jq/jq.changes

241 lines
9.2 KiB
Plaintext
Raw Normal View History

-------------------------------------------------------------------
Wed Dec 13 20:28:23 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 1.7.1
Security
* Fix CVE-2023-50246 (boo#1218034)
+ Fix heap buffer overflow in jvp_literal_number_literal.
* Fix CVE-2023-50268 (boo#1218038)
fix stack-buffer-overflow if comparing nan with payload.
CLI changes
* Make the default background color more suitable for bright
backgrounds.
* Allow passing the inline jq script after --.
* Fix possible uninitialised value dereference if jq_init() fails
Language changes
* Simplify paths/0 and paths/1.
* Reject U+001F in string literals.
* Remove unused nref accumulator in block_bind_library.
* Remove a bunch of unused variables, and useless assignments.
* main.c: Remove unused EXIT_STATUS_EXACT option.
* Actually use the number correctly casted from double to int as
index.
* src/builtin.c: remove unnecessary jv_copy-s in
type_error/type_error2.
* Remove undefined behavior caught by LLVM 10 UBSAN.
* Convert decnum to binary64 (double) instead of decimal64.
This makes jq behave like the JSON specification suggests and
more similar to other languages.
* Fix memory leaks on invalid input for ltrimstr/1 and
rtrimstr/1.
* Fix memory leak on failed get for setpath/2.
* Fix nan from json parsing also for nans with payload that
start with 'n'.
* Allow carriage return characters in comments.
Documentation changes
* Generate links in the man page.
libjq
* Add extern C for C++.
-------------------------------------------------------------------
Wed Nov 15 10:26:07 UTC 2023 - Dirk Müller <dmueller@suse.com>
- build with valgrind only on 64 bit architectures
-------------------------------------------------------------------
Wed Sep 27 04:32:39 UTC 2023 - Andreas Stieger <andreas.stieger@gmx.de>
- switch to bootstrapped upstream tarball to fix version output
[boo#1215737]
-------------------------------------------------------------------
Thu Sep 7 13:42:19 UTC 2023 - Martin Hauke <mardnh@gmx.de>
- Update to version 1.7
* Make object key color configurable using JQ_COLORS environment
variable.
* Change the default color of null to Bright Black.
* Respect NO_COLOR environment variable to disable color output.
* Improved --help output. Now mentions all options and nicer
order.
* Fix multiple issues of exit code using --exit-code/-e option.
* Add --raw-output0 for NUL (zero byte) separated output.
* Fix assert crash and validate JSON for --jsonarg.
* Remove deprecated --argfile option.
Language changes
* Use decimal number literals to preserve precision. Comparison
operations respects precision but arithmetic operations might
truncate.
* Adds new builtin pick(stream) to emit a projection of the
input object or array.
* Adds new builtin debug(msgs) that works like debug but applies
a filter on the input before writing to stderr.
* Adds new builtin scan($re; $flags). Was documented but not
implemented.
* Adds new builtin abs to get absolute value. This potentially
allows the literal value of numbers to be preserved as length
and fabs convert to float.
* Allow if without else-branch. When skipped the else-branch
will be . (identity).
* Allow use of $binding as key in object literals.
* Allow dot between chained indexes when using .["index"]
* Allow dot for chained value iterator .[], .[]?
* Fix try/catch catches more than it should.
* Speed up and refactor some builtins, also remove
scalars_or_empty/0.
* Now halt and halt_error exit immediately instead of continuing
to the next input.
* Fix issue converting string to number after previous convert
error.
* Fix issue representing large numbers on some platforms causing
invalid JSON output.
* Fix deletion using assigning empty against arrays.
* Allow keywords to be used as binding name in more places.
* Allow using nan as NaN in JSON.
* Expose a module's function names in modulemeta.
* Fix contains/1 to handle strings with NUL.
* Fix stderr/0 to output raw text without any decoration.
* Fix nth/2 to emit empty on index out of range.
* Fix implode to not assert and instead replace invalid unicode
codepoints.
* Fix indices/1 and rindex/1 in case of overlapping matches in
strings.
* Fix sub/3 to resolve issues involving global search-and-replace
(gsub) operations.
* Fix empty regular expression matches.
* Fix overflow exception of the modulo operator.
* Fix string multiplication by 0 (and less than 1) to emit empty
string.
* Fix segfault when using libjq and threads.
* Fix constant folding of division and reminder with zero
divisor.
* Fix error/0, error/1 to throw null error.
* Simpler and faster transpose.
* Simple and efficient implementation of walk/1.
* Remove deprecated filters leaf_paths, recurse_down.
- Adjust URL/Source - new upstream
https://github.com/stedolan/jq -> https://github.com/jqlang
-------------------------------------------------------------------
Fri Sep 23 16:16:46 UTC 2022 - Dirk Müller <dmueller@suse.com>
- build without valgrind on riscv64 - does not exist (yet)
-------------------------------------------------------------------
Thu Jul 4 17:27:13 UTC 2019 - myen@suse.com
- Make jq depend on libjq1, so upgrading jq upgrades both
See: https://github.com/stedolan/jq/issues/1904
-------------------------------------------------------------------
Fri Nov 2 12:35:25 UTC 2018 - Avindra Goolcharan <aavindraa@gmail.com>
- Update to version 1.6
* Destructuring Alternation
* many new builtins (see docs)
* Add support for ASAN and UBSAN
* Make it easier to use jq with shebangs
* Add $ENV builtin variable to access environment
* Add JQ_COLORS env var for configuring the output colors
* change: Calling jq without a program argument now always assumes
"." for the program, regardless of stdin/stdout
* fix: Make sorting stable regardless of qsort.
- cleanup with spec-cleaner
- drop CVE-2015-8863.patch (upstreamed in 8eb1367ca44e772963e704a700ef72ae2e12babd)
- drop CVE-2016-4074.patch (upstreamed in fd4ae8304e23007672af9a37855c7a76de7c78cf)
-------------------------------------------------------------------
Fri Feb 3 09:26:17 UTC 2017 - idonmez@suse.com
- Add CVE-2016-4074.patch to prevent a stack exhaustion
CVE-2016-4074 bsc#1014176
-------------------------------------------------------------------
Mon Jan 2 08:47:00 UTC 2017 - mpluskal@suse.com
- Update tests dependencies to increase test coverage (bsc#1017157)
* valgrind based tests were skipped
- Do not run tests in qemu builds, valgrind does not work reliably
in such conditions
-------------------------------------------------------------------
Sat Jul 16 10:14:33 UTC 2016 - mpluskal@suse.com
- Make building more verbose
- Run tests
-------------------------------------------------------------------
Mon Apr 25 11:48:27 UTC 2016 - idonmez@suse.com
- Add CVE-2015-8863.patch to fix a heap overflow bsc#976992
-------------------------------------------------------------------
Tue Aug 18 09:12:21 UTC 2015 - idonmez@suse.com
- Update to version 1.5
* Regexp support
* A proper module system
* Destructuring syntax
* Math functions
* An online streaming parser
* Minimal I/O builtins (inputs, debug)
* try/catch for catching and handling errors
* Tail call optimization
* Datetime functions
* Performance enhancements
- Add oniguruma-devel BuildRequires for regexp support
-------------------------------------------------------------------
Fri Jun 27 09:55:52 UTC 2014 - idonmez@suse.com
- Don't package static libs
- Fix rpath on the main binary
-------------------------------------------------------------------
Sun Jun 15 20:52:42 UTC 2014 - prusnak@opensuse.org
- Updated to 1.4
+ New command line arguments
* jq --arg-file variable file
* jq --unbuffered
* jq -e / --exit-status (set exit status based on outputs)
* jq -S / --sort-keys (now jq no longer sorts object keys by
default
+ Syntax changes
* .. -> like // in XPath (recursive traversal)
* question mark (e.g., .a?) to suppress errors
* ."foo" syntax (equivalent to .["foo"])
* better error handling for .foo
* added % operator (modulo)
* allow negation without requiring extra parenthesis
* more function arguments (up to six)
+ New filters
* any, all
* iterables, arrays, objects, scalars, nulls, booleans,
numbers, strings, values
+ New string built-ins
* split
* join (join an array of strings with a given separator string)
* ltrimstr, rtrimstr
* startswith, endswith
* explode, implode
* fromjson, tojson
* index, rindex, indices
+ New math functions
* floor, sqrt, cbrt, etc.
+ Addition of libjq, a C API interface to jq's JSON representation
and for running jq programs from C applications.
-------------------------------------------------------------------
Thu Oct 17 15:55:03 UTC 2013 - cdenicolo@suse.com
- license update: MIT and CC-BY-3.0
documentation is licensed under CC-BY-3.0
-------------------------------------------------------------------
Tue Oct 1 15:09:01 UTC 2013 - robert.munteanu@gmail.com
- Initial packaging of version 1.3