a835364f8d
https://bugzilla.suse.com/show_bug.cgi?id=1229819 CVE-2024-45321 bsc#1229819 - updated to 1.7047 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7047 2023-07-29 22:59:16 PDT [Bug Fix] - Upgrade fatpacked CPAN::Meta::Check to 0.018 (#662) - updated to 1.7046 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7046 2022-04-26 23:00:56 PDT [Documentation] - Remove git.io URL that's going to be deprecated. - updated to 1.7045 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7045 2022-01-26 19:03:44 PST [Security] - [CVE-2020-16154] remove the functionality to verify CHECKSUMS signature - updated to 1.7044 see /usr/share/doc/packages/perl-App-cpanminus/Changes - fix missing dependency on perl-Parse-PMFile - updated to 1.7043 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7043 2017-04-02 20:56:06 PDT [Improvements] - Set PERL_USE_UNSAFE_INC for 5.26+ (haarg) #521 - Strictly match module NAME in Bundle - updated to 1.7042 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7042 2016-05-24 00:48:13 PDT [Improvements] - Merge configure dependencies with cpanfile requirements too 1.7041 2016-05-08 11:28:31 PDT [Improvements] - Add environment variables to man pages (Doug Bell) #481 - Support --with-configure and --without-condfigure (zebardy) #482 - Make file mirror faster (Matthew Horsfall) #499 - updated to 1.7040 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7040 2016-01-07 11:28:07 PST [Improvements] - Removed a workaround to skip tests for config dependencies such as Module::Build #462 - Various doc improvements - updated to 1.7039 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7039 2015-06-28 18:05:10 PDT [Improvements] - Only enable softening of MakeMaker dependency when Module::Install is present (reported by haarg) - Support .git URL with http protocol (shoichikaji) #468 - updated to 1.7038 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7038 2015-06-22 18:04:44 PDT [Releng] - bump minimum perl requirement to 5.8.1 in META files - updated to 1.7037 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7037 2015-06-18 14:37:32 PDT [Improvements] - Bump CPAN-Meta-Check to 0.012 #465 - Bump HTTP-Tiny to 0.056 - Bump CPAN-Meta to 2.150005 - Bump CPAN-Meta-YAML to 0.016 - updated to 1.7036 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7036 2015-06-05 22:07:50 PDT [Improvements] - Also soften MakeMaker depenency in runtime prereq, which is just a weird bug in an old Module::Install pre 1.0 1.7035 2015-06-05 10:51:17 PDT [Improvements] - Add a workaround for distributions with an old (buggy) Module::Install, now that the problems occur more frequently with 5.22.0 shipping with a dev version of ExtUtils::MakeMaker #463 - updated to 1.7034 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7034 2015-05-07 14:20:57 PDT [Improvements] - Improved an error message when dependency requirement in cpanfile get conflict with prereqs in sub dependencies. - updated to 1.7033 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7033 2015-05-01 17:17:42 PDT [Improvements] - Remove MakeMaker and Module::Build from cpanm's runtime dependencies. Rather it will upgrade the minimum version requirement as it finds distributions that uses them in configure requirements. Also, they will be installed with 'notest' option for now, since Module::Build test suite takes a bit too long time. - updated to 1.7032 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7032 2015-04-29 18:51:36 PDT [Improvements] - Prefer to use cpanmetadb's package history API for pinning versions. Note that it only works against versions since April 2012. You can set `--metacpan` to still prefer MetaCPAN API search, and can use `--cascade-search` to fallback to MetaCPAN after CPAN MetaDB as well. - updated to 1.7031 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7031 2015-04-22 14:13:37 PDT [Bug Fixes] - Fixed a rare case where circular dependencies in cpanfile prevents satisfying modules from being installed. (#452) [Improvements] - Stop reporting perl versions by default if running under certain CI related env vars. - updated to 1.7030 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7030 2015-04-19 14:15:34 CEST - Same as 1.7029 1.7029 2015-04-19 00:15:32 CEST [New Features] - Consider root cpanfile's requirement when following dependencies with --installdeps (#363) - Added back --metacpan option [Improvements] - Bump Module::Metadata to 1.000027 - Bump CPAN::Meta::Check to 0.011 - Bump CPAN::Meta::YAML to 0.014 - Bump Parse::PMFile to 0.36 - updated to 1.7028 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7028 2015-04-17 19:22:59 CEST [Improvements] - Keep the mirror index file as absolute (skaji) #438 - Updated the documentation about HTTPS cert warnings #441 - updated to 1.7027 see /usr/share/doc/packages/perl-App-cpanminus/Changes 1.7027 2015-02-14 12:14:13 PST [Improvements] - Use provides as provided in META.json and do not scan packages as PAUSE does. #435 1.7026 2015-02-13 17:11:38 PST [Improvements] - Respect provides in META file before loading from Parse::PMFile 1.7025 2015-02-07 07:58:21 CET [Improvements] - Bump Parse::PMFile to 0.35 - Bump CPAN::Meta::Check to 0.020 - Bump CPAN::Meta::Requirements to 2.132 - Bump HTTP::Tiny to 0.054 - Bump Module::Metadata to 1.000026 - Bump version.pm to 0.9912 1.7024 2015-01-12 13:31:19 PST [New Features] - Includes vendor lib and arch path to search for core modules, when installing self-contained lib by default. This behavior can be turned off with --exclude-vendor (tartansandal) #426 1.7023 2015-01-05 07:59:52 JST [Improvements] - Bump Parse::PMFile to 0.34 - Bump CPAN::Meta::Requirements to 2.131 - Bump HTTP::Tiny to 0.53 - Bump Module::Metadata to 1.000025 - Bump local::lib to 2.000015 1.7022 2014-12-12 16:41:47 PST [Improvements] - Enabled unsafe option to parse version with PMFile to avoid segfaults and weird errors 1.7021 2014-12-11 21:42:36 PST [Improvements] - Bump Parse::PMFile to 0.32 - Bump HTTP::Tiny to 0.052 1.7020 2014-12-08 17:53:18 PST [Improvements] - Bump Parse::PMFile to 0.31 1.7019 2014-12-04 12:51:41 PST [Improvements] - Bump Parse::PMFile to 0.30 1.7018 2014-11-25 14:08:41 PST [Maintenance] - bump $VERSION correctly in cpanm executable 1.7017 2014-11-25 14:00:40 PST [Improvements] - Bump fatpacked CPAN::Meta and HTTP::Tiny - Added documentation for -M and --from in man page 1.7016 2014-11-16 11:46:32 PST [New Features] - Added -M and --from to set --mirror and --mirror-only at the same time while overriding previously set mirrors (sri) #175, #417 [Improvements] - cpanmin.us is now available under HTTPS (marcus) 1.7015 2014-11-14 13:14:07 PST [Improvements] - Bump Parse::PMFile to 0.29 - Bump CPAN::Meta::Requirements to 2.129 1.7014 2014-10-07 20:52:58 PDT [Improvements] - Bump Parse::PMFile to 0.28 1.7013 2014-10-06 23:52:14 PDT [Improvements] - Update bundled JSON::PP to fix issues with JSON parsing on older perl 5.8 1.7012 2014-09-26 19:28:25 PDT [Improvements] - Upgrade CPAN::Meta and HTTP::Tiny in fatpack - Skip @INC on dev directory when running from git checkout when to search for an installed module 1.7011 2014-09-22 15:08:22 JST - Same as 1.7010. Make it a non-trial release. 1.7010 2014-09-17 18:27:53 JST [Improvements] - Use Parse::PMFile rather than our own fork (charsbar) #409 1.7009 2014-09-10 01:43:45 PDT [Bug Fixes] - Fix fatpacked executable to include Parse::CPAN::Meta 1.7008 2014-09-10 01:19:04 PDT [Improvements] - Show **** instead of *password* when masking passwords - Internal code refactoring 1.7007 2014-09-09 09:25:46 PDT [Improvements] - Make sure MetaCPAN search looks up the dist by right author #405 - Ignore Module::Build artifacts in _build when indexing modules metadata 1.7006 2014-09-05 15:44:15 PDT [Bug Fixes] - Work around MetaCPAN bugs in numifying dev release versions (#367, #377) - Bump bootstrapping MakeMaker version recent enough to support MYMETA [Incompatible Changes] - Removed undocumented --metacpan option that was only for testing purposes 1.7005 2014-09-05 05:04:06 PDT [Bug Fixes] - Do not index common directories such as t, xt or inc in install.json - Support tarball extraction on HP-UX 11 (Brian Wightman) [Improvements] - Update Parse::PMFile to 0.19 equivalent (charsbar) - Fixed various documentation (syohex, Graham Ollis) - Mask passwords when failing to download a module (andyjones) - Don't find directories when searching for executables (haarg) - Only assume Module::Build configure prereq when there's no config prereq (haarg) - Upgrade fatpacked modules to the latest - fix one more require - fix provides/obsoletes of cpanm - borrow fedora's solution to unpack the fat script into its dependencies - updated to 1.7004 * Set HOME to a writable directory for tests. Thanks to David Suárez for the bug report. (Closes: #750341) * Fixes "--uninstall mentioned twice on man page" (Closes: #741302) * Many other changes in 2 years - update to 1.5010: * implemented --test-only option #40 - changes from 1.5009: * fixed a bug where URL containing ~ (childe) fails to install #134 * fixed a bug where install.json contains bogus data when you specify dist paths - changes from 1.5008: * fixed a bug where `cpanm Foo` doesn't properly activate local::lib during * installs when you don't have write permissions #143 * improved the warning message when you don't have write permisisons #145 - update to 1.5007: * fixed to change directory when installing from multiple local directories * stop setting AUTOMATED_TESTING (again!) and set PERL_MM_USE_DEFAULT in testing (#138) * offer opening the build.log with PAGER when --prompt is enabled * documentation added for --skip-installed option - changes from 1.5006: * updated cpanmetadb URL to point to cpanmetadb.plackperl.org - update to 1.5004: * include version of the main module instead of distribution version in install.json - changes from 1.5003: * use ExtUtils::Install to install meta files and let --sudo run it with sudo #124 - update to 1.5002 (cumulated): * make sure to include non-core perl modules in -L that are installed in 'perl' by mistake * ensure all module names use :: instead of dashes because of EUMM NAME errors * added EXPERIMENTAL --metacpan support * support MYMETA.json with spec 2.0 * added EXPERIMENTAL --mirror-index, --skip-satisfied and --cascade-search options * installs MYMETA.json and install.json into $ARCH/.meta library path * use Cwd::chdir to update CWD environment variable * fix ExtUtils::ParseXS issue with -L * fix CoreList bootstrap issue with perl < 5.8.9 when using -L * dump more descriptive error message when configure failed with --installdeps #111 * upgraded many fatlib embedded modules * support --no-quiet * removed ugly @INC dumping hack for -L. This causes modules that has conditional deps such as Any::Moose not to pull down necessary requirements; this is a known issue and will be addressed later * support special _ for -l and -L argument to respect local::lib defaults #115 * use Cwd::chdir to change PWD * unbreak -L with newer ExtUtils::ParseXS installed * changed the path to save metadata information * removed Dist::Metadata use, but instead use Module::Metadata to get provides * removed the ugly DumpedINC hack for -L * added experimental --skip-configure * delay load Module::Build bootstrap so that -L won't auto-intall the latest M::B - update to 1.4007: * incompatible changes: + remove LWP from Makefile.PL dependencies, since due to the split it brings in many dependencies such as HTTP::Daemon and HTTP::Parser (which requires a C compiler) + HTTP::Tiny is embedded as a last resort anyway, and if Makefile.PL is executed via some CPAN client (CPAN.pm, CPANPLUS or cpanminus) it means your client is already configured to be able to fetch files over HTTP - update to 1.4006: * proper fix for the -l option installing the same modules - update to 1.4005: * -l should now correctly locate installed modules to skip reinstalling (regression in 1.4004) * ignore Module::CoreList loading errors with -L on perl < 5.8.9 * fixed --prompt in combination with --quest RT:66602 * fixed a broken Bundle:: module installation - update to 1.4004: * Incompatible Changes: + fixed the issue where `ssh host cpanm Module` waits on input forever. As a side effect of fixing this bug, cpanm reads modules from STDIN only if there's no module arguments given. Options such as -L or --scandeps continue to work. #86 * fixed a long standing bug where newer versions of bundled modules such as LWP could be loaded when combined with -L or -l, which causes API incompatiblities * fixed the use of gunzip (cho45) - changes from 1.4003: * fixed a weird bug that -L fails to bootstrap Module::Build when an old version such as 0.28 is installed * do not show help if it reads args from STDIN and nothing is supplied * stripped down the `cpanm` executable size for 20% by stripping POD for fatpacked dependencies :) - changes from 1.4002: * display configure errors in --scandeps so that configure_requires can be manually satisfied - update to 1.4001: * fixed a workaround code for META.yml being JSON - update to 1.4000: * changed the verbosity level of -q to be actually *so* useful and recommended now * added a new option --no-man-pages to skip man page generation and installation * added new --scandeps and --format option that scans module dependency tree before actually installing a module * support Bundle:: modules * added new --save-dists option - changes from 1.30_02 to 1.30_13: * fix for the use of Module::CoreList for perl with versions ending in 0, such as 5.13.10 * do not attempt to upgrade Module::Build if you have the version that comes with perl * support Bundle:: modules #81 * fixed a bug where META.yml is being fetched for no reason; this reduces the HTTP GET calls a lot and should speed up the build process * falls back to search.cpan.org/meta service when (and only when) META.yml is not included or unparsable; now it can handle distributions like AnyEvent::HTTP or ancient packages better * makes the wget/curl execution safer * support archives where tar list begins with ./ like Image::Magick #80 * fix SIGNATURE testing for Module::Build 0.38 or later * implemented EXPERIMENTAL --scandeps command and --format option * implemented EXPERIMENTAL --save-tarballs option * show (undef) in the version output instead of () * changed how it special cases Module::Build load path in -L mode; it's much more reliable and support 0.38 with the new CPAN::Meta dependencies * changed the verbosity level of -q|--quiet so that it prints only necessary information (instead of nothing, which is not really useful) * shows the number of distribution in the end of the session * renamed the option to --man-pages and --no-man-pages * disable the man page generation by default only if -L is in use * skip the man page generation by default; you can enable it with --pod2man * fixed the way it reduces @INC in the tests when -L is in use, so the tests that call $^X with -I can keep those library paths. i.e. Test::More * support minor case where blib/* is manually added via -I (e.g. FCGI.pm) * fixed a bug the modules are not loaded from blib in test_harness with -L * fixed a bug where tests are loading modules from your site_perl even when -L is used * fixed a bug -L will install non-core modules again and again for each run - update to 1.3000: * improved the dependencies detection when -L is in use so the core modules that have been upgraded inside can be correctly be detected, using Module::CoreList - update to 1.2001 (no user-visible changes) - update to 1.008: * fixed glitches due to the deletion of Module::Metadata::Version - changes from 1.007: * fixed installation documents - initial version (1.1006) OBS-URL: https://build.opensuse.org/package/show/devel:languages:perl/perl-App-cpanminus?expand=0&rev=58
151 lines
5.1 KiB
RPMSpec
151 lines
5.1 KiB
RPMSpec
#
|
|
# spec file for package perl-App-cpanminus
|
|
#
|
|
# Copyright (c) 2024 SUSE LLC
|
|
#
|
|
# All modifications and additions to the file contributed by third parties
|
|
# remain the property of their copyright owners, unless otherwise agreed
|
|
# upon. The license for this file, and modifications and additions to the
|
|
# file, is the same license as for the pristine package itself (unless the
|
|
# license for the pristine package is not an Open Source License, in which
|
|
# case the license is the MIT License). An "Open Source License" is a
|
|
# license that conforms to the Open Source Definition (Version 1.9)
|
|
# published by the Open Source Initiative.
|
|
|
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
|
#
|
|
|
|
|
|
%define cpan_name App-cpanminus
|
|
Name: perl-App-cpanminus
|
|
Version: 1.7047
|
|
Release: 0
|
|
License: Artistic-1.0 OR GPL-1.0-or-later
|
|
Summary: Get, unpack, build and install modules from CPAN
|
|
URL: https://metacpan.org/release/%{cpan_name}
|
|
Source0: https://cpan.metacpan.org/authors/id/M/MI/MIYAGAWA/%{cpan_name}-%{version}.tar.gz
|
|
Source1: fatunpack
|
|
Source2: cpanspec.yml
|
|
BuildArch: noarch
|
|
BuildRequires: perl
|
|
BuildRequires: perl-macros
|
|
%{perl_requires}
|
|
# MANUAL BEGIN
|
|
# Run-time:
|
|
# Nothing special. The tests are very poor. But we run perl -c at built-time
|
|
# to check for correct unpacking. So we need non-optional run-time
|
|
# dependencies at build-time too:
|
|
BuildRequires: perl(Config)
|
|
BuildRequires: perl(aliased)
|
|
BuildRequires: perl(constant)
|
|
# CPAN::DistnameInfo not needed for compilation
|
|
# CPAN::Meta not needed for copmilation
|
|
# CPAN::Meta::Check not needed for compilation
|
|
# CPAN::Meta::Prereqs not needed for compilation
|
|
BuildRequires: perl(CPAN::Meta::Requirements)
|
|
# CPAN::Meta::YAML not needed for compilation
|
|
BuildRequires: perl(Cwd)
|
|
# Digest::SHA not needed for compilation
|
|
# Dumpvalue not needed for compilation
|
|
# ExtUtils::Manifest not needed for compilation
|
|
BuildRequires: perl(File::Basename)
|
|
BuildRequires: perl(File::Copy)
|
|
BuildRequires: perl(File::Find)
|
|
# File::pushd not needed for compilation
|
|
BuildRequires: perl(File::Temp)
|
|
# HTTP::Tiny not needed for compilation
|
|
# JSON::PP not needed for compilation
|
|
# local::lib not needed for compilation
|
|
# Module::CoreList not needed for compilation
|
|
# Module::CPANfile not needed for compilation
|
|
# Module::Metadata not needed for compilation
|
|
BuildRequires: perl(Parse::CPAN::Meta)
|
|
# POSIX not needed for compilation
|
|
# Safe not needed for compilation
|
|
BuildRequires: perl(String::ShellQuote)
|
|
BuildRequires: perl(Symbol)
|
|
BuildRequires: perl(version)
|
|
# version::vpp not needed for compilation
|
|
BuildRequires: perl(warnings::register)
|
|
# YAML not needed for compilation
|
|
# Tests:
|
|
BuildRequires: perl(Test::More)
|
|
BuildRequires: perl(Pod::Select)
|
|
# Current dependency generator cannot parse compressed code. Use PPI to find
|
|
# them, and list them manually:
|
|
# Archive::Tar is optional
|
|
# Archive::Zip is optional
|
|
# Compress::Zlib is optional
|
|
Requires: perl(CPAN::DistnameInfo)
|
|
Requires: perl(CPAN::Meta)
|
|
Requires: perl(CPAN::Meta::Check)
|
|
Requires: perl(CPAN::Meta::Prereqs)
|
|
Requires: perl(CPAN::Meta::YAML)
|
|
Requires: perl(Digest::SHA)
|
|
Requires: perl(ExtUtils::Install) >= 1.46
|
|
Requires: perl(ExtUtils::MakeMaker) >= 6.31
|
|
Requires: perl(ExtUtils::Manifest)
|
|
# File::HomeDir is optional
|
|
Requires: perl(File::pushd)
|
|
# HTTP getter by LWP::UserAgent or wget or curl or HTTP::Tiny
|
|
Requires: perl(HTTP::Tiny)
|
|
Requires: perl(Parse::PMFile)
|
|
Requires: perl(local::lib)
|
|
# LWP::Protocol::https is optional
|
|
# LWP::UserAgent is optional
|
|
Requires: perl(Module::Build)
|
|
Requires: perl(Module::CPANfile)
|
|
Requires: perl(Module::CoreList)
|
|
Requires: perl(Module::Metadata)
|
|
# Module::Signature is optional
|
|
Requires: perl(String::ShellQuote)
|
|
# Win32 not used
|
|
Requires: perl(YAML)
|
|
|
|
Provides: cpanm = %{version}-%{release}
|
|
Obsoletes: cpanm <= 1.5010
|
|
# MANUAL END
|
|
|
|
%description
|
|
cpanminus is a script to get, unpack, build and install modules from CPAN
|
|
and does nothing else.
|
|
|
|
It's dependency free (can bootstrap itself), requires zero configuration,
|
|
and stands alone. When running, it requires only 10MB of RAM.
|
|
|
|
%prep
|
|
%autosetup -n %{cpan_name}-%{version}
|
|
|
|
find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -path "*/scripts/*" ! -name "configure" -print0 | xargs -0 chmod 644
|
|
# MANUAL BEGIN
|
|
# Unbundle fat-packed modules
|
|
podselect lib/App/cpanminus.pm > lib/App/cpanminus.pod
|
|
|
|
# https://bugzilla.suse.com/show_bug.cgi?id=1229819 CVE-2024-45321 bsc#1229819
|
|
perl -pi -E 's{http://(cpan\.cpantesters\.org|www\.cpan\.org|backpan\.perl\.org|cpan\.metacpan\.org|fastapi\.metacpan\.org|cpanmetadb\.plackperl\.org)}{https://$2}g' bin/cpanm
|
|
|
|
for F in bin/cpanm lib/App/cpanminus/fatscript.pm; do
|
|
perl %{SOURCE1} --libdir lib --filter '^App/cpanminus' "$F" > "${F}.stripped"
|
|
perl -c -Ilib "${F}.stripped"
|
|
mv "${F}.stripped" "$F"
|
|
done
|
|
# MANUAL END
|
|
|
|
%build
|
|
perl Makefile.PL INSTALLDIRS=vendor
|
|
%make_build
|
|
|
|
%check
|
|
make test
|
|
|
|
%install
|
|
%perl_make_install
|
|
%perl_process_packlist
|
|
%perl_gen_filelist
|
|
|
|
%files -f %{name}.files
|
|
%doc Changes README
|
|
%license LICENSE
|
|
|
|
%changelog
|