- Revendor to include fixed version of depending libraries:
- GO-2025-4116 (CVE-2025-47913, bsc#1253506) upgrade
golang.org/x/crypto to v0.43.0
- GO-2025-3900 (GHSA-2464-8j7c-4cjm) upgrade
github.com/go-viper/mapstructure/v2 to v2.4.0
- GO-2025-3787 (GHSA-fv92-fjc5-jj9h) included in the previous
- GO-2025-3754 (GHSA-2x5j-vhc8-9cwm) upgrade
github.com/cloudflare/circl to v1.6.1
- GO-2025-4134 (CVE-2025-58181, bsc#1253930) upgrade
golang.org/x/crypto/ssh to v0.45.0
- GO-2025-4135 (CVE-2025-47914, bsc#1254084) upgrade
golang.org/x/crypto/ssh/agent to v0.45.0
OBS-URL: https://build.opensuse.org/request/show/1320059
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git-bug?expand=0&rev=13
- Update to version 0.8.1+git.1746484874.96c7a111:
* docs: update install, contrib, and usage documentation (#1222)
* fix: resolve the remote URI using url.*.insteadOf (#1394)
* build(deps): bump the go_modules group across 1 directory with 3 updates (#1376)
* chore: gofmt simplify gitlab/export_test.go (#1392)
* fix: checkout repo before setting up go environment (#1390)
* feat: bump to go v1.24.2 (#1389)
* chore: update golang.org/x/net (#1379)
* fix: use -0700 when formatting time (#1388)
* fix: use correct url for gitlab PATs (#1384)
* refactor: remove depdendency on pnpm for auto-label action (#1383)
* feat: add action: auto-label (#1380)
* feat: remove lifecycle/frozen (#1377)
* build(deps): bump the npm_and_yarn group across 1 directory with 12 updates (#1378)
* feat: support new exclusion label: lifecycle/pinned (#1375)
* fix: refactor how gitlab title changes are detected (#1370)
* revert: "Create Dependabot config file" (#1374)
* refactor: rename //:git-bug.go to //:main.go (#1373)
* build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.16 to 2.5.25 (#1361)
* fix: set GitLastTag to an empty string when git-describe errors (#1355)
* chore: update go-git to v5@masterupdate_mods (#1284)
* refactor: Directly swap two variables to optimize code (#1272)
* Update README.md Matrix link to new room (#1275)
- Remove upstreamed patch:
- CVE-2025-22869-bump-go-crypto-ssh.patch
OBS-URL: https://build.opensuse.org/request/show/1275060
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/git-bug?expand=0&rev=10
- More than 800 commits and a long long time after, git-bug
v0.8.0 is now available.
- Once again, this release represent a push towards making
git-bug generally useful and correct. The two main
improvements are a new Entity framework and write-capable
WebUI.
- Breaking changes(openSUSE package is much closer to this
release)
- changes in the data model makes it a requirement to use the
migration tool to to update any previous repo.
- remove the legacy identities that were directly embedded in
bugs
- Core
- introduce a reusable entity package capable of handling
all the complex operations of an Entity (bug, board,
config ...): operations, DAG manipulation, conflict merge,
signature, integrity ... to greatly simplify writing and
maintaining an entity. Documentation 1, Documentation 2
- introduce CombinedId, a new kind of identifier for an
item within an Entity (for example a comment in a bug),
that hold two partial identifiers interleaved for fast
addressing. Documentation
- introduce the concept of resolvers, so that entities can
link to another
- use go-git to manipulate the git repository, instead of
executing the local git binary
- add support for signing the git commit with the author's
signature, and verifying
- add support for git config includes by @mindriot101
OBS-URL: https://build.opensuse.org/package/show/devel:tools:scm/git-bug?expand=0&rev=14
