Skip to content

Commit

Permalink
Merge pull request #2457 from sparklemotion/flavorjones-libxml-2.9.13…
Browse files Browse the repository at this point in the history
…-v1.13.x

upgrade to libxml 2.9.13 and libxslt 1.1.35 (branch v1.13.x)
  • Loading branch information
flavorjones authored Feb 20, 2022
2 parents e18da00 + 379f757 commit 4729133
Show file tree
Hide file tree
Showing 16 changed files with 4,965 additions and 3,985 deletions.
3 changes: 1 addition & 2 deletions .github/workflows/ci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -244,12 +244,11 @@ jobs:
- uses: actions/checkout@v2
with:
submodules: true
- uses: MSP-Greg/setup-ruby-pkgs@win-ucrt-2
- uses: MSP-Greg/setup-ruby-pkgs@v1
with:
ruby-version: "${{matrix.ruby}}"
mingw: "libxml2 libxslt"
bundler-cache: true
setup-ruby-ref: MSP-Greg/ruby-setup-ruby/win-ucrt-1
- uses: actions/cache@v2
if: matrix.sys == 'disable'
with:
Expand Down
6 changes: 2 additions & 4 deletions .github/workflows/gem-install.yml
Original file line number Diff line number Diff line change
Expand Up @@ -113,11 +113,10 @@ jobs:
- uses: actions/checkout@v2
with:
submodules: true
- uses: MSP-Greg/setup-ruby-pkgs@win-ucrt-2
- uses: MSP-Greg/setup-ruby-pkgs@v1
with:
ruby-version: "3.1"
mingw: "libxml2 libxslt"
setup-ruby-ref: MSP-Greg/ruby-setup-ruby/win-ucrt-1
- uses: actions/download-artifact@v2
with:
name: cruby-gem
Expand Down Expand Up @@ -289,10 +288,9 @@ jobs:
ruby: ["3.1"]
runs-on: windows-2022
steps:
- uses: MSP-Greg/setup-ruby-pkgs@win-ucrt-2
- uses: MSP-Greg/setup-ruby-pkgs@v1
with:
ruby-version: "${{matrix.ruby}}"
setup-ruby-ref: MSP-Greg/ruby-setup-ruby/win-ucrt-1
- uses: actions/download-artifact@v2
with:
name: cruby-x64-mingw-ucrt-gem
Expand Down
45 changes: 22 additions & 23 deletions .github/workflows/upstream.yml
Original file line number Diff line number Diff line change
Expand Up @@ -83,13 +83,12 @@ jobs:
- uses: actions/checkout@v2
with:
submodules: true
- uses: MSP-Greg/setup-ruby-pkgs@ucrt
- uses: MSP-Greg/setup-ruby-pkgs@v1
with:
ruby-version: "head"
apt-get: "libxml2-dev libxslt1-dev pkg-config"
mingw: "_upgrade_ libxml2 libxslt pkgconf"
bundler-cache: true
setup-ruby-ref: MSP-Greg/ruby-setup-ruby/00-win-ucrt
- uses: actions/cache@v2
if: matrix.sys == 'disable'
with:
Expand Down Expand Up @@ -135,24 +134,24 @@ jobs:
- run: bundle exec rake compile
- run: bundle exec rake test

html5lib-tests:
runs-on: ubuntu-latest
container:
image: ghcr.io/sparklemotion/nokogiri-test:mri-3.1
steps:
- uses: actions/checkout@v2
with:
submodules: true
- uses: actions/cache@v2
with:
path: ports
key: ports-ubuntu-${{hashFiles('dependencies.yml', 'patches/**/*.patch')}}
- name: Update html5lib-tests
run: |
cd test/html5lib-tests
git remote update origin
git checkout origin/master
git log --pretty=oneline -n1
- run: bundle install --local || bundle install
- run: bundle exec rake compile -- --disable-system-libraries
- run: bundle exec rake test
# html5lib-tests:
# runs-on: ubuntu-latest
# container:
# image: ghcr.io/sparklemotion/nokogiri-test:mri-3.1
# steps:
# - uses: actions/checkout@v2
# with:
# submodules: true
# - uses: actions/cache@v2
# with:
# path: ports
# key: ports-ubuntu-${{hashFiles('dependencies.yml', 'patches/**/*.patch')}}
# - name: Update html5lib-tests
# run: |
# cd test/html5lib-tests
# git remote update origin
# git checkout origin/master
# git log --pretty=oneline -n1
# - run: bundle install --local || bundle install
# - run: bundle exec rake compile -- --disable-system-libraries
# - run: bundle exec rake test
8 changes: 8 additions & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,14 @@ Nokogiri follows [Semantic Versioning](https://semver.org/), please see the [REA

---

## 1.13.2 / unreleased

### Dependencies

* [CRuby] Vendored libxml2 is updated from 2.9.12 to 2.9.13. This update addresses [CVE-2022-23308](https://gitlab.gnome.org/GNOME/libxml2/-/commit/652dd12). Full changelog is available at https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.news
* [CRuby] Vendored libxslt is updated from 1.1.34 to 1.1.35. This update addresses [CVE-2021-30560](https://nvd.nist.gov/vuln/detail/CVE-2021-30560). Full changelog is available at https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.news


## 1.13.1 / 2022-01-13

### Fixed
Expand Down
62 changes: 6 additions & 56 deletions dependencies.yml
Original file line number Diff line number Diff line change
@@ -1,62 +1,12 @@
libxml2:
version: "2.9.12"
sha256: "c8d6681e38c56f172892c85ddc0852e1fd4b53b4209e7f4ebf17f7e2eae71d92"
# manually verified checksum:
#
# $ gpg --verify libxml2-2.9.12.tar.gz.asc ports/archives/libxml2-2.9.12.tar.gz
# gpg: Signature made Thu 13 May 2021 02:59:16 PM EDT
# gpg: using RSA key DB46681BB91ADCEA170FA2D415588B26596BEA5D
# gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
# gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
# Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
#
# using this pgp signature:
#
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEE20ZoG7ka3OoXD6LUFViLJllr6l0FAmCddwQACgkQFViLJllr
# 6l11LQgAioRTdfmcC+uK/7+6HPtF/3c5zkX6j8VGYuvFBwZ0jayqMRBAl++fcpjE
# JUU/JKebSZ/KCYjzyeOWK/i3Gq77iqm3UbZFB85rqu4a5P3gmj/4STWVyAx0KU3z
# G3jKqDhJOt7c0acXb5lh2DngfDa1dn/VGcQcIXsqplNxNr4ET7MnSJjZ3nlxYfW2
# E5vWBdPCMUeXDBl6MjYvw9XnGGBLUAaEJWoFToG6jKmVf4GAd9nza20jj5dtbcJq
# QEOaSDKDr+f9h2NS8haOhJ9vOpy52PdeGzaFlbRkXarGXuAr8kITgATVs8FAqcgv
# MoVhmrO5r2hJf0dCM9fZoYqzpMfmNA==
# =KfJ9
# -----END PGP SIGNATURE-----
#
version: "2.9.13"
sha256: "276130602d12fe484ecc03447ee5e759d0465558fbc9d6bd144e3745306ebf0e"
# sha-256 hash provided in https://download.gnome.org/sources/libxml2/2.9/libxml2-2.9.13.sha256sum

libxslt:
version: "1.1.34"
sha256: "98b1bd46d6792925ad2dfe9a87452ea2adebf69dcb9919ffd55bf926a7f93f7f"
# manually verified checksum:
#
# $ gpg --verify ~/Downloads/libxslt-1.1.34.tar.gz.asc ports/archives/libxslt-1.1.34.tar.gz
# gpg: Signature made Wed 30 Oct 2019 04:02:48 PM EDT
# gpg: using RSA key DB46681BB91ADCEA170FA2D415588B26596BEA5D
# gpg: Good signature from "Daniel Veillard (Red Hat work email) <veillard@redhat.com>" [unknown]
# gpg: aka "Daniel Veillard <Daniel.Veillard@w3.org>" [unknown]
# gpg: WARNING: This key is not certified with a trusted signature!
# gpg: There is no indication that the signature belongs to the owner.
# Primary key fingerprint: C744 15BA 7C9C 7F78 F02E 1DC3 4606 B8A5 DE95 BC1F
# Subkey fingerprint: DB46 681B B91A DCEA 170F A2D4 1558 8B26 596B EA5D
#
# using this pgp signature:
#
# -----BEGIN PGP SIGNATURE-----
#
# iQEzBAABCAAdFiEE20ZoG7ka3OoXD6LUFViLJllr6l0FAl257GgACgkQFViLJllr
# 6l2vVggAjJEHmASiS56SxhPOsGqbfBihM66gQFoIymQfMu2430N1GSTkLsfbkJO8
# 8yBX11NjzK/m9uxwshMW3rVCU7EpL3PUimN3reXdPiQj9hAOAWF1V3BZNevbQC2E
# FCIraioukaidf8sjUG4/sGpK/gOcP/3hYoN0HUoBigCNJjDqhijxM3M3GJJtCASp
# jL4CQbs2OmxW8ixOZbuWEESvFFHUgYRsdZjRVN+GRfSOvJjxypurmYwQ3RjO7JxL
# 2FY8qKQ+xpeID8NV8F5OUEvWBjk1QS133VTqBZNlONdnEtV/og6jNu5k0O/Kvhup
# caR+8TMErOcLr9OgDklO6DoYyAsf9Q==
# =g4i4
# -----END PGP SIGNATURE-----
#
version: "1.1.35"
sha256: "8247f33e9a872c6ac859aa45018bc4c4d00b97e2feac9eebc10c93ce1f34dd79"
# sha-256 hash provided in https://download.gnome.org/sources/libxslt/1.1/libxslt-1.1.35.sha256sum

zlib:
version: "1.2.11"
Expand Down
21 changes: 18 additions & 3 deletions ext/nokogiri/extconf.rb
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@
REQUIRED_LIBXML_VERSION = "2.6.21"
RECOMMENDED_LIBXML_VERSION = "2.9.3"

REQUIRED_MINI_PORTILE_VERSION = "~> 2.7.0" # keep this version in sync with the one in the gemspec
REQUIRED_MINI_PORTILE_VERSION = "~> 2.8.0" # keep this version in sync with the one in the gemspec
REQUIRED_PKG_CONFIG_VERSION = "~> 1.1"

# Keep track of what versions of what libraries we build against
Expand Down Expand Up @@ -211,6 +211,18 @@ def local_have_library(lib, func = nil, headers = nil)
have_library(lib, func, headers) || have_library("lib#{lib}", func, headers)
end

def gnome_source
# As of 2022-02-20, some mirrors have expired SSL certificates. I'm able to retrieve from my home,
# but whatever host is resolved on the github actions workers see an expired cert.
#
# See https://github.com/sparklemotion/nokogiri/runs/5266206403?check_suite_focus=true
if ENV["NOKOGIRI_USE_CANONICAL_GNOME_SOURCE"]
"https://download.gnome.org"
else
"https://mirror.csclub.uwaterloo.ca/gnome" # old reliable
end
end

LOCAL_PACKAGE_RESPONSE = Object.new
def LOCAL_PACKAGE_RESPONSE.%(package)
package ? "yes: #{package}" : "no"
Expand Down Expand Up @@ -512,6 +524,7 @@ def recipe.port_path
EOM

pp(recipe.files)
chdir_for_build { recipe.cook }
FileUtils.touch(checkpoint)
end
Expand Down Expand Up @@ -770,8 +783,9 @@ def compile
if source_dir
recipe.source_directory = source_dir
else
minor_version = Gem::Version.new(recipe.version).segments.take(2).join(".")
recipe.files = [{
url: "http://xmlsoft.org/sources/#{recipe.name}-#{recipe.version}.tar.gz",
url: "#{gnome_source}/sources/libxml2/#{minor_version}/#{recipe.name}-#{recipe.version}.tar.xz",
sha256: dependencies["libxml2"]["sha256"],
}]
recipe.patch_files = Dir[File.join(PACKAGE_ROOT_DIR, "patches", "libxml2", "*.patch")].sort
Expand Down Expand Up @@ -818,8 +832,9 @@ def compile
if source_dir
recipe.source_directory = source_dir
else
minor_version = Gem::Version.new(recipe.version).segments.take(2).join(".")
recipe.files = [{
url: "http://xmlsoft.org/sources/#{recipe.name}-#{recipe.version}.tar.gz",
url: "#{gnome_source}/sources/libxslt/#{minor_version}/#{recipe.name}-#{recipe.version}.tar.xz",
sha256: dependencies["libxslt"]["sha256"],
}]
recipe.patch_files = Dir[File.join(PACKAGE_ROOT_DIR, "patches", "libxslt", "*.patch")].sort
Expand Down
2 changes: 1 addition & 1 deletion nokogiri.gemspec
Original file line number Diff line number Diff line change
Expand Up @@ -318,7 +318,7 @@ Gem::Specification.new do |spec|
spec.extra_rdoc_files += Dir.glob("README.md")
spec.rdoc_options = ["--main", "README.md"]

spec.add_runtime_dependency("mini_portile2", "~> 2.7.0") unless java_p # keep version in sync with extconf.rb
spec.add_runtime_dependency("mini_portile2", "~> 2.8.0") unless java_p # keep version in sync with extconf.rb
spec.add_runtime_dependency("racc", "~> 1.4")

spec.add_development_dependency("bundler", "~> 2.2")
Expand Down
6 changes: 3 additions & 3 deletions patches/libxml2/0004-use-glibc-strlen.patch
Original file line number Diff line number Diff line change
Expand Up @@ -31,18 +31,18 @@ diff --git a/xmlstring.c b/xmlstring.c
index e8a1e45d..df247dff 100644
--- a/xmlstring.c
+++ b/xmlstring.c
@@ -423,14 +423,9 @@ xmlStrsub(const xmlChar *str, int start, int len) {
@@ -423,12 +423,7 @@ xmlStrsub(const xmlChar *str, int start, int len) {

int
xmlStrlen(const xmlChar *str) {
- int len = 0;
- size_t len = 0;
-
if (str == NULL) return(0);
- while (*str != 0) { /* non input consuming */
- str++;
- len++;
- }
- return(len);
- return(len > INT_MAX ? 0 : len);
+
+ return strlen((const char*)str);
}
Expand Down
Loading

0 comments on commit 4729133

Please sign in to comment.