* FileDigestCheck: configure digest filter type per whitelisting entry
* FileDigestCheck: also assert that a path key is present
* dbus-services: adjust nm-priv-helper path (bsc#1194799)
* dbus-services: whitelist nvme-stas (bsc#1195236)
* FileDigestCheck: enable XML filtered digests for D-Bus services
* FileDigestCheck: emit special {group}-file-parse-error if XML is bad
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=873
* tests: add test case for FileDigestGroup with multiple package names
* FileDigestCheck: support additional `packages = ["pkg1", "pkg2"]` syntax
* FileDigestCheck: refactor digest group parsing and normalization
* FileMetadataCheck: support additional `packages = ["pkg1", "pkg2"]` syntax
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=865
* Fix backward compatibility with rpmlintrc files.
* Fixed bug where a valid symlink is reported as invalid.
This appears to be a regression from rpmlint 1.
Comparing the two reveals that the comparison of link
to path.parent would never make sense, and comparing
link to path.name would resemble rpmlint 1's behavior.
* dbus-services: add setroubleshoot whitelisting (bsc#1186344)
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=842
* dbus-services: adjust wicked whitelisting to new paths (bsc#1192033)
* Add new LibraryDependencyCheck.
* Rework the lib_regex pattern
* security whitelistings: test whitelistings for file-digest-mismatch errors
* scoring.toml: fix alphabetical order of permissions-file errors
* security whitelistings: add badness for file-digest-mismatch errors
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=839
* Checking libalternatives entries and links.
* Fix -r argument.
* opensuse.toml: add permissions-parse-error to BlockedFilters
* dbus-services: adjust digest for test whitelisting (need a different file there)
* polkit-rules-whitelist: fix package name for test whitelisting
* Remove unused VS code settings.
* Whitelisting pam_u2f module (bsc#1190790)
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=836
- Update to version 2.1+git20211012.c27e0fe:
* Adding whitelisting for pam_ssh_agent_auth. bsc#1190983
* Enable shlib-policy-name-error error.
* Support %autochangelog in %changelog.
* remove /run from disalloweddirs
* Fix missing-dependency-on check.
* dbus-services whitelisting: add power-profiles-daemon (bsc#1189900)
* security whitelistings: add whitelistings for OBS integration test package
* PolkitCheck: be robust against dead symlinks in actions directory
OBS-URL: https://build.opensuse.org/request/show/924800
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=828
- Install configs with 644.
- Update to Rpmlint 2.0:
* RPMLint now is a "normal" Python application and now supports being imported
like a standard Python module! This means that all the normal use-cases for
RPMLint are still supported, but now you can make it a part of larger Python-based
applications or services.
* RPMLint uses a declarative TOML-based syntax for configuring RPMLint policy
instead of Python code.
* RPMLint now has an override system for the descriptions shown for various checks,
so that distributions who want to give specific policy information can
do so without patching the code.
* RPMLint includes many more checks! Nearly all of the generally useful checks created
by the openSUSE community have been merged into the tree, so distributions can now
benefit from a wider offering of checks to implement policy enforcement.
* RPMLint is Python 3 only and now supports Python 3.6 and newer.
* RPMLint is now built and installed like a standard Python application using setuptools.
- Removed legacy patches:
* invalid-filerequires.diff
* no-badness-return.diff
* no-doc-for-lib.diff
* only-reg-files-are-scripts.diff
* remove-ghostfile-checks.diff
* rpm415-workaround.diff
* rpmgroup-checks.diff
* rpmlint-suse.diff
* suse-binarieschecks.diff
* suse-checks.diff
* suse-filter-exception.diff
* suse-filter-more-verbose.diff
OBS-URL: https://build.opensuse.org/request/show/901418
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=780
- Update of rpmlint-tests to version 84.87+git20200724.ef05f7e:
* use /usr/bin/su instead of /bin/su since the latter is no longer allowed
- Update of rpmlint-checks to version master:
* Introduce new metadata whitelist type and related checks. Device files and
world-writeable files will now be covered by new whitelists from
rpmlint-security-whitelistings.
- config: Enable new CheckWorldWritable and CheckDeviceFiles
OBS-URL: https://build.opensuse.org/request/show/823721
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=743
- Update to version master:
* CheckSUIDPermissions.py: fix permissions.d checks
* add a lint to catch insecure mixed file/directory ownership similar to CVE-2019-3689
- Update to version 84.87+git20200206.7e2b64f:
* permissions2: test that allowed permissions.d drop-ins work
* test for new file-parent-ownership-mismatch lint
- Update to version master:
* CheckSUIDPermissions.py: fix permissions.d checks
* add a lint to catch insecure mixed file/directory ownership similar to CVE-2019-3689
- Update to version 84.87+git20200206.7e2b64f:
* permissions2: test that allowed permissions.d drop-ins work
* test for new file-parent-ownership-mismatch lint
OBS-URL: https://build.opensuse.org/request/show/770508
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=710
- Update to version 84.87+git20200130.c0de5f4:
* libzork4.spec: removed define for 'basename' in libzork4.spec.
This causes build errors because 'basename' is a builtin and it's
not used
- Update to version 84.87+git20200115.9339533:
* use uname -m instead of uname -i as the latter is not portable
* remove rpm directory upon make clean
* Support for different output based on architecture. For that create a
<NAME>.<ARCH>.ref file instead of <NAME>.ref E.g. debug.i386.ref
* verify that new permissions paths need whitelisting
- Update to version master:
* CheckCronJobs: correct cronjob-unauthorized-file explanation
* Use named constants to check file modes
* CheckSUIDPermissions.py: check new permission paths
OBS-URL: https://build.opensuse.org/request/show/768785
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=706
- Update to version 84.87+git20190828.2c92180:
* Revert "added LTO errors as expected for debug tests"
- Update to version 84.87+git20190828.8fa8ac5:
* Do not use -flto for debug tests.
- Update to version 84.87+git20190828.2c92180:
* Revert "added LTO errors as expected for debug tests"
- Update to version 84.87+git20190828.8fa8ac5:
* Do not use -flto for debug tests.
- Do not validate rpm groups to avoid rpmlint warning as the group
is not really mandatory
OBS-URL: https://build.opensuse.org/request/show/726708
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=684
* coding style: fix indentation to satisfy flake8 travis-ci test
* CheckPolkitPrivs: implement new check for files put into rules.d dirs
* CheckPolkitPrivs: separate and refactor check for actions
* CheckPolkitPrivs: separate and refactor check of polkit-default-privs.d
* CheckPolkitPrivs: remove oudated PolicyKit path
* CheckPolkitPrivs: clearer error message for files in /etc/polkit-default-privs.d
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=659
- Update to version 84.87+git20181018.60e0249:
* Add test for %tmpfiles_create foo.conf with no full path
- Update rpmlint-checks to version master (bsc#1116686):
* Ignore decoding errors as we're not sure we know the encoding
* Use UTF-8 encoding when opening .pc file (#42)
* whitelist otrs permission file (#41)
* Relax various flake8 warnings
* Handle '-n' option for %service_del_preun %service_del_postun
* There isn't a good standard, whether the directory should be called 'tests/' or 'test/'
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=646
* Adjust output for enabled non-std group checks
- Update rpmlint-checks to version master:
* Fix false positives for -theme- -> -branding- rename
* Stop leaking filedescriptors
* Pythonic fixes
* Drop CheckAppdata (there is AppDataCheck upstream)
* Tighten ELF check
* Tiny code formatting cleanup
* Tighten the branding policy reporting a bit to make it less confusing
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=519
* remote unused/outdated checks
- Update to version 84.87+git20170418.092177d:
* Remove initscript related tests, systemd FTW!
- Update to version master:
* remote unused/outdated checks
- Update to version 84.87+git20170418.092177d:
* Remove initscript related tests, systemd FTW!
OBS-URL: https://build.opensuse.org/package/show/devel:openSUSE:Factory:rpmlint/rpmlint?expand=0&rev=450
