William Brown
03f4ef634f
* Bump version * Populate changelog * Update README.md * mention cargo-dist in README * commit Cargo.lock * bump which dev-dependency to 8.0.0 * bump object to 0.37 * Upgrade cargo_metadata to 0.23 * Expand the set of dist platforms in config OBS-URL: https://build.opensuse.org/package/show/devel:languages:rust/cargo-auditable?expand=0&rev=14
296 lines
12 KiB
Plaintext
296 lines
12 KiB
Plaintext
-------------------------------------------------------------------
|
|
Wed Nov 12 03:35:57 UTC 2025 - william.brown@suse.com
|
|
|
|
- Update to version 0.7.2~0:
|
|
* Bump version
|
|
* Populate changelog
|
|
* Update README.md
|
|
* mention cargo-dist in README
|
|
* commit Cargo.lock
|
|
* bump which dev-dependency to 8.0.0
|
|
* bump object to 0.37
|
|
* Upgrade cargo_metadata to 0.23
|
|
* Expand the set of dist platforms in config
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Oct 21 02:38:44 UTC 2025 - william.brown@suse.com
|
|
|
|
- Update to version 0.7.1~0:
|
|
* bump version
|
|
* Populate changelog for v0.7.1
|
|
* Populate changelog for v0.7.0
|
|
* Out out of unhelpful clippy lint
|
|
* Satisfy clippy
|
|
* Do not assume --crate-name and --out-dir are present in the rustc command, but show warnings if they aren't
|
|
* Run apt-get update before trying to install packages
|
|
* run `cargo dist init` on dist 0.30
|
|
* Drop allow-dirty from dist config, should no longer be needed
|
|
* Reorder paragraphs in README
|
|
* Note the maintenance transition for the go extraction library
|
|
* Editing pass on the adopters: scanners
|
|
* clarify Docker support
|
|
* Cargo clippy fix
|
|
* Add Wolfi OS and Chainguard to adopters
|
|
* Update mentions around Anchore tooling
|
|
* README and documentation updates for nightly
|
|
* Bump dependency version in rust-audit-info
|
|
* More work on docs
|
|
* Nicer formatting on format revision documentation
|
|
* Bump versions
|
|
* regenerate JSON schema
|
|
* cargo fmt
|
|
* Document format field
|
|
* Make it more clear that RawVersionInfo is private
|
|
* Add format field to the serialized data
|
|
* cargo clippy fix
|
|
* Add special handling for proc macros to treat them as the build dependencies they are
|
|
* Add a test to ensure proc macros are reported as build dependencies
|
|
* Add a test fixture for a crate with a proc macro dependency
|
|
* parse fully qualified package ID specs from SBOMs
|
|
* select first discovered SBOM file
|
|
* cargo sbom integration
|
|
* Get rid of unmaintained wee_alloc in test code to make people's scanners misled by GHSA chill out
|
|
* Don't fail plan workflow due to manually changed release.yml
|
|
* Bump Ubuntu version to hopefully fix release.yml workflow
|
|
* Add test for stripped binary
|
|
* Bump version to 0.6.7
|
|
* Populate changelog
|
|
* README.md: add auditable2cdx, more consistency in text
|
|
* Placate clippy
|
|
* Do not emit -Wl if a bare linker is in use
|
|
* Get rid of a compiler warning
|
|
* Add bare linker detection function
|
|
* drop boilerplate from test that's no longer relevant
|
|
* Add support for recovering rustc codegen options
|
|
* More lenient parsing of rustc arguments
|
|
* More descriptive error message in case rustc is killed abruptly
|
|
* change formatting to fit rustfmt
|
|
* More descriptive error message in case cargo is killed
|
|
* Update REPLACING_CARGO.md to fix #195
|
|
* Clarify osv-scanner support in README
|
|
* Include the command required to view metadata
|
|
* Mention wasm-tools support
|
|
* Switch from broken generic cache action to a Rust-specific one
|
|
* Fill in various fields in auditable2cdx Cargo.toml
|
|
* Include osv-scanner in the list, with a caveat
|
|
* Add link to blint repo to README
|
|
* Mention that blint supports our data
|
|
* Consolidate target definitions
|
|
* Account for WASM test dependencies changing, commit the Cargo.lock so they would stop doing that
|
|
* Migrate to a maintained toolchain action
|
|
* Fix author specification
|
|
* Add link to repository to resolverver Cargo.toml
|
|
* Bump resolverver to 0.1.0
|
|
* Add resolverver crate to the tree
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Nov 29 02:28:10 UTC 2024 - william.brown@suse.com
|
|
|
|
- Update to version 0.6.6~0:
|
|
* Bump version in Cargo.toml
|
|
* Note the `object` upgrade in the changelog
|
|
* Upgrade cyclonedx-bom from 0.5 to 0.8 in auditable-cyclonedx
|
|
* Upgrade object crate from 0.30 to 0.36 to reduce dependency footprint
|
|
* Update dependencies in the lock file
|
|
* Populate changelog
|
|
* apply clippy lint
|
|
* add another --emit parsing test
|
|
* shorter code with cargo fmt
|
|
* Actually fix cargo-c compatibility
|
|
* Attempt to fix cargo-capi incompatibility
|
|
* Refactoring in preparation for fixes
|
|
* Also read the --emit flag to rustc
|
|
* Fill in changelogs
|
|
* Bump versions
|
|
* Drop cfg'd out tests
|
|
* Drop obsolete doc line
|
|
* Move dependency cycle tests from auditable-serde to cargo-auditable crate
|
|
* Remove cargo_metadata from auditable-serde API surface. I can expose it as a separate crate if anyone tells me they need it.
|
|
* Apply clippy lint
|
|
* Upgrade miniz_oxide to 0.8.0
|
|
* Insulate our semver from miniz_oxide semver
|
|
* Add support for Rust 2024 edition
|
|
* Update tests
|
|
* More robust OS detection for riscv feature detection
|
|
* bump version
|
|
* update changelog for auditable-extract 0.3.5
|
|
* Fix wasm component auditable data extraction
|
|
* Update blocker description in README.md
|
|
* Add openSUSE to adopters
|
|
* Update list of know adopters
|
|
* Fix detection of `riscv64-linux-android` target features
|
|
* Silence noisy lint
|
|
* Bump version requirement in rust-audit-info
|
|
* Fill in changelogs
|
|
* Bump semver of auditable-info
|
|
* Drop obsolete comment now that wasm is enabled by default
|
|
* Remove dependency on cargo-lock
|
|
* Brag about adoption in the README
|
|
* Don't use LTO for cargo-dist builds to make them consistent with `cargo install` etc
|
|
* Also build musl binaries
|
|
* dist: update dist config for future releases
|
|
* dist(cargo-auditable): ignore auditable2cdx for now
|
|
* chore: add cargo-dist
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 19 03:11:26 UTC 2024 - William Brown <william.brown@suse.com>
|
|
|
|
- Resolve build failure when backported to 15-SP3
|
|
|
|
-------------------------------------------------------------------
|
|
Fri Jul 19 02:02:31 UTC 2024 - William Brown <william.brown@suse.com>
|
|
|
|
- Depend on provides of rust to allow older compiler version usage
|
|
|
|
-------------------------------------------------------------------
|
|
Tue May 28 04:48:14 UTC 2024 - william.brown@suse.com
|
|
|
|
- Update to version 0.6.4~0:
|
|
* Release cargo-auditable v0.6.4
|
|
* Correctly attribute changelog file addition in changelog
|
|
* Add changelog for auditable-extract
|
|
* Verify various feature combinations in CI
|
|
* Upgrade wasmparser to remove dependencies with `unsafe`
|
|
* Add LoongArch support
|
|
* cargo fmt
|
|
* Move doc headers to README.md and point rustdoc to them, so that we have nice crates.io pages
|
|
* Expand on the note about WebAssembly parsing
|
|
* Populate changelogs
|
|
* Resume bragging about all dependencies being safe, now that there is a caveat below
|
|
* drop fuzz Cargo.lock to always fuzz against latest versions
|
|
* Bump `cargo auditable` version
|
|
* Mention WASM support in README
|
|
* Revert "Be super duper extra sure both MinGW and MSVC are tested on CI"
|
|
* Be super duper extra sure both MinGW and MSVC are tested on CI
|
|
* Add wasm32 targets to CI for more platforms
|
|
* Don't pass --target twice in tests
|
|
* Install WASM toolchain in CI
|
|
* cargo fmt
|
|
* Add WASM end-to-end test
|
|
* cargo fmt
|
|
* Update documentation to mention the WASM feature
|
|
* cargo fmt
|
|
* Plumb WASM parsing feature through the whole stack
|
|
* Make WASM parsing an optional, non-default feature
|
|
* Add a fuzzing harness for WASM parsing
|
|
* Rewritten WASM parsing to avoid heap allocations
|
|
* Initial WASM extraction support
|
|
* Nicer assertion
|
|
* Drop obsolete comment
|
|
* Clarify that embedding the compiler version has shipped.
|
|
* Fixed section name for WASM
|
|
* Unified and more robust platform detection. Fixed wasm build process
|
|
* Initial WASM support
|
|
* More robust platform detection for picking the binary format
|
|
* Fix Windows CI to run both -msvc and -gnu
|
|
* Use the correct link.exe flag for preserving the specified symbol even if it is unused
|
|
* Fix Windows
|
|
* Fix tests on Rust 1.77
|
|
* Placate clippy
|
|
* Oopps, I meant components field
|
|
* Also remove the dependencies field if empty
|
|
* Use serde_json with order preservation feature to get a more compressible JSON after workarounds
|
|
* Work around cyclonedx-bom limitations to produce minified JSON
|
|
* Also record the dependency kind
|
|
* cyclonedx-bom: also record PURL
|
|
* Also write the dependency tree
|
|
* Clear the serial number in the minimal CycloneDX variant
|
|
* Prototype impl of auditable2cdx
|
|
* Fill in auditable2cdx dependencies
|
|
* Initial auditable2cdx boilerplace
|
|
* add #![forbid(unsafe_code)]
|
|
* Initial implementation of auditable-to-cyclonedx conversion
|
|
* Add the necessary dependencies to auditable-cyclonedx
|
|
* Initial dummy package for auditable-cyclonedx
|
|
|
|
-------------------------------------------------------------------
|
|
Tue Mar 5 01:17:29 UTC 2024 - Soc Virnyl Estela <uncomfy+openbuildservice@uncomfyhalomacro.pl>
|
|
|
|
- Update specfile:
|
|
* remove cargo_config file
|
|
- Update service file:
|
|
* replace obsoleted "disabled" mode with "manual"
|
|
- Update to version 0.6.2~0:
|
|
* Update the lockfile
|
|
* New releases of cargo-auditable and auditable-serde
|
|
* Use a separate project for the custom rustc path tests. Fixes intermittent test failures due to race conditions
|
|
* Revert "add commit hashes to git sources"
|
|
* Fix cyclic dependency graph being encoded
|
|
* Revert "An unsuccessful attempt to fix cycles caused by dev-dependencies"
|
|
* An unsuccessful attempt to fix cycles caused by dev-dependencies
|
|
* Fix typo
|
|
* Add comment
|
|
* Add a test for an issue with cyclic dependencies reported at https://github.com/rustsec/rustsec/issues/1043
|
|
* Fix auditable-serde example not building
|
|
* upgrade dependency miniz_oxide to 0.6.0
|
|
* fix formatting errors
|
|
* apply clippy lints for --all-features
|
|
* improve the internal docs and comments
|
|
* apply clippy lints
|
|
* add missing sources for one of test fixtures
|
|
* add commit hashes to git sources
|
|
* Run all tests on CI
|
|
* cargo fmt
|
|
* Run `cargo clean` in tests to get rid of stale binaries
|
|
* Fix date in changelog
|
|
* Populate changelog
|
|
* Bump auditable-info version in rust-audit-info
|
|
* Add auditable-info changelog
|
|
* Bump versions following cargo-lock bump
|
|
* auditable-serde: bump `cargo-lock` to v9
|
|
* switch to UNRELEASED
|
|
* Update CHANGELOG.md
|
|
* Print a better error if calling rustc fails
|
|
* Drop unused import
|
|
* placate Clippy
|
|
* Don't inject audit info if --print argument is passed to rustc
|
|
* Reflect the version change in Cargo.lock
|
|
* Remove space from keywords
|
|
* bump version to 0.6.1
|
|
* Fix date in changelog
|
|
* Update CHANGELOG.md
|
|
* Add publish=false
|
|
* Commit the generated manpage
|
|
* Add the code for generating a manpage; rather rudimentary so far, but it's a starting point
|
|
* Explain relation to supply chain attacks
|
|
* Add keywords to the Cargo manifest
|
|
* Revert "generate a man page for cargo auditable"
|
|
* fix formatting
|
|
* fix review feedback, relocate file to under OUT_DIR, don't use anyhow and also commit the lock file
|
|
* generate a man page for cargo auditable
|
|
* Add Clippy suppression
|
|
* placate clippy
|
|
* commit Cargo.lock
|
|
* Sync to latest object file writing code from rustc
|
|
* Fix examples in docs
|
|
* Allow redundant field names
|
|
* Apply clippy suggestion: match -> if let
|
|
* Check for clippy and format in CI
|
|
* Apply clippy suggestions
|
|
* Run CI with --locked
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Feb 23 14:27:09 UTC 2023 - Andrea Manzini <andrea.manzini@suse.com>
|
|
|
|
- Update to version 0.6.0~0:
|
|
* README and documentation improvements
|
|
* Read the rustc path passed by Cargo; fixes #90
|
|
* Read location of Cargo from the environment variable Cargo sets for third-party subcommands
|
|
* Add a note on sccache version compatibility to CHANGELOG.md
|
|
* Panic on compilation commands where we fail to parse the arguments instead of silently ignoring the error
|
|
* Specifying the binary-scanning feature is no longer needed
|
|
* Pass options such as --offline to `cargo metadata`
|
|
* Pass on arguments from `cargo auditable` invocation to the rustc wrapper; prep work towards fixing #83
|
|
* Bump rust-audit-info to 0.5.2
|
|
* Bump auditable-serde version to 0.5.2
|
|
* Correctly fill in the source even in dependency entries when converting to cargo-lock data format
|
|
* Drop the roundtrip through &str in semver::Version; now that semver 1.0 has shipped the versions are API-compatible and this is no longer necessary
|
|
* Release auditable-info 0.6.1
|
|
* Bump all the version requirements for things depending on auditable-info
|
|
* Fix audit_info_from_slice function signature
|
|
|
|
-------------------------------------------------------------------
|
|
Thu Nov 3 04:31:16 UTC 2022 - William Brown <william.brown@suse.com>
|
|
|
|
- Initial commit
|