yq/yq.spec

#
# spec file for package yq
#
# Copyright (c) 2025 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.

# Please submit bugfixes or comments via https://bugs.opensuse.org/
#


%global provider_prefix github.com/mikefarah/yq
%global import_path     %{provider_prefix}

Name:           yq
Version:        4.44.6
Release:        0
Summary:        A portable command-line YAML processor
License:        MIT
URL:            https://github.com/mikefarah/yq
Source0:        https://github.com/mikefarah/yq/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
Source1:        vendor.tar.gz
Patch0:         Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch
# conflict with all python3X-yq packages since they install /usr/bin/yq
# we need to handle Leap 15.4 specially since the python3dist() is not
# generated there
%if 0%{?suse_version} >= 1550
Conflicts:      python3dist(yq)
%else
Conflicts:      python3-yq
%endif
BuildRequires:  golang(API) = 1.22

%description
A lightweight and portable command-line YAML processor. yq uses jq like syntax
but works with yaml files as well as json. It doesn't yet support everything
jq does - but it does support the most common operations and functions, and more
is being added continuously.

%package bash-completion
Summary:        Bash Completion for %{name}
Requires:       %{name} = %{version}
Supplements:    (%{name} and bash-completion)
BuildArch:      noarch

%description bash-completion
Bash command line completion support for %{name}.

%package zsh-completion
Summary:        Zsh Completion for %{name}
Requires:       %{name} = %{version}
Supplements:    (%{name} and zsh)
BuildArch:      noarch

%description zsh-completion
Zsh command line completion support for %{name}.

%package fish-completion
Summary:        Fish Completion for %{name}
Requires:       %{name} = %{version}
Supplements:    (%{name} and fish)
BuildArch:      noarch

%description fish-completion
Fish command line completion support for %{name}.

%prep
%autosetup -p1 -a1

%build
go build -trimpath -buildmode=pie -mod=vendor -o bin/%{name}

%check
go test ./...

%install
install -D -m 0755 ./bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
mkdir -p %{buildroot}%{_datarootdir}/bash-completion/completions
%{buildroot}/%{_bindir}/%{name} shell-completion bash > %{buildroot}%{_datarootdir}/bash-completion/completions/%{name}
mkdir -p %{buildroot}%{_datarootdir}/zsh_completion.d
%{buildroot}/%{_bindir}/%{name} shell-completion zsh > %{buildroot}%{_datarootdir}/zsh_completion.d/_%{name}
mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d
%{buildroot}/%{_bindir}/%{name} shell-completion fish > %{buildroot}%{_datarootdir}/fish/vendor_completions.d/%{name}.fish

%files bash-completion
%defattr(-,root,root)
%dir %{_datarootdir}/bash-completion/completions/
%{_datarootdir}/bash-completion/completions/%{name}

%files zsh-completion
%defattr(-,root,root)
%dir %{_datarootdir}/zsh_completion.d/
%{_datarootdir}/zsh_completion.d/_%{name}

%files fish-completion
%defattr(-,root,root)
%dir %{_datarootdir}/fish
%dir %{_datarootdir}/fish/vendor_completions.d
%{_datarootdir}/fish/vendor_completions.d/%{name}.fish

%files
%{_bindir}/%{name}
%license LICENSE
%doc README.md

%files bash-completion
%defattr(-,root,root)
%dir %{_datarootdir}/bash-completion/completions/
%{_datarootdir}/bash-completion/completions/%{name}

%changelog
fix CVE-2024-45338 old: utilities/yq new: home:mslacken:branches:utilities/yq rev None Index: vendor.tar.gz =================================================================== Binary files vendor.tar.gz (revision 39) and vendor.tar.gz (revision 3) differ Index: yq.changes =================================================================== --- yq.changes (revision 39) +++ yq.changes (revision 3) @@ -1,4 +1,27 @@ ------------------------------------------------------------------- +Wed Jan 8 16:52:32 UTC 2025 - Christian Goll <cgoll@suse.com> + +- Updated to 4.44.6: + * Fixed deleting items in array bug #2027, #2172; Thanks @jandubois + * Docker image for armv7 / raspberry pi3, Thanks @brianegge + * Fixed no-colors regression #2218 + * Fixed various panic scenarios #2211 + * Bumped dependencies +- Changes from 4.44.5 (4.44.4 was skipped) + * Format comments with a gray foreground (Thanks @gabe565) + * Fixed handling of nulls with sort_by expressions #2164 + * Force no color output when NO_COLOR env presents (Thanks @narqo) + * Fixed array subtraction update bug #2159 + * Fixed index out of range error + * Can traverse straight from parent operator (parent.blah) + * Bumped dependencies + +- Bumped x/net to 0.33.0 to fix CVE-2024-45338 + * add file Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch + + + +------------------------------------------------------------------- Mon Aug 12 13:18:36 UTC 2024 - Dirk Müller <dmueller@suse.com> - update to 4.44.3: Index: yq.spec =================================================================== --- yq.spec (revision 39) +++ yq.spec (revision 3) @@ -1,7 +1,7 @@ # # spec file for package yq # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -20,13 +20,14 @@ %global import_path %{provider_prefix} Name: yq -Version: 4.44.3 +Version: 4.44.6 Release: 0 Summary: A portable command-line YAML processor License: MIT URL: https://github.com/mikefarah/yq Source0: https://github.com/mikefarah/yq/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz Source1: vendor.tar.gz +Patch0: Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch # conflict with all python3X-yq packages since they install /usr/bin/yq # we need to handle Leap 15.4 specially since the python3dist() is not # generated there @@ -71,7 +72,7 @@ Fish command line completion support for %{name}. %prep -%setup -qa1 +%autosetup -p1 -a1 %build go build -trimpath -buildmode=pie -mod=vendor -o bin/%{name} Index: Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch =================================================================== --- Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch (added) +++ Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch (revision 3) @@ -0,0 +1,56 @@ +From 7efae2dad9f3900a5d4e3ef275735657f0a34d2a Mon Sep 17 00:00:00 2001 +From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> +Date: Thu, 19 Dec 2024 03:23:37 +0000 +Subject: [PATCH] Bump golang.org/x/net from 0.32.0 to 0.33.0 + +Bumps [golang.org/x/net](https://github.com/golang/net) from 0.32.0 to 0.33.0. +- [Commits](https://github.com/golang/net/compare/v0.32.0...v0.33.0) + +--- +updated-dependencies: +- dependency-name: golang.org/x/net + dependency-type: direct:production + update-type: version-update:semver-minor +... + +Signed-off-by: dependabot[bot] <support@github.com> +--- + go.mod \| 2 +- + go.sum \| 8 ++++---- + 2 files changed, 5 insertions(+), 5 deletions(-) + +diff --git a/go.mod b/go.mod +index f44bcbbd..56bd2a2c 100644 +--- a/go.mod ++++ b/go.mod +@@ -16,7 +16,7 @@ require ( + github.com/spf13/cobra v1.8.1 + github.com/spf13/pflag v1.0.5 + github.com/yuin/gopher-lua v1.1.1 +- golang.org/x/net v0.32.0 ++ golang.org/x/net v0.33.0 + golang.org/x/text v0.21.0 + gopkg.in/op/go-logging.v1 v1.0.0-20160211212156-b2cb9fa56473 + gopkg.in/yaml.v3 v3.0.1 +diff --git a/go.sum b/go.sum +index e8746990..4fec28d7 100644 +--- a/go.sum ++++ b/go.sum +@@ -62,10 +62,10 @@ github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsT + github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= + github.com/yuin/gopher-lua v1.1.1 h1:kYKnWBjvbNP4XLT3+bPEwAXJx262OhaHDWDVOPjL46M= + github.com/yuin/gopher-lua v1.1.1/go.mod h1:GBR0iDaNXjAgGg9zfCvksxSRnQx76gclCIb7kdAd1Pw= +-golang.org/x/crypto v0.30.0 h1:RwoQn3GkWiMkzlX562cLB7OxWvjH1L8xutO2WoJcRoY= +-golang.org/x/crypto v0.30.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= +-golang.org/x/net v0.32.0 h1:ZqPmj8Kzc+Y6e0+skZsuACbx+wzMgo5MQsJh9Qd6aYI= +-golang.org/x/net v0.32.0/go.mod h1:CwU0IoeOlnQQWJ6ioyFrfRuomB8GKF6KbYXZVyeXNfs= ++golang.org/x/crypto v0.31.0 h1:ihbySMvVjLAeSH1IbfcRTkD/iNscyz8rGzjF/E5hV6U= ++golang.org/x/crypto v0.31.0/go.mod h1:kDsLvtWBEx7MV9tJOj9bnXsPbxwJQ6csT/x4KIN4Ssk= ++golang.org/x/net v0.33.0 h1:74SYHlV8BIgHIFC/LrYkOGIwL19eTYXQ5wc6TBuO36I= ++golang.org/x/net v0.33.0/go.mod h1:HXLR5J+9DxmrqMwG9qjGCxZ+zKXxBru04zlTvWlWuN4= + golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= + golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= + golang.org/x/sys v0.28.0 h1:Fksou7UEQUWlKvIdsqzJmUmCX3cZuD2+P3XyyzwMhlA= +-- +2.43.0 + Index: yq-4.44.6.tar.gz =================================================================== Binary file yq-4.44.6.tar.gz (revision 3) added Index: yq-4.44.3.tar.gz =================================================================== Binary file yq-4.44.3.tar.gz (revision 39) deleted OBS-URL: https://build.opensuse.org/package/show/utilities/yq?expand=0&rev=40 2025-01-09 13:31:02 +01:00			`#`
			`# spec file for package yq`
			`#`
			`# Copyright (c) 2025 SUSE LLC`
			`#`
			`# All modifications and additions to the file contributed by third parties`
			`# remain the property of their copyright owners, unless otherwise agreed`
			`# upon. The license for this file, and modifications and additions to the`
			`# file, is the same license as for the pristine package itself (unless the`
			`# license for the pristine package is not an Open Source License, in which`
			`# case the license is the MIT License). An "Open Source License" is a`
			`# license that conforms to the Open Source Definition (Version 1.9)`
			`# published by the Open Source Initiative.`

			`# Please submit bugfixes or comments via https://bugs.opensuse.org/`
			`#`


			`%global provider_prefix github.com/mikefarah/yq`
			`%global import_path %{provider_prefix}`

			`Name: yq`
			`Version: 4.44.6`
			`Release: 0`
			`Summary: A portable command-line YAML processor`
			`License: MIT`
			`URL: https://github.com/mikefarah/yq`
			`Source0: https://github.com/mikefarah/yq/archive/refs/tags/v%{version}.tar.gz#/%{name}-%{version}.tar.gz`
			`Source1: vendor.tar.gz`
			`Patch0: Bump-golang.org-x-net-from-0.32.0-to-0.33.0.patch`
			`# conflict with all python3X-yq packages since they install /usr/bin/yq`
			`# we need to handle Leap 15.4 specially since the python3dist() is not`
			`# generated there`
			`%if 0%{?suse_version} >= 1550`
			`Conflicts: python3dist(yq)`
			`%else`
			`Conflicts: python3-yq`
			`%endif`
			`BuildRequires: golang(API) = 1.22`

			`%description`
			`A lightweight and portable command-line YAML processor. yq uses jq like syntax`
			`but works with yaml files as well as json. It doesn't yet support everything`
			`jq does - but it does support the most common operations and functions, and more`
			`is being added continuously.`

			`%package bash-completion`
			`Summary: Bash Completion for %{name}`
			`Requires: %{name} = %{version}`
			`Supplements: (%{name} and bash-completion)`
			`BuildArch: noarch`

			`%description bash-completion`
			`Bash command line completion support for %{name}.`

			`%package zsh-completion`
			`Summary: Zsh Completion for %{name}`
			`Requires: %{name} = %{version}`
			`Supplements: (%{name} and zsh)`
			`BuildArch: noarch`

			`%description zsh-completion`
			`Zsh command line completion support for %{name}.`

			`%package fish-completion`
			`Summary: Fish Completion for %{name}`
			`Requires: %{name} = %{version}`
			`Supplements: (%{name} and fish)`
			`BuildArch: noarch`

			`%description fish-completion`
			`Fish command line completion support for %{name}.`

			`%prep`
			`%autosetup -p1 -a1`

			`%build`
			`go build -trimpath -buildmode=pie -mod=vendor -o bin/%{name}`

			`%check`
			`go test ./...`

			`%install`
			`install -D -m 0755 ./bin/%{name} "%{buildroot}/%{_bindir}/%{name}"`
			`mkdir -p %{buildroot}%{_datarootdir}/bash-completion/completions`
			`%{buildroot}/%{_bindir}/%{name} shell-completion bash > %{buildroot}%{_datarootdir}/bash-completion/completions/%{name}`
			`mkdir -p %{buildroot}%{_datarootdir}/zsh_completion.d`
			`%{buildroot}/%{_bindir}/%{name} shell-completion zsh > %{buildroot}%{_datarootdir}/zsh_completion.d/_%{name}`
			`mkdir -p %{buildroot}%{_datadir}/fish/vendor_completions.d`
			`%{buildroot}/%{_bindir}/%{name} shell-completion fish > %{buildroot}%{_datarootdir}/fish/vendor_completions.d/%{name}.fish`

			`%files bash-completion`
			`%defattr(-,root,root)`
			`%dir %{_datarootdir}/bash-completion/completions/`
			`%{_datarootdir}/bash-completion/completions/%{name}`

			`%files zsh-completion`
			`%defattr(-,root,root)`
			`%dir %{_datarootdir}/zsh_completion.d/`
			`%{_datarootdir}/zsh_completion.d/_%{name}`

			`%files fish-completion`
			`%defattr(-,root,root)`
			`%dir %{_datarootdir}/fish`
			`%dir %{_datarootdir}/fish/vendor_completions.d`
			`%{_datarootdir}/fish/vendor_completions.d/%{name}.fish`

			`%files`
			`%{_bindir}/%{name}`
			`%license LICENSE`
			`%doc README.md`

			`%files bash-completion`
			`%defattr(-,root,root)`
			`%dir %{_datarootdir}/bash-completion/completions/`
			`%{_datarootdir}/bash-completion/completions/%{name}`

			`%changelog`