pool/velociraptor
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
241ebf3914
velociraptor/velociraptor-reproducible-timestamp.diff
Jeff Mahoney ac85413735 Accepting request 1133905 from home:jeff_mahoney:branches:security:sensor 
- Temporarily use the NODE_MODULES BEGIN/END form of the node_modules
  service due to a bug in debbuild preventing Debian builds from succeeding.
- Update to version 0.7.0.4.git4.c1b68a5b:
  * hash: fix nil pointer dereference panic
  * velociraptor: add dummy main function for mage
- Removed patch:
  * velociraptor-golang-mage-vendoring.diff
- Switched to using go_modules and node_modules source services
  - Eliminated bespoke vendoring scripts.
- Pulled sysuser definition into the velociraptor package.

- Remove PrivateTmp and PrivateDevices settings in velociraptor-client.service (SENS-70)

- Update to version 0.7.0.4.git0.e09a0df8:
  * Add additional sanitization to HTML templates on JS side. (#2) (#3077) (CVE-2023-5950)
  * vql/linux/sdjournal: Fix open/close lifetimes
  * vql/linux/audit: fix shutdown races
  * vql/linux/audit: fix goroutine lifetimes
  * vql/linux/audit: limit messageQueue to within runService
  * vql/linux/audit: add auditService.Log()
  * vql/linux/audit: pull parts of shutdown into shutdown watcher
  * vql/linux/audit: remove unnecessary error handling for reassembler
  * vql/linux/audit: remove unused waitgroup from main event loop
  * vql/linux/audit: handle top-level cancelation properly
  * vql/linux/audit: make explicit that goroutines in the main errgroup don't return errors
  * vql/linux/audit: make stats reporting separate from debug prints
  * vql/linux/audit: simplify polling in listener
  * vql/linux/audit: tests, check various rule scenarios
  * vql/linux/audit: Add more client failure test cases
  * vql/linux/audit: Fix audit client lifecycle

OBS-URL: https://build.opensuse.org/request/show/1133905
OBS-URL: https://build.opensuse.org/package/show/security:sensor/velociraptor?expand=0&rev=55
2023-12-18 18:44:23 +00:00

33 lines
1.1 KiB
Diff
Raw Blame History

From: Jeff Mahoney <jeffm@suse.com>
Subject: magefile: use stable timestamps for build
In order to create reprodicible builds, we can't have timestamps that vary
without anything else changing.
---
magefiles/magefile.go | 12 ++++++++++--
1 file changed, 10 insertions(+), 2 deletions(-)
--- a/magefiles/magefile.go
+++ b/magefiles/magefile.go
@@ -472,10 +472,18 @@ func build_gui_files() error {
}
func flags() string {
- timestamp := time.Now().Format(time.RFC3339)
+ timestamp := os.Getenv("VELOCIRAPTOR_BUILD_TIME")
+ if timestamp == "" {
+ timestamp = time.Now().Format(time.RFC3339)
+ }
flags := fmt.Sprintf(` -X "www.velocidex.com/golang/velociraptor/config.build_time=%s"`, timestamp)
- flags += fmt.Sprintf(` -X "www.velocidex.com/golang/velociraptor/config.commit_hash=%s"`, hash())
+ head := os.Getenv("VELOCIRAPTOR_GIT_HEAD")
+ if head == "" {
+ head = hash()
+ }
+
+ flags += fmt.Sprintf(` -X "www.velocidex.com/golang/velociraptor/config.commit_hash=%s"`, head)
// If we are running on the CI pipeline we need to know the run
// number and URL so we can report them.
Reference in New Issue View Git Blame Copy Permalink