[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#1065056: bookworm-pu: package php-composer-class-map-generator/1.0.0-2+deb12u1

Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc: php-composer-class-map-generator@packages.debian.org, team@security.debian.org
Control: affects -1 + src:php-composer-class-map-generator
User: release.debian.org@packages.debian.org
Usertags: pu

[1/9 for bookworm]

This is a follow up from composer/DSA-5632-1.

In order to fix a Debian-specific issue related to CVE-2024-24821, we
agreed with the security team to push related dependencies via the next
point release.

The only change (besides changelog entry) in the binary package is the
following (thanks to diffoscope).

│ │ ├── ./usr/share/php/Composer/ClassMapGenerator/autoload.php
│ │ │ @@ -1,12 +1,12 @@
│ │ │  <?php
│ │ │
│ │ │  // Require
│ │ │ -require_once 'Composer/Pcre/autoload.php';
│ │ │ -require_once 'Symfony/Component/Finder/autoload.php';
│ │ │ +require_once __DIR__ . '/../Pcre/autoload.php';
│ │ │ +require_once __DIR__ . '/../../Symfony/Component/Finder/autoload.php';
│ │ │
│ │ │  // Suggest

The goal is to ensure related dependencies are loaded from the system
path.

The attached debdiff is a bit bigger, since it aims at keeping the
testsuite at buildtime effective.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

TIA for considering.

Cheers,

taffit

diff -Nru php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl
--- php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl	1970-01-01 01:00:00.000000000 +0100
+++ php-composer-class-map-generator-1.0.0/debian/autoload.php.tpl	2024-02-13 17:00:47.000000000 +0100
@@ -0,0 +1,30 @@
+<?php
+
+// Require
+require_once __DIR__ . '/../Pcre/autoload.php';
+require_once __DIR__ . '/../../Symfony/Component/Finder/autoload.php';
+
+// Suggest
+
+// @codingStandardsIgnoreFile
+// @codeCoverageIgnoreStart
+// this is an autogenerated file - do not edit
+spl_autoload_register(
+    function($class) {
+        static $classes = null;
+        if ($classes === null) {
+            $classes = array(
+                ___CLASSLIST___
+            );
+        }
+        $cn = strtolower($class);
+        if (isset($classes[$cn])) {
+            require ___BASEDIR___$classes[$cn];
+        }
+    },
+    ___EXCEPTION___,
+    ___PREPEND___
+);
+// @codeCoverageIgnoreEnd
+
+// Files
diff -Nru php-composer-class-map-generator-1.0.0/debian/changelog php-composer-class-map-generator-1.0.0/debian/changelog
--- php-composer-class-map-generator-1.0.0/debian/changelog	2022-08-20 11:00:21.000000000 +0200
+++ php-composer-class-map-generator-1.0.0/debian/changelog	2024-02-13 17:00:52.000000000 +0100
@@ -1,3 +1,10 @@
+php-composer-class-map-generator (1.0.0-2+deb12u1) bookworm; urgency=medium
+
+  * Track debian/bookworm
+  * Force system dependencies loading
+
+ -- David Prévot <taffit@debian.org>  Tue, 13 Feb 2024 17:00:52 +0100
+
 php-composer-class-map-generator (1.0.0-2) unstable; urgency=medium
 
   * Upload to unstable
diff -Nru php-composer-class-map-generator-1.0.0/debian/clean php-composer-class-map-generator-1.0.0/debian/clean
--- php-composer-class-map-generator-1.0.0/debian/clean	2021-12-09 12:41:37.000000000 +0100
+++ php-composer-class-map-generator-1.0.0/debian/clean	2024-02-13 17:00:47.000000000 +0100
@@ -1,6 +1,6 @@
 .phpunit.result.cache
 Composer/
-debian/autoload.php.tpl
 debian/autoload.tests.php.tpl
 src/autoload.php
+Symfony
 vendor/
diff -Nru php-composer-class-map-generator-1.0.0/debian/control php-composer-class-map-generator-1.0.0/debian/control
--- php-composer-class-map-generator-1.0.0/debian/control	2022-07-26 11:03:24.000000000 +0200
+++ php-composer-class-map-generator-1.0.0/debian/control	2024-02-13 17:00:47.000000000 +0100
@@ -13,7 +13,7 @@
 Standards-Version: 4.6.1
 Homepage: https://github.com/composer/class-map-generator
 Vcs-Browser: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator
-Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator.git
+Vcs-Git: https://salsa.debian.org/php-team/pear/php-composer-class-map-generator.git -b debian/bookworm
 Rules-Requires-Root: no
 
 Package: php-composer-class-map-generator
diff -Nru php-composer-class-map-generator-1.0.0/debian/gbp.conf php-composer-class-map-generator-1.0.0/debian/gbp.conf
--- php-composer-class-map-generator-1.0.0/debian/gbp.conf	2021-12-09 12:43:32.000000000 +0100
+++ php-composer-class-map-generator-1.0.0/debian/gbp.conf	2024-02-13 17:00:47.000000000 +0100
@@ -1,5 +1,5 @@
 [DEFAULT]
-debian-branch = debian/latest
+debian-branch = debian/bookworm
 filter = [ '.gitattributes' ]
 pristine-tar = True
 upstream-branch = upstream/latest
diff -Nru php-composer-class-map-generator-1.0.0/debian/rules php-composer-class-map-generator-1.0.0/debian/rules
--- php-composer-class-map-generator-1.0.0/debian/rules	2022-07-26 08:11:20.000000000 +0200
+++ php-composer-class-map-generator-1.0.0/debian/rules	2024-02-13 17:00:47.000000000 +0100
@@ -3,13 +3,14 @@
 	dh $@
 
 override_dh_auto_build:
-	phpabtpl composer.json > debian/autoload.php.tpl
 	phpab \
 		--output src/autoload.php \
 		--template debian/autoload.php.tpl \
 		src
 	mkdir --parents vendor Composer
-	ln -s ../src Composer/ClassMapGenerator
+	cp -r src Composer/ClassMapGenerator
+	ln -s /usr/share/php/Composer/Pcre Composer
+	ln -s /usr/share/php/Symfony .
 	phpabtpl \
 		--require composer/class-map-generator \
 		--require symfony/filesystem \

Attachment: signature.asc
Description: PGP signature

Reply to: