Page MenuHomePhabricator
Create Task
Maniphest T183888

php-luasandbox in Wikimedia's Stretch apt repo depends on php5
Closed, ResolvedPublic
Actions

Description

$ apt-cache show php-luasandbox
Package: php-luasandbox
Version: 2.0.14~stretch1
Architecture: amd64
Maintainer: Tim Starling <tstarling@wikimedia.org>
Installed-Size: 105
Depends: php5 | php5-cli, libc6 (>= 2.14), liblua5.1-0, phpapi-
Homepage: https://www.mediawiki.org/wiki/Extension:Scribunto
Priority: optional
Section: web
Filename: pool/main/p/php-luasandbox/php-luasandbox_2.0.14~stretch1_amd64.deb
Size: 31130
SHA256: 3ad539fb71e2fb815d5cc658b1ab3a1ecdfa485e68312996d26f18b623fdbd63
SHA1: a34c33b197cd9d1dd5d0d295a2c81b9e3d060a53
MD5sum: 647c8e460583f2c651076805e6b70a7a
Description: Lua extension for PHP
 A PHP extension providing a sandboxed Lua environment which can be used to run
 untrusted code.
Description-md5: 79a1e52ec140a8c622026655cfd16712

Stretch does not include php5 packages, so this is uninstallable. It looks like the package was built for Stretch to provide hhvm-luasandbox and was not updated to correctly build the Zend package.

For MediaWiki-Vagrant, a workaround is to use the php-luasandbox package from stretch-backports via pinning. This probably isn't the best long term solution though as the proper package will eventually be needed for Wikimedia production. Unless of course we are going to drop our local package in favor of the upstream package maintained by @Legoktm.

Details

SubjectRepoBranchLines +/-
Install wikidiff2 from stretch-backportsmediawiki/vagrantmaster+10 -0
scribunto: install luasandbox from stretch-backportsmediawiki/vagrantstretch-migration+10 -0
Customize query in gerrit

Related Objects
Search...

Event Timeline

bd808 triaged this task as Medium priority.Jan 2 2018, 7:02 AM
bd808 created this task.
Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 2 2018, 7:02 AM
Legoktm added a subscriber: MoritzMuehlenhoff.Jan 2 2018, 7:06 AM
Legoktm added a comment.Jan 2 2018, 7:16 AM

The packaging was probably based on the PHP5 version, since it also depends upon a non-existent phpapi- package, because the php5-config call probably failed during build.

Once we no longer need to have a separate hhvm-luasandbox package, it would be best if we could unify the Debian and Wikimedia packaging efforts. :-)

gerritbot subscribed.Jan 3 2018, 4:10 AM

Change 401668 had a related patch set uploaded (by BryanDavis; owner: Bryan Davis):
[mediawiki/vagrant@stretch-migration] scribunto: install luasandbox from stretch-backports

https://gerrit.wikimedia.org/r/401668

gerritbot added a project: Patch-For-Review.Jan 3 2018, 4:10 AM
gerritbot added a comment.Jan 3 2018, 4:13 AM

Change 401668 merged by jenkins-bot:
[mediawiki/vagrant@stretch-migration] scribunto: install luasandbox from stretch-backports

https://gerrit.wikimedia.org/r/401668

bd808 mentioned this in T181353: [EPIC] Migrate MediaWiki-Vagrant base image to Debian Stretch.Jan 3 2018, 4:15 AM
bd808 added a subtask: T184270: rebuild php-wikidiff2 and php-luasandbox for php7 and stretch.Jan 5 2018, 5:13 PM
MoritzMuehlenhoff added a comment.Feb 2 2018, 11:17 AM

I've uploaded a backport of Kunal's 1.5.1-3 package from Debian testing to stretch-backports. The packages in Debian only support Zend PHP (since Debian doesn't feature more in depth integration of HHVM in the wider module eco system), but we still need hhvm-wikidiff2, so I'll update the internal source package to only build the hhvm-wikidiff2 binary package. (And when we've migrated to PHP7 we can remove the internal package entirely)

Legoktm closed subtask T184270: rebuild php-wikidiff2 and php-luasandbox for php7 and stretch as Resolved.Feb 2 2018, 11:26 AM
MoritzMuehlenhoff closed this task as Resolved.Feb 2 2018, 12:14 PM
MoritzMuehlenhoff claimed this task.

Our internal wikidiff2 package has been rebuilt to only provide the hhvm-wikdiff2 package now (and after some fiddling with reprepro I removed the old php-wikidiff2 from apt.wikimedia.org).

As such, stretch now has 1.4.1-1 and stretch-backports has 1.5.1-3~bpo9+1.

@bd808: For mediawiki-vagrant I'd recommend to add a patch for php-wikidiff2 similar to https://gerrit.wikimedia.org/r/#/c/401668/, ideally mediawiki-vagrant should also use 1.5.1 from backports as we do in production. Our production manifests are in progress of moving to it via https://gerrit.wikimedia.org/r/#/c/394977/

MoritzMuehlenhoff added a comment.Feb 9 2018, 11:35 AM

Our internal php-luasandbox package has been rebuilt to only provide the hhvm-luasandbox package (that's kind of confusing given the source package name, but it's only temporary given our migration to PHP 7).

(The old php-wikidiff2 binary package was removed from apt.wikimedia.org, you can't explicity only remove a binary package, so I had to re-import the dsc after "reprepro remove stretch-wikimedia php-luasandbox")

gerritbot added a comment.Apr 6 2018, 2:22 AM

Change 424508 had a related patch set uploaded (by BryanDavis; owner: Bryan Davis):
[mediawiki/vagrant@master] Install wikidiff2 from stretch-backports

https://gerrit.wikimedia.org/r/424508

gerritbot added a comment.Apr 6 2018, 2:25 AM

Change 424508 merged by jenkins-bot:
[mediawiki/vagrant@master] Install wikidiff2 from stretch-backports

https://gerrit.wikimedia.org/r/424508

Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL · Credits