Date: Thu, 20 Aug 2015 13:10:41 -0500 From: Mark Felder <feld@FreeBSD.org> To: "Li-Wen Hsu" <lwhsu@FreeBSD.org> Cc: python <python@freebsd.org> Subject: Re: py-django vulnerabilities Message-ID: <1440094241.908772.361540473.611AC2DA@webmail.messagingengine.com> In-Reply-To: <20150820121552.GA10322@FreeBSD.cs.nctu.edu.tw> References: <1439923130.1067596.359551361.446BF03F@webmail.messagingengine.com> <1439997826.2721336.360395769.5671C796@webmail.messagingengine.com> <CAKBkRUyEgvXn_756CYPz=7V9tFYRhYXi8hcVQ83Q_tb0_BYZAQ@mail.gmail.com> <1439998219.2722781.360401857.46FCCBD9@webmail.messagingengine.com> <1439998614.2724165.360407393.5F130D70@webmail.messagingengine.com> <20150820121552.GA10322@FreeBSD.cs.nctu.edu.tw>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 20, 2015, at 07:15, Li-Wen Hsu wrote: > On Wed, Aug 19, 2015 at 10:36:54 -0500, Mark Felder wrote: > > On Wed, Aug 19, 2015, at 10:30, Mark Felder wrote: > > > On Wed, Aug 19, 2015, at 10:27, Li-Wen Hsu wrote: > > > > Thanks for the update. I have the same patch with you. But I haven't > > > > had www/py-django-devel pass the poudriere test. Are you working on > > > > that too? > > > > > > I have not yet touched www/py-django-devel. I figure fewer users are > > > affected by it, so I wanted to get the stable releases pushed out first. > > > > Setting the snapshot date to 20150819 seems to fetch and build fine. Is > > that OK? Do you follow django development and prefer to carefully choose > > a different snapshot date to avoid any recent bugs/issues that could > > affect users? > > GH_TAGNAME should also be updated, or you will get the old code. > > I got following error from poudriere. > > https://gist.github.com/anonymous/7fdf1a8d9645ef324e82 > > I am a bit not sure if this is due to our python port infrastructure or > django itself. Haven't looked into it, but `python setup.py install` on > Mac also failed. > I just had a chat with a django developer and he told me those things are not supposed to be byte-compiled https://github.com/django/django/blob/master/setup.py#L26-L28 They're listed right there in the setup.py So the question is: is this a bug on their side if you also saw it on OSX?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1440094241.908772.361540473.611AC2DA>