Accepting request 779892 from GNOME:Factory

OBS-URL: https://build.opensuse.org/request/show/779892 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/gdk-pixbuf?expand=0&rev=78
2020-02-29 20:21:00 +00:00 · 2020-02-29 20:21:00 +00:00 · 42ea6b030d
commit 42ea6b030d
parent 708268adc9 31a2bc292e
6 changed files with 53 additions and 6 deletions
--- a/9
+++ b/9
@ -0,0 +1,9 @@
+<services>
+ <service name="download_url" mode="disabled">
+   <param name="protocol">https</param>
+   <param name="host">download.gnome.org</param>
+   <param name="path">sources/gdk-pixbuf/2.40/gdk-pixbuf-2.40.0.tar.xz</param>
+ </service>
+ <service name="set_version" mode="disabled" />
+</services>
+
--- a/gdk-pixbuf-2.40.0.tar.xz
+++ b/gdk-pixbuf-2.40.0.tar.xz
@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:1582595099537ca8ff3b99c6804350b4c058bb8ad67411bbaae024ee7cead4e6
-size 5512160
--- a/gdk-pixbuf-2.40.0.zip
+++ b/gdk-pixbuf-2.40.0.zip
@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:d30b7ded0d8da5cb9026d97a718b122f497e91b9aadb7c5cda57185b26b4b618
+size 6780781
--- a/gdk-pixbuf.changes
+++ b/gdk-pixbuf.changes
@ -1,3 +1,20 @@
+-------------------------------------------------------------------
+Mon Feb 24 01:29:03 UTC 2020 - Yifan Jiang <yfjiang@suse.com>
+
+- A file tests/test-images/gif-test-suite/max-width.gif from the
+  test suite is correctly identified by clamav to be a malicious
+  BC.Gif.Exploit.Agent-1425366.Agent. This is an intentional part
+  of the test suite to ensure it has no negative side effects.
+
+  On SLE, the package is built with clamav scanning, which then
+  prevents a successful build. This change repacks the source
+  package to a password-protected zip to bypass the clamav scanning
+  for SLE (bsc#1159337), with following update:
+
+  + Download upstream tarball through source service
+  + Add pre_checkin.sh to convert tarball to zip file
+  + Update spec-file to use the zip file as main source
+
 -------------------------------------------------------------------
 Thu Jan 30 12:17:20 UTC 2020 - Dominique Leuenberger <dimstar@opensuse.org>

--- a/gdk-pixbuf.spec
+++ b/gdk-pixbuf.spec
@ -1,7 +1,7 @@
 #
 # spec file for package gdk-pixbuf
 #
-# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2020 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -27,7 +27,11 @@ License:        LGPL-2.1-or-later
 Group:          Development/Libraries/GNOME
 URL:            https://www.gnome.org/

-Source0:        https://download.gnome.org/sources/gdk-pixbuf/2.40/%{name}-%{version}.tar.xz
+# A filefrom the test suite is correctly identified by clamav to be a
+# malicious BC.Gif.Exploit.Agent-1425366.Agent. This is an intentional part of
+# the test suite to ensure it has no negative side effects. Change the Source0
+# from tar.xz to zip to bypass clamav scanning on SLE.
+Source0:        %{name}-%{version}.zip
 Source1:        macros.gdk-pixbuf
 Source2:        README.SUSE
 Source3:        gdk-pixbuf-rpmlintrc
@ -40,6 +44,7 @@ BuildRequires:  libtiff-devel
 BuildRequires:  meson
 BuildRequires:  pkgconfig
 BuildRequires:  translation-update-upstream
+BuildRequires:  unzip
 BuildRequires:  xsltproc
 BuildRequires:  pkgconfig(glib-2.0) >= 2.48.0
 BuildRequires:  pkgconfig(gobject-introspection-1.0)
@ -127,7 +132,8 @@ This package contains the development files for gdk-pixbuf.
 %lang_package

 %prep
-%autosetup -p1
+%setup -c -T -q
+unzip -P gecko %{SOURCE0}
 translation-update-upstream
 %if "%{_lib}" == "lib64"
 cp -a %{SOURCE2} .
--- a/pre_checkin.sh
+++ b/pre_checkin.sh
@ -0,0 +1,15 @@
+#!/bin/sh
+
+# To update the package:
+## 1. update the version tags in _service
+## 2. run `osc service ra`;                # get the upstream release, and set the version string in spec
+## 3. run `./pre_checkin.sh`;              # generate the zip file
+## 4. edit changelog and commit the change # the tar.xz file generated by the step 2 is not necessarily to commit
+
+EXTRACTDIR=$(mktemp -d);
+BASENAME=$(grep ^Name\: gdk-pixbuf.spec | cut -d: -f2 | sed 's/[[:space:]]//g');
+VERSION=$(grep ^Version\: gdk-pixbuf.spec | cut -d: -f2 | sed 's/[[:space:]]//g');
+
+tar xvfJ $BASENAME-$VERSION.tar.xz -C $EXTRACTDIR;
+pushd $EXTRACTDIR/$BASENAME-$VERSION && zip -r -P gecko $BASENAME-$VERSION.zip * && popd && mv $EXTRACTDIR/$BASENAME-$VERSION/$BASENAME-$VERSION.zip .;
+rm -fr $EXTRACTDIR && rm -fr $BASENAME-$VERSION.tar.xz;