1
0
Files
cargo-auditable/cargo-auditable.spec
William Brown d5289d45a9 Accepting request 1067424 from home:amanzini:branches:devel:languages:rust
- Update to version 0.6.0~0:
  * README and documentation improvements 
  * Read the rustc path passed by Cargo; fixes #90
  * Read location of Cargo from the environment variable Cargo sets for third-party subcommands
  * Add a note on sccache version compatibility to CHANGELOG.md
  * Panic on compilation commands where we fail to parse the arguments instead of silently ignoring the error
  * Specifying the binary-scanning feature is no longer needed
  * Pass options such as --offline to `cargo metadata`
  * Pass on arguments from `cargo auditable` invocation to the rustc wrapper; prep work towards fixing #83
  * Bump rust-audit-info to 0.5.2
  * Bump auditable-serde version to 0.5.2
  * Correctly fill in the source even in dependency entries when converting to cargo-lock data format
  * Drop the roundtrip through &str in semver::Version; now that semver 1.0 has shipped the versions are API-compatible and this is no longer necessary
  * Release auditable-info 0.6.1
  * Bump all the version requirements for things depending on auditable-info
  * Fix audit_info_from_slice function signature

OBS-URL: https://build.opensuse.org/request/show/1067424
OBS-URL: https://build.opensuse.org/package/show/devel:languages:rust/cargo-auditable?expand=0&rev=3
2023-03-07 02:24:24 +00:00

68 lines
2.7 KiB
RPMSpec

#
# spec file for package cargo-auditable
#
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
%define __rustflags -Clink-arg=-Wl,-z,relro,-z,now -C debuginfo=2 -C incremental=false
%define __cargo CARGO_FEATURE_VENDORED=1 RUSTFLAGS="%{__rustflags}" %{_bindir}/cargo
%define __cargo_common_opts %{?_smp_mflags}
Name: cargo-auditable
Version: 0.6.0~0
Release: 0
Summary: A tool to embed auditing information in ELF sections of rust binaries
# If you know the license, put it's SPDX string here.
# Alternately, you can use cargo lock2rpmprovides to help generate this.
License: (Apache-2.0 OR MIT) AND Unicode-DFS-2016 AND (0BSD OR MIT OR Apache-2.0) AND (Apache-2.0 OR BSL-1.0) AND (Apache-2.0 OR MIT) AND (Apache-2.0 OR Apache-2.0 WITH LLVM-exception OR MIT) AND (Apache-2.0 OR MIT OR Zlib) AND (Apache-2.0 OR MIT OR Zlib) AND (MIT OR Unlicense) AND (Apache-2.0 OR Zlib OR MIT) AND MIT
# Select a group from this link:
# https://en.opensuse.org/openSUSE:Package_group_guidelines
Group: Development/Languages/Rust
URL: https://github.com/rust-secure-code/cargo-auditable
Source0: %{name}-%{version}.tar.zst
Source1: vendor.tar.zst
Source2: cargo_config
# We can't dep on cargo-packaging because we would create a dependency loop.
# BuildRequires: cargo-packaging
BuildRequires: cargo
BuildRequires: zstd
Requires: cargo
%description
Know the exact crate versions used to build your Rust executable. Audit binaries for known bugs or
security vulnerabilities in production, at scale, with zero bookkeeping. This works by embedding
data about the dependency tree in JSON format into a dedicated linker section of the compiled
executable.
%prep
%autosetup -a1
mkdir .cargo
cp %{SOURCE2} .cargo/config
%build
unset LIBSSH2_SYS_USE_PKG_CONFIG
%{__cargo} build \
%{__cargo_common_opts} \
--offline --release
%install
install -D -d -m 0755 %{buildroot}%{_bindir}
install -m 0755 %{_builddir}/%{name}-%{version}/target/release/cargo-auditable %{buildroot}%{_bindir}/cargo-auditable
%files
%{_bindir}/cargo-auditable
%changelog