From a52fafd235cb42d40544f2fba1316a2605715696 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 22:03:14 +0000
Subject: [PATCH 001/110] py3-tqdm/4.67.1 package update (#35112)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
py3-tqdm.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/py3-tqdm.yaml b/py3-tqdm.yaml
index b6b1741adbc..42145c53cef 100644
--- a/py3-tqdm.yaml
+++ b/py3-tqdm.yaml
@@ -1,7 +1,7 @@
package:
name: py3-tqdm
- version: 4.67.0
- epoch: 1
+ version: 4.67.1
+ epoch: 0
description: Fast, Extensible Progress Meter
copyright:
- license: MPL-2.0 AND MIT
@@ -34,7 +34,7 @@ pipeline:
- uses: fetch
with:
# README: 'CONFIRM WITH: curl -L https://files.pythonhosted.org/packages/source/t/tqdm/tqdm-4.66.1.tar.gz | sha256sum'
- expected-sha256: fe5a6f95e6fe0b9755e9469b77b9c3cf850048224ecaa8293d7d2d31f97d869a
+ expected-sha256: f8aef9c52c08c13a65f30ea34f4e5aac3fd1a34959879d7e59e63027286627f2
uri: https://files.pythonhosted.org/packages/source/t/tqdm/tqdm-${{package.version}}.tar.gz
subpackages:
From ac4a152a362b630cfe679f72b72e1d542367742d Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 23:03:18 +0000
Subject: [PATCH 002/110] bash-completion/2.15.0 package update (#35113)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
bash-completion.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/bash-completion.yaml b/bash-completion.yaml
index f7754d7a372..597026b0547 100644
--- a/bash-completion.yaml
+++ b/bash-completion.yaml
@@ -1,7 +1,7 @@
package:
name: bash-completion
- version: 2.14.0
- epoch: 2
+ version: 2.15.0
+ epoch: 0
description: "Programmable completion functions for bash"
copyright:
- license: GPL-2.0-only
@@ -20,7 +20,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/scop/bash-completion
- expected-commit: 0543d1a28ce3d36741675c7ef6da7c2286288f3e
+ expected-commit: d4a1c565dfcafc21a6c9cfe56966a531a42b6219
tag: ${{package.version}}
- runs: autoreconf -fiv
From 4a7279f41e179b25dc3a93960b560ae600b2841a Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:14:46 -0500
Subject: [PATCH 003/110] cargo-auditable/0.6.6 package update (#35080)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
cargo-auditable.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/cargo-auditable.yaml b/cargo-auditable.yaml
index ae77351cffc..2b140015331 100644
--- a/cargo-auditable.yaml
+++ b/cargo-auditable.yaml
@@ -1,6 +1,6 @@
package:
name: cargo-auditable
- version: 0.6.5
+ version: 0.6.6
epoch: 0
description: Cargo wrapper for embedding auditing data
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/rust-secure-code/cargo-auditable
tag: v${{package.version}}
- expected-commit: ceb4475d237b0296a3ddb946e0337fb658743ccc
+ expected-commit: 83713a1c609b28d93660c64b8974b0226fe2c7a4
- name: cargo deps bump
runs: |
From ee9da2dd4aa18e2126aa27c4d954019769e19803 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:15:18 -0500
Subject: [PATCH 004/110] ruby3.3-jruby-openssl/0.15.2 package update (#35087)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.3-jruby-openssl.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.3-jruby-openssl.yaml b/ruby3.3-jruby-openssl.yaml
index 07870a74585..81749f004f7 100644
--- a/ruby3.3-jruby-openssl.yaml
+++ b/ruby3.3-jruby-openssl.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/jruby/jruby-openssl
package:
name: ruby3.3-jruby-openssl
- version: 0.15.1
+ version: 0.15.2
epoch: 0
description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: d805c4be42cf15d3489f95b491069e6c6a8deae5
+ expected-commit: 29cedb9d3a0374a2d3d2adc88b34deb119112967
repository: https://github.com/jruby/jruby-openssl
tag: v${{package.version}}
From ef6e8470b2e3d918bee48851e8c5f0885f66b741 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:15:30 -0500
Subject: [PATCH 005/110] ruby3.2-jruby-openssl/0.15.2 package update (#35088)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.2-jruby-openssl.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/ruby3.2-jruby-openssl.yaml b/ruby3.2-jruby-openssl.yaml
index b9e02ceefef..d17118ab96d 100644
--- a/ruby3.2-jruby-openssl.yaml
+++ b/ruby3.2-jruby-openssl.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/jruby/jruby-openssl
package:
name: ruby3.2-jruby-openssl
- version: 0.15.1
- epoch: 1
+ version: 0.15.2
+ epoch: 0
description: JRuby-OpenSSL is an add-on gem for JRuby that emulates the Ruby OpenSSL native library.
copyright:
- license: GPL-2.0-or-later AND EPL-1.0 AND LGPL-2.1-or-later
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: d805c4be42cf15d3489f95b491069e6c6a8deae5
+ expected-commit: 29cedb9d3a0374a2d3d2adc88b34deb119112967
repository: https://github.com/jruby/jruby-openssl
tag: v${{package.version}}
From b02f7964639c466ebe597e8aac13d5dd82173d8e Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:15:44 -0500
Subject: [PATCH 006/110] corepack/0.30.0 package update (#35055)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
corepack.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/corepack.yaml b/corepack.yaml
index 21b8b5f1dd7..e0e67d1bdb1 100644
--- a/corepack.yaml
+++ b/corepack.yaml
@@ -1,6 +1,6 @@
package:
name: corepack
- version: 0.29.4
+ version: 0.30.0
epoch: 0
description: Zero-runtime-dependency package acting as bridge between Node projects and their package managers
copyright:
@@ -15,7 +15,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: ebd45f1694cb56bfc114fc05b9322ac6c60fb535e5c33af17dfb913a796668c4
+ expected-sha256: 5a57ee4e2f9b71867f5a99d005b23e9a8dbd1ae423ee53af0ba978fa1ad34a63
uri: https://github.com/nodejs/corepack/releases/download/v${{package.version}}/corepack.tgz
strip-components: 0
From ab0b48134cbc60626799226605c6e0f43a92a51f Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:16:45 -0800
Subject: [PATCH 007/110] Add the pkgconf test pipeline to qpdf (#35031)
More testing \o/
---
qpdf.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/qpdf.yaml b/qpdf.yaml
index 3a2988f3546..67e3cb137e4 100644
--- a/qpdf.yaml
+++ b/qpdf.yaml
@@ -1,7 +1,7 @@
package:
name: qpdf
version: 11.9.1
- epoch: 1
+ epoch: 2
description: Command-line tools and library for transforming PDF files
copyright:
- license: Apache-2.0
@@ -53,6 +53,9 @@ subpackages:
runtime:
- qpdf
description: qpdf dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: qpdf-doc
pipeline:
From ed6f6250da52e236a16d78d4e6d785bf9ad10962 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:16:55 -0800
Subject: [PATCH 008/110] Add the pkgconf test pipeline to openipmi (#35030)
More testing \o/
---
openipmi.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/openipmi.yaml b/openipmi.yaml
index 57f70e8a362..3f0b72e8d20 100644
--- a/openipmi.yaml
+++ b/openipmi.yaml
@@ -1,7 +1,7 @@
package:
name: openipmi
version: 2.0.36
- epoch: 1
+ epoch: 2
description: IPMI (Intelligent Platform Management Interface) library and tools
copyright:
- license: LGPL-2.0-or-later AND GPL-2.0-or-later OR BSD-3-Clause
@@ -52,6 +52,9 @@ subpackages:
- openipmi
- ncurses-dev
description: openipmi dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: openipmi-doc
pipeline:
From a3267d47c8fc6075862ce85d86bf08a95a95a7ae Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:17:04 -0800
Subject: [PATCH 009/110] Add the pkgconf test pipeline to openexr (#35029)
More testing \o/
---
openexr.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/openexr.yaml b/openexr.yaml
index bd8c6978ea2..0154189c5cf 100644
--- a/openexr.yaml
+++ b/openexr.yaml
@@ -2,7 +2,7 @@
package:
name: openexr
version: 3.3.2
- epoch: 0
+ epoch: 1
description: High dynamic-range image file format library
copyright:
- license: BSD-3-Clause
@@ -67,6 +67,9 @@ subpackages:
runtime:
- openexr
description: openexr dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: openexr-libiex
pipeline:
From 01cafac57666388b2f0ac4fa3e4800992df2e3ba Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:17:13 -0800
Subject: [PATCH 010/110] Add the pkgconf test pipeline to mimalloc2 (#35023)
More testing \o/
---
mimalloc2.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/mimalloc2.yaml b/mimalloc2.yaml
index 4d561f51dd7..511997babbf 100644
--- a/mimalloc2.yaml
+++ b/mimalloc2.yaml
@@ -1,7 +1,7 @@
package:
name: mimalloc2
version: 2.1.7
- epoch: 2
+ epoch: 3
description: "A compact general purpose allocator with excellent performance"
copyright:
- license: GPL-3.0-or-later
@@ -49,6 +49,9 @@ subpackages:
dependencies:
runtime:
- mimalloc2
+ test:
+ pipeline:
+ - uses: test/pkgconf
test:
environment:
From 99c188c5546fb598d86f36b06f864e9775526b4b Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:17:25 -0800
Subject: [PATCH 011/110] Add the pkgconf test pipeline to libsrt (#35022)
More testing \o/
---
libsrt.yaml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libsrt.yaml b/libsrt.yaml
index cd39d96070b..3ffc9a6bc25 100644
--- a/libsrt.yaml
+++ b/libsrt.yaml
@@ -1,7 +1,7 @@
package:
name: libsrt
version: 1.5.4
- epoch: 0
+ epoch: 1
description: "Secure Reliable Transport (SRT)"
copyright:
- license: MPL-2.0
@@ -50,3 +50,4 @@ test:
srt-live-transmit --version
srt-file-transmit --help
srt-live-transmit --help
+ - uses: test/pkgconf
From 3f413fd9dcd45dc4c28466eed85df496aad75676 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:17:44 -0500
Subject: [PATCH 012/110] py3-botocore/1.35.68 package update (#35013)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: Jason Hall
---
py3-botocore.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/py3-botocore.yaml b/py3-botocore.yaml
index 4729595f94a..3db9622d1bc 100644
--- a/py3-botocore.yaml
+++ b/py3-botocore.yaml
@@ -1,6 +1,6 @@
package:
name: py3-botocore
- version: 1.35.67
+ version: 1.35.68
epoch: 0
description: The low-level, core functionality of Boto3
copyright:
@@ -29,7 +29,7 @@ pipeline:
- uses: fetch
with:
uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz
- expected-sha256: d782e02f2949889cf97a140a89cd5e9363d0e4b0153db51faf7fc16305c6e0e1
+ expected-sha256: 42c3700583a82f2b5316281a073d644a521d6358837e2b446dc458ba5d990fb4
subpackages:
- range: py-versions
From ce0d0593b1d4551d34c280abe4a584dda24d1c32 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sun, 24 Nov 2024 18:17:55 -0500
Subject: [PATCH 013/110] rustls-ffi/0.14.1 package update (#35008)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rustls-ffi.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/rustls-ffi.yaml b/rustls-ffi.yaml
index 115bd0db4fd..eafe84adca1 100644
--- a/rustls-ffi.yaml
+++ b/rustls-ffi.yaml
@@ -1,7 +1,7 @@
package:
name: rustls-ffi
- version: 0.14.0
- epoch: 1
+ version: 0.14.1
+ epoch: 0
description: "C-to-rustls bindings"
copyright:
- license: MIT
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/rustls/rustls-ffi
tag: v${{package.version}}
- expected-commit: 326bb76f64db954a92663e87fcf620f2a615ec99
+ expected-commit: 2014e6154074ba66c0023a683b27fdae93fbeabb
- runs: |
cargo capi build --release
From 153f889bf8a9c0d7f18372c53934616580e50e36 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:21:08 -0800
Subject: [PATCH 014/110] Add the pkgconf test pipeline to yara (#34998)
Fixes https://github.com/wolfi-dev/os/issues/34377
---
yara.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/yara.yaml b/yara.yaml
index f3a48cd6237..bd0e7f9c240 100644
--- a/yara.yaml
+++ b/yara.yaml
@@ -2,7 +2,7 @@
package:
name: yara
version: 4.5.2
- epoch: 1
+ epoch: 2
description: The pattern matching swiss knife for malware researchers
copyright:
- license: BSD-3-Clause
@@ -54,6 +54,9 @@ subpackages:
dependencies:
runtime:
- yara
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: yara-doc
description: yara manpages
From 5d07e29a58ac44ba4b62ae58ef27d0689f950859 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Sun, 24 Nov 2024 15:21:18 -0800
Subject: [PATCH 015/110] Add the pkgconf test pipeline to glu (#34997)
Fixes https://github.com/wolfi-dev/os/issues/34012
---
glu.yaml | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/glu.yaml b/glu.yaml
index ab4852bb935..da9f4b4afb3 100644
--- a/glu.yaml
+++ b/glu.yaml
@@ -1,7 +1,7 @@
package:
name: glu
version: 9.0.3
- epoch: 0
+ epoch: 1
description: "Mesa OpenGL Utility library"
copyright:
- license: SGI-B-1.1
@@ -37,6 +37,10 @@ pipeline:
- uses: strip
+test:
+ pipeline:
+ - uses: test/pkgconf
+
update:
enabled: true
release-monitor:
From 981bd59fa492ce23b6aa0df0c24ad0e4e348a8e2 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 01:09:06 +0000
Subject: [PATCH 016/110] wolfictl/0.26.0 package update (#35116)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
wolfictl.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/wolfictl.yaml b/wolfictl.yaml
index 9297d0b8c79..8ba2cff5e5b 100644
--- a/wolfictl.yaml
+++ b/wolfictl.yaml
@@ -1,6 +1,6 @@
package:
name: wolfictl
- version: 0.25.0
+ version: 0.26.0
epoch: 0
description: Helper CLI for managing Wolfi
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/wolfi-dev/wolfictl
tag: v${{package.version}}
- expected-commit: 974a1cb574a42c81252db5e1346aeae94802cc22
+ expected-commit: f64935c37fb39fa2df31e6fe9838af2b00390eae
- uses: go/build
with:
From 2277acbdf8b56af2c6fb2875ed3a8975f8b27e36 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 01:09:33 +0000
Subject: [PATCH 017/110] melange/0.15.14 package update (#35115)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
melange.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/melange.yaml b/melange.yaml
index 254f68a084f..6a7ebd82798 100644
--- a/melange.yaml
+++ b/melange.yaml
@@ -1,6 +1,6 @@
package:
name: melange
- version: 0.15.13
+ version: 0.15.14
epoch: 0
description: build APKs from source code
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 907019c0549969cbe7b39bf8eaf0e906248d8cf9
+ expected-commit: 2fff904cdf10b30b8948fa803069f7e62487d93c
repository: https://github.com/chainguard-dev/melange
tag: v${{package.version}}
From f16863d76ba0f63bac10949de95396575a26178b Mon Sep 17 00:00:00 2001
From: kranurag7 <81210977+kranurag7@users.noreply.github.com>
Date: Mon, 25 Nov 2024 07:51:06 +0530
Subject: [PATCH 018/110] include helix runtime as part of helix package
(#35092)
---
helix.yaml | 21 ++++++++++++++++-----
helix/cargobump-deps.yaml | 5 +++++
2 files changed, 21 insertions(+), 5 deletions(-)
create mode 100644 helix/cargobump-deps.yaml
diff --git a/helix.yaml b/helix.yaml
index 02a9a039f3c..ead0939fbc6 100644
--- a/helix.yaml
+++ b/helix.yaml
@@ -1,7 +1,7 @@
package:
name: helix
version: "24.07"
- epoch: 1
+ epoch: 2
description: "A post-modern modal text editor."
copyright:
- license: MPL-2.0
@@ -15,6 +15,8 @@ environment:
- openssf-compiler-options
- rust
- wolfi-base
+ environment:
+ HELIX_DEFAULT_RUNTIME: "/usr/lib/helix/runtime"
pipeline:
- uses: git-checkout
@@ -23,11 +25,20 @@ pipeline:
expected-commit: 079f544260f4f5eaff08104bf07abd57bfb7b611
tag: ${{package.version}}
- - name: Configure and build
+ - uses: rust/cargobump
+
+ - name: Build
+ uses: cargo/build
+ with:
+ opts: --locked --profile opt
+ output-dir: target/opt
+ output: hx
+
+ - name: Helix Runtime
runs: |
- cargo install --path helix-term --locked
- mkdir -p ${{targets.destdir}}/usr/bin/
- mv target/release/hx ${{targets.destdir}}/usr/bin/
+ rm -rf runtime/grammars/sources
+ mkdir -p ${{targets.destdir}}/usr/lib/helix/
+ cp -r runtime ${{targets.destdir}}/usr/lib/helix/
- uses: strip
diff --git a/helix/cargobump-deps.yaml b/helix/cargobump-deps.yaml
new file mode 100644
index 00000000000..4bc9136acec
--- /dev/null
+++ b/helix/cargobump-deps.yaml
@@ -0,0 +1,5 @@
+packages:
+ - name: gix-attributes
+ version: 0.22.3
+ - name: gix-path
+ version: 0.10.11
From 7bc89cdd5d05ba94964dabb3dd034d882e638db5 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 08:05:02 +0000
Subject: [PATCH 019/110] re2c/4.0.1 package update (#35120)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
re2c.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/re2c.yaml b/re2c.yaml
index ec10984ea63..c63b427098f 100644
--- a/re2c.yaml
+++ b/re2c.yaml
@@ -1,7 +1,7 @@
# Generated from https://git.alpinelinux.org/aports/plain/main/re2c/APKBUILD
package:
name: re2c
- version: "4.0"
+ version: 4.0.1
epoch: 0
description: Lexer generator for C, C++ and Go
copyright:
@@ -22,7 +22,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 6281c6bf52e684d5727ac293667c8031a4aa9010636512da5aee45f19987c1ee
+ expected-sha256: 7c35d54fdf2c4b5981b80362d1c742aec4d011589673e02f2e9566f7e66c44af
uri: https://github.com/skvadrik/re2c/releases/download/${{package.version}}/re2c-${{package.version}}.tar.xz
- uses: autoconf/configure
From 8adca64ce832029411b226b8c18c94266c1a50e0 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 09:04:15 +0000
Subject: [PATCH 020/110] git/2.47.1 package update (#35119)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
git.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/git.yaml b/git.yaml
index 0463eea46d4..8049e9c45af 100644
--- a/git.yaml
+++ b/git.yaml
@@ -1,6 +1,6 @@
package:
name: git
- version: 2.47.0
+ version: 2.47.1
epoch: 0
description: "distributed version control system"
copyright:
@@ -26,13 +26,13 @@ pipeline:
- uses: fetch
with:
uri: https://www.kernel.org/pub/software/scm/git/git-${{package.version}}.tar.xz
- expected-sha256: 1ce114da88704271b43e027c51e04d9399f8c88e9ef7542dae7aebae7d87bc4e
+ expected-sha256: f3d8f9bb23ae392374e91cd9d395970dabc5b9c5ee72f39884613cd84a6ed310
- uses: fetch
working-directory: /home/build/git-manpages
with:
uri: https://www.kernel.org/pub/software/scm/git/git-manpages-${{package.version}}.tar.xz
- expected-sha256: c8dfefa07bddc9e5c2aa48ff03e80a3461d9baa45f46b17b1a43c8e132b1fab8
+ expected-sha256: ffc2005a89b056c0727b667f6beda0068371619762ea4844ad0229091befee13
- runs: |
cat >> config.mak <<-EOF
From c0068690d8edc13b0f4d84064734b66e917f71b9 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?=
Date: Mon, 25 Nov 2024 12:11:49 +0300
Subject: [PATCH 021/110] upgrade grafana-rollout-operator to latest (#35108)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes:
Related:
### Pre-review Checklist
#### For new package PRs only
- [ ] This PR is marked as fixing a pre-existing package request bug
- [ ] Alternatively, the PR is marked as related to a pre-existing
package request bug, such as a dependency
- [x] REQUIRED - The package is available under an OSI-approved or
FSF-approved license
- [x] REQUIRED - The version of the package is still receiving security
updates
- [ ] This PR links to the upstream project's support policy (e.g.
`endoflife.date`)
Signed-off-by: Batuhan Apaydin
---
...0.14.yaml => grafana-rollout-operator.yaml | 29 +++----------------
1 file changed, 4 insertions(+), 25 deletions(-)
rename grafana-rollout-operator-0.14.yaml => grafana-rollout-operator.yaml (55%)
diff --git a/grafana-rollout-operator-0.14.yaml b/grafana-rollout-operator.yaml
similarity index 55%
rename from grafana-rollout-operator-0.14.yaml
rename to grafana-rollout-operator.yaml
index cbad96ad60f..a6b6c1f4f4e 100644
--- a/grafana-rollout-operator-0.14.yaml
+++ b/grafana-rollout-operator.yaml
@@ -1,48 +1,28 @@
package:
- name: grafana-rollout-operator-0.14
- version: 0.14.0
- epoch: 4
+ name: grafana-rollout-operator
+ version: 0.20.1
+ epoch: 0
description: Kubernetes Rollout Operator
copyright:
- license: Apache-2.0
- dependencies:
- provides:
- - grafana-rollout-operator=${{package.full-version}}
-
-environment:
- contents:
- packages:
- - build-base
- - go
- environment:
- CGO_ENABLED: 0
pipeline:
- uses: git-checkout
with:
repository: https://github.com/grafana/rollout-operator
tag: v${{package.version}}
- expected-commit: 4dfc90339440982d07065cad294b32d9ba77e8ae
-
- - uses: go/bump
- with:
- deps: golang.org/x/net@v0.23.0 google.golang.org/protobuf@v1.33.0
+ expected-commit: e74c10fade60ae17d522dbaf7d152f5c894d1849
- uses: go/build
with:
- modroot: .
packages: ./cmd/rollout-operator
output: rollout-operator
- ldflags: '-extldflags "-static"'
- go-package: go
- name: hardlinks
runs: |
mkdir -p ${{targets.contextdir}}/bin
ln -sf /usr/bin/rollout-operator ${{targets.contextdir}}/bin/rollout-operator
- - uses: strip
-
test:
pipeline:
- runs: |
@@ -54,4 +34,3 @@ update:
identifier: grafana/rollout-operator
strip-prefix: v
use-tag: true
- tag-filter: v0.14.
From e22cfba0e9d14d418b2a220bd3742759d2878240 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?=
Date: Mon, 25 Nov 2024 12:31:03 +0300
Subject: [PATCH 022/110] sql_exporter package build (#35122)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes:
Related:
### Pre-review Checklist
#### For new package PRs only
- [ ] This PR is marked as fixing a pre-existing package request bug
- [ ] Alternatively, the PR is marked as related to a pre-existing
package request bug, such as a dependency
- [x] REQUIRED - The package is available under an OSI-approved or
FSF-approved license
- [x] REQUIRED - The version of the package is still receiving security
updates
- [ ] This PR links to the upstream project's support policy (e.g.
`endoflife.date`)
Signed-off-by: Batuhan Apaydin
---
sql_exporter.yaml | 44 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 44 insertions(+)
create mode 100644 sql_exporter.yaml
diff --git a/sql_exporter.yaml b/sql_exporter.yaml
new file mode 100644
index 00000000000..66775006f7d
--- /dev/null
+++ b/sql_exporter.yaml
@@ -0,0 +1,44 @@
+package:
+ name: sql_exporter
+ version: 0.16.0
+ epoch: 0
+ description: Database-agnostic SQL Exporter for Prometheus
+ copyright:
+ - license: Apache-2.0
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/burningalchemist/sql_exporter
+ tag: ${{package.version}}
+ expected-commit: a1726ff66775980c1de3ad44bfffb169525b2dd1
+
+ - uses: go/build
+ with:
+ packages: ./cmd/sql_exporter
+ ldflags: |
+ -X github.com/prometheus/common/version.Version=${{package.version}}
+ -X github.com/prometheus/common/version.Revision=$(git rev-parse HEAD)
+ -X github.com/prometheus/common/version.Branch=$(git rev-parse --abbrev-ref HEAD)
+ -X github.com/prometheus/common/version.BuildUser=$(whoami)@$HOSTNAME
+ -X github.com/prometheus/common/version.BuildDate=$(date -u -d "@${SOURCE_DATE_EPOCH:-$(date +%s)}" "+%Y-%m-%dT%H:%M:%SZ")
+ output: sql_exporter
+
+subpackages:
+ - name: ${{package.name}}-compat
+ description: "upstream image have executable placed at /bin"
+ pipeline:
+ - runs: |
+ mkdir -p "${{targets.contextdir}}"/bin
+ ln -sf /usr/bin/sql_exporter "${{targets.contextdir}}"/bin/sql_exporter
+
+update:
+ enabled: true
+ github:
+ identifier: burningalchemist/sql_exporter
+
+test:
+ pipeline:
+ - name: Version Check
+ runs: |
+ /usr/bin/sql_exporter --version | grep "version ${{package.version}}"
From fbe1bd5333181bedcb85653ac2e96eea9d8bac55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Batuhan=20Apayd=C4=B1n?=
Date: Mon, 25 Nov 2024 12:56:23 +0300
Subject: [PATCH 023/110] create a -compat subpackage for
grafana-rollout-operator (#35124)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Fixes:
Related:
### Pre-review Checklist
#### For new package PRs only
- [ ] This PR is marked as fixing a pre-existing package request bug
- [ ] Alternatively, the PR is marked as related to a pre-existing
package request bug, such as a dependency
- [x] REQUIRED - The package is available under an OSI-approved or
FSF-approved license
- [x] REQUIRED - The version of the package is still receiving security
updates
- [ ] This PR links to the upstream project's support policy (e.g.
`endoflife.date`)
Signed-off-by: Batuhan Apaydin
---
grafana-rollout-operator.yaml | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/grafana-rollout-operator.yaml b/grafana-rollout-operator.yaml
index a6b6c1f4f4e..1d31bcb8656 100644
--- a/grafana-rollout-operator.yaml
+++ b/grafana-rollout-operator.yaml
@@ -1,7 +1,7 @@
package:
name: grafana-rollout-operator
version: 0.20.1
- epoch: 0
+ epoch: 1
description: Kubernetes Rollout Operator
copyright:
- license: Apache-2.0
@@ -18,10 +18,13 @@ pipeline:
packages: ./cmd/rollout-operator
output: rollout-operator
- - name: hardlinks
- runs: |
- mkdir -p ${{targets.contextdir}}/bin
- ln -sf /usr/bin/rollout-operator ${{targets.contextdir}}/bin/rollout-operator
+subpackages:
+ - name: ${{package.name}}-compat
+ description: "upstream image have executable placed at /bin"
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/bin
+ ln -sf /usr/bin/rollout-operator ${{targets.contextdir}}/bin/rollout-operator
test:
pipeline:
@@ -33,4 +36,3 @@ update:
github:
identifier: grafana/rollout-operator
strip-prefix: v
- use-tag: true
From 36db73ddfde768765038eba4f06697f9f7fb9868 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 10:04:18 +0000
Subject: [PATCH 024/110] victoriametrics-operator/0.50.0 package update
(#35125)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
victoriametrics-operator.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/victoriametrics-operator.yaml b/victoriametrics-operator.yaml
index 071a77b58dd..0f4b3ccd8bc 100644
--- a/victoriametrics-operator.yaml
+++ b/victoriametrics-operator.yaml
@@ -1,6 +1,6 @@
package:
name: victoriametrics-operator
- version: 0.49.1
+ version: 0.50.0
epoch: 0
description: Kubernetes operator for Victoria Metrics
copyright:
@@ -9,7 +9,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 593d5237127af436087245a036970145ef4042f4
+ expected-commit: 4f8fafb9ca1965cb48d40d40749c66b72b64dffd
repository: https://github.com/VictoriaMetrics/operator
tag: v${{package.version}}
From dba1aa098a5f6ce33a1cb7cc32d450d1912d8b6b Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 10:16:59 +0000
Subject: [PATCH 025/110] ruby3.3-bouncy-castle-java/1.5.0146.1-r0: cve
remediation (#32700)
ruby3.3-bouncy-castle-java/1.5.0146.1-r0: fix GHSA-v435-xc8x-wvr9
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/ruby3.3-bouncy-castle-java.advisories.yaml
---------
Signed-off-by: Mark McCormick
Signed-off-by: hectorj2f
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
Co-authored-by: Mark McCormick
Co-authored-by: hectorj2f
---
ruby3.3-bouncy-castle-java.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.3-bouncy-castle-java.yaml b/ruby3.3-bouncy-castle-java.yaml
index 34961ff2f12..d29a4d272c6 100644
--- a/ruby3.3-bouncy-castle-java.yaml
+++ b/ruby3.3-bouncy-castle-java.yaml
@@ -2,7 +2,7 @@
package:
name: ruby3.3-bouncy-castle-java
version: 1.5.0146.1
- epoch: 0
+ epoch: 1
description: Gem redistribution of "Legion of the Bouncy Castle Java cryptography APIs" jars at http://www.bouncycastle.org/java.html
copyright:
- license: MIT
@@ -19,7 +19,7 @@ environment:
- ruby-${{vars.rubyMM}}-dev
environment:
# https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on
- BCPROV_VERSION: 1.77
+ BCPROV_VERSION: 1.78
pipeline:
- uses: git-checkout
From e3a26197ebf9f06440d4e1fdbc652dab7055d270 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:22:55 +0000
Subject: [PATCH 026/110] linux-headers/6.6.63 package update (#34982)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
linux-headers.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linux-headers.yaml b/linux-headers.yaml
index 14b98d7a101..f7dae03ba29 100644
--- a/linux-headers.yaml
+++ b/linux-headers.yaml
@@ -1,6 +1,6 @@
package:
name: linux-headers
- version: 6.6.62
+ version: 6.6.63
epoch: 0
description: "the Linux kernel headers (cross compilation)"
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/gregkh/linux
tag: v${{package.version}}
- expected-commit: c1036e4f14d03aba549cdd9b186148d331013056
+ expected-commit: bff3e13adb72656356111d2549d8be7c872d6e15
- runs: |
make mrproper
From 1b68a3cebbb25593690b7e21e65f8d0e72b01214 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:24:10 +0000
Subject: [PATCH 027/110] ruby3.2-logstash-core/8.16.1 package update (#34959)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.2-logstash-core.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.2-logstash-core.yaml b/ruby3.2-logstash-core.yaml
index 2fcca4b26cb..78d8580b6ed 100644
--- a/ruby3.2-logstash-core.yaml
+++ b/ruby3.2-logstash-core.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.2-logstash-core
- version: 8.16.0
+ version: 8.16.1
epoch: 0
description: The core components of logstash, the scalable log and event management tool
copyright:
@@ -45,7 +45,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
+ expected-commit: a769327be81a655ed66a0539cee42380de220c27
- working-directory: logstash-core
pipeline:
From cf8b000af1c4d74d4d303bfb46c14a413dbec0dc Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:24:48 +0000
Subject: [PATCH 028/110] conda-build/24.11.1 package update (#34951)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
From ad3aaba8c3dba99d555c4b25caeffe58a2aea34a Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 13:13:03 +0000
Subject: [PATCH 029/110] debezium-connect-entrypoint-3.0/3.0.3 package update
(#35134)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
debezium-connect-entrypoint-3.0.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/debezium-connect-entrypoint-3.0.yaml b/debezium-connect-entrypoint-3.0.yaml
index 70d34fa5215..c4736e737a0 100644
--- a/debezium-connect-entrypoint-3.0.yaml
+++ b/debezium-connect-entrypoint-3.0.yaml
@@ -1,7 +1,7 @@
package:
name: debezium-connect-entrypoint-3.0
- version: 3.0.2
- epoch: 2
+ version: 3.0.3
+ epoch: 0
description: Helper package to provide necessary files for the Debezium images
copyright:
- license: Apache-2.0
@@ -39,7 +39,7 @@ pipeline:
with:
repository: https://github.com/debezium/container-images
tag: v${{package.version}}.Final
- expected-commit: 0565147b930179425f985bcd706682695057230a
+ expected-commit: 29cf76542c7d65a4e71ac12e85ab2c2ea33141d7
- uses: patch
with:
From 93c8a3313d8078fff5890f7640b907a1a3f7e848 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 13:13:19 +0000
Subject: [PATCH 030/110] thanos/0.37.0 package update (#35132)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
thanos.yaml | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/thanos.yaml b/thanos.yaml
index 6bcabc0209c..e77b6237072 100644
--- a/thanos.yaml
+++ b/thanos.yaml
@@ -1,7 +1,7 @@
package:
name: thanos
- version: 0.36.1
- epoch: 1
+ version: 0.37.0
+ epoch: 0
description: Highly available Prometheus setup with long term storage capabilities.
copyright:
- license: Apache-2.0
@@ -18,14 +18,10 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 99a5742a15f107d4607d280c825eca5b7f09a253
+ expected-commit: 889d52763023d1bd6356c36268afc8bcdae93298
repository: https://github.com/thanos-io/thanos
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
-
- runs: |
make build
From 7ff5b72c743dfcfcd73a66cbaa6663c65e3eebe5 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 13:13:44 +0000
Subject: [PATCH 031/110] newrelic-prometheus-configurator/1.18.3 package
update (#35133)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
newrelic-prometheus-configurator.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/newrelic-prometheus-configurator.yaml b/newrelic-prometheus-configurator.yaml
index 8bebf97d6f8..ef8af79048c 100644
--- a/newrelic-prometheus-configurator.yaml
+++ b/newrelic-prometheus-configurator.yaml
@@ -1,6 +1,6 @@
package:
name: newrelic-prometheus-configurator
- version: 1.18.2
+ version: 1.18.3
epoch: 0
description: New Relic Prometheus Configurator
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/newrelic/newrelic-prometheus-configurator
tag: v${{package.version}}
- expected-commit: 9517d4255b9a233a52a648a64c5a40e63188c863
+ expected-commit: d206ffc3f27215de5b62c306d497898e83328895
- runs: |
GOOS=$(go env GOOS)
From 6a570783fd832db79a4c2d456ab39821f7393ed8 Mon Sep 17 00:00:00 2001
From: jamie-albert
Date: Mon, 25 Nov 2024 05:53:51 -0800
Subject: [PATCH 032/110] kubeflow-centraldashboard/GHSA-pppg-cpfq-h7wr fix
(#34981)
Version bump to fix version of affected dependency.
---
kubeflow-centraldashboard.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/kubeflow-centraldashboard.yaml b/kubeflow-centraldashboard.yaml
index 756ad9be0b9..a163548a973 100644
--- a/kubeflow-centraldashboard.yaml
+++ b/kubeflow-centraldashboard.yaml
@@ -1,7 +1,7 @@
package:
name: kubeflow-centraldashboard
version: 1.9.2
- epoch: 0
+ epoch: 1
description: Landing page and central dashboard for Kubeflow deployments
copyright:
- license: MIT
@@ -56,7 +56,7 @@ pipeline:
"path-to-regexp": "0.1.10",
"serve-static": "^1.16.0",
"cookie": "0.7.0",
- "jsonpath-plus": "10.0.0"
+ "jsonpath-plus": "10.0.7"
}'
# Apply the overrides
From 3d98e0ef3db04b2b8473ac4614324086d94d7080 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 06:58:03 -0700
Subject: [PATCH 033/110] svt-av1/2.3.0 package update (#32237)
[Fix(aarch64 build): Use clang as compiler and add symlink for
LLVMgold.so](https://github.com/wolfi-dev/os/pull/32237/commits/063ea5b77d27de5e54ead69d5bc08dcefdf0a541)
1. with gcc the arrch64 build was failing during the LTO process and
also failing if disable LTO with error:
```
Segmentation fault
47 | return svget_neonq_s16(svtbl_s16(svset_neonq_s16(svundef_s16(), s), svset_neonq_u16(svundef_u16(), tbl)));
```
2. added the `LLVMgold.so` symlink as the build process is trying to
find that lib in `/usr/lib/` dir while linking
---------
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Signed-off-by: debasishbsws
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: debasishbsws
---
svt-av1.yaml | 13 ++++++++++---
1 file changed, 10 insertions(+), 3 deletions(-)
diff --git a/svt-av1.yaml b/svt-av1.yaml
index bafcdc9e101..e8afdb7c697 100644
--- a/svt-av1.yaml
+++ b/svt-av1.yaml
@@ -1,6 +1,6 @@
package:
name: svt-av1
- version: 2.2.1
+ version: 2.3.0
epoch: 0
description: "Scalable Video Technology for AV1 (SVT-AV1 Encoder)"
copyright:
@@ -11,21 +11,28 @@ environment:
packages:
- build-base
- busybox
+ - clang
- cmake
- nasm
- openssf-compiler-options
- samurai
+ - yasm
pipeline:
- uses: git-checkout
with:
repository: https://gitlab.com/AOMediaCodec/SVT-AV1.git
- expected-commit: 55a01def732bb9e7016d23cc512384f7a88d6e86
+ expected-commit: 6e69def4ec283fe0b71195671245c3b768bebdef
tag: v${{package.version}}
+ - runs: ln -s /usr/lib/llvm-19/lib/LLVMgold.so /usr/lib/LLVMgold.so
+
- uses: cmake/configure
with:
- opts: -DSVT_AV1_LTO=ON
+ opts: |
+ -DCMAKE_BUILD_TYPE=Release \
+ -DCMAKE_C_COMPILER=clang \
+ -DCMAKE_CXX_COMPILER=clang++ \
- uses: cmake/build
From 38cf58066d9b98424bea4c236b21bf009ee4ebc1 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 14:03:39 +0000
Subject: [PATCH 034/110] envoy-ratelimit/0.0.0_git20241125 package update
(#35139)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
envoy-ratelimit.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/envoy-ratelimit.yaml b/envoy-ratelimit.yaml
index f6f9bbc7526..e64ed2de733 100644
--- a/envoy-ratelimit.yaml
+++ b/envoy-ratelimit.yaml
@@ -2,7 +2,7 @@
package:
name: envoy-ratelimit
# This project doesn't do releases and everything is commit based.
- version: 0.0.0_git20241118
+ version: 0.0.0_git20241125
epoch: 0
description: Go/gRPC service designed to enable generic rate limit scenarios from different types of applications.
copyright:
@@ -16,7 +16,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 0e630f156ae7a3d4198daf971af2e6c595f19a70
+ expected-commit: 15b5ac4b45fbf6fdcb13e109077a103096c9f2e2
repository: https://github.com/envoyproxy/ratelimit
branch: main
From 7afc75ec445792f4b142d0fc11d3ea2c1836585e Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 14:03:59 +0000
Subject: [PATCH 035/110] brew/4.4.7 package update (#35137)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
brew.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/brew.yaml b/brew.yaml
index b90152091e8..499f643de9d 100644
--- a/brew.yaml
+++ b/brew.yaml
@@ -1,6 +1,6 @@
package:
name: brew
- version: 4.4.6
+ version: 4.4.7
epoch: 0
description: "The homebrew package manager"
copyright:
@@ -49,7 +49,7 @@ pipeline:
repository: https://github.com/Homebrew/brew
tag: ${{package.version}}
destination: ./brew
- expected-commit: cc0b5d6d05d1f3af5b2f53e9fbb1e7bfa0c332ab
+ expected-commit: 4a77cd1e2f7ed058d03a47fe1f18819b246e67f6
- runs: |
set -x
From 8e53c8da2479ec864eda9e75f06dfbbd09960884 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:04:07 +0000
Subject: [PATCH 036/110] selenium/4.27.0 package update (#35142)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
selenium.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/selenium.yaml b/selenium.yaml
index ec66ba940c7..a150e2eeac3 100644
--- a/selenium.yaml
+++ b/selenium.yaml
@@ -1,7 +1,7 @@
package:
name: selenium
- version: 4.26.0
- epoch: 1
+ version: 4.27.0
+ epoch: 0
description: A browser automation framework and ecosystem.
copyright:
- license: Apache-2.0
@@ -40,7 +40,7 @@ pipeline:
with:
repository: https://github.com/SeleniumHQ/selenium
tag: selenium-${{package.version}}
- expected-commit: 69f9e5eae1cfcabd794327bef2f81102f213fae6
+ expected-commit: d6e718d134987d62cd8ffff476821fb3ca1797c2
- uses: patch
with:
From 1f7ca562517f5858ed3a16c9b699d6db54354ae9 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:04:24 +0000
Subject: [PATCH 037/110] opentelemetry-plugin-nginx/0_git20241125 package
update (#35138)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
opentelemetry-plugin-nginx.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/opentelemetry-plugin-nginx.yaml b/opentelemetry-plugin-nginx.yaml
index b276cefc308..d105fa9295d 100644
--- a/opentelemetry-plugin-nginx.yaml
+++ b/opentelemetry-plugin-nginx.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-tag
package:
name: opentelemetry-plugin-nginx
- version: 0_git20241118
+ version: 0_git20241125
epoch: 0
description: Adds OpenTelemetry distributed tracing support to nginx. This is the otel community plugin for nginx, not the official nginx plugin for otel.
copyright:
From 2797ec77bd078533887d9e31d321c15846961035 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:04:46 +0000
Subject: [PATCH 038/110] golangci-lint/1.62.2 package update (#35141)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
golangci-lint.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/golangci-lint.yaml b/golangci-lint.yaml
index 2fd33bd482a..2b05f02472a 100644
--- a/golangci-lint.yaml
+++ b/golangci-lint.yaml
@@ -1,6 +1,6 @@
package:
name: golangci-lint
- version: 1.62.0
+ version: 1.62.2
epoch: 0
description: Fast linters Runner for Go
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/golangci/golangci-lint
tag: v${{package.version}}
- expected-commit: 22b58c9b648f027d699f305c069a2a97ed0c5b06
+ expected-commit: 89476e7a1eaa0a8a06c17343af960a5fd9e7edb7
- runs: |
make build
From 0c22ce2127aae001fe63dcf5327d6844d500eb7b Mon Sep 17 00:00:00 2001
From: Jamon Camisso
Date: Mon, 25 Nov 2024 10:11:39 -0500
Subject: [PATCH 039/110] update fluent-operator replaces to 3.2 (#35145)
The `fluent-watcher-config` subpackage notes that the `fluent-bit`
version in the replaces block needs to be updated with version-stream
updates. So this PR bumps the version from 3.1 -> 3.2.
Signed-off-by: Jamon
---
fluent-operator.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/fluent-operator.yaml b/fluent-operator.yaml
index 163b58b501b..b2300e0321f 100644
--- a/fluent-operator.yaml
+++ b/fluent-operator.yaml
@@ -1,7 +1,7 @@
package:
name: fluent-operator
version: 3.2.0
- epoch: 1
+ epoch: 2
description: Operate Fluent Bit and Fluentd in the Kubernetes way - Previously known as FluentBit Operator
copyright:
- license: Apache-2.0
@@ -70,7 +70,7 @@ subpackages:
# When this test fails, that likely means fluent-bit rolled forward to
# a new version stream anad must be updated in the "replaces" block
# below
- - fluent-bit-3.1
+ - fluent-bit-3.2
pipeline:
- runs: |
mkdir -p "${{targets.contextdir}}"/fluent-bit/etc
From fecf4614cf3fb67aa1200a48371c06c49b4759d9 Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <19779+xnox@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:33:51 +0000
Subject: [PATCH 040/110] New package rust-audit-info (#35140)
Small binary from cargo-auditable collection of tools that helps to
parse & read cargo audit json information from a binary. Helps with
inspecting SBOM of a given binary.
---
rust-audit-info.yaml | 45 ++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 45 insertions(+)
create mode 100644 rust-audit-info.yaml
diff --git a/rust-audit-info.yaml b/rust-audit-info.yaml
new file mode 100644
index 00000000000..9377242e51b
--- /dev/null
+++ b/rust-audit-info.yaml
@@ -0,0 +1,45 @@
+package:
+ name: rust-audit-info
+ version: 0.5.4
+ epoch: 0
+ description: Read audit information from rust binaries
+ copyright:
+ - license: MIT OR Apache-2.0
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - cargo-auditable
+ - openssf-compiler-options
+ - rust
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/rust-secure-code/cargo-auditable
+ tag: rust-audit-info/v${{package.version}}
+ expected-commit: a0ed9cb5b98a0c927fa8d78aed04065144b136e7
+
+ - name: Configure and build
+ runs: |
+ cd rust-audit-info/
+ cargo auditable build --release
+ mkdir -p ${{targets.destdir}}/usr/bin/
+ mv target/release/rust-audit-info ${{targets.destdir}}/usr/bin/
+
+ - uses: strip
+
+test:
+ pipeline:
+ - runs: |
+ rust-audit-info /usr/bin/rust-audit-info
+
+update:
+ enabled: true
+ github:
+ identifier: rust-secure-code/cargo-auditable
+ use-tag: true
+ tag-filter: rust-audit-info/v
+ strip-prefix: rust-audit-info/v
From 13e95f58d333ed49e2ffe96a578f7b07917e610c Mon Sep 17 00:00:00 2001
From: Scott Moser
Date: Mon, 25 Nov 2024 10:40:02 -0500
Subject: [PATCH 041/110] lua5.3, lua5.4 - package cleanups and rebuild
(#34985)
- lua5.4 - updates to package and a rebuild.
A build of lua5.4 right now will not 'provide: so:liblua5.4.so' due
to /usr/lib/liblua* being symlinks.
We need a build https://github.com/chainguard-dev/melange/pull/1662
to fix that.
Other things here are:
* build 5.4 with V=5.4 (not V=5.3)
* build 5.4 with compath for 5.3 not the non-existant 5.2
https://gitlab.alpinelinux.org/alpine/aports/-/issues/13257
* split libs out from the main package
(main package will get a dep on the libs so that will be fine)
* rename patches in lua5.4/ to not be redundantly lua-5.4-thing
* define and use a var 'luaMM' for the major.minor everywhere.
* use one patch section with 3 patches rather than 3 patch sections
* do not install liblua.la
* improve tests a bit to check for version in '-v' output
* add a test to make sure lua5.4-libs provides the desired so:
* fix typo in configure.ac (top_builddir, not 'top_buildir').
- lua5.3 - apply the same changes, but leave it building with linenoise
instead of readline.
---
lua5.3.yaml | 136 +++++++++++++-----
lua5.3/{lua-5.3-make.patch => make.patch} | 0
...-module_paths.patch => module_paths.patch} | 0
lua5.4.yaml | 125 +++++++++++-----
lua5.4/{lua-5.4-make.patch => make.patch} | 0
...-module_paths.patch => module_paths.patch} | 0
6 files changed, 189 insertions(+), 72 deletions(-)
rename lua5.3/{lua-5.3-make.patch => make.patch} (100%)
rename lua5.3/{lua-5.3-module_paths.patch => module_paths.patch} (100%)
rename lua5.4/{lua-5.4-make.patch => make.patch} (100%)
rename lua5.4/{lua-5.4-module_paths.patch => module_paths.patch} (100%)
diff --git a/lua5.3.yaml b/lua5.3.yaml
index b0a58b8f0cb..0922c79f6ab 100644
--- a/lua5.3.yaml
+++ b/lua5.3.yaml
@@ -1,11 +1,17 @@
package:
name: lua5.3
version: 5.3.6
- epoch: 5
- description: "powerful lightweight programming language"
+ epoch: 6
+ description: Powerful light-weight programming language
copyright:
- license: MIT
+var-transforms:
+ - from: ${{package.version}}
+ match: (\d+\.\d+).\d
+ replace: "$1"
+ to: luaMM
+
environment:
contents:
packages:
@@ -21,24 +27,20 @@ environment:
pipeline:
- uses: fetch
with:
- uri: https://www.lua.org/ftp/lua-${{package.version}}.tar.gz
expected-sha256: fc5fd69bb8736323f026672b1b7235da613d7177e72558893a0bdcd320466d60
+ uri: https://www.lua.org/ftp/lua-${{package.version}}.tar.gz
- uses: patch
with:
- patches: lua-5.3-make.patch
-
- - uses: patch
- with:
- patches: lua-5.3-module_paths.patch
-
- - uses: patch
- with:
- patches: linenoise.patch
+ patches: |
+ linenoise.patch
+ module_paths.patch
+ make.patch
- runs: |
cat >configure.ac <<-EOF
top_builddir=.
+
AC_INIT(src/luaconf.h)
AC_PROG_LIBTOOL
AC_OUTPUT
@@ -48,43 +50,56 @@ pipeline:
autoconf
sed -i '/#define LUA_USE_READLINE/d' src/luaconf.h
- - runs: |
- ./configure --prefix=/usr
+ - uses: autoconf/configure
- runs: |
- make -C src V=5.3 \
- CFLAGS="$CFLAGS -DLUA_USE_LINUX -DLUA_COMPAT_5_2 -DLUA_USE_LINENOISE" \
+ mm=${{vars.luaMM}}
+ major=${mm%.*}
+ minor=${mm#*.}
+ if [ "$minor" = "0" ]; then
+ echo "not using LUA_COMPAT as minor=-"
+ else
+ lastminor=$((minor-1))
+ compat="-DLUA_COMPAT_${major}_${lastminor}"
+ # just be careful do not pass flags that are nonsense.
+ # https://gitlab.alpinelinux.org/alpine/aports/-/issues/13257
+ grep -q -- "$compat" src/Makefile ||
+ { echo "Did not find compat flag $compat in src/Makefile"; exit 1; }
+ echo "Building with compat for $major.$lastminor via $compat"
+ fi
+
+ make -C src V=${{vars.luaMM}} \
+ CFLAGS="$CFLAGS -DLUA_USE_LINUX -DLUA_USE_LINENOISE $compat" \
SYSLDFLAGS="$LDFLAGS" \
RPATH="/usr/lib" \
LIB_LIBS="-lpthread -lm -ldl -llinenoise" \
alpine_all
- runs: |
- make V=5.3 \
+ make V=${{vars.luaMM}} \
INSTALL_TOP="${{targets.destdir}}"/usr \
- INSTALL_INC="${{targets.destdir}}"/usr/include/lua5.3 \
- INSTALL_LIB="${{targets.destdir}}"/usr/lib/lua5.3 \
+ INSTALL_INC="${{targets.destdir}}"/usr/include/lua${{vars.luaMM}} \
+ INSTALL_LIB="${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}} \
alpine_install
-
- chmod 755 "${{targets.destdir}}"/usr/lib/lua5.3/*.so*
+ chmod 755 "${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}}/*.so*
- runs: |
for i in "${{targets.destdir}}"/usr/bin/* ; do
- mv "$i" "$i"5.3
+ mv "$i" "$i"${{vars.luaMM}}
done
-
- for i in "${{targets.destdir}}"/usr/lib/lua5.3/*.so.*; do
- ln -s lua5.3/${i##*/} "${{targets.destdir}}"/usr/lib/${i##*/}
+ for i in "${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}}/*.so.*; do
+ ln -s lua${{vars.luaMM}}/${i##*/} "${{targets.destdir}}"/usr/lib/${i##*/}
done
-
for i in lua luac; do
install -D -m 644 doc/$i.1 "${{targets.destdir}}"/usr/share/man/man1/"$i""$_luaver".1
done
+ rm ${{targets.destdir}}/usr/lib/lua${{vars.luaMM}}/liblua.la \
+
install -d "${{targets.destdir}}"/usr/lib/pkgconfig
- cat > "${{targets.destdir}}"/usr/lib/pkgconfig/lua5.3.pc <<-EOF
+ cat > "${{targets.destdir}}"/usr/lib/pkgconfig/lua${{vars.luaMM}}.pc <<-EOF
# lua.pc -- pkg-config data for Lua
- V=5.3
+ V=${{vars.luaMM}}
R=${{package.version}}
prefix=/usr
INSTALL_BIN=\${prefix}/bin
@@ -96,7 +111,6 @@ pipeline:
exec_prefix=\${prefix}
libdir=\${exec_prefix}/lib/${{package.name}}
includedir=\${exec_prefix}/include/${{package.name}}
-
Name: Lua
Description: An extensible extension language
Version: ${{package.version}}
@@ -108,19 +122,55 @@ pipeline:
- uses: strip
subpackages:
- - name: "lua5.3-doc"
- description: "lua documentation"
- pipeline:
- - uses: split/manpages
-
- - name: "lua5.3-dev"
- description: "lua development headers"
+ - name: lua${{vars.luaMM}}-dev
+ description: lua${{vars.luaMM}} dev
+ dependencies:
+ runtime:
+ - lua${{vars.luaMM}}
+ - lua${{vars.luaMM}}-libs
pipeline:
- uses: split/dev
test:
pipeline:
- uses: test/pkgconf
+ - name: lua${{vars.luaMM}}-libs
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/usr/lib
+ mv -v ${{targets.destdir}}/usr/lib/lib*.so.* \
+ ${{targets.contextdir}}/usr/lib/
+
+ mkdir -p ${{targets.contextdir}}/usr/lib/lua${{vars.luaMM}}
+ mv -v ${{targets.destdir}}/usr/lib/lua${{vars.luaMM}}/lib*.so.* \
+ ${{targets.contextdir}}/usr/lib/lua${{vars.luaMM}}/
+ test:
+ environment:
+ contents:
+ packages:
+ - apk-tools
+ pipeline:
+ - runs: |
+ set +x
+ mm=${{vars.luaMM}}
+ pkg="lua${mm}-libs"
+ soname="liblua-$mm.so.0"
+ pout=$(apk info --provides "$pkg" 2>/dev/null) ||
+ { echo "ERROR: 'apk info --provides $pkg' exited $?"; exit 1; }
+ if out=$(echo "$pout" | grep "so:$soname="); then
+ echo "PASS: $pkg provides $soname. [$out]"
+ else
+ echo "FAIL: $pkg did not provide so:$soname"
+ echo "$ apk info --provides $pkg"
+ echo "$pout"
+ exit 1
+ fi
+
+ - name: lua${{vars.luaMM}}-doc
+ description: lua${{vars.luaMM}} manpages
+ pipeline:
+ - uses: split/manpages
+
update:
enabled: true
release-monitor:
@@ -128,7 +178,15 @@ update:
test:
pipeline:
- # AUTOGENERATED
- runs: |
- lua5.3 -v
- luac5.3 -v
+ set +x
+ mm=${{vars.luaMM}}
+ fail() { echo "FAIL:" "$@" 1>&2; exit 1; }
+ v="${{package.version}}"
+ for p in lua luac ; do
+ prog="$p$mm" # lua5.X
+ out=$($prog -v) || fail "$prog -v - exited $?"
+ echo "$out" | grep -q -F "$v" ||
+ fail "output of '$prog -v' did not contain '$v'. output: $out"
+ echo "PASS: $prog -v output contained expected '$v': $out"
+ done
diff --git a/lua5.3/lua-5.3-make.patch b/lua5.3/make.patch
similarity index 100%
rename from lua5.3/lua-5.3-make.patch
rename to lua5.3/make.patch
diff --git a/lua5.3/lua-5.3-module_paths.patch b/lua5.3/module_paths.patch
similarity index 100%
rename from lua5.3/lua-5.3-module_paths.patch
rename to lua5.3/module_paths.patch
diff --git a/lua5.4.yaml b/lua5.4.yaml
index 975900bdb74..9c01b19dd5c 100644
--- a/lua5.4.yaml
+++ b/lua5.4.yaml
@@ -1,11 +1,17 @@
package:
name: lua5.4
version: 5.4.7
- epoch: 1
+ epoch: 2
description: Powerful light-weight programming language
copyright:
- license: MIT
+var-transforms:
+ - from: ${{package.version}}
+ match: (\d+\.\d+).\d
+ replace: "$1"
+ to: luaMM
+
environment:
contents:
packages:
@@ -26,19 +32,14 @@ pipeline:
- uses: patch
with:
- patches: lua-5.4-module_paths.patch
-
- - uses: patch
- with:
- patches: lua-5.4-make.patch
-
- - uses: patch
- with:
- patches: extern-c-for-cpp.patch
+ patches: |
+ module_paths.patch
+ make.patch
+ extern-c-for-cpp.patch
- runs: |
- cat > configure.ac <<-EOF
- top_buildir=.
+ cat >configure.ac <<-EOF
+ top_builddir=.
AC_INIT(src/luaconf.h)
AC_PROG_LIBTOOL
@@ -51,36 +52,53 @@ pipeline:
- uses: autoconf/configure
- runs: |
- make -C src V=5.4 \
- CFLAGS="$CFLAGS -DLUA_USE_LINUX -DLUA_COMPAT_5_2 -DLUA_USE_READLINE" \
+ mm=${{vars.luaMM}}
+ major=${mm%.*}
+ minor=${mm#*.}
+ if [ "$minor" = "0" ]; then
+ echo "not using LUA_COMPAT as minor=-"
+ else
+ lastminor=$((minor-1))
+ compat="-DLUA_COMPAT_${major}_${lastminor}"
+ # just be careful do not pass flags that are nonsense.
+ # https://gitlab.alpinelinux.org/alpine/aports/-/issues/13257
+ grep -q -- "$compat" src/Makefile ||
+ { echo "Did not find compat flag $compat in src/Makefile"; exit 1; }
+ echo "Building with compat for $major.$lastminor via $compat"
+ fi
+
+ make -C src V=${{vars.luaMM}} \
+ CFLAGS="$CFLAGS -DLUA_USE_LINUX -DLUA_USE_READLINE $compat" \
SYSLDFLAGS="$LDFLAGS" \
RPATH="/usr/lib" \
LIB_LIBS="-lpthread -lm -ldl -lreadline" \
alpine_all
- runs: |
- make V=5.3 \
+ make V=${{vars.luaMM}} \
INSTALL_TOP="${{targets.destdir}}"/usr \
- INSTALL_INC="${{targets.destdir}}"/usr/include/lua5.4 \
- INSTALL_LIB="${{targets.destdir}}"/usr/lib/lua5.4 \
+ INSTALL_INC="${{targets.destdir}}"/usr/include/lua${{vars.luaMM}} \
+ INSTALL_LIB="${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}} \
alpine_install
- chmod 755 "${{targets.destdir}}"/usr/lib/lua5.4/*.so*
+ chmod 755 "${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}}/*.so*
- runs: |
for i in "${{targets.destdir}}"/usr/bin/* ; do
- mv "$i" "$i"5.4
+ mv "$i" "$i"${{vars.luaMM}}
done
- for i in "${{targets.destdir}}"/usr/lib/lua5.4/*.so.*; do
- ln -s lua5.4/${i##*/} "${{targets.destdir}}"/usr/lib/${i##*/}
+ for i in "${{targets.destdir}}"/usr/lib/lua${{vars.luaMM}}/*.so.*; do
+ ln -s lua${{vars.luaMM}}/${i##*/} "${{targets.destdir}}"/usr/lib/${i##*/}
done
for i in lua luac; do
install -D -m 644 doc/$i.1 "${{targets.destdir}}"/usr/share/man/man1/"$i""$_luaver".1
done
+ rm ${{targets.destdir}}/usr/lib/lua${{vars.luaMM}}/liblua.la \
+
install -d "${{targets.destdir}}"/usr/lib/pkgconfig
- cat > "${{targets.destdir}}"/usr/lib/pkgconfig/lua5.4.pc <<-EOF
+ cat > "${{targets.destdir}}"/usr/lib/pkgconfig/lua${{vars.luaMM}}.pc <<-EOF
# lua.pc -- pkg-config data for Lua
- V=5.4
+ V=${{vars.luaMM}}
R=${{package.version}}
prefix=/usr
INSTALL_BIN=\${prefix}/bin
@@ -103,21 +121,54 @@ pipeline:
- uses: strip
subpackages:
- - name: lua5.4-dev
- pipeline:
- - uses: split/dev
+ - name: lua${{vars.luaMM}}-dev
+ description: lua${{vars.luaMM}} dev
dependencies:
runtime:
- - lua5.4
- description: lua5.4 dev
+ - lua${{vars.luaMM}}
+ - lua${{vars.luaMM}}-libs
+ pipeline:
+ - uses: split/dev
test:
pipeline:
- uses: test/pkgconf
- - name: lua5.4-doc
+ - name: lua${{vars.luaMM}}-libs
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/usr/lib
+ mv -v ${{targets.destdir}}/usr/lib/lib*.so.* \
+ ${{targets.contextdir}}/usr/lib/
+
+ mkdir -p ${{targets.contextdir}}/usr/lib/lua${{vars.luaMM}}
+ mv -v ${{targets.destdir}}/usr/lib/lua${{vars.luaMM}}/lib*.so.* \
+ ${{targets.contextdir}}/usr/lib/lua${{vars.luaMM}}/
+ test:
+ environment:
+ contents:
+ packages:
+ - apk-tools
+ pipeline:
+ - runs: |
+ set +x
+ mm=${{vars.luaMM}}
+ pkg="lua${mm}-libs"
+ soname="liblua-$mm.so.0"
+ pout=$(apk info --provides "$pkg" 2>/dev/null) ||
+ { echo "ERROR: 'apk info --provides $pkg' exited $?"; exit 1; }
+ if out=$(echo "$pout" | grep "so:$soname="); then
+ echo "PASS: $pkg provides $soname. [$out]"
+ else
+ echo "FAIL: $pkg did not provide so:$soname"
+ echo "$ apk info --provides $pkg"
+ echo "$pout"
+ exit 1
+ fi
+
+ - name: lua${{vars.luaMM}}-doc
+ description: lua${{vars.luaMM}} manpages
pipeline:
- uses: split/manpages
- description: lua5.4 manpages
update:
enabled: true
@@ -126,7 +177,15 @@ update:
test:
pipeline:
- # AUTOGENERATED
- runs: |
- lua5.4 -v
- luac5.4 -v
+ set +x
+ mm=${{vars.luaMM}}
+ fail() { echo "FAIL:" "$@" 1>&2; exit 1; }
+ v="${{package.version}}"
+ for p in lua luac ; do
+ prog="$p$mm" # lua5.X
+ out=$($prog -v) || fail "$prog -v - exited $?"
+ echo "$out" | grep -q -F "$v" ||
+ fail "output of '$prog -v' did not contain '$v'. output: $out"
+ echo "PASS: $prog -v output contained expected '$v': $out"
+ done
diff --git a/lua5.4/lua-5.4-make.patch b/lua5.4/make.patch
similarity index 100%
rename from lua5.4/lua-5.4-make.patch
rename to lua5.4/make.patch
diff --git a/lua5.4/lua-5.4-module_paths.patch b/lua5.4/module_paths.patch
similarity index 100%
rename from lua5.4/lua-5.4-module_paths.patch
rename to lua5.4/module_paths.patch
From d01e5631f2679295bf1798c550e0b53ecd837c00 Mon Sep 17 00:00:00 2001
From: dann frazier
Date: Fri, 22 Nov 2024 21:31:40 +0000
Subject: [PATCH 042/110] pip-build-install pipeline: Introduce "source" input
variable
Python modules may be provided in subdirectories of the upstream
source.
Signed-off-by: dann frazier
---
pipelines/py/pip-build-install.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/pipelines/py/pip-build-install.yaml b/pipelines/py/pip-build-install.yaml
index 8cfa9d5a513..793b93ecb27 100644
--- a/pipelines/py/pip-build-install.yaml
+++ b/pipelines/py/pip-build-install.yaml
@@ -7,6 +7,9 @@ inputs:
dest:
description: the destination
default: ${{targets.contextdir}}
+ source:
+ description: directory containing the python package source
+ default: .
needs-exe-named-python3:
description: Does the build actually need 'python3' in its PATH
default: false
@@ -107,7 +110,7 @@ pipeline:
mkdir -p "$distwheelsd"
echo "$py is $pyver with site_packages dir '$sitepkgd'"
vr $py -m pip wheel --verbose "--wheel-dir=$wd" \
- "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps .
+ "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps "${{inputs.source}}"
vr $py -m pip install --verbose \
"--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps \
--force-reinstall --no-compile --prefix=/usr "--root=$root" "$wd"/*.whl
From b5298adf1d3c676135c311e101bbd4b433fc6e3c Mon Sep 17 00:00:00 2001
From: dann frazier
Date: Fri, 22 Nov 2024 15:25:00 -0700
Subject: [PATCH 043/110] py3-grpcio-gcp: Build from github repository using
py/pip-build-install
Building from the tarball results in an unusable package because
the included grpc_gcp_pb2.py is generated from an old protobuf.
The tarball includes the .proto file we need to generate a new
one.
Signed-off-by: dann frazier
---
py3-grpcio-gcp.yaml | 24 ++++++++++++++++++------
1 file changed, 18 insertions(+), 6 deletions(-)
diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml
index 2976033acc8..ad94349ae99 100644
--- a/py3-grpcio-gcp.yaml
+++ b/py3-grpcio-gcp.yaml
@@ -17,22 +17,34 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
+ - py3-build-base
+ - py3-grpcio-tools
- py3-setuptools
- python-3
- wolfi-base
pipeline:
- - uses: fetch
+ - uses: git-checkout
with:
- expected-sha256: e292605effc7da39b7a8734c719afb12ec4b5362add3528d8afad3aa3aa9057c
- uri: https://files.pythonhosted.org/packages/source/g/grpcio-gcp/grpcio-gcp-${{package.version}}.tar.gz
+ repository: https://github.com/GoogleCloudPlatform/grpc-gcp-python
+ tag: v${{package.version}}
+ expected-commit: 8ef890243664ebd95ae0225cdf87e7442b570f9e
+
+ - runs: |
+ cd src
+ # From src/setup.sh
+ cp -f ../template/version.py version.py
+ python3 -m grpc_tools.protoc -I. --python_out=grpc_gcp/proto grpc_gcp.proto
- name: Python Build
- uses: python/build-wheel
+ uses: py/pip-build-install
+ with:
+ source: ./src
- uses: strip
update:
enabled: true
- release-monitor:
- identifier: 100779
+ github:
+ identifier: GoogleCloudPlatform/grpc-gcp-python
+ strip-prefix: v
From be8c0d30db79dcd5ef76a305336f1a0b63106314 Mon Sep 17 00:00:00 2001
From: dann frazier
Date: Fri, 22 Nov 2024 15:32:42 -0700
Subject: [PATCH 044/110] py3-grpcio-gcp: Add python multiversion support
Signed-off-by: dann frazier
---
py3-grpcio-gcp.yaml | 74 ++++++++++++++++++++++++++++++++++-----------
1 file changed, 57 insertions(+), 17 deletions(-)
diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml
index ad94349ae99..7f1056d9602 100644
--- a/py3-grpcio-gcp.yaml
+++ b/py3-grpcio-gcp.yaml
@@ -1,27 +1,31 @@
-# Generated from https://pypi.org/project/grpcio-gcp/
package:
name: py3-grpcio-gcp
version: 0.2.2
- epoch: 2
+ epoch: 3
description: gRPC extensions for Google Cloud Platform
copyright:
- license: Apache-2.0
dependencies:
- runtime:
- - py3-grpcio
- - python-3
+ provider-priority: 0
+
+vars:
+ pypi-package: grpcio-gcp
+ import: grpc_gcp
+
+data:
+ - name: py-versions
+ items:
+ 3.10: '310'
+ 3.11: '311'
+ 3.12: '312'
+ 3.13: '300'
environment:
contents:
packages:
- - build-base
- - busybox
- - ca-certificates-bundle
- - py3-build-base
- py3-grpcio-tools
- - py3-setuptools
- - python-3
- - wolfi-base
+ - py3-supported-build-base
+ - py3-supported-setuptools
pipeline:
- uses: git-checkout
@@ -36,13 +40,49 @@ pipeline:
cp -f ../template/version.py version.py
python3 -m grpc_tools.protoc -I. --python_out=grpc_gcp/proto grpc_gcp.proto
- - name: Python Build
- uses: py/pip-build-install
- with:
- source: ./src
-
- uses: strip
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ runtime:
+ - py${{range.key}}-grpcio
+ - py${{range.key}}-protobuf
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ source: ./src
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
+
+ - name: py3-supported-${{vars.pypi-package}}
+ description: meta package providing ${{vars.pypi-package}} for supported python versions.
+ dependencies:
+ runtime:
+ - py3.10-${{vars.pypi-package}}
+ - py3.11-${{vars.pypi-package}}
+ - py3.12-${{vars.pypi-package}}
+ - py3.13-${{vars.pypi-package}}
+
+test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ import ${{vars.import}}
+
update:
enabled: true
github:
From d05511dcd46d66d19b41ec9a86fca55f4724386f Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:04:11 +0000
Subject: [PATCH 045/110] cert-manager-istio-csr/0.13.0 package update (#35149)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
cert-manager-istio-csr.yaml | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/cert-manager-istio-csr.yaml b/cert-manager-istio-csr.yaml
index 9a27a82252f..685dce72221 100644
--- a/cert-manager-istio-csr.yaml
+++ b/cert-manager-istio-csr.yaml
@@ -1,7 +1,7 @@
package:
name: cert-manager-istio-csr
- version: 0.12.0
- epoch: 1
+ version: 0.13.0
+ epoch: 0
description: istio-csr is an agent that allows for Istio workload and control plane components to be secured using cert-manager.
copyright:
- license: Apache-2.0
@@ -9,14 +9,10 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 13f57d622f9a01f8ac2f5739049b1691c30bef04
+ expected-commit: 6418780c2e2101f0786a9272f60f388ec178cf8d
repository: https://github.com/cert-manager/istio-csr/
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: github.com/cert-manager/cert-manager@v1.15.4
-
- uses: go/build
with:
ldflags: -X github.com/cert-manager/istio-csr//internal/version.AppVersion=${{package.version}} -X github.com/cert-manager/istio-csr/internal/version.GitCommit=$(git rev-parse HEAD)
From 12a40637b8666b749f0af8585eaa4c9c49860041 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:04:25 +0000
Subject: [PATCH 046/110] mountpoint-s3/1.12.0 package update (#35143)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
mountpoint-s3.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/mountpoint-s3.yaml b/mountpoint-s3.yaml
index 68322664f10..fcdb0502c92 100644
--- a/mountpoint-s3.yaml
+++ b/mountpoint-s3.yaml
@@ -1,6 +1,6 @@
package:
name: mountpoint-s3
- version: 1.11.0
+ version: 1.12.0
epoch: 0
description: A simple, high-throughput file client for mounting an Amazon S3 bucket as a local file system.
copyright:
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/awslabs/mountpoint-s3
tag: v${{package.version}}
- expected-commit: 848434133368799358f46695ad50e1f5c3b261b7
+ expected-commit: c66546af1b31b1908d74ecd82c403142ef728aa2
recurse-submodules: true
- name: Configure and Build
From 5811bb706426286aaa1dfe086daff5740dee15cd Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 16:04:46 +0000
Subject: [PATCH 047/110] rqlite/8.34.2 package update (#35148)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rqlite.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rqlite.yaml b/rqlite.yaml
index 5554f7daa98..f62758f9c54 100644
--- a/rqlite.yaml
+++ b/rqlite.yaml
@@ -1,6 +1,6 @@
package:
name: rqlite
- version: 8.34.1
+ version: 8.34.2
epoch: 0
description: The lightweight, distributed relational database built on SQLite
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/rqlite/rqlite
tag: v${{package.version}}
- expected-commit: 8cea072605b6accbfc1607553011d33ef7bb6f87
+ expected-commit: 2fd4158ec100c464ae8b02562eb440e5720a359d
- runs: |
# docker-entrypoint.sh: update hardcoded docker entrypoint
From 366f41a3255a8e5f6b56cc30b5ab208f1e61eb75 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Mon, 25 Nov 2024 08:12:47 -0800
Subject: [PATCH 048/110] Add the pkgconf test pipeline to subversion (#35035)
---
subversion.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/subversion.yaml b/subversion.yaml
index 5855e8c7b4c..a912f00c0f8 100644
--- a/subversion.yaml
+++ b/subversion.yaml
@@ -1,7 +1,7 @@
package:
name: subversion
version: 1.14.4
- epoch: 2
+ epoch: 3
description: Replacement for CVS, another versioning system (svn)
copyright:
- license: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND HPND-Markus-Kuhn AND MIT AND Unicode-DFS-2015 AND FSFAP
@@ -49,6 +49,9 @@ subpackages:
runtime:
- subversion-libs
description: subversion development files
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: subversion-doc
pipeline:
From 9738dfe64e13f4a99ddbf301ff1a1e05427c28a3 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:27:49 -0500
Subject: [PATCH 049/110] neuvector-manager/5.4.1 package update (#34379)
---------
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: Hunter Harris
---
neuvector-manager.yaml | 16 ++++++++--------
1 file changed, 8 insertions(+), 8 deletions(-)
diff --git a/neuvector-manager.yaml b/neuvector-manager.yaml
index b89d9bb58c9..9952a1bcf66 100644
--- a/neuvector-manager.yaml
+++ b/neuvector-manager.yaml
@@ -1,6 +1,6 @@
package:
name: neuvector-manager
- version: 5.4.0
+ version: 5.4.1
epoch: 0
description: NeuVector Security Center Admin Console.
copyright:
@@ -11,7 +11,7 @@ package:
- ca-certificates
- iproute2
- neuvector-manager-cli
- - openjdk-11-default-jvm
+ - openjdk-17-default-jvm
- procps
environment:
@@ -21,10 +21,10 @@ environment:
packages:
- build-base
- busybox
- - nodejs
+ - nodejs-22 # Lock to (current) latest LTS as recommended during build process.
- npm
- - openjdk-11
- - openjdk-11-default-jvm
+ - openjdk-17
+ - openjdk-17-default-jvm
- py3-pip
- python3
- sbt
@@ -34,7 +34,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3e1b728efd32feb7f575877866ee5be506e5b047
+ expected-commit: 0a304f70bc56c0dc111d451e804d0950047854c1
repository: https://github.com/neuvector/manager
tag: v${{package.version}}
@@ -51,11 +51,11 @@ pipeline:
# Build and compress JAR
sbt admin/assembly
- zip -d admin/target/scala-2.11/admin-assembly-1.0.jar rest-management-private-classpath\*
+ zip -d admin/target/scala-3.3.4/admin-assembly-1.0.jar rest-management-private-classpath\*
# Unfortunately, a lot of things are hardcoded to /usr/local/...
mkdir -p ${{targets.contextdir}}/usr/local/bin
- install -Dm755 admin/target/scala-2.11/admin-assembly-1.0.jar ${{targets.contextdir}}/usr/local/bin/
+ install -Dm755 admin/target/scala-3.3.4/admin-assembly-1.0.jar ${{targets.contextdir}}/usr/local/bin/
install -Dm755 scripts/* ${{targets.contextdir}}/usr/local/bin/
- uses: strip
From 698ba3424180988480046da7068d8a25ce71b927 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 11:29:19 -0500
Subject: [PATCH 050/110] py3-psycopg2/2.9.10 package update (#34671)
---------
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: Hunter Harris
---
py3-psycopg2.yaml | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/py3-psycopg2.yaml b/py3-psycopg2.yaml
index 2b144055a27..94f01623b6c 100644
--- a/py3-psycopg2.yaml
+++ b/py3-psycopg2.yaml
@@ -1,7 +1,7 @@
package:
name: py3-psycopg2
- version: 2.9.9
- epoch: 2
+ version: 2.9.10
+ epoch: 0
description: psycopg2 - Python-PostgreSQL Database Adapter
copyright:
- license: LGPL-3.0-or-later
@@ -31,9 +31,7 @@ pipeline:
with:
repository: https://github.com/psycopg/psycopg2
tag: ${{package.version}}
- expected-commit: ad5bee7054519d87f25bc5828c502b2ebe197049
- cherry-picks: |
- master/829a7a2be93f5d0fb1edbc0feb104181f208efc6: Fix FTBFS with 3.13
+ expected-commit: a805acf59f402f554e95624b5e27518169ca7715
subpackages:
- range: py-versions
From 338cfe91e877e5959e2e62b9ae795faaadcefec2 Mon Sep 17 00:00:00 2001
From: Jamon Camisso
Date: Mon, 25 Nov 2024 11:46:58 -0500
Subject: [PATCH 051/110] Use variable transform for fluent-bit-watcher
subpackage version (#35147)
Related: #35145
---------
Signed-off-by: Jamon Camisso
---
fluent-operator.yaml | 14 ++++++++++++--
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/fluent-operator.yaml b/fluent-operator.yaml
index b2300e0321f..ea8ec06a511 100644
--- a/fluent-operator.yaml
+++ b/fluent-operator.yaml
@@ -1,7 +1,7 @@
package:
name: fluent-operator
version: 3.2.0
- epoch: 2
+ epoch: 3
description: Operate Fluent Bit and Fluentd in the Kubernetes way - Previously known as FluentBit Operator
copyright:
- license: Apache-2.0
@@ -11,6 +11,16 @@ environment:
packages:
- go
+var-transforms:
+ - from: ${{package.version}}
+ match: ^(\d)\.(\d)\.(\d)$
+ replace: $1
+ to: fluent-major-version
+ - from: ${{package.version}}
+ match: ^(\d)\.(\d)\.(\d)$
+ replace: $2
+ to: fluent-minor-version
+
pipeline:
- uses: git-checkout
with:
@@ -70,7 +80,7 @@ subpackages:
# When this test fails, that likely means fluent-bit rolled forward to
# a new version stream anad must be updated in the "replaces" block
# below
- - fluent-bit-3.2
+ - fluent-bit-${{vars.fluent-major-version}}.${{vars.fluent-minor-version}}
pipeline:
- runs: |
mkdir -p "${{targets.contextdir}}"/fluent-bit/etc
From 9dbeda5523fd50d318af79491592afd34ecd0d07 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Mon, 25 Nov 2024 09:00:45 -0800
Subject: [PATCH 052/110] Add the pkgconf test pipeline to highway (#34934)
Fixes https://github.com/wolfi-dev/os/issues/34202
---
highway.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/highway.yaml b/highway.yaml
index 0aaefa8f47f..55b34cb7939 100644
--- a/highway.yaml
+++ b/highway.yaml
@@ -1,7 +1,7 @@
package:
name: highway
version: 1.2.0
- epoch: 1
+ epoch: 2
description: Performance-portable, length-agnostic SIMD with runtime dispatch
copyright:
- license: Apache-2.0
@@ -60,6 +60,9 @@ subpackages:
pipeline:
- uses: split/dev
description: highway dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
update:
enabled: true
From 8bfd2500d7bd8829511fb0da2ac1a05a0897e903 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Mon, 25 Nov 2024 09:00:59 -0800
Subject: [PATCH 053/110] Add the pkgconf test pipeline to graphene (#34935)
Fixes https://github.com/wolfi-dev/os/issues/34013
---
graphene.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/graphene.yaml b/graphene.yaml
index 7cead64590d..816f1c83bff 100644
--- a/graphene.yaml
+++ b/graphene.yaml
@@ -2,7 +2,7 @@
package:
name: graphene
version: 1.10.8
- epoch: 2
+ epoch: 3
description: A thin layer of graphic data types
copyright:
- license: MIT
@@ -44,6 +44,9 @@ subpackages:
runtime:
- graphene
description: graphene dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
update:
enabled: true
From e328f28fda15169cb5fb55725ad0e1f104dc98eb Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Mon, 25 Nov 2024 09:01:24 -0800
Subject: [PATCH 054/110] Add the pkgconf test pipeline to multipath-tools
(#35004)
Fixes https://github.com/wolfi-dev/os/issues/34359
---
multipath-tools.yaml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/multipath-tools.yaml b/multipath-tools.yaml
index 23ea32a6a93..516cb6afec6 100644
--- a/multipath-tools.yaml
+++ b/multipath-tools.yaml
@@ -1,7 +1,7 @@
package:
name: multipath-tools
version: 0.10.0
- epoch: 2
+ epoch: 3
description: Device Mapper Multipathing Driver
copyright:
- license: LGPL-2.0-only
@@ -64,3 +64,4 @@ test:
multipath -h
mpathpersist -h
[ -x /usr/sbin/kpartx ]
+ - uses: test/pkgconf
From 22cfb2f393da8adf91e1805aa2074f769583b853 Mon Sep 17 00:00:00 2001
From: Andres Rodriguez
Date: Mon, 25 Nov 2024 12:08:42 -0500
Subject: [PATCH 055/110] apache2: Move conf to /etc/apache2/ instead of /etc
(#34554)
apache2: move conf to /etc/apache2 instead of /etc
---------
Co-authored-by: Scott Moser
---
apache2.yaml | 38 ++++++++++++++++++++------------------
1 file changed, 20 insertions(+), 18 deletions(-)
diff --git a/apache2.yaml b/apache2.yaml
index c2f8da54928..5ae2384b71a 100644
--- a/apache2.yaml
+++ b/apache2.yaml
@@ -1,13 +1,14 @@
package:
name: apache2
version: 2.4.62
- epoch: 4
+ epoch: 5
description: "Apache HTTP Server"
copyright:
- license: Apache-2.0
dependencies:
runtime:
- libgcc
+ - lua5.4
environment:
contents:
@@ -45,6 +46,7 @@ pipeline:
opts: |
--prefix=/ \
--enable-layout=Debian \
+ --sysconfdir=/etc/apache2 \
--enable-so \
--enable-suexec \
--with-suexec-caller=www-data \
@@ -152,15 +154,15 @@ subpackages:
mkdir -p "${{targets.subpkgdir}}"/usr/local/apache2/logs
# Install necessary config files
- mkdir -p "${{targets.subpkgdir}}"/etc/
- cp "${{targets.destdir}}"/etc/original/httpd.conf "${{targets.subpkgdir}}"/etc/
- cp -r "${{targets.destdir}}"/etc/original/extra/ "${{targets.subpkgdir}}"/etc/
+ mkdir -p "${{targets.subpkgdir}}"/etc/apache2
+ cp "${{targets.destdir}}"/etc/apache2/original/httpd.conf "${{targets.subpkgdir}}"/etc/apache2
+ cp -r "${{targets.destdir}}"/etc/apache2/original/extra/ "${{targets.subpkgdir}}"/etc/apache2
# Create symlinks
- ln -s /etc/httpd.conf "${{targets.subpkgdir}}"/usr/local/apache2/conf/
- ln -s /etc/extra "${{targets.subpkgdir}}"/usr/local/apache2/conf/
- ln -s /etc/mime.types "${{targets.subpkgdir}}"/usr/local/apache2/conf/
- ln -s /etc/magic "${{targets.subpkgdir}}"/usr/local/apache2/conf/
+ ln -s /etc/apache2/httpd.conf "${{targets.subpkgdir}}"/usr/local/apache2/conf/
+ ln -s /etc/apache2/extra "${{targets.subpkgdir}}"/usr/local/apache2/conf/
+ ln -s /etc/apache2/mime.types "${{targets.subpkgdir}}"/usr/local/apache2/conf/
+ ln -s /etc/apache2/magic "${{targets.subpkgdir}}"/usr/local/apache2/conf/
ln -s /usr/lib/apache2/modules/ "${{targets.subpkgdir}}"/usr/local/apache2/
ln -s /usr/share/apache2/default-site/htdocs "${{targets.subpkgdir}}"/usr/local/apache2/
ln -s /usr/lib/cgi-bin/ "${{targets.subpkgdir}}"/usr/local/apache2/
@@ -169,39 +171,39 @@ subpackages:
sed -ri \
-e 's!^(\s*User)\s+daemon\s*$!\1 www-data!g' \
-e 's!^(\s*Group)\s+daemon\s*$!\1 www-data!g' \
- "${{targets.subpkgdir}}"/etc/httpd.conf
+ "${{targets.subpkgdir}}"/etc/apache2/httpd.conf
# Modify CustomLog/ErrorLog and verify changes are applied
sed -ri \
-e 's!^(\s*CustomLog)\s+\S+!\1 /proc/self/fd/1!g' \
-e 's!^(\s*ErrorLog)\s+\S+!\1 /proc/self/fd/2!g' \
-e 's!^(\s*TransferLog)\s+\S+!\1 /proc/self/fd/1!g' \
- "${{targets.subpkgdir}}"/etc/httpd.conf \
- "${{targets.subpkgdir}}"/etc/extra/httpd-ssl.conf;
+ "${{targets.subpkgdir}}"/etc/apache2/httpd.conf \
+ "${{targets.subpkgdir}}"/etc/apache2/extra/httpd-ssl.conf;
# Modify module config to match upstream docker
sed -ri \
-e '/LoadModule mpm_prefork_module/s/^/#/g' \
-e '/LoadModule mpm_event_module/s/^#//g' \
- "${{targets.subpkgdir}}"/etc/httpd.conf
+ "${{targets.subpkgdir}}"/etc/apache2/httpd.conf
### Modify other paths to match upstream default config
sed -ri \
-e 's!^(\s*ServerRoot)\s+\S+!\1 "/usr/local/apache2"!g' \
-e 's|usr/lib/apache2/modules|modules|g' \
- -e 's|etc/mime.types|conf/mime.types|g' \
+ -e 's|etc/apache2/mime.types|conf/mime.types|g' \
-e 's|usr/share/apache2/default-site/htdocs|usr/local/apache2/htdocs|g' \
-e 's|usr/lib/cgi-bin|usr/local/apache2/cgi-bin|g' \
- -e 's|etc/extra|conf/extra|g' \
- -e 's|etc/magic|conf/magic|g' \
- "${{targets.subpkgdir}}"/etc/httpd.conf \
- "${{targets.subpkgdir}}"/etc/extra/httpd-ssl.conf;
+ -e 's|etc/apache2/extra|conf/extra|g' \
+ -e 's|etc/apache2/magic|conf/magic|g' \
+ "${{targets.subpkgdir}}"/etc/apache2/httpd.conf \
+ "${{targets.subpkgdir}}"/etc/apache2/extra/httpd-ssl.conf;
### Modify other paths
sed -ri \
-e 's|etc/|usr/local/apache2/conf/|g' \
-e 's|/var/run/apache2/|usr/local/apache2/logs/|g' \
- "${{targets.subpkgdir}}"/etc/extra/httpd-ssl.conf;
+ "${{targets.subpkgdir}}"/etc/apache2/extra/httpd-ssl.conf;
test:
environment:
contents:
From d006d141866dedca74e4d579460caa34b1351fb3 Mon Sep 17 00:00:00 2001
From: Scott Moser
Date: Mon, 25 Nov 2024 12:25:03 -0500
Subject: [PATCH 056/110] rrdtool - do include lua5.4 libs, withdraw
rrdtool-1.8.0-r0, other cleanups (#34944)
The thing that brought me here was that rrdtool was not co-installable
with lua5.4, which didn't make any sense. It was actually copying the
installed lua5.4 libraries to the target (not building them).
The fixes here are then:
a. do not include lua5.4 itself
b. build the rrd lua module and include it
c. move things to the -doc package
d. separate out python bindings into py3.12-rrdtool e. add more tests
---------
Signed-off-by: Scott Moser
---
rrdtool.yaml | 56 ++++++++++++++++++++++++++++++++++++------
withdrawn-packages.txt | 13 +++++++---
2 files changed, 57 insertions(+), 12 deletions(-)
diff --git a/rrdtool.yaml b/rrdtool.yaml
index a75b27be6a5..d1b47c2c706 100644
--- a/rrdtool.yaml
+++ b/rrdtool.yaml
@@ -1,11 +1,15 @@
package:
name: rrdtool
version: 1.9.0
- epoch: 1
+ epoch: 2
description: Data logging and graphing application
copyright:
- license: GPL-2.0-or-later
+vars:
+ lua-version: 5.4
+ py-version: 3.13
+
environment:
contents:
packages:
@@ -30,8 +34,7 @@ environment:
- libtool
- libxft-dev
- libxml2-dev
- - lua5.4
- - lua5.4-dev
+ - lua${{vars.lua-version}}-dev
- openssf-compiler-options
- pango
- pango-dev
@@ -40,8 +43,9 @@ environment:
- perl-xml-parser
- pkgconf-dev
- posix-libc-utils
- - py3.12-setuptools
- - python3-dev
+ - py${{vars.py-version}}-setuptools
+ - python-${{vars.py-version}}-base-dev
+ - readline-dev
- zlib-dev
pipeline:
@@ -52,7 +56,10 @@ pipeline:
tag: v${{package.version}}
- runs: |
- export CPPFLAGS="-I/usr/include/pango-1.0/pango"
+ ln -sf lua${{vars.lua-version}} /usr/bin/lua
+ ln -sf lua5.4/liblua.so /usr/lib/liblua.so
+ ln -sf python${{vars.py-version}} /usr/bin/python3
+ ln -sf python${{vars.py-version}} /usr/bin/python
- uses: autoconf/configure
with:
@@ -72,6 +79,9 @@ pipeline:
find "${{targets.destdir}}" -name '.packlist' -delete
find "${{targets.destdir}}" -name 'perllocal.pod' -delete
+ - name: give owner write so strip can run as non-root
+ runs: chmod -R u+w ${{targets.destdir}}/usr/lib
+
- uses: strip
subpackages:
@@ -90,7 +100,12 @@ subpackages:
- name: rrdtool-doc
pipeline:
- uses: split/manpages
- description: rrdtool manpages
+ - runs: |
+ ushr=${{targets.subpkgdir}}/usr/share
+ mkdir -p "$ushr/doc" "$ushr/rrdtool"
+ mv ${{targets.destdir}}/usr/share/doc/rrdtool-${{package.version}} "$ushr/doc"
+ mv ${{targets.destdir}}/usr/share/rrdtool/examples "$ushr/rrdtool"
+ description: rrdtool manpages and docs
- name: perl-rrd
pipeline:
@@ -105,9 +120,21 @@ subpackages:
pipeline:
- runs: |
mkdir -p "${{targets.subpkgdir}}"/usr/lib/
- mv /usr/lib/lua* "${{targets.subpkgdir}}"/usr/lib/
+ mv ${{targets.destdir}}/usr/lib/lua* "${{targets.subpkgdir}}"/usr/lib/
description: Lua interface for rrdtool
+ - name: py${{vars.py-version}}-rrdtool
+ pipeline:
+ - runs: |
+ mkdir -p "${{targets.subpkgdir}}"/usr/lib/
+ mv ${{targets.destdir}}/usr/lib/python* "${{targets.subpkgdir}}/usr/lib"
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ import rrdtool
+
- name: rrdtool-cached
pipeline:
- runs: |
@@ -148,6 +175,19 @@ subpackages:
"${{targets.destdir}}"/usr/bin/rrdupdate \
"${{targets.subpkgdir}}"/usr/bin
description: RRDtool standalone create,update,info utilities
+ test:
+ pipeline:
+ - runs: |
+ set +x
+ fail() { echo "FAIL:" "$@" 1>&2; exit 1; }
+ for p in rrdinfo rrdcreate rrdupdate; do
+ # actually expect exit value 1, there is no -h or -v
+ out=$($p) && rc=$? || rc=$?
+ [ $rc -eq 0 -o $rc -eq 1 ] || fail "$p exited unexpected value $rc"
+ echo "$out" | grep -q "Usage: $p" ||
+ fail "$p output did not contain 'Usage: $p'. output: $output"
+ echo "PASS: $p output contained 'Usage: $p'"
+ done
update:
enabled: true
diff --git a/withdrawn-packages.txt b/withdrawn-packages.txt
index 2f8b7f7db20..c7cd6e134c5 100644
--- a/withdrawn-packages.txt
+++ b/withdrawn-packages.txt
@@ -1,4 +1,9 @@
-istio-install-cni-1.22-1.23.0-r0.apk
-istio-install-cni-1.22-compat-1.23.0-r0.apk
-istio-install-cni-1.22-1.23.0-r1.apk
-istio-install-cni-1.22-compat-1.23.0-r1.apk
+lua-rrd-1.8.0-r0.apk
+perl-rrd-1.8.0-r0.apk
+rrdtool-1.8.0-r0.apk
+rrdtool-cached-1.8.0-r0.apk
+rrdtool-cached-openrc-1.8.0-r0.apk
+rrdtool-cgi-1.8.0-r0.apk
+rrdtool-dev-1.8.0-r0.apk
+rrdtool-doc-1.8.0-r0.apk
+rrdtool-utils-1.8.0-r0.apk
From fa1561543b98939a26a34ff143c009620ea9e1c4 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 12:53:08 -0500
Subject: [PATCH 057/110] py3-awscrt/0.23.2 package update (#34747)
---------
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: Hunter Harris
---
py3-awscrt.yaml | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/py3-awscrt.yaml b/py3-awscrt.yaml
index b058f8d1e03..aa00c167664 100644
--- a/py3-awscrt.yaml
+++ b/py3-awscrt.yaml
@@ -1,6 +1,6 @@
package:
name: py3-awscrt
- version: 0.23.1
+ version: 0.23.2
epoch: 0
description: Python bindings for the AWS Common Runtime
copyright:
@@ -38,9 +38,16 @@ pipeline:
with:
repository: https://github.com/awslabs/aws-crt-python
tag: v${{package.version}}
- expected-commit: e85656611c0172aea7fc990aa16fdf3bdbcc1218
+ expected-commit: 7e52d8a156d44e13afb571b674893441fc94541e
recurse-submodules: true
+ - runs: |
+ # Update s2n to solve compilation error "implicit declaration of function 's2n_cleanup_final'; did you mean 's2n_cleanup_thread'?"
+ # Fix is available in s2n version 1.5.7 https://github.com/awslabs/aws-c-io/issues/688
+ # Bumping to that commit; this should be removable once aws-crt-python bumps the submodule version too.
+ cd crt/s2n
+ git checkout 9f4baecc753d6fe01c13e4f422d2e327c64d06b8
+
- runs: |
# Allow linking to shared libraries
sed -i.dist '/:lib/d' setup.py
From 82f7fe526911f2358c878428ba7cfc97b8b976fe Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 18:04:21 +0000
Subject: [PATCH 058/110] fluent-plugin-detect-exceptions/0.0.16 package update
(#35151)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
fluent-plugin-detect-exceptions.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/fluent-plugin-detect-exceptions.yaml b/fluent-plugin-detect-exceptions.yaml
index 436470da357..36ab60bbc12 100644
--- a/fluent-plugin-detect-exceptions.yaml
+++ b/fluent-plugin-detect-exceptions.yaml
@@ -1,7 +1,7 @@
package:
name: fluent-plugin-detect-exceptions
- version: 0.0.15
- epoch: 4
+ version: 0.0.16
+ epoch: 0
description: Fluentd output plugin which detects exception stack traces in a stream of JSON log messages and combines all single-line messages that belong to the same stack trace into one multi-line message. This is an official Google Ruby gem.
copyright:
- license: Apache-2.0
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: fcaeb43ed5248df533d270ceae60c94c6f2e6174
+ expected-commit: 09e07e7fe431017a3a3491c544ab994bc86d0676
repository: https://github.com/GoogleCloudPlatform/fluent-plugin-detect-exceptions
tag: ${{package.version}}
From e45942674e055d83ef4f5fc7fac3d8bd2dc8dd48 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 13:07:07 -0500
Subject: [PATCH 059/110] falco-libs/0.19.0 package update (#35152)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
falco-libs.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/falco-libs.yaml b/falco-libs.yaml
index 0ec45ddf443..6a3e16ed5b8 100644
--- a/falco-libs.yaml
+++ b/falco-libs.yaml
@@ -1,6 +1,6 @@
package:
name: falco-libs
- version: 0.18.2
+ version: 0.19.0
epoch: 0
description: Foundational components necessary to build Falco
copyright:
@@ -55,7 +55,7 @@ pipeline:
with:
repository: https://github.com/falcosecurity/libs
tag: ${{package.version}}
- expected-commit: a414ad33a20e4adc3d0afd11a2a82a0a73525a3a
+ expected-commit: 55ff79f8823e4c72399d9a3b7a80c9357b36bfcc
data:
- name: libs
From 281633dcc1c42546c070bad8cb6647e16acd10ac Mon Sep 17 00:00:00 2001
From: Dimitri John Ledkov <19779+xnox@users.noreply.github.com>
Date: Mon, 25 Nov 2024 19:09:28 +0000
Subject: [PATCH 060/110] rustls-ffi: enable cargo auditable capi (#35158)
cargo-audtiable in latest upstream release fixed ability to have
auditable capi builds. Start using these.
---
rustls-ffi.yaml | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/rustls-ffi.yaml b/rustls-ffi.yaml
index eafe84adca1..b409373a200 100644
--- a/rustls-ffi.yaml
+++ b/rustls-ffi.yaml
@@ -1,7 +1,7 @@
package:
name: rustls-ffi
version: 0.14.1
- epoch: 0
+ epoch: 1
description: "C-to-rustls bindings"
copyright:
- license: MIT
@@ -13,6 +13,7 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
+ - cargo-auditable
- cargo-c
- openssf-compiler-options
- rust
@@ -26,8 +27,8 @@ pipeline:
expected-commit: 2014e6154074ba66c0023a683b27fdae93fbeabb
- runs: |
- cargo capi build --release
- cargo capi install --prefix=/usr --destdir "${{targets.contextdir}}"
+ cargo auditable capi build --release
+ cargo auditable capi install --prefix=/usr --destdir "${{targets.contextdir}}"
- uses: strip
@@ -40,6 +41,15 @@ subpackages:
runtime:
- ${{package.name}}
+test:
+ environment:
+ contents:
+ packages:
+ - rust-audit-info
+ pipeline:
+ - runs: |
+ rust-audit-info /usr/lib/librustls.so.0.*
+
update:
enabled: true
github:
From ec49b48c2bd450411f0673d186d0fc63d9de9b10 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:13:05 -0500
Subject: [PATCH 061/110] ruby3.3-logstash-core/8.16.1 package update (#34962)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.3-logstash-core.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.3-logstash-core.yaml b/ruby3.3-logstash-core.yaml
index 222a0f125c0..c62a370d1b8 100644
--- a/ruby3.3-logstash-core.yaml
+++ b/ruby3.3-logstash-core.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.3-logstash-core
- version: 8.16.0
+ version: 8.16.1
epoch: 0
description: The core components of logstash, the scalable log and event management tool
copyright:
@@ -45,7 +45,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
+ expected-commit: a769327be81a655ed66a0539cee42380de220c27
- working-directory: logstash-core
pipeline:
From 6be202a7e1c3778e50db253eb3c7c29d32105eb0 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:13:22 -0500
Subject: [PATCH 062/110] ruby3.3-logstash-core-plugin-api/8.16.1 package
update (#34961)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.3-logstash-core-plugin-api.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.3-logstash-core-plugin-api.yaml b/ruby3.3-logstash-core-plugin-api.yaml
index 5f32e8c6976..02f798f59ac 100644
--- a/ruby3.3-logstash-core-plugin-api.yaml
+++ b/ruby3.3-logstash-core-plugin-api.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.3-logstash-core-plugin-api
- version: 8.16.0
+ version: 8.16.1
epoch: 0
description: Logstash plugin API
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
+ expected-commit: a769327be81a655ed66a0539cee42380de220c27
- working-directory: logstash-core-plugin-api
pipeline:
From d97e54bcd1946c44b8620a376cdfa58c1648b2dc Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 15:13:42 -0500
Subject: [PATCH 063/110] ruby3.2-logstash-core-plugin-api/8.16.1 package
update (#34957)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.2-logstash-core-plugin-api.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.2-logstash-core-plugin-api.yaml b/ruby3.2-logstash-core-plugin-api.yaml
index 6698052f593..2216aa78bc0 100644
--- a/ruby3.2-logstash-core-plugin-api.yaml
+++ b/ruby3.2-logstash-core-plugin-api.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.2-logstash-core-plugin-api
- version: 8.16.0
+ version: 8.16.1
epoch: 0
description: Logstash plugin API
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
+ expected-commit: a769327be81a655ed66a0539cee42380de220c27
- working-directory: logstash-core-plugin-api
pipeline:
From c124d6b339496b8bbdd363e87a6ce0a86552ccee Mon Sep 17 00:00:00 2001
From: Jon Johnson
Date: Mon, 25 Nov 2024 12:39:54 -0800
Subject: [PATCH 064/110] Add libquadmath as runtime dep for gcc (#35164)
This is silly, but the alternative to fix this will take a while, so I
am proposing this in the meantime. We currently (incorrectly) assume
that we will be able to solve for identical package sets across
architectures, but that's not correct for per-arch things like
libquadmath. I want to unwedge some things with this change, which I can
revert once we fix these assumptions downstream.
Signed-off-by: Jon Johnson
---
gcc.yaml | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/gcc.yaml b/gcc.yaml
index 43ed9cc3b78..5ad0c7f7e46 100644
--- a/gcc.yaml
+++ b/gcc.yaml
@@ -1,7 +1,7 @@
package:
name: gcc
version: 14.2.0
- epoch: 5
+ epoch: 6
description: "the GNU compiler collection"
copyright:
- license: GPL-3.0-or-later WITH GCC-exception-3.1
@@ -11,6 +11,7 @@ package:
dependencies:
runtime:
- binutils
+ - libquadmath # This is a temporary workaround for issues with single-arch packages.
- libstdc++-dev
- openssf-compiler-options
- posix-cc-wrappers
From d45b49f8b80f9c1a5ad5327fd1fbce7130f83c8c Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 21:03:29 +0000
Subject: [PATCH 065/110] brew/4.4.8 package update (#35177)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
brew.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/brew.yaml b/brew.yaml
index 499f643de9d..25a8e6d6690 100644
--- a/brew.yaml
+++ b/brew.yaml
@@ -1,6 +1,6 @@
package:
name: brew
- version: 4.4.7
+ version: 4.4.8
epoch: 0
description: "The homebrew package manager"
copyright:
@@ -49,7 +49,7 @@ pipeline:
repository: https://github.com/Homebrew/brew
tag: ${{package.version}}
destination: ./brew
- expected-commit: 4a77cd1e2f7ed058d03a47fe1f18819b246e67f6
+ expected-commit: e78a0adb4f260913fffdc956cc8c20fb54109feb
- runs: |
set -x
From 57d58936d9c4b413e165a44e73c11a0c88bd8e0c Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 21:03:57 +0000
Subject: [PATCH 066/110] tigerbeetle/0.16.14 package update (#35171)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
tigerbeetle.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/tigerbeetle.yaml b/tigerbeetle.yaml
index ecf90174493..b42fb607587 100644
--- a/tigerbeetle.yaml
+++ b/tigerbeetle.yaml
@@ -1,6 +1,6 @@
package:
name: tigerbeetle
- version: 0.16.13
+ version: 0.16.14
epoch: 0
description: "The distributed financial accounting database designed for mission critical safety and performance."
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/tigerbeetledb/tigerbeetle
tag: ${{package.version}}
- expected-commit: 48a896c43d08ffeb1c735e95ce570e184c72685e
+ expected-commit: ff102ad69d847e944f60faaded83b80afe44b550
- runs: |
zig build -Drelease
From 17770de8698ca26aee0fe575a89ecd0fbccb2a2f Mon Sep 17 00:00:00 2001
From: Mark McCormick
Date: Mon, 25 Nov 2024 21:50:21 +0000
Subject: [PATCH 067/110] Add tests for ruby packages (#35146)
Add tests for ruby packages.
Also adds a missing ruby-3.3 package which we only had a ruby v3.2
version for.
---------
Signed-off-by: Mark McCormick
---
ruby3.2-faraday-excon.yaml | 25 +++++++
ruby3.2-faraday-follow_redirects.yaml | 30 ++++++++
ruby3.2-faraday.yaml | 44 +++++++++++-
ruby3.2-faraday_middleware-aws-sigv4.yaml | 40 +++++++++--
ruby3.2-filesize.yaml | 40 +++++++++++
ruby3.2-fluent-config-regexp-type.yaml | 23 +++++++
ruby3.2-fluentd-1.17.yaml | 58 ++++++++++++++++
ruby3.2-gems.yaml | 16 +++++
ruby3.2-hashie.yaml | 37 ++++++++++
ruby3.2-http.yaml | 17 +++++
ruby3.2-http_parser.rb.yaml | 56 +++++++++++++++
ruby3.2-i18n.yaml | 18 +++++
ruby3.2-io-console.yaml | 33 ++++++++-
ruby3.2-jar-dependencies.yaml | 23 +++++++
ruby3.2-jmespath.yaml | 26 +++++++
ruby3.3-faraday-excon.yaml | 25 +++++++
ruby3.3-faraday-follow_redirects.yaml | 30 ++++++++
ruby3.3-faraday.yaml | 44 +++++++++++-
ruby3.3-faraday_middleware-aws-sigv4.yaml | 83 +++++++++++++++++++++++
ruby3.3-filesize.yaml | 40 +++++++++++
ruby3.3-fluent-config-regexp-type.yaml | 23 +++++++
ruby3.3-fluentd-1.17.yaml | 58 ++++++++++++++++
ruby3.3-gems.yaml | 16 +++++
ruby3.3-hashie.yaml | 37 ++++++++++
ruby3.3-http.yaml | 17 +++++
ruby3.3-http_parser.rb.yaml | 56 +++++++++++++++
ruby3.3-i18n.yaml | 18 +++++
ruby3.3-io-console.yaml | 33 ++++++++-
ruby3.3-jar-dependencies.yaml | 23 +++++++
ruby3.3-jmespath.yaml | 26 +++++++
30 files changed, 1002 insertions(+), 13 deletions(-)
create mode 100644 ruby3.3-faraday_middleware-aws-sigv4.yaml
diff --git a/ruby3.2-faraday-excon.yaml b/ruby3.2-faraday-excon.yaml
index 93ceac9fbe1..fa7cd49e1ec 100644
--- a/ruby3.2-faraday-excon.yaml
+++ b/ruby3.2-faraday-excon.yaml
@@ -42,6 +42,31 @@ pipeline:
vars:
gem: faraday-excon
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
+ pipeline:
+ - runs: ruby -e "require 'faraday/excon'; puts 'Faraday Excon adapter loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday/excon'
+
+ # Test the Faraday connection with Excon adapter
+ begin
+ conn = Faraday.new(url: 'https://example.com') do |f|
+ f.adapter :excon
+ end
+
+ response = conn.get('/')
+ puts "Faraday connection with Excon adapter configured successfully! Response status: \#{response.status}"
+ rescue StandardError => e
+ raise "Test failed with error: \#{e.message}"
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-faraday-follow_redirects.yaml b/ruby3.2-faraday-follow_redirects.yaml
index 1cae2beafe7..d6000547865 100644
--- a/ruby3.2-faraday-follow_redirects.yaml
+++ b/ruby3.2-faraday-follow_redirects.yaml
@@ -41,6 +41,36 @@ pipeline:
vars:
gem: faraday-follow_redirects
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
+ pipeline:
+ - runs: ruby -e "require 'faraday/follow_redirects'; puts 'Faraday Follow Redirects middleware loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday/follow_redirects'
+
+ # Test the Faraday connection with the Follow Redirects middleware
+ begin
+ conn = Faraday.new(url: 'http://httpbingo.org/redirect/1') do |f|
+ f.use Faraday::FollowRedirects::Middleware
+ f.adapter Faraday.default_adapter
+ end
+
+ response = conn.get
+ if response.status == 200
+ puts "Faraday connection with Follow Redirects middleware configured successfully! Final status: \#{response.status}"
+ else
+ raise "Unexpected response status: \#{response.status}"
+ end
+ rescue StandardError => e
+ raise "Test failed with error: \#{e.message}"
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-faraday.yaml b/ruby3.2-faraday.yaml
index ffa1bc9e1bc..a26512007bb 100644
--- a/ruby3.2-faraday.yaml
+++ b/ruby3.2-faraday.yaml
@@ -42,17 +42,55 @@ vars:
gem: faraday
test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-faraday-net_http
+ - ruby${{vars.rubyMM}}-net-http
pipeline:
- name: Verify library import
runs: ruby -e "require 'faraday'"
- name: Basic usage
runs: |
- cat < /tmp/test.rb
+ cat < /tmp/basic_usage_test.rb
require 'faraday'
response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/")
- print response.status
+ if response.status == 200
+ puts "Basic usage test passed! Status: \#{response.status}"
+ else
+ raise "Basic usage test failed. Unexpected status: \#{response.status}"
+ end
EOF
- ruby /tmp/test.rb
+ ruby /tmp/basic_usage_test.rb
+ - name: Functional test with middleware
+ runs: |
+ cat < /tmp/functional_test_middleware.rb
+ require 'faraday'
+ require 'json'
+
+ # Configure Faraday connection with a middleware
+ conn = Faraday.new(url: "https://httpbin.org") do |f|
+ f.request :url_encoded
+ f.adapter :net_http
+ end
+
+ # Perform a POST request with some data
+ response = conn.post("/post") do |req|
+ req.headers['Content-Type'] = 'application/json'
+ req.body = { test_key: 'test_value' }.to_json
+ end
+
+ # Parse the JSON response
+ parsed_body = JSON.parse(response.body)
+
+ # Validate the response
+ if response.status == 200 && parsed_body["json"]["test_key"] == "test_value"
+ puts "Functional middleware test passed!"
+ else
+ raise "Functional middleware test failed."
+ end
+ EOF
+ ruby /tmp/functional_test_middleware.rb
update:
enabled: true
diff --git a/ruby3.2-faraday_middleware-aws-sigv4.yaml b/ruby3.2-faraday_middleware-aws-sigv4.yaml
index 052e14a50e1..8157945cf41 100644
--- a/ruby3.2-faraday_middleware-aws-sigv4.yaml
+++ b/ruby3.2-faraday_middleware-aws-sigv4.yaml
@@ -7,8 +7,8 @@ package:
- license: MIT
dependencies:
runtime:
- - ruby3.2-aws-sigv4
- - ruby3.2-faraday
+ - ruby${{vars.rubyMM}}-aws-sigv4
+ - ruby${{vars.rubyMM}}-faraday
environment:
contents:
@@ -17,8 +17,8 @@ environment:
- busybox
- ca-certificates-bundle
- git
- - ruby-3.2
- - ruby-3.2-dev
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
pipeline:
- uses: git-checkout
@@ -49,5 +49,35 @@ update:
use-tag: true
test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
pipeline:
- - runs: ruby -e "require 'faraday_middleware/aws_sigv4'"
+ - runs: ruby -e "require 'faraday_middleware/aws_sigv4'; puts 'faraday_middleware/aws_sigv4 loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday_middleware/aws_sigv4'
+
+ # Test the middleware by configuring a Faraday connection
+ begin
+ conn = Faraday.new(url: 'https://example.com') do |f|
+ f.request :aws_sigv4,
+ service: 's3',
+ region: 'us-east-1',
+ access_key_id: 'fake_access_key',
+ secret_access_key: 'fake_secret_key'
+ end
+
+ puts "Faraday connection configured successfully with AWS SigV4 middleware!"
+ rescue StandardError => e
+ raise "Test failed with error: #{e.message}"
+ end
+ EOF
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.2-filesize.yaml b/ruby3.2-filesize.yaml
index 4bc17c4a74c..e318e592c9e 100644
--- a/ruby3.2-filesize.yaml
+++ b/ruby3.2-filesize.yaml
@@ -38,6 +38,46 @@ pipeline:
vars:
gem: filesize
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - name: Verify gem installation
+ runs: |
+ gem list filesize
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ begin
+ require "filesize"
+ puts "Debug: Loading Filesize class..."
+
+ # Create size object directly with bytes
+ bytes = Filesize.new(1024)
+ puts "Debug: Created Filesize object: " + bytes.inspect
+
+ # Convert to KiB (binary kilobytes) since that is the default
+ kib = bytes.to("KiB")
+ puts "Debug: Converted to KiB: " + kib.inspect
+
+ size = kib.to_f
+ puts "Debug: Final float value: " + size.to_s
+
+ # Should be exactly 1.0 since 1024 bytes = 1 KiB
+ if size == 1.0
+ puts "Test passed: 1024 B = 1 KiB"
+ exit 0
+ else
+ raise "Test failed: Expected 1.0 KiB, got " + size.to_s
+ end
+ rescue => e
+ puts "Test failed with error: " + e.class.to_s + ": " + e.message
+ puts e.backtrace
+ exit 1
+ end '
+
update:
enabled: false
exclude-reason: unmaintained, latest tag cut in 2018
diff --git a/ruby3.2-fluent-config-regexp-type.yaml b/ruby3.2-fluent-config-regexp-type.yaml
index 9c6e7498835..dd981569b3a 100644
--- a/ruby3.2-fluent-config-regexp-type.yaml
+++ b/ruby3.2-fluent-config-regexp-type.yaml
@@ -42,6 +42,29 @@ pipeline:
- uses: ruby/clean
+test:
+ pipeline:
+ - runs: |
+ ruby -e '
+ require "fluent/config/regexp_type"
+
+ # Test timestamp pattern
+ regex = Fluent::Config::REGEXP_TYPE.call("/^\\d{4}-\\d{2}-\\d{2}/")
+
+ # Should match
+ raise "Valid date (2024-11-23) failed to match" unless regex.match?("2024-11-23")
+
+ # Should not match any of these
+ ["11-23-2024", "11-2-2024", "11-23-202", "202-11-23"].each do |invalid_date|
+ if regex.match?(invalid_date)
+ raise "Incorrectly matched #{invalid_date} which should not match pattern ^\\d{4}-\\d{2}-\\d{2}"
+ end
+ end
+
+ puts "All tests passed!"
+ puts "Pattern matches yyyy-mm-dd format only"
+ '
+
update:
enabled: true
github:
diff --git a/ruby3.2-fluentd-1.17.yaml b/ruby3.2-fluentd-1.17.yaml
index 71ff1cd8d53..f89f4528276 100644
--- a/ruby3.2-fluentd-1.17.yaml
+++ b/ruby3.2-fluentd-1.17.yaml
@@ -92,6 +92,7 @@ update:
test:
pipeline:
+ # Keep existing daemon test
- name: Daemon test
uses: test/daemon-check-output
with:
@@ -100,6 +101,8 @@ test:
mkdir -p /etc/fluent/
touch /etc/fluent/fluent.conf
expected_output: fluentd worker is now running
+ # Keep command line tests
+ - name: Command line tests
runs: |
fluent-binlog-reader --version
fluent-ca-generate --version
@@ -117,6 +120,61 @@ test:
fluent-plugin-generate --help
fluentd --version
fluentd --help
+ - name: Basic IO test
+ runs: |
+ # Create minimal config
+ cat > test.conf <
+ log_level debug
+
+
+
+ @type forward
+ port 24224
+
+
+
+ @type file
+ path /tmp/fluentd_test
+ append true
+
+ flush_mode immediate
+
+
+ EOF
+
+ # Start fluentd with logs
+ fluentd -c test.conf -d /tmp/fluentd.pid --log /tmp/fluentd.log
+
+ # Wait for start
+ sleep 5
+
+ # Send test message with specific content
+ echo '{"message":"test_message_content"}' | fluent-cat test.tag
+
+ # Wait for processing
+ sleep 5
+
+ # Check output files and content
+ if ls /tmp/fluentd_test.*.log > /dev/null 2>&1; then
+ OUTPUT=$(cat /tmp/fluentd_test.*.log)
+ echo "Output file contents: $OUTPUT"
+
+ if echo "$OUTPUT" | grep -q "test_message_content"; then
+ echo "Test passed: Message content verified"
+ else
+ echo "Test failed: Expected message content not found"
+ exit 1
+ fi
+ else
+ echo "Test failed: No output file"
+ echo "Fluentd logs:"
+ cat /tmp/fluentd.log
+ exit 1
+ fi
+
+ # Cleanup
+ kill $(cat /tmp/fluentd.pid)
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.2-gems.yaml b/ruby3.2-gems.yaml
index ac21a945115..6f9afaae5d0 100644
--- a/ruby3.2-gems.yaml
+++ b/ruby3.2-gems.yaml
@@ -49,6 +49,22 @@ test:
print Gems.info 'rails'
EOF
ruby /tmp/test.rb
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ require "gems"
+ require "json"
+
+ # Test search functionality
+ result = Gems.search("rake")
+ raise "Search failed" unless result.is_a?(Array) && !result.empty?
+
+ # Test version info
+ versions = Gems.versions("rake")
+ raise "Version lookup failed" unless versions.is_a?(Array) && !versions.empty?
+
+ puts "Tests passed - got valid responses for search and versions"
+ '
update:
enabled: true
diff --git a/ruby3.2-hashie.yaml b/ruby3.2-hashie.yaml
index 8732a9409b4..d92a616ed85 100644
--- a/ruby3.2-hashie.yaml
+++ b/ruby3.2-hashie.yaml
@@ -38,6 +38,43 @@ pipeline:
vars:
gem: hashie
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'hashie'"
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ require "hashie"
+
+ # Test Mash functionality
+ mash = Hashie::Mash.new
+ mash.name = "Test"
+ mash.info = { lang: "Ruby" }
+
+ raise "Basic assignment failed" unless mash.name == "Test"
+ raise "Nested hash failed" unless mash.info.lang == "Ruby"
+
+ # Test indifferent access
+ mash[:test_key] = "value"
+ raise "Indifferent access failed" unless mash["test_key"] == "value" && mash.test_key == "value"
+
+ # Test key deletion
+ mash.delete(:test_key)
+ raise "Delete failed" if mash.key?(:test_key)
+
+ # Test default values
+ mash.default = "not found"
+ raise "Default value failed" unless mash.missing == "not found"
+
+ # Test merge
+ other = Hashie::Mash.new(a: 1, b: 2)
+ merged = mash.merge(other)
+ raise "Merge failed" unless merged.a == 1 && merged.info.lang == "Ruby"
+
+ puts "All tests passed!"
+ '
+
update:
enabled: true
github:
diff --git a/ruby3.2-http.yaml b/ruby3.2-http.yaml
index c54b6801903..1db2ec5dd83 100644
--- a/ruby3.2-http.yaml
+++ b/ruby3.2-http.yaml
@@ -54,6 +54,23 @@ test:
HTTP.get("https://github.com").to_s
EOF
ruby /tmp/test.rb
+ - name: Functional test with POST request
+ runs: |
+ cat < /tmp/functional_test.rb
+ require "http"
+
+ # Perform a POST request to httpbin.org
+ response = HTTP.post("https://httpbin.org/post", json: { key: "value" })
+
+ # Validate the response
+ raise "Unexpected status code" unless response.status == 200
+
+ body = response.parse(:json)
+ raise "Unexpected response body" unless body["json"]["key"] == "value"
+
+ puts "Functional test passed!"
+ EOF
+ ruby /tmp/functional_test.rb
update:
enabled: true
diff --git a/ruby3.2-http_parser.rb.yaml b/ruby3.2-http_parser.rb.yaml
index 30df5b2661f..b98b0283d08 100644
--- a/ruby3.2-http_parser.rb.yaml
+++ b/ruby3.2-http_parser.rb.yaml
@@ -48,6 +48,62 @@ pipeline:
version: ${{package.version}}
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - name: Verify gem installation
+ runs: gem list http_parser.rb
+ - name: Basic import test
+ runs: |
+ ruby <<-EOF
+ begin
+ require 'http/parser'
+ puts "Basic import test passed! HTTP::Parser loaded successfully."
+ rescue LoadError => e
+ puts "Basic import test failed: #{e.message}"
+ exit 1
+ end
+ EOF
+ - name: Expanded functionality test
+ runs: |
+ ruby <<-EOF
+ require 'http/parser'
+
+ # Create a basic HTTP parser and parse a simple request
+ begin
+ parser = HTTP::Parser.new
+ parsed_headers = {}
+
+ # Define callbacks for parsing events
+ parser.on_headers_complete = proc do |headers|
+ parsed_headers.merge!(headers)
+ puts "Headers parsed successfully!"
+ end
+ parser.on_message_complete = proc { puts "Message parsed successfully!" }
+
+ # Feed the parser with a simple HTTP request
+ request = "GET /path/to/resource HTTP/1.1\r\n" \
+ "Host: example.com\r\n" \
+ "User-Agent: TestAgent\r\n\r\n"
+ parser << request
+
+ # Validate parsing results
+ raise "Unexpected HTTP method" unless parser.http_method == "GET"
+ raise "Unexpected request URL" unless parser.request_url == "/path/to/resource"
+ raise "Unexpected HTTP version" unless parser.http_version == [1, 1]
+ raise "Unexpected Host header" unless parsed_headers["Host"] == "example.com"
+ raise "Unexpected User-Agent header" unless parsed_headers["User-Agent"] == "TestAgent"
+
+ puts "Expanded functionality test passed with valid results!"
+ rescue => e
+ puts "Test failed: #{e.message}"
+ exit 1
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-i18n.yaml b/ruby3.2-i18n.yaml
index d7e97299ffb..b4a1f90c828 100644
--- a/ruby3.2-i18n.yaml
+++ b/ruby3.2-i18n.yaml
@@ -40,6 +40,24 @@ pipeline:
vars:
gem: i18n
+test:
+ pipeline:
+ - runs: ruby -e "require 'i18n'"
+ - name: Basic translation test
+ runs: |
+ ruby <<-EOF
+ require 'i18n'
+
+ # Create a translation directly in memory
+ I18n.backend.store_translations(:en, hello: "Hello, %{name}!")
+
+ # Test translation
+ greeting = I18n.t('hello', name: 'World')
+ raise "Translation test failed!" unless greeting == "Hello, World!"
+
+ puts "Basic translation test passed!"
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-io-console.yaml b/ruby3.2-io-console.yaml
index 14e5663f153..5e331e97f49 100644
--- a/ruby3.2-io-console.yaml
+++ b/ruby3.2-io-console.yaml
@@ -44,7 +44,38 @@ vars:
test:
pipeline:
- - runs: ruby -e "require 'io/console'"
+ - name: Verify gem installation
+ runs: |
+ gem list io-console
+ - name: Test core functionality
+ runs: |
+ ruby -e '
+ begin
+ require "io/console"
+
+ # Test basic require works
+ puts "Loaded io/console successfully"
+
+ # Test core methods
+ [:tty?, :winsize, :winsize=].each do |method|
+ unless IO.instance_methods.include?(method)
+ raise "Missing IO method: #{method}"
+ end
+ end
+
+ # Test STDIN responds to console methods
+ unless STDIN.respond_to?(:tty?)
+ raise "STDIN missing tty? method"
+ end
+
+ puts "Core functionality verified"
+ exit 0
+ rescue => e
+ puts "Test failed: #{e.class}: #{e.message}"
+ puts e.backtrace
+ exit 1
+ end
+ '
update:
enabled: true
diff --git a/ruby3.2-jar-dependencies.yaml b/ruby3.2-jar-dependencies.yaml
index 11eae1677c5..d4b1e8753ad 100644
--- a/ruby3.2-jar-dependencies.yaml
+++ b/ruby3.2-jar-dependencies.yaml
@@ -49,6 +49,29 @@ test:
# AUTOGENERATED
- runs: |
lock_jars --help
+ - name: Verify gem import
+ runs: ruby -e "require 'jar_dependencies'; puts 'jar_dependencies loaded successfully!'"
+ - name: Test basic functionality
+ runs: |
+ ruby -e '
+ begin
+ require "jar_dependencies"
+
+ # Test module definition
+ raise "Missing Jars module" unless defined?(Jars)
+
+ # Test basic methods exist
+ [:require_jar, :setup, :lock].each do |method|
+ raise "Missing method: Jars.#{method}" unless Jars.respond_to?(method)
+ end
+
+ puts "Basic jar-dependencies functionality verified"
+ exit 0
+ rescue => e
+ puts "Test failed: #{e.message}"
+ exit 1
+ end
+ '
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.2-jmespath.yaml b/ruby3.2-jmespath.yaml
index d134bf968e9..a3ecfd7f29b 100644
--- a/ruby3.2-jmespath.yaml
+++ b/ruby3.2-jmespath.yaml
@@ -37,6 +37,32 @@ pipeline:
vars:
gem: jmespath
+test:
+ pipeline:
+ - name: Verify gem import
+ runs: ruby -e "require 'jmespath'; puts 'jmespath loaded successfully!'"
+ - name: Basic JMESPath evaluation
+ runs: |
+ ruby <<-EOF
+ require 'jmespath'
+
+ # Basic JMESPath expression test
+ data = {
+ "foo" => {
+ "bar" => "value"
+ }
+ }
+ expression = "foo.bar"
+ result = JMESPath.search(expression, data)
+
+ # Validate the result
+ if result == "value"
+ puts "Basic JMESPath evaluation successful!"
+ else
+ raise "Expected 'value' but got '\#{result}'"
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-faraday-excon.yaml b/ruby3.3-faraday-excon.yaml
index f1b888bf50a..5321b378abf 100644
--- a/ruby3.3-faraday-excon.yaml
+++ b/ruby3.3-faraday-excon.yaml
@@ -42,6 +42,31 @@ pipeline:
vars:
gem: faraday-excon
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
+ pipeline:
+ - runs: ruby -e "require 'faraday/excon'; puts 'Faraday Excon adapter loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday/excon'
+
+ # Test the Faraday connection with Excon adapter
+ begin
+ conn = Faraday.new(url: 'https://example.com') do |f|
+ f.adapter :excon
+ end
+
+ response = conn.get('/')
+ puts "Faraday connection with Excon adapter configured successfully! Response status: \#{response.status}"
+ rescue StandardError => e
+ raise "Test failed with error: \#{e.message}"
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-faraday-follow_redirects.yaml b/ruby3.3-faraday-follow_redirects.yaml
index c9e16e85207..0299b3427bf 100644
--- a/ruby3.3-faraday-follow_redirects.yaml
+++ b/ruby3.3-faraday-follow_redirects.yaml
@@ -41,6 +41,36 @@ pipeline:
vars:
gem: faraday-follow_redirects
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
+ pipeline:
+ - runs: ruby -e "require 'faraday/follow_redirects'; puts 'Faraday Follow Redirects middleware loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday/follow_redirects'
+
+ # Test the Faraday connection with the Follow Redirects middleware
+ begin
+ conn = Faraday.new(url: 'http://httpbingo.org/redirect/1') do |f|
+ f.use Faraday::FollowRedirects::Middleware
+ f.adapter Faraday.default_adapter
+ end
+
+ response = conn.get
+ if response.status == 200
+ puts "Faraday connection with Follow Redirects middleware configured successfully! Final status: \#{response.status}"
+ else
+ raise "Unexpected response status: \#{response.status}"
+ end
+ rescue StandardError => e
+ raise "Test failed with error: \#{e.message}"
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-faraday.yaml b/ruby3.3-faraday.yaml
index a8a05f39e2e..e3b38d6ce5d 100644
--- a/ruby3.3-faraday.yaml
+++ b/ruby3.3-faraday.yaml
@@ -42,17 +42,55 @@ vars:
gem: faraday
test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-faraday-net_http
+ - ruby${{vars.rubyMM}}-net-http
pipeline:
- name: Verify library import
runs: ruby -e "require 'faraday'"
- name: Basic usage
runs: |
- cat < /tmp/test.rb
+ cat < /tmp/basic_usage_test.rb
require 'faraday'
response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/")
- print response.status
+ if response.status == 200
+ puts "Basic usage test passed! Status: \#{response.status}"
+ else
+ raise "Basic usage test failed. Unexpected status: \#{response.status}"
+ end
EOF
- ruby /tmp/test.rb
+ ruby /tmp/basic_usage_test.rb
+ - name: Functional test with middleware
+ runs: |
+ cat < /tmp/functional_test_middleware.rb
+ require 'faraday'
+ require 'json'
+
+ # Configure Faraday connection with a middleware
+ conn = Faraday.new(url: "https://httpbin.org") do |f|
+ f.request :url_encoded
+ f.adapter :net_http
+ end
+
+ # Perform a POST request with some data
+ response = conn.post("/post") do |req|
+ req.headers['Content-Type'] = 'application/json'
+ req.body = { test_key: 'test_value' }.to_json
+ end
+
+ # Parse the JSON response
+ parsed_body = JSON.parse(response.body)
+
+ # Validate the response
+ if response.status == 200 && parsed_body["json"]["test_key"] == "test_value"
+ puts "Functional middleware test passed!"
+ else
+ raise "Functional middleware test failed."
+ end
+ EOF
+ ruby /tmp/functional_test_middleware.rb
update:
enabled: true
diff --git a/ruby3.3-faraday_middleware-aws-sigv4.yaml b/ruby3.3-faraday_middleware-aws-sigv4.yaml
new file mode 100644
index 00000000000..1c8fabc13ae
--- /dev/null
+++ b/ruby3.3-faraday_middleware-aws-sigv4.yaml
@@ -0,0 +1,83 @@
+package:
+ name: ruby3.3-faraday_middleware-aws-sigv4
+ version: 1.0.1
+ epoch: 0
+ description: Faraday middleware for AWS Signature Version 4 using aws-sigv4.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - ruby${{vars.rubyMM}}-aws-sigv4
+ - ruby${{vars.rubyMM}}-faraday
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: 8637e57de564df2b163bc459119dcae5b9b222de
+ repository: https://github.com/winebarrel/faraday_middleware-aws-sigv4
+ tag: v${{package.version}}
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: faraday_middleware-aws-sigv4
+
+update:
+ enabled: true
+ github:
+ identifier: winebarrel/faraday_middleware-aws-sigv4
+ strip-prefix: v
+ use-tag: true
+
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-net-http
+ pipeline:
+ - runs: ruby -e "require 'faraday_middleware/aws_sigv4'; puts 'faraday_middleware/aws_sigv4 loaded successfully!'"
+ - runs: |
+ ruby <<-EOF
+ require 'faraday'
+ require 'faraday_middleware/aws_sigv4'
+
+ # Test the middleware by configuring a Faraday connection
+ begin
+ conn = Faraday.new(url: 'https://example.com') do |f|
+ f.request :aws_sigv4,
+ service: 's3',
+ region: 'us-east-1',
+ access_key_id: 'fake_access_key',
+ secret_access_key: 'fake_secret_key'
+ end
+
+ puts "Faraday connection configured successfully with AWS SigV4 middleware!"
+ rescue StandardError => e
+ raise "Test failed with error: #{e.message}"
+ end
+ EOF
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.3-filesize.yaml b/ruby3.3-filesize.yaml
index bb9d88ccf81..a12e8912cf4 100644
--- a/ruby3.3-filesize.yaml
+++ b/ruby3.3-filesize.yaml
@@ -38,6 +38,46 @@ pipeline:
vars:
gem: filesize
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - name: Verify gem installation
+ runs: |
+ gem list filesize
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ begin
+ require "filesize"
+ puts "Debug: Loading Filesize class..."
+
+ # Create size object directly with bytes
+ bytes = Filesize.new(1024)
+ puts "Debug: Created Filesize object: " + bytes.inspect
+
+ # Convert to KiB (binary kilobytes) since that is the default
+ kib = bytes.to("KiB")
+ puts "Debug: Converted to KiB: " + kib.inspect
+
+ size = kib.to_f
+ puts "Debug: Final float value: " + size.to_s
+
+ # Should be exactly 1.0 since 1024 bytes = 1 KiB
+ if size == 1.0
+ puts "Test passed: 1024 B = 1 KiB"
+ exit 0
+ else
+ raise "Test failed: Expected 1.0 KiB, got " + size.to_s
+ end
+ rescue => e
+ puts "Test failed with error: " + e.class.to_s + ": " + e.message
+ puts e.backtrace
+ exit 1
+ end '
+
update:
enabled: false
exclude-reason: unmaintained, latest tag cut in 2018
diff --git a/ruby3.3-fluent-config-regexp-type.yaml b/ruby3.3-fluent-config-regexp-type.yaml
index eef339a9439..a1f2d37857e 100644
--- a/ruby3.3-fluent-config-regexp-type.yaml
+++ b/ruby3.3-fluent-config-regexp-type.yaml
@@ -42,6 +42,29 @@ pipeline:
- uses: ruby/clean
+test:
+ pipeline:
+ - runs: |
+ ruby -e '
+ require "fluent/config/regexp_type"
+
+ # Test timestamp pattern
+ regex = Fluent::Config::REGEXP_TYPE.call("/^\\d{4}-\\d{2}-\\d{2}/")
+
+ # Should match
+ raise "Valid date (2024-11-23) failed to match" unless regex.match?("2024-11-23")
+
+ # Should not match any of these
+ ["11-23-2024", "11-2-2024", "11-23-202", "202-11-23"].each do |invalid_date|
+ if regex.match?(invalid_date)
+ raise "Incorrectly matched #{invalid_date} which should not match pattern ^\\d{4}-\\d{2}-\\d{2}"
+ end
+ end
+
+ puts "All tests passed!"
+ puts "Pattern matches yyyy-mm-dd format only"
+ '
+
update:
enabled: true
github:
diff --git a/ruby3.3-fluentd-1.17.yaml b/ruby3.3-fluentd-1.17.yaml
index 84383ec198d..040571dd011 100644
--- a/ruby3.3-fluentd-1.17.yaml
+++ b/ruby3.3-fluentd-1.17.yaml
@@ -92,6 +92,7 @@ update:
test:
pipeline:
+ # Keep existing daemon test
- name: Daemon test
uses: test/daemon-check-output
with:
@@ -100,6 +101,8 @@ test:
mkdir -p /etc/fluent/
touch /etc/fluent/fluent.conf
expected_output: fluentd worker is now running
+ # Keep command line tests
+ - name: Command line tests
runs: |
fluent-binlog-reader --version
fluent-ca-generate --version
@@ -117,6 +120,61 @@ test:
fluent-plugin-generate --help
fluentd --version
fluentd --help
+ - name: Basic IO test
+ runs: |
+ # Create minimal config
+ cat > test.conf <
+ log_level debug
+
+
+
+ @type forward
+ port 24224
+
+
+
+ @type file
+ path /tmp/fluentd_test
+ append true
+
+ flush_mode immediate
+
+
+ EOF
+
+ # Start fluentd with logs
+ fluentd -c test.conf -d /tmp/fluentd.pid --log /tmp/fluentd.log
+
+ # Wait for start
+ sleep 5
+
+ # Send test message with specific content
+ echo '{"message":"test_message_content"}' | fluent-cat test.tag
+
+ # Wait for processing
+ sleep 5
+
+ # Check output files and content
+ if ls /tmp/fluentd_test.*.log > /dev/null 2>&1; then
+ OUTPUT=$(cat /tmp/fluentd_test.*.log)
+ echo "Output file contents: $OUTPUT"
+
+ if echo "$OUTPUT" | grep -q "test_message_content"; then
+ echo "Test passed: Message content verified"
+ else
+ echo "Test failed: Expected message content not found"
+ exit 1
+ fi
+ else
+ echo "Test failed: No output file"
+ echo "Fluentd logs:"
+ cat /tmp/fluentd.log
+ exit 1
+ fi
+
+ # Cleanup
+ kill $(cat /tmp/fluentd.pid)
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.3-gems.yaml b/ruby3.3-gems.yaml
index 791a8939b87..a90ef253b57 100644
--- a/ruby3.3-gems.yaml
+++ b/ruby3.3-gems.yaml
@@ -49,6 +49,22 @@ test:
print Gems.info 'rails'
EOF
ruby /tmp/test.rb
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ require "gems"
+ require "json"
+
+ # Test search functionality
+ result = Gems.search("rake")
+ raise "Search failed" unless result.is_a?(Array) && !result.empty?
+
+ # Test version info
+ versions = Gems.versions("rake")
+ raise "Version lookup failed" unless versions.is_a?(Array) && !versions.empty?
+
+ puts "Tests passed - got valid responses for search and versions"
+ '
update:
enabled: true
diff --git a/ruby3.3-hashie.yaml b/ruby3.3-hashie.yaml
index 5e7aa3f9149..142292282e2 100644
--- a/ruby3.3-hashie.yaml
+++ b/ruby3.3-hashie.yaml
@@ -38,6 +38,43 @@ pipeline:
vars:
gem: hashie
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'hashie'"
+ - name: Basic functionality test
+ runs: |
+ ruby -e '
+ require "hashie"
+
+ # Test Mash functionality
+ mash = Hashie::Mash.new
+ mash.name = "Test"
+ mash.info = { lang: "Ruby" }
+
+ raise "Basic assignment failed" unless mash.name == "Test"
+ raise "Nested hash failed" unless mash.info.lang == "Ruby"
+
+ # Test indifferent access
+ mash[:test_key] = "value"
+ raise "Indifferent access failed" unless mash["test_key"] == "value" && mash.test_key == "value"
+
+ # Test key deletion
+ mash.delete(:test_key)
+ raise "Delete failed" if mash.key?(:test_key)
+
+ # Test default values
+ mash.default = "not found"
+ raise "Default value failed" unless mash.missing == "not found"
+
+ # Test merge
+ other = Hashie::Mash.new(a: 1, b: 2)
+ merged = mash.merge(other)
+ raise "Merge failed" unless merged.a == 1 && merged.info.lang == "Ruby"
+
+ puts "All tests passed!"
+ '
+
update:
enabled: true
github:
diff --git a/ruby3.3-http.yaml b/ruby3.3-http.yaml
index eeced43c711..7849830cf06 100644
--- a/ruby3.3-http.yaml
+++ b/ruby3.3-http.yaml
@@ -54,6 +54,23 @@ test:
HTTP.get("https://github.com").to_s
EOF
ruby /tmp/test.rb
+ - name: Functional test with POST request
+ runs: |
+ cat < /tmp/functional_test.rb
+ require "http"
+
+ # Perform a POST request to httpbin.org
+ response = HTTP.post("https://httpbin.org/post", json: { key: "value" })
+
+ # Validate the response
+ raise "Unexpected status code" unless response.status == 200
+
+ body = response.parse(:json)
+ raise "Unexpected response body" unless body["json"]["key"] == "value"
+
+ puts "Functional test passed!"
+ EOF
+ ruby /tmp/functional_test.rb
update:
enabled: true
diff --git a/ruby3.3-http_parser.rb.yaml b/ruby3.3-http_parser.rb.yaml
index 504b59a7cef..7095fa9548c 100644
--- a/ruby3.3-http_parser.rb.yaml
+++ b/ruby3.3-http_parser.rb.yaml
@@ -48,6 +48,62 @@ pipeline:
version: ${{package.version}}
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - name: Verify gem installation
+ runs: gem list http_parser.rb
+ - name: Basic import test
+ runs: |
+ ruby <<-EOF
+ begin
+ require 'http/parser'
+ puts "Basic import test passed! HTTP::Parser loaded successfully."
+ rescue LoadError => e
+ puts "Basic import test failed: #{e.message}"
+ exit 1
+ end
+ EOF
+ - name: Expanded functionality test
+ runs: |
+ ruby <<-EOF
+ require 'http/parser'
+
+ # Create a basic HTTP parser and parse a simple request
+ begin
+ parser = HTTP::Parser.new
+ parsed_headers = {}
+
+ # Define callbacks for parsing events
+ parser.on_headers_complete = proc do |headers|
+ parsed_headers.merge!(headers)
+ puts "Headers parsed successfully!"
+ end
+ parser.on_message_complete = proc { puts "Message parsed successfully!" }
+
+ # Feed the parser with a simple HTTP request
+ request = "GET /path/to/resource HTTP/1.1\r\n" \
+ "Host: example.com\r\n" \
+ "User-Agent: TestAgent\r\n\r\n"
+ parser << request
+
+ # Validate parsing results
+ raise "Unexpected HTTP method" unless parser.http_method == "GET"
+ raise "Unexpected request URL" unless parser.request_url == "/path/to/resource"
+ raise "Unexpected HTTP version" unless parser.http_version == [1, 1]
+ raise "Unexpected Host header" unless parsed_headers["Host"] == "example.com"
+ raise "Unexpected User-Agent header" unless parsed_headers["User-Agent"] == "TestAgent"
+
+ puts "Expanded functionality test passed with valid results!"
+ rescue => e
+ puts "Test failed: #{e.message}"
+ exit 1
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-i18n.yaml b/ruby3.3-i18n.yaml
index f653d1a9d64..e6c692ce268 100644
--- a/ruby3.3-i18n.yaml
+++ b/ruby3.3-i18n.yaml
@@ -40,6 +40,24 @@ pipeline:
vars:
gem: i18n
+test:
+ pipeline:
+ - runs: ruby -e "require 'i18n'"
+ - name: Basic translation test
+ runs: |
+ ruby <<-EOF
+ require 'i18n'
+
+ # Create a translation directly in memory
+ I18n.backend.store_translations(:en, hello: "Hello, %{name}!")
+
+ # Test translation
+ greeting = I18n.t('hello', name: 'World')
+ raise "Translation test failed!" unless greeting == "Hello, World!"
+
+ puts "Basic translation test passed!"
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-io-console.yaml b/ruby3.3-io-console.yaml
index 06abb60af39..0dcb866d12d 100644
--- a/ruby3.3-io-console.yaml
+++ b/ruby3.3-io-console.yaml
@@ -44,7 +44,38 @@ vars:
test:
pipeline:
- - runs: ruby -e "require 'io/console'"
+ - name: Verify gem installation
+ runs: |
+ gem list io-console
+ - name: Test core functionality
+ runs: |
+ ruby -e '
+ begin
+ require "io/console"
+
+ # Test basic require works
+ puts "Loaded io/console successfully"
+
+ # Test core methods
+ [:tty?, :winsize, :winsize=].each do |method|
+ unless IO.instance_methods.include?(method)
+ raise "Missing IO method: #{method}"
+ end
+ end
+
+ # Test STDIN responds to console methods
+ unless STDIN.respond_to?(:tty?)
+ raise "STDIN missing tty? method"
+ end
+
+ puts "Core functionality verified"
+ exit 0
+ rescue => e
+ puts "Test failed: #{e.class}: #{e.message}"
+ puts e.backtrace
+ exit 1
+ end
+ '
update:
enabled: true
diff --git a/ruby3.3-jar-dependencies.yaml b/ruby3.3-jar-dependencies.yaml
index 2a25970c61d..deaf50ebca1 100644
--- a/ruby3.3-jar-dependencies.yaml
+++ b/ruby3.3-jar-dependencies.yaml
@@ -49,6 +49,29 @@ test:
# AUTOGENERATED
- runs: |
lock_jars --help
+ - name: Verify gem import
+ runs: ruby -e "require 'jar_dependencies'; puts 'jar_dependencies loaded successfully!'"
+ - name: Test basic functionality
+ runs: |
+ ruby -e '
+ begin
+ require "jar_dependencies"
+
+ # Test module definition
+ raise "Missing Jars module" unless defined?(Jars)
+
+ # Test basic methods exist
+ [:require_jar, :setup, :lock].each do |method|
+ raise "Missing method: Jars.#{method}" unless Jars.respond_to?(method)
+ end
+
+ puts "Basic jar-dependencies functionality verified"
+ exit 0
+ rescue => e
+ puts "Test failed: #{e.message}"
+ exit 1
+ end
+ '
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.3-jmespath.yaml b/ruby3.3-jmespath.yaml
index 7cc5894939d..1f6a846225d 100644
--- a/ruby3.3-jmespath.yaml
+++ b/ruby3.3-jmespath.yaml
@@ -37,6 +37,32 @@ pipeline:
vars:
gem: jmespath
+test:
+ pipeline:
+ - name: Verify gem import
+ runs: ruby -e "require 'jmespath'; puts 'jmespath loaded successfully!'"
+ - name: Basic JMESPath evaluation
+ runs: |
+ ruby <<-EOF
+ require 'jmespath'
+
+ # Basic JMESPath expression test
+ data = {
+ "foo" => {
+ "bar" => "value"
+ }
+ }
+ expression = "foo.bar"
+ result = JMESPath.search(expression, data)
+
+ # Validate the result
+ if result == "value"
+ puts "Basic JMESPath evaluation successful!"
+ else
+ raise "Expected 'value' but got '\#{result}'"
+ end
+ EOF
+
update:
enabled: true
github:
From d60792e8b3e59beb9ca2d1f68d2e289258c4193d Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 22:03:24 +0000
Subject: [PATCH 068/110] wazero/1.8.2 package update (#35181)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
wazero.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/wazero.yaml b/wazero.yaml
index a4ca0ac3c82..f66ce313f3a 100644
--- a/wazero.yaml
+++ b/wazero.yaml
@@ -1,6 +1,6 @@
package:
name: wazero
- version: 1.8.1
+ version: 1.8.2
epoch: 0
description: The zero dependency WebAssembly runtime for Go developers
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/tetratelabs/wazero
tag: v${{package.version}}
- expected-commit: 6016a705fa6077f517731d4ce148a82968de02dd
+ expected-commit: 610c202ec48f3a7c729f2bf11707330127ab3689
- runs: |
make build/wazero_linux_$(go env GOARCH)/wazero
From bf8a1b456ea0f0415799c9b06d1fd45dee407d96 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 22:03:38 +0000
Subject: [PATCH 069/110] ztunnel-1.24/1.24.1 package update (#35173)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ztunnel-1.24.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ztunnel-1.24.yaml b/ztunnel-1.24.yaml
index f7b183db7b4..65c8e352126 100644
--- a/ztunnel-1.24.yaml
+++ b/ztunnel-1.24.yaml
@@ -1,6 +1,6 @@
package:
name: ztunnel-1.24
- version: 1.24.0
+ version: 1.24.1
epoch: 0
description: The `ztunnel` component of istio ambient mesh.
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/istio/ztunnel
tag: ${{package.version}}
- expected-commit: 1226c1b35f50938f428c71f7dcad3602ea991675
+ expected-commit: 4c7cdf1b62ddcc786402499c03eff0d5172c95ef
- runs: |
export ZTUNNEL_BUILD_buildStatus=clean
From f3defdb21beef6cb1a0462bc354a02dfbd8c91d8 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 22:04:05 +0000
Subject: [PATCH 070/110] istio-1.24/1.24.1 package update (#35175)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
istio-1.24.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/istio-1.24.yaml b/istio-1.24.yaml
index 37e0b3e8b0e..4c1c84ee67c 100644
--- a/istio-1.24.yaml
+++ b/istio-1.24.yaml
@@ -1,7 +1,7 @@
package:
name: istio-1.24
- version: 1.24.0
- epoch: 2
+ version: 1.24.1
+ epoch: 0
description: Istio is an open source service mesh that layers transparently onto existing distributed applications.
copyright:
- license: Apache-2.0
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/istio/istio
tag: ${{package.version}}
- expected-commit: 8825a6b7f8c9a2d66005a5f8b64e98aaee0dda99
+ expected-commit: 5c178358f9c61c50d3d6149a0b05a609a0d7defd
subpackages:
- name: istio-cni-${{vars.major-minor-version}}
From 77949492e0c5c0dd69e944e81eea80645b903dbf Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 23:03:35 +0000
Subject: [PATCH 071/110] py3-boto3/1.35.69 package update (#35184)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
py3-boto3.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/py3-boto3.yaml b/py3-boto3.yaml
index f4279aa2304..78faa1b202b 100644
--- a/py3-boto3.yaml
+++ b/py3-boto3.yaml
@@ -1,6 +1,6 @@
package:
name: py3-boto3
- version: 1.35.68
+ version: 1.35.69
epoch: 0
description: The AWS SDK for Python
copyright:
@@ -28,7 +28,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 091d6bed1422370987a839bff3f8755df7404fc15e9fac2a48e8505356f07433
+ expected-sha256: 40db86c7732a310b282f595251995ecafcbd62009a57e47a22683862e570cc7a
uri: https://files.pythonhosted.org/packages/source/b/boto3/boto3-${{package.version}}.tar.gz
subpackages:
From df7ac7e6dec87991a328ac5629bdfc21fef31a7a Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 23:04:01 +0000
Subject: [PATCH 072/110] istio-envoy-1.24/1.24.1 package update (#35172)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
istio-envoy-1.24.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/istio-envoy-1.24.yaml b/istio-envoy-1.24.yaml
index dbb224872ed..1486659bfdc 100644
--- a/istio-envoy-1.24.yaml
+++ b/istio-envoy-1.24.yaml
@@ -1,6 +1,6 @@
package:
name: istio-envoy-1.24
- version: 1.24.0
+ version: 1.24.1
epoch: 0
description: Envoy with additional Istio plugins (wasm, telemetry, etc)
copyright:
@@ -48,7 +48,7 @@ pipeline:
with:
repository: https://github.com/istio/proxy
tag: ${{package.version}}
- expected-commit: 739644f84930a8c0d416319aea97f58c2222f7ef
+ expected-commit: 147cca4e7da4e8b3f8006e9fe3d8b3d6abd89462
- runs: |
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk
From 5a7bc65052bf02d346a486ac0e3de2c003ddc7fd Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 00:14:38 +0000
Subject: [PATCH 073/110] py3-botocore/1.35.69 package update (#35185)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
py3-botocore.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/py3-botocore.yaml b/py3-botocore.yaml
index 3db9622d1bc..a43b4b85838 100644
--- a/py3-botocore.yaml
+++ b/py3-botocore.yaml
@@ -1,6 +1,6 @@
package:
name: py3-botocore
- version: 1.35.68
+ version: 1.35.69
epoch: 0
description: The low-level, core functionality of Boto3
copyright:
@@ -29,7 +29,7 @@ pipeline:
- uses: fetch
with:
uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz
- expected-sha256: 42c3700583a82f2b5316281a073d644a521d6358837e2b446dc458ba5d990fb4
+ expected-sha256: f9f23dd76fb247d9b0e8d411d2995e6f847fc451c026f1e58e300f815b0b36eb
subpackages:
- range: py-versions
From c1c9202c41803314e15af8a2d8563c691445cbcd Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 01:09:05 +0000
Subject: [PATCH 074/110] linkerd2/24.11.7 package update (#35188)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
linkerd2.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/linkerd2.yaml b/linkerd2.yaml
index 65afe09f06f..79df2be83c5 100644
--- a/linkerd2.yaml
+++ b/linkerd2.yaml
@@ -1,6 +1,6 @@
package:
name: linkerd2
- version: 24.11.5
+ version: 24.11.7
epoch: 0
description: "meta linkerd package"
copyright:
@@ -25,7 +25,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3c91fc64ce61208e3be01f908abe178e3786616f
+ expected-commit: afdf2e7d2de44c7ac1dedee64e8b5031f1d5f57b
repository: https://github.com/linkerd/linkerd2/
tag: edge-${{package.version}}
From a3c17a9cf5f3782ae237373cb45b20c9852e87bb Mon Sep 17 00:00:00 2001
From: dann frazier
Date: Mon, 25 Nov 2024 18:19:33 -0700
Subject: [PATCH 075/110] py3-grpcio-tools: python multiversioning (#34780)
---
pipelines/py/pip-build-install.yaml | 5 +-
py3-grpcio-gcp.yaml | 5 +-
py3-grpcio-tools.yaml | 137 ++++++++++++++++++----------
3 files changed, 94 insertions(+), 53 deletions(-)
diff --git a/pipelines/py/pip-build-install.yaml b/pipelines/py/pip-build-install.yaml
index 793b93ecb27..8cfa9d5a513 100644
--- a/pipelines/py/pip-build-install.yaml
+++ b/pipelines/py/pip-build-install.yaml
@@ -7,9 +7,6 @@ inputs:
dest:
description: the destination
default: ${{targets.contextdir}}
- source:
- description: directory containing the python package source
- default: .
needs-exe-named-python3:
description: Does the build actually need 'python3' in its PATH
default: false
@@ -110,7 +107,7 @@ pipeline:
mkdir -p "$distwheelsd"
echo "$py is $pyver with site_packages dir '$sitepkgd'"
vr $py -m pip wheel --verbose "--wheel-dir=$wd" \
- "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps "${{inputs.source}}"
+ "--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps .
vr $py -m pip install --verbose \
"--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps \
--force-reinstall --no-compile --prefix=/usr "--root=$root" "$wd"/*.whl
diff --git a/py3-grpcio-gcp.yaml b/py3-grpcio-gcp.yaml
index 7f1056d9602..6c7a267b134 100644
--- a/py3-grpcio-gcp.yaml
+++ b/py3-grpcio-gcp.yaml
@@ -1,7 +1,7 @@
package:
name: py3-grpcio-gcp
version: 0.2.2
- epoch: 3
+ epoch: 4
description: gRPC extensions for Google Cloud Platform
copyright:
- license: Apache-2.0
@@ -26,6 +26,7 @@ environment:
- py3-grpcio-tools
- py3-supported-build-base
- py3-supported-setuptools
+ - python3
pipeline:
- uses: git-checkout
@@ -57,7 +58,7 @@ subpackages:
- uses: py/pip-build-install
with:
python: python${{range.key}}
- source: ./src
+ working-directory: ./src
- uses: strip
test:
pipeline:
diff --git a/py3-grpcio-tools.yaml b/py3-grpcio-tools.yaml
index 82b221690be..1476186955a 100644
--- a/py3-grpcio-tools.yaml
+++ b/py3-grpcio-tools.yaml
@@ -1,17 +1,24 @@
-# Generated from https://pypi.org/project/grpcio-tools/
package:
name: py3-grpcio-tools
- version: 1.67.1
- epoch: 1
+ version: 1.68.0
+ epoch: 0
description: Protobuf code generator for gRPC
copyright:
- license: Apache-2.0
dependencies:
- runtime:
- - py3-protobuf
- - py3-grpcio
- - py3-setuptools
- - python3
+ provider-priority: 0
+
+vars:
+ pypi-package: grpcio-tools
+ import: grpc_tools.protoc
+
+data:
+ - name: py-versions
+ items:
+ 3.10: '310'
+ 3.11: '311'
+ 3.12: '312'
+ 3.13: '300'
environment:
contents:
@@ -19,65 +26,101 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
- - cython
- git
- openssf-compiler-options
- - py3-setuptools
- - py3-wheel
+ - py3-supported-build-base
+ - py3-supported-cython
+ - py3-supported-python-dev
+ - py3-supported-setuptools
- python3
- - python3-dev
- wolfi-base
+ environment:
+ # https://github.com/wolfi-dev/os/issues/34075
+ GCC_SPEC_FILE: /dev/null
+ GRPC_PYTHON_BUILD_WITH_CYTHON: 1
pipeline:
- uses: git-checkout
with:
repository: https://github.com/grpc/grpc
tag: v${{package.version}}
- expected-commit: d3286610f703a339149c3f9be69f0d7d0abb130a
+ expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e
- runs: |
git submodule update --init
cd tools/distrib/python/grpcio_tools
- python ../make_grpcio_tools.py
- export GRPC_PYTHON_BUILD_WITH_CYTHON=1
- python setup.py install --prefix=/usr --root="${{targets.destdir}}"
+ python3 ../make_grpcio_tools.py
- uses: strip
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ runtime:
+ - py${{range.key}}-grpcio
+ - py${{range.key}}-protobuf
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ working-directory: tools/distrib/python/grpcio_tools
+ - uses: strip
+ test:
+ pipeline:
+ - name: Verify Installation
+ uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
+ - name: Test Protobuf Compilation
+ runs: |
+ # Create a temporary directory for testing
+ mkdir -p /home/build/test-grpcio-tools
+ cd /home/build/test-grpcio-tools
+
+ # Create a sample .proto file for testing
+ echo 'syntax = "proto3"; package test; message TestMessage { string test_field = 1; }' > test.proto
+
+ # Compile the .proto file using grpcio-tools
+ python${{range.key}} -m grpc_tools.protoc -I. --python_out=. --grpc_python_out=. test.proto || exit 1
+ echo "Protobuf file compiled successfully."
+
+ # Check if Python files were generated
+ if [ ! -f test_pb2.py ] || [ ! -f test_pb2_grpc.py ]; then
+ echo "Generated Python files not found!"
+ exit 1
+ fi
+ echo "Generated Python files found."
+ - name: Clean Up
+ runs: |
+ # Clean up the test files after the test
+ rm -rf /home/build/test-grpcio-tools
+
+ - name: py3-supported-${{vars.pypi-package}}
+ description: meta package providing ${{vars.pypi-package}} for supported python versions.
+ dependencies:
+ runtime:
+ - py3.10-${{vars.pypi-package}}
+ - py3.11-${{vars.pypi-package}}
+ - py3.12-${{vars.pypi-package}}
+ - py3.13-${{vars.pypi-package}}
+
+test:
+ pipeline:
+ - name: Verify Installation
+ uses: python/import
+ with:
+ import: ${{vars.import}}
+
update:
enabled: true
github:
identifier: grpc/grpc
strip-prefix: v
use-tag: true
-
-test:
- pipeline:
- - name: Verify Installation
- runs: |
- # Ensure that grpcio-tools is installed
- python3 -c "import grpc_tools.protoc" || exit 1
- echo "grpcio-tools package is installed."
- - name: Test Protobuf Compilation
- runs: |
- # Create a temporary directory for testing
- mkdir -p /home/build/test-grpcio-tools
- cd /home/build/test-grpcio-tools
-
- # Create a sample .proto file for testing
- echo 'syntax = "proto3"; package test; message TestMessage { string test_field = 1; }' > test.proto
-
- # Compile the .proto file using grpcio-tools
- python3 -m grpc_tools.protoc -I. --python_out=. --grpc_python_out=. test.proto || exit 1
- echo "Protobuf file compiled successfully."
-
- # Check if Python files were generated
- if [ ! -f test_pb2.py ] || [ ! -f test_pb2_grpc.py ]; then
- echo "Generated Python files not found!"
- exit 1
- fi
- echo "Generated Python files found."
- - name: Clean Up
- runs: |
- # Clean up the test files after the test
- rm -rf /home/build/test-grpcio-tools
From c44ae4c11d9cf65c102fd0ddb0737fc2328863fe Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 01:35:51 +0000
Subject: [PATCH 076/110] Update images digests (#35040)
Update images digests
```release-note
NONE
```
## Changes
```diff
diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml
index 426862c..d85b841 100644
--- a/.github/actions/docker-run/action.yaml
+++ b/.github/actions/docker-run/action.yaml
@@ -6,7 +6,7 @@ inputs:
required: true
image:
description: "The image to use"
- default: "ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110"
+ default: "ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be"
required: false
workdir:
description: "The images working directory"
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 478e1f4..a5bf5b5 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
contents: read
container:
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
# TODO: Deprivilege
options: |
--cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -175,7 +175,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
steps:
- name: Harden Runner
@@ -303,7 +303,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
steps:
- name: Harden Runner
diff --git a/Makefile b/Makefile
index 65e0107..14618f4 100644
--- a/Makefile
+++ b/Makefile
@@ -167,7 +167,7 @@ dev-container:
-v "${PWD}:${PWD}" \
-w "${PWD}" \
-e SOURCE_DATE_EPOCH=0 \
- ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
PACKAGES_CONTAINER_FOLDER ?= /work/packages
# This target spins up a docker container that is helpful for testing local
@@ -235,6 +235,6 @@ dev-container-wolfi:
--mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \
--mount type=bind,source="$(TMP_REPOS_FILE)",destination="/etc/apk/repositories",readonly \
-w "$(PACKAGES_CONTAINER_FOLDER)" \
- ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
@rm "$(TMP_REPOS_FILE)"
@rmdir "$(TMP_REPOS_DIR)"
```
Co-authored-by: octo-sts[bot] <157150467+octo-sts[bot]@users.noreply.github.com>
---
.github/actions/docker-run/action.yaml | 2 +-
.github/workflows/build.yaml | 6 +++---
Makefile | 4 ++--
3 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml
index 426862c2426..d85b8410265 100644
--- a/.github/actions/docker-run/action.yaml
+++ b/.github/actions/docker-run/action.yaml
@@ -6,7 +6,7 @@ inputs:
required: true
image:
description: "The image to use"
- default: "ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110"
+ default: "ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be"
required: false
workdir:
description: "The images working directory"
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 478e1f4a875..a5bf5b55677 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
contents: read
container:
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
# TODO: Deprivilege
options: |
--cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -175,7 +175,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
steps:
- name: Harden Runner
@@ -303,7 +303,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
steps:
- name: Harden Runner
diff --git a/Makefile b/Makefile
index 65e01078cf9..14618f421fc 100644
--- a/Makefile
+++ b/Makefile
@@ -167,7 +167,7 @@ dev-container:
-v "${PWD}:${PWD}" \
-w "${PWD}" \
-e SOURCE_DATE_EPOCH=0 \
- ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
PACKAGES_CONTAINER_FOLDER ?= /work/packages
# This target spins up a docker container that is helpful for testing local
@@ -235,6 +235,6 @@ dev-container-wolfi:
--mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \
--mount type=bind,source="$(TMP_REPOS_FILE)",destination="/etc/apk/repositories",readonly \
-w "$(PACKAGES_CONTAINER_FOLDER)" \
- ghcr.io/wolfi-dev/sdk:latest@sha256:77da1186e7c2d9796bcaf4fb035e8675cd822d67a1d8a530cc0f1ceb5df80110
+ ghcr.io/wolfi-dev/sdk:latest@sha256:98d8669d2eb9c8d23984fa2f55a272b67a04b4bfd132c714682c4fd716a3d7be
@rm "$(TMP_REPOS_FILE)"
@rmdir "$(TMP_REPOS_DIR)"
From 1d8f33dc99083ad5c5a3c380576a1658c17960ce Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 02:14:48 +0000
Subject: [PATCH 077/110] bun-bootstrap/1.1.37 package update (#35194)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
bun-bootstrap.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/bun-bootstrap.yaml b/bun-bootstrap.yaml
index 99a1a1fb922..5a13d88cde2 100644
--- a/bun-bootstrap.yaml
+++ b/bun-bootstrap.yaml
@@ -1,6 +1,6 @@
package:
name: bun-bootstrap
- version: 1.1.36
+ version: 1.1.37
epoch: 0
description: "Bun requires itself to bootstrap."
copyright:
@@ -23,13 +23,13 @@ pipeline:
uses: fetch
with:
uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-aarch64.zip"
- expected-sha256: "d5bbf74d49288bb69819c5459789dac06a0062d999a626d79d2f45b05b53597a"
+ expected-sha256: "6a2ef497ddcc8fb9b78add876d340c20d7642858e159f93ab5bcb406483ffdd2"
extract: false
- if: ${{build.arch}} == 'x86_64'
uses: fetch
with:
uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-x64.zip"
- expected-sha256: "c5261f4d7e342fe720bc6a5d736b1c94f4df2942c225a87652c6985181b1ec77"
+ expected-sha256: "cc7a53917edc9b65778bacdfca21e9acfbd1f2f69742d616980377a78620e974"
extract: false
- runs: |
From 143db377d94ff67c39b703e1de3b859fdf0b1e72 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 03:03:31 +0000
Subject: [PATCH 078/110] bun/1.1.37 package update (#35193)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
bun.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/bun.yaml b/bun.yaml
index a54a92cd8e4..b87fab771f6 100644
--- a/bun.yaml
+++ b/bun.yaml
@@ -1,6 +1,6 @@
package:
name: bun
- version: 1.1.36
+ version: 1.1.37
epoch: 0
description: "Incredibly fast JavaScript runtime, bundler, test runner, and package manager - all in one"
copyright:
@@ -54,7 +54,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/oven-sh/bun
- expected-commit: ededc168cf07afcdbe5ca34495c58df435ea526d
+ expected-commit: 8ca0eb831d6739c6a94b3f4d484bbfe71ee97226
tag: bun-v${{package.version}}
- runs: |
From d27a457b943461a11c13f77c3e7030188a2e32ac Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 05:03:58 +0000
Subject: [PATCH 079/110] py3-virtualenv/20.28.0 package update (#35202)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
py3-virtualenv.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/py3-virtualenv.yaml b/py3-virtualenv.yaml
index c72fa879483..efc26bfe9c2 100644
--- a/py3-virtualenv.yaml
+++ b/py3-virtualenv.yaml
@@ -1,6 +1,6 @@
package:
name: py3-virtualenv
- version: 20.27.1
+ version: 20.28.0
epoch: 0
description: Virtual Python Environment builder
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/pypa/virtualenv
tag: ${{package.version}}
- expected-commit: cb20fdaeaebcb3a6e91037e1017a313883057fee
+ expected-commit: bfc04e3616d66edc55a31b9627bc5ef35efdf62a
subpackages:
- range: py-versions
From 2e133302ae0ad36362789afb0e5519d7d11701fb Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 06:04:54 +0000
Subject: [PATCH 080/110] ruby3.2-protocol-http/0.45.0 package update (#35206)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.2-protocol-http.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.2-protocol-http.yaml b/ruby3.2-protocol-http.yaml
index a8b31f40bb6..7551014b364 100644
--- a/ruby3.2-protocol-http.yaml
+++ b/ruby3.2-protocol-http.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.2-protocol-http
- version: 0.44.0
+ version: 0.45.0
epoch: 0
description: Provides abstractions to handle HTTP protocols.
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: bdabfd7e25a4949406d8c420f67427005518091c
+ expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc
repository: https://github.com/socketry/protocol-http
tag: v${{package.version}}
From 12eeeca1e1f86152444ad75224e0fe749ad0fea3 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 06:05:09 +0000
Subject: [PATCH 081/110] ollama/0.4.5 package update (#35201)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ollama.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ollama.yaml b/ollama.yaml
index 23bcdd68d94..8f8b4702ccb 100644
--- a/ollama.yaml
+++ b/ollama.yaml
@@ -1,6 +1,6 @@
package:
name: ollama
- version: 0.4.4
+ version: 0.4.5
epoch: 0
description: Get up and running with Llama 2 and other large language models locally
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/ollama/ollama
tag: v${{package.version}}
- expected-commit: 3478b2cf14c3fa2661c03f7fd5764a63a496293a
+ expected-commit: 2b7ed61ca22743598db2b407a94b8865042f1078
- runs: |
go generate ./...
From 5bdbb87e87bc4c920d86e9e34e0deaabf12b4a7e Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 06:05:33 +0000
Subject: [PATCH 082/110] ruby3.3-protocol-http/0.45.0 package update (#35204)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ruby3.3-protocol-http.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ruby3.3-protocol-http.yaml b/ruby3.3-protocol-http.yaml
index bb5bcd044ba..27577847216 100644
--- a/ruby3.3-protocol-http.yaml
+++ b/ruby3.3-protocol-http.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-protocol-http
- version: 0.44.0
+ version: 0.45.0
epoch: 0
description: Provides abstractions to handle HTTP protocols.
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: bdabfd7e25a4949406d8c420f67427005518091c
+ expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc
repository: https://github.com/socketry/protocol-http
tag: v${{package.version}}
From 6c6cc2a0a90a729c369ba9aca516beb50eba86e0 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 08:04:47 +0000
Subject: [PATCH 083/110] tealdeer/1.7.1-r0: cve remediation (#35207)
tealdeer/1.7.1-r0: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/tealdeer.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
tealdeer.yaml | 4 +++-
tealdeer/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 tealdeer/cargobump-deps.yaml
diff --git a/tealdeer.yaml b/tealdeer.yaml
index 76e440da81f..d474104d4b4 100644
--- a/tealdeer.yaml
+++ b/tealdeer.yaml
@@ -1,7 +1,7 @@
package:
name: tealdeer
version: 1.7.1
- epoch: 0
+ epoch: 1
description: A very fast implementation of tldr in Rust.
copyright:
- license: Apache-2.0
@@ -17,6 +17,8 @@ pipeline:
tag: v${{package.version}}
expected-commit: 1d9153e37e131ca56071213ba40ec01b16158ebf
+ - uses: rust/cargobump
+
- name: Configure and Build
uses: cargo/build
with:
diff --git a/tealdeer/cargobump-deps.yaml b/tealdeer/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/tealdeer/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From f1cc6c977be71288b3dea3aef6e98deaae4ab19e Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 09:35:02 +0000
Subject: [PATCH 084/110] kubescape/3.0.21 package update (#34631)
---------
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Signed-off-by: Batuhan Apaydin
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: Batuhan Apaydin
---
kubescape.yaml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/kubescape.yaml b/kubescape.yaml
index a6c948ba100..8aac924d7c8 100644
--- a/kubescape.yaml
+++ b/kubescape.yaml
@@ -1,6 +1,6 @@
package:
name: kubescape
- version: 3.0.20
+ version: 3.0.21
epoch: 0
description: Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
copyright:
@@ -20,14 +20,14 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 5b9c6491de8ab7b89c15d6b1b780987e2206a4c4
+ expected-commit: a9ac880356ec677e17472f08592d87b75229c681
recurse-submodules: "true"
repository: https://github.com/kubescape/kubescape
tag: v${{package.version}}
- uses: go/bump
with:
- deps: github.com/anchore/archiver/v3@v3.5.2
+ deps: github.com/mholt/archiver/v3@v3.5.2
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
- runs: |
From 613d034fc2fd894f904fd804dfe79b32815e5767 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:04:14 +0000
Subject: [PATCH 085/110] vite/6.0.0 package update (#35222)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
vite.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/vite.yaml b/vite.yaml
index bdba4464ac8..e4ed775f893 100644
--- a/vite.yaml
+++ b/vite.yaml
@@ -1,6 +1,6 @@
package:
name: vite
- version: 5.4.11
+ version: 6.0.0
epoch: 0
description: Vite (French word for "quick", pronounced /vit/, like "veet") is a build tool that aims to provide a faster and leaner development experience for modern web projects.
copyright:
From 16c6aa7cac0f9a447ac047ecbdc9a6573eb09d12 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:04:29 +0000
Subject: [PATCH 086/110] ntpd-rs/1.3.0-r1: cve remediation (#35219)
ntpd-rs/1.3.0-r1: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/ntpd-rs.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
ntpd-rs.yaml | 4 +++-
ntpd-rs/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 ntpd-rs/cargobump-deps.yaml
diff --git a/ntpd-rs.yaml b/ntpd-rs.yaml
index 9b2918de669..2e39862b960 100644
--- a/ntpd-rs.yaml
+++ b/ntpd-rs.yaml
@@ -1,7 +1,7 @@
package:
name: ntpd-rs
version: 1.3.0
- epoch: 1
+ epoch: 2
description: "An NTP implementation in Rust."
copyright:
- license: MIT
@@ -24,6 +24,8 @@ pipeline:
tag: v${{package.version}}
expected-commit: e8869f4378971ca470131e54fea6e72655a774c3
+ - uses: rust/cargobump
+
- name: Configure and build
runs: |
cargo auditable build --release -vv
diff --git a/ntpd-rs/cargobump-deps.yaml b/ntpd-rs/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/ntpd-rs/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From 8b2a8d59b35d8e453e5009d915e5da098e86c92e Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:04:46 +0000
Subject: [PATCH 087/110] uv/0.5.4-r0: cve remediation (#35215)
uv/0.5.4-r0: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/uv.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
uv.yaml | 4 +++-
uv/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 uv/cargobump-deps.yaml
diff --git a/uv.yaml b/uv.yaml
index 81e1738d8e2..cf38f010ddb 100644
--- a/uv.yaml
+++ b/uv.yaml
@@ -1,7 +1,7 @@
package:
name: uv
version: 0.5.4
- epoch: 0
+ epoch: 1
description: An extremely fast Python package installer and resolver, written in Rust.
copyright:
- license: MIT
@@ -26,6 +26,8 @@ pipeline:
tag: ${{package.version}}
expected-commit: c62c83c37ada63eae4efb77551e2ec7a0f0113d8
+ - uses: rust/cargobump
+
- runs: |
cargo auditable build --locked --release
install -Dm755 target/release/uv "${{targets.destdir}}"/usr/bin/uv
diff --git a/uv/cargobump-deps.yaml b/uv/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/uv/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From fa2c3ef375b91905e570212917e862d24365dbde Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:05:04 +0000
Subject: [PATCH 088/110] ztunnel-1.24/1.24.1-r0: cve remediation (#35214)
ztunnel-1.24/1.24.1-r0: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/ztunnel-1.24.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
ztunnel-1.24.yaml | 4 +++-
ztunnel-1.24/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 ztunnel-1.24/cargobump-deps.yaml
diff --git a/ztunnel-1.24.yaml b/ztunnel-1.24.yaml
index 65c8e352126..8498a320eb9 100644
--- a/ztunnel-1.24.yaml
+++ b/ztunnel-1.24.yaml
@@ -1,7 +1,7 @@
package:
name: ztunnel-1.24
version: 1.24.1
- epoch: 0
+ epoch: 1
description: The `ztunnel` component of istio ambient mesh.
copyright:
- license: Apache-2.0
@@ -36,6 +36,8 @@ pipeline:
tag: ${{package.version}}
expected-commit: 4c7cdf1b62ddcc786402499c03eff0d5172c95ef
+ - uses: rust/cargobump
+
- runs: |
export ZTUNNEL_BUILD_buildStatus=clean
export ZTUNNEL_BUILD_buildGitRevision=$(git rev-parse HEAD)
diff --git a/ztunnel-1.24/cargobump-deps.yaml b/ztunnel-1.24/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/ztunnel-1.24/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From 4359afa48ea1b5aff189c09ca430772f2317c135 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:05:20 +0000
Subject: [PATCH 089/110] xh/0.23.0-r1: cve remediation (#35217)
xh/0.23.0-r1: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/xh.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
xh.yaml | 4 +++-
xh/cargobump-deps.yaml | 2 +-
2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/xh.yaml b/xh.yaml
index e942f09c517..182da8a20a4 100644
--- a/xh.yaml
+++ b/xh.yaml
@@ -1,7 +1,7 @@
package:
name: xh
version: 0.23.0
- epoch: 1
+ epoch: 2
description: Friendly and fast tool for sending HTTP requests.
copyright:
- license: MIT
@@ -23,6 +23,8 @@ pipeline:
tag: v${{package.version}}
expected-commit: 0fb0a13ecb64a3a1af35cfaf13a6970f78c38dfb
+ - uses: rust/cargobump
+
- runs: |
cargo auditable build --locked --release
install -Dm755 target/release/xh "${{targets.destdir}}"/usr/bin/xh
diff --git a/xh/cargobump-deps.yaml b/xh/cargobump-deps.yaml
index 345caf806ab..4d353f7d988 100644
--- a/xh/cargobump-deps.yaml
+++ b/xh/cargobump-deps.yaml
@@ -1,3 +1,3 @@
packages:
- name: rustls
- version: 0.22.4
+ version: 0.23.18
From f6b1d6a9788c47e2d0dd370ca4c056ca1825963c Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:05:35 +0000
Subject: [PATCH 090/110] wadm/0.18.0-r1: cve remediation (#35213)
wadm/0.18.0-r1: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/wadm.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
wadm.yaml | 4 +++-
wadm/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 wadm/cargobump-deps.yaml
diff --git a/wadm.yaml b/wadm.yaml
index a166ba3cc16..ff62dc8fa90 100644
--- a/wadm.yaml
+++ b/wadm.yaml
@@ -1,7 +1,7 @@
package:
name: wadm
version: 0.18.0
- epoch: 1
+ epoch: 2
description: "Wasm-native orchestrator for managing and scaling declarative wasmCloud applications"
copyright:
- license: Apache-2.0
@@ -23,6 +23,8 @@ pipeline:
tag: v${{package.version}}
expected-commit: 6f29e729325ee1fa1735df2ae545ae606413c379
+ - uses: rust/cargobump
+
- name: Configure and build
runs: |
cargo auditable build --release --bin wadm
diff --git a/wadm/cargobump-deps.yaml b/wadm/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/wadm/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From 15737aa2c07fa83686186daaa382b38550c6ef71 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:05:52 +0000
Subject: [PATCH 091/110] mailpit/1.21.5 package update (#35220)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
mailpit.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/mailpit.yaml b/mailpit.yaml
index 09bc4506752..3010baafd7d 100644
--- a/mailpit.yaml
+++ b/mailpit.yaml
@@ -1,6 +1,6 @@
package:
name: mailpit
- version: 1.21.4
+ version: 1.21.5
epoch: 0
description: An email and SMTP testing tool with API for developers
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/axllent/mailpit
tag: v${{package.version}}
- expected-commit: 6d115ceb86746c74cff2cd778bec8c0a7d44663f
+ expected-commit: 0277f4e9442aff4be26ebfcf99e8995187be27d0
- runs: |
npm install
From 7c9c881255a1074624defd2f69208bfb8d6aa324 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 10:06:18 +0000
Subject: [PATCH 092/110] wasm-pack/0.13.1-r0: cve remediation (#35216)
wasm-pack/0.13.1-r0: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/wasm-pack.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
wasm-pack.yaml | 4 +++-
wasm-pack/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 wasm-pack/cargobump-deps.yaml
diff --git a/wasm-pack.yaml b/wasm-pack.yaml
index e4a3dbb8ac0..268827efa30 100644
--- a/wasm-pack.yaml
+++ b/wasm-pack.yaml
@@ -1,7 +1,7 @@
package:
name: wasm-pack
version: 0.13.1
- epoch: 0
+ epoch: 1
description: rust to wasm build tool
copyright:
- license: Apache-2.0
@@ -30,6 +30,8 @@ pipeline:
expected-commit: 24bdca457abad34e444912e6165eb71422a51046
tag: v${{package.version}}
+ - uses: rust/cargobump
+
- runs: |
# prepare
rm -rf Cargo.lock
diff --git a/wasm-pack/cargobump-deps.yaml b/wasm-pack/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/wasm-pack/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From 65cbe14235d18fcf58bebe2326a828f86212bbdf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Furkan=20T=C3=BCrkal?=
Date: Tue, 26 Nov 2024 13:48:28 +0300
Subject: [PATCH 093/110] repmgr and bitnami-compat (#35107)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
*
https://github.com/bitnami/containers/tree/main/bitnami/postgresql-repmgr
Fixes:
Related:
### Pre-review Checklist
#### For new package PRs only
- [ ] This PR is marked as fixing a pre-existing package request bug
- [ ] Alternatively, the PR is marked as related to a pre-existing
package request bug, such as a dependency
- [X] REQUIRED - The package is available under an OSI-approved or
FSF-approved license
- [X] REQUIRED - The version of the package is still receiving security
updates
- [ ] This PR links to the upstream project's support policy (e.g.
`endoflife.date`)
#### For new version streams
- [ ] The upstream project actually supports multiple concurrent
versions.
- [ ] Any subpackages include the version string in their package name
(e.g. `name: ${{package.name}}-compat`)
- [ ] The package (and subpackages) `provides:` logical unversioned
forms of the package (e.g. `nodejs`, `nodejs-lts`)
- [ ] If non-streamed package names no longer built, open PR to withdraw
them (see [WITHDRAWING
PACKAGES](https://github.com/wolfi-dev/os/blob/main/WITHDRAWING_PACKAGES.md))
#### For package updates (renames) in the base images
When updating packages part of base images (i.e.
cgr.dev/chainguard/wolfi-base or ghcr.io/wolfi-dev/sdk)
- [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk
images successfully build
- [ ] REQUIRED cgr.dev/chainguard/wolfi-base and ghcr.io/wolfi-dev/sdk
contain no obsolete (no longer built) packages
- [ ] Upon launch, does `apk upgrade --latest` successfully upgrades
packages or performs no actions
#### For security-related PRs
- [ ] The security fix is recorded in the
[advisories](https://github.com/wolfi-dev/advisories) repo
#### For version bump PRs
- [ ] The `epoch` field is reset to 0
#### For PRs that add patches
- [ ] Patch source is documented
---------
Signed-off-by: Dentrax
---
repmgr.yaml | 288 ++++++++++++++++++++++++++++++++++++++++++++++++++++
1 file changed, 288 insertions(+)
create mode 100644 repmgr.yaml
diff --git a/repmgr.yaml b/repmgr.yaml
new file mode 100644
index 00000000000..b042aa6e5ee
--- /dev/null
+++ b/repmgr.yaml
@@ -0,0 +1,288 @@
+package:
+ name: repmgr
+ version: 5.5.0
+ epoch: 0
+ description: "A lightweight replication manager for PostgreSQL"
+ copyright:
+ - license: GPL-3.0-only
+
+environment:
+ contents:
+ packages:
+ - autoconf
+ - automake
+ - build-base
+ - ca-certificates-bundle
+ - curl-dev
+ - docbook-xml
+ - flex
+ - git
+ - json-c-dev
+ - krb5-dev
+ - libedit-dev
+ - libpq-16
+ - libssl3
+ - libxml2-dev
+ - libxslt-dev
+ - linux-pam-dev
+ - openssf-compiler-options
+ - openssl-dev
+ - postgresql-16-dev
+ - readline-dev
+ - wolfi-base
+
+vars:
+ # This needs to be 16 since bitnami does not support 17 yet:
+ # https://github.com/bitnami/containers/tree/main/bitnami/postgresql-repmgr
+ # When newer versions are supported, this should be updated to the latest version
+ # along with the postgresql-dev and libpq dependencies above.
+ PG_VERSION: 16
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/EnterpriseDB/repmgr
+ tag: v${{package.version}}
+ expected-commit: c0d9dc6dac34c4cb60c3d8805842eed18cca4e85
+
+ - uses: autoconf/configure
+
+ - uses: autoconf/make
+
+ - uses: autoconf/make-install
+
+ - name: Symlink repmgr binaries
+ runs: |
+ mkdir -p "${{targets.destdir}}/usr/bin"
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgr ${{targets.destdir}}/usr/bin/repmgr
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgrd ${{targets.destdir}}/usr/bin/repmgrd
+
+subpackages:
+ - name: "${{package.name}}-dev"
+ description: "${{package.name}} development headers"
+ pipeline:
+ - uses: split/dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
+
+ - name: ${{package.name}}-bitnami-compat
+ description: "compat package with bitnami/repmgr image"
+ dependencies:
+ runtime:
+ - curl
+ - coreutils
+ - bash
+ - brotli
+ - libcom_err
+ - libcurl-openssl4
+ - libedit
+ - libffi
+ - libgcc
+ - gnutls
+ - nettle
+ - net-tools
+ - icu-libs
+ - libidn
+ - krb5
+ - keyutils-libs
+ - libldap
+ - liblz4-1
+ - xz
+ - libmd
+ - libnghttp2-14
+ - p11-kit-trust
+ - pcre2
+ - libpsl
+ - readline
+ - librtmp
+ - sqlite-libs
+ - sed
+ - grep
+ - libssh
+ - libssl3
+ - libstdc++-6
+ - libtasn1
+ - ncurses
+ - libunistring
+ - libuuid
+ - libxml2
+ - libxslt
+ - libzstd1
+ - glibc-locales
+ - procps
+ - zlib
+ - samba-libs
+ - krb5-libs
+ - cyrus-sasl
+ - gmp
+ - postgresql-16
+ - postgresql-16-client
+ pipeline:
+ - uses: bitnami/compat
+ with:
+ image: postgresql-repmgr
+ version-path: ${{vars.PG_VERSION}}/debian-12
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/bin
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/conf
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/repmgr/tmp
+ mv ${{targets.contextdir}}/events ${{targets.contextdir}}/opt/bitnami/repmgr/events
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgr ${{targets.contextdir}}/opt/bitnami/repmgr/bin/repmgr
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/repmgrd ${{targets.contextdir}}/opt/bitnami/repmgr/bin/repmgrd
+ chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/opt/bitnami/
+ find / -perm /6000 -type f -exec chmod a-s {} \; || true
+ - name: PostgreSQL 16 Bitnami compat
+ runs: |
+ # Copy-paste from postgresql-17-bitnami-compat package with some modifications included.
+ # Having the postgresql-16-bitnami-compat package would be ideal, but it was retulting
+ # conflicts with the bitnami dirs that owned by this package.
+ mkdir -p ${{targets.contextdir}}/bitnami/postgresql
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/conf
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/conf.default
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/bin
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/share
+ mkdir -p ${{targets.contextdir}}/opt/bitnami/postgresql/tmp
+
+ chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/bitnami/postgresql
+ chmod -R u+rwX,g+rwX,o+rw ${{targets.contextdir}}/opt/bitnami/postgresql
+
+ # Copy sample configs used to generate Bitnami config
+ cp /usr/share/postgresql${{vars.PG_VERSION}}/pg_hba.conf.sample ${{targets.contextdir}}/opt/bitnami/postgresql/share/pg_hba.conf.sample
+ cp /usr/share/postgresql${{vars.PG_VERSION}}/postgresql.conf.sample ${{targets.contextdir}}/opt/bitnami/postgresql/share/postgresql.conf.sample
+
+ # Use package path while unpacking
+ find . -iname "*.sh" -exec sed 's#/opt/bitnami#${{targets.contextdir}}/opt/bitnami#g' -i {} \;
+ ${{targets.contextdir}}/opt/bitnami/scripts/postgresql/postunpack.sh || true
+ # Restore path
+ find ${{targets.contextdir}}/opt/bitnami -type f -exec sed 's#${{targets.contextdir}}##g' -i {} \;
+
+ # Link binaries used by Bitnami config
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/initdb ${{targets.contextdir}}/opt/bitnami/postgresql/bin/initdb
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_ctl ${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_ctl
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_rewind ${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_rewind
+ ln -sf /usr/libexec/postgresql${{vars.PG_VERSION}}/pg_isready /${{targets.contextdir}}/opt/bitnami/postgresql/bin/pg_isready
+ test:
+ environment:
+ environment:
+ PATH: "/opt/bitnami/postgresql/bin:/opt/bitnami/repmgr/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
+ BITNAMI_APP_NAME: "postgresql-repmgr"
+ NSS_WRAPPER_LIB: "/opt/bitnami/common/lib/libnss_wrapper.so"
+ accounts:
+ groups:
+ - groupname: postgres
+ gid: 1001
+ users:
+ - username: postgres
+ gid: 1001
+ uid: 1001
+ run-as: 1001
+ pipeline:
+ - working-directory: /tmp # Workaround for "can't cd to /home/build: Permission denied" error
+ pipeline:
+ - name: "Launch the postgresql-repmgr"
+ uses: test/daemon-check-output
+ with:
+ start: |
+ env REPMGR_PASSWORD=repmgrpass \
+ REPMGR_NODE_NETWORK_NAME=pg-0 \
+ REPMGR_NODE_NAME=pg-0 \
+ REPMGR_PARTNER_NODES=pg-0 \
+ REPMGR_PRIMARY_HOST=pg-0 \
+ POSTGRESQL_PASSWORD=secretpass \
+ /opt/bitnami/scripts/postgresql-repmgr/entrypoint.sh /opt/bitnami/scripts/postgresql-repmgr/run.sh
+ timeout: 60
+ expected_output: |
+ Initializing Repmgr
+ Starting PostgreSQL in background
+
+update:
+ enabled: true
+ ignore-regex-patterns:
+ - rc*
+ github:
+ identifier: EnterpriseDB/repmgr
+ use-tag: true
+ strip-prefix: v
+ tag-filter: v
+
+test:
+ environment:
+ contents:
+ packages:
+ - postgresql-16
+ - repmgr
+ - shadow
+ - sudo-rs
+ - glibc-locales
+ - postgresql-16-client
+ environment:
+ PGDATA: /tmp/test_db
+ PGUSER: repmgruser
+ PGPASS: repmgrpassword
+ PGDB: repmgr_test
+ pipeline:
+ - name: Create a non-root PostgreSQL user
+ runs: |
+ useradd repmgruser
+ echo "${PGUSER}:${PGPASS}" | chpasswd
+ - name: Initialize PostgreSQL as non-root user
+ runs: |
+ sudo -u ${PGUSER} initdb -D ${PGDATA}
+ sudo -u ${PGUSER} pg_ctl -D ${PGDATA} -l /tmp/logfile start
+ sudo -u ${PGUSER} createdb ${PGDB}
+ sudo -u ${PGUSER} psql -d ${PGDB} -c "GRANT ALL PRIVILEGES ON SCHEMA public TO ${PGUSER};"
+ - name: Configure primary for replication
+ runs: |
+ echo "host replication ${PGUSER} 127.0.0.1/32 md5" | sudo tee -a ${PGDATA}/pg_hba.conf
+ echo "host replication ${PGUSER} ::1/128 md5" | sudo tee -a ${PGDATA}/pg_hba.conf
+ echo "wal_level = replica" | sudo tee -a ${PGDATA}/postgresql.conf
+ echo "archive_mode = on" | sudo tee -a ${PGDATA}/postgresql.conf
+ echo "max_wal_senders = 5" | sudo tee -a ${PGDATA}/postgresql.conf
+ echo "hot_standby = on" | sudo tee -a ${PGDATA}/postgresql.conf
+ sudo -u ${PGUSER} pg_ctl -D ${PGDATA} restart
+ - name: Create repmgr configuration for primary
+ runs: |
+ cat </dev/null 2>&1; do
+ echo "Waiting for standby to be ready..."
+ sleep 2
+ done
+ - name: Create repmgr configuration for standby
+ runs: |
+ cat <
Date: Tue, 26 Nov 2024 11:03:28 +0000
Subject: [PATCH 094/110] cargo-audit/0.21.0-r1: cve remediation (#35225)
cargo-audit/0.21.0-r1: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/cargo-audit.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
cargo-audit.yaml | 4 +++-
cargo-audit/cargobump-deps.yaml | 3 +++
2 files changed, 6 insertions(+), 1 deletion(-)
create mode 100644 cargo-audit/cargobump-deps.yaml
diff --git a/cargo-audit.yaml b/cargo-audit.yaml
index 35e43c47c47..5a9e3b34a3d 100644
--- a/cargo-audit.yaml
+++ b/cargo-audit.yaml
@@ -1,7 +1,7 @@
package:
name: cargo-audit
version: 0.21.0
- epoch: 1
+ epoch: 2
description: Audit your dependencies for crates with security vulnerabilities reported to the RustSec Advisory Database.
copyright:
- license: MIT OR Apache-2.0
@@ -22,6 +22,8 @@ pipeline:
tag: cargo-audit/v${{package.version}}
expected-commit: 78f9859ef6a78bc4a7c7219dac1d0b250446c84c
+ - uses: rust/cargobump
+
- runs: |
cd cargo-audit
cargo update --precise 0.3.36 --package time
diff --git a/cargo-audit/cargobump-deps.yaml b/cargo-audit/cargobump-deps.yaml
new file mode 100644
index 00000000000..4d353f7d988
--- /dev/null
+++ b/cargo-audit/cargobump-deps.yaml
@@ -0,0 +1,3 @@
+packages:
+ - name: rustls
+ version: 0.23.18
From 5b7a769d7df79f8f40b9f3f7e38589b6b4de04f5 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 11:03:42 +0000
Subject: [PATCH 095/110] pixi/0.37.0-r0: cve remediation (#35224)
pixi/0.37.0-r0: fix GHSA-qg5g-gv98-5ffh
Advisory data:
https://github.com/wolfi-dev/advisories/blob/main/pixi.advisories.yaml
Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
pixi.yaml | 2 +-
pixi/cargobump-deps.yaml | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/pixi.yaml b/pixi.yaml
index 79e930f6b73..4a00e605c8b 100644
--- a/pixi.yaml
+++ b/pixi.yaml
@@ -1,7 +1,7 @@
package:
name: pixi
version: 0.37.0
- epoch: 0
+ epoch: 1
description: "Package management made easy"
copyright:
- license: BSD-3-Clause
diff --git a/pixi/cargobump-deps.yaml b/pixi/cargobump-deps.yaml
index c477f6ccadc..c9ad5378116 100644
--- a/pixi/cargobump-deps.yaml
+++ b/pixi/cargobump-deps.yaml
@@ -3,3 +3,5 @@ packages:
version: 1.0.0
- name: quinn-proto
version: 0.11.7
+ - name: rustls
+ version: 0.23.18
From 5e221b6e488c3c2d3578e960565f424d94a4a02e Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Tue, 26 Nov 2024 03:58:58 -0800
Subject: [PATCH 096/110] Add the pkgconf test pipeline to freerdp (#35169)
More testing \o/
---
freerdp.yaml | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/freerdp.yaml b/freerdp.yaml
index cc6fa027897..e922e4d4568 100644
--- a/freerdp.yaml
+++ b/freerdp.yaml
@@ -1,7 +1,7 @@
package:
name: freerdp
version: 2.11.7
- epoch: 3
+ epoch: 4
description: FreeRDP client
copyright:
- license: Apache-2.0
@@ -96,6 +96,9 @@ subpackages:
runtime:
- freerdp
description: freerdp dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: freerdp-libs
pipeline:
From f69a7eaf88077728502d2c6aff0ce719c977ee99 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Tue, 26 Nov 2024 03:59:07 -0800
Subject: [PATCH 097/110] Add the pkgconf test pipeline to pulseaudio (#35182)
More testing \o/
---
pulseaudio.yaml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/pulseaudio.yaml b/pulseaudio.yaml
index 759d0734510..cb3158e3fc8 100644
--- a/pulseaudio.yaml
+++ b/pulseaudio.yaml
@@ -187,6 +187,9 @@ subpackages:
pipeline:
- uses: split/dev
description: pulseaudio dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: pulseaudio-lang
pipeline:
From d6957fffd0700e81128f03b6578dbab1086d91e6 Mon Sep 17 00:00:00 2001
From: Brian Murray
Date: Tue, 26 Nov 2024 03:59:15 -0800
Subject: [PATCH 098/110] Add the pkgconf test pipeline to zfs (#35183)
More testing \o/
---
zfs.yaml | 3 +++
1 file changed, 3 insertions(+)
diff --git a/zfs.yaml b/zfs.yaml
index a46f04e61ef..03f9df216e2 100644
--- a/zfs.yaml
+++ b/zfs.yaml
@@ -63,6 +63,9 @@ subpackages:
pipeline:
- uses: split/dev
description: zfs dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: zfs-doc
pipeline:
From 70f5997b5a1d2570059d6cfcba9091e732bdde6b Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 12:06:16 +0000
Subject: [PATCH 099/110] weaviate/1.27.6 package update (#35229)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
weaviate.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/weaviate.yaml b/weaviate.yaml
index 79642b7a715..0bb84840218 100644
--- a/weaviate.yaml
+++ b/weaviate.yaml
@@ -1,6 +1,6 @@
package:
name: weaviate
- version: 1.27.5
+ version: 1.27.6
epoch: 0
description: Weaviate is an open source vector database that stores both objects and vectors, allowing for combining vector search with structured filtering with the fault-tolerance and scalability of a cloud-native database, all accessible through GraphQL, REST, and various language clients.
copyright:
@@ -17,7 +17,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cfdbdd0552d19345ebaaad13897c14380d60b1f9
+ expected-commit: 4bec043d083a27be2f85c429f999e45648ab0c1e
repository: https://github.com/weaviate/weaviate
tag: v${{package.version}}
From 5b6b6b9de8fb9b487563c62d4230da02168a9a7b Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 12:06:30 +0000
Subject: [PATCH 100/110] pulumi-language-java/0.18.0 package update (#35227)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
pulumi-language-java.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/pulumi-language-java.yaml b/pulumi-language-java.yaml
index 4350f16c4d7..180d531eb2a 100644
--- a/pulumi-language-java.yaml
+++ b/pulumi-language-java.yaml
@@ -1,6 +1,6 @@
package:
name: pulumi-language-java
- version: 0.17.0
+ version: 0.18.0
epoch: 0
description: Pulumi Language SDK for Java
copyright:
@@ -17,7 +17,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 2a665a885bc967f1488e84a89ebdcf001ceb8e3f
+ expected-commit: b4614eb546eb461a2c2d11754c959d137d387f43
repository: https://github.com/pulumi/pulumi-java.git
tag: v${{package.version}}
From abc860863d624a44e7b9e549062d0866ffdd8d2c Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 12:06:58 +0000
Subject: [PATCH 101/110] tkn/0.39.0 package update (#35228)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
tkn.yaml | 10 +++-------
1 file changed, 3 insertions(+), 7 deletions(-)
diff --git a/tkn.yaml b/tkn.yaml
index 90a56ef1c13..c4d0e82ded5 100644
--- a/tkn.yaml
+++ b/tkn.yaml
@@ -1,7 +1,7 @@
package:
name: tkn
- version: 0.38.1
- epoch: 2
+ version: 0.39.0
+ epoch: 0
description: A CLI for interacting with Tekton!
copyright:
- license: Apache-2.0
@@ -20,11 +20,7 @@ pipeline:
with:
repository: https://github.com/tektoncd/cli
tag: v${{package.version}}
- expected-commit: 1da09c088bf9f3f82eeee7508bbddf0e7c28fa4b
-
- - uses: go/bump
- with:
- deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ expected-commit: cb2f6797bf2c48dc60d5b4e23f015e35f5f42d78
- runs: |
make bin/tkn
From f43b9456aa606ea508282a4f3fcc2557ad1869f0 Mon Sep 17 00:00:00 2001
From: kranurag7 <81210977+kranurag7@users.noreply.github.com>
Date: Tue, 26 Nov 2024 18:20:27 +0530
Subject: [PATCH 102/110] withdraw ansible operator package (#35233)
no longer required here, moved.
---------
Signed-off-by: kranurag7 <81210977+kranurag7@users.noreply.github.com>
---
withdrawn-packages.txt | 3 +++
1 file changed, 3 insertions(+)
diff --git a/withdrawn-packages.txt b/withdrawn-packages.txt
index c7cd6e134c5..e611310ec71 100644
--- a/withdrawn-packages.txt
+++ b/withdrawn-packages.txt
@@ -7,3 +7,6 @@ rrdtool-cgi-1.8.0-r0.apk
rrdtool-dev-1.8.0-r0.apk
rrdtool-doc-1.8.0-r0.apk
rrdtool-utils-1.8.0-r0.apk
+ansible-operator-compat-1.36.1-r0.apk
+ansible-operator-1.36.1-r0.apk
+awx-operator-2.19.1-r0.apk
From 960d03d52921ad59867b9d4a2640f3d5b27ff92f Mon Sep 17 00:00:00 2001
From: kranurag7 <81210977+kranurag7@users.noreply.github.com>
Date: Tue, 26 Nov 2024 19:00:58 +0530
Subject: [PATCH 103/110] add prometheus-podman-exporter package (#34999)
adds prometheus-podman-exporter package
---------
Signed-off-by: kranurag7 <81210977+kranurag7@users.noreply.github.com>
---
prometheus-podman-exporter.yaml | 55 +++++++++++++++++++++++++++++++++
1 file changed, 55 insertions(+)
create mode 100644 prometheus-podman-exporter.yaml
diff --git a/prometheus-podman-exporter.yaml b/prometheus-podman-exporter.yaml
new file mode 100644
index 00000000000..aa36ff726e9
--- /dev/null
+++ b/prometheus-podman-exporter.yaml
@@ -0,0 +1,55 @@
+package:
+ name: prometheus-podman-exporter
+ version: 1.13.3
+ epoch: 0
+ description: Prometheus exporter for podman environments exposing containers, pods, images, volumes and networks information.
+ copyright:
+ - license: Apache-2.0
+
+environment:
+ contents:
+ packages:
+ - btrfs-progs-dev
+ - gpgme-dev
+ environment:
+ CGO_ENABLED: "0"
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/containers/prometheus-podman-exporter
+ tag: v${{package.version}}
+ expected-commit: fb5d46579cced8ea862611305e66f37fe5695326
+
+ - uses: go/bump
+ with:
+ deps: github.com/opencontainers/runc@v1.1.14
+
+ - uses: go/build
+ with:
+ packages: .
+ ldflags: |
+ -X github.com/containers/prometheus-podman-exporter.cmd.buildVersion=${{package.version}}
+ -X github.com/containers/prometheus-podman-exporter.cmd.buildRevision=$(cat VERSION | grep REVISION | cut -d'=' -f2)
+ -X github.com/containers/prometheus-podman-exporter.cmd.buildBranch=$(git rev-parse --abbrev-ref HEAD 2>/dev/null)
+ tags: remote,containers_image_openpgp
+ output: podman_exporter
+
+subpackages:
+ - name: ${{package.name}}-compat
+ description: "upstream image have executable placed at /bin"
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/bin/
+ ln -sf /usr/bin/podman_exporter ${{targets.contextdir}}/bin/podman_exporter
+
+update:
+ enabled: true
+ github:
+ identifier: containers/prometheus-podman-exporter
+ strip-prefix: v
+
+test:
+ pipeline:
+ - runs: |
+ podman_exporter --help
From 8821a6ada4b08367773df3e902dff1e0a84a08a0 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:03:33 +0000
Subject: [PATCH 104/110] rancher-kontainer-driver-metadata-2.9/0_git20241126
package update (#35250)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rancher-kontainer-driver-metadata-2.9.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rancher-kontainer-driver-metadata-2.9.yaml b/rancher-kontainer-driver-metadata-2.9.yaml
index 0031638725f..256b5d4f530 100644
--- a/rancher-kontainer-driver-metadata-2.9.yaml
+++ b/rancher-kontainer-driver-metadata-2.9.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: rancher-kontainer-driver-metadata-2.9
- version: 0_git20241124
+ version: 0_git20241126
epoch: 0
description: Complete container management platform - kontainer driver metadata
copyright:
From d77f974e016916a36676238c5a6a299d59431589 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:03:47 +0000
Subject: [PATCH 105/110] rancher-system-charts-2.9/0_git20241126 package
update (#35242)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rancher-system-charts-2.9.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rancher-system-charts-2.9.yaml b/rancher-system-charts-2.9.yaml
index 757b0d62e63..f5f52546684 100644
--- a/rancher-system-charts-2.9.yaml
+++ b/rancher-system-charts-2.9.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: rancher-system-charts-2.9
- version: 0_git20241124
+ version: 0_git20241126
epoch: 0
description: Complete container management platform - system charts
copyright:
From 1acb9d219689693d1359b0987ba493b91bc59c62 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:04:00 +0000
Subject: [PATCH 106/110] aws-eks-pod-identity-agent/0_git20241126 package
update (#35240)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
aws-eks-pod-identity-agent.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/aws-eks-pod-identity-agent.yaml b/aws-eks-pod-identity-agent.yaml
index bae6de99beb..68fe0a140e7 100644
--- a/aws-eks-pod-identity-agent.yaml
+++ b/aws-eks-pod-identity-agent.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: aws-eks-pod-identity-agent
- version: 0_git20241124
+ version: 0_git20241126
epoch: 0
description: EKS Pod Identity is a feature of Amazon EKS that simplifies the process for cluster administrators to configure Kubernetes applications with AWS IAM permissions
copyright:
From a67fa020b3fcf90d821a59969c69070828c986ba Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:04:15 +0000
Subject: [PATCH 107/110] gitlab-pages-17.5/17.5.3 package update (#35243)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
gitlab-pages-17.5.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/gitlab-pages-17.5.yaml b/gitlab-pages-17.5.yaml
index 4944626fd4c..3f56e71b5fc 100644
--- a/gitlab-pages-17.5.yaml
+++ b/gitlab-pages-17.5.yaml
@@ -1,6 +1,6 @@
package:
name: gitlab-pages-17.5
- version: 17.5.2
+ version: 17.5.3
epoch: 0
description: GitLab Pages daemon used to serve static websites for GitLab users.
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/gitlab-pages.git
tag: v${{package.version}}
- expected-commit: 086dfbdfe2337874e342b48dba5508b7d3f59626
+ expected-commit: 00734497b120604ef91ef6c45b2b72c806f34d94
- uses: go/build
with:
From b26b8bd1f738c7957f89ddb3379085729dfd2933 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:04:34 +0000
Subject: [PATCH 108/110] rancher-partner-charts/0_git20241126 package update
(#35239)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rancher-partner-charts.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/rancher-partner-charts.yaml b/rancher-partner-charts.yaml
index 57788c5823f..6e0c9d49880 100644
--- a/rancher-partner-charts.yaml
+++ b/rancher-partner-charts.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: rancher-partner-charts
- version: 0_git20241124
+ version: 0_git20241126
epoch: 0
description: Complete container management platform - partner charts
copyright:
@@ -19,7 +19,7 @@ pipeline:
repository: https://github.com/rancher/partner-charts
branch: main
destination: ./charts
- expected-commit: 09d37214df6aaf1ba3eaa2377cbdc9b246703e13
+ expected-commit: b6ae147976b22452f5597570056b69bacf4d1b22
- working-directory: ./charts
runs: |
From 5626c1cbbc17c48ba23ba6344d401651bcebd7fd Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:04:48 +0000
Subject: [PATCH 109/110] ddp-tool/1.0.34.0_git20241126 package update (#35236)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
ddp-tool.yaml | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/ddp-tool.yaml b/ddp-tool.yaml
index 3e724ba7931..c2fee13774d 100644
--- a/ddp-tool.yaml
+++ b/ddp-tool.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-commit,valid-pipeline-git-checkout-tag
package:
name: ddp-tool
- version: 1.0.34.0_git20241124
+ version: 1.0.34.0_git20241126
epoch: 0
description: Intel Dynamic Device Personalization Tool
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3868a732013b8e8817f6453b58a170f669d99a68
+ expected-commit: 3c9d350737420f943a57cf9ab67af6cc78a4024b
repository: https://github.com/intel/ddp-tool/
branch: master
From c58771eff8f74fde5f3551380eb49ac940622c07 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 26 Nov 2024 14:05:06 +0000
Subject: [PATCH 110/110] rancher-helm3-charts/0_git20241126 package update
(#35237)
Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
Co-authored-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>
---
rancher-helm3-charts.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/rancher-helm3-charts.yaml b/rancher-helm3-charts.yaml
index 337adbd154c..78bc102ab4e 100644
--- a/rancher-helm3-charts.yaml
+++ b/rancher-helm3-charts.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: rancher-helm3-charts
- version: 0_git20241124
+ version: 0_git20241126
epoch: 0
description: Complete container management platform - helm3 charts
copyright:
