devel/gettext-tools: Use external libunistring and libxml2.
lang/python*: Remove dependency on gettext-tools. It isn't used and
it is gettext-tools that depends on python now.
PR: 293963
Exp-run by: antoine
The latest 3.12 release contains the referenced security fixes. The
other two branches are not EOL.
PR: 291609
With hat: python
Requested by: antoine
This reverts commit 6617303777.
Since the current Python upstream maintainers have not yet released
security fix releases to match 3.14.2 and 3.13.11, meaning that we have
about three unfixed security issues per 3.12/3.11/3.10 release, and the
current FreeBSD python@ team is unwilling to take approved upstream
patches individually (see PR), we need to expedite the removal of
vulnerable versions and the transition to 3.13/3.14. Deprecate all
"security support" releases of Python that are not in the bugfix phase.
PR: 291609
EXT_SUFFIX, according to PEP 3149, refers to the full tag and
extension for compiled extension module objects, eg .cpython-311.so,
.cpython-313t.so, etc. We do not use the correct semantic meaning,
and this usage becomes ambiguous and confusing when tags do not
match between bytecode and compiled extension module objects.
Rename our PYTHON_EXT_SUFFIX to PYTHON_TAG to align with PEP 3147's
specification of a magic tag, which consists of implementation name
and shorthand version only. This is meant for bytecode and other
files containing this tag in their filename that do not depend on
a specific Python ABI for the same version. Chase all existing
consumers.
Introduce PYTHON_SOABI to align with PEP 3149's specification of a
tag, which consists of implementation name, shorthand version and
any ABI flags present (this and PYTHON_TAG are identical without
ABI flags). This is meant for compiled extension module objects and
other files that depend on a specific Python ABI for the same
version.
Add documentation for these variables that our PYTHON_EXT_SUFFIX
never had.
PR: 274671
Event: Kitchener-Waterloo Hackathon 202506
While LTOized python seems mostly fine, it crashes during build of x11/mate-terminal:
pid 71560 (python3.11), jid 151, uid 65534: exited on signal 11 (core dumped)
After disabling LTO, x11/mate-terminal builds fine.
LibreSSL 3.9 introduced X509_STORE_get1_objects(3) so modify the
preprocessor guard to account. Prior to LibreSSL < 3.9 becoming
EOL, an additional conditional was needed to copy LibreSSL 3.9's
X509_STORE_get1_objects(3) as the included implementation for
OpenSSL < 3.3 clashed with LibreSSL.
Event: ARRL/RAC Field Day 2024
PR: 279390
Don't generate debug symbols by default, we discard these anyway and on my
Tigerlake laptop it reduces build time roughly by 25% with LTO enabled
Switch from -flto=thin to (fat)lto, there's no parallization so it's
actually slower and produces slightly larger binaries
PR: 279585
Approved by: portmgr (maintainer timeout, 2+ weeks)
LibreSSL 3.6 and later are fully compatible with PEP-644 for the
ssl and hmac modules, but not hashlib due to missing SHA-3/SHAKE,
BLAKE2 and scrypt. Partially reverts
https://github.com/python/cpython/commit/39258d3595300bc7b952854c915f63ae2d4b9c3e
for _hashopenssl.c only and void the configure check so that hashlib
builds on LibreSSL.
This reverts commit c17ddfbf66.
This causes breakage on several ports, and the next iteration
requires a full exp-run. See:
Differential Revision: https://reviews.freebsd.org/D34739
Facilitates compiling, writing and removing bytecode files (.pyc)
in site-packages after all pkg transactions have been completed.
Technical details: https://wiki.freebsd.org/Python/CompiledPackages
Fixes reports of Python port builds as root failing on filesystem
violations due to bytecode file writes where the port did not include
them in the package.
For those ports/packages that currently package bytecode, some
checksum mismatches on those files may occur. This is harmless and
will be rectified, in large as part of a USE_PYTHON=distutils
overhaul to reduce churn.
While here, implement a long-standing todo item of letting lang/python
ports use python.mk bits. Not only does this obviate duplicate
variables in each Makefile, but SUB_LIST (also added) is used for
these triggers.
Co-authored by: tcberner
Approved by: tcberner (mentor)
Differential Revision: https://reviews.freebsd.org/D34739
Charlie Li
Tijl Coosemans
Antoine Brodin
Matthias Andree
Wen Heping
Piotr Kubaj
Vladimir Druzenko
Daniel Engberg
Po-Chuan Hsieh
Robert Clausecker
Benjamin Jacobs
Muhammad Moinur Rahman
Bernard Spil
Dmitry Marakasov