[SCM] Debian packaging of libtest-compile-perl branch, master, updated. upstream/0.14-50-gb529266
Nicholas Bamber
nicholas at periapt.co.uk
Sun Feb 19 10:43:43 UTC 2012
The following commit has been merged in the master branch:
commit b529266ab324a76d35bb119b338795e94947c1e6
Author: Nicholas Bamber <nicholas at periapt.co.uk>
Date: Sun Feb 19 10:43:30 2012 +0000
* New upstream release.
* Rebuilt patches as upstream code has changed substantially
diff --git a/debian/changelog b/debian/changelog
index eae5420..a072f87 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,17 +1,13 @@
libtest-compile-perl (0.15-1) UNRELEASED; urgency=low
- TODO:
- check patches (they don't apply, and I'm not sure I understand them good
- enough to do something about them)
-
[ gregor herrmann ]
- * New upstream release.
* debian/copyright: update upstream and packaging copyright years,
remove information about removed third-party files.
* Remove build dependency on liburi-perl.
[ Nicholas Bamber ]
- * TBD
+ * New upstream release.
+ * Rebuilt patches as upstream code has changed substantially
-- Nicholas Bamber <nicholas at periapt.co.uk> Sat, 18 Feb 2012 11:59:35 +0000
diff --git a/debian/copyright b/debian/copyright
index 5596c1c..ab180a1 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -13,7 +13,7 @@ Files: debian/*
Copyright: 2009, Damyan Ivanov <dmn at debian.org>
2009-2010, Jonathan Yu <jawnsy at cpan.org>
2010, Ryan Niebur <ryan at debian.org>
- 2011, Nicholas Bamber <nicholas at periapt.co.uk>
+ 2011-2012, Nicholas Bamber <nicholas at periapt.co.uk>
2012, gregor herrmann <gregoa at debian.org>
License: GPL-1+ or Artistic
diff --git a/debian/patches/lib.patch b/debian/patches/lib.patch
index 72a5a9a..aa774ca 100644
--- a/debian/patches/lib.patch
+++ b/debian/patches/lib.patch
@@ -1,7 +1,14 @@
Author: Nicholas Bamber <nicholas at periapt.co.uk>
Subject: need to provide path to libraries of distribution
+ Imagine you have a distrubution consisting of a script and at least
+ one module. You want to test that the script compiles using this
+ module. However older versions of your module are already installed.
+ It is important that we pull in the current version of the modules
+ not the already released versions. The upstream code does not
+ take care of this at all. This patch also provides a test.
Bug: http://rt.cpan.org/Ticket/Display.html?id=72557
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649332
+Last-Update: 2012-02-18
--- /dev/null
+++ b/t/scripts/lib.pl
@@ -0,0 +1,13 @@
@@ -30,12 +37,28 @@ Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649332
+
--- a/lib/Test/Compile.pm
+++ b/lib/Test/Compile.pm
-@@ -72,7 +72,7 @@
- return;
- }
- my $taint = _is_in_taint_mode($file);
-- my $out = `$^X -cw$taint $file 2>&1`;
-+ my $out = `$^X -cw$taint -Iblib/lib $file 2>&1`;
- if ($?) {
- $Test->ok(0, 'Script does not compile');
- $Test->diag($out);
+@@ -139,6 +139,7 @@
+ } else {
+ my @perl5lib = split(':', ($ENV{PERL5LIB}||""));
+ my $taint = _is_in_taint_mode($file);
++ unshift @perl5lib, 'blib/lib';
+ system($^X, (map { "-I$_" } @perl5lib), "-c$taint", $file);
+ return ($? ? 0 : 1);
+ }
+--- a/t/10-find-files.t
++++ b/t/10-find-files.t
+@@ -13,10 +13,11 @@
+ my @files = sort (all_pl_files('t/scripts'));
+
+ # THEN
+- is(scalar @files,3,"Found correct number of scripts");
++ is(scalar @files,4,"Found correct number of scripts");
+ like($files[0],qr/failure.pl/,"Found the failure script");
+- like($files[1],qr/success.pl/,"Found the success script");
+- like($files[2],qr/taint.pl/,"Found the tainted script");
++ like($files[1],qr/lib.pl/,"Found the lib script");
++ like($files[2],qr/success.pl/,"Found the success script");
++ like($files[3],qr/taint.pl/,"Found the tainted script");
+ }
+
+ sub test_all_pm_files {
diff --git a/debian/patches/man.patch b/debian/patches/man.patch
new file mode 100644
index 0000000..32ec8c8
--- /dev/null
+++ b/debian/patches/man.patch
@@ -0,0 +1,20 @@
+Author: Nicholas Bamber <nicholas at periapt.co.uk>
+Subject: Man page
+ We have made substantial changes to the upstream code and so the user is warned.
+Forwarded: not-needed
+Last-Update: 2012-02-19
+--- a/lib/Test/Compile.pm
++++ b/lib/Test/Compile.pm
+@@ -354,6 +354,12 @@
+
+ =back
+
++=head1 Debian changes
++
++The Debian version takes care to ensure that taint mode is respected and
++that the co-packaged version of any modules are used rather than those
++already installed. These changes are transparent and backwards compatible.
++
+ =head1 AUTHORS
+
+ Sagar R. Shah C<< <srshah at cpan.org> >>,
diff --git a/debian/patches/series b/debian/patches/series
index 8364656..46d6ad3 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
taint.patch
lib.patch
+man.patch
diff --git a/debian/patches/taint.patch b/debian/patches/taint.patch
index 853dac0..2e33426 100644
--- a/debian/patches/taint.patch
+++ b/debian/patches/taint.patch
@@ -1,14 +1,19 @@
Author: Nicholas Bamber <nicholas at periapt.co.uk>
Subject: taint mode not respected
-Last-Update: 2011-11-19
+ If the -T argument is passed on the command line to the perl executable,
+ it will turn on "taint" treating all input as suspect until checked,
+ and dieing if the scripts attempts to output tainted data. Using taint
+ mode is considered good practice for sensitive programs that could
+ possibly be run by untrusted users. If the -T argument is used in the
+ shebang line of the script, then it needs to be passed when the script is
+ invoked - otherwise the script will fail to compile. Thus it is quite
+ important that this module pass the -T flag when required. We also provide
+ a test script to verify the extra functionality. There is also a -t argument
+ which warns rather than dies.
+Last-Update: 2012-02-18
Bug-Debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=649301
Bug: https://rt.cpan.org/Public/Bug/Display.html?id=55837
--- /dev/null
-+++ b/t/scripts/taint.pl
-@@ -0,0 +1,2 @@
-+#!/usr/bin/perl -T
-+sleep 1;
---- /dev/null
+++ b/t/10_taint.t
@@ -0,0 +1,7 @@
+#!perl -w
@@ -20,17 +25,17 @@ Bug: https://rt.cpan.org/Public/Bug/Display.html?id=55837
+
--- a/lib/Test/Compile.pm
+++ b/lib/Test/Compile.pm
-@@ -71,7 +71,8 @@
- $Test->diag("$file does not exist");
- return;
+@@ -138,7 +138,8 @@
+ return ($@ ? 0 : 1);
+ } else {
+ my @perl5lib = split(':', ($ENV{PERL5LIB}||""));
+- system($^X, (map { "-I$_" } @perl5lib), '-c', $file);
++ my $taint = _is_in_taint_mode($file);
++ system($^X, (map { "-I$_" } @perl5lib), "-c$taint", $file);
+ return ($? ? 0 : 1);
+ }
}
-- my $out = `$^X -cw $file 2>&1`;
-+ my $taint = _is_in_taint_mode($file);
-+ my $out = `$^X -cw$taint $file 2>&1`;
- if ($?) {
- $Test->ok(0, 'Script does not compile');
- $Test->diag($out);
-@@ -169,6 +170,19 @@
+@@ -177,6 +178,19 @@
return 'script' if -e 'script';
return 'bin' if -e 'bin';
}
@@ -40,7 +45,7 @@ Bug: https://rt.cpan.org/Public/Bug/Display.html?id=55837
+ open(FILE, $file) or die "could not open $file";
+ my $shebang = <FILE>;
+ my $taint = "";
-+ if ($shebang =~ /^#![\/\w]+\s+\-w?(T)/) {
++ if ($shebang =~ /^#![\/\w]+\s+\-w?([tT])/) {
+ $taint = $1;
+ }
+ close FILE;
--
Debian packaging of libtest-compile-perl
More information about the Pkg-perl-cvs-commits
mailing list