From: Don Armstrong Date: Sat, 11 Aug 2018 17:28:40 +0000 (-0700) Subject: Update upstream source from tag 'upstream/20180220' X-Git-Tag: debian/20181120-1~6 X-Git-Url: https://git.donarmstrong.com/?p=perltidy.git;a=commitdiff_plain;h=7f0d4e4cf8cde72a1e9ea5c3ddc5fb71fc0d7651;hp=5af8685bea60c00aae46266c726ddfb0132d7d12 Update upstream source from tag 'upstream/20180220' Update to upstream version '20180220' with Debian dir 4f6d1c8e6262c338bc7a3175ac2eb41072880ddd --- diff --git a/debian/changelog b/debian/changelog new file mode 100644 index 0000000..86c9deb --- /dev/null +++ b/debian/changelog @@ -0,0 +1,150 @@ +perltidy (20170521-1) unstable; urgency=medium + + * New upstream release + * Die if an existing perltidy.ERR cannot be removed to block overwriting + of arbitrary files by a symlink attack. (closes: #862667) Thanks to + Jakub Wilk for identifying this issue. + * Update standards version to 4.1.1; no changes + + -- Don Armstrong Sun, 22 Oct 2017 10:18:21 -0700 + +perltidy (20140328-1) unstable; urgency=medium + + * New upstream release + + Avoid creating perltidy.LOG file + + -- Don Armstrong Mon, 07 Apr 2014 18:27:01 -0700 + +perltidy (20130922-1) unstable; urgency=medium + + * New upstream release (closes: #740559) + * Update VCS location after switching to git + * Fix insecure tmpfile creation (closes: #740670) + + -- Don Armstrong Fri, 07 Mar 2014 18:18:01 -0800 + +perltidy (20120701-1) unstable; urgency=low + + * New upstream release (closes: #681368) + + Don't munge contents of __DATA__ even when they + look like POD (closes: #614288) + * Switch to debhelper auto rules + * Document VCS location + + -- Don Armstrong Fri, 13 Jul 2012 16:50:35 -0700 + +perltidy (20101217-1) unstable; urgency=low + + * New upstream release (closes: #613417) + + -- Don Armstrong Mon, 14 Feb 2011 15:10:43 -0800 + +perltidy (20090616-1) unstable; urgency=low + + * New upstream release + * Update standards version; no changes + * Bump dh_compat to 5 + * Promote homepage + * Fix debian/copyright + + -- Don Armstrong Tue, 23 Jun 2009 22:43:49 -0700 + +perltidy (20071205-2) unstable; urgency=low + + * Fix FTBFS on perl 5.10 + + -- Don Armstrong Mon, 25 Feb 2008 14:52:26 -0800 + +perltidy (20071205-1) unstable; urgency=low + + * New upstream release + + -- Don Armstrong Tue, 18 Dec 2007 15:53:34 -0800 + +perltidy (20070801-1) unstable; urgency=low + + * New upstream release + + -- Don Armstrong Mon, 20 Aug 2007 23:07:33 -0700 + +perltidy (20070508-1) unstable; urgency=low + + * New upstream release + + -- Don Armstrong Tue, 1 May 2007 03:03:29 -0700 + +perltidy (20060719-1) unstable; urgency=low + + * New upstream release + + -- Don Armstrong Fri, 28 Jul 2006 22:02:55 -0700 + +perltidy (20060614-1) unstable; urgency=low + + * New upstream release + + -- Don Armstrong Fri, 23 Jun 2006 13:23:08 -0700 + +perltidy (20031021-2) unstable; urgency=low + + * New maintainer adopting this package (closes: #206884) + * Modifications to packaging to make the package suitable for inclusion + in debian. (closes: #162066) + * Change Build-Depends to perl (>=5.6.0-16) as per perl policy + * Add reference to -st and note that - doesn't mean stdout to -o + documentation (closes: #202916) + * New upstream properly removes useless semi-colons (closes: #203171) + + -- Don Armstrong Wed, 18 Aug 2004 22:54:01 -0700 + +perltidy (20031021-1) unstable; urgency=low + + * New upstream release + + -- Steve Hancock Tue, 21 Oct 2003 20:50:49 -0700 + +perltidy (20030726-1) unstable; urgency=low + + * New upstream + * Changed Build-Depends perl (>= 5.8.0-7) to perl (>=5.6.1-7) + + -- Steve Hancock Sat, 26 Jul 2003 07:18:13 -0700 + +perltidy (20021130-1) unstable; urgency=low + + * New upstream + * Redid all debian packaging from scratch + + -- Aubin Paul Sat, 30 Nov 2002 23:34:34 -0500 + +perltidy (20011020-1) unstable; urgency=low + + * New upstream release. + * Don't install perl2web in the man dir, but only in the doc dir + (closes: bug#113911, bug#103443, bug#101100). + + -- Paolo Molaro Sun, 11 Nov 2001 15:38:40 +0100 + +perltidy (20010608-1) unstable; urgency=low + + * New upstream release. + * New maintainer (Closes: bug#100250). + + -- Paolo Molaro Mon, 11 Jun 2001 11:54:54 +0200 + +perltidy (20010328-1) unstable; urgency=low + + * New upstream release. + * Corrected upstream email address in copyright file and manpages. + * Fixed lintian warning because of incorrect upstream changelog name. + + -- Dr. Guenter Bechly Fri, 30 Mar 2001 10:57:12 +0200 + +perltidy (20010323-1) unstable; urgency=low + + * Initial Release; closes: #91927 + * Adjusted paths in Makefile and fixed $DESTDIR problems. + + -- Dr. Guenter Bechly Tue, 27 Mar 2001 19:39:30 +0200 + + diff --git a/debian/compat b/debian/compat new file mode 100644 index 0000000..f599e28 --- /dev/null +++ b/debian/compat @@ -0,0 +1 @@ +10 diff --git a/debian/control b/debian/control new file mode 100644 index 0000000..a0c5c7a --- /dev/null +++ b/debian/control @@ -0,0 +1,27 @@ +Source: perltidy +Section: devel +Priority: optional +Maintainer: Don Armstrong +Build-Depends: debhelper (>= 10) +Build-Depends-Indep: perl +Standards-Version: 4.1.1 +Homepage: http://perltidy.sourceforge.net/ +Vcs-Git: https://git.donarmstrong.com/perltidy.git +Vcs-Browser: https://git.donarmstrong.com/perltidy.git + + +Package: perltidy +Architecture: all +Depends: ${perl:Depends}, ${misc:Depends} +Description: Perl script indenter and reformatter + Perltidy is a Perl script which indents and reformats Perl + scripts to make them easier to read. + . + The formatting can be controlled with command line parameters. + The default parameter settings approximately follow the + suggestions in the Perl Style Guide. + . + Perltidy can also generate formatted HTML output from POD, and can + even generate colored output in HTML for scripts. See examples at + http://perltidy.sourceforge.net/ + . diff --git a/debian/copyright b/debian/copyright new file mode 100644 index 0000000..e579154 --- /dev/null +++ b/debian/copyright @@ -0,0 +1,14 @@ +This is the debian package for the Perl::Tidy module. +It was created by Aubin Paul using dh-make-perl. + +The upstream author is: Steve Hancock + +Copyright (c) 2000-2009 by Steve Hancock +Distributed under the GPL license agreement; see file COPYING + +This program is free software; you can redistribute it and/or modify +it under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 2 of the License, or +(at your option) any later version. + +License: GPL Available at /usr/share/common-licenses/GPL diff --git a/debian/patches/die_on_unlink_failures b/debian/patches/die_on_unlink_failures new file mode 100644 index 0000000..7b4d3d9 --- /dev/null +++ b/debian/patches/die_on_unlink_failures @@ -0,0 +1,32 @@ +Description: die if perltidy.ERR and other temporary files cannot be unlinked +Origin: Upstream, Cherrypicked from 20170521. +Author: Don Armstrong , Steve Hancock +diff --git a/lib/Perl/Tidy.pm b/lib/Perl/Tidy.pm +index 2b0df0e..edcec6d 100644 +--- a/lib/Perl/Tidy.pm ++++ b/lib/Perl/Tidy.pm +@@ -3692,7 +3702,10 @@ sub do_syntax_check { + # now wish for luck... + my $msg = qx/perl $flags $quoted_stream_filename $error_redirection/; + +- unlink $stream_filename if ($is_tmpfile); ++ if ($is_tmpfile) { ++ unlink $stream_filename ++ or Perl::Tidy::Die("couldn't unlink stream $stream_filename: $!\n"); ++ } + return $stream_filename, $msg; + } + +@@ -4128,7 +4143,11 @@ sub new { + + # remove any old error output file if we might write a new one + unless ( $fh_warnings || ref($warning_file) ) { +- if ( -e $warning_file ) { unlink($warning_file) } ++ if ( -e $warning_file ) { ++ unlink($warning_file) ++ or Perl::Tidy::Die( ++ "couldn't unlink warning file $warning_file: $!\n"); ++ } + } + + my $logfile_gap = diff --git a/debian/patches/document_bst_better b/debian/patches/document_bst_better new file mode 100644 index 0000000..be25173 --- /dev/null +++ b/debian/patches/document_bst_better @@ -0,0 +1,13 @@ +--- a/bin/perltidy ++++ b/bin/perltidy +@@ -175,7 +175,9 @@ + + Name of the output file (only if a single input file is being + processed). If no output file is specified, and output is not +-redirected to the standard output, the output will go to F. ++redirected to the standard output (see B<-st>), the output will go to ++F. [Note: - does not redirect to standard output. Use ++B<-st> instead.] + + =item B<-st>, B<--standard-output> + diff --git a/debian/patches/fix_insecure_tmpnam_usage_740670 b/debian/patches/fix_insecure_tmpnam_usage_740670 new file mode 100644 index 0000000..867909f --- /dev/null +++ b/debian/patches/fix_insecure_tmpnam_usage_740670 @@ -0,0 +1,80 @@ +Description: Replace insecure make_temporary_filename with File::Temp::tempfile +Forwarded: http://lists.example.com/2010/03/1234.html +Origin: vendor, http://bugs.debian.org/740670 +Author: Don Armstrong +Last-Update: 2010-03-29 +--- a/lib/Perl/Tidy.pm ++++ b/lib/Perl/Tidy.pm +@@ -76,6 +76,7 @@ + use IO::File; + use File::Basename; + use File::Copy; ++use File::Temp qw(tempfile); + + BEGIN { + ( $VERSION = q($Id: Tidy.pm,v 1.74 2013/09/22 13:56:49 perltidy Exp $) ) =~ s/^.*\s+(\d+)\/(\d+)\/(\d+).*$/$1$2$3/; # all one line for MakeMaker +@@ -235,35 +236,6 @@ + return undef; + } + +-sub make_temporary_filename { +- +- # Make a temporary filename. +- # The POSIX tmpnam() function has been unreliable for non-unix systems +- # (at least for the win32 systems that I've tested), so use a pre-defined +- # name for them. A disadvantage of this is that two perltidy +- # runs in the same working directory may conflict. However, the chance of +- # that is small and manageable by the user, especially on systems for which +- # the POSIX tmpnam function doesn't work. +- my $name = "perltidy.TMP"; +- if ( $^O =~ /win32|dos/i || $^O eq 'VMS' || $^O eq 'MacOs' ) { +- return $name; +- } +- eval "use POSIX qw(tmpnam)"; +- if ($@) { return $name } +- use IO::File; +- +- # just make a couple of tries before giving up and using the default +- for ( 0 .. 3 ) { +- my $tmpname = tmpnam(); +- my $fh = IO::File->new( $tmpname, O_RDWR | O_CREAT | O_EXCL ); +- if ($fh) { +- $fh->close(); +- return ($tmpname); +- last; +- } +- } +- return ($name); +-} + + # Here is a map of the flow of data from the input source to the output + # line sink: +@@ -1324,11 +1296,7 @@ + my ( $fh_stream, $fh_name ) = + Perl::Tidy::streamhandle( $stream, 'r' ); + if ($fh_stream) { +- my ( $fout, $tmpnam ); +- +- # TODO: fix the tmpnam routine to return an open filehandle +- $tmpnam = Perl::Tidy::make_temporary_filename(); +- $fout = IO::File->new( $tmpnam, 'w' ); ++ my ( $fout, $tmpnam ) = tempfile(); + + if ($fout) { + $fname = $tmpnam; +@@ -5159,14 +5127,7 @@ + # Pod::Html requires a real temporary filename + # If we are making a frame, we have a name available + # Otherwise, we have to fine one +- my $tmpfile; +- if ( $rOpts->{'frames'} ) { +- $tmpfile = $self->{_toc_filename}; +- } +- else { +- $tmpfile = Perl::Tidy::make_temporary_filename(); +- } +- my $fh_tmp = IO::File->new( $tmpfile, 'w' ); ++ my ($fh_tmp,$tmpfile) = tempfile(); + unless ($fh_tmp) { + Perl::Tidy::Warn + "unable to open temporary file $tmpfile; cannot use pod2html\n"; diff --git a/debian/patches/series b/debian/patches/series new file mode 100644 index 0000000..9b1049a --- /dev/null +++ b/debian/patches/series @@ -0,0 +1 @@ +document_bst_better diff --git a/debian/rules b/debian/rules new file mode 100755 index 0000000..6a7c69c --- /dev/null +++ b/debian/rules @@ -0,0 +1,7 @@ +#!/usr/bin/make -f + +%: + dh $@ + +override_dh_installexamples: + dh_installexamples examples/* diff --git a/debian/source/format b/debian/source/format new file mode 100644 index 0000000..163aaf8 --- /dev/null +++ b/debian/source/format @@ -0,0 +1 @@ +3.0 (quilt) diff --git a/debian/watch b/debian/watch new file mode 100644 index 0000000..1500f7b --- /dev/null +++ b/debian/watch @@ -0,0 +1,3 @@ +# format version number, currently 2; this line is compulsory! +version=2 +http://search.cpan.org/CPAN/authors/id/S/SH/SHANCOCK/Perl-Tidy-(.+)\.tar\.gz \ No newline at end of file