Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

net-libs/webkit-gtk: Version bump to 2.42.2 #33762

Closed
wants to merge 1 commit into from
Closed

net-libs/webkit-gtk: Version bump to 2.42.2 #33762

wants to merge 1 commit into from

Conversation

bitlord
Copy link
Contributor

@bitlord bitlord commented Nov 11, 2023

No description provided.

@gentoo-bot
Copy link

Pull Request assignment

Submitter: @bitlord
Areas affected: ebuilds
Packages affected: net-libs/webkit-gtk

net-libs/webkit-gtk: @gentoo/gnome

Linked bugs

No bugs to link found. If your pull request references any of the Gentoo bug reports, please add appropriate GLEP 66 tags to the commit message and request reassignment.

If you do not receive any reply to this pull request, please open or link a bug to attract the attention of maintainers.

In order to force reassignment and/or bug reference scan, please append [please reassign] to the pull request title.

Docs: Code of ConductCopyright policy (expl.) ● DevmanualGitHub PRsProxy-maint guide

@gentoo-bot gentoo-bot added assigned PR successfully assigned to the package maintainer(s). no bug found No Bug/Closes found in the commits. labels Nov 11, 2023
@bitlord
Copy link
Contributor Author

bitlord commented Nov 11, 2023

These are just copies of webkit-gtk-2.42.1* ebuilds, they build fine here using following flags:

net-libs/webkit-gtk-2.42.2-r600 X -aqua -avif -examples -gamepad gstreamer introspection jpeg2k -jpegxl jumbo-build keyring lcms pdf seccomp spell systemd wayland
net-libs/webkit-gtk-2.42.2-r410 X -aqua -avif -examples -gamepad gstreamer introspection jpeg2k -jpegxl jumbo-build keyring lcms pdf seccomp spell systemd wayland
net-libs/webkit-gtk-2.42.2 X -aqua -avif -examples -gamepad gstreamer introspection jpeg2k -jpegxl jumbo-build keyring lcms pdf seccomp spell systemd wayland

Regarding patch files/2.42.1-arm64-non-jumbo-fix.patch this doesn't seem to be applied upstream yet, applies fine here, but haven't renamed/copied it, not sure should we re-use this one even if it's named after previous release?

I'm only using net-libs/webkit-gtk-2.42.2-r{410,600}, so I didn't tested net-libs/webkit-gtk-2.42.2, except that it builds.

@gentoo-repo-qa-bot
Copy link
Collaborator

Pull request CI report

Report generated at: 2023-11-11 02:06 UTC
Newest commit scanned: ebe59d1
Status: ✅ good

There are existing issues already. Please look into the report to make sure none of them affect the packages in question:
https://qa-reports.gentoo.org/output/gentoo-ci/457495f47b/output.html

@thesamesam thesamesam requested a review from leio November 13, 2023 06:43
@bitlord
net-libs/webkit-gtk: Version bump to 2.42.2
f63cc09 
Signed-off-by: Branko Grubic <bitlord0xff@gmail.com>
@bitlord
Copy link
Contributor Author

bitlord commented Nov 13, 2023

Fixed KEYWORDS, forgot to reset, sorry!

@gentoo-repo-qa-bot
Copy link
Collaborator

Pull request CI report

Report generated at: 2023-11-13 18:41 UTC
Newest commit scanned: f63cc09
Status: ✅ good

There are existing issues already. Please look into the report to make sure none of them affect the packages in question:
https://qa-reports.gentoo.org/output/gentoo-ci/9582339605/output.html

@orlitzky
Copy link
Contributor

This is a security release (they pretty much all are):

https://www.openwall.com/lists/oss-security/2023/11/15/1

And can we please take this entry out of base/package.use.force while we're at it? (https://bugs.gentoo.org/914362#c26):

# Matt Turner <mattst88@gentoo.org> (2023-09-18)                                                                                                                             
# Disabling gstreamer seems to be untested upstream and is often broken.                                                                                                     
# The gstreamer dependencies are trivial in compile time and disk usage                                                                                                      
# compared to webkit-gtk.                                                                                                                                                    
# Bugs #911663, #914362                                                                                                                                                      
>=net-libs/webkit-gtk-2.42 gstreamer

@orlitzky
Copy link
Contributor

Can I merge this? The updates are trivial and it fixes arbitrary code execution on the web and probably also in evolution. I'm building with USE=gstreamer enabled to make sure that works, too. It should be done by tonight.

@leio
Copy link
Member

leio commented Dec 1, 2023

You need to test with gstreamer disabled, not enabled, in regards to the package.use.force - that forces it to always be enabled otherwise.
USE=-jumbo-build fix patch should be retained as well if it's still necessary for a successful build, which is likely if the patch still applies, and iirc that was only broken on arm64.
It is common to keep using patches versioned after the previous version if it still applies. modifying $PV to the version in the patch name in the process in the ebuild.

@orlitzky
Copy link
Contributor

orlitzky commented Dec 1, 2023

You need to test with gstreamer disabled, not enabled, in regards to the package.use.force

Whenever I say the opposite of what makes sense please just assume that I said the opposite of what I said :)

This version builds and runs fine without gstreamer.

@leio
Copy link
Member

leio commented Dec 3, 2023

Though to remove the entry, all remaining versions ought to build fine without it - or we need to version limit the restriction to the older versions and eventually clean it up as the old versions are gone naturally.

You can merge the ebuild side, if the diff with the previous version for each revision is only changing of $PV to 2.42.1 in the jumbo patch line - if something else, would be good to check the diff over.

@gentoo-bot gentoo-bot closed this in 01f0f0d Dec 4, 2023
gentoo-bot pushed a commit that referenced this pull request Dec 4, 2023
@orlitzky
profiles/base: un-force USE=gstreamer for newer webkit-gtk
8627ce0 
It works now. As someone who disables it, I'd rather have it fail to
build and have to make a decision every once in a while than have it
force-enabled forever.

Bug: https://bugs.gentoo.org/914362
Bug: #33762
Signed-off-by: Michael Orlitzky <mjo@gentoo.org>
@orlitzky
Copy link
Contributor

orlitzky commented Dec 4, 2023

Done!

Though to remove the entry, all remaining versions ought to build fine without it - or we need to version limit the restriction to the older versions and eventually clean it up as the old versions are gone naturally.

I changed it to <2.42 because I've only tested 2.42.1 and 2.42.2.

You can merge the ebuild side, if the diff with the previous version for each revision is only changing of $PV to 2.42.1 in the jumbo patch line - if something else, would be good to check the diff over.

The only diff between the versions is the ~arch keywords.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leio leio Awaiting requested review from leio

Assignees
No one assigned
Labels
assigned PR successfully assigned to the package maintainer(s). no bug found No Bug/Closes found in the commits.
Projects
None yet
Milestone
No milestone
5 participants
@bitlord @gentoo-bot @gentoo-repo-qa-bot @orlitzky @leio