| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
The exclusion was added in 9febbf3 (disable automatic compilation of
*.py files outside of python sitelib, 2018-06-15). Since that time, no
supported Fedora releases need it and the only EL release which does is
EL7. Update the comment to reflect this and only use %exclude on EL7.
|
|
|
|
|
| |
This macro is no longer needed (nor wanted) in Fedora. It is not
present in EL7/EL8. Remove it.
|
|
|
|
| |
EL6 has been EOL since November 2020.
|
|
|
|
|
|
|
| |
Replace a number of `EL > 7` with `EL >= 8` to make the intention
clearer. The next version of RHEL is no longer shrouded in mystery.
Move the httpd_filesystem bcond into the block for Fedora && EL8+.
|
|
|
|
|
|
|
| |
We preserve timestamps when running COPYTREE. Do so when running
INSTALL as well, to better respect the Packaging Guidelines¹.
¹ https://docs.fedoraproject.org/en-US/packaging-guidelines/#_timestamps
|
|
|
|
|
|
|
|
|
|
|
| |
The macro is now available for all supported Fedora and EPEL releases.
(It is presumed that EL-9 will include %{gpgverify} as it will be
branched from F-34. If that turns out to be false, we will adjust
later.)
The Packaging Guidelines require the use of the %{gpgverify} macro:
https://docs.fedoraproject.org/en-US/packaging-guidelines/#_verifying_signatures
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
As explained in 50e6f6e (update Junio's GPG key (with extended
expiration), 2021-01-27) in the git package¹, the key used to sign git
releases expired in July 2020. While this doesn't strictly affect us
because we use gpgv to verify the releases against a known key file, it
is worth updating to make it clear that we're using the correct signing
key.
Here is a diff of the key file before and after the update:
$ diff -u <(gpg gpgkey-96E07AF25771955980DAD10020D04E5A713660A7.asc~ 2>/dev/null) \
<(gpg gpgkey-96E07AF25771955980DAD10020D04E5A713660A7.asc 2>/dev/null)
--- /dev/fd/63 2021-06-05 15:40:47.398256869 -0400
+++ /dev/fd/62 2021-06-05 15:40:47.399256908 -0400
@@ -3,6 +3,6 @@
uid Junio C Hamano <gitster@pobox.com>
uid Junio C Hamano <junio@pobox.com>
uid Junio C Hamano <jch@google.com>
-sub rsa4096/B0B5E88696AFE6CB 2011-10-03 [S] [expired: 2020-07-26]
+sub rsa4096/B0B5E88696AFE6CB 2011-10-03 [S] [expires: 2028-01-11]
sub rsa4096/86B76D5D833262C4 2011-10-01 [E]
-sub rsa4096/7594EEC7B3F7CAC9 2014-09-20 [S] [expired: 2020-07-26]
+sub rsa4096/7594EEC7B3F7CAC9 2014-09-20 [S] [expires: 2028-01-11]
A thread on the git list is where the question was raised and Junio
confirmed he'd extended the expiration of his signing key².
¹ https://src.fedoraproject.org/rpms/git/c/50e6f6e
² https://lore.kernel.org/git/B6DFB74D-A722-4DBD-A4B2-562604B21CCB@alchemists.io/T/#u
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The key used to sign the cgit releases had its expiration date extended
a few months back. Pull the updated key from Jason Donenfeld's web
site¹.
Here is a diff of the key file before and after the update:
$ diff -u <(gpg gpgkey-AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.asc~ 2>/dev/null) \
<(gpg gpgkey-AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.asc 2>/dev/null)
--- /dev/fd/63 2021-06-05 15:43:30.494570491 -0400
+++ /dev/fd/62 2021-06-05 15:43:30.495570529 -0400
@@ -1,4 +1,4 @@
-pub rsa4096/49FC7012A5DE03AE 2011-01-15 [SC] [expired: 2021-02-02]
+pub rsa4096/49FC7012A5DE03AE 2011-01-15 [SC] [expires: 2022-02-11]
AB9942E6D4A4CFC3412620A749FC7012A5DE03AE
uid Jason A. Donenfeld <Jason@zx2c4.com>
-sub rsa4096/D4F7A95DFB1EFB7F 2011-01-15 [E] [expired: 2021-02-02]
+sub rsa4096/D4F7A95DFB1EFB7F 2011-01-15 [E] [expires: 2022-02-11]
While here, fix a missing space in the comment which includes the URL to
this key in the spec file.
¹ https://www.zx2c4.com/keys/AB9942E6D4A4CFC3412620A749FC7012A5DE03AE.asc
|
|
|
|
|
|
|
|
|
|
|
|
| |
We don't want any of the git code which requires expat, perl, python, or
tcl/tk to be built. Set the corresponding NO_* make variables.
This ensures that even if git can find these tools in the buildroot, it
won't use them. For example, we have perl in the buildroot because it's
used in the test suite, but we don't want to build any of git's perl
tools.
If nothing else, this should slightly improve the build time.
|
|
|
|
|
|
| |
Having the output of the Makefile configuration for cgit and git in the
buld logs is useful. It aids in debugging and allows easier
verification of the options used for building the code.
|
|
|
|
| |
The patch has been accepted. Use the upstream URL as the patch source.
|
|
|
|
|
|
|
|
|
|
|
| |
The tar --zstd option was added in GNU tar-1.32 (2019-02-23). Supported
EPEL releases lack support for this option.
Avoid the requirement on any specific implementations or versions of tar
by piping decompressed output to tar. This is compatible with older GNU
tar releases as well as tar implementations from other vendors. (It may
also be a slight benefit that this more closely matches what the
snapshot creation code does.)
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
| |
|
| |
|
|
|
|
|
|
|
| |
Add BuildRequires for tests of various compression tools.
Release notes:
https://lists.zx2c4.com/pipermail/cgit/2020-March/004480.html
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
|
|
|
|
| |
The highlight package is only available in EL7+ on ppc64le and x86_64.
Exclude all other architectures for EL7 and EL8.
|
|
|
|
|
| |
Release notes:
https://lists.zx2c4.com/pipermail/cgit/2020-January/004455.html
|
|
|
|
|
| |
The git build needs zlib-devel. It was previously pulled into the build
root by something else, so it's absence in cgit went unnoticed.
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
|
|
|
|
|
|
|
| |
Automate verification for both cgit and git tarballs. This is one less
manual step for maintainers when updating a package.
The GPG key for git should generally be copied from the git package:
https://src.fedoraproject.org/rpms/git/raw/master/f/gpgkey-junio.asc
|
|
|
|
|
|
|
| |
The .build*.log files are no longer created by fedpkg.
We moved to xz-compressed tarballs of git in f017a6c ("Update to 0.10.2.
Fixes bug #1114970", 2014-07-01).
|
|
|
|
|
|
|
|
| |
Now that the bundled git is > 2.13.0 we can drop the BLK_SHA1 make
variable¹. The git default is now DC_SHA1 which provides collision
detection to help protect against the SHATTERED attack.
¹ As noted in bb6278b ("avoid libcrypto.so requires", 2018-06-16)
|
|
|
|
|
|
| |
References:
https://lists.zx2c4.com/pipermail/cgit/2018-August/004176.html
https://git.zx2c4.com/cgit/commit/?id=53efaf30b
|
|
|
|
|
|
|
|
|
|
| |
Add a number of settings from the example cgitrc file section of the
documentation. Update the config to reflect the default values, leaving
them commented.
Several settings which previously overrode the cgit defaults no longer
do so. Those settings are: enable-commit-graph, enable-index-links,
enable-log-filecount, enable-log-linecount, and max-stats.
|
|
|
|
|
| |
The agefile setting is often used in combination with a post-receive
hook. An example hook is included in contrib/hooks.
|
|
|
|
| |
Remove extra '/' from git source URL.
|
|
|
|
| |
Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>
|
|
|
|
| |
Run the test suite by default to help avoid shipping broken packages.
|
|
|
|
|
|
|
|
| |
Enable the builtin BLK_SHA1 support in git to avoid the dependency on
libcrypto.so. When cgit is updated to work with git >= 2.13.0 we can
drop this, as the default SHA1 library was changed to DC_SHA1.
The openssl-devel build dependency is still needed.
|
| |
|
|
|
|
|
| |
Centralize the various conditionals needed to support systems which lack
an httpd-filesystem package. Add support for RHEL > 7.
|
|
|
|
|
| |
All supported releases use the same selinux context (git_sys_content_t).
Update README.SELinux and install it as-is.
|
| |
|
|
|
|
| |
All supported releases use libcurl-devel.
|
| |
|
|
|
|
|
| |
Apply the highlight v3 patch unconditionally and drop a crufty comment
regarding el5.
|
|
|
|
|
|
|
| |
The *.py files in cgit are not importable python modules. Add %excludes
to avoid packaging these files on Fedora < 29 and RHEL < 8.
https://fedoraproject.org/wiki/Changes/No_more_automagic_Python_bytecompilation
|
| |
|
|
|
|
|
|
| |
This fixes the generated dependencies, pulling in python3. The filters
are not strictly required and perhaps should be split into a subpackage
or installed as example scripts.
|
|
|
|
|
| |
The DESTDIR and INSTALL vars are already set by %make_install. Set
COPYTREE to preserve timestamps when copying the filters during install.
|
| |
|
|
|
|
|
|
|
| |
The guidelines require all required packages to be explicitly listed.
Additionally, a proposed change for Fedora 29 removes gcc from the
default BuildRoot.
|
|
|
|
| |
No supported releases of Fedora or EPEL require this cleanup.
|
|
|
|
|
|
|
| |
Both cgit and git Makefiles allow build options to be set via a file.
Use it and drop the %make_cgit macro.
Use the %make_build and %make_install macros as well.
|
|
|
|
| |
Support for el5 has been gone since March 2017. Clean up the cruft.
|
|
|
|
|
|
|
|
|
|
| |
When updating/rebuilding from the spec file, we can be a little more
secure in downloading the sources via https.
It would be nice to check GPG signatures for the tarballs, but upstream
cgit does not provide such signatures (they sign the git tag, but that
doesn't help us here). We _could_ check the git tarball signature,
borrowing the code from the %prep section of the git spec file.
|