Accepting request 946285 from home:jzerebecki:branches:devel:kubic:ignition

- Update some dependencies * build(deps): bump nix from 0.17.0 and 0.20.0 to 0.23.1 This fixes the following security issues: https://rustsec.org/advisories/RUSTSEC-2021-0119 * build(deps): bump generic-array from 0.12.3 to 0.12.4 This fixes a security issue: https://rustsec.org/advisories/RUSTSEC-2020-0146 AKA CVE-2020-36465 * build(deps): bump futures-util from 0.3.6 to 0.3.15 This fixes a security issue: https://rustsec.org/advisories/RUSTSEC-2020-0059 AKA CVE-2020-35905 * build(deps): bump rand_core from 0.6.1 to 0.6.3 This fixes a security issue: https://rustsec.org/advisories/RUSTSEC-2021-0023 AKA CVE-2021-27378, bsc#1182432 * build(deps): bump hyper from 0.14.2 to 0.14.11 This fixes two security issues: https://rustsec.org/advisories/RUSTSEC-2021-0078 AKA CVE-2021-32715, bsc#1188173 https://rustsec.org/advisories/RUSTSEC-2021-0079 AKA CVE-2021-32714, bsc#1188174 * build(deps): bump tokio from 1.0.1 to 1.15.0 This fixes two security issues: https://rustsec.org/advisories/RUSTSEC-2021-0124 AKA CVE-2021-45710, bsc#1194119 https://rustsec.org/advisories/RUSTSEC-2021-0072 AKA CVE-2021-38191 - Remove cargo_audit service, as it makes no sense as a service (it doesn't automatically get rerun), it would make more sense during the build process as then it gets rerun if the package or the vulnerability database get changed - switch services from disabled to manual OBS-URL: https://build.opensuse.org/request/show/946285 OBS-URL: https://build.opensuse.org/package/show/devel:kubic:ignition/afterburn?expand=0&rev=15
2022-01-18 20:29:32 +00:00 · 2022-01-18 20:29:32 +00:00 · 880236d29f
commit 880236d29f
parent 65eb0702da
6 changed files with 54 additions and 15 deletions
--- a/18
+++ b/18
@ -1,25 +1,23 @@
 <services>
-  <service name="tar_scm" mode="disabled">
-    <param name="url">https://github.com/coreos/afterburn.git</param>
+  <service name="tar_scm" mode="manual">
+    <!-- <param name="url">https://github.com/coreos/afterburn.git</param> -->
+    <param name="url">https://github.com/JanZerebecki/afterburn.git</param>
    <param name="scm">git</param>
    <param name="exclude">.git</param>
    <param name="filename">afterburn</param>
-    <param name="revision">v5.0.0</param>
+    <!-- <param name="revision">v5.0.0</param> -->
+    <param name="revision">origin/for-5.0</param>
    <param name="versionformat">@PARENT_TAG@</param>
    <param name="versionrewrite-pattern">v(.*)</param>
    <param name="changesgenerate">enable</param>
-    <param name="changesauthor">slunkad@suse.de</param>
  </service>
-  <service name="set_version" mode="disabled"/>
-  <service name="recompress" mode="disabled">
+  <service name="set_version" mode="manual"/>
+  <service name="recompress" mode="manual">
    <param name="file">*.tar</param>
    <param name="compression">xz</param>
  </service>
-  <service name="cargo_vendor" mode="disabled">
+  <service name="cargo_vendor" mode="manual">
    <param name="srcdir">afterburn</param>
    <param name="compression">xz</param>
  </service>
-  <service name="cargo_audit" mode="disabled">
-     <param name="srcdir">afterburn</param>
-  </service>
 </services>
--- a/6
+++ b/6
@ -0,0 +1,6 @@
+<servicedata>
+<service name="tar_scm">
+                <param name="url">https://github.com/coreos/afterburn.git</param>
+              <param name="changesrevision">8c366ef408e755f557aaead99c74bfc35c1c5bf5</param></service><service name="tar_scm">
+                <param name="url">https://github.com/JanZerebecki/afterburn.git</param>
+              <param name="changesrevision">104ec25049bf429578c60877c0ea503ee96354e4</param></service></servicedata>
--- a/afterburn-5.0.0.tar.xz
+++ b/afterburn-5.0.0.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:8baa430b671af8ca39cfad18285f0825b1f158fedd1bec97510303b5a2206186
-size 68744
+oid sha256:25a4b23a2a7015fbb77fbd194d3fc72aaad593874e4dd9285bed617d5acc13a3
+size 10990668
--- a/afterburn.changes
+++ b/afterburn.changes
@ -1,3 +1,38 @@
+-------------------------------------------------------------------
+Thu Jan 13 19:05:51 UTC 2022 - jan.suse@zerebecki.de
+
+- Update some dependencies
+  * build(deps): bump nix from 0.17.0 and 0.20.0 to 0.23.1
+    This fixes the following security issues:
+    https://rustsec.org/advisories/RUSTSEC-2021-0119
+  * build(deps): bump generic-array from 0.12.3 to 0.12.4
+    This fixes a security issue:
+    https://rustsec.org/advisories/RUSTSEC-2020-0146 AKA CVE-2020-36465
+  * build(deps): bump futures-util from 0.3.6 to 0.3.15
+    This fixes a security issue:
+    https://rustsec.org/advisories/RUSTSEC-2020-0059 AKA CVE-2020-35905
+  * build(deps): bump rand_core from 0.6.1 to 0.6.3
+    This fixes a security issue:
+    https://rustsec.org/advisories/RUSTSEC-2021-0023
+    AKA CVE-2021-27378, bsc#1182432
+  * build(deps): bump hyper from 0.14.2 to 0.14.11
+    This fixes two security issues:
+    https://rustsec.org/advisories/RUSTSEC-2021-0078
+    AKA CVE-2021-32715, bsc#1188173
+    https://rustsec.org/advisories/RUSTSEC-2021-0079
+    AKA CVE-2021-32714, bsc#1188174
+  * build(deps): bump tokio from 1.0.1 to 1.15.0
+    This fixes two security issues:
+    https://rustsec.org/advisories/RUSTSEC-2021-0124
+    AKA CVE-2021-45710, bsc#1194119
+    https://rustsec.org/advisories/RUSTSEC-2021-0072 AKA CVE-2021-38191
+- Remove cargo_audit service, as it makes no sense as a service (it doesn't
+  automatically get rerun), it would make more sense during the build process
+  as then it gets rerun if the package or the vulnerability database get
+  changed
+- switch services from disabled to manual
+- remove hard coded author for tar_scm service
+
 -------------------------------------------------------------------
 Tue Nov 16 10:04:04 UTC 2021 - Guillaume GARDET <guillaume.gardet@opensuse.org>

--- a/afterburn.spec
+++ b/afterburn.spec
@ -1,7 +1,7 @@
 #
 # spec file for package afterburn
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
--- a/vendor.tar.xz
+++ b/vendor.tar.xz
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:1a5c0e3ce7f3e3c608a1d35a20e1ee17894a4d6e8d8f4004451ccfca7c7728c1
-size 10577380
+oid sha256:f150176b8003f12b8351a19b052b71d976eb032f733cb73c7e3900e2969cebb6
+size 10884232