- Update vendor.tar.zst: gix-path improper path resolution
(bsc#1230688 CVE-2024-45405). OBS-URL: https://build.opensuse.org/package/show/devel:languages:rust/cargo-audit?expand=0&rev=41
This commit is contained in:
commit
fa917fb019
23
.gitattributes
vendored
Normal file
23
.gitattributes
vendored
Normal file
@ -0,0 +1,23 @@
|
|||||||
|
## Default LFS
|
||||||
|
*.7z filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bsp filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.bz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gem filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.gz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.jar filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.lzma filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.obscpio filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.oxt filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.pdf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.png filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.rpm filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tbz2 filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.tgz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.ttf filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.txz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.whl filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.xz filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zip filter=lfs diff=lfs merge=lfs -text
|
||||||
|
*.zst filter=lfs diff=lfs merge=lfs -text
|
1
.gitignore
vendored
Normal file
1
.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
.osc
|
9
_constraints
Normal file
9
_constraints
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
<?xml version="1.0"?>
|
||||||
|
<constraints>
|
||||||
|
<hardware>
|
||||||
|
<disk>
|
||||||
|
<!-- Needed because PPC chronically runs out of disk because sigghhh -->
|
||||||
|
<size unit="G">25</size>
|
||||||
|
</disk>
|
||||||
|
</hardware>
|
||||||
|
</constraints>
|
30
_service
Normal file
30
_service
Normal file
@ -0,0 +1,30 @@
|
|||||||
|
<services>
|
||||||
|
<service mode="disabled" name="obs_scm">
|
||||||
|
<param name="url">https://github.com/RustSec/rustsec.git</param>
|
||||||
|
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
|
||||||
|
<param name="scm">git</param>
|
||||||
|
<!-- <param name="revision">cargo-audit/v0.20.0</param> -->
|
||||||
|
<param name="revision">main</param>
|
||||||
|
<param name="match-tag">cargo-audit/v*</param>
|
||||||
|
<param name="versionrewrite-pattern">.*v(\d+\.\d+\.\d+)</param>
|
||||||
|
<param name="versionrewrite-replacement">\1</param>
|
||||||
|
<param name="changesgenerate">enable</param>
|
||||||
|
<param name="changesauthor">william.brown@suse.com</param>
|
||||||
|
</service>
|
||||||
|
<service mode="disabled" name="set_version"/>
|
||||||
|
<service mode="disabled" name="tar" />
|
||||||
|
<service mode="disabled" name="recompress">
|
||||||
|
<param name="file">*.tar</param>
|
||||||
|
<param name="compression">zst</param>
|
||||||
|
</service>
|
||||||
|
<service name="cargo_vendor" mode="disabled">
|
||||||
|
<param name="srcdir">rustsec</param>
|
||||||
|
<param name="compression">zst</param>
|
||||||
|
<param name="update">false</param>
|
||||||
|
<param name="i-accept-the-risk">RUSTSEC-2024-0019</param>
|
||||||
|
</service>
|
||||||
|
<service name="cargo_audit" mode="disabled">
|
||||||
|
<param name="srcdir">rustsec</param>
|
||||||
|
<param name="lockfile">Cargo.lock</param>
|
||||||
|
</service>
|
||||||
|
</services>
|
4
_servicedata
Normal file
4
_servicedata
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
<servicedata>
|
||||||
|
<service name="tar_scm">
|
||||||
|
<param name="url">https://github.com/RustSec/rustsec.git</param>
|
||||||
|
<param name="changesrevision">972ac9329076e2e6347a8324dc95ec4cc35561a1</param></service></servicedata>
|
1288
cargo-audit.changes
Normal file
1288
cargo-audit.changes
Normal file
File diff suppressed because it is too large
Load Diff
58
cargo-audit.spec
Normal file
58
cargo-audit.spec
Normal file
@ -0,0 +1,58 @@
|
|||||||
|
#
|
||||||
|
# spec file for package cargo-audit
|
||||||
|
#
|
||||||
|
# Copyright (c) 2024 SUSE LLC
|
||||||
|
#
|
||||||
|
# All modifications and additions to the file contributed by third parties
|
||||||
|
# remain the property of their copyright owners, unless otherwise agreed
|
||||||
|
# upon. The license for this file, and modifications and additions to the
|
||||||
|
# file, is the same license as for the pristine package itself (unless the
|
||||||
|
# license for the pristine package is not an Open Source License, in which
|
||||||
|
# case the license is the MIT License). An "Open Source License" is a
|
||||||
|
# license that conforms to the Open Source Definition (Version 1.9)
|
||||||
|
# published by the Open Source Initiative.
|
||||||
|
|
||||||
|
# Please submit bugfixes or comments via https://bugs.opensuse.org/
|
||||||
|
#
|
||||||
|
|
||||||
|
|
||||||
|
%global rustflags -Clink-arg=-Wl,-z,relro,-z,now -C debuginfo=2
|
||||||
|
%global workspace_name rustsec
|
||||||
|
|
||||||
|
Name: cargo-audit
|
||||||
|
Version: 0.20.0~git66.972ac93
|
||||||
|
Release: 0
|
||||||
|
Summary: Audit rust sources for known security vulnerabilities
|
||||||
|
License: ( 0BSD OR MIT OR Apache-2.0 ) AND ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR MIT ) AND ( MIT OR Zlib OR Apache-2.0 ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND MIT AND MPL-2.0 AND MPL-2.0+
|
||||||
|
Group: Development/Languages/Rust
|
||||||
|
URL: https://github.com/RustSec/cargo-audit
|
||||||
|
Source0: %{workspace_name}-%{version}.tar.zst
|
||||||
|
Source1: vendor.tar.zst
|
||||||
|
Source2: cargo_config
|
||||||
|
|
||||||
|
BuildRequires: cargo
|
||||||
|
BuildRequires: cargo-packaging
|
||||||
|
BuildRequires: pkgconfig(openssl)
|
||||||
|
ExclusiveArch: %{rust_tier1_arches}
|
||||||
|
|
||||||
|
%description
|
||||||
|
Audit Cargo.lock files for crates with security vulnerabilities reported to the RustSec Advisory Database.
|
||||||
|
|
||||||
|
%prep
|
||||||
|
%setup -q -n %{workspace_name}-%{version}
|
||||||
|
%setup -qa1 -n %{workspace_name}-%{version}
|
||||||
|
mkdir -p .cargo
|
||||||
|
cp %{SOURCE2} .cargo/config
|
||||||
|
|
||||||
|
%build
|
||||||
|
%{cargo_build}
|
||||||
|
|
||||||
|
%install
|
||||||
|
install -D -d -m 0755 %{buildroot}%{_bindir}
|
||||||
|
|
||||||
|
install -m 0755 %{_builddir}/%{workspace_name}-%{version}/target/release/cargo-audit %{buildroot}%{_bindir}/cargo-audit
|
||||||
|
|
||||||
|
%files
|
||||||
|
%{_bindir}/cargo-audit
|
||||||
|
|
||||||
|
%changelog
|
5
cargo_config
Normal file
5
cargo_config
Normal file
@ -0,0 +1,5 @@
|
|||||||
|
[source.crates-io]
|
||||||
|
replace-with = "vendored-sources"
|
||||||
|
|
||||||
|
[source.vendored-sources]
|
||||||
|
directory = "vendor"
|
3
rustsec-0.20.0~git66.972ac93.tar.zst
Normal file
3
rustsec-0.20.0~git66.972ac93.tar.zst
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:b2aa891ed289a8b0ec3165b52722186d5898a5316e022a8da22476b0cf2d2c76
|
||||||
|
size 656733
|
3
vendor.tar.zst
Normal file
3
vendor.tar.zst
Normal file
@ -0,0 +1,3 @@
|
|||||||
|
version https://git-lfs.github.com/spec/v1
|
||||||
|
oid sha256:a918976508ec0af1a59b91c4d0dbf6b11c8ca255d7c73bcca674926b344ab638
|
||||||
|
size 32308276
|
Loading…
Reference in New Issue
Block a user