Accepting request 1177429 from devel:languages:rust
OBS-URL: https://build.opensuse.org/request/show/1177429 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/cargo-audit?expand=0&rev=19
This commit is contained in:
commit
b5f560af87
8
_service
8
_service
@ -3,8 +3,9 @@
|
||||
<param name="url">https://github.com/RustSec/rustsec.git</param>
|
||||
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="revision">cargo-audit/v0.19.0</param>
|
||||
<param name="match-tag">cargo-audit*</param>
|
||||
<!-- <param name="revision">cargo-audit/v0.20.0</param> -->
|
||||
<param name="revision">main</param>
|
||||
<param name="match-tag">cargo-audit/v*</param>
|
||||
<param name="versionrewrite-pattern">.*v(\d+\.\d+\.\d+)</param>
|
||||
<param name="versionrewrite-replacement">\1</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
@ -19,7 +20,8 @@
|
||||
<service name="cargo_vendor" mode="disabled">
|
||||
<param name="srcdir">rustsec</param>
|
||||
<param name="compression">zst</param>
|
||||
<param name="update">true</param>
|
||||
<param name="update">false</param>
|
||||
<param name="i-accept-the-risk">RUSTSEC-2024-0019</param>
|
||||
</service>
|
||||
<service name="cargo_audit" mode="disabled">
|
||||
<param name="srcdir">rustsec</param>
|
||||
|
@ -1,4 +1,4 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://github.com/RustSec/rustsec.git</param>
|
||||
<param name="changesrevision">c9d1fbe0637c98e33177124f2934dc7e4dd24451</param></service></servicedata>
|
||||
<param name="changesrevision">972ac9329076e2e6347a8324dc95ec4cc35561a1</param></service></servicedata>
|
@ -1,3 +1,125 @@
|
||||
-------------------------------------------------------------------
|
||||
Tue May 28 05:14:03 UTC 2024 - william.brown@suse.com
|
||||
|
||||
- Update to version 0.20.0~git66.972ac93:
|
||||
* build(deps): bump comrak from 0.21.0 to 0.24.1 (#1193)
|
||||
* build(deps): bump softprops/action-gh-release (#1192)
|
||||
* build(deps): bump atom_syndication from 0.12.2 to 0.12.3 (#1191)
|
||||
* build(deps): bump rust-embed from 8.3.0 to 8.4.0 (#1190)
|
||||
* build(deps): bump petgraph from 0.6.4 to 0.6.5 (#1189)
|
||||
* update `gix` to v0.63 for security fixes
|
||||
* Upgrade to auditable-info 0.7.2
|
||||
* build(deps): bump rust-embed from 8.2.0 to 8.3.0
|
||||
* build(deps): bump semver from 1.0.21 to 1.0.23
|
||||
* Fix typo `then` -> `them` in index.html
|
||||
* Drop unused import
|
||||
* Fix typos
|
||||
* Use clap to properly parse --color argument
|
||||
* Remove duplicated arguments from bin subcommand
|
||||
* Support specifying multiple target arches and oses in cargo-audit
|
||||
* Make Query's target arch & os a Vec<T> instead of Option<T>
|
||||
* build(deps): bump tame-index from 0.11.0 to 0.11.1
|
||||
* Apply clippy suggestions
|
||||
* Adjust binary type filter for WASM
|
||||
* WIP WASM auditing support
|
||||
* Fix warnings added in Rust 1.78
|
||||
* Regenerate Cargo.lock
|
||||
* Bump rustsec version
|
||||
* Drop is-terminal line from rustsec changelog; it's a cargo-audit only change
|
||||
* Update changelog
|
||||
* build(deps): bump chrono from 0.4.34 to 0.4.38
|
||||
* build(deps): bump time from 0.3.34 to 0.3.36
|
||||
* fix after gix update
|
||||
* update gix and tame-index
|
||||
* fix cargo clippy warning and error
|
||||
* cargo-audit: remove is-terminal dep
|
||||
* build(deps): bump regex from 1.10.3 to 1.10.4
|
||||
* Regenerate Cargo.lock
|
||||
* Bump tame-index and gix versions
|
||||
* chore: regenerate platform support and bump to platforms@3.4.0
|
||||
* Document to use cargo install with --locked (fixes #1152)
|
||||
* Release `rustsec` 0.29.1
|
||||
* Revert rustsec-admin Cargo.toml entirely
|
||||
* Bump required tame-index version in admin as well
|
||||
* Upgrade to gix 0.60 to fix build
|
||||
* build(deps): bump actions/cache from 4.0.0 to 4.0.1 (#1135)
|
||||
* build(deps): bump auditable-serde from 0.6.0 to 0.6.1
|
||||
* build(deps): bump toml_edit from 0.22.5 to 0.22.6
|
||||
* build(deps): bump time from 0.3.32 to 0.3.34
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue May 28 04:57:40 UTC 2024 - william.brown@suse.com
|
||||
|
||||
- Update to version 0.20.0~git0.6f4ca87:
|
||||
* Bump version numbers
|
||||
* Mention enterprise firewall issue in cargo-audit changelog too
|
||||
* Fill in cargo-audit changelog
|
||||
* Expand upon the rewrite description in rustsec changelog
|
||||
* Fill in rustsec changelog
|
||||
* Fix link
|
||||
* build(deps): bump softprops/action-gh-release (#1114)
|
||||
* build(deps): bump toml_edit from 0.21.1 to 0.22.5 (#1123)
|
||||
* Bump askama to 0.12
|
||||
* Update yanked package
|
||||
* Drop libgit2 advisory from ignore list now that we got rid of libgit2
|
||||
* build(deps): bump toml_edit from 0.19.15 to 0.21.1
|
||||
* build(deps): bump chrono from 0.4.33 to 0.4.34
|
||||
* build(deps): bump is-terminal from 0.4.11 to 0.4.12
|
||||
* Improve fixer documentation
|
||||
* Move Cargo path detection out of rustsec and into cargo-audit, to make rustsec more flexible
|
||||
* Remove rustsec `fix` feature and always enable the fixer, now that it doesn't pull in additional dependencies
|
||||
* Fix syntax
|
||||
* Apply review suggestion (style)
|
||||
* Update cargo-audit/src/commands/audit/fix.rs
|
||||
* Run `cargo update` in the same dir as Cargo.lock
|
||||
* Revert 'fix' being a default feature
|
||||
* Placate clippy
|
||||
* Print a nice summary at the end
|
||||
* Better wording
|
||||
* Remove extraneous newline
|
||||
* prettier printing
|
||||
* More detailed reporting
|
||||
* Set the correct(ish) exit status in dry run mode
|
||||
* Keep track of unpatchable vulns and failures
|
||||
* Warn about vulnerabilities without patched versions and do not attempt to upgrade those crates
|
||||
* Only attempt to upgrade vulnerable versions of a given package
|
||||
* Fix: run `cargo update`, not just `cargo`
|
||||
* Add a note that `fix` is experimental
|
||||
* Update cargo.lock in the wake of cargo-edit removal
|
||||
* Drop the now-unused dependency cargo-edit
|
||||
* Drop obsolete Cargo.toml locating logic that breaks in presence of workspaces
|
||||
* Do not require passing manifest path
|
||||
* Drop unused imports
|
||||
* Adapt `cargo audit fix` to the changed rustsec fix api
|
||||
* Simplify rustsec part of `cargo audit fix`
|
||||
* cargo fmt
|
||||
* WIP
|
||||
* No need to generate lockfile explicitly now that we call `cargo update`, remove that code
|
||||
* WIP conversion of cargo-audit to the new rustsec fixer API
|
||||
* cargo fmt
|
||||
* Do not run `cargo update` when auditing
|
||||
* Better docs on fixer
|
||||
* Drop lifetimes from the fixer struct; they are a pointless flex - the cost of cloning is absolutely dwarfed by the cost of calling a subprocess.
|
||||
* Implement initial prototype of `cargo update`-based package upgrading
|
||||
* .cargo/audit.toml: ignore RUSTSEC-2024-0013 (#1111)
|
||||
* WIP
|
||||
* WIP
|
||||
* Accept a &Path without allocating for giggles
|
||||
* Comment out soon-to-be-removed code and make lifetimes work out
|
||||
* Fix pkgid function signature to accept an immutable borrow
|
||||
* Bump rustsec to 0.28.6
|
||||
* Add pkgid function
|
||||
* Temporarily make 'fix' feature default to ease development
|
||||
* build(deps): bump is-terminal from 0.4.10 to 0.4.11 (#1105)
|
||||
* Bump rustsec-admin to 0.8.9
|
||||
* Rebase
|
||||
* Remove PYSEC ids
|
||||
* Update sync for various changes
|
||||
* HTTPS download for OSV export
|
||||
* Improve output format
|
||||
* Add a command to synchronize advisory data from osv.dev/GHSA
|
||||
* build(deps): bump tame-index from 0.9.2 to 0.9.3
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Feb 07 01:23:27 UTC 2024 - william.brown@suse.com
|
||||
|
||||
|
@ -20,7 +20,7 @@
|
||||
%global workspace_name rustsec
|
||||
|
||||
Name: cargo-audit
|
||||
Version: 0.19.0~git0.c9d1fbe
|
||||
Version: 0.20.0~git66.972ac93
|
||||
Release: 0
|
||||
Summary: Audit rust sources for known security vulnerabilities
|
||||
License: ( 0BSD OR MIT OR Apache-2.0 ) AND ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR MIT ) AND ( MIT OR Zlib OR Apache-2.0 ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND MIT AND MPL-2.0 AND MPL-2.0+
|
||||
|
@ -1,3 +0,0 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:237b934352286b38ad7f4e0e545f9e67605914e38ec68196d8b257661bddf1f2
|
||||
size 651640
|
3
rustsec-0.20.0~git66.972ac93.tar.zst
Normal file
3
rustsec-0.20.0~git66.972ac93.tar.zst
Normal file
@ -0,0 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:b2aa891ed289a8b0ec3165b52722186d5898a5316e022a8da22476b0cf2d2c76
|
||||
size 656733
|
@ -1,3 +1,3 @@
|
||||
version https://git-lfs.github.com/spec/v1
|
||||
oid sha256:c27b01a0c69d0ff63577698ac5012ff802953f3311a5954b3b34834e6fb9dc3b
|
||||
size 35729216
|
||||
oid sha256:f59ca58cb89d414d147ff2caba6b985b0f8edf8be874648dbd71ac64614e4965
|
||||
size 31573688
|
||||
|
Loading…
Reference in New Issue
Block a user