Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[backport] gitea: 1.3.3 -> 1.4.3 (security + bug fixes) #44005

Merged
merged 5 commits into from Jul 23, 2018
Merged

[backport] gitea: 1.3.3 -> 1.4.3 (security + bug fixes) #44005

merged 5 commits into from Jul 23, 2018

Conversation

Mic92
Copy link
Member

@Mic92 Mic92 commented Jul 23, 2018
edited

Motivation for this change

follow up of #43957 and #43997

Apparently every release also fixed a bunch of security issues that are currently not-patched in stable.
Therefore I backported them all together to stable. I am not a user of gitea, therefore please review: @danieldk @yrashk @etu

Things done
  • Tested using sandboxing (nix.useSandbox on NixOS, or option sandbox in nix.conf on non-NixOS)
  • Built on platform(s)
    • NixOS
    • macOS
    • other Linux distributions
  • Tested via one or more NixOS test(s) if existing and applicable for the change (look inside nixos/tests)
  • Tested compilation of all pkgs that depend on this change using nix-shell -p nox --run "nox-review wip"
  • Tested execution of all binary files (usually in ./result/bin/)
  • Determined the impact on package closure size (by running nix path-info -S before and after)
  • Fits CONTRIBUTING.md.

sondr3 and others added 5 commits July 23, 2018 11:41
@sondr3 @Mic92
gitea: 1.3.3 -> 1.4.0
1b7d856 
(cherry picked from commit a73cdc7)
@zimbatm @Mic92
gitea: 1.4.0 -> 1.4.1
36472c1 
(cherry picked from commit 716d877)
@Gerschtli @Mic92
nixos/gitea: fix pre start script
42c35de 
The hooks directory contains now one level deep subdirectories which
need to be updated as well.
If you use gitea via ssh, ~/.ssh/authorized_keys also needs to be
updated because of the hardcoded path to gitea in the "command" option.

(cherry picked from commit 28c20a4)
@etu @Mic92
gitea: 1.4.1 -> 1.4.2
d1d8c12 
Not much of a changelog: https://github.com/go-gitea/gitea/releases/tag/v1.4.2

(cherry picked from commit 106bde4)
@danieldk @Mic92
gitea: 1.4.2 -> 1.4.3
e850302 
(cherry picked from commit 8b695a7)
@GrahamcOfBorg
Copy link

Success on x86_64-darwin (full log)

Attempted: gitea

Partial log (click to expand)

/private/tmp/nix-build-gitea-1.4.3.drv-0
post-installation fixup
strip is /nix/store/q4mjflkrrpvajlawjngyr0d1bhpyb5ij-cctools-binutils-darwin/bin/strip
stripping (with command strip and flags -S) in /nix/store/by38v6jkkfb55xj9a9q9y0win9rlwni1-gitea-1.4.3-bin/bin
patching script interpreter paths in /nix/store/by38v6jkkfb55xj9a9q9y0win9rlwni1-gitea-1.4.3-bin
strip is /nix/store/q4mjflkrrpvajlawjngyr0d1bhpyb5ij-cctools-binutils-darwin/bin/strip
patching script interpreter paths in /nix/store/ibl6hdpvbc4md2m02whaxxl519281pi7-gitea-1.4.3
strip is /nix/store/q4mjflkrrpvajlawjngyr0d1bhpyb5ij-cctools-binutils-darwin/bin/strip
patching script interpreter paths in /nix/store/63mz27siza64nq9rp8q6lp67a58i0dz2-gitea-1.4.3-data
/nix/store/by38v6jkkfb55xj9a9q9y0win9rlwni1-gitea-1.4.3-bin

@GrahamcOfBorg
Copy link

Failure on aarch64-linux (full log)

Attempted: gitea

Partial log (click to expand)

code.gitea.io/gitea/vendor/github.com/go-macaron/csrf
code.gitea.io/gitea/modules/validation
code.gitea.io/gitea/modules/setting
code.gitea.io/gitea/modules/util
code.gitea.io/gitea/modules/cache
code.gitea.io/gitea/modules/highlight
code.gitea.io/gitea/modules/options
code.gitea.io/gitea/modules/base
builder for '/nix/store/791kzjv7m4gxq4gzwcxa4nyzljf0q4jp-gitea-1.4.3.drv' failed with exit code 30
error: build of '/nix/store/791kzjv7m4gxq4gzwcxa4nyzljf0q4jp-gitea-1.4.3.drv' failed

@GrahamcOfBorg
Copy link

Success on x86_64-linux (full log)

Attempted: gitea

Partial log (click to expand)

checking for references to /build in /nix/store/9ycw67lapjj2mi19izy372a92pxnwpa5-gitea-1.4.3-bin...
shrinking RPATHs of ELF executables and libraries in /nix/store/v8dz59rk5i9q2xbdzawfrcxccy35y3zc-gitea-1.4.3
strip is /nix/store/k8b9hqv58dd1z0j4ikak24ykndcm91s6-binutils-2.28.1/bin/strip
patching script interpreter paths in /nix/store/v8dz59rk5i9q2xbdzawfrcxccy35y3zc-gitea-1.4.3
checking for references to /build in /nix/store/v8dz59rk5i9q2xbdzawfrcxccy35y3zc-gitea-1.4.3...
shrinking RPATHs of ELF executables and libraries in /nix/store/da3iwda0wc2iwbhmc2ydp3hnwil5w3v8-gitea-1.4.3-data
strip is /nix/store/k8b9hqv58dd1z0j4ikak24ykndcm91s6-binutils-2.28.1/bin/strip
patching script interpreter paths in /nix/store/da3iwda0wc2iwbhmc2ydp3hnwil5w3v8-gitea-1.4.3-data
checking for references to /build in /nix/store/da3iwda0wc2iwbhmc2ydp3hnwil5w3v8-gitea-1.4.3-data...
/nix/store/9ycw67lapjj2mi19izy372a92pxnwpa5-gitea-1.4.3-bin

@danieldk
Copy link
Contributor

Builds and deploys without issues on my gitea test server.

(Though, that was running 1.4.3 already, so I didn't test a migration from 1.3.3.)

@Mic92 Mic92 merged commit bd834a5 into NixOS:release-18.03 Jul 23, 2018
@Mic92 Mic92 deleted the gitea-backport branch July 23, 2018 11:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
6.topic: nixos 8.has: module (update) 10.rebuild-darwin: 1-10 10.rebuild-linux: 1-10
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@Mic92 @GrahamcOfBorg @danieldk @sondr3 @zimbatm @Gerschtli @etu