On 2016-03-10 16:34, Ryan Schmidt wrote: >> The longer we wait, the harder it will be to catch these. >> Should we rev-bump all dependents of OpenSSL now? > > Those that haven't already had their version or revision increased since the > openssl update, yes, I would say.
That is difficult to determine now. To find that out requires going through the list of dependents manually... I will assume all ports with commits since the OpenSSL update in r146162 either already got a rev-bump or a version upgrade, so they do not need it anymore: --- # Find ports for p in $(port -q echo depends_lib:openssl); do c=$(svn log -r146162:HEAD $(port file $p) |grep -v '^---' |wc -l); if [ $c -eq 0 ]; then echo $p; fi; done > openssl-revbump.txt # Rev-bump ports xargs ./rev-bump.sh < openssl-revbump.txt # Verify result svn diff $(xargs port file < openssl-revbump.txt) --- Committed in r146517. For future reference, I attached the rev-bump.sh script. Rainer
rev-bump.sh
Description: Bourne shell script
_______________________________________________ macports-dev mailing list macports-dev@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/macports-dev