After an evaluation, GNOME has moved from Bugzilla to GitLab. Learn more about GitLab.
No new issues can be reported in GNOME Bugzilla anymore.
To report an issue in a GNOME project, go to GNOME GitLab.
Do not go to GNOME Gitlab for: Bluefish, Doxygen, GnuCash, GStreamer, java-gnome, LDTP, NetworkManager, Tomboy.
Bug 772334 - should call xmllint with --nonet
should call xmllint with --nonet
Status: RESOLVED OBSOLETE
Product: yelp-tools
Classification: Core
Component: yelp.m4
git master
Other Linux
: Normal normal
: ---
Assigned To: Yelp maintainers
Yelp maintainers
Depends on:
Blocks:
 
 
Reported: 2016-10-02 08:59 UTC by Christian Persch
Modified: 2018-05-22 12:51 UTC
See Also:
GNOME target: ---
GNOME version: ---


Attachments
patch (9.64 KB, patch)
2016-10-02 09:19 UTC, Christian Persch
none Details | Review

Description Christian Persch 2016-10-02 08:59:24 UTC
The YELP_HELP_RULES should call xmllint with the --nonet parameter to disallow any net access during build.
Comment 1 Christian Persch 2016-10-02 09:11:29 UTC
And same for the xsltproc invocations in yelp-build and yelp-check.
Comment 2 Christian Persch 2016-10-02 09:19:39 UTC
Created attachment 336755 [details] [review]
patch
Comment 3 Shaun McCance 2016-10-03 13:45:55 UTC
I often use network access with `yelp-check validate`. It's the only way to validate against draft schemas without building a local cache by hand. It certainly makes sense to do --nonet in yelp.m4. I'm curious what kinds of situations are leading to the network being touched in yelp-build and yelp-check, other than validation. We could add a --nonet option to those commands, if it's blocking people's automated builds.
Comment 4 Christian Persch 2016-10-03 16:07:24 UTC
I filed this because of https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=839549 .
Comment 5 Jeremy Bicha 2018-01-25 23:19:27 UTC
Shaun, I believe Debian Developer Adrian Bunk independently discovered the same fix as Christian in a patch he attached to the Debian bug. Could we at least merge the 2-line change to yelp.m4? It reduces the time it takes to build Aisleriot on Debian from hours to a few minutes.
Comment 6 Shaun McCance 2018-02-09 15:57:20 UTC
I added the --nonet to yelp.m4 for 'make check', which is just intended to do well-formedness. If people feel strongly that yelp-check and yelp-build should have this, then it'll need to be added as an option to those commands, because there are very good use cases for allowing xmllint to hit the network.
Comment 7 GNOME Infrastructure Team 2018-05-22 12:51:49 UTC
-- GitLab Migration Automatic Message --

This bug has been migrated to GNOME's GitLab instance and has been closed from further activity.

You can subscribe and participate further through the new bug through this link to our GitLab instance: https://gitlab.gnome.org/GNOME/yelp-tools/issues/14.