Da das Alphabet nur 26 Buchstaben hat, und Ubuntu doch schon recht weit fortgeschritten ist, hätte ich hier eine Reihe von Vorschägen, wie man nach Erreichen von Z fortsetzen könnte. Sei denn, der Spuk ist (wie böse Zungen behaupten) nach Z endlich vorbei.
What does it take to get Debian to update a package?
More than two years, about 50 mails, 10 people from 3 different Debian-related IRC channels, 4 bugs filed by upstream and 2 security-related issues reported to the Security team … Sound’s legit IMHO.
Being way overdue, and not only because some other projects
askednagged for a release, I’m really pleased I finally had everything together last week so I could do the release of GeSHi 184.108.40.206. Besides the 18 new language files there are also two important bugfixes addressing problems in contrib scripts.
Nach dem letztens endlich das Packaging für die von mir etwas für aktuellere PHP-Versionen gepflegte RRDTool-Extension abgeschlossen war, dachte ich eigentlich, dass das soweit auch für PHP 5.4 funktionieren sollte. Da ich wegen dem ausstehenden Support für den Suhosin-Patch aber noch nicht upgraden wollte, gab es natürlich wenig Chancen, das selber zu überprüfen.
Vor knapp 4 Wochen habe ich mich dann aber doch hingesetzt, um meinen Server auf PHP 5.4 zu aktualisieren. Nachdem das Update selbst recht unproblematisch verlief und bis auf wenige Extensions, die einen expliziten Arschtritt zum Compilen haben wollten, alles lief, war die RRDTool-Extension dran. Und (Grüße an Murphy) es wollte nicht compilieren. Aber glücklicherweise waren das nur ein paar Kleinigkeiten, die sich im Wesentlichen darauf beschränkten, den Typ pval durch zval beim Abfragen von Parametern auszutauschen.
Sobald das durch war, funktionierte das auch mit dem Compilieren und alle Scripte mit der Extension liefen wieder wie immer.
Die neu, nun mit Support für PHP 5.4, gepackagedte Version gibt es ab sofort; nach dem ich nach einer stressigen Zeit dazu gekommen bin, das alles zusammenzupacken. Außer der oben genannten Änderung ist nix an Features hinzugekommen. Wird also PHP 5.4 nicht benötigt, reicht auch die alte Version. Die neue RRDTool-Extension für PHP 5.4 (Version 0.2) gibt unter dem genannten Link.
After a somewhat longer period of silence from my side, due to some vacation I took, I’m proud to announce that there have quite some changes for the next release of GeSHi accumulated in the SVN trunk which will be the basis for the next release of GeSHi. As most of you might already have guessed the next release will be version 220.127.116.11, which is the first version of GeSHi in 2011 and also the first version since half a year. So what’s new with this version?
Well, the question is a bit complicated to answer, so let me split this into three parts. The first of which is all the changes to the parser of GeSHi itself. One of the changes here is a change of the handling of dashes when creating regular expressions which are used internally for GeSHi to speed up the highlighting of keywords. The problem here was that in some occasions dashes were left unescaped as part of the regexp and thus got a special meaning within character groups causing unpredictable behaviour. Although this couldn’t be used for malicious activity it was an annoying side effect causing GeSHi to crash when encountering language files which used dashes in their keywords. COBOL is one of them, Scheme another.
But let’s stay with the internal changes for another moment: There was another bug this time which affected e.g. PHP, but actually quite a bunch of other languages too. The reason for this bug is a bit more complicated to explain though, as it involves some of the internas and the precautions of GeSHi to avoid XSS attacks by the code that should be highlighted. When you look at the code sample provided there you will notice the semicolon before the offending if, right? Now, as we all know, GeSHi tries to output HTML code. This fact is important here because the semicolon – even though it doesn’t need escaping is crucial for valid HTML as it terminates escape sequences and therefore needs special treatment as we can’t simply go ahead and markup every ; we find: It might be part of an escape sequence. Luckily GeSHi works around the problem here and escapes two characters not which their HTML entity, but with something else: | with <PIPE> and – you guessed ; with <SEMI>, avoiding this disambiguity this way. Now for the problem: The default boundary checks for keywords didn’t take these replacements into account and thus hadn’t had < and > in them and therefore did NEVER match any keyword accompanied by one of those two characters. Literal < and > BTW are escaped beforehand and thus appear as < and > in the source when checking boundaries. Coming with this release also < and > are part of the default lists of characters allowed as boundary of a word and thus enabling the proper highlighting of the sample code in the bug report linked above.
The third issue regarding the parser is not a change of the parser itself, but rather a convenience check added to the language file checking script which didn’t verify filenames properly and thus sometimes returned invalid filenames to be checked. This bug didn’t allow for code execution, but rather produced annoying error messages when some temporary files clobbered up your language file directory.
After we’re now done with the changes to the parser let’s discuss the changes to existing language file since we have quite a few already and I’m sure I did miss even some more in the depths of my inbox! So here we go: Users of Algol68 might like the greatly improved language file by Neville Dempsey which didn’t make it into the previous release since there were some issues I needed feedback on. But even having the language file in a bit later should be early enough for you to enjoy.
I know it’s about two months now, but I finally got around to do the last steps that were missing for GeSHi 18.104.22.168: Packaging it 😉
maybe some of you already noticed, but there has already been an 22.214.171.124 release of GeSHi about a month ago. If you now wonder why there is no download yet: Well, there was no time for packaging it yet, thus the only way for now is to grab the RELEASE_1_0_8_9 tag from the GeSHi SVN.
Again there are quite some changes in the release thus don’t forget to read the changelog to fetch ‚em all 😉
The next steps in getting the release out will be a small revise of a PHING release script by cweiske at the IRC channel, that aims to automate some of the stuff that has to be done for packaging, even though not necessary when just doing the tagging part of the releases. Just in case you wondered why actually packaging takes so long 😉
There will be a kinda preview of the next GeSHi release for 126.96.36.199 sometime soon for all the changes that already got integrated so far. Mostly this affects a lot of new language files and changes to existing ones but minor patches to the LangCheck script are waiting too. To grab it just have a look at the RELEASE_STABLE branch at the GeSHi SVN; updates will go there. Currently I’m still trying to reduce the backlog of mails that accumulated, But I’m mostly done with it.
Many people might have noticed, and even though I didn’t do that many public announcements of this yet, GeSHi is still under developement and a new version is coming near its completion soon – hopefully. The reason I mention this is, that some distributions – like Debian – haven’t updated to the available packages yet even though (at least in the case of Debian) I notified them of at least one intermediate release. Well, probably they only look onto pretty homepages to determine the news instead of watching the code. So well, here’s some news for you all.