diff --git a/gosec.changes b/gosec.changes index 9893edf..8886f14 100644 --- a/gosec.changes +++ b/gosec.changes @@ -1,3 +1,17 @@ +------------------------------------------------------------------- +Mon Oct 9 13:23:33 UTC 2023 - Jeff Kowalczyk + +- Packaging improvements: + * Summary and Description clarify the purpose of this CLI tool + * Use Group: Development/Languages/Go instead of Other + * Drop BuildRequires: golang-packaging. The recommended Go + toolchain dependency is BuildRequires: golang(API) >= 1.x or + optionally the metapackage BuildRequires: go + * Drop Requires: golang-packaging. The original macros for file + movements into GOPATH are obsolete with Go modules. Macro + go_nostrip is no longer needed with current binutils and Go. + * Remove %%{go_nostrip} macro which is no longer recommended + ------------------------------------------------------------------- Mon Oct 09 09:02:02 UTC 2023 - felix.niederwanger@suse.com @@ -24,6 +38,13 @@ Mon Oct 09 09:02:02 UTC 2023 - felix.niederwanger@suse.com * Exclude maps from slince bounce check rule (#1006) * Ignore struct pointers in G601 (#1003) * Update gosec image version to 2.17.0 in the Github action (#1002) +- Packaging improvements: + * Use BuildRequires: golang(API) >= 1.20 instead of go >= 1.20. + The go metapackage points to a single go version that + increments at a date TBD after each go1.x major release. The + expression golang(API) is available immediately upon each go1.x + major release and is stable for expressing the minimum version + or a temporarily pinned version. ------------------------------------------------------------------- Thu Aug 17 12:57:28 UTC 2023 - Felix Niederwanger felix.niederwanger@suse.com diff --git a/gosec.spec b/gosec.spec index 130ab67..8e50c39 100644 --- a/gosec.spec +++ b/gosec.spec @@ -1,7 +1,7 @@ # # spec file for package gosec # -# Copyright (c) 2022 SUSE LLC +# Copyright (c) 2023 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -19,18 +19,18 @@ Name: gosec Version: 2.18.0 Release: 0 -Summary: Golang security checker +Summary: CLI tool to scan the Go AST and SSA code representations for security problems License: Apache-2.0 -Group: Development/Languages/Other +Group: Development/Languages/Go URL: https://github.com/securego/gosec Source: gosec-%{version}.tar.xz Source1: vendor.tar.gz BuildRequires: golang(API) >= 1.20 -BuildRequires: golang-packaging -%{go_nostrip} %description -Inspects source code for security problems by scanning the go abstract syntax tree. +CLI tool to inspect Go source code for security problems by scanning the +abstract syntax tree (AST) and static single-assignment (SSA) code +representations. %prep %autosetup -D -a 1