diff options
author | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 13:49:04 -0700 |
---|---|---|
committer | Robin H. Johnson <robbat2@gentoo.org> | 2015-08-08 17:38:18 -0700 |
commit | 56bd759df1d0c750a065b8c845e93d5dfa6b549d (patch) | |
tree | 3f91093cdb475e565ae857f1c5a7fd339e2d781e /dev-util/reviewboard | |
download | gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.gz gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.tar.bz2 gentoo-56bd759df1d0c750a065b8c845e93d5dfa6b549d.zip |
proj/gentoo: Initial commit
This commit represents a new era for Gentoo:
Storing the gentoo-x86 tree in Git, as converted from CVS.
This commit is the start of the NEW history.
Any historical data is intended to be grafted onto this point.
Creation process:
1. Take final CVS checkout snapshot
2. Remove ALL ChangeLog* files
3. Transform all Manifests to thin
4. Remove empty Manifests
5. Convert all stale $Header$/$Id$ CVS keywords to non-expanded Git $Id$
5.1. Do not touch files with -kb/-ko keyword flags.
Signed-off-by: Robin H. Johnson <robbat2@gentoo.org>
X-Thanks: Alec Warner <antarus@gentoo.org> - did the GSoC 2006 migration tests
X-Thanks: Robin H. Johnson <robbat2@gentoo.org> - infra guy, herding this project
X-Thanks: Nguyen Thai Ngoc Duy <pclouds@gentoo.org> - Former Gentoo developer, wrote Git features for the migration
X-Thanks: Brian Harring <ferringb@gentoo.org> - wrote much python to improve cvs2svn
X-Thanks: Rich Freeman <rich0@gentoo.org> - validation scripts
X-Thanks: Patrick Lauer <patrick@gentoo.org> - Gentoo dev, running new 2014 work in migration
X-Thanks: Michał Górny <mgorny@gentoo.org> - scripts, QA, nagging
X-Thanks: All of other Gentoo developers - many ideas and lots of paint on the bikeshed
Diffstat (limited to 'dev-util/reviewboard')
-rw-r--r-- | dev-util/reviewboard/Manifest | 1 | ||||
-rw-r--r-- | dev-util/reviewboard/files/1.7.28-docs.patch | 52 | ||||
-rw-r--r-- | dev-util/reviewboard/files/CVE-2013-2209-sec.patch | 74 | ||||
-rw-r--r-- | dev-util/reviewboard/metadata.xml | 13 | ||||
-rw-r--r-- | dev-util/reviewboard/reviewboard-1.7.28.ebuild | 121 |
5 files changed, 261 insertions, 0 deletions
diff --git a/dev-util/reviewboard/Manifest b/dev-util/reviewboard/Manifest new file mode 100644 index 000000000000..24ba9ecc6a2e --- /dev/null +++ b/dev-util/reviewboard/Manifest @@ -0,0 +1 @@ +DIST ReviewBoard-1.7.28.tar.gz 2957387 SHA256 69a976e69c1e805b23aa78f43fc1954599b7513dff1d1cfd0bafa6112a946931 SHA512 9e97b56b68da6c06f713d98c70dda321ea3fdf6f26986b4272fbb392c1c633f1ce44170bb515e8b685813b69a0ae8ada9f392b5e776793222dd25c3b7d4fa704 WHIRLPOOL 51a731117b9a84b9f8e1cd785511da516bf4d7216f7f08a8ba83d200af94a235d994d53c630b26f430d28f1ce4a7ca8a47d83b87c241bc4b1f5469f7668cc03d diff --git a/dev-util/reviewboard/files/1.7.28-docs.patch b/dev-util/reviewboard/files/1.7.28-docs.patch new file mode 100644 index 000000000000..99741d2e40d0 --- /dev/null +++ b/dev-util/reviewboard/files/1.7.28-docs.patch @@ -0,0 +1,52 @@ +Avoid un-needed downloading od object.infv files, fix conf.py for docs/manual +diff -ur ReviewBoard-1.7.7.1.orig/docs/codebase/conf.py ReviewBoard-1.7.7.1/docs/codebase/conf.py +--- docs/codebase/conf.py 2013-04-22 04:40:29.000000000 +0800 ++++ docs/codebase/conf.py 2013-06-16 15:35:59.639256650 +0800 +@@ -197,7 +197,3 @@ + + # If false, no module index is generated. + #latex_use_modindex = True +- +- +-# Example configuration for intersphinx: refer to the Python standard library. +-intersphinx_mapping = {'http://docs.python.org/dev': None} +diff -ur ReviewBoard-1.7.7.1.orig/docs/manual/conf.py ReviewBoard-1.7.7.1/docs/manual/conf.py +--- docs/manual/conf.py 2013-04-22 04:40:29.000000000 +0800 ++++ docs/manual/conf.py 2013-06-16 15:36:30.592256658 +0800 +@@ -30,9 +30,14 @@ + + import reviewboard + from reviewboard import settings ++from reviewboard.settings import EXTENSIONS_STATIC_ROOT, ROOT_URLCONF + from django.core.management import setup_environ ++from django import conf ++from settings_local import DATABASES ++conf.EXTENSIONS_STATIC_ROOT=EXTENSIONS_STATIC_ROOT ++conf.settings.DATABASES=DATABASES + setup_environ(settings) +- ++conf.settings.ROOT_URLCONF=ROOT_URLCONF + + # If your extensions are in another directory, add it here. If the directory + # is relative to the documentation root, use os.path.abspath to make it +@@ -223,7 +223,4 @@ + latex_show_pagerefs = True + + +-# Example configuration for intersphinx: refer to the Python standard library. +-intersphinx_mapping = {'http://docs.python.org/dev': None} +- + todo_include_todos = True +diff -ur +ReviewBoard-1.7.7.1.orig/docs/releasenotes/conf.py +ReviewBoard-1.7.7.1/docs/releasenotes/conf.py +--- docs/releasenotes/conf.py 2013-04-22 04:40:29.000000000 +0800 ++++ docs/releasenotes/conf.py 2013-06-16 15:36:53.119256665 +0800 +@@ -202,7 +202,3 @@ + + # If false, no module index is generated. + #latex_use_modindex = True +- +- +-# Example configuration for intersphinx: refer to the Python standard library. +-intersphinx_mapping = {'https://www.reviewboard.org/docs/manual/dev': None} diff --git a/dev-util/reviewboard/files/CVE-2013-2209-sec.patch b/dev-util/reviewboard/files/CVE-2013-2209-sec.patch new file mode 100644 index 000000000000..1b41c3c6f0d2 --- /dev/null +++ b/dev-util/reviewboard/files/CVE-2013-2209-sec.patch @@ -0,0 +1,74 @@ +From 4aaacbb1e628a80803ba1a55703db38fccdf7dbf Mon Sep 17 00:00:00 2001 +From: Christian Hammond <chipx86@chipx86.com> +Date: Fri, 21 Jun 2013 23:33:16 -0700 +Subject: [PATCH] Fix an XSS vulnerability in the reviews dropdown. + +The reviews dropdown had a bad vulnerability where it would assume the +user's full name is valid HTML. This allowed the user to craft a script +tag that would be executed every time the name appeared in the dropdown. + +This vulnerability exists in 1.6.x, 1.7.x, and the in-development 1.8. +There are no known attacks in the wild. + +This was reported by Craig Young at Tripwire. +#--- +# reviewboard/htdocs/media/rb/js/reviews.js | 6 ++++-- +# 1 file changed, 4 insertions(+), 2 deletions(-) + +#diff --git a/reviewboard/htdocs/media/rb/js/reviews.js b/reviewboard/htdocs/media/rb/js/reviews.js +#index 6340744..035872f 100644 +#--- a/reviewboard/htdocs/media/rb/js/reviews.js +#+++ b/reviewboard/htdocs/media/rb/js/reviews.js +#@@ -352,10 +352,12 @@ $.fn.reviewsAutoComplete = function(options) { +# $(this) +# .autocomplete({ +# formatItem: function(data) { +#- var s = data[options.nameKey]; +#+ var s = data[options.nameKey], +#+ desc; +# +# if (options.descKey) { +#- s += " <span>(" + data[options.descKey] + ")</span>"; +#+ desc = $('<div/>').text(data[options.descKey]).html(); +#+ s += " <span>(" + desc + ")</span>"; +# } +# + # return s; +#-- +#1.8.1.6 +diff -ur ReviewBoard-1.7.7.1.orig/reviewboard/htdocs/static/rb/js/reviews.js ReviewBoard-1.7.7.1/reviewboard/htdocs/static/rb/js/reviews.js +--- reviewboard/htdocs/static/rb/js/reviews.js 2013-04-22 04:40:30.000000000 +0800 ++++ reviewboard/htdocs/static/rb/js/reviews.js 2013-06-28 10:38:29.514298074 +0800 +@@ -257,10 +257,12 @@ + $(this) + .rbautocomplete({ + formatItem: function(data) { +- var s = data[options.nameKey]; ++ var s = data[options.nameKey], ++ desc; + + if (options.descKey && data[options.descKey]) { +- s += " <span>(" + data[options.descKey] + ")</span>"; ++ desc = $('<div/>').text(data[options.descKey]).html(); ++ s += " <span>(" + desc + ")</span>"; + } + + return s; +diff -ur ReviewBoard-1.7.7.1.orig/reviewboard/static/rb/js/reviews.js ReviewBoard-1.7.7.1/reviewboard/static/rb/js/reviews.js +--- reviewboard/static/rb/js/reviews.js 2013-04-22 04:40:29.000000000 +0800 ++++ reviewboard/static/rb/js/reviews.js 2013-06-28 10:40:09.922290974 +0800 +@@ -257,10 +257,12 @@ + $(this) + .rbautocomplete({ + formatItem: function(data) { +- var s = data[options.nameKey]; ++ var s = data[options.nameKey], ++ desc; + + if (options.descKey && data[options.descKey]) { +- s += " <span>(" + data[options.descKey] + ")</span>"; ++ desc = $('<div/>').text(data[options.descKey]).html(); ++ s += " <span>(" + desc + ")</span>"; + } + + return s; diff --git a/dev-util/reviewboard/metadata.xml b/dev-util/reviewboard/metadata.xml new file mode 100644 index 000000000000..d43f04946811 --- /dev/null +++ b/dev-util/reviewboard/metadata.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE pkgmetadata SYSTEM "http://www.gentoo.org/dtd/metadata.dtd"> +<pkgmetadata> + <maintainer> + <email>idella4@gentoo.org</email> + <name>Ian Delaney</name> + </maintainer> + <use> + <flag name='codebase'>Enables a build of the docs/codebase folder</flag> + <flag name='manual'>Enables a build of the docs/manual folder</flag> + <flag name='rnotes'>Enables a doc build of the release notes</flag> + </use> +</pkgmetadata> diff --git a/dev-util/reviewboard/reviewboard-1.7.28.ebuild b/dev-util/reviewboard/reviewboard-1.7.28.ebuild new file mode 100644 index 000000000000..46de4a34d629 --- /dev/null +++ b/dev-util/reviewboard/reviewboard-1.7.28.ebuild @@ -0,0 +1,121 @@ +# Copyright 1999-2014 Gentoo Foundation +# Distributed under the terms of the GNU General Public License v2 +# $Id$ + +EAPI=5 +PYTHON_COMPAT=( python2_7 ) +PYTHON_REQ_USE="sqlite" + +inherit distutils-r1 + +MY_PN="ReviewBoard" +DESCRIPTION="A web-based code review tool that offers developers an easy way to handle code reviews" +HOMEPAGE="http://www.reviewboard.org/" +SRC_URI="http://downloads.reviewboard.org/releases/${MY_PN}/1.7/${MY_PN}-${PV}.tar.gz" +KEYWORDS="~amd64 ~x86" +IUSE="codebase doc manual rnotes test" + +LICENSE="MIT" +SLOT="0" +S=${WORKDIR}/${MY_PN}-${PV} + +RDEPEND=">=dev-python/django-1.4.14[${PYTHON_USEDEP},sqlite] + <dev-python/django-1.5[${PYTHON_USEDEP},sqlite] + >=dev-python/django-evolution-0.6.9[${PYTHON_USEDEP}] + <dev-python/django-evolution-0.7[${PYTHON_USEDEP}] + >=dev-python/django-pipeline-1.2.24[${PYTHON_USEDEP}] + >=dev-python/Djblets-0.7.31[${PYTHON_USEDEP}] + <dev-python/Djblets-0.8[${PYTHON_USEDEP}] + >=dev-python/pygments-1.5[${PYTHON_USEDEP}] + dev-python/docutils[${PYTHON_USEDEP}] + >=dev-python/markdown-2.2.1[${PYTHON_USEDEP}] + >=dev-python/paramiko-1.9.0[${PYTHON_USEDEP}] + >=dev-python/mimeparse-0.1.3[${PYTHON_USEDEP}] + dev-python/python-dateutil[${PYTHON_USEDEP}] + dev-python/python-memcached[${PYTHON_USEDEP}] + >=dev-python/pytz-2012h[${PYTHON_USEDEP}] + dev-python/recaptcha-client[${PYTHON_USEDEP}]" +DEPEND="${RDEPEND} + dev-python/setuptools[${PYTHON_USEDEP}] + test? ( dev-python/nose[${PYTHON_USEDEP}] ) + doc? ( dev-python/sphinx[${PYTHON_USEDEP}] )" + +REQUIRED_USE="doc? ( || ( codebase manual rnotes ) )" +# Tests mostly access the inet and when run mostly fail +RESTRICT=test + +PATCHES=( "${FILESDIR}"/${PV}-docs.patch ) + +python_prepare_all() { + # Running uglify is a problem right now, so skip this step. Rather + # have newer versions that compacted javascript. + sed -e "s/'pipeline.compressors.uglifyjs.UglifyJSCompressor'/None/" -i reviewboard/settings.py || die + + # https://github.com/reviewboard/reviewboard/commit/b1b8867deb7cd857003d8abbf16e85897b0cb4bf + # # The version bordering of python-dateutil is long out of date and wrong since end of March 2012! + sed -e 's:==1.5:>=1.5:' -i setup.py || die + + distutils-r1_python_prepare_all +} + +python_compile_all() { + # See http://code.google.com/p/reviewboard/issues/ #3009 + # until build of manual can find and use ROOT_URLCONF, only possible build path for manual + # requires sacrificing the resources section, all of which call on ROOT_URLCONF + local msg="Generating docs for" + if use doc; then + if use manual; then + rm -rf docs/manual/webapi//2.0/resources/ || die + einfo;einfo "$msg manual" + DJANGO_SETTINGS_MODULE="django.conf" emake -C docs/manual html + fi + + if use codebase; then + pushd docs/codebase &> /dev/null + ln -sf ../../contrib/internal/conf/settings_local.py . + popd &> /dev/null + einfo;einfo "$msg codebase" + emake -C docs/codebase html + fi + + if use rnotes; then + einfo;einfo "$msg release notes" + emake -C docs/releasenotes html + fi + fi +} + +python_test() { + pushd ${PN} > /dev/null + ln -sf contrib/internal/conf/settings_local.py . + "${PYTHON}" manage.py test || die +} + +python_install_all() { + if use doc; then + if use manual; then + insinto /usr/share/doc/${PF}/manual + doins -r docs/manual/_build/html/ + fi + if use codebase; then + insinto /usr/share/doc/${PF}/codebase + doins -r docs/codebase/_build/html/ + fi + if use rnotes; then + insinto /usr/share/doc/${PF}/release_notes + doins -r docs/releasenotes/_build/html/ + fi + fi + distutils-r1_python_install_all +} + +pkg_postinst() { + elog "You must install any VCS tool you wish ${PN} to support." + elog "dev-util/cvs, dev-vcs/git, dev-vcs/mercurial or dev-util/subversion." + elog + elog "Enable the mysql, postgres or sqlite USEflag on dev-python/django" + elog "to use the corresponding database backend." + elog + elog "For speed and responsiveness, consider installing net-misc/memcached" + elog "and dev-python/python-memcached" +} |