & update this PR.

@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Sep 6, 2020

Actually I've noticed libupnp 1.14.0 is now out, and it fixes https://nvd.nist.gov/vuln/detail/CVE-2020-13848 so it'd be useful to
rebase & update this PR.

thanks for the heads up, i'll check and adapt.

@ardumont ardumont force-pushed the ardumont:bump-libupnp branch from bba35c3 to 3cccf9f Sep 6, 2020
@ardumont ardumont changed the title libupnp: 1.12.0 -> 1.12.1 libupnp: 1.12.0 -> 1.14.0 Sep 6, 2020
Copy link
Member

@timokau timokau left a comment

nix-review tells me that this breaks three packages that built previously: amule, amuleDaemon and gmrender-resurrect.

@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

nix-review tells me that this breaks three packages that built previously: amule, amuleDaemon and gmrender-resurrect.

Do you have some links about the proper way to deal with those package breaks?
Thanks for your time.

Cheers,

@timokau
Copy link
Member

@timokau timokau commented Oct 6, 2020

If you have some time to spare, you could have a look at the build log and see if there is anything obvious that needs fixing. It could also be helpful to check out the upstream bug ticker, or if there are any new releases available that might be compatible.

If you do not have the spare time right now, you can ping the maintainers of the broken packages here and give them ~a week to respond. They can then fix the issue, or if they don't respond you can mark the packages as broken.

@ardumont ardumont force-pushed the ardumont:bump-libupnp branch from 3cccf9f to 024ad57 Oct 6, 2020
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

I concur:

$ nix-shell -p nixpkgs-review --run "nixpkgs-review pr 93048"
...
6 package marked as broken and skipped:
libsForQt5.vlc libsForQt512.vlc libsForQt514.vlc retroshare retroshare06 ring-daemon

4 package failed to build:
amule amuleDaemon gmrender-resurrect obs-ndi

I checked against a more recent master build which render the same results (so i updated that diff).

It fixes CVE-2020-13848 [1]

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-13848
@ardumont ardumont mentioned this pull request Oct 6, 2020
6 of 10 tasks complete
ardumont added a commit to ardumont/nixpkgs that referenced this pull request Oct 6, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

#99893 fixes amule and amuleDaemon by bumping the version

ardumont added a commit to ardumont/nixpkgs that referenced this pull request Oct 6, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

obs-ndi

That's because it requires to validate a license for the build, it does not relate to this.
(It's in the same state as the master branch)

@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

gmrender-resurrect

I looked into that one as well and a PR is already opened to fix
the build against libupnp 1.14 upstream [1]

[1] hzeller/gmrender-resurrect#214

@ardumont ardumont mentioned this pull request Oct 6, 2020
5 of 10 tasks complete
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 6, 2020

gmrender-resurrect
I looked into that one as well and a PR is already opened to fix
the build against libupnp 1.14 upstream [1]

[1] hzeller/gmrender-resurrect#214

And there we go, #99899 should fix that last one.

ardumont added a commit to ardumont/nixpkgs that referenced this pull request Oct 6, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 7, 2020

Updated the summary with the other PR references.

@timokau
timokau approved these changes Oct 7, 2020
Copy link
Member

@timokau timokau left a comment

nixpkgs-review is happy now that #99893 and #99899 are in. Thanks!

@timokau timokau merged commit c7f33a5 into NixOS:master Oct 7, 2020
19 checks passed
19 checks passed
tests tests
Details
action
Details
Evaluation Performance Report Evaluator Performance Report
Details
Wait for ofborg
Details
grahamcofborg-eval ^.^!
Details
grahamcofborg-eval-check-maintainers matching changed paths to changed attrs...
Details
grahamcofborg-eval-check-meta config.nix: checkMeta = true
Details
grahamcofborg-eval-darwin nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./pkgs/t
Details
grahamcofborg-eval-lib-tests nix-build --arg pkgs import ./. {} ./lib/tests/release.nix
Details
grahamcofborg-eval-nixos nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./nixos/
Details
grahamcofborg-eval-nixos-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./nixos/
Details
grahamcofborg-eval-nixos-options nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./nixos/
Details
grahamcofborg-eval-nixpkgs-manual nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./pkgs/t
Details
grahamcofborg-eval-nixpkgs-tarball nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./pkgs/t
Details
grahamcofborg-eval-nixpkgs-unstable-jobset nix-instantiate --arg nixpkgs { outPath=./.; revCount=999999; shortRev="024ad57"; rev="024ad57ed1826480ab66f3d25a0dade39d1561f5"; } ./pkgs/t
Details
grahamcofborg-eval-package-list nix-env -qa --json --file .
Details
grahamcofborg-eval-package-list-no-aliases nix-env -qa --json --file . --arg config { allowAliases = false; }
Details
libupnp, libupnp.passthru.tests on aarch64-linux Success
Details
libupnp, libupnp.passthru.tests on x86_64-linux Success
Details
@ardumont
Copy link
Contributor Author

@ardumont ardumont commented Oct 7, 2020

\o/ Awesome \m/

Cheers,

@ardumont ardumont deleted the ardumont:bump-libupnp branch Oct 7, 2020
dasJ added a commit to helsinki-systems/nixpkgs that referenced this pull request Oct 7, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
Emantor added a commit to Emantor/nixpkgs that referenced this pull request Oct 9, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
dawidsowa added a commit to dawidsowa/nixpkgs that referenced this pull request Oct 11, 2020
There has been no new release since 2.3.2 for some years now (around 2016) [1]

The most recent master branch for the amule project includes a commit [2] which
fixes compilation breakage with the next libupnp version [3].

So this bumps the amule version to the latest commit of that repository.

[1] amule-project/amule#219

[2] amule-project/amule@8784480

[3] NixOS#93048
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants
You can’t perform that action at this time.