From 617235dff1dbd1417bab5238be252560172cca61 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Tue, 5 Oct 2021 10:55:08 +0200 Subject: [PATCH 1/2] app-editors/vim: delete unnecessary 8.2.0360-r1 Now that we updated vim to 8.2.0814 via https://github.com/flatcar-linux/portage-stable/pull/223 , we do not need to keep vim 8.2.0360-r1 in coreos-overlay. The vimdiff patch for Flatcar was already merged to Gentoo. --- .../coreos-overlay/app-editors/vim/Manifest | 4 - .../app-editors/vim/files/vim-completion | 36 -- .../app-editors/vim/metadata.xml | 20 -- .../app-editors/vim/vim-8.2.0360-r1.ebuild | 321 ------------------ 4 files changed, 381 deletions(-) delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-editors/vim/Manifest delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-editors/vim/files/vim-completion delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-editors/vim/metadata.xml delete mode 100644 sdk_container/src/third_party/coreos-overlay/app-editors/vim/vim-8.2.0360-r1.ebuild diff --git a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/Manifest b/sdk_container/src/third_party/coreos-overlay/app-editors/vim/Manifest deleted file mode 100644 index 2586dc66c3..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/Manifest +++ /dev/null @@ -1,4 +0,0 @@ -DIST vim-8.2.0210-gentoo-patches.tar.bz2 2755 BLAKE2B 21f1fb97c95d4f2eb45968783add80e11011be12fd2d701c267644a44da9782214828e022667c1a0a2ed08aedb7c12b6756a8b8adea4db5c7a3cb7dc94b75fd8 SHA512 c942c33dc033d63569e07523fa7652d1c53685aa64f9e7a4bf4e6126012790ec0ec820a7a9209cfe64096679ba8a9f9394ed92696a933e3c8be10658d16b8a7b -DIST vim-8.2.0360-gentoo-patches.tar.xz 2612 BLAKE2B a9273a686b31dd873b25bfc07f7bc254f11038bde275ae4e6f56513a14e0268fdc1032ae847d1d7f8539f8a657217011770ccb4685998f34722383ec7bfb1a15 SHA512 00bc8eb8b20a4a6f3bbd179bb90d42fa6727c8eaae5b625e95e52c33638d456ef36d06b51c542ecaffb237c0b4f7aa72dc3bae7fe00144d55ab0d2fa51950f3b -DIST vim-8.2.0360.tar.gz 14842830 BLAKE2B fe3a13cb4bef4ada1bd13cdc80aa9a4ab275d1ff16a7f5308109adc7c5a3459393e1c8153fa32a972141b27cce3aaff50c59416d1ba32e4dca03074be49705a9 SHA512 183bcb5cc73290193de99beb69b56b64efa37db9d905c6e76a51ac727f4447f76346dde632e2dfae9d289abb4b9ca11a14f7e350eaa699fc2c3c7c2e35fc20b2 -DIST vim-8.2.0508.tar.gz 14885937 BLAKE2B 70d9cbaa69fac168e6719ef6ee0fadef21bc0b4c17e3c01d983cfe7d75ec831089845aae2f4ca2b5eba02ea24664dc968b0d472254db45e13a5a1f9cdc62253a SHA512 0cbe7cb8d16ac9ed2e6b2f7031bf3b962bcfa199ef7421dfa549fd53f42eb00fc20a14d0df13fcdb4b5f06c88e659086f8d277797824e628133ebd66c72232b6 diff --git a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/files/vim-completion b/sdk_container/src/third_party/coreos-overlay/app-editors/vim/files/vim-completion deleted file mode 100644 index 67537d6310..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/files/vim-completion +++ /dev/null @@ -1,36 +0,0 @@ -# Author: Ciaran McCreesh -# -# completion for vim - -_vim() -{ - local cur prev cmd args - - COMPREPLY=() - cur=${COMP_WORDS[COMP_CWORD]} - prev=${COMP_WORDS[COMP_CWORD-1]} - cmd=${COMP_WORDS[0]} - - if [[ "${prev}" == "--servername" ]] ; then - local servers - servers=$(gvim --serverlist ) - COMPREPLY=( $( compgen -W "${servers}" -- $cur ) ) - - elif [[ "${prev}" == -[uUi] ]] ; then - COMPREPLY=( $( compgen -W "NONE" ) \ - $( compgen -f -X "!*vim*" -- "$cur" ) ) - - elif [[ "${cur}" == -* ]] ; then - args='-t -q -c -S --cmd -A -b -C -d -D -e -E -f --nofork \ - -F -g -h -H -i -L -l -m -M -N -n -nb -o -R -r -s \ - -T -u -U -V -v -w -W -x -X -y -Y -Z --echo-wid \ - --help --literal --noplugin --version' - COMPREPLY=( $( compgen -W "${args}" -- $cur ) ) - else - _filedir - fi -} - -complete -o filenames -F _vim vim ex vi view rvim rview vimdiff - -# vim: set ft=sh sw=4 et sts=4 : diff --git a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/metadata.xml b/sdk_container/src/third_party/coreos-overlay/app-editors/vim/metadata.xml deleted file mode 100644 index acc712bdb2..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/metadata.xml +++ /dev/null @@ -1,20 +0,0 @@ - - - - - vim@gentoo.org - Gentoo Vim Project - - - Enable cscope interface - Enable support for Scheme using dev-scheme/racket - Enable terminal emulation support - Install vimpager and vimmanpager links - Link console vim against X11 libraries to enable title and - clipboard features in xterm - - - cpe:/a:vim:vim - vim/vim - - diff --git a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/vim-8.2.0360-r1.ebuild b/sdk_container/src/third_party/coreos-overlay/app-editors/vim/vim-8.2.0360-r1.ebuild deleted file mode 100644 index ab80c36b35..0000000000 --- a/sdk_container/src/third_party/coreos-overlay/app-editors/vim/vim-8.2.0360-r1.ebuild +++ /dev/null @@ -1,321 +0,0 @@ -# Copyright 1999-2020 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=7 -VIM_VERSION="8.2" -PYTHON_COMPAT=( python3_{6,7} ) -PYTHON_REQ_USE="threads(+)" -USE_RUBY="ruby24 ruby25 ruby26 ruby27" - -inherit vim-doc flag-o-matic bash-completion-r1 python-single-r1 ruby-single desktop xdg-utils - -if [[ ${PV} == 9999* ]] ; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/vim/vim.git" -else - SRC_URI="https://github.com/vim/vim/archive/v${PV}.tar.gz -> ${P}.tar.gz - https://dev.gentoo.org/~radhermit/vim/vim-8.2.0210-gentoo-patches.tar.bz2" - KEYWORDS="~alpha amd64 arm arm64 ~hppa ~ia64 ~m68k ~mips ppc ppc64 ~riscv ~s390 sparc x86 ~ppc-aix ~x64-cygwin ~amd64-linux ~x86-linux ~ppc-macos ~x64-macos ~x86-macos ~m68k-mint ~sparc-solaris ~sparc64-solaris ~x64-solaris ~x86-solaris" -fi - -DESCRIPTION="Vim, an improved vi-style text editor" -HOMEPAGE="https://vim.sourceforge.io/ https://github.com/vim/vim" - -SLOT="0" -LICENSE="vim" -IUSE="X acl cscope debug gpm lua luajit minimal nls perl python racket ruby selinux sound tcl terminal vim-pager" -REQUIRED_USE=" - python? ( ${PYTHON_REQUIRED_USE} ) - vim-pager? ( !minimal ) -" - -RDEPEND=" - >=app-eselect/eselect-vi-1.1 - >=sys-libs/ncurses-5.2-r2:0= - nls? ( virtual/libintl ) - acl? ( kernel_linux? ( sys-apps/acl ) ) - cscope? ( dev-util/cscope ) - gpm? ( >=sys-libs/gpm-1.19.3 ) - lua? ( - luajit? ( dev-lang/luajit:2= ) - !luajit? ( dev-lang/lua:0[deprecated] ) - ) - !minimal? ( ~app-editors/vim-core-${PV} ) - vim-pager? ( app-editors/vim-core[-minimal] ) - perl? ( dev-lang/perl:= ) - python? ( ${PYTHON_DEPS} ) - racket? ( dev-scheme/racket ) - ruby? ( ${RUBY_DEPS} ) - selinux? ( sys-libs/libselinux ) - sound? ( media-libs/libcanberra ) - tcl? ( dev-lang/tcl:0= ) - X? ( x11-libs/libXt ) -" - -DEPEND=" - ${RDEPEND} - sys-devel/autoconf - nls? ( sys-devel/gettext ) -" - -pkg_setup() { - # people with broken alphabets run into trouble. bug 82186. - unset LANG LC_ALL - export LC_COLLATE="C" - - # Gnome sandbox silliness. bug #114475. - mkdir -p "${T}"/home || die "mkdir failed" - export HOME="${T}"/home - - use python && python-single-r1_pkg_setup -} - -src_prepare() { - if [[ ${PV} != 9999* ]] ; then - # Gentoo patches to fix runtime issues, cross-compile errors, etc - eapply "${WORKDIR}"/patches/ - fi - - # Fixup a script to use awk instead of nawk - sed -i -e \ - '1s|.*|#!'"${EPREFIX}"'/usr/bin/awk -f|' \ - "${S}"/runtime/tools/mve.awk || die "mve.awk sed failed" - - # Read vimrc and gvimrc from /etc/vim - echo '#define SYS_VIMRC_FILE "'${EPREFIX}'/etc/vim/vimrc"' \ - >> "${S}"/src/feature.h || die "echo failed" - echo '#define SYS_GVIMRC_FILE "'${EPREFIX}'/etc/vim/gvimrc"' \ - >> "${S}"/src/feature.h || die "echo failed" - - # Use exuberant ctags which installs as /usr/bin/exuberant-ctags. - # Hopefully this pattern won't break for a while at least. - # This fixes bug 29398 (27 Sep 2003 agriffis) - sed -i -e \ - 's/\> "$c" || die "echo failed" - done - - # conditionally make the manpager.sh script - if use vim-pager; then - cat > "${S}"/runtime/macros/manpager.sh <<-_EOF_ || die "cat EOF failed" - #!/bin/sh - sed -e 's/\x1B\[[[:digit:]]\+m//g' | col -b | \\ - vim \\ - -c 'let no_plugin_maps = 1' \\ - -c 'set nolist nomod ft=man ts=8' \\ - -c 'let g:showmarks_enable=0' \\ - -c 'runtime! macros/less.vim' - - _EOF_ - fi - - # Try to avoid sandbox problems. Bug #114475. - if [[ -d "${S}"/src/po ]]; then - sed -i -e \ - '/-S check.vim/s,..VIM.,ln -s $(VIM) testvim \; ./testvim -X,' \ - "${S}"/src/po/Makefile || die "sed failed" - fi - - cp -v "${S}"/src/config.mk.dist "${S}"/src/auto/config.mk || die "cp failed" - - sed -i -e \ - "s:\\\$(PERLLIB)/ExtUtils/xsubpp:${EPREFIX}/usr/bin/xsubpp:" \ - "${S}"/src/Makefile || die 'sed for ExtUtils-ParseXS failed' - - eapply_user -} - -src_configure() { - local myconf=() - - # Fix bug 37354: Disallow -funroll-all-loops on amd64 - # Bug 57859 suggests that we want to do this for all archs - filter-flags -funroll-all-loops - - # Fix bug 76331: -O3 causes problems, use -O2 instead. We'll do this for - # everyone since previous flag filtering bugs have turned out to affect - # multiple archs... - replace-flags -O3 -O2 - - # Fix bug 18245: Prevent "make" from the following chain: - # (1) Notice configure.ac is newer than auto/configure - # (2) Rebuild auto/configure - # (3) Notice auto/configure is newer than auto/config.mk - # (4) Run ./configure (with wrong args) to remake auto/config.mk - sed -i 's# auto/config\.mk:#:#' src/Makefile || die "Makefile sed failed" - rm src/auto/configure || die "rm failed" - emake -j1 -C src autoconf - - # This should fix a sandbox violation (see bug 24447). The hvc - # things are for ppc64, see bug 86433. - for file in /dev/pty/s* /dev/console /dev/hvc/* /dev/hvc*; do - if [[ -e "${file}" ]]; then - addwrite $file - fi - done - - if use minimal; then - myconf=( - --with-features=tiny - --disable-nls - --disable-canberra - --disable-acl - --enable-gui=no - --without-x - --disable-darwin - --disable-luainterp - --disable-perlinterp - --disable-pythoninterp - --disable-mzschemeinterp - --disable-rubyinterp - --disable-selinux - --disable-tclinterp - --disable-gpm - ) - else - use debug && append-flags "-DDEBUG" - - myconf=( - --with-features=huge - $(use_enable sound canberra) - $(use_enable acl) - $(use_enable cscope) - $(use_enable gpm) - $(use_enable lua luainterp) - $(usex lua "--with-lua-prefix=${EPREFIX}/usr" "") - $(use_with luajit) - $(use_enable nls) - $(use_enable perl perlinterp) - $(use_enable python python3interp) - $(use_with python python3-command $(type -P $(eselect python show --python3))) - $(use_enable racket mzschemeinterp) - $(use_enable ruby rubyinterp) - $(use_enable selinux) - $(use_enable tcl tclinterp) - $(use_enable terminal) - ) - - # --with-features=huge forces on cscope even if we --disable it. We need - # to sed this out to avoid screwiness. (1 Sep 2004 ciaranm) - if ! use cscope; then - sed -i -e \ - '/# define FEAT_CSCOPE/d' src/feature.h || die "sed failed" - fi - - # don't test USE=X here ... see bug #19115 - # but need to provide a way to link against X ... see bug #20093 - myconf+=( - --enable-gui=no - --disable-darwin - $(use_with X x) - ) - fi - - # let package manager strip binaries - export ac_cv_prog_STRIP="$(type -P true ) faking strip" - - # keep prefix env contained within the EPREFIX - use prefix && myconf+=( --without-local-dir ) - - econf \ - --with-modified-by=Gentoo-${PVR} \ - "${myconf[@]}" -} - -src_compile() { - # The following allows emake to be used - emake -j1 -C src auto/osdef.h objects - - emake -} - -src_test() { - einfo - einfo "Starting vim tests. Several error messages will be shown" - einfo "while the tests run. This is normal behaviour and does not" - einfo "indicate a fault." - einfo - ewarn "If the tests fail, your terminal may be left in a strange" - ewarn "state. Usually, running 'reset' will fix this." - einfo - - # Don't let vim talk to X - unset DISPLAY - - emake -j1 -C src/testdir nongui -} - -# Call eselect vi update with --if-unset -# to respect user's choice (bug 187449) -eselect_vi_update() { - einfo "Calling eselect vi update..." - eselect vi update --if-unset - eend $? -} - -src_install() { - local vimfiles=/usr/share/vim/vim${VIM_VERSION/.} - - # Note: Do not install symlinks for 'vi', 'ex', or 'view', as these are - # managed by eselect-vi - dobin src/vim - # Flatcar: disable vimdiff symlink if minimal - if ! use minimal ; then - dosym vim /usr/bin/vimdiff - fi - dosym vim /usr/bin/rvim - dosym vim /usr/bin/rview - if use vim-pager ; then - dosym ${vimfiles}/macros/less.sh /usr/bin/vimpager - dosym ${vimfiles}/macros/manpager.sh /usr/bin/vimmanpager - insinto ${vimfiles}/macros - doins runtime/macros/manpager.sh - fperms a+x ${vimfiles}/macros/manpager.sh - fi - - domenu runtime/vim.desktop - - newbashcomp "${FILESDIR}"/${PN}-completion ${PN} - - # keep in sync with 'complete ... -F' list - bashcomp_alias vim ex vi view rvim rview vimdiff -} - -pkg_postinst() { - # Update documentation tags (from vim-doc.eclass) - update_vim_helptags - - # Call eselect vi update - eselect_vi_update - - # update desktop file mime cache - xdg_desktop_database_update -} - -pkg_postrm() { - # Update documentation tags (from vim-doc.eclass) - update_vim_helptags - - # Call eselect vi update - eselect_vi_update - - # update desktop file mime cache - xdg_desktop_database_update -} From 223f17c66c5fa1bd036f78cd881f8dffb08cb076 Mon Sep 17 00:00:00 2001 From: Dongsu Park Date: Tue, 5 Oct 2021 11:02:11 +0200 Subject: [PATCH 2/2] profiles: accept keywords for vim/vim-core 8.2.3428 Now that we update vim to 8.2.3428, we need to accept keywords `~amd64` and `~arm64` for both vim and vim-core. --- .../profiles/coreos/base/package.accept_keywords | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords index ef8fc0df55..7f4e56aaad 100644 --- a/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords +++ b/sdk_container/src/third_party/coreos-overlay/profiles/coreos/base/package.accept_keywords @@ -109,3 +109,8 @@ dev-util/checkbashisms # already stabilised for both amd64 and arm64) until we move off from # python3.6. =sys-libs/talloc-2.3.2 ~amd64 ~arm64 + +# To address security issues like CVE-2021-3770, we need to acccept +# keywords for vim 8.2.3428. +=app-editors/vim-8.2.3428 ~amd64 ~arm64 +=app-editors/vim-core-8.2.3428 ~amd64 ~arm64