diff --git a/.gitignore b/.gitignore index be7453c..afe3759 100644 --- a/.gitignore +++ b/.gitignore @@ -16,3 +16,5 @@ php-7.*.xz.asc /php-8.0.6.tar.xz.asc /php-8.0.12.tar.xz /php-8.0.12.tar.xz.asc +/php-8.0.13.tar.xz +/php-8.0.13.tar.xz.asc diff --git a/10-opcache.ini b/10-opcache.ini index 8c5db66..a5be172 100644 --- a/10-opcache.ini +++ b/10-opcache.ini @@ -42,6 +42,11 @@ opcache.enable_cli=1 ; size of the optimized code. ;opcache.save_comments=1 +; If enabled, compilation warnings (including notices and deprecations) will +; be recorded and replayed each time a file is included. Otherwise, compilation +; warnings will only be emitted when the file is first cached. +;opcache.record_warnings=0 + ; Allow file existence override (file_exists, etc.) performance feature. ;opcache.enable_file_override=0 diff --git a/php-8.0.12-crypt.patch b/php-8.0.13-crypt.patch similarity index 78% rename from php-8.0.12-crypt.patch rename to php-8.0.13-crypt.patch index 3469a93..31a8c8a 100644 --- a/php-8.0.12-crypt.patch +++ b/php-8.0.13-crypt.patch @@ -1,24 +1,3 @@ -From 9f98bc58c7bb7fdbb25614ca645bbd7a465fdfed Mon Sep 17 00:00:00 2001 -From: Remi Collet -Date: Fri, 15 Oct 2021 15:45:50 +0200 -Subject: [PATCH] remove closing bracket in bad place - ---- - build/php.m4 | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/build/php.m4 b/build/php.m4 -index 9746ba28f325..7fb9e3125d13 100644 ---- a/build/php.m4 -+++ b/build/php.m4 -@@ -2219,7 +2219,6 @@ struct crypt_data buffer; - crypt_r("passwd", "hash", &buffer); - ]])],[php_cv_crypt_r_style=struct_crypt_data_gnu_source],[]) - fi -- ]) - - if test "$php_cv_crypt_r_style" = "none"; then - AC_COMPILE_IFELSE([AC_LANG_PROGRAM([[ From fc4e31467c352032ee709ac55d3c67bc22abcd8d Mon Sep 17 00:00:00 2001 From: Remi Collet Date: Fri, 15 Oct 2021 17:11:12 +0200 diff --git a/php.ini b/php.ini index d95f287..3ff0997 100644 --- a/php.ini +++ b/php.ini @@ -88,6 +88,7 @@ ;;;;;;;;;;;;;;;;;;; ; Quick Reference ; ;;;;;;;;;;;;;;;;;;; + ; The following are all the settings which are different in either the production ; or development versions of the INIs with respect to PHP's default behavior. ; Please see the actual settings later in the document for more details as to why @@ -99,12 +100,12 @@ ; Production Value: Off ; display_startup_errors -; Default Value: Off +; Default Value: On ; Development Value: On ; Production Value: Off ; error_reporting -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Default Value: E_ALL ; Development Value: E_ALL ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT @@ -153,6 +154,16 @@ ; Development Value: "GPCS" ; Production Value: "GPCS" +; zend.exception_ignore_args +; Default Value: Off +; Development Value: Off +; Production Value: On + +; zend.exception_string_param_max_len +; Default Value: 15 +; Development Value: 15 +; Production Value: 0 + ;;;;;;;;;;;;;;;;;;;; ; php.ini Options ; ;;;;;;;;;;;;;;;;;;;; @@ -306,12 +317,12 @@ serialize_precision = -1 ; http://php.net/open-basedir ;open_basedir = -; This directive allows you to disable certain functions for security reasons. +; This directive allows you to disable certain functions. ; It receives a comma-delimited list of function names. ; http://php.net/disable-functions disable_functions = -; This directive allows you to disable certain classes for security reasons. +; This directive allows you to disable certain classes. ; It receives a comma-delimited list of class names. ; http://php.net/disable-classes disable_classes = @@ -352,21 +363,31 @@ zend.enable_gc = On ; If enabled, scripts may be written in encodings that are incompatible with ; the scanner. CP936, Big5, CP949 and Shift_JIS are the examples of such ; encodings. To use this feature, mbstring extension must be enabled. -; Default: Off ;zend.multibyte = Off ; Allows to set the default encoding for the scripts. This value will be used ; unless "declare(encoding=...)" directive appears at the top of the script. ; Only affects if zend.multibyte is set. -; Default: "" ;zend.script_encoding = -; Allows to include or exclude arguments from stack traces generated for exceptions -; Default: Off -; In production, it is recommended to turn this setting on to prohibit the output +; Allows to include or exclude arguments from stack traces generated for exceptions. +; In production, it is recommended to turn this setting on to prohibit the output ; of sensitive information in stack traces +; Default Value: Off +; Development Value: Off +; Production Value: On zend.exception_ignore_args = On +; Allows setting the maximum string length in an argument of a stringified stack trace +; to a value between 0 and 1000000. +; This has no effect when zend.exception_ignore_args is enabled. +; Default Value: 15 +; Development Value: 15 +; Production Value: 0 +; In production, it is recommended to set this to 0 to reduce the output +; of sensitive information in stack traces. +zend.exception_string_param_max_len = 0 + ;;;;;;;;;;;;;;;;; ; Miscellaneous ; ;;;;;;;;;;;;;;;;; @@ -404,7 +425,7 @@ max_input_time = 60 ; How many GET/POST/COOKIE input variables may be accepted ;max_input_vars = 1000 -; Maximum amount of memory a script may consume (128MB) +; Maximum amount of memory a script may consume ; http://php.net/memory-limit memory_limit = 128M @@ -458,7 +479,7 @@ memory_limit = 128M ; E_ALL & ~E_NOTICE (Show all errors, except for notices) ; E_ALL & ~E_NOTICE & ~E_STRICT (Show all errors, except for notices and coding standards warnings.) ; E_COMPILE_ERROR|E_RECOVERABLE_ERROR|E_ERROR|E_CORE_ERROR (Show only errors) -; Default Value: E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED +; Default Value: E_ALL ; Development Value: E_ALL ; Production Value: E_ALL & ~E_DEPRECATED & ~E_STRICT ; http://php.net/error-reporting @@ -482,11 +503,9 @@ error_reporting = E_ALL & ~E_DEPRECATED & ~E_STRICT display_errors = Off ; The display of errors which occur during PHP's startup sequence are handled -; separately from display_errors. PHP's default behavior is to suppress those -; errors from clients. Turning the display of startup errors on can be useful in -; debugging configuration problems. We strongly recommend you -; set this to 'off' for production servers. -; Default Value: Off +; separately from display_errors. We strongly recommend you set this to 'off' +; for production servers to avoid leaking configuration details. +; Default Value: On ; Development Value: On ; Production Value: Off ; http://php.net/display-startup-errors @@ -524,19 +543,9 @@ ignore_repeated_source = Off ; http://php.net/report-memleaks report_memleaks = On -; This setting is on by default. +; This setting is off by default. ;report_zend_debug = 0 -; Store the last error/warning message in $php_errormsg (boolean). Setting this value -; to On can assist in debugging and is appropriate for development servers. It should -; however be disabled on production servers. -; This directive is DEPRECATED. -; Default Value: Off -; Development Value: Off -; Production Value: Off -; http://php.net/track-errors -;track_errors = Off - ; Turn off normal error reporting and emit XML-RPC error XML ; http://php.net/xmlrpc-errors ;xmlrpc_errors = 0 @@ -929,10 +938,10 @@ cli_server.color = On ;date.default_longitude = 35.2333 ; http://php.net/date.sunrise-zenith -;date.sunrise_zenith = 90.583333 +;date.sunrise_zenith = 90.833333 ; http://php.net/date.sunset-zenith -;date.sunset_zenith = 90.583333 +;date.sunset_zenith = 90.833333 [filter] ; http://php.net/filter.default @@ -1009,8 +1018,6 @@ pcre.jit=0 ; http://php.net/pdo-odbc.connection-pooling ;pdo_odbc.connection_pooling=strict -;pdo_odbc.db2_instance_name - [Pdo_mysql] ; Default socket name for local MySQL connects. If empty, uses the built-in ; MySQL defaults. @@ -1292,7 +1299,8 @@ session.cookie_domain = session.cookie_httponly = ; Add SameSite attribute to cookie to help mitigate Cross-Site Request Forgery (CSRF/XSRF) -; Current valid values are "Lax" or "Strict" +; Current valid values are "Strict", "Lax" or "None". When using "None", +; make sure to include the quotes, as `none` is interpreted like `false` in ini files. ; https://tools.ietf.org/html/draft-west-first-party-cookies-07 session.cookie_samesite = @@ -1300,12 +1308,9 @@ session.cookie_samesite = ; http://php.net/session.serialize-handler session.serialize_handler = php -; Defines the probability that the 'garbage collection' process is started -; on every session initialization. The probability is calculated by using -; gc_probability/gc_divisor. Where session.gc_probability is the numerator -; and gc_divisor is the denominator in the equation. Setting this value to 1 -; when the session.gc_divisor value is 100 will give you approximately a 1% chance -; the gc will run on any given request. +; Defines the probability that the 'garbage collection' process is started on every +; session initialization. The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. ; Default Value: 1 ; Development Value: 1 ; Production Value: 1 @@ -1313,13 +1318,9 @@ session.serialize_handler = php session.gc_probability = 1 ; Defines the probability that the 'garbage collection' process is started on every -; session initialization. The probability is calculated by using the following equation: -; gc_probability/gc_divisor. Where session.gc_probability is the numerator and -; session.gc_divisor is the denominator in the equation. Setting this value to 100 -; when the session.gc_probability value is 1 will give you approximately a 1% chance -; the gc will run on any given request. Increasing this value to 1000 will give you -; a 0.1% chance the gc will run on any given request. For high volume production servers, -; this is a more efficient approach. +; session initialization. The probability is calculated by using gc_probability/gc_divisor, +; e.g. 1/100 means there is a 1% chance that the GC process starts on each request. +; For high volume production servers, using a value of 1000 is a more efficient approach. ; Default Value: 100 ; Development Value: 1000 ; Production Value: 1000 @@ -1335,8 +1336,8 @@ session.gc_maxlifetime = 1440 ; (see session.save_path above), then garbage collection does *not* ; happen automatically. You will need to do your own garbage ; collection through a shell script, cron entry, or some other method. -; For example, the following script would is the equivalent of -; setting session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): +; For example, the following script is the equivalent of setting +; session.gc_maxlifetime to 1440 (1440 seconds = 24 minutes): ; find /path/to/sessions -cmin +24 -type f | xargs rm ; Check HTTP Referer to invalidate externally stored URLs containing ids. @@ -1493,11 +1494,6 @@ zend.assertions = -1 ; http://php.net/assert.callback ;assert.callback = 0 -; Eval the expression with current error_reporting(). Set to true if you want -; error_reporting(0) around the eval(). -; http://php.net/assert.quiet-eval -;assert.quiet_eval = 0 - [mbstring] ; language for internal character representation. ; This affects mb_send_mail() and mbstring.detect_order. @@ -1515,7 +1511,7 @@ zend.assertions = -1 ; http input encoding. ; mbstring.encoding_translation = On is needed to use this setting. ; If empty, default_charset or input_encoding or mbstring.input is used. -; The precedence is: default_charset < input_encoding < mbsting.http_input +; The precedence is: default_charset < input_encoding < mbstring.http_input ; http://php.net/mbstring.http-input ;mbstring.http_input = @@ -1547,20 +1543,8 @@ zend.assertions = -1 ; http://php.net/mbstring.substitute-character ;mbstring.substitute_character = none -; overload(replace) single byte functions by mbstring functions. -; mail(), ereg(), etc are overloaded by mb_send_mail(), mb_ereg(), -; etc. Possible values are 0,1,2,4 or combination of them. -; For example, 7 for overload everything. -; 0: No overload -; 1: Overload mail() function -; 2: Overload str*() functions -; 4: Overload ereg*() functions -; http://php.net/mbstring.func-overload -;mbstring.func_overload = 0 - -; enable strict encoding detection. -; Default: Off -;mbstring.strict_detection = On +; Enable strict encoding detection. +;mbstring.strict_detection = Off ; This directive specifies the regex pattern of content types for which mb_output_handler() ; is activated. @@ -1569,12 +1553,10 @@ zend.assertions = -1 ; This directive specifies maximum stack depth for mbstring regular expressions. It is similar ; to the pcre.recursion_limit for PCRE. -; Default: 100000 ;mbstring.regex_stack_limit=100000 ; This directive specifies maximum retry count for mbstring regular expressions. It is similar ; to the pcre.backtrack_limit for PCRE. -; Default: 1000000 ;mbstring.regex_retry_limit=1000000 [gd] diff --git a/php.spec b/php.spec index ada6d3a..35de9b7 100644 --- a/php.spec +++ b/php.spec @@ -56,7 +56,7 @@ %bcond_with imap %bcond_without lmdb -%global upver 8.0.12 +%global upver 8.0.13 #global rcver RC1 Summary: PHP scripting language for creating dynamic web sites @@ -120,7 +120,7 @@ Patch49: php-8.0.10-phar-sha.patch # compatibility with OpenSSL 3.0, from 8.1 Patch50: php-8.0.10-openssl3.patch # use system libxcrypt -Patch51: php-8.0.12-crypt.patch +Patch51: php-8.0.13-crypt.patch # Upstream fixes (100+) @@ -1536,6 +1536,10 @@ systemctl try-restart php-fpm.service >/dev/null 2>&1 || : %changelog +* Wed Dec 15 2021 Remi Collet - 8.0.13-1 +- rebase to 8.0.13 #2032429 +- refresh configuration files from upstream + * Tue Oct 26 2021 Remi Collet - 8.0.12-1 - rebase to 8.0.12 #2017111 #1981423 - build using system libxcrypt #2015903 diff --git a/sources b/sources index 33be709..6d53408 100644 --- a/sources +++ b/sources @@ -1,2 +1,2 @@ -SHA512 (php-8.0.12.tar.xz) = 927b15c4443f3741a5325ec7bf387987b405cd5e64e40fd81f1945bf073adda30eeede8e1f98185f505cb61f969cf1abe05b8dad57a3c4e87971e8037bb16b23 -SHA512 (php-8.0.12.tar.xz.asc) = 90c8a179651ad530c8cb162a3d7f08472dd82a8c1b667b2df6ad0fd7c1cc1b97f18f8e13cae62d1176b36d579a1bd0646957631612a3ca11658d37c0dc6ff70b +SHA512 (php-8.0.13.tar.xz) = cb00482b74146670c4644f4b5da63b40d9afd111e198cdf1e67bfcf4280501a657b4fbad8fd7580f4e3f537db3c8a9db5f4115d3a466392cefac9866e233fa49 +SHA512 (php-8.0.13.tar.xz.asc) = 1988cd4158416b3853d5985a00a1f2c703aeb4496f22db4855279a10001d0ca95e080b8c89c2944e3addf952d37836c6b5a5f6d29bad5c9db6ccdfbced5c86bb