Accepting request 1188434 from devel:Factory:git-workflow:staging:mcepl:fake-gcs-server:1

update_1.49.2



(🤖: Submission of fake-gcs-server via #1 by mcepl)

OBS-URL: https://build.opensuse.org/request/show/1188434
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/fake-gcs-server?expand=0&rev=4

.gitignore

@@ -1,2 +1 @@
 .osc
-_scmsync.obsinfo

_scmsync.obsinfo

@@ -0,0 +1,4 @@
+mtime: 1721313376
+commit: 1f4f910ecae2f7532d113b38509d0c2a3ab66a0f1dc59a4810cf9f23ac6c0e46
+url: https://src.opensuse.org/mcepl_pkgs/fake-gcs-server.git
+revision: 1f4f910ecae2f7532d113b38509d0c2a3ab66a0f1dc59a4810cf9f23ac6c0e46

build.specials.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:035bdb28cdac931c38c6711049aabba5d1d19dda03ef23c48de5a8756569bd6f
+size 272

fake-gcs-server.changes

@@ -1,49 +1,3 @@
--------------------------------------------------------------------
-Tue Mar 11 08:23:03 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
-
-- Update to 1.52.2:
-  - fix: typos
-  - Use default temporary directory in tests
-  - Go 1.24 is out, drop Go 1.22
-- bsc#1239200 (CVE-2025-22868): add update-golang-oauth2.patch to
-  revendor to use golang.org/x/oauth2 v0.28.0
-  (https://pkg.go.dev/vuln/GO-2025-3488).
-
--------------------------------------------------------------------
-Tue Jan 28 22:48:18 UTC 2025 - Matej Cepl <mcepl@cepl.eu>
-
-- Update to v1.52.1
-    - backend: always set StorageClass
-- Update to v1.52.0
-    - feat: Add _internal/delete_all to delete all data
-    - Add disposition and language to ComposeObject
-- Update to v1.51.0
-    - Disallow uppercase in bucket names
-    - Add POST workaround for clients which cannot PATCH
-    - Add support for getObjectACL and deleteObjectACL
-    - internal/backend: support OpenBSD to get file status last
-      changed info
-    - Persist created and updated time in compose
-    - fix: avoid IncompleteRead on completed partial reads
-    - Add support for StorageClass
-    - Add support for Content-Language
-    - Add support for canceling resumable uploads
-    - Add support for MaxResults when listing objects
-    - Upgrade deps
-- Update to v1.50.2
-    - Revert "fakestorage: remove unused type"
-- Update to v1.50.1
-    - internal/grpc: use the generated proto provided by Google
-- Update to v1.50.0
-    - github/workflows: add job to validate cross-compilation and
-      fix build on freebsd
-    - ci: fix goreleaser config
-    - Support content-disposition
-    - Support setting cache-control of object
-    - add aliases to support specifying EventOptions
-- Update to v1.49.3
-    - Go 1.23 is out, adopt it (CVE-2023-45288, bsc#1236521)
-
 -------------------------------------------------------------------
 Thu Jul 18 14:27:33 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
 
@@ -59,7 +13,6 @@ Thu Jul 18 14:27:33 UTC 2024 - Matej Cepl <mcepl@cepl.eu>
   - Don't omit versioning.enabled in bucket response
   - Additional ACL response attributes
   - Additional bucket response attributes
-  - Upgrade deps (CVE-2023-45288, bsc#1236521)
 - Update to v1.48.0:
   - Fix brittle test
   - Fill the errors attribute for HTTP errors

fake-gcs-server.spec

@@ -21,18 +21,14 @@
 %global provider_prefix github.com/fsouza/fake-gcs-server/fakestorage
 %global import_path     %{provider_prefix}
 Name:           fake-gcs-server
-Version:        1.52.2
+Version:        1.49.2
 Release:        0
 Summary:        Google Cloud Storage emulator & testing library
 License:        BSD-2-Clause
 URL:            https://github.com/fsouza/fake-gcs-server
 Source0:        https://github.com/fsouza/%{name}/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
 Source1:        vendor.tar.xz
-# PATCH-FIX-UPSTREAM update-golang-oauth2.patch bsc#[0-9]+ mcepl@suse.com
-# update vendored golang-oauth2 (CVE-2025-22868, GO-2025-3488)
-Patch0:         update-golang-oauth2.patch
 BuildRequires:  fdupes
-BuildRequires:  go >= 1.23.0
 BuildRequires:  golang-packaging
 BuildRequires:  xz
 %{go_nostrip}

update-golang-oauth2.patch

@@ -1,41 +0,0 @@
----
- go.mod |    6 ++++--
- go.sum |    4 ++--
- 2 files changed, 6 insertions(+), 4 deletions(-)
-
-Index: fake-gcs-server-1.52.2/go.mod
-===================================================================
---- fake-gcs-server-1.52.2.orig/go.mod	2025-02-16 04:33:40.000000000 +0100
-+++ fake-gcs-server-1.52.2/go.mod	2025-03-11 10:36:31.416633475 +0100
-@@ -10,7 +10,7 @@
- 	github.com/minio/minio-go/v7 v7.0.86
- 	github.com/pkg/xattr v0.4.10
- 	github.com/stretchr/testify v1.10.0
--	golang.org/x/oauth2 v0.26.0
-+	golang.org/x/oauth2 v0.28.0
- 	google.golang.org/api v0.215.0
- )
- 
-@@ -77,4 +77,6 @@
- 	gopkg.in/yaml.v3 v3.0.1 // indirect
- )
- 
--go 1.23
-+go 1.23.0
-+
-+toolchain go1.24.1
-Index: fake-gcs-server-1.52.2/go.sum
-===================================================================
---- fake-gcs-server-1.52.2.orig/go.sum	2025-02-16 04:33:40.000000000 +0100
-+++ fake-gcs-server-1.52.2/go.sum	2025-03-11 10:36:39.413614515 +0100
-@@ -187,8 +187,8 @@
- golang.org/x/net v0.35.0 h1:T5GQRQb2y08kTAByq9L4/bz8cipCdA8FbRTXewonqY8=
- golang.org/x/net v0.35.0/go.mod h1:EglIi67kWsHKlRzzVMUD93VMSWGFOMSZgxFjparz1Qk=
- golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
--golang.org/x/oauth2 v0.26.0 h1:afQXWNNaeC4nvZ0Ed9XvCCzXM6UHJG7iCg0W4fPqSBE=
--golang.org/x/oauth2 v0.26.0/go.mod h1:XYTD2NtWslqkgxebSiOHnXEap4TF09sJSc7H1sXbhtI=
-+golang.org/x/oauth2 v0.28.0 h1:CrgCKl8PPAVtLnU3c+EDw6x11699EWlsDeWNWKdIOkc=
-+golang.org/x/oauth2 v0.28.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8=
- golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
- golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
- golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=