George Sapkin [Wed, 6 Aug 2025 19:41:53 +0000 (22:41 +0300)]
syncthing: improve discovery argument parsing
Fixes: 47644ba46 ("syncthing: fix discovery and relay extra args")
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
6ccb3b6174d319666bcdd1319b2be4fa7cbd9b30)
George Sapkin [Wed, 30 Jul 2025 13:54:03 +0000 (16:54 +0300)]
syncthing: fix discovery and relay extra args
Update configuration option examples.
Fixes: #26952
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
47644ba468fd03f805bf1afa97df589e1f4160b5)
Stan Grishin [Tue, 16 Sep 2025 00:32:49 +0000 (00:32 +0000)]
adblock-fast: bugfix: dl command
* only test gzip existence and reset action/param on boot
Signed-off-by: Stan Grishin <[email protected]>
(cherry picked from commit
de3deab1a6c3bb7126df41758585f67c22f17230)
Michael Heimpold [Mon, 8 Sep 2025 05:37:26 +0000 (07:37 +0200)]
php8: update to 8.3.25
Upstream changelog:
https://www.php.net/ChangeLog-8.php#8.3.25
Signed-off-by: Michael Heimpold <[email protected]>
Nate Robinson [Fri, 29 Aug 2025 03:15:02 +0000 (23:15 -0400)]
lf: update to r37
https://github.com/gokcehan/lf/releases/tag/r37
Signed-off-by: Nate Robinson <[email protected]>
(cherry picked from commit
87054232019314c7858da0f2ff46070afa545d93)
Tianling Shen [Sat, 6 Sep 2025 08:35:40 +0000 (16:35 +0800)]
arp-whisper: do not lock deps
The version specified in Cargo.lock is too old to build.
Trim whitespaces while at it.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
6f6ad3fe1c96db67a267c65f1e5521919e778899)
Tianling Shen [Sun, 7 Sep 2025 12:07:22 +0000 (20:07 +0800)]
v2raya: Update to 2.2.7.1
Release note: https://github.com/v2rayA/v2rayA/releases/tag/v2.2.7.1
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
3eb22bc1f8a13e341b05c454ed96ad254d6072b5)
Tianling Shen [Mon, 25 Aug 2025 07:31:33 +0000 (15:31 +0800)]
v2raya: Update to 2.2.7
Release note: https://github.com/v2rayA/v2rayA/releases/tag/v2.2.7
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
5d2c9239760c8d55001b839504f7564303e631d7)
Gregory Gullin [Sat, 16 Aug 2025 12:05:14 +0000 (15:05 +0300)]
nnn: update to version 5.1
Release notes: https://github.com/jarun/nnn/compare/v4.9...v5.1
Signed-off-by: Gregory Gullin <[email protected]>
(cherry picked from commit
ebb0d87450c9bbf1008990ddc2c68d3cfdae5f5a)
Glenn Strauss [Fri, 12 Sep 2025 22:05:57 +0000 (18:05 -0400)]
lighttpd: update to lighttpd 1.4.82 release hash
Ref: https://www.lighttpd.net/2025/9/12/1.4.82/
Signed-off-by: Glenn Strauss <[email protected]>
(cherry picked from commit
c8e1b9af9985384fe356a3af29019ac204438393)
Glenn Strauss [Sun, 17 Aug 2025 07:45:36 +0000 (03:45 -0400)]
lighttpd: update to lighttpd 1.4.81 release hash
https://www.lighttpd.net/2025/8/17/1.4.81/
Signed-off-by: Glenn Strauss <[email protected]>
(cherry picked from commit
62dbf8c87f1648696b7ee53acc8c15fcc84776ff)
John Audia [Fri, 18 Jul 2025 13:46:45 +0000 (09:46 -0400)]
snort3: fix logic in gpertools-runtime depends
The logic in
e57cc9898a362d81e8dec5dd779293e6ff3d4710 was flawed causing
gperftools-runtime to fail to get detected when building resulting in:
...
ninja: Entering directory `/scratch/union/build_dir/target-x86_64_glibc/snort3-3.9.1.0'
ninja: error: '/scratch/union/staging_dir/target-x86_64_glibc/usr/lib/libtcmalloc.so', needed by 'src/snort', missing and no known rule to make it
make[2]: *** [Makefile:161: /scratch/union/build_dir/target-x86_64_glibc/snort3-3.9.1.0/.built] Error 1
It was missed due testing in build root that already had gperftools-runtime
built only discovered when building from a clean build root.
This commit fixes this flaw.
Test:
cat <<EOF > .config
CONFIG_TARGET_x86=y
CONFIG_TARGET_x86_64=y
CONFIG_TARGET_x86_64_DEVICE_generic=y
CONFIG_PACKAGE_snort3=y
EOF
make defconfig
grep gperftools-run .config
CONFIG_PACKAGE_gperftools-runtime=y
cat <<EOF > .config
CONFIG_TARGET_qoriq=y
CONFIG_TARGET_qoriq_generic=y
CONFIG_TARGET_qoriq_generic_DEVICE_watchguard_firebox-m300=y
CONFIG_PACKAGE_snort3=y
EOF
make defconfig
grep gperftools-run .config
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
257e2fc38aa694604e7be9e70e58082037133434)
John Audia [Tue, 12 Aug 2025 07:52:32 +0000 (03:52 -0400)]
snort3: update to 3.9.3.0
Changelog: https://github.com/snort3/snort3/releases/tag/3.9.3.0
Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc (Intel N150 based box)
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
f8ace6e398a161ef661c51483b0ecdea19201d4a)
Dan Srebnick [Mon, 1 Sep 2025 15:45:15 +0000 (11:45 -0400)]
ampr-ripd: script improvements and add QA script
Added test.sh
Predetermine count used by for loops in Makefile postrm
Implemented extra_command in initscript
Resolved shellcheck issues
Bump release
Signed-off-by: Dan Srebnick <[email protected]>
(cherry picked from commit
551ef4a7c1abe3be192d7eba9f7a193e54e92dd0)
Dan Srebnick [Thu, 3 Apr 2025 20:15:33 +0000 (16:15 -0400)]
ampr-ripd: Initial package release
This project can be used with the OpenWrt SDK to generate a package
for ampr-ripd. It is intended for use only by licensed amateur radio
operators. ampr-ripd is a modified RIPv2 listener that provides
route information for ARDC IPIP Mesh tunnels.
Signed-off-by: Dan Srebnick <[email protected]>
(cherry picked from commit
19249742cda92b6895ba236ca6fb3acac5abeacc)
Lukas Voegl [Fri, 27 Jun 2025 10:36:57 +0000 (12:36 +0200)]
treewide: include `nls.mk` when depending on glib2
When compiling glib2 with NLS, it automatically sets linker flags to `-lglib-2.0 -lintl` in pkg-config (.pc) files.
Signed-off-by: Lukas Voegl <[email protected]>
(cherry picked from commit
7ee547b4402b85ff3ede78cdcd997484fc620fa4)
Daniel Golle [Sat, 26 Apr 2025 04:07:26 +0000 (05:07 +0100)]
fluidsynth: update to version 2.4.5
fluidsynth 2.4.5
Prebuilt Windows Binaries were missing SDL3.dll
(FluidSynth/fluidsynth#1510)
Fix SDL3 intercepting signals, causing CTRL+C to not quit fluidsynth
(FluidSynth/fluidsynth#1509)
Fix a few flaws in the AWE32 NRPN implementation
(FluidSynth/fluidsynth#1452, FluidSynth/fluidsynth#1473)
A regression introduced in 2.4.4 broke drum preset selection for XG
MIDIs (FluidSynth/fluidsynth#1508)
Fix for OpenMP thread affinity crashes on Android devices
(FluidSynth/fluidsynth#1521, thanks to @looechao)
Fix fluidsynth's systemd user daemon being unable to create lock
file on some distros (FluidSynth/fluidsynth#1527, thanks to
@andrew-sayers)
Fix fluidsynth ignoring initialFilterFc generator limits
(FluidSynth/fluidsynth#1502)
A regression introduced in 2.3.6 prevented SF2 NRPN messages from
being processed correctly (FluidSynth/fluidsynth#1536)
fluidsynth 2.4.4
Support for SDL3 has been added, support for SDL2 has been
deprecated (FluidSynth/fluidsynth#1485, FluidSynth/fluidsynth#1478,
thanks to @andyvand)
Soundfonts that are not respecting the 46 zero-sample padding-space
previously sounded incorrect when
synth.dynamic-sample-loading was active (FluidSynth/fluidsynth#1484)
Allow drum channels to profit from Soundfont Bank Offsets by no
longer ignoring MSB Bank changes (FluidSynth/fluidsynth#1475)
Revise the preset fallback logic for drum channels
(FluidSynth/fluidsynth#1486)
A regression introduced in 2.4.1 may have caused interrupted
real-time playback when voices were using the lowpass filter
(FluidSynth/fluidsynth#1481)
Improve multi-user experience when running fluidsynth as systemd
service (FluidSynth/fluidsynth#1491, thanks to @andrew-sayers)
Fix ordering and dependencies of fluidsynth's systemd service
(FluidSynth/fluidsynth#1500, thanks to @fabiangreffrath)
Revise fluidsynth's man page (FluidSynth/fluidsynth#1499, thanks to
@fabiangreffrath)
fluidsynth 2.4.3
It was discovered, that exclusive class note terminations were too
slow (FluidSynth/fluidsynth#1467, thanks to @mrbumpy409)
Fix a regression introduced in 2.4.0 that allowed the amplitude of a
voice playing in delay phase to rise infinitely
(FluidSynth/fluidsynth#1451)
MSGS drum-style note-cut has been converted to an opt-in setting
synth.note-cut (FluidSynth/fluidsynth#1466)
Support for SDL2 has been disabled by default*
(FluidSynth/fluidsynth#1472)
Fix a regression introduced in 2.4.1 that could have caused infinite
audio gain output for some MIDI files under certain configurations
(FluidSynth/fluidsynth#1464)
Silence a warning issued by Systemd v254+
(FluidSynth/fluidsynth#1474, thanks to @andrew-sayers)
fluidsynth 2.4.2
Fix audible clicks when turning off voices while using a high filter
resonance (FluidSynth/fluidsynth#1427)
Fix a build failure with MSYS2 and MinGW when processing
VersionResource.rc (FluidSynth/fluidsynth#1448, thanks to @pedrolcl)
Fix a crash on startup when there are no MIDI devices available on
Windows (FluidSynth/fluidsynth#1446, thanks to @pedrolcl)
Restore discovery of libsndfile (FluidSynth/fluidsynth#1445)
Fix a race condition when loading SF3 files containing multiple
uncompressed samples (FluidSynth/fluidsynth#1457)
fluidsynth 2.4.1
Enable libsndfile to use filename with non-ASCII characters on
Windows (FluidSynth/fluidsynth#1416, thanks to @pedrolcl and
@stardusteyes)
Fix a few commandline encoding related issues on Windows
(FluidSynth/fluidsynth#1388, FluidSynth/fluidsynth#1421, thanks to
@pedrolcl)
Fix build errors on Windows (FluidSynth/fluidsynth#1419,
FluidSynth/fluidsynth#1422, thanks to @carlo-bramini)
Fix clicks and pops caused when changing parameters of the lowpass
filter (FluidSynth/fluidsynth#1415, FluidSynth/fluidsynth#1417,
FluidSynth/fluidsynth#1424)
Minor adjustment to AWE32 NRPN behavior (FluidSynth/fluidsynth#1430)
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
dd8780e253934ad57afde016679c1f7e498e2be0)
Daniel Golle [Thu, 7 Nov 2024 20:20:50 +0000 (20:20 +0000)]
fluidsynth: add package
Package Fluidsynth wavetable MIDI synth.
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
b734716f1573cea4037e0ebda4af23b54f659095)
Daniel Golle [Sat, 26 Apr 2025 03:29:59 +0000 (04:29 +0100)]
glib-networking: update to version 2.80.1
2.80.1 - January 8, 2025
========================
- OpenSSL: fix crash in complete_handshake (!251, Dario Saccavino)
- OpenSSL: fix invalid free in openssl_get_binding_tls_server_end_point() (!255)
- TLS test should handle G_IO_ERROR_WOULD_BLOCK (!253, Richard Purdie and Alexander Kanavin)
- Updated translations
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
b49f4cc0a3bcc9afe04d91abe80fa25ca48037a7)
Daniel Golle [Mon, 11 Nov 2024 19:36:35 +0000 (19:36 +0000)]
glib-networking: add package
Add GIO modules for TLS support as well as defining proxies via well-known
environment variables.
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
223d7e2995bb77c41890fb3edbacecec5c5ae1d3)
Daniel Golle [Tue, 5 Nov 2024 03:18:16 +0000 (03:18 +0000)]
shared-mime-info: fix post-install behaviour
Move post-install script to /etc/uci-defaults so it always runs on the
target and doesn't require the host to provide 'update-mime-database'.
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
0b2bd76ed16ce0ec752c950ae26a438ba4eb93d5)
Tianling Shen [Fri, 5 Sep 2025 14:03:15 +0000 (22:03 +0800)]
rust: add loongarch64 and powerpc to supported targets
Also removed i686 as OpenWrt replaces it with i386 in $(ARCH).
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
a5c3fd1fee7185265f0bb1b1b969f4b5afbf94c9)
Roman Azarenko [Wed, 13 Aug 2025 11:28:33 +0000 (13:28 +0200)]
nginx: update CPE ID
Looking at the official CPE dictionary [1], `cpe:/a:nginx:nginx` was
only used until 1.21.4 inclusively. Later it was renamed to
`cpe:/a:f5:nginx`, and it showed up in a few more non-contiguous
versions numbers after 1.21.4.
In all nginx security advisories [2] starting from year 2024, the CPE
ID used is `cpe:/a:f5:nginx_open_source`. This includes versions 1.25.0
and newer.
Update the CPE ID to the newest known value of `cpe:/a:f5:nginx_open_source`
used in nginx's own security advirosies/CVEs.
[1]: https://nvd.nist.gov/products/cpe
[2]: https://nginx.org/en/security_advisories.html
Signed-off-by: Roman Azarenko <[email protected]>
(cherry picked from commit
973a26fc6308816de542b5a55a590868b8014fdb)
Robert Marko [Wed, 5 Mar 2025 13:03:40 +0000 (14:03 +0100)]
nginx: actually download the specified git commit hash
Currently, we are using Download recipes to download the various modules,
however we are using then with PROTO:=git but SOURCE_VERSION is not set,
only VERSION variable so thus the dl_github_archive.py scripts gets called
with --version="" instead of being actually passed the desired commit hash
and thus actually the git head is fetched.
This explains why currently buildbots are failling with
nginx-mod-njs/104-endianness_fix.patch failling to apply since buildbots
are using prepackaged tarballs which are different than what we get when
manually building.
So, lets set SOURCE_VERSION to make sure we actually fetch the desired
git commit hash.
Signed-off-by: Robert Marko <[email protected]>
(cherry picked from commit
ea29db6daafae611b85e4df22378d02556fcedeb)
Signed-off-by: Roman Azarenko <[email protected]>
Vladimír Čunát [Thu, 31 Jul 2025 06:53:26 +0000 (08:53 +0200)]
knot-resolver: update to version 5.7.6
Knot Resolver 5.7.6 (2025-07-17)
================================
Security
--------
- DoS: fix a rare segfault in `resolve` function (!1720)
Someone controlling the DNS traffic might be able
to trigger this crash intentionally and too often.
- DoS: drop a wrong assertion/crash (!1721)
Someone controlling the DNS traffic will most likely be able
to trigger this crash intentionally and too often.
Knot Resolver 5.7.5 (2025-04-24)
================================
Security
--------
- DoS: fix unconfirmed crashes with the line below (!1683)
[system] requirement "h && h->end > h->begin" failed in queue_pop_impl
Improvements
------------
- tests: disable problematic config.http test (#925, !1678)
- validator: accept a confusing NODATA proof with insecure delegation (!1678)
Bugfixes
--------
- daemon/http: DoH stream got stuck after returning an error code (!1652)
- stats: request latency was very incorrect in some cases (!1678)
Signed-off-by: Vladimír Čunát <[email protected]>
(cherry picked from commit
4f22b4dcebe7d660a198bfa218a205ec5ecd2e0d)
Vladimír Čunát [Thu, 31 Jul 2025 06:55:46 +0000 (08:55 +0200)]
knot-resolver: update DNSSEC root trust anchors
This is long overdue. Honestly I dislike that packaging
is hardcoding it this way. It's error-prone, as we can see.
Knot Resolver source does contain the up to date anchors,
and it also (optionally) installs them. Still, I'm not up to
larger changes in OpenWrt packaging right now.
Signed-off-by: Vladimír Čunát <[email protected]>
(cherry picked from commit
47f8b88f43c614b7f683dcdf941e47d4c1e45b98)
Wesley Gimenes [Tue, 5 Aug 2025 17:14:55 +0000 (14:14 -0300)]
CONTRIBUTING.md: accept only real names in the SoB
Follow the rule from the Submission Guidelines:
https://openwrt.org/submitting-patches#submission_guidelines
And the shared formal check:
https://github.com/openwrt/actions-shared-workflows/blob/
ba03db3b5ae747ed9f38df6c96eb4a37a9f7f7c5/.github/workflows/formal.yml#L37-L43
And this commit
07c12180097283a7a53d14d173d7a7e6a1c43be8
Signed-off-by: Wesley Gimenes <[email protected]>
(cherry picked from commit
0934d86240f7d365ab973d92f4ba3612d2db872a)
Richard Muzik [Fri, 18 Jul 2025 11:30:08 +0000 (13:30 +0200)]
python-twisted: Update to 25.5.0
This update fixes CVE-2024-41810 and CVE-2024-41671 [1]. For the full
changelog see NEWS [2].
Additionally changed the way the test files are omitted from patch file
to filespec in the Makefile.
[1] https://github.com/twisted/twisted/blob/twisted-25.5.0/NEWS.rst#twisted-2470-2024-08-08
[2] https://github.com/twisted/twisted/blob/twisted-25.5.0/NEWS.rst
Signed-off-by: Richard Muzik <[email protected]>
(cherry picked from commit
e09ffebce1b12fe883071e845ec1d618a15e00f3)
Richard Muzik [Mon, 21 Jul 2025 07:47:37 +0000 (09:47 +0200)]
git: update to 2.50.1
- Refresh and rebase patches
Signed-off-by: Richard Muzik <[email protected]>
(cherry picked from commit
a162c5dddc148f0ffe49add1afe1b59bcaf6d66d)
Alexandru Ardelean [Thu, 7 Aug 2025 09:05:16 +0000 (12:05 +0300)]
sudo: bump to version 1.9.17p2
This change bumps sudo to version 1.9.17p2
Signed-off-by: Alexandru Ardelean <[email protected]>
(cherry picked from commit
1e391d05205275c4f6304cf3c2595bf301726605)
John Audia [Sun, 17 Aug 2025 22:51:05 +0000 (18:51 -0400)]
lxc: update to 6.0.5
6.0.5 is a bug fix release, see:
https://discuss.linuxcontainers.org/t/lxc-6-0-5-lts-has-been-released/24438
Full changelog: https://github.com/lxc/lxc/compare/v6.0.4...v6.0.5
Build system: x86/64
Build-tested: x86/64-glibc
Run-tested: x86/64-glibc (Intel N150 based box)
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
ab1f60b74d5614ed4a38627aaf467127ae96afd7)
John Audia [Fri, 11 Apr 2025 14:25:58 +0000 (10:25 -0400)]
lxc: update to 6.0.4
Added upstream patch to fix starting containers with complex hooks.
No existing patches needed to be rebased/simple version bump to 6.0.4.
Build system: x86/64
Build-tested: x86/64
Run-tested: x86/64
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
343f1151f9aa88a4798202a7d538c27ebcc00ac0)
John Audia [Fri, 14 Mar 2025 21:54:47 +0000 (17:54 -0400)]
lxc: add two files to default backup list
Users running unprivileged containers will need to create
/etc/subgid and /etc/subuid and want to have them preserved
across updates. This commit adds them to the default backup set.
Signed-off-by: John Audia <[email protected]>
Co-authored-by: Tianling Shen <[email protected]>
(cherry picked from commit
6fe80f5586bb8471d6e493a4e298e4b0da90a9bd)
John Audia [Sun, 9 Mar 2025 18:34:35 +0000 (14:34 -0400)]
lxc: lxc-checkconfig fix typo
Fix a typo introduced in https://github.com/openwrt/packages/pull/25719/commits/
fd686a32209f74cd12ca434bc3245ef0f7589c46
which partially broke lxc-checkconfig
Build system: x86/64
Build-tested: bcm27xx/bcm2712
Run-tested: bcm27xx/bcm2712
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
f32083fa27dddca5257af3549e070aab1c9c276e)
John Audia [Tue, 16 Jul 2024 19:23:36 +0000 (15:23 -0400)]
lxc: fix decompression of rootfs tarballs
Modified 025-remove-unsupported-option.patch to both remove
the bsdtar command as it ends in errors, see below, and to
circumvent an error when extracting to overlayfs[1].
Error when extracting rootfs tarball with bsdtar:
tar --absolute-names --numeric-owner '--xattrs-include=*' -xpJf /var/cache/lxc//download/archlinux/current/amd64//default/rootfs.tar.xz -C /mnt/data/lxc/test/rootfs
./usr/bin/newgidmap: Cannot restore extended attributes on this system: Illegal byte sequence
lxc-create: test: ../src/lxc/lxccontainer.c: create_run_template: 1589 Failed to create container from template
lxc-create: test: ../src/lxc/tools/lxc_create.c: lxc_create_main: 318 Failed to create container test
1. https://github.com/openwrt/openwrt/issues/15888
Signed-off-by: John Audia <[email protected]>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
96c96fe04115de8d46639aaeeb63b94ed5dcb325)
John Audia [Fri, 12 Jul 2024 17:57:10 +0000 (13:57 -0400)]
lxc: add gnu-tar as a depends to fix lxc-create
Add gnu-tar as a dependency for lxc-create which is needed to
properly extract the root file system tarball. Without it,
symlink target of /bin/tar is busybox and it lacks proper
support to extract with xattrs. The default gnu-tar is actually
built without this support as well, but it is able to extract
the rootfs tarballs with a warning not an error which is not the
case with busybox which ends in an error.
Signed-off-by: John Audia <[email protected]>
Build system: x86/64
Build-tested: x86/64/AMD Cezanne
Run-tested: x86/64/AMD Cezanne
(cherry picked from commit
b74dc8a119edd75454e03caa121ccb305fd29c3c)
John Audia [Thu, 9 Jan 2025 22:35:33 +0000 (17:35 -0500)]
lxc: add missing deps
Several deps are missing based the output of lxc-checkconfig shown below
before this commit is applied.
CONFIG_IP_NF_TARGET_MASQUERADE and CONFIG_IP6_NF_TARGET_MASQUERADE are
only needed for lxc-net which we do not package.
% lxc-checkconfig | grep missing
Cgroup device: missing
CONFIG_IP_NF_TARGET_MASQUERADE: missing
CONFIG_IP6_NF_TARGET_MASQUERADE: missing
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: missing
FUSE (for use with lxcfs): missing
checkpoint restore: missing
CONFIG_UNIX_DIAG: missing
CONFIG_INET_DIAG: missing
CONFIG_PACKET_DIAG: missing
CONFIG_NETLINK_DIAG: missing
Additionally, two new patches have been added which remove checks for
options that OpenWrt currently does not package and can serve are
false positives for missing items from our kernel config, namely:
lxc-net and lxc-checkpoint
After applying this commit, below is the output showing that the kernel
config[1] should pass all tests for functionality:
% CONFIG=config ./lxc-checkconfig
LXC version 6.0.3
--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled
Namespace limits:
cgroup: 383849
ipc: 383849
mnt: 383849
net: 383849
pid: 383849
time: 383849
user: 383849
uts: 383849
--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
Cgroup v2 mount points:
- /sys/fs/cgroup
Cgroup device: enabled
Cgroup sched: enabled
Cgroup cpu account: enabled
Cgroup memory controller: enabled
Cgroup cpuset: enabled
--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, loaded
--- Checkpoint/Restore ---
checkpoint restore: missing
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled
1. Generated on 23-Feb-2025 running bcm27xx/bcm2712 on r28869+1
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
ba7e4dccec3508c72bae7939d649b17aa9d4faaf)
John Audia [Fri, 10 Jan 2025 02:48:25 +0000 (21:48 -0500)]
lxc: remove check for options we do not package
We do not package lxc-net or lxcfs so remove the lines within
lxc-checkconfig that looks forCONFIG_IP_NF_TARGET_MASQUERADE and
CONFIG_IP6_NF_TARGET_MASQUERADE which, as far as I know, is the only
part of lxc that needs them. Also remove the check for FUSE since we do
not pakcage lxcfs.
Without this commit, users will see these two as missing.
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
57434a290d1f29112e130620531286845476d63c)
John Audia [Fri, 20 Dec 2024 16:22:54 +0000 (11:22 -0500)]
lxc: update to 6.0.3
No patches needed to be rebased/simple version bump.
Build system: x86/64
Build-tested: x86/64
Run-tested: x86/64
Signed-off-by: John Audia <[email protected]>
(cherry picked from commit
f8587b9ec49a77ea4f2663853e257fe61e2d052e)
Aleksey Vasilenko [Fri, 22 Aug 2025 21:16:47 +0000 (00:16 +0300)]
subversion: update to 1.14.5
update to 1.14.5
Signed-off-by: Aleksey Vasilenko <[email protected]>
(cherry picked from commit
9443e91b6e817ec0eb53bb08d3bec13df2fee06b)
Aleksey Vasilenko [Fri, 22 Aug 2025 22:59:21 +0000 (01:59 +0300)]
ffmpeg: update to 6.1.3
- Remove 2 upstreamed patches
Signed-off-by: Aleksey Vasilenko <[email protected]>
(cherry picked from commit
114f412408922f39e11b9f1365003f6a9ca563ec)
Rosen Penev [Fri, 2 May 2025 23:04:46 +0000 (16:04 -0700)]
ffmpeg: add libatomic dependency
Some platforms lack builtin atomics and use libatomic. Add it.
Backport various patches to fix some warnings.
Signed-off-by: Rosen Penev <[email protected]>
(cherry picked from commit
e64ca4a0dc53fb6496fbb4c7842d60303bd1d012)
Rosen Penev [Wed, 30 Apr 2025 23:21:04 +0000 (16:21 -0700)]
ffmpeg: fix compilation with GCC14
Upstream backport.
Signed-off-by: Rosen Penev <[email protected]>
(cherry picked from commit
ac258c05ecadc79de47e51e1df5ecdde75f0abea)
Sebastian Hamann [Tue, 19 Aug 2025 11:53:33 +0000 (13:53 +0200)]
nut: switch to https:// download URL
Signed-off-by: Sebastian Hamann <[email protected]>
(cherry picked from commit
f5371ab4347ea1104a0e3c4075fb071947075216)
Luiz Angelo Daros de Luca [Sun, 31 Aug 2025 21:46:36 +0000 (18:46 -0300)]
ruby: update to 3.3.9
3.3.9 release includes the following security fix of default gems:
- CVE-2025-24294: Possible Denial of Service in resolv gem
And the following fixes for build issues:
- GCC 15.1
- Visual Studio 2022 Version 17.14
3.3.7 and 3.3.8 are routine update that includes minor bug fixes.
Signed-off-by: Luiz Angelo Daros de Luca <[email protected]>
(cherry picked from commit
59880e81a62446b44106d8d3455583e2d414c2c4)
Luiz Angelo Daros de Luca [Sun, 1 Dec 2024 18:44:07 +0000 (15:44 -0300)]
ruby: update to 3.3.6
Ruby 3.3.6 is a routine update that includes minor bug fixes. It also
stops warning missing default gem dependencies that will be bundled gems
in Ruby 3.5.
Link: https://github.com/ruby/ruby/releases/tag/v3_3_6
Signed-off-by: Luiz Angelo Daros de Luca <[email protected]>
(cherry picked from commit
2b999558db0711124f7b5cf4afa201557352f694)
Daniel Golle [Sat, 9 Nov 2024 23:21:50 +0000 (23:21 +0000)]
ruby: include JSON modules in host build
Ruby JSON modules are used to build WebKitGTK.
Include them in the host build.
Signed-off-by: Daniel Golle <[email protected]>
(cherry picked from commit
c667ae2efb4ad66d80f2bbc1348eda53a7e2049d)
Wesley Gimenes [Wed, 4 Jun 2025 02:36:52 +0000 (23:36 -0300)]
gihub: fix PR template broken URL
changes the relative URL in the PR template to an absolute URL
to resolve a "Not Found" error.
Signed-off-by: Wesley Gimenes <[email protected]>
(cherry picked from commit
ae6fd69de587bb450ce868416be03fbc782c9e4e)
Carl-Daniel Hailfinger [Wed, 3 Sep 2025 07:55:02 +0000 (09:55 +0200)]
realtek-poe: increase version to 1.3
* Add support for RTL8238B
Signed-off-by: Carl-Daniel Hailfinger <[email protected]>
(cherry picked from commit
a80cc41f202b1ce48cd017560eb413f995313b2d)
Josef Schlehofer [Thu, 14 Aug 2025 11:59:52 +0000 (13:59 +0200)]
python3: update to version 3.11.13
Release notes:
https://docs.python.org/release/3.11.13/whatsnew/changelog.html#python-3-11-13
Fixes CVEs:
CVE 2024-12718
CVE 2025-4138
CVE 2025-4330
CVE 2025-4517
Patch refreshed
Signed-off-by: Josef Schlehofer <[email protected]>
(cherry picked from commit
3686cbe4177972f564380f9e691cd4530a9b88b9)
Tianling Shen [Tue, 9 Sep 2025 13:14:51 +0000 (21:14 +0800)]
dufs: Update to 0.45.0
Removed upstreamed patches.
Release note: https://github.com/sigoden/dufs/releases/tag/v0.45.0
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
f7df64100dbff95a6bc715d3f5d2bb27d8644d3b)
Tianling Shen [Sun, 24 Aug 2025 15:14:02 +0000 (23:14 +0800)]
dufs: backport upstream fixes
Including one security fix.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
bc2d10333b54ab71b7163538bb1bcc69df034053)
Tianling Shen [Fri, 22 Aug 2025 11:37:27 +0000 (19:37 +0800)]
dufs: Update to 0.44.0
Release note: https://github.com/sigoden/dufs/releases/tag/v0.44.0
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
0cb83250b3ec25b9fae92b2cf0fa272dc22cf93a)
Tianling Shen [Sun, 7 Sep 2025 12:09:10 +0000 (20:09 +0800)]
openlist: Update to 4.1.2
Release note: https://github.com/OpenListTeam/OpenList/releases/tag/v4.1.2
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
23475cb50ee281f1a753fd6b7c636475daf73b0c)
Tianling Shen [Mon, 25 Aug 2025 07:32:48 +0000 (15:32 +0800)]
openlist: Update to 4.1.1
Release note: https://github.com/OpenListTeam/OpenList/releases/tag/v4.1.1
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
713b37dd200c0c1e0899907535a5b3ca62c86d6d)
Tianling Shen [Sun, 7 Sep 2025 12:07:00 +0000 (20:07 +0800)]
v2ray-geodata: Update to latest version
Update all geodata.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
9690cb87d1e8ef455984dd657410942489c57b8d)
Tianling Shen [Mon, 25 Aug 2025 07:35:35 +0000 (15:35 +0800)]
v2ray-geodata: Update to latest version
Update all geodata.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
802e874d744e4575ccc40c1c15ead3327d7d715b)
Hannu Nyman [Wed, 3 Sep 2025 16:36:19 +0000 (19:36 +0300)]
sing-box: Properly set only the full variant as default
Adjust the variant definition so that DEFAULT_VARIANT is only applied
to the full variant.
Set the title of the full variant to 'full' for menuconfig.
Signed-off-by: Hannu Nyman <[email protected]>
(cherry picked from commit
2e2cc335a6968bad3b4ade69ca53831d91aa9c6f)
Van Waholtz [Sun, 31 Aug 2025 17:22:20 +0000 (01:22 +0800)]
sing-box: add variant tiny
The tiny version disables tailscale by default for small package size.
OpenWrt also has the tailscale package as an alternative. We prefer
to keep the base version has the same build tags with the upstream
releases for compatibility.
Signed-off-by: Van Waholtz <[email protected]>
(cherry picked from commit
16ada8307b0170bb4343ae7e163bd3dc9aa98b49)
Anton P. [Sat, 30 Aug 2025 15:36:40 +0000 (18:36 +0300)]
sing-box: Update to 1.12.4
changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.12.4
Signed-off-by: Anton P. <[email protected]>
(cherry picked from commit
28ac7b8dc14bb46efd8f8ed8d7e4ca516674808c)
Tianling Shen [Sun, 31 Aug 2025 06:43:02 +0000 (14:43 +0800)]
libtorrent-rasterbar: update boost dependencies
libtorrent only links to boost headers since boost 1.69.
Remove boost-system from the dependencies and add boost as build
dependency.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
7be94fac3708ba2ae15abcb2a92435a57b05dd37)
Eric Fahlgren [Wed, 3 Sep 2025 17:00:45 +0000 (10:00 -0700)]
owut: update to 2025.09.03
Bug fixes:
efahl/owut@
5743eea3bcda owut: suppress all but json output when using dump
efahl/owut@
efe39e2e3897 owut: handle sigint (ctrl-c) properly
Enhancements:
efahl/owut@
49e9bce7b8c3 owut: provide download progress for slow connections
Signed-off-by: Eric Fahlgren <[email protected]>
(cherry picked from commit
96ab3378d0d9ff90a5c9a5c676ada64501a8c501)
George Sapkin [Tue, 26 Aug 2025 17:30:43 +0000 (20:30 +0300)]
yt-dlp: bump to 2025.08.22
Changelog: https://github.com/yt-dlp/yt-dlp/releases/tag/2025.08.22
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
e604458151433192273c0202185b33e97ce96b01)
Stan Grishin [Tue, 26 Aug 2025 03:46:56 +0000 (03:46 +0000)]
adblock-fast: update to 1.1.4-r12
README:
* update header
Init-script:
* set an earlier start to get triggers to work
* better str_contains
* improve readability of json() by getting rid of cascading case statements
* add new errors/status messages to get_text()
* prepare get_text() for localization by switching to inline printf
* adjust shellcheck disable comments where needed
* parse unbound config for DNS hijack ports
* test if the archived cache exists on boot and proceed to use it if it does
* add trigger waiting status so that luci app can display correct status
* do not run adb_config_update on boot, speeding up trigger setup
Signed-off-by: Stan Grishin <[email protected]>
(cherry picked from commit
ea6111a4a041694258d36eda1b3abd9847bb09c8)
Thibaut VARÈNE [Fri, 13 Jun 2025 12:44:46 +0000 (14:44 +0200)]
libradcli: fix build options
The provided Config.in was never sourced from the Makefile, making it
impossible to toggle TLS support.
This commit adds the necessary Makefile glue to fix this.
Also default to TLS disabled, as was the de-facto case since Config.in
was never sourced (and thus the default 'y' never enabled).
Signed-off-by: Thibaut VARÈNE <[email protected]>
(cherry picked from commit
5ffca82f54e7bb611c04ddcc60ee3f81f36cf77e)
Hannu Nyman [Wed, 27 Aug 2025 19:29:33 +0000 (22:29 +0300)]
sing-box: Revert "sing-box: update to 1.12.3"
This reverts commit
6356527dd50cd86d8ad16af0ac552603b7b84957.
sing-box 1.12.3 is apparently buggy and crashes.
Reference to #27346 and #27339
Let's revert the upgrade.
Signed-off-by: Hannu Nyman <[email protected]>
CupIvan [Sun, 24 Aug 2025 13:39:11 +0000 (16:39 +0300)]
yggdrasil: update to 0.5.12
Signed-off-by: Ivan Chashkin <[email protected]>
Jan-Niklas Burfeind [Sat, 23 Aug 2025 15:46:18 +0000 (17:46 +0200)]
uradvd: provide warning upon disabled configuration
which grants clarity and better traceability.
Signed-off-by: Jan-Niklas Burfeind <[email protected]>
(cherry picked from commit
e7a46671756d190309f7b6d03a129373d847306e)
Jan-Niklas Burfeind [Thu, 21 Aug 2025 19:34:42 +0000 (21:34 +0200)]
uradvd: Update to 2025-08-16
Provide four new options:
--valid-lifetime
--preferred-lifetime
--max-router-adv-interval
--min-router-adv-interval
Signed-off-by: Jan-Niklas Burfeind <[email protected]>
(cherry picked from commit
b2f14a5e8dc963a77d9292af7332af08973a9ba8)
Nate Robinson [Fri, 18 Jul 2025 04:42:08 +0000 (00:42 -0400)]
lf: update to r36
https://github.com/gokcehan/lf/releases/tag/r36
Signed-off-by: Nate Robinson <[email protected]>
(cherry picked from commit
0715dff919ffba355d35c9f911c9c31111ae9c70)
Nate Robinson [Wed, 2 Jul 2025 14:53:03 +0000 (10:53 -0400)]
lf: add new package
https://github.com/gokcehan/lf
Signed-off-by: Nate Robinson <[email protected]>
(cherry picked from commit
7e362a6e3581a0f0c6b12bc8f1f9e26d2ff7f78e)
Gregory Gullin [Thu, 21 Aug 2025 12:40:38 +0000 (15:40 +0300)]
sing-box: update to 1.12.3
changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.12.3
Signed-off-by: Gregory Gullin <[email protected]>
(cherry picked from commit
002e0559a5f3339fd5232a6e63cc00ce6886b3ab)
Hannu Nyman [Sat, 23 Aug 2025 07:05:23 +0000 (10:05 +0300)]
nano: Update to 8.6
Update nano editor to version 8.6
Signed-off-by: Hannu Nyman <[email protected]>
(cherry picked from commit
61f29f743529bfca26fbc81eb7f927bf7f3b6712)
Eric Fahlgren [Sat, 16 Aug 2025 01:31:27 +0000 (18:31 -0700)]
owut: update to 2025.08.15
Bug fixes:
efahl/owut@
c6e75716d1a3 init: fix typo in file name
efahl/owut@
7f97ab67c2f5 examples: improve docs for writing pre-install scripts
Enhancements:
efahl/owut@
93f2b06b8882 owut: utilize upstream limits instead of hardcoded values
efahl/owut@
7a45c412fc96 owut: improve usability of 'dump' option
efahl/owut@
35720e369ac0 owut: improve age reporting
Signed-off-by: Eric Fahlgren <[email protected]>
(cherry picked from commit
c79bed5fd542550024931fb809c2699937eca19f)
Wei-Ting Yang [Thu, 14 Aug 2025 08:23:53 +0000 (16:23 +0800)]
python-urllib3: update to 2.0.7
Fix CVE-2023-45803 and CVE-2023-43804.
Full changelogs:
- https://github.com/urllib3/urllib3/releases/tag/v2.0.5
- https://github.com/urllib3/urllib3/releases/tag/2.0.6
- https://github.com/urllib3/urllib3/releases/tag/2.0.7
Signed-off-by: Wei-Ting Yang <[email protected]>
(cherry picked from commit
23646be59e7a3c15e60b1d210d975b647cd46dd9)
Tianling Shen [Fri, 22 Aug 2025 09:10:57 +0000 (17:10 +0800)]
Revert "gping: lock cargo dependencies"
It's enabled by default now.
Make use of MAKE_PATH while at it.
This reverts commit
0118fb489659088565f948994d7c81d9f41a20a1.
Signed-off-by: Tianling Shen <[email protected]>
Tianling Shen [Wed, 20 Aug 2025 10:04:36 +0000 (18:04 +0800)]
dufs: remove `--locked` flag
It's enabled by default now.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
ee49f00287655b3512785c0b286cfaa185452dee)
Tianling Shen [Wed, 20 Aug 2025 09:44:57 +0000 (17:44 +0800)]
rust: read build path from `{HOST_}MAKE_PATH`
Allow set build path by `{HOST_}MAKE_PATH`.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
84cb850b7f967c2ed7ec4fdb55e8655a245f16dd)
Tianling Shen [Wed, 20 Aug 2025 09:28:22 +0000 (17:28 +0800)]
rust: introduce `RUST_{HOST,PKG}_LOCKED` flag
Introduce `RUST_{HOST,PKG}_LOCKED` flag (enabled by default) to respect
upstream lockfile. This can be disabled by setting it to 0 if you want
to have up-to-date dependencies.
This change also adds new `CARGO_{HOST,PKG}_ARGS` variable to pass extra
build arguments to cargo.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
1000e99185ec9faaa846aeef43ca3cf72f199d5d)
Stan Grishin [Mon, 18 Aug 2025 16:34:28 +0000 (16:34 +0000)]
pbr: 1.1.8-36 bugfixes
- drop load_environment_flag and always load environment on start, making
restart command great again
- store/restore existing jshn namespace when using json()
- remove unneeded sleepCount in is_wan_up()
- move updated README inside files/
Signed-off-by: Stan Grishin <[email protected]>
(cherry picked from commit
51686912e0f3552bacd8ef7cf980f270c2fa3ec4)
George Sapkin [Thu, 14 Aug 2025 19:08:00 +0000 (22:08 +0300)]
yt-dlp: bump to 2025.08.11
Changelog: https://github.com/yt-dlp/yt-dlp/releases/tag/2025.08.11
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
9318a5fefbec3cae39d328b02dc6a5ca1e1d3b7b)
George Sapkin [Thu, 14 Aug 2025 20:08:11 +0000 (23:08 +0300)]
golang: bump to 1.23.12
go1.23.12 (released 2025-08-06) includes security fixes to the
database/sql and os/exec packages, as well as bug fixes to the runtime.
Fixes: CVE-2025-47907
Link: https://github.com/golang/go/issues?q=milestone%3AGo1.23.12+label%3ACherryPickApproved
Signed-off-by: George Sapkin <[email protected]>
Tianling Shen [Mon, 11 Aug 2025 12:23:18 +0000 (20:23 +0800)]
lttng-tools: fix build with libxml 2.14
Backport a pending patch to fix build with libxml 2.14.
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
0ec95bd1f4dc9b829081bfd7910220d530517591)
Stan Grishin [Sun, 10 Aug 2025 01:41:34 +0000 (01:41 +0000)]
pbr: update to 1.1.8-34
* bugfix: json init was destroying procd_triggers and screwing boot up
fixes https://github.com/openwrt/packages/issues/27194
* improvement: explicit printf calls in get_text
Signed-off-by: Stan Grishin <[email protected]>
(cherry picked from commit
a49f1e26101805537aabed56cdafbe0331aadbc5)
Tianling Shen [Mon, 11 Aug 2025 11:55:50 +0000 (19:55 +0800)]
gping: lock cargo dependencies
The new version of dns-lookup failed to build with musl:
error[E0308]: mismatched types
--> gping/src/main.rs:331:19
|
331 | Ok(ip) => ip,
| ^^ expected `Vec<IpAddr>`, found opaque type
|
::: /builder/shared-workdir/build/sdk/dl/cargo/registry/src/index.crates.io-
1949cf8c6b5b557f/dns-lookup-2.1.0/src/lookup.rs:17:46
|
17 | pub fn lookup_host(host: &str) -> io::Result<impl Iterator<Item = IpAddr> + use<>> {
| ------------------------------------ the found opaque type
|
= note: expected struct `Vec<IpAddr>`
Signed-off-by: Tianling Shen <[email protected]>
Jonas Jelonek [Sun, 1 Dec 2024 23:50:20 +0000 (23:50 +0000)]
gping: update to 1.18.0
Signed-off-by: Jonas Jelonek <[email protected]>
(cherry picked from commit
c3dcb6c152ae60523d18e405a802a99d000b1344)
Gregory Gullin [Mon, 4 Aug 2025 15:26:32 +0000 (18:26 +0300)]
sing-box: update to 1.12.0
changelog: https://github.com/SagerNet/sing-box/releases/tag/v1.12.0
Signed-off-by: Gregory Gullin <[email protected]>
(cherry picked from commit
654fa2f5f3842b85672bb1d9a277a438672bb347)
Rosen Penev [Sun, 4 May 2025 01:19:50 +0000 (18:19 -0700)]
mariadb: update to 11.4.7
Use upstream solutions to local patches.
Remove test.sh as it's broken.
Signed-off-by: Rosen Penev <[email protected]>
(cherry picked from commit
cf6ef1ac5a706101739577a63fea07f9cea33072)
Rosen Penev [Tue, 29 Apr 2025 22:21:32 +0000 (15:21 -0700)]
mariadb: fix liburing dependency
CMake is way too opertunistic. Avoid the dependency by manually handling
it.
Signed-off-by: Rosen Penev <[email protected]>
(cherry picked from commit
9d12a9618a09c2e614ec5b2220ad3c6127e643ef)
Rosen Penev [Wed, 1 Jan 2025 21:02:51 +0000 (13:02 -0800)]
mariadb: update to 11.4.4
Remove upstreamed patch.
Signed-off-by: Rosen Penev <[email protected]>
(cherry picked from commit
f640d92aa4327b6432ca4a67040c7f9fe3b468b4)
George Sapkin [Thu, 8 May 2025 13:42:42 +0000 (16:42 +0300)]
sqlite3: bump to 3.50.4
Changelog: https://sqlite.org/releaselog/3_49_2.html
Changelog: https://sqlite.org/releaselog/3_50_0.html
Changelog: https://sqlite.org/releaselog/3_50_1.html
Changelog: https://sqlite.org/releaselog/3_50_2.html
Changelog: https://sqlite.org/releaselog/3_50_3.html
Changelog: https://sqlite.org/releaselog/3_50_4.html
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
810341cf3303e2fdb3241e1aa20e4b213ff0f7d3)
George Sapkin [Sat, 10 May 2025 19:23:39 +0000 (22:23 +0300)]
sqlite3: require matching lib version in shell
Shell expects a matching library version to be installed. Specify a
matching version using EXTRA_DEPENDS.
Signed-off-by: George Sapkin <[email protected]>
(cherry picked from commit
5b8e0fd4646ff3d7964d5ddbc9cabe98d3d3e6ce)
Thibaut VARÈNE [Thu, 7 Aug 2025 08:37:21 +0000 (10:37 +0200)]
uspot: update to Git HEAD (2025-08-07)
e2e3c649ab80 README update
18e6bcc14cc2 uspot/portal: urldecode FORM POST data
bf6051dba822 uspot/handler-uam: accept /login endpoint
32273591d8d5 uspotfilter: provide peer_lookup answers only for known clients
b0aeef9973a9 README: clarify uam vs radius mode features
b7b0d0efb0e2 uspot: improve config documentation
bce68a97fad8 captive: rename to 'uspot'
da6ca713e15d uspot: client_remove(): pass device to ratelimit client_delete()
3ebfe262bfb1 uspot: remove unused radius_call() args
691d73aa00dc uspot: let radius_init() set all required payload members
be50a66b777f uspot: allow setting global bandwidth limits
4851ada4b0c0 uspot: send Called-Station-Id in Acct-On/Off requests
0974fc8d47ac Implement uspot-bpf, an eBPF traffic counter
e99809f97e34 introduce uspotbpf.uc
7f6f43883568 uspotbpf: work around ucode-mod-bpf bug
319e0c285afb uspot: hook traffic accounting
ccf3fa9b8e83 uspot: client_interim(): remove dead code
0e92cc9f6e75 uspotbpf: fix priority conflict with ratelimit
55d40a8794b6 uspot: implement traffic limiting
b05257e862cb uspot: implement swapio
e83f95081c21 uspot: radius_acct(): don't needlessly call uspotfilter
442cff773220 uspotfilter: cleanup unused API
7878d512cd21 handler-api: include 'seconds-remaining' only if not captive
cca6d218a6a7 handler-api: implement 'bytes-remaining'
e8cf3d08ac64 uspot: start(): ratelimit clearing is independent from RADIUS accounting
6d12a2da5b20 README update
bf6364cb61ea config: clarify units for acct_interval
8133b8cd215e uspot: implement state_get()/state_set()
094825fdfe68 radius-client: lowercase non-attribute JSON members
de70c588c2e3 radius-client: add error reporting
ebe9eac34f5b radius: add option for udp or tcp connection
d6b338d5d194 uspot: support RadSec with PSK authentication
53de77512159 uspot: validate config
d0578f740111 uspot: don't store debug data through uspotfilter
fe4fa5e8a25f uspot.init: rename DAS instance
bd1fbe481da3 README update
76a03155db44 uspot: add support for secondary RADIUS servers
694ff75f4fcc uspot: remove 'final_redirect_url' config option
a347454db08c handler: redirect UAM connected clients to the 'res=already' UAM url
0ea8f9bec545 handlers: simplify auth check
f69e1df8db0f Improve RADIUS error handling and reporting
34216b56b9ed src/CMakeLists: disable -Werror
8599a968877b Makefile: sync with OpenWrt repo
Update Makefile to reflect addition of the eBPF module and other changes
in the package
Signed-off-by: Thibaut VARÈNE <[email protected]>
(cherry picked from commit
3d76208b4dc65c9fd45d51c58e09300c77c33906)
Bruce Chen [Mon, 21 Jul 2025 12:51:27 +0000 (20:51 +0800)]
aliyun-cli: add new package
The Alibaba Cloud CLI is a tool to manage and
use Alibaba Cloud resources through a command line interface
Signed-off-by: Bruce Chen <[email protected]>
(cherry picked from commit
f6e404e96d0a263e94f3183de0bb5139a3dc1099)
Petr Štetiar [Wed, 6 Aug 2025 09:30:40 +0000 (09:30 +0000)]
kmod: fix build failure in install step over dirty build dir
When building kmod-32 package for the first time (clean build_dir), it
builds and installs fine. When building for 2nd time, sometimes
(probably some race condition?) it fails to build in install step with
following error:
for tool in insmod lsmod rmmod depmod modprobe modinfo; do \
ln -s kmod /tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/$tool; \
done
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/insmod': File exists
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/lsmod': File exists
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/rmmod': File exists
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/depmod': File exists
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/modprobe': File exists
ln: failed to create symbolic link '/tmp/build_dir/target-aarch64_cortex-a73+neon-vfpv4_musl/kmod-32/ipkg-install/usr/bin/modinfo': File exists
Lets fix it by backporting upstream fix.
Fixes: #27171
Link: https://lore.kernel.org/r/[email protected]
Upstream-Status: Backport [https://github.com/kmod-project/kmod/commit/
c5054b215089f9e3cdc9602232649c2b5b1de743]
Signed-off-by: Petr Štetiar <[email protected]>
(cherry picked from commit
79f78c0e77e61a20063db53f6cf8a12768036cdf)
Tianling Shen [Tue, 29 Jul 2025 09:45:25 +0000 (17:45 +0800)]
inih: Update to r61
Release note: https://github.com/benhoyt/inih/releases/tag/r61
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
f6f3f4c5fdfb6fccd1520f63f9d281b971cb78ad)
Tianling Shen [Tue, 5 Aug 2025 06:50:04 +0000 (14:50 +0800)]
openlist: Update to 4.1.0
Release note: https://github.com/OpenListTeam/OpenList/releases/tag/v4.1.0
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
1f4064269fbf673952a23eb97843f49ee6ee8263)
Tianling Shen [Thu, 31 Jul 2025 05:59:21 +0000 (13:59 +0800)]
openlist: Update to 4.0.9
Release note: https://github.com/OpenListTeam/OpenList/releases/tag/v4.0.9
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
dd6e44068f872a636f9cca296d97c498681e5de4)
Tianling Shen [Tue, 29 Jul 2025 09:19:49 +0000 (17:19 +0800)]
rclone: backport ftp insecure TLS ciphers fix
Added config field to allow insecure TLS ciphers that were disabled
in Go 1.22.
Fixes: #27039
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
80e343dd434f53a4019f56920ac4a748e046fb9c)
Tianling Shen [Fri, 18 Jul 2025 14:06:41 +0000 (22:06 +0800)]
golang: disable build for powerpc64
e5500 is the only powerpc64 target we have in tree, but it's not
supported by golang[1]. Since it's hard to opt e5500 out from the
supported arch list, simply remove powerpc64 from it for now.
1. https://github.com/golang/go/issues/19074
Signed-off-by: Tianling Shen <[email protected]>
(cherry picked from commit
c8ad05854dd46baf19bdf2b8de86a31da5b9e046)
projects / feed / packages.git / log