Merge updates from debian/trixie

79befdf6 · Apertis CI robot · c81280d6 · a259f1c8 · 79befdf6 · 79befdf6
Commit 79befdf6 authored 1 month ago by Apertis CI robot
--- a/ChangeLog
+++ b/ChangeLog
+0.62	- 2025-01-13, H.Merijn Brand
+    * doc should not be part of test
+
+0.61	- 2025-01-13, H.Merijn Brand
+    * Replace "use vars" with "our" (James Raspass: PR #9)
+    * Specify recommended versions based on known CVE's
+    * Update doc for groff-1.24
+    * It's 2024
+    * Tested with perl-5.40.0
+    * It's 2025
+    * Add SECURITY.md
+
 0.60	- 2023-01-06, H.Merijn Brand
    * It's 2023


--- a/MANIFEST
+++ b/MANIFEST
@@ -2,6 +2,7 @@ ChangeLog
 MANIFEST
 Makefile.PL
 CONTRIBUTING.md
+SECURITY.md
 cpanfile
 README
 lib/Bundle/DBD/CSV.pm

--- a/META.json
+++ b/META.json
 {
+   "meta-spec" : {
+      "version" : 2,
+      "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec"
+   },
+   "name" : "DBD-CSV",
+   "resources" : {
+      "repository" : {
+         "web" : "https://github.com/perl5-dbi/DBD-CSV",
+         "url" : "https://github.com/perl5-dbi/DBD-CSV",
+         "type" : "git"
+      },
+      "license" : [
+         "http://dev.perl.org/licenses/"
+      ],
+      "bugtracker" : {
+         "web" : "https://github.com/perl5-dbi/DBD-CSV/issues"
+      }
+   },
   "provides" : {
      "DBD::CSV" : {
-         "version" : "0.60",
+         "version" : "0.62",
         "file" : "lib/DBD/CSV.pm"
-         }
-      },
-   "abstract" : "DBI driver for CSV files",
-   "author" : [
-      "Jochen Wiedmann",
-      "Jeff Zucker",
-      "H.Merijn Brand <h.m.brand@xs4all.nl>",
-      "Jens Rehsack <rehsack@cpan.org>"
-      ],
+      }
+   },
+   "dynamic_config" : 1,
   "prereqs" : {
      "configure" : {
+         "suggests" : {
+            "ExtUtils::MakeMaker" : "7.70"
+         },
         "requires" : {
            "ExtUtils::MakeMaker" : "0",
            "DBI" : "1.628"
-            }
         },
+         "recommends" : {
+            "ExtUtils::MakeMaker" : "7.22"
+         }
+      },
+      "runtime" : {
+         "suggests" : {
+            "DBI" : "1.646"
+         },
+         "recommends" : {
+            "DBD::File" : "0.44",
+            "SQL::Statement" : "1.414",
+            "DBI" : "1.643",
+            "Text::CSV_XS" : "1.59"
+         },
+         "requires" : {
+            "DBD::File" : "0.42",
+            "SQL::Statement" : "1.405",
+            "DBI" : "1.628",
+            "perl" : "5.008001",
+            "Text::CSV_XS" : "1.01"
+         }
+      },
      "test" : {
+         "recommends" : {
+            "Encode" : "3.12",
+            "Test::More" : "1.302207"
+         },
         "requires" : {
-            "charnames" : "0",
            "Test::Harness" : "0",
            "Test::More" : "0.90",
+            "charnames" : "0",
            "Cwd" : "0",
            "Encode" : "0"
-            },
-         "recommends" : {
-            "Test::More" : "1.302191"
-            }
         },
+         "suggests" : {
+            "Encode" : "3.21"
+         }
+      },
      "build" : {
         "requires" : {
            "Config" : "0"
-            }
-         },
-      "runtime" : {
-         "recommends" : {
-            "DBI" : "1.643",
-            "SQL::Statement" : "1.414",
-            "DBD::File" : "0.44",
-            "Text::CSV_XS" : "1.49"
-            },
-         "requires" : {
-            "perl" : "5.008001",
-            "DBI" : "1.628",
-            "SQL::Statement" : "1.405",
-            "Text::CSV_XS" : "1.01",
-            "DBD::File" : "0.42"
-            }
         }
-      },
-   "generated_by" : "Author",
+      }
+   },
   "license" : [
      "perl_5"
-      ],
-   "meta-spec" : {
-      "url" : "http://search.cpan.org/perldoc?CPAN::Meta::Spec",
-      "version" : 2
-      },
-   "version" : "0.60",
-   "release_status" : "stable",
+   ],
+   "author" : [
+      "Jochen Wiedmann",
+      "Jeff Zucker",
+      "H.Merijn Brand <hmbrand@cpan.org>",
+      "Jens Rehsack <rehsack@cpan.org>"
+   ],
+   "abstract" : "DBI driver for CSV files",
+   "generated_by" : "Author",
+   "version" : "0.62",
   "x_installdirs" : "site",
-   "name" : "DBD-CSV",
-   "resources" : {
-      "bugtracker" : {
-         "web" : "https://github.com/perl5-dbi/DBD-CSV/issues"
-         },
-      "repository" : {
-         "web" : "https://github.com/perl5-dbi/DBD-CSV",
-         "url" : "https://github.com/perl5-dbi/DBD-CSV",
-         "type" : "git"
-         },
-      "license" : [
-         "http://dev.perl.org/licenses/"
-         ]
-      },
-   "dynamic_config" : 1
-   }
+   "release_status" : "stable"
+}
--- a/META.yml
+++ b/META.yml
@@ -3,7 +3,7 @@ abstract: DBI driver for CSV files
 author: 
  - Jochen Wiedmann
  - Jeff Zucker
-  - H.Merijn Brand <h.m.brand@xs4all.nl>
+  - H.Merijn Brand <hmbrand@cpan.org>
  - Jens Rehsack <rehsack@cpan.org>
 build_requires: 
  Config: 0
@@ -20,13 +20,14 @@ name: DBD-CSV
 provides: 
  DBD::CSV: 
    file: lib/DBD/CSV.pm
-    version: '0.60'
+    version: '0.62'
 recommends: 
  DBD::File: '0.44'
  DBI: '1.643'
+  Encode: '3.12'
  SQL::Statement: '1.414'
-  Test::More: '1.302191'
-  Text::CSV_XS: '1.49'
+  Test::More: '1.302207'
+  Text::CSV_XS: '1.59'
 requires: 
  Cwd: 0
  DBD::File: '0.42'
@@ -42,5 +43,5 @@ resources:
  bugtracker: https://github.com/perl5-dbi/DBD-CSV/issues
  license: http://dev.perl.org/licenses/
  repository: https://github.com/perl5-dbi/DBD-CSV
-version: '0.60'
+version: '0.62'
 x_installdirs: site
--- a/Makefile.PL
+++ b/Makefile.PL
 # -*- perl -*-

-# Copyright (c) 2009-2023 H.Merijn Brand
+# Copyright (c) 2009-2025 H.Merijn Brand

 require 5.008001;

@@ -51,8 +51,6 @@ MSG
    sleep 5;
    }

-use vars qw( $DBI_INC_DIR );
-
 {   my $tmp_dir = File::Spec->tmpdir ();
    if (!$ENV{AUTOMATED_TESTING} &&
         prompt ("Enable the use of $tmp_dir for tests?", "y") =~ m/[Yy]/) {
@@ -163,13 +161,7 @@ sub postamble {
 	'',
 	'doc docs:		doc/DBD-CSV.md doc/DBD-CSV.html doc/DBD-CSV.man',
 	'	-@rm -f pod2html.tmp',
-	'doc/DBD-CSV.md:		lib/DBD/CSV.pm',
-	'	pod2markdown  < $? > $@',
-	'doc/DBD-CSV.html:		lib/DBD/CSV.pm',
-	'	pod2html      < $? 2>&1 | grep -v "^Cannot find" > $@',
-	'doc/DBD-CSV.3:		lib/DBD/CSV.pm',
-	'	pod2man       < $? > $@',
-	'doc/DBD-CSV.man:	doc/DBD-CSV.3',
-	'	nroff -mandoc < $? > $@',
+	'doc/DBD-CSV.md:	lib/DBD/CSV.pm',
+	'	perl doc/make-doc.pl',
 	$min_vsn;
    } # postamble
--- a/README
+++ b/README
@@ -9,7 +9,7 @@ Description
    values).

 Copying
-    Copyright (C) 2009-2023 by H.Merijn Brand
+    Copyright (C) 2009-2025 by H.Merijn Brand
    Copyright (C) 2004-2009 by Jeff Zucker
    Copyright (C) 1998-2004 by Jochen Wiedmann
 

--- a/SECURITY.md
+++ b/SECURITY.md
+# Security Policy for the DBD::CSV distribution.
+
+Report issues via email at: Jochen Wiedmann.
+
+
+This is the Security Policy for the Perl DBD::CSV distribution.
+
+The latest version of the Security Policy can be found in the
+[git repository for DBD::CSV](https://github.com/perl5-dbi/DBD-CSV).
+
+This text is based on the CPAN Security Group's Guidelines for Adding
+a Security Policy to Perl Distributions (version 1.0.0)
+https://security.metacpan.org/docs/guides/security-policy-for-authors.html
+
+# How to Report a Security Vulnerability
+
+Security vulnerabilities can be reported by e-mail to the current
+project maintainers at Jochen Wiedmann.
+
+Please include as many details as possible, including code samples
+or test cases, so that we can reproduce the issue.  Check that your
+report does not expose any sensitive data, such as passwords,
+tokens, or personal information.
+
+If you would like any help with triaging the issue, or if the issue
+is being actively exploited, please copy the report to the CPAN
+Security Group (CPANSec) at <cpan-security@security.metacpan.org>.
+
+Please *do not* use the public issue reporting system on RT or
+GitHub issues for reporting security vulnerabilities.
+
+Please do not disclose the security vulnerability in public forums
+until past any proposed date for public disclosure, or it has been
+made public by the maintainers or CPANSec.  That includes patches or
+pull requests.
+
+For more information, see
+[Report a Security Issue](https://security.metacpan.org/docs/report.html)
+on the CPANSec website.
+
+## Response to Reports
+
+The maintainer(s) aim to acknowledge your security report as soon as
+possible.  However, this project is maintained by a single person in
+their spare time, and they cannot guarantee a rapid response.  If you
+have not received a response from them within 10 days, then
+please send a reminder to them and copy the report to CPANSec at
+<cpan-security@security.metacpan.org>.
+
+Please note that the initial response to your report will be an
+acknowledgement, with a possible query for more information.  It
+will not necessarily include any fixes for the issue.
+
+The project maintainer(s) may forward this issue to the security
+contacts for other projects where we believe it is relevant.  This
+may include embedded libraries, system libraries, prerequisite
+modules or downstream software that uses this software.
+
+They may also forward this issue to CPANSec.
+
+# Which Software This Policy Applies To
+
+Any security vulnerabilities in DBD::CSV are covered by this policy.
+
+Security vulnerabilities are considered anything that allows users
+to execute unauthorised code, access unauthorised resources, or to
+have an adverse impact on accessibility or performance of a system.
+
+Security vulnerabilities in upstream software (embedded libraries,
+prerequisite modules or system libraries, or in Perl), are not
+covered by this policy unless they affect DBD::CSV, or DBD::CSV can
+be used to exploit vulnerabilities in them.
+
+Security vulnerabilities in downstream software (any software that
+uses DBD::CSV, or plugins to it that are not included with the
+DBD::CSV distribution) are not covered by this policy.
+
+## Supported Versions of DBD::CSV
+
+The maintainer(s) will only commit to releasing security fixes for
+the latest version of DBD::CSV.
+
+Note that the DBD::CSV project only supports major versions of Perl
+released in the past 5 years, even though DBD::CSV will run on
+older versions of Perl.  If a security fix requires us to increase
+the minimum version of Perl that is supported, then we may do so.
+
+# Installation and Usage Issues
+
+The distribution metadata specifies minimum versions of
+prerequisites that are required for DBD::CSV to work.  However, some
+of these prerequisites may have security vulnerabilities, and you
+should ensure that you are using up-to-date versions of these
+prerequisites.
+
+Where security vulnerabilities are known, the metadata may indicate
+newer versions as recommended.
+
+## Usage
+
+Please see the software documentation for further information.
--- a/cpanfile
+++ b/cpanfile
@@ -6,11 +6,17 @@ requires   "Text::CSV_XS"             => "1.01";
 recommends "DBD::File"                => "0.44";
 recommends "DBI"                      => "1.643";
 recommends "SQL::Statement"           => "1.414";
-recommends "Text::CSV_XS"             => "1.49";
+recommends "Text::CSV_XS"             => "1.59";
+
+suggests   "DBI"                      => "1.646";

 on "configure" => sub {
    requires   "DBI"                      => "1.628";
    requires   "ExtUtils::MakeMaker";
+
+    recommends "ExtUtils::MakeMaker"      => "7.22";
+
+    suggests   "ExtUtils::MakeMaker"      => "7.70";
    };

 on "build" => sub {
@@ -24,5 +30,8 @@ on "test" => sub {
    requires   "Test::More"               => "0.90";
    requires   "charnames";

-    recommends "Test::More"               => "1.302191";
+    recommends "Encode"                   => "3.12";
+    recommends "Test::More"               => "1.302207";
+
+    suggests   "Encode"                   => "3.21";
    };
--- a/debian/changelog
+++ b/debian/changelog
+libdbd-csv-perl (0.6200-1) unstable; urgency=medium
+
+  * Import upstream version 0.6200.
+  * Update years of upstream and packaging copyright.
+  * Update upstream email address.
+  * Add new SECURITY.md file.
+  * Declare compliance with Debian Policy 4.7.0.
+
+ -- gregor herrmann <gregoa@debian.org>  Sat, 01 Feb 2025 00:49:06 +0100
+
 libdbd-csv-perl (0.6000-1+apertis0) apertis; urgency=medium

  * Sync from debian/bookworm.

--- a/debian/control
+++ b/debian/control
@@ -11,7 +11,7 @@ Build-Depends-Indep: libdbi-perl <!nocheck>,
                     libsql-statement-perl <!nocheck>,
                     libtext-csv-xs-perl <!nocheck>,
                     perl
-Standards-Version: 4.6.2
+Standards-Version: 4.7.0
 Vcs-Browser: https://salsa.debian.org/perl-team/modules/packages/libdbd-csv-perl
 Vcs-Git: https://salsa.debian.org/perl-team/modules/packages/libdbd-csv-perl.git
 Homepage: https://metacpan.org/release/DBD-CSV

--- a/debian/copyright
+++ b/debian/copyright
 Format: https://www.debian.org/doc/packaging-manuals/copyright-format/1.0/
 Upstream-Name: DBD-CSV
-Upstream-Contact: H.Merijn Brand <h.m.brand@xs4all.nl>
+Upstream-Contact: H.Merijn Brand <hmbrand@cpan.org>
 Source: https://metacpan.org/release/DBD-CSV

 Files: *
 Copyright: 1998-2004, Jochen Wiedmann <jwied@cpan.org>
 2004-2009, Jeff Zucker <jeff@vpservices.com>
- 2009-2023, H.Merijn Brand <h.m.brand@xs4all.nl>
+ 2009-2025, H.Merijn Brand <hmbrand@cpan.org>
 License: Artistic or GPL-1+

 Files: debian/*
@@ -16,7 +16,7 @@ Copyright: 1998, Craig Sanders <cas@taz.net.au>
 2004, Christian Hammers <ch@debian.org>
 2004, Frank Lichtenheld <djpig@debian.org>
 2004-2005, Gunnar Wolf <gwolf@debian.org>
- 2006-2023, gregor herrmann <gregoa@debian.org>
+ 2006-2025, gregor herrmann <gregoa@debian.org>
 2009-2010, Jonathan Yu <jawnsy@cpan.org>
 2010-2011, Ansgar Burchardt <ansgar@debian.org>
 2010, Nicholas Bamber <nicholas@periapt.co.uk>

--- a/debian/libdbd-csv-perl.docs
+++ b/debian/libdbd-csv-perl.docs
 CONTRIBUTING.md
+SECURITY.md
--- a/lib/Bundle/DBD/CSV.pm
+++ b/lib/Bundle/DBD/CSV.pm
@@ -5,7 +5,7 @@ package Bundle::DBD::CSV;
 use strict;
 use warnings;

-our $VERSION = "1.16";
+our $VERSION = "1.17";

 1;

@@ -21,15 +21,15 @@ Bundle::DBD::CSV - A bundle to install the DBD::CSV driver

 =head1 CONTENTS

-DBI 1.643
+DBI 1.646

-Text::CSV_XS 1.49
+Text::CSV_XS 1.59

 SQL::Statement 1.414

 DBD::File 0.44

-DBD::CSV 0.60
+DBD::CSV 0.62

 =head1 DESCRIPTION

@@ -44,7 +44,7 @@ This module is currently maintained by

 =head1 COPYRIGHT AND LICENSE

-Copyright (C) 2009-2023 by H.Merijn Brand
+Copyright (C) 2009-2025 by H.Merijn Brand
 Copyright (C) 2004-2009 by Jeff Zucker
 Copyright (C) 1998-2004 by Jochen Wiedmann


--- a/lib/DBD/CSV.pm
+++ b/lib/DBD/CSV.pm
@@ -27,17 +27,15 @@ package DBD::CSV;

 use strict;

-use vars qw( @ISA $VERSION $ATTRIBUTION $drh $err $errstr $sqlstate );
+our @ISA         = qw( DBD::File );

-@ISA =   qw( DBD::File );
+our $VERSION     = "0.62";
+our $ATTRIBUTION = "DBD::CSV $DBD::CSV::VERSION by H.Merijn Brand";

-$VERSION     = "0.60";
-$ATTRIBUTION = "DBD::CSV $DBD::CSV::VERSION by H.Merijn Brand";
-
-$err      = 0;		# holds error code   for DBI::err
-$errstr   = "";		# holds error string for DBI::errstr
-$sqlstate = "";         # holds error state  for DBI::state
-$drh      = undef;	# holds driver handle once initialized
+our $err      = 0;	# holds error code   for DBI::err
+our $errstr   = "";	# holds error string for DBI::errstr
+our $sqlstate = "";	# holds error state  for DBI::state
+our $drh      = undef;	# holds driver handle once initialized

 sub CLONE {		# empty method: prevent warnings when threads are cloned
    } # CLONE
@@ -49,9 +47,8 @@ package DBD::CSV::dr;
 use strict;

 use Text::CSV_XS ();
-use vars qw( @ISA @CSV_TYPES );

-@CSV_TYPES = (
+our @CSV_TYPES = (
    Text::CSV_XS::IV (), # SQL_TINYINT
    Text::CSV_XS::IV (), # SQL_BIGINT
    Text::CSV_XS::PV (), # SQL_LONGVARBINARY
@@ -1341,7 +1338,7 @@ Previous maintainer was Jeff Zucker

 =head1 COPYRIGHT AND LICENSE

-Copyright (C) 2009-2023 by H.Merijn Brand
+Copyright (C) 2009-2025 by H.Merijn Brand
 Copyright (C) 2004-2009 by Jeff Zucker
 Copyright (C) 1998-2004 by Jochen Wiedmann