zabbix: update to 6.2.3

Refreshed patches.

Signed-off-by: Scott Roberts <ttocsr@gmail.com>
(cherry picked from commit 475d1cc0e9e061551b6bc227d32c4da5a66a4a3e)

zabbix: add fping dependency

If fping is not installed on the system the following message is show if
hosts should be monitored via icmp.

Log-Message:
"At least one of '/usr/sbin/fping', '/usr/sbin/fping6' must exist. Both
are missing in the system."

To fix this also, add a dependency to 'fping' for 'zabbix-server' and
'zabbix-proxy' for installation to allow icmp hosts monitoring.

Signed-off-by: Florian Eckert <fe@dev.tdt.de>
(cherry picked from commit 672a655d6bdccee30d5779a1348a42e4f34b850f)

unbound: fix `create_host_record_from_host` error when `dns` is not set

The function `create_host_record_from_host` fails if the `dns` option
is not set in the host entry.
This sets a default to the `dns` variable in order to fix this error.

Fixes: #22691
Signed-off-by: Julien Cassette <julien.cassette@gmail.com>
(cherry picked from commit 8d60419251b2c94f87425f41ce49214771d2bf6a)

unbound: create extra host records from DHCP static leases

The "Extra DNS" option allows to create records from the DHCP
"Hostnames" configuration entries.
This allows to create such records from the DHCP "Static leases"
configuration entries too.

Fixes: #22593
Signed-off-by: Julien Cassette <julien.cassette@gmail.com>
(cherry picked from commit b4a31f92deb8de923d6bc6fb12506e24f4475581)

unbound: update to 1.19.0

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
(cherry picked from commit 183f1662795930f846e497be7530e0474c7eff0e)

unbound: update to 1.18.0

Signed-off-by: Eric Luehrsen <ericluehrsen@gmail.com>
(cherry picked from commit 03f70dcfd530560c088f05819a11715286ce45d9)

Unbound: Silence SSL unexpected eof messages

Refs: https://github.com/NLnetLabs/unbound/issues/812
      https://github.com/NLnetLabs/unbound/issues/846

This is a backport of: https://github.com/NLnetLabs/unbound/commit/d7e7761
and can be removed with the next release/update of the Unbound package

Signed-off-by: Ted Hess <thess@kitschensync.net>
(cherry picked from commit 2a71e17ca12341682430e587889d8fb7af58ae30)

htop: update to 3.3.0

Changelog: https://github.com/htop-dev/htop/compare/3.2.2...3.3.0

Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 3ee7b46610e9dbd8fd2bba87bd06024cd0d9c08f)

yt-dlp: bump to version 2023.12.30

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry picked from commit 5d3424f992b09602f2abd4e71cb163a3af8f3e7c)

yt-dlp: bump to version 2023.11.16

Signed-off-by: Alexander Egorenkov <egorenar-dev@posteo.net>
(cherry picked from commit 707e87884d67650c26fda2c30c790d5832e319d7)

yt-dlp: add missing dependencies

Added missing python3-{logging,uuid} dependencies.

Signed-off-by: Rani Hod <rani.hod@gmail.com>
(cherry picked from commit 40a680ffd7d155798123a9eadcc3411f7a201259)

iperf3: update to 3.16

notable changes:
- multithreading support

changelog: https://github.com/esnet/iperf/releases/tag/3.16

Signed-off-by: Jonas Jelonek <jelonek.jonas@gmail.com>
(cherry picked from commit bdb6d2a37fda8daa3a2e02af20f0f582dc6e5d7b)

iperf3: Fix dependecy conflict with iperf3-ssl

When selecting both iperf3 and iperf3 ssl, there is a problem that
both packages install same binary file.
This patch fixes this issue by adding conflict between those packages.

Signed-off-by: Jakub Raczynski <myszsoda@gmail.com>
(cherry picked from commit cea45c75c0153a190ee41dedaf6526ae08e33928)

net/iperf3: assign PKG_CPE_ID

Signed-off-by: Alexander Couzens <lynxis@fe80.eu>
(cherry picked from commit e97f763a7281b543dfb9709cf84da97f28bbf0db)

iperf3: update to 3.15

see changelog: https://github.com/esnet/iperf/releases/tag/3.15.

Signed-off-by: Leo Douglas <douglarek@gmail.com>
(cherry picked from commit 8a223d4724d996db13bc8077035b27562b5e8fbd)

iperf3: update to 3.14

Release Notes:
https://github.com/esnet/iperf/blob/master/RELNOTES.md

Signed-off-by: John Audia <therealgraysky@proton.me>
(cherry picked from commit 8c0afc4cabdba316835706e06919271bd7f13a62)

iperf3: update to 3.13

Release Notes:
https://software.es.net/iperf/news.html#iperf-3-13-released

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 1bfd2f7adeaafb317345af41f472564d9ae28a79)

iperf3: update to 3.12

Release Notes:
https://groups.google.com/g/iperf-dev/c/_DgSWrpl9Gk?pli=1

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit 431016a23d55469c2028ca74d6c44f0026abcdfc)

iperf3: fix install section of Makefile and dependencies

In the Makefile the library installation was accidentally called
"Package/iperf3/install" and not "Package/libiperf3/install". Fix this
typo. Thanks to Hartmut spotting this.

Also the iperf3-ssl does not need to depend on libiperf3.

Fixes ae48be8e2157 ("iperf3: add shared libiperf library and link iperf3 dynamically")

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit dc59d98c2ca24a077a9f5f135b86e9737fa6780e)

iperf3: add shared libiperf library and link iperf3 dynamically

Add library for creating own functions with iperf3 functionality.
Example: https://github.com/esnet/iperf/blob/master/examples/mis.c
This library is needed by python3-iperf3.

Build iperf3 binary with dynamically linked libiperf3. However, still
build iperf3-ssl as static binary due to a lack of shipping two libiperf
versions.

Signed-off-by: Nick Hainke <vincent@systemli.org>
(cherry picked from commit ae48be8e2157bc7c352b3b6d30c026fafdae4867)

knot: update to version 3.3.4

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit 66c1065b453b46a709f5143459d8a4cee777f9a0)

knot: update to version 3.3.3

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit a693dd5821b11c442bff817cbc4a8193d0367839)

knot: update to version 3.3.2

Signed-off-by: Jan Hák <jan.hak@nic.cz>
(cherry picked from commit fbfa63a03be5916873e3b2d1d17d21d1742de7de)

bind: bump to 9.18.24

Fixes CVEs:

- CVE-2023-50387: Validating DNS messages containing a lot of DNSSEC signatures
  could cause excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-50868: Preparing an NSEC3 closest encloser proof could cause
  excessive CPU load, leading to a denial-of-service condition.
- CVE-2023-4408: Parsing DNS messages with many different names could cause
  excessive CPU load.
- CVE-2023-5517: Specific queries could cause named to crash with an assertion
  failure when nxdomain-redirect was enabled.
- CVE-2023-5679: A bad interaction between DNS64 and serve-stale could cause
  named to crash with an assertion failure, when both of these features were
  enabled.

Signed-off-by: Noah Meyerhans <frodo@morgul.net>
(cherry picked from commit d277e41e78972130f75dc816ebcbd7931f582519)

transmission: add copy_file_range syscall to seccomp

Fixes this crash:

root@RPi3OpenWrt:/# grep -i seccomp /var/log/audit/audit.log
type=SECCOMP msg=audit(1689503903.597:16): auid=4294967295 uid=224 gid=1012 ses=4294967295 pid=1752 comm="transmission-da" exe="/usr/bin/transmission-daemon" sig=31 arch=c00000b7 syscall=285 compat=0 ip=0x7fa3b0eefc code=0x80000000
root@RPi3OpenWrt:/# ausyscall 285
copy_file_range
root@RPi3OpenWrt:/#

Signed-off-by: Marius Dinu <m95d+git@psihoexpert.ro>
(cherry picked from commit f0926b44f48fa04401c660b0818e74f6b654e5bc)

pdns-recursor: update to 4.8.6 (fixes CVE-2023-50387, CVE-2023-50868)

Signed-off-by: Peter van Dijk <peter.van.dijk@powerdns.com>

squid: bump to release 5.7

This is the latest version and brings compatibility with OpenSSL 3.0.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 78dcc29e47079b6f5aad917dcdf935325b5e4fdf)

p910nd: bump release

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 9dad4285d3c2de30cf27baa2b299246bda514577)

p910nd: hotplug shellcheck fixes

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 77f47a6341f1f5c272e95bc83cb6cf228d2b3760)

p910nd: init: check device (/dev/usb/lpX) existence

this prevents the daemon exiting when a configured device
is not plugged in.

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 4d461aacca9b144ded709320de1652603f7f2458)

p910nd: init: partial fix for openwrt/packages#10496

Harmless to carry this fix until procd.sh adds the param

This parameter will mean umdns advertises not just "OpenWrt" but a more
appropriate string:

"Apple LaserWriter Pro 630"

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 60be0017753364069c044dd591b3ef1e0e3f8438)

p910nd: hotplug+init: include extra ieee1284 properties

Apple and macOS GUI co-opts the mDNS note= param as "Location"

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit c74f82e17b21641667cb768da30244a8cba1d73e)

p910nd: hotplug: minor bug fixes

Commit driver_home defaults before continuing

Fix missing path for serial number acquisition

Store current device if no previously configured device had one.
Also set CHAR_DEV so the printer can get its driver sent on first run.

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit c54cb399f32abbf76cecbd279c2c55c3e46d5613)

p910nd: hotplug: small refactor

replace -a with &&

shorten uci commands via variables

add optional ieee1284_id parameters

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit d1b868b407a5ec1e6f109ec603c65423f6b11b87)

p910nd: init: add txtvers=1 to mDNS properties

The spec https://developer.apple.com/bonjour/printing-specification/bonjourprinting-1.2.1.pdf
notes:

... if the meaning of any of the TXT record keys is changed, the txtvers value
will be incremented. The current value of this key is “1”, and if this key does not exist in
the TXT record, the default value of “1” is assumed. The txtvers SHOULD be the first
key/value pair in the TXT record.

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 55d00e3821674789d903ea0dfef000a2b4306f24)

p910nd: init: line-break and conditionalize mDNS properties

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit d939c5c3aafcc10db5273bb242469eff0bea6d14)

p910nd: init: only run mDNS changes if mdns is set to on

i.e. don't do the extra work unless mdns setting is enabled

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 2c5927cfac6aa867bc892d499170fdf4d7d1f5d8)

p910nd: init script

Don't run procd with a name of p9100d or p9101d etc.
Use the original binary name: p910nd.

This way, all supplied parameters should be visible via e.g.:

ps
xargs -0 < /proc/{procid}/cmdline

Revise all p910nd strings to the variable DAEMON_NAME or CONFIG where
appropriate.

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 3f04d2d791fb18d03e990926955b87198293bb9d)

p910nd: hotplug script

Signed-off-by: Paul Donald <newtwen@gmail.com>
(cherry picked from commit 825b22a4db952c891b07341e0176bc6d64f2d72a)

nextdns: Update to version 1.42.0

Signed-off-by: Olivier Poitrey <rs@nextdns.io>

cloudflared: refine config.yml

The config.yml is an example of a tunnel local configuration.
But the cloudlfared treat it as a real config and fails to start.
So to avoid problems let's comment all the statements.

The `url: http://localhost:8000` is not a valid config option.

Additionally add a smale of configuring ingres rules.

The cloudflared.config has missing option token.

Signed-off-by: Sergey Ponomarev <stokito@gmail.com>
(cherry picked from commit b3580a76d8a4bc0bfa075ba3da945bfe92526871)

rclone: Update to 1.65.2

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 4437234dc43095212299417ee25aa43266374f50)

Merge pull request #23254 from stangri/openwrt-22.03-curl

[22.03] curl: update to 8.6.0

curl: update to 8.6.0

* https://curl.se/changes.html#8_6_0

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
(cherry picked from commit 0f2c98d53f1aec96c21a707fc0e1a01b5a53a840)

natmap: update to 20240126

Signed-off-by: Ray Wang <r@hev.cc>
(cherry picked from commit 42c6e10ada066e54071026930460e91ba14dfb4b)

v2raya: do not allow changing config/log directory

We need stable path to persist configurations and read log from LuCI.

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 272cff0d1c6265fe374aeed582423858beedf6bc)

v2ray-geodata: Update to latest version

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 1aaa5c045dd835331d6c5bb70636e9d34d6bb530)

rclone: Update to 1.65.1

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit 05b61b3b6d8c3e2ab8f20e8b08932adfd25fbc3a)

rclone: Update to 1.65.0

Signed-off-by: Tianling Shen <cnsztl@immortalwrt.org>
(cherry picked from commit ac17302410dfa0958494b004e07d427cad7dd9cf)

Merge pull request #22999 from mhei/22.03-php8-update-to-8.1.27

[22.03] php8: update to 8.1.27

mosquitto: update to 2.0.18

Switch to CMake. Allows faster compilation.

Small Makefile cleanups.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit aa89f847c673343af0cde4dbd9535a63272f7f14)

php8: update to 8.1.27

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

curl: update to 8.5.0

* https://curl.se/changes.html#8_5_0

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 6501290c17fb2c65e0fb589da94d121ff89e7d5e)

Merge pull request #22904 from mhei/22.03-php8-update-to-8.1.26

[22.03] php8: update to 8.1.26

php8: update to 8.1.26

Signed-off-by: Michael Heimpold <mhei@heimpold.de>

Merge pull request #22874 from stangri/openwrt-22.03-https-dns-proxy

[22.03] https-dns-proxy: only restart firewall when needed

https-dns-proxy: only restart firewall when needed

* only restart firewall when needed

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 8b6635bae9717babbc3dcf1347cf4727fc15f9bd)

Merge pull request #22747 from stangri/openwrt-22.03-https-dns-proxy

[22.03] https-dns-proxy: fix unintentional call of service_stopped in boot()

https-dns-proxy: fix unintentional call of service_stopped in boot()

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit 2e9f6c44460a48876cd85cde3557ce373693df6b)

Merge pull request #22738 from stangri/openwrt-22.03-https-dns-proxy

[22.03] https-dns-proxy: bugfix: prevent erros from boot()

https-dns-proxy: bugfix: prevent erros from boot()

* fixes https://github.com/openwrt/packages/issues/22674
* rename resolver_health_check to is_resolver_running for readability
* reorder functions in the init file by name

Signed-off-by: Stan Grishin <stangri@melmac.ca>
(cherry picked from commit f519b68401b68f011091e83badadb54a43eae33d)

numpy: bump version to 1.24.3

Need to also fix build for GCC 13 + musl.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 8f176e30f3dae121e374be4ca7f641cc157ea152)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

tang: set the right permissions to keys

Resolves: #22632

Signed-off-by: Nikos Mavrogiannopoulos <n.mavrogiannopoulos@gmail.com>

crowdsec-firewall-bouncer: add ujail

* added ujail for crowdsec-firewall-bouncer
* set nice to reduce priority for process

Signed-off-by: S. Brusch <ne20002@gmx.ch>
Maintainer: Kerma Gérald <gandalf@gk2.net>
Run tested: mediatek/filogic, BPI-R3, Openwrt 23.05.0

(cherry picked from commit a8df73ce7277134c5bd318b3e63cc14e2c70e9a7)

nmap: backport fix to be able to compile it with OpenSSL 1.1

The latest nmap version 7.9.3 currently fails to compile with OpenSSL 1.1 [1],
it required to backport upstream patch to fix the compilation. [2]

[1] https://github.com/nmap/nmap/issues/2516
[2] https://github.com/nmap/nmap/commit/d6bea8dcdee36a3902cece14097993350306f1b6

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 2c87004346f9456cfd5cc58559ab8ff4e94cd773)

netbird: downgrade to version 0.17.0

The version, which is currently in OpenWrt 22.03 requires Go 1.20.

See the output:
../../../../../dl/go-mod-cache/github.com/netbirdio/wireguard-go@v0.0.0-20230524172305-5a498a82b33f/tun/tun_linux.go:362:18: undefined: errors.Join
note: module requires Go 1.20

Having Go 1.20 in OpenWrt 22.03 could be time consuming and as it is the stable branch, it seems like better idea to downgrade netbird to version 0.17.0, which is the latest version, which requires to use Go 1.19.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

Merge pull request #22598 from muink/dnsproxy-22.03

[22.03] dnsproxy: add more options

dnsproxy: new features

1. Add new options:
  --http3    Enable HTTP/3 support (H3 first)
  --timeout  Timeout for outbound DNS queries to remote upstream servers in a human-readable form (default: 10s)

2. Allows listen on multiple interfaces and ports

Signed-off-by: Anya Lin <hukk1996@gmail.com>
(cherry picked from commit 47b4ebc5cb5d3bf24c8a15a8f5cb9a99faed5e1a)
Signed-off-by: Anya Lin <hukk1996@gmail.com>

python-poetry-core: Update to 1.7.0

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit bc32e54713361dd6c3c8d676ee7b78c7eecb65eb)

python-poetry-core: Update to 1.6.1

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit ac59c69237d8be99c66134f535c96f40c0bee9c9)

expat: update to 2.5.0

Fixes: CVE-2022-43680
Added GitHub mirror.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 409dbb05c9ea0877549e0f2536dd5efce1747048)

python-calver: Add new host-only package

From the README:

The calver package is a setuptools extension for automatically defining
your Python package version as a calendar version.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit f4a18fbd3de380b4c8a689dddb4212c572fff259)

numpy: Avoid build user config files

This stops numpy from reading .numpy-site.cfg in the build user's home
directory. The code actually tries to find both .numpy-site.cfg and
site.cfg in the user's home directory; this patch prevents both.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 3cee44d88837b5679a96f0155205ec15883d5aef)

numpy: Fix compilation when OpenBLAS support is not enabled

Currently, if OpenBLAS support is not enabled, a site.cfg file is not
written and numpy will use build host paths for libraries. If the build
host has any conflicting libraries, specifically libpython3.10.a, then
compilation will fail.

This ensures site.cfg is always written with buildroot paths.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 5cafab68ff5bddf5470e7674bb0bf8d0415e8804)

numpy: Fix pyproject.toml-based build

The versions of setuptools and wheel pinned in pyproject.toml are older
than the versions available in the packages repo. This unpins the
versions so that the build can proceed.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 8d331953f34a1ed231cb24893c68606813c36824)

nmap: drop upstream backports

These patches were introduced for old version, which we had in this repository from upstream in commit 129b7c3 ("nmap: fix ncat proxy mode with upstream patches"), but because nmap was recently updated in commit c12313f ("nmap: bump to 7.93
"), they are not required anymore.

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>

python-incremental: Add missing host build dependencies

Fixes: 8d81b6732757 ("python-incremental: Update to 22.10.0, redo patch, add host build")
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 2c54b7637ea5035995e1e4caabd2105b395492ba)

python-ubus: Update to 0.1.2

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 99d8554bcd1a16e2276ffb706c3f1e823ece65f3)

python-ubus: Force old build process

This package will not build with the pyproject.toml-based build process
because it has a build dependency on pytest-runner[1].

pytest-runner has been deprecated[2], so instead of adding a package for
pytest-runner to fulfill the build dependency, force this package to use
the old build process.

[1]: https://gitlab.nic.cz/turris/python-ubus/-/blob/v0.1.1/setup.py#L35
[2]: https://github.com/pytest-dev/pytest-runner#deprecation-notice

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 4a7173d27d7969b95efac18eb34402c5fa69e3a1)

python3-packages: Set PYTHON3_PKG_BUILD:=0

This sets PYTHON3_PKG_BUILD:=0 so that python3-package.mk does not set
any default build recipes.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit bcba053fb06f4182fca9f36cdf93242cdb3f6762)

python-trove-classifiers: Add new host-only package

From the README:

Canonical source for classifiers on PyPI.

Classifiers categorize projects per PEP 301. Use this package to
validate classifiers in packages for PyPI upload or download.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 7dc6b103c5e5eb2b1c0ec1c0d9b03b94d244e6c8)

python-pathspec: Add new host-only package

From the README:

pathspec is a utility library for pattern matching of file paths. So far
this only includes Git's wildmatch pattern matching which itself is
derived from Rsync's wildmatch. Git uses wildmatch for its gitignore
files.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit a1cfdba19cde26fa79c8558f0b4a396d690c6c1a)

python-editables: Add new host-only package

From the README:

A Python library for creating "editable wheels"

This library supports the building of wheels which, when installed, will
expose packages in a local directory on sys.path in "editable mode". In
other words, changes to the package source will be reflected in the
package visible to Python, without needing a reinstall.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 4465e57e5d8ce0cc9a153a0666c5a38d00fa2e8a)

Revert "python-libraries: Force old build process"

This commit was already applied 3 weeks ago in d640b11160aaa59eeeb6b900f1b81914d548d04d, thus I bring it once again back, which was mistake as it was redone in 903003695ae5c5f21c1aae8565ec1bfbe995ba85.

This reverts commit 60f0e661c50178f9a1c993b0f397bd04053ccffe.

fail2ban: Override Build/Compile instead of Py3Build/Compile

This allows changes to the Python build system apply more easily to the
package.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 4195e5c4a8dcb0dfce8049e3e61844a3c1a90d67)

nmap: Force old Python build process

This package isn't compatible with the new Python build process yet, so
force the old build process for now.

This also adds a call to Py3Build/Install, for when the new build
process can be used.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit da55275f3bbf3987771b97f7722d3023a0a8d7c4)

nmap: update license

Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
(cherry picked from commit 0563e5092c82d03a5861cb7dc17c55d6cf0d0498)

nmap: bump to 7.93

Signed-off-by: Nuno Gonçalves <nunojpg@gmail.com>
(cherry picked from commit 43c990c43fb145c6b24ac1adbf2a5647dc1aa69e)

python-jsonschema: Remove previous build workaround

With proper support for pyproject.toml-based builds in place, this is no
longer necessary.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 107e0377637ba8ef6e46c0368b0df8f7c96a5a70)

python-exceptiongroup: Remove previous build workaround

With proper support for pyproject.toml-based builds in place, this is no
longer necessary.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 773450269365bc1710c8c85b52566d0db0bb0b27)

python-astral: Remove BROKEN

With proper support for pyproject.toml-based builds in place, this
package will now build.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 628202d269f9cef99084380418c77972510a753a)

onionshare-cli: Force old Python build process

This package requires poetry to build using the new Python build process
but poetry is not available, so force the old build process for now.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 705176cd6ab47ff51ca75a9f05e97c2e4804f6cc)

python-libraries: Force old build process

These packages will need adjustments to work with pyproject.toml-based
builds, so set PYTHON3_PKG_FORCE_DISTUTILS_SETUP:=1 to force the old
build process (when pyproject.toml-based builds are in place) for now.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit e6ae9e29d59001a8c31781c1e2c32261f34c05be)

python-twisted: Update to 22.10.0

Includes fix for CVE-2022-39348 (NameVirtualHost Host header injection).

This adds a build dependency that will be required for
pyproject.toml-based builds.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 56b10770fc0741c79b697e9954b27090a4560a9a)

python-pytest-forked: Update to 1.6.0

The overly-strict build requirements in 1.3.0[1] would cause a build
failure with pyproject.toml-based builds.

[1]: https://github.com/pytest-dev/pytest-forked/blob/v1.3.0/pyproject.toml#L2

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 17d5bf224cd432bf0cb9c683f17fc9fb5415a6e4)

python-jsonschema: Add build dependencies

These will be required for pyproject.toml-based builds.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit b1a8e4769f333120b7e925f4782593f04e7c68fd)

python-exceptiongroup: Update to 1.1.1

This adds a build dependency that will be required for
pyproject.toml-based builds.

This also removes the run-time dependency on python3-attrs; there is no
indication this package is required.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 59b7a81964c879e9a92af3122916f8d33ac2ee0a)

python-dns: Update to 2.3.0

This adds a build dependency that will be required for
pyproject.toml-based builds.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 68c0c77df6b8f4509859a93344715a7fb21f864e)

python-cryptography: Update patch to disable Rust

This extends the patch to also apply for pyproject.toml-based builds.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 0b5091bbff52ef8e2e8b6b1f173928088ebe5cc6)

python-astral: Update to 3.2

This adds a build dependency that will be required for
pyproject.toml-based builds.

This also marks the package as BROKEN (for now) as it requires proper
support for pyproject.toml-based builds.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 1a1b4445715a9970f1d9d3964e06e965c8693531)