From 9b8be81eef93a8d4a33ce8c6ca291c9d4584d681 Mon Sep 17 00:00:00 2001 From: Ray Molenkamp Date: Mon, 10 Oct 2022 11:48:05 -0600 Subject: deps_builder: Add support for cve-bin-tool This change adds support for intels cve-bin-tool [1] in the deps builder. This adds 2 new targets to the builder that do not build automatically but can be build on demand when required. `make cve_check` will output to the console. `make cve_check_html` will output a html file that can be shared with other people. Requirements: - A working installation of cve-bin-tool on the system Not required but higly recommended: - Obtaining a key from the nvd [2] to speed up the database download. you can pass the key to cmake using `-DCVE_CHECK_NVD_KEY=your_api_key` [1] https://github.com/intel/cve-bin-tool [2] https://nvd.nist.gov/developers/request-an-api-key Reviewed By: brecht Differential Revision: https://developer.blender.org/D16160 --- build_files/build_environment/cmake/versions.cmake | 57 ++++++++++++++++++++-- 1 file changed, 53 insertions(+), 4 deletions(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 938ecd393dc..6e36db1e387 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -1,10 +1,19 @@ # SPDX-License-Identifier: GPL-2.0-or-later +# CPE's are used to identify dependencies, for more information on what they +# are please see https://nvd.nist.gov/products/cpe +# +# We use them in combination with cve-bin-tool to scan for known security issues. +# +# Not all of our dependencies are currently in the nvd database so not all +# dependencies have one assigned. + set(ZLIB_VERSION 1.2.12) set(ZLIB_URI https://zlib.net/zlib-${ZLIB_VERSION}.tar.gz) set(ZLIB_HASH 5fc414a9726be31427b440b434d05f78) set(ZLIB_HASH_TYPE MD5) set(ZLIB_FILE zlib-${ZLIB_VERSION}.tar.gz) +set(ZLIB_CPE "cpe:2.3:a:zlib:zlib:${ZLIB_VERSION}:*:*:*:*:*:*:*") set(OPENAL_VERSION 1.21.1) set(OPENAL_URI http://openal-soft.org/openal-releases/openal-soft-${OPENAL_VERSION}.tar.bz2) @@ -17,12 +26,14 @@ set(PNG_URI http://prdownloads.sourceforge.net/libpng/libpng-${PNG_VERSION}.tar. set(PNG_HASH 505e70834d35383537b6491e7ae8641f1a4bed1876dbfe361201fc80868d88ca) set(PNG_HASH_TYPE SHA256) set(PNG_FILE libpng-${PNG_VERSION}.tar.xz) +set(PNG_CPE "cpe:2.3:a:libpng:libpng:${PNG_VERSION}:*:*:*:*:*:*:*") set(JPEG_VERSION 2.1.3) set(JPEG_URI https://github.com/libjpeg-turbo/libjpeg-turbo/archive/${JPEG_VERSION}.tar.gz) set(JPEG_HASH 627b980fad0573e08e4c3b80b290fc91) set(JPEG_HASH_TYPE MD5) set(JPEG_FILE libjpeg-turbo-${JPEG_VERSION}.tar.gz) +set(JPEG_CPE "cpe:2.3:a:d.r.commander:libjpeg-turbo:${JPEG_VERSION}:*:*:*:*:*:*:*") set(BOOST_VERSION 1.78.0) set(BOOST_VERSION_SHORT 1.78) @@ -32,12 +43,14 @@ set(BOOST_URI https://boostorg.jfrog.io/artifactory/main/release/${BOOST_VERSION set(BOOST_HASH c2f6428ac52b0e5a3c9b2e1d8cc832b5) set(BOOST_HASH_TYPE MD5) set(BOOST_FILE boost_${BOOST_VERSION_NODOTS}.tar.gz) +set(BOOST_CPE "cpe:2.3:a:boost:boost:${BOOST_VERSION}:*:*:*:*:*:*:*") set(BLOSC_VERSION 1.21.1) set(BLOSC_URI https://github.com/Blosc/c-blosc/archive/v${BLOSC_VERSION}.tar.gz) set(BLOSC_HASH 134b55813b1dca57019d2a2dc1f7a923) set(BLOSC_HASH_TYPE MD5) set(BLOSC_FILE blosc-${BLOSC_VERSION}.tar.gz) +set(BLOSC_CPE "cpe:2.3:a:c-blosc2_project:c-blosc2:${BLOSC_VERSION}:*:*:*:*:*:*:*") set(PTHREADS_VERSION 3.0.0) set(PTHREADS_URI http://prdownloads.sourceforge.net/pthreads4w/pthreads4w-code-v${PTHREADS_VERSION}.zip) @@ -50,6 +63,7 @@ set(OPENEXR_URI https://github.com/AcademySoftwareFoundation/openexr/archive/v${ set(OPENEXR_HASH a92f38eedd43e56c0af56d4852506886) set(OPENEXR_HASH_TYPE MD5) set(OPENEXR_FILE openexr-${OPENEXR_VERSION}.tar.gz) +set(OPENEXR_CPE "cpe:2.3:a:openexr:openexr:${OPENEXR_VERSION}:*:*:*:*:*:*:*") set(IMATH_VERSION 3.1.5) set(IMATH_URI https://github.com/AcademySoftwareFoundation/Imath/archive/v${OPENEXR_VERSION}.tar.gz) @@ -79,6 +93,7 @@ set(FREETYPE_URI http://prdownloads.sourceforge.net/freetype/freetype-${FREETYPE set(FREETYPE_HASH bd4e3b007474319909a6b79d50908e85) set(FREETYPE_HASH_TYPE MD5) set(FREETYPE_FILE freetype-${FREETYPE_VERSION}.tar.gz) +SET(FREETYPE_CPE "cpe:2.3:a:freetype:freetype:${FREETYPE_VERSION}:*:*:*:*:*:*:*") set(EPOXY_VERSION 1.5.10) set(EPOXY_URI https://github.com/anholt/libepoxy/archive/refs/tags/${EPOXY_VERSION}.tar.gz) @@ -97,6 +112,7 @@ set(ALEMBIC_URI https://github.com/alembic/alembic/archive/${ALEMBIC_VERSION}.ta set(ALEMBIC_HASH 2cd8d6e5a3ac4a014e24a4b04f4fadf9) set(ALEMBIC_HASH_TYPE MD5) set(ALEMBIC_FILE alembic-${ALEMBIC_VERSION}.tar.gz) +SET(FREETYPE_CPE "cpe:2.3:a:freetype:freetype:${FREETYPE_VERSION}:*:*:*:*:*:*:*") set(OPENSUBDIV_VERSION v3_4_4) set(OPENSUBDIV_URI https://github.com/PixarAnimationStudios/OpenSubdiv/archive/${OPENSUBDIV_VERSION}.tar.gz) @@ -109,6 +125,7 @@ set(SDL_URI https://www.libsdl.org/release/SDL2-${SDL_VERSION}.tar.gz) set(SDL_HASH a53acc02e1cca98c4123229069b67c9e) set(SDL_HASH_TYPE MD5) set(SDL_FILE SDL2-${SDL_VERSION}.tar.gz) +set(SDL_CPE "cpe:2.3:a:libsdl:sdl:${SDL_VERSION}:*:*:*:*:*:*:*") set(OPENCOLLADA_VERSION v1.6.68) set(OPENCOLLADA_URI https://github.com/KhronosGroup/OpenCOLLADA/archive/${OPENCOLLADA_VERSION}.tar.gz) @@ -127,6 +144,7 @@ set(LLVM_URI https://github.com/llvm/llvm-project/releases/download/llvmorg-${LL set(LLVM_HASH 5a4fab4d7fc84aefffb118ac2c8a4fc0) set(LLVM_HASH_TYPE MD5) set(LLVM_FILE llvm-project-${LLVM_VERSION}.src.tar.xz) +set(LLVM_CPE "cpe:2.3:a:llvm:compiler:${LLVM_VERSION}:*:*:*:*:*:*:*") if(APPLE) # Cloth physics test is crashing due to this bug: @@ -154,6 +172,7 @@ set(FMT_URI https://github.com/fmtlib/fmt/archive/refs/tags/${FMT_VERSION}.tar.g set(FMT_HASH 7bce0e9e022e586b178b150002e7c2339994e3c2bbe44027e9abb0d60f9cce83) set(FMT_HASH_TYPE SHA256) set(FMT_FILE fmt-${FMT_VERSION}.tar.gz) +set(FMT_CPE "cpe:2.3:a:fmt:fmt:${FMT_VERSION}:*:*:*:*:*:*:*") # 0.6.2 is currently oiio's preferred version although never versions may be available. # the preferred version can be found in oiio's externalpackages.cmake @@ -168,6 +187,7 @@ set(TIFF_URI http://download.osgeo.org/libtiff/tiff-${TIFF_VERSION}.tar.gz) set(TIFF_HASH 376f17f189e9d02280dfe709b2b2bbea) set(TIFF_HASH_TYPE MD5) set(TIFF_FILE tiff-${TIFF_VERSION}.tar.gz) +set(TIFF_CPE "cpe:2.3:a:libtiff:libtiff:${TIFF_VERSION}:*:*:*:*:*:*:*") set(OSL_VERSION 1.11.17.0) set(OSL_URI https://github.com/imageworks/OpenShadingLanguage/archive/Release-${OSL_VERSION}.tar.gz) @@ -182,12 +202,15 @@ set(PYTHON_URI https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTH set(PYTHON_HASH 14e8c22458ed7779a1957b26cde01db9) set(PYTHON_HASH_TYPE MD5) set(PYTHON_FILE Python-${PYTHON_VERSION}.tar.xz) +set(PYTHON_CPE "cpe:2.3:a:python:python:${PYTHON_VERSION}:-:*:*:*:*:*:*") -set(TBB_VERSION 2020_U3) +set(TBB_YEAR 2020) +set(TBB_VERSION ${TBB_YEAR}_U3) set(TBB_URI https://github.com/oneapi-src/oneTBB/archive/${TBB_VERSION}.tar.gz) set(TBB_HASH 55ec8df6eae5ed6364a47f0e671e460c) set(TBB_HASH_TYPE MD5) set(TBB_FILE oneTBB-${TBB_VERSION}.tar.gz) +set(TBB_CPE "cpe:2.3:a:intel:threading_building_blocks:${TBB_YEAR}:*:*:*:*:*:*:*") set(OPENVDB_VERSION 9.0.0) set(OPENVDB_URI https://github.com/AcademySoftwareFoundation/openvdb/archive/v${OPENVDB_VERSION}.tar.gz) @@ -198,6 +221,7 @@ set(OPENVDB_FILE openvdb-${OPENVDB_VERSION}.tar.gz) set(IDNA_VERSION 3.3) set(CHARSET_NORMALIZER_VERSION 2.0.10) set(URLLIB3_VERSION 1.26.8) +set(URLLIB3_CPE "cpe:2.3:a:urllib3:urllib3:${URLLIB3_VERSION}:*:*:*:*:*:*:*") set(CERTIFI_VERSION 2021.10.8) set(REQUESTS_VERSION 2.27.1) set(CYTHON_VERSION 0.29.26) @@ -214,12 +238,14 @@ set(NUMPY_URI https://github.com/numpy/numpy/releases/download/v${NUMPY_VERSION} set(NUMPY_HASH 252de134862a27bd66705d29622edbfe) set(NUMPY_HASH_TYPE MD5) set(NUMPY_FILE numpy-${NUMPY_VERSION}.zip) +set(NUMPY_CPE "cpe:2.3:a:numpy:numpy:${NUMPY_VERSION}:*:*:*:*:*:*:*") set(LAME_VERSION 3.100) set(LAME_URI http://downloads.sourceforge.net/project/lame/lame/3.100/lame-${LAME_VERSION}.tar.gz) set(LAME_HASH 83e260acbe4389b54fe08e0bdbf7cddb) set(LAME_HASH_TYPE MD5) set(LAME_FILE lame-${LAME_VERSION}.tar.gz) +set(LAME_CPE "cpe:2.3:a:lame_project:lame:${LAME_VERSION}:*:*:*:*:*:*:*") set(OGG_VERSION 1.3.5) set(OGG_URI http://downloads.xiph.org/releases/ogg/libogg-${OGG_VERSION}.tar.gz) @@ -232,6 +258,7 @@ set(VORBIS_URI http://downloads.xiph.org/releases/vorbis/libvorbis-${VORBIS_VERS set(VORBIS_HASH 0e982409a9c3fc82ee06e08205b1355e5c6aa4c36bca58146ef399621b0ce5ab) set(VORBIS_HASH_TYPE SHA256) set(VORBIS_FILE libvorbis-${VORBIS_VERSION}.tar.gz) +set(VORBIS_CPE "cpe:2.3:a:xiph.org:libvorbis:${VORBIS_VERSION}:*:*:*:*:*:*:*") set(THEORA_VERSION 1.1.1) set(THEORA_URI http://downloads.xiph.org/releases/theora/libtheora-${THEORA_VERSION}.tar.bz2) @@ -244,12 +271,14 @@ set(FLAC_URI http://downloads.xiph.org/releases/flac/flac-${FLAC_VERSION}.tar.xz set(FLAC_HASH 8ff0607e75a322dd7cd6ec48f4f225471404ae2730d0ea945127b1355155e737 ) set(FLAC_HASH_TYPE SHA256) set(FLAC_FILE flac-${FLAC_VERSION}.tar.xz) +set(FLAC_CPE "cpe:2.3:a:flac_project:flac:${FLAC_VERSION}:*:*:*:*:*:*:*") set(VPX_VERSION 1.11.0) set(VPX_URI https://github.com/webmproject/libvpx/archive/v${VPX_VERSION}/libvpx-v${VPX_VERSION}.tar.gz) set(VPX_HASH 965e51c91ad9851e2337aebcc0f517440c637c506f3a03948062e3d5ea129a83) set(VPX_HASH_TYPE SHA256) set(VPX_FILE libvpx-v${VPX_VERSION}.tar.gz) +set(VPX_CPE "cpe:2.3:a:webmproject:libvpx:${VPX_VERSION}:*:*:*:*:*:*:*") set(OPUS_VERSION 1.3.1) set(OPUS_URI https://archive.mozilla.org/pub/opus/opus-${OPUS_VERSION}.tar.gz) @@ -275,12 +304,14 @@ set(OPENJPEG_URI https://github.com/uclouvain/openjpeg/archive/v${OPENJPEG_VERSI set(OPENJPEG_HASH 8702ba68b442657f11aaeb2b338443ca8d5fb95b0d845757968a7be31ef7f16d) set(OPENJPEG_HASH_TYPE SHA256) set(OPENJPEG_FILE openjpeg-v${OPENJPEG_VERSION}.tar.gz) +set(OPENJPEG_CPE "cpe:2.3:a:uclouvain:openjpeg:${OPENJPEG_VERSION}:*:*:*:*:*:*:*") set(FFMPEG_VERSION 5.0) set(FFMPEG_URI http://ffmpeg.org/releases/ffmpeg-${FFMPEG_VERSION}.tar.bz2) set(FFMPEG_HASH c0130b8db2c763430fd1c6905288d61bc44ee0548ad5fcd2dfd650b88432bed9) set(FFMPEG_HASH_TYPE SHA256) set(FFMPEG_FILE ffmpeg-${FFMPEG_VERSION}.tar.bz2) +set(FFMPEG_CPE "cpe:2.3:a:ffmpeg:ffmpeg:${FFMPEG_VERSION}:*:*:*:*:*:*:*") set(FFTW_VERSION 3.3.10) set(FFTW_URI http://www.fftw.org/fftw-${FFTW_VERSION}.tar.gz) @@ -299,12 +330,14 @@ set(SNDFILE_URI http://www.mega-nerd.com/libsndfile/files/libsndfile-${SNDFILE_V set(SNDFILE_HASH 646b5f98ce89ac60cdb060fcd398247c) set(SNDFILE_HASH_TYPE MD5) set(SNDFILE_FILE libsndfile-${SNDFILE_VERSION}.tar.gz) +set(SNDFILE_CPE "cpe:2.3:a:libsndfile_project:libsndfile:${SNDFILE_VERSION}:*:*:*:*:*:*:*") set(WEBP_VERSION 1.2.2) set(WEBP_URI https://storage.googleapis.com/downloads.webmproject.org/releases/webp/libwebp-${WEBP_VERSION}.tar.gz) set(WEBP_HASH b5e2e414a8adee4c25fe56b18dd9c549) set(WEBP_HASH_TYPE MD5) set(WEBP_FILE libwebp-${WEBP_VERSION}.tar.gz) +set(WEBP_CPE "cpe:2.3:a:webmproject:libwebp:${WEBP_VERSION}:*:*:*:*:*:*:*") set(SPNAV_VERSION 0.2.3) set(SPNAV_URI http://downloads.sourceforge.net/project/spacenav/spacenav%20library%20%28SDK%29/libspnav%20${SPNAV_VERSION}/libspnav-${SPNAV_VERSION}.tar.gz) @@ -323,6 +356,7 @@ set(XML2_URI http://xmlsoft.org/sources/libxml2-${XML2_VERSION}.tar.gz) set(XML2_HASH 10942a1dc23137a8aa07f0639cbfece5) set(XML2_HASH_TYPE MD5) set(XML2_FILE libxml2-${XML2_VERSION}.tar.gz) +set(XML2_CPE "cpe:2.3:a:xmlsoft:libxml2:${XML2_VERSION}:*:*:*:*:*:*:*") set(TINYXML_VERSION 2_6_2) set(TINYXML_VERSION_DOTS 2.6.2) @@ -330,12 +364,14 @@ set(TINYXML_URI https://nchc.dl.sourceforge.net/project/tinyxml/tinyxml/${TINYXM set(TINYXML_HASH c1b864c96804a10526540c664ade67f0) set(TINYXML_HASH_TYPE MD5) set(TINYXML_FILE tinyxml_${TINYXML_VERSION}.tar.gz) +set(TINYXML_CPE "cpe:2.3:a:tinyxml_project:tinyxml:${TINYXML_VERSION_DOTS}:*:*:*:*:*:*:*") set(YAMLCPP_VERSION 0.6.3) set(YAMLCPP_URI https://codeload.github.com/jbeder/yaml-cpp/tar.gz/yaml-cpp-${YAMLCPP_VERSION}) set(YAMLCPP_HASH b45bf1089a382e81f6b661062c10d0c2) set(YAMLCPP_HASH_TYPE MD5) set(YAMLCPP_FILE yaml-cpp-${YAMLCPP_VERSION}.tar.gz) +set(YAMLCPP "cpe:2.3:a:yaml-cpp_project:yaml-cpp:${YAMLCPP_VERSION}:*:*:*:*:*:*:*") set(PYSTRING_VERSION v1.1.3) set(PYSTRING_URI https://codeload.github.com/imageworks/pystring/tar.gz/refs/tags/${PYSTRING_VERSION}) @@ -344,16 +380,19 @@ set(PYSTRING_HASH_TYPE MD5) set(PYSTRING_FILE pystring-${PYSTRING_VERSION}.tar.gz) set(EXPAT_VERSION 2_4_4) +set(EXPAT_VERSION_DOTS 2.4.4) set(EXPAT_URI https://github.com/libexpat/libexpat/archive/R_${EXPAT_VERSION}.tar.gz) set(EXPAT_HASH 2d3e81dee94b452369dc6394ff0f8f98) set(EXPAT_HASH_TYPE MD5) set(EXPAT_FILE libexpat-${EXPAT_VERSION}.tar.gz) +set(EXPAT_CPE "cpe:2.3:a:libexpat_project:libexpat:${EXPAT_VERSION_DOTS}:*:*:*:*:*:*:*") set(PUGIXML_VERSION 1.10) set(PUGIXML_URI https://github.com/zeux/pugixml/archive/v${PUGIXML_VERSION}.tar.gz) set(PUGIXML_HASH 0c208b0664c7fb822bf1b49ad035e8fd) set(PUGIXML_HASH_TYPE MD5) set(PUGIXML_FILE pugixml-${PUGIXML_VERSION}.tar.gz) +set(PUGIXML_CPE "cpe:2.3:a:pugixml_project:pugixml:${PUGIXML_VERSION}:*:*:*:*:*:*:*") set(FLEXBISON_VERSION 2.5.24) set(FLEXBISON_URI http://prdownloads.sourceforge.net/winflexbison/win_flex_bison-${FLEXBISON_VERSION}.zip) @@ -376,12 +415,14 @@ set(BZIP2_URI http://http.debian.net/debian/pool/main/b/bzip2/bzip2_${BZIP2_VERS set(BZIP2_HASH ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269) set(BZIP2_HASH_TYPE SHA256) set(BZIP2_FILE bzip2_${BZIP2_VERSION}.orig.tar.gz) +set(BZIP2_CPE "cpe:2.3:a:bzip:bzip2:${BZIP2_VERSION}:*:*:*:*:*:*:*") set(FFI_VERSION 3.3) set(FFI_URI https://sourceware.org/pub/libffi/libffi-${FFI_VERSION}.tar.gz) set(FFI_HASH 72fba7922703ddfa7a028d513ac15a85c8d54c8d67f55fa5a4802885dc652056) set(FFI_HASH_TYPE SHA256) set(FFI_FILE libffi-${FFI_VERSION}.tar.gz) +set(FFI_CPE "cpe:2.3:a:libffi_project:libffi:${FFI_VERSION}:*:*:*:*:*:*:*") set(LZMA_VERSION 5.2.5) set(LZMA_URI https://tukaani.org/xz/xz-${LZMA_VERSION}.tar.bz2) @@ -403,12 +444,14 @@ else() set(SSL_HASH_TYPE SHA256) set(SSL_FILE openssl-${SSL_VERSION}.tar.gz) endif() +set(SSL_CPE "cpe:2.3:a:openssl:openssl:${SSL_VERSION}:*:*:*:*:*:*:*") set(SQLITE_VERSION 3.31.1) set(SQLITE_URI https://www.sqlite.org/2018/sqlite-src-3240000.zip) set(SQLITE_HASH fb558c49ee21a837713c4f1e7e413309aabdd9c7) set(SQLITE_HASH_TYPE SHA1) set(SQLITE_FILE sqlite-src-3240000.zip) +set(SQLITE_CPE "cpe:2.3:a:sqlite:sqlite:${SQLITE_VERSION}:*:*:*:*:*:*:*") set(EMBREE_VERSION 3.13.4) set(EMBREE_URI https://github.com/embree/embree/archive/v${EMBREE_VERSION}.zip) @@ -439,12 +482,14 @@ set(MESA_URI ftp://ftp.freedesktop.org/pub/mesa/mesa-${MESA_VERSION}.tar.xz) set(MESA_HASH 022c7293074aeeced2278c872db4fa693147c70f8595b076cf3f1ef81520766d) set(MESA_HASH_TYPE SHA256) set(MESA_FILE mesa-${MESA_VERSION}.tar.xz) +set(MESA_CPE "cpe:2.3:a:mesa3d:mesa:${MESA_VERSION}:*:*:*:*:*:*:*") set(NASM_VERSION 2.15.02) set(NASM_URI https://github.com/netwide-assembler/nasm/archive/nasm-${NASM_VERSION}.tar.gz) set(NASM_HASH aded8b796c996a486a56e0515c83e414116decc3b184d88043480b32eb0a8589) set(NASM_HASH_TYPE SHA256) set(NASM_FILE nasm-${NASM_VERSION}.tar.gz) +set(NASM_PCE "cpe:2.3:a:nasm:nasm:${NASM_VERSION}:*:*:*:*:*:*:*") set(XR_OPENXR_SDK_VERSION 1.0.22) set(XR_OPENXR_SDK_URI https://github.com/KhronosGroup/OpenXR-SDK/archive/release-${XR_OPENXR_SDK_VERSION}.tar.gz) @@ -481,12 +526,14 @@ set(GMP_URI https://gmplib.org/download/gmp/gmp-${GMP_VERSION}.tar.xz) set(GMP_HASH 0b82665c4a92fd2ade7440c13fcaa42b) set(GMP_HASH_TYPE MD5) set(GMP_FILE gmp-${GMP_VERSION}.tar.xz) +set(GMP_CPE "cpe:2.3:a:gmplib:gmp:${GMP_VERSION}:*:*:*:*:*:*:*") set(POTRACE_VERSION 1.16) set(POTRACE_URI http://potrace.sourceforge.net/download/${POTRACE_VERSION}/potrace-${POTRACE_VERSION}.tar.gz) set(POTRACE_HASH 5f0bd87ddd9a620b0c4e65652ef93d69) set(POTRACE_HASH_TYPE MD5) set(POTRACE_FILE potrace-${POTRACE_VERSION}.tar.gz) +set(POTRACE_CPE "cpe:2.3:a:icoasoft:potrace:${POTRACE_VERSION}:*:*:*:*:*:*:*") set(HARU_VERSION 2_3_0) set(HARU_URI https://github.com/libharu/libharu/archive/RELEASE_${HARU_VERSION}.tar.gz) @@ -499,6 +546,7 @@ set(ZSTD_URI https://github.com/facebook/zstd/releases/download/v${ZSTD_VERSION} set(ZSTD_HASH 5194fbfa781fcf45b98c5e849651aa7b3b0a008c6b72d4a0db760f3002291e94) set(ZSTD_HASH_TYPE SHA256) set(ZSTD_FILE zstd-${ZSTD_VERSION}.tar.gz) +set(ZSTD_CPE "cpe:2.3:a:facebook:zstandard:${ZSTD_VERSION}:*:*:*:*:*:*:*") set(SSE2NEON_VERSION fe5ff00bb8d19b327714a3c290f3e2ce81ba3525) set(SSE2NEON_URI https://github.com/DLTcollab/sse2neon/archive/${SSE2NEON_VERSION}.tar.gz) @@ -506,11 +554,12 @@ set(SSE2NEON_HASH 0780253525d299c31775ef95853698d03db9c7739942af8570000f4a25a5d6 set(SSE2NEON_HASH_TYPE SHA256) set(SSE2NEON_FILE sse2neon-${SSE2NEON_VERSION}.tar.gz) -set(BROTLI_VERSION v1.0.9) -set(BROTLI_URI https://github.com/google/brotli/archive/refs/tags/${BROTLI_VERSION}.tar.gz) +set(BROTLI_VERSION 1.0.9) +set(BROTLI_URI https://github.com/google/brotli/archive/refs/tags/v${BROTLI_VERSION}.tar.gz) set(BROTLI_HASH f9e8d81d0405ba66d181529af42a3354f838c939095ff99930da6aa9cdf6fe46) set(BROTLI_HASH_TYPE SHA256) -set(BROTLI_FILE brotli-${BROTLI_VERSION}.tar.gz) +set(BROTLI_FILE brotli-v${BROTLI_VERSION}.tar.gz) +set(BROTLI_CPE "cpe:2.3:a:google:brotli:${BROTLI_VERSION}:*:*:*:*:*:*:*") set(OPENPGL_VERSION v0.3.1-beta) set(OPENPGL_SHORT_VERSION 0.3.1) -- cgit v1.2.3 From b2627dff4971ee9912fe8b41a09fcfa861eaadbb Mon Sep 17 00:00:00 2001 From: Sebastian Herholz Date: Thu, 13 Oct 2022 17:45:14 +0200 Subject: Build: Upgrading OpenPGL version to 0.4.0 --- build_files/build_environment/cmake/versions.cmake | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 6e36db1e387..85821d5de0e 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -561,10 +561,10 @@ set(BROTLI_HASH_TYPE SHA256) set(BROTLI_FILE brotli-v${BROTLI_VERSION}.tar.gz) set(BROTLI_CPE "cpe:2.3:a:google:brotli:${BROTLI_VERSION}:*:*:*:*:*:*:*") -set(OPENPGL_VERSION v0.3.1-beta) -set(OPENPGL_SHORT_VERSION 0.3.1) +set(OPENPGL_VERSION v0.4.0-beta) +set(OPENPGL_SHORT_VERSION 0.4.0) set(OPENPGL_URI https://github.com/OpenPathGuidingLibrary/openpgl/archive/refs/tags/${OPENPGL_VERSION}.tar.gz) -set(OPENPGL_HASH 3830098c485c962018932766199527aab453a8029528dbbc04d4454d82431e2c) +set(OPENPGL_HASH 1842d289e9b0efb6889640cd16e253eefecc2c1d01eea1c6bdec6fbcf9f166ae) set(OPENPGL_HASH_TYPE SHA256) set(OPENPGL_FILE openpgl-${OPENPGL_VERSION}.tar.gz) -- cgit v1.2.3 From a90b0eb7729a5a1572c6c84e98d41e12cec87f21 Mon Sep 17 00:00:00 2001 From: Sebastian Herholz Date: Fri, 14 Oct 2022 21:10:55 +0200 Subject: Deps: Updating OpenPGL 0.4.0 hash value --- build_files/build_environment/cmake/versions.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 85821d5de0e..bfc6d27f74d 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -564,7 +564,7 @@ set(BROTLI_CPE "cpe:2.3:a:google:brotli:${BROTLI_VERSION}:*:*:*:*:*:*:*") set(OPENPGL_VERSION v0.4.0-beta) set(OPENPGL_SHORT_VERSION 0.4.0) set(OPENPGL_URI https://github.com/OpenPathGuidingLibrary/openpgl/archive/refs/tags/${OPENPGL_VERSION}.tar.gz) -set(OPENPGL_HASH 1842d289e9b0efb6889640cd16e253eefecc2c1d01eea1c6bdec6fbcf9f166ae) +set(OPENPGL_HASH 58d5b65c533ce6cac3f7e1d51cf169a5411adf356abcd85f04049bbcaecc2e77) set(OPENPGL_HASH_TYPE SHA256) set(OPENPGL_FILE openpgl-${OPENPGL_VERSION}.tar.gz) -- cgit v1.2.3 From 303dd263e2590f981ee1917554cd688dd951ee2c Mon Sep 17 00:00:00 2001 From: Ray Molenkamp Date: Thu, 20 Oct 2022 13:33:08 +0200 Subject: Build: update OSL to version 1.12.6.2 Required changes to make OSL pick up the new oslnoise library. Ref D16269, T101403 --- build_files/build_environment/cmake/versions.cmake | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index bfc6d27f74d..469988dab0c 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -189,9 +189,9 @@ set(TIFF_HASH_TYPE MD5) set(TIFF_FILE tiff-${TIFF_VERSION}.tar.gz) set(TIFF_CPE "cpe:2.3:a:libtiff:libtiff:${TIFF_VERSION}:*:*:*:*:*:*:*") -set(OSL_VERSION 1.11.17.0) -set(OSL_URI https://github.com/imageworks/OpenShadingLanguage/archive/Release-${OSL_VERSION}.tar.gz) -set(OSL_HASH 63265472ce14548839ace2e21e401544) +set(OSL_VERSION 1.12.6.2) +set(OSL_URI https://github.com/AcademySoftwareFoundation/OpenShadingLanguage/archive/refs/tags/v${OSL_VERSION}.tar.gz) +set(OSL_HASH 6fef11548adfdd3e5b25c49d2dae96ee) set(OSL_HASH_TYPE MD5) set(OSL_FILE OpenShadingLanguage-${OSL_VERSION}.tar.gz) -- cgit v1.2.3 From debacbfe5c8fb38a01504463b70f590386a3f62c Mon Sep 17 00:00:00 2001 From: Ray Molenkamp Date: Thu, 20 Oct 2022 13:37:18 +0200 Subject: Build: update OpenPGL hash for re-tagged version without symbols conflicts Ref D16269, T101403 --- build_files/build_environment/cmake/versions.cmake | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 469988dab0c..6f358fd6f86 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -564,7 +564,7 @@ set(BROTLI_CPE "cpe:2.3:a:google:brotli:${BROTLI_VERSION}:*:*:*:*:*:*:*") set(OPENPGL_VERSION v0.4.0-beta) set(OPENPGL_SHORT_VERSION 0.4.0) set(OPENPGL_URI https://github.com/OpenPathGuidingLibrary/openpgl/archive/refs/tags/${OPENPGL_VERSION}.tar.gz) -set(OPENPGL_HASH 58d5b65c533ce6cac3f7e1d51cf169a5411adf356abcd85f04049bbcaecc2e77) +set(OPENPGL_HASH 1f090f88ab2bad028e8b3619aa926f4f97cf7b2c175b904704d2fec8593dd3cd) set(OPENPGL_HASH_TYPE SHA256) set(OPENPGL_FILE openpgl-${OPENPGL_VERSION}.tar.gz) -- cgit v1.2.3 From 21deba56aaeccf94d83024a9de4eef49ea05984f Mon Sep 17 00:00:00 2001 From: Ray Molenkamp Date: Thu, 20 Oct 2022 13:25:54 +0200 Subject: Build: update various libraries for 3.4, fixing bugs and security issues THis is bumping dependencies to fix known CVEs, with the exception of OpenImageIO which also includes bugfixes for performance and correctness with some image types. zlib 1.2.12 -> 1.2.13 freetype 2.11.1 -> 2.12.1 openimageio 2.3.13.0 -> 2.3.20.0 python 3.10.2 -> 3.10.8 openjpeg 2.4.0 -> 2.5.0 ffmpeg 5.0 -> 5.1.2 sndfile 1.0.28 -> 1.1.0 xml2 2.9.10 -> 2.10.3 expat 2.4.4 -> 2.4.9 openssl 1.1.1g/i -> 1.1.1q sqlite 3.31.1 -> 3.37.2 Notable changes: * AOM: the hack we had in place to make it not detect pthreads on windows no longer worked with a more recent cmake version. Disabled pthreads with a diff on Windows. * Python: embedded copy of zlib 2.1.12 swapped out for our 2.1.13 copy with some folder manipulation on Windows. * Freetype: was harbouring a copy of zlib 2.1.12 as well, so that had to end. * FFmpeg: patch used to fix D11796 is no longer needed. Add new patch to deal with simple_idct.asm generating an object file with no sections in it, backport from upstream commit. * TinyXML: still being downloaded but no longer used by OpenColorIO, removed. * GMP applied upstream patch to fix CVE-2021-43618, as there is no release yet. * SQLite and Libsndfile patches no longer needed. Includes contributes by Ray Molenkamp, Campbell Barton and Brecht Van Lommel. Ref T101403 Differential Revision: https://developer.blender.org/D16269 --- build_files/build_environment/cmake/versions.cmake | 95 +++++++++++----------- 1 file changed, 46 insertions(+), 49 deletions(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 6f358fd6f86..5fa138ff01b 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -8,9 +8,9 @@ # Not all of our dependencies are currently in the nvd database so not all # dependencies have one assigned. -set(ZLIB_VERSION 1.2.12) +set(ZLIB_VERSION 1.2.13) set(ZLIB_URI https://zlib.net/zlib-${ZLIB_VERSION}.tar.gz) -set(ZLIB_HASH 5fc414a9726be31427b440b434d05f78) +set(ZLIB_HASH 9b8aa094c4e5765dabf4da391f00d15c) set(ZLIB_HASH_TYPE MD5) set(ZLIB_FILE zlib-${ZLIB_VERSION}.tar.gz) set(ZLIB_CPE "cpe:2.3:a:zlib:zlib:${ZLIB_VERSION}:*:*:*:*:*:*:*") @@ -88,9 +88,9 @@ else() set(OPENEXR_VERSION_POSTFIX) endif() -set(FREETYPE_VERSION 2.11.1) +set(FREETYPE_VERSION 2.12.1) set(FREETYPE_URI http://prdownloads.sourceforge.net/freetype/freetype-${FREETYPE_VERSION}.tar.gz) -set(FREETYPE_HASH bd4e3b007474319909a6b79d50908e85) +set(FREETYPE_HASH 8bc5c9c9df7ac12c504f8918552a7cf2) set(FREETYPE_HASH_TYPE MD5) set(FREETYPE_FILE freetype-${FREETYPE_VERSION}.tar.gz) SET(FREETYPE_CPE "cpe:2.3:a:freetype:freetype:${FREETYPE_VERSION}:*:*:*:*:*:*:*") @@ -159,9 +159,9 @@ set(OPENMP_URI https://github.com/llvm/llvm-project/releases/download/llvmorg-${ set(OPENMP_HASH_TYPE MD5) set(OPENMP_FILE openmp-${OPENMP_VERSION}.src.tar.xz) -set(OPENIMAGEIO_VERSION v2.3.13.0) +set(OPENIMAGEIO_VERSION v2.3.20.0) set(OPENIMAGEIO_URI https://github.com/OpenImageIO/oiio/archive/refs/tags/${OPENIMAGEIO_VERSION}.tar.gz) -set(OPENIMAGEIO_HASH de45fb38501c4581062b522b53b6141c) +set(OPENIMAGEIO_HASH defb1fe7c8e64bac60eb3cacaf5c3736) set(OPENIMAGEIO_HASH_TYPE MD5) set(OPENIMAGEIO_FILE OpenImageIO-${OPENIMAGEIO_VERSION}.tar.gz) @@ -195,11 +195,11 @@ set(OSL_HASH 6fef11548adfdd3e5b25c49d2dae96ee) set(OSL_HASH_TYPE MD5) set(OSL_FILE OpenShadingLanguage-${OSL_VERSION}.tar.gz) -set(PYTHON_VERSION 3.10.2) +set(PYTHON_VERSION 3.10.8) set(PYTHON_SHORT_VERSION 3.10) set(PYTHON_SHORT_VERSION_NO_DOTS 310) set(PYTHON_URI https://www.python.org/ftp/python/${PYTHON_VERSION}/Python-${PYTHON_VERSION}.tar.xz) -set(PYTHON_HASH 14e8c22458ed7779a1957b26cde01db9) +set(PYTHON_HASH e92356b012ed4d0e09675131d39b1bde) set(PYTHON_HASH_TYPE MD5) set(PYTHON_FILE Python-${PYTHON_VERSION}.tar.xz) set(PYTHON_CPE "cpe:2.3:a:python:python:${PYTHON_VERSION}:-:*:*:*:*:*:*") @@ -298,17 +298,17 @@ set(XVIDCORE_HASH abbdcbd39555691dd1c9b4d08f0a031376a3b211652c0d8b3b8aa9be1303ce set(XVIDCORE_HASH_TYPE SHA256) set(XVIDCORE_FILE xvidcore-${XVIDCORE_VERSION}.tar.gz) -set(OPENJPEG_VERSION 2.4.0) -set(OPENJPEG_SHORT_VERSION 2.4) +set(OPENJPEG_VERSION 2.5.0) +set(OPENJPEG_SHORT_VERSION 2.5) set(OPENJPEG_URI https://github.com/uclouvain/openjpeg/archive/v${OPENJPEG_VERSION}.tar.gz) -set(OPENJPEG_HASH 8702ba68b442657f11aaeb2b338443ca8d5fb95b0d845757968a7be31ef7f16d) +set(OPENJPEG_HASH 0333806d6adecc6f7a91243b2b839ff4d2053823634d4f6ed7a59bc87409122a) set(OPENJPEG_HASH_TYPE SHA256) set(OPENJPEG_FILE openjpeg-v${OPENJPEG_VERSION}.tar.gz) set(OPENJPEG_CPE "cpe:2.3:a:uclouvain:openjpeg:${OPENJPEG_VERSION}:*:*:*:*:*:*:*") -set(FFMPEG_VERSION 5.0) +set(FFMPEG_VERSION 5.1.2) set(FFMPEG_URI http://ffmpeg.org/releases/ffmpeg-${FFMPEG_VERSION}.tar.bz2) -set(FFMPEG_HASH c0130b8db2c763430fd1c6905288d61bc44ee0548ad5fcd2dfd650b88432bed9) +set(FFMPEG_HASH 39a0bcc8d98549f16c570624678246a6ac736c066cebdb409f9502e915b22f2b) set(FFMPEG_HASH_TYPE SHA256) set(FFMPEG_FILE ffmpeg-${FFMPEG_VERSION}.tar.bz2) set(FFMPEG_CPE "cpe:2.3:a:ffmpeg:ffmpeg:${FFMPEG_VERSION}:*:*:*:*:*:*:*") @@ -325,9 +325,9 @@ set(ICONV_HASH 7d2a800b952942bb2880efb00cfd524c) set(ICONV_HASH_TYPE MD5) set(ICONV_FILE libiconv-${ICONV_VERSION}.tar.gz) -set(SNDFILE_VERSION 1.0.28) -set(SNDFILE_URI http://www.mega-nerd.com/libsndfile/files/libsndfile-${SNDFILE_VERSION}.tar.gz) -set(SNDFILE_HASH 646b5f98ce89ac60cdb060fcd398247c) +set(SNDFILE_VERSION 1.1.0) +set(SNDFILE_URI https://github.com/libsndfile/libsndfile/releases/download/1.1.0/libsndfile-${SNDFILE_VERSION}.tar.xz) +set(SNDFILE_HASH e63dead2b4f0aaf323687619d007ee6a) set(SNDFILE_HASH_TYPE MD5) set(SNDFILE_FILE libsndfile-${SNDFILE_VERSION}.tar.gz) set(SNDFILE_CPE "cpe:2.3:a:libsndfile_project:libsndfile:${SNDFILE_VERSION}:*:*:*:*:*:*:*") @@ -351,21 +351,13 @@ set(JEMALLOC_HASH 3d41fbf006e6ebffd489bdb304d009ae) set(JEMALLOC_HASH_TYPE MD5) set(JEMALLOC_FILE jemalloc-${JEMALLOC_VERSION}.tar.bz2) -set(XML2_VERSION 2.9.10) -set(XML2_URI http://xmlsoft.org/sources/libxml2-${XML2_VERSION}.tar.gz) -set(XML2_HASH 10942a1dc23137a8aa07f0639cbfece5) +set(XML2_VERSION 2.10.3) +set(XML2_URI https://download.gnome.org/sources/libxml2/2.10/libxml2-${XML2_VERSION}.tar.xz) +set(XML2_HASH f9edac7fac232b3657a003fd9a5bbe42) set(XML2_HASH_TYPE MD5) -set(XML2_FILE libxml2-${XML2_VERSION}.tar.gz) +set(XML2_FILE libxml2-${XML2_VERSION}.tar.xz) set(XML2_CPE "cpe:2.3:a:xmlsoft:libxml2:${XML2_VERSION}:*:*:*:*:*:*:*") -set(TINYXML_VERSION 2_6_2) -set(TINYXML_VERSION_DOTS 2.6.2) -set(TINYXML_URI https://nchc.dl.sourceforge.net/project/tinyxml/tinyxml/${TINYXML_VERSION_DOTS}/tinyxml_${TINYXML_VERSION}.tar.gz) -set(TINYXML_HASH c1b864c96804a10526540c664ade67f0) -set(TINYXML_HASH_TYPE MD5) -set(TINYXML_FILE tinyxml_${TINYXML_VERSION}.tar.gz) -set(TINYXML_CPE "cpe:2.3:a:tinyxml_project:tinyxml:${TINYXML_VERSION_DOTS}:*:*:*:*:*:*:*") - set(YAMLCPP_VERSION 0.6.3) set(YAMLCPP_URI https://codeload.github.com/jbeder/yaml-cpp/tar.gz/yaml-cpp-${YAMLCPP_VERSION}) set(YAMLCPP_HASH b45bf1089a382e81f6b661062c10d0c2) @@ -379,10 +371,10 @@ set(PYSTRING_HASH f2c68786b359f5e4e62bed53bc4fb86d) set(PYSTRING_HASH_TYPE MD5) set(PYSTRING_FILE pystring-${PYSTRING_VERSION}.tar.gz) -set(EXPAT_VERSION 2_4_4) -set(EXPAT_VERSION_DOTS 2.4.4) +set(EXPAT_VERSION 2_4_9) +set(EXPAT_VERSION_DOTS 2.4.9) set(EXPAT_URI https://github.com/libexpat/libexpat/archive/R_${EXPAT_VERSION}.tar.gz) -set(EXPAT_HASH 2d3e81dee94b452369dc6394ff0f8f98) +set(EXPAT_HASH b59a2aa796be1ee177bbab3b7231dfa5) set(EXPAT_HASH_TYPE MD5) set(EXPAT_FILE libexpat-${EXPAT_VERSION}.tar.gz) set(EXPAT_CPE "cpe:2.3:a:libexpat_project:libexpat:${EXPAT_VERSION_DOTS}:*:*:*:*:*:*:*") @@ -410,6 +402,10 @@ set(FLEX_FILE flex-${FLEX_VERSION}.tar.gz) # NOTE: bzip.org domain does no longer belong to BZip 2 project, so we download # sources from Debian packaging. +# +# NOTE 2: This will *HAVE* to match the version python ships on windows which +# is hardcoded in pythons PCbuild/get_externals.bat. For compliance reasons there +# can be no exceptions to this. set(BZIP2_VERSION 1.0.8) set(BZIP2_URI http://http.debian.net/debian/pool/main/b/bzip2/bzip2_${BZIP2_VERSION}.orig.tar.gz) set(BZIP2_HASH ab5a03176ee106d3f0fa90e381da478ddae405918153cca248e682cd0c4a2269) @@ -417,6 +413,9 @@ set(BZIP2_HASH_TYPE SHA256) set(BZIP2_FILE bzip2_${BZIP2_VERSION}.orig.tar.gz) set(BZIP2_CPE "cpe:2.3:a:bzip:bzip2:${BZIP2_VERSION}:*:*:*:*:*:*:*") +# NOTE: This will *HAVE* to match the version python ships on windows which +# is hardcoded in pythons PCbuild/get_externals.bat. For compliance reasons there +# can be no exceptions to this. set(FFI_VERSION 3.3) set(FFI_URI https://sourceware.org/pub/libffi/libffi-${FFI_VERSION}.tar.gz) set(FFI_HASH 72fba7922703ddfa7a028d513ac15a85c8d54c8d67f55fa5a4802885dc652056) @@ -430,27 +429,25 @@ set(LZMA_HASH 5117f930900b341493827d63aa910ff5e011e0b994197c3b71c08a20228a42df) set(LZMA_HASH_TYPE SHA256) set(LZMA_FILE xz-${LZMA_VERSION}.tar.bz2) -if(BLENDER_PLATFORM_ARM) - # Need at least 1.1.1i for aarch64 support (https://github.com/openssl/openssl/pull/13218) - set(SSL_VERSION 1.1.1i) - set(SSL_URI https://www.openssl.org/source/openssl-${SSL_VERSION}.tar.gz) - set(SSL_HASH e8be6a35fe41d10603c3cc635e93289ed00bf34b79671a3a4de64fcee00d5242) - set(SSL_HASH_TYPE SHA256) - set(SSL_FILE openssl-${SSL_VERSION}.tar.gz) -else() - set(SSL_VERSION 1.1.1g) - set(SSL_URI https://www.openssl.org/source/openssl-${SSL_VERSION}.tar.gz) - set(SSL_HASH ddb04774f1e32f0c49751e21b67216ac87852ceb056b75209af2443400636d46) - set(SSL_HASH_TYPE SHA256) - set(SSL_FILE openssl-${SSL_VERSION}.tar.gz) -endif() +# NOTE: This will *HAVE* to match the version python ships on windows which +# is hardcoded in pythons PCbuild/get_externals.bat. For compliance reasons there +# can be no exceptions to this. +set(SSL_VERSION 1.1.1q) +set(SSL_URI https://www.openssl.org/source/openssl-${SSL_VERSION}.tar.gz) +set(SSL_HASH d7939ce614029cdff0b6c20f0e2e5703158a489a72b2507b8bd51bf8c8fd10ca) +set(SSL_HASH_TYPE SHA256) +set(SSL_FILE openssl-${SSL_VERSION}.tar.gz) set(SSL_CPE "cpe:2.3:a:openssl:openssl:${SSL_VERSION}:*:*:*:*:*:*:*") -set(SQLITE_VERSION 3.31.1) -set(SQLITE_URI https://www.sqlite.org/2018/sqlite-src-3240000.zip) -set(SQLITE_HASH fb558c49ee21a837713c4f1e7e413309aabdd9c7) +# Note: This will *HAVE* to match the version python ships on windows which +# is hardcoded in pythons PCbuild/get_externals.bat for compliance reasons there +# can be no exceptions to this. +set(SQLITE_VERSION 3.37.2) +set(SQLLITE_LONG_VERSION 3370200) +set(SQLITE_URI https://www.sqlite.org/2022/sqlite-autoconf-${SQLLITE_LONG_VERSION}.tar.gz) +set(SQLITE_HASH e56faacadfb4154f8fbd0f2a3f827d13706b70a1) set(SQLITE_HASH_TYPE SHA1) -set(SQLITE_FILE sqlite-src-3240000.zip) +set(SQLITE_FILE sqlite-autoconf-${SQLLITE_LONG_VERSION}.tar.gz) set(SQLITE_CPE "cpe:2.3:a:sqlite:sqlite:${SQLITE_VERSION}:*:*:*:*:*:*:*") set(EMBREE_VERSION 3.13.4) -- cgit v1.2.3 From 4bfb99e4d8f890a14cb2d1f584de11f0ac8bd1a7 Mon Sep 17 00:00:00 2001 From: Sergey Sharybin Date: Fri, 21 Oct 2022 12:19:54 +0200 Subject: Cycles: Bump versions of DPC++, IGC, and dependencies Patch by Xavier Hallade. Committing next to the actual libraries update in the svn. --- build_files/build_environment/cmake/versions.cmake | 44 +++++++++++----------- 1 file changed, 22 insertions(+), 22 deletions(-) (limited to 'build_files/build_environment/cmake/versions.cmake') diff --git a/build_files/build_environment/cmake/versions.cmake b/build_files/build_environment/cmake/versions.cmake index 5fa138ff01b..06a923e5c22 100644 --- a/build_files/build_environment/cmake/versions.cmake +++ b/build_files/build_environment/cmake/versions.cmake @@ -565,15 +565,15 @@ set(OPENPGL_HASH 1f090f88ab2bad028e8b3619aa926f4f97cf7b2c175b904704d2fec8593dd3c set(OPENPGL_HASH_TYPE SHA256) set(OPENPGL_FILE openpgl-${OPENPGL_VERSION}.tar.gz) -set(LEVEL_ZERO_VERSION v1.7.15) +set(LEVEL_ZERO_VERSION v1.8.5) set(LEVEL_ZERO_URI https://github.com/oneapi-src/level-zero/archive/refs/tags/${LEVEL_ZERO_VERSION}.tar.gz) -set(LEVEL_ZERO_HASH c39bb05a8e5898aa6c444e1704105b93d3f1888b9c333f8e7e73825ffbfb2617) +set(LEVEL_ZERO_HASH b6e9663bbcc53c148d32376998298bec6f7c434ef2218c61fa708963e3a09394) set(LEVEL_ZERO_HASH_TYPE SHA256) set(LEVEL_ZERO_FILE level-zero-${LEVEL_ZERO_VERSION}.tar.gz) -set(DPCPP_VERSION 20220812) +set(DPCPP_VERSION 20221019) set(DPCPP_URI https://github.com/intel/llvm/archive/refs/tags/sycl-nightly/${DPCPP_VERSION}.tar.gz) -set(DPCPP_HASH 0e3c95346c295f5cf80f3a42d80b1c49481955898530242636ddc002627248d6) +set(DPCPP_HASH 2f533946e91ce3829431758ea17b0b834b960c1a796e9e4563c86e03eb9603a2) set(DPCPP_HASH_TYPE SHA256) set(DPCPP_FILE DPCPP-${DPCPP_VERSION}.tar.gz) @@ -586,9 +586,9 @@ set(DPCPP_FILE DPCPP-${DPCPP_VERSION}.tar.gz) # will take care of building them, unpack is being done in dpcpp_deps.cmake # Source llvm/lib/SYCLLowerIR/CMakeLists.txt -set(VCINTRINSICS_VERSION 984bb27baacce6ee5c716c2e64845f2a1928025b) +set(VCINTRINSICS_VERSION abce9184b7a3a7fe1b02289b9285610d9dc45465) set(VCINTRINSICS_URI https://github.com/intel/vc-intrinsics/archive/${VCINTRINSICS_VERSION}.tar.gz) -set(VCINTRINSICS_HASH abea415a15a0dd11fdc94dee8fb462910f2548311b787e02f42509789e1b0d7b) +set(VCINTRINSICS_HASH 3e9fd471246b87633b26f7e15e17ab7733d357458c53d5c5881c03929d6c551f) set(VCINTRINSICS_HASH_TYPE SHA256) set(VCINTRINSICS_FILE vc-intrinsics-${VCINTRINSICS_VERSION}.tar.gz) @@ -600,9 +600,9 @@ set(OPENCLHEADERS_HASH_TYPE SHA256) set(OPENCLHEADERS_FILE opencl_headers-${OPENCLHEADERS_VERSION}.tar.gz) # Source opencl/CMakeLists.txt -set(ICDLOADER_VERSION aec3952654832211636fc4af613710f80e203b0a) +set(ICDLOADER_VERSION 792682ad3d877ab38573b997808bab3b43902b70) set(ICDLOADER_URI https://github.com/KhronosGroup/OpenCL-ICD-Loader/archive/${ICDLOADER_VERSION}.tar.gz) -set(ICDLOADER_HASH e1880551d67bd8dc31d13de63b94bbfd6b1f315b6145dad1ffcd159b89bda93c) +set(ICDLOADER_HASH b33a0320d94bf300efa1da97931ded506d27813bd1148da6858fe79d412d1ea2) set(ICDLOADER_HASH_TYPE SHA256) set(ICDLOADER_FILE icdloader-${ICDLOADER_VERSION}.tar.gz) @@ -617,9 +617,9 @@ set(MP11_FILE mp11-${MP11_VERSION}.tar.gz) # Source llvm-spirv/CMakeLists.txt (repo) # Source llvm-spirv/spirv-headers-tag.conf (hash) -set(SPIRV_HEADERS_VERSION 36c0c1596225e728bd49abb7ef56a3953e7ed468) +set(SPIRV_HEADERS_VERSION 5a121866927a16ab9d49bed4788b532c7fcea766) set(SPIRV_HEADERS_URI https://github.com/KhronosGroup/SPIRV-Headers/archive/${SPIRV_HEADERS_VERSION}.tar.gz) -set(SPIRV_HEADERS_HASH 7a5c89633f8740456fe8adee052033e134476d267411d1336c0cb1e587a9229a) +set(SPIRV_HEADERS_HASH ec8ecb471a62672697846c436501638ab25447ae9d4a6761e0bfe8a9a839502a) set(SPIRV_HEADERS_HASH_TYPE SHA256) set(SPIRV_HEADERS_FILE SPIR-V-Headers-${SPIRV_HEADERS_VERSION}.tar.gz) @@ -634,9 +634,9 @@ set(SPIRV_HEADERS_FILE SPIR-V-Headers-${SPIRV_HEADERS_VERSION}.tar.gz) # compiler, the versions used are taken from the following location # https://github.com/intel/intel-graphics-compiler/releases -set(IGC_VERSION 1.0.11222) +set(IGC_VERSION 1.0.12149.1) set(IGC_URI https://github.com/intel/intel-graphics-compiler/archive/refs/tags/igc-${IGC_VERSION}.tar.gz) -set(IGC_HASH d92f0608dcbb52690855685f9447282e5c09c0ba98ae35fabf114fcf8b1e9fcf) +set(IGC_HASH 44f67f24e3bc5130f9f062533abf8154782a9d0a992bc19b498639a8521ae836) set(IGC_HASH_TYPE SHA256) set(IGC_FILE igc-${IGC_VERSION}.tar.gz) @@ -656,15 +656,15 @@ set(IGC_LLVM_FILE ${IGC_LLVM_VERSION}.tar.gz) # # WARNING WARNING WARNING -set(IGC_OPENCL_CLANG_VERSION bbdd1587f577397a105c900be114b56755d1f7dc) +set(IGC_OPENCL_CLANG_VERSION 363a5262d8c7cff3fb28f3bdb5d85c8d7e91c1bb) set(IGC_OPENCL_CLANG_URI https://github.com/intel/opencl-clang/archive/${IGC_OPENCL_CLANG_VERSION}.tar.gz) -set(IGC_OPENCL_CLANG_HASH d08315f1b0d8a6fef33de2b3e6aa7356534c324910634962c72523d970773efc) +set(IGC_OPENCL_CLANG_HASH aa8cf72bb239722ce8ce44f79413c6887ecc8ca18477dd520aa5c4809756da9a) set(IGC_OPENCL_CLANG_HASH_TYPE SHA256) set(IGC_OPENCL_CLANG_FILE opencl-clang-${IGC_OPENCL_CLANG_VERSION}.tar.gz) -set(IGC_VCINTRINSICS_VERSION v0.4.0) +set(IGC_VCINTRINSICS_VERSION v0.5.0) set(IGC_VCINTRINSICS_URI https://github.com/intel/vc-intrinsics/archive/refs/tags/${IGC_VCINTRINSICS_VERSION}.tar.gz) -set(IGC_VCINTRINSICS_HASH c8b92682ad5031cf9d5b82a40e7d5c0e763cd9278660adbcaa69aab988e4b589) +set(IGC_VCINTRINSICS_HASH 70bb47c5e32173cf61514941e83ae7c7eb4485e6d2fca60cfa1f50d4f42c41f2) set(IGC_VCINTRINSICS_HASH_TYPE SHA256) set(IGC_VCINTRINSICS_FILE vc-intrinsics-${IGC_VCINTRINSICS_VERSION}.tar.gz) @@ -680,9 +680,9 @@ set(IGC_SPIRV_TOOLS_HASH 6e19900e948944243024aedd0a201baf3854b377b9cc7a386553bc1 set(IGC_SPIRV_TOOLS_HASH_TYPE SHA256) set(IGC_SPIRV_TOOLS_FILE SPIR-V-Tools-${IGC_SPIRV_TOOLS_VERSION}.tar.gz) -set(IGC_SPIRV_TRANSLATOR_VERSION 99420daab98998a7e36858befac9c5ed109d4920) +set(IGC_SPIRV_TRANSLATOR_VERSION a31ffaeef77e23d500b3ea3d35e0c42ff5648ad9) set(IGC_SPIRV_TRANSLATOR_URI https://github.com/KhronosGroup/SPIRV-LLVM-Translator/archive/${IGC_SPIRV_TRANSLATOR_VERSION}.tar.gz) -set(IGC_SPIRV_TRANSLATOR_HASH 77dfb4ddb6bfb993535562c02ddea23f0a0d1c5a0258c1afe7e27c894ff783a8) +set(IGC_SPIRV_TRANSLATOR_HASH 9e26c96a45341b8f8af521bacea20e752623346340addd02af95d669f6e89252) set(IGC_SPIRV_TRANSLATOR_HASH_TYPE SHA256) set(IGC_SPIRV_TRANSLATOR_FILE SPIR-V-Translator-${IGC_SPIRV_TRANSLATOR_VERSION}.tar.gz) @@ -690,15 +690,15 @@ set(IGC_SPIRV_TRANSLATOR_FILE SPIR-V-Translator-${IGC_SPIRV_TRANSLATOR_VERSION}. ### Intel Graphics Compiler DEPS END ### ######################################## -set(GMMLIB_VERSION intel-gmmlib-22.1.2) +set(GMMLIB_VERSION intel-gmmlib-22.1.8) set(GMMLIB_URI https://github.com/intel/gmmlib/archive/refs/tags/${GMMLIB_VERSION}.tar.gz) -set(GMMLIB_HASH 3b9a6d5e7e3f5748b3d0a2fb0e980ae943907fece0980bd9c0508e71c838e334) +set(GMMLIB_HASH bf23e9a3742b4fb98c7666c9e9b29f3219e4b2fb4d831aaf4eed71f5e2d17368) set(GMMLIB_HASH_TYPE SHA256) set(GMMLIB_FILE ${GMMLIB_VERSION}.tar.gz) -set(OCLOC_VERSION 22.20.23198) +set(OCLOC_VERSION 22.38.24278) set(OCLOC_URI https://github.com/intel/compute-runtime/archive/refs/tags/${OCLOC_VERSION}.tar.gz) -set(OCLOC_HASH ab22b8bf2560a57fdd3def0e35a62ca75991406f959c0263abb00cd6cd9ae998) +set(OCLOC_HASH db0c542fccd651e6404b15a74d46027f1ce0eda8dc9e25a40cbb6c0faef257ee) set(OCLOC_HASH_TYPE SHA256) set(OCLOC_FILE ocloc-${OCLOC_VERSION}.tar.gz) -- cgit v1.2.3