Restore libyaml changes

florelis · florelis · commit a8dfcd20f8bc · 2025-07-02T17:44:48.000-07:00
diff --git a/src/VcpkgPortOverlay/CreatePortOverlay.ps1 b/src/VcpkgPortOverlay/CreatePortOverlay.ps1
@@ -280,12 +280,28 @@ function Update-PortSource
 
     $portDir = Join-Path $OverlayRoot $Port
 
-    Set-ParameterInPortFile $Port -ParameterName 'REF' -CurrentValuePattern '[0-9a-f]{40}' -NewValue $Commit
+    # For the REF, we also delete any comments after it that may say the wrong version
+    Set-ParameterInPortFile $Port -ParameterName 'REF' -CurrentValuePattern '[0-9a-f]{40}( #.*)?$' -NewValue "$Commit # Unreleased"
     Set-ParameterInPortFile $Port -ParameterName 'SHA512' -CurrentValuePattern '[0-9a-f]{128}' -NewValue $SourceHash
 }
 
+# Updates the port version by one.
+function Update-PortVersion
+{
+    param(
+        [Parameter(Mandatory)]
+        [string]$Port
+    )
+
+    $portJsonPath = Join-Path $OverlayRoot $Port "vcpkg.json"
+    $portDefinition = Get-Content $portJsonPath | ConvertFrom-Json
+    $portDefinition."port-version" += 1
+    $portDefinition | ConvertTo-Json -Depth 5 | Out-File $portJsonPath
+}
+
 New-PortOverlay cpprestsdk -Version 2.10.18 -PortVersion 4
 Add-PatchToPort cpprestsdk -PatchRepo 'microsoft/winget-cli' -PatchCommit '888b4ed8f4f7d25cb05a47210e083fe29348163b' -PatchName 'add-server-certificate-validation.patch' -PatchRoot 'src/cpprestsdk/cpprestsdk'
 
 New-PortOverlay libyaml -Version 0.2.5 -PortVersion 5
 Update-PortSource libyaml -Commit '840b65c40675e2d06bf40405ad3f12dec7f35923' -SourceHash 'de85560312d53a007a2ddf1fe403676bbd34620480b1ba446b8c16bb366524ba7a6ed08f6316dd783bf980d9e26603a9efc82f134eb0235917b3be1d3eb4b302'
+Update-PortVersion libyaml
diff --git a/src/VcpkgPortOverlay/README.md b/src/VcpkgPortOverlay/README.md
@@ -19,4 +19,5 @@ Changes:
 We use an unreleased version that fixes a vulnerability.
 
 Changes:
-* New source commit: https://github.com/yaml/libyaml/commit/840b65c40675e2d06bf40405ad3f12dec7f35923
+* New source commit: https://github.com/yaml/libyaml/commit/840b65c40675e2d06bf40405ad3f12dec7f35923
+* Increase the port version so that Component Governance doesn't see it as the vulnerable version anymore
diff --git a/src/VcpkgPortOverlay/libyaml/portfile.cmake b/src/VcpkgPortOverlay/libyaml/portfile.cmake
@@ -5,7 +5,7 @@ endif()
 vcpkg_from_github(
     OUT_SOURCE_PATH SOURCE_PATH
     REPO yaml/libyaml
-    REF 840b65c40675e2d06bf40405ad3f12dec7f35923 # 0.2.5
+    REF 840b65c40675e2d06bf40405ad3f12dec7f35923 # Unreleased
     SHA512 de85560312d53a007a2ddf1fe403676bbd34620480b1ba446b8c16bb366524ba7a6ed08f6316dd783bf980d9e26603a9efc82f134eb0235917b3be1d3eb4b302
     HEAD_REF master
     PATCHES
diff --git a/src/VcpkgPortOverlay/libyaml/vcpkg.json b/src/VcpkgPortOverlay/libyaml/vcpkg.json
@@ -1,7 +1,7 @@
 {
   "name": "libyaml",
   "version": "0.2.5",
-  "port-version": 5,
+  "port-version": 6,
   "description": "A C library for parsing and emitting YAML.",
   "homepage": "https://github.com/yaml/libyaml",
   "dependencies": [

Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,7 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "libyaml",`
`3`	`3`	`"version": "0.2.5",`
`4`		`- "port-version": 5,`
	`4`	`+ "port-version": 6,`
`5`	`5`	`"description": "A C library for parsing and emitting YAML.",`
`6`	`6`	`"homepage": "https://github.com/yaml/libyaml",`
`7`	`7`	`"dependencies": [`