Update CGAL from 5.6.1 to 6.0.1 for GCC 15 compatibility

[krystophny]

User description

Summary

Update CGAL from 5.6.1 to 6.0.1.

Motivation

CGAL 5.6.1 has template issues with GCC 15 in boost/graph/iterator.h:

error: 'const class CGAL::Halfedge_around_source_iterator<Graph>' has no member named 'base'

CGAL 6.0.1 fixes these compatibility issues.

Test plan

• Build with -DSIMPLE_ENABLE_CGAL=ON succeeds with GCC 15

---

PR Type

Enhancement

---

Description

• Update CGAL dependency from 5.6.1 to 6.0.1

• Resolve GCC 15 template compatibility issues

• Update build configuration and status messages

---

Diagram Walkthrough

flowchart LR
  CGAL_5.6.1["CGAL 5.6.1<br/>GCC 15 incompatible"] -- "Update dependency" --> CGAL_6.0.1["CGAL 6.0.1<br/>GCC 15 compatible"]
  CMakeLists["CMakeLists.txt<br/>FetchContent URL"] -- "Update version" --> CGAL_6.0.1

Loading

File Walkthrough

	Relevant files
Dependencies	CMakeLists.txt Update CGAL version to 6.0.1                                                          CMakeLists.txt Update CGAL FetchContent URL from v5.6.1 to v6.0.1 Update comment from CGAL 5.x to CGAL 6.x header-only note Update status message to reflect CGAL 6.0.1 version +3/-3

---

[qodo-code-review]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Supply chain integrity Description: The build fetches and extracts a remote CGAL tarball via FetchContent_Declare(URL ...) without any integrity pinning (e.g., URL_HASH) or other verification, which can allow a supply-chain attack if the download is tampered with (e.g., compromised hosting/transport or replaced release artifact). CMakeLists.txt [210-214] Referred Code FetchContent_Declare( cgal URL https://github.com/CGAL/cgal/releases/download/v6.0.1/CGAL-6.0.1.tar.xz DOWNLOAD_EXTRACT_TIMESTAMP TRUE )
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-code-review]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
Security	Add checksum to verify dependency Add a URL_HASH with the SHA256 checksum to the FetchContent_Declare command for cgal. This will verify the integrity of the downloaded file and improve security. CMakeLists.txt [210-214] FetchContent_Declare( cgal URL https://github.com/CGAL/cgal/releases/download/v6.0.1/CGAL-6.0.1.tar.xz + URL_HASH SHA256=38f3f85892b15397fef95c4b5e7912341e434f141ab5709f816533479532290b DOWNLOAD_EXTRACT_TIMESTAMP TRUE ) Apply / Chat Suggestion importance[1-10]: 9 __ Why: This is a critical security enhancement that verifies the integrity of the downloaded dependency, preventing supply chain attacks. The suggestion is highly relevant, correct, and provides the actual hash, making it immediately actionable.	High
General	Centralize version string Define a CGAL_VERSION variable and use it in both the download URL and the status message to avoid hardcoding the version string "6.0.1" in multiple places. CMakeLists.txt [212-221] -URL https://github.com/CGAL/cgal/releases/download/v6.0.1/CGAL-6.0.1.tar.xz -message(STATUS "CGAL enabled via FetchContent: 6.0.1 (header-only)") +set(CGAL_VERSION "6.0.1") +FetchContent_Declare( + cgal + URL https://github.com/CGAL/cgal/releases/download/v${CGAL_VERSION}/CGAL-${CGAL_VERSION}.tar.xz + DOWNLOAD_EXTRACT_TIMESTAMP TRUE +) +message(STATUS "CGAL enabled via FetchContent: ${CGAL_VERSION} (header-only)") Apply / Chat Suggestion importance[1-10]: 7 __ Why: This is a valuable refactoring that introduces a variable for the version string, improving maintainability and reducing the risk of inconsistencies when updating the version in the future.	Medium
	Simplify FetchContent usage Replace the if(NOT cgal_POPULATED) block and the preceding FetchContent_GetProperties(cgal) call with a single FetchContent_MakeAvailable(cgal) command to simplify the code. CMakeLists.txt [216-218] -if(NOT cgal_POPULATED) - FetchContent_Populate(cgal) -endif() +FetchContent_MakeAvailable(cgal) Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly proposes using FetchContent_MakeAvailable to modernize and simplify the CMake script, which is a good practice for maintainability. It replaces several lines with a single, more idiomatic command.	Low
More