diff --git a/.github/actions/docker-run/action.yaml b/.github/actions/docker-run/action.yaml
index 96b071fabde..9f9307aceae 100644
--- a/.github/actions/docker-run/action.yaml
+++ b/.github/actions/docker-run/action.yaml
@@ -6,7 +6,7 @@ inputs:
required: true
image:
description: "The image to use"
- default: "ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa"
+ default: "ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b"
required: false
workdir:
description: "The images working directory"
diff --git a/.github/chainguard/ci-diff-report.sts.yaml b/.github/chainguard/ci-diff-report.sts.yaml
new file mode 100644
index 00000000000..9dff4d3de0d
--- /dev/null
+++ b/.github/chainguard/ci-diff-report.sts.yaml
@@ -0,0 +1,8 @@
+issuer: https://accounts.google.com
+
+# staging-enforce: ci-diff-report-bz8uqwvcxxpc4kk@staging-enforce-cd1e.iam.gserviceaccount.com (104301860717534032690)
+# prod-enforce: ci-diff-report-7g7cc3gw9zrgnb8@prod-enforce-fabc.iam.gserviceaccount.com (110787029573344269306)
+subject_pattern: "(104301860717534032690|110787029573344269306)"
+
+permissions:
+ checks: write
diff --git a/.github/chainguard/ci-mal-report.sts.yaml b/.github/chainguard/ci-mal-report.sts.yaml
new file mode 100644
index 00000000000..6bd7e82e95c
--- /dev/null
+++ b/.github/chainguard/ci-mal-report.sts.yaml
@@ -0,0 +1,8 @@
+issuer: https://accounts.google.com
+
+# staging-enforce: ci-mal-report-le3mjq3jgc92p8dq@staging-enforce-cd1e.iam.gserviceaccount.com (118407883719299185923)
+subject_pattern: "(118407883719299185923)"
+
+permissions:
+ checks: write
+ pull_requests: write # to add labels
diff --git a/.github/chainguard/ci-so-check.sts.yaml b/.github/chainguard/ci-so-check.sts.yaml
new file mode 100644
index 00000000000..b0340c47e39
--- /dev/null
+++ b/.github/chainguard/ci-so-check.sts.yaml
@@ -0,0 +1,8 @@
+issuer: https://accounts.google.com
+
+# staging-enforce: ci-so-check-stvn49i5f66mni64gt@staging-enforce-cd1e.iam.gserviceaccount.com (103377873370411205770)
+# prod-enforce: ci-so-check-pitbc0wzwgefx2btsy@prod-enforce-fabc.iam.gserviceaccount.com (114009508504016091101)
+subject_pattern: "(103377873370411205770|114009508504016091101)"
+
+permissions:
+ checks: write
diff --git a/.github/chainguard/elastic-build.sts.yaml b/.github/chainguard/elastic-build.sts.yaml
index 52990a5414c..195a08fb6a7 100644
--- a/.github/chainguard/elastic-build.sts.yaml
+++ b/.github/chainguard/elastic-build.sts.yaml
@@ -1,14 +1,14 @@
issuer: https://accounts.google.com
# staging:
-# DISABLED presubmit: 116478844699827634314: ebuild-tho0c6rsknlo655tnyjlifi@staging-enforce-cd1e.iam.gserviceaccount.com
+# presubmit: 116478844699827634314: ebuild-tho0c6rsknlo655tnyjlifi@staging-enforce-cd1e.iam.gserviceaccount.com
# postsubmit: 115457633213442188328: ebuild-m2wshgog0q6xjkbz7j8swed@staging-enforce-cd1e.iam.gserviceaccount.com
# world: 118305965159726888964: ebuild-i74lfrzfboxqsa518b5p3qi@staging-enforce-cd1e.iam.gserviceaccount.com
# prod:
-# DISABLED presubmit: 114870839879105817572: ebuild-zasv64d5x1oc4m3epw39yod@prod-enforce-fabc.iam.gserviceaccount.com
+# presubmit: 114870839879105817572: ebuild-zasv64d5x1oc4m3epw39yod@prod-enforce-fabc.iam.gserviceaccount.com
# postsubmit: 118124811908286464886: ebuild-ckhudf69he6dfl1xy83uuke@prod-enforce-fabc.iam.gserviceaccount.com
# world: 100027593799559093519: ebuild-n0ppcbm8uzc6ew2wy4gesfg@prod-enforce-fabc.iam.gserviceaccount.com
-subject_pattern: "(115457633213442188328|118305965159726888964|118124811908286464886|100027593799559093519)"
+subject_pattern: "(116478844699827634314|115457633213442188328|118305965159726888964|114870839879105817572|118124811908286464886|100027593799559093519)"
permissions:
contents: read
diff --git a/.github/chainguard/lifecycle-build-failures.sts.yaml b/.github/chainguard/lifecycle-build-failures.sts.yaml
new file mode 100644
index 00000000000..6baba6c280c
--- /dev/null
+++ b/.github/chainguard/lifecycle-build-failures.sts.yaml
@@ -0,0 +1,9 @@
+issuer: https://accounts.google.com
+
+# staging: ai-build-failure0b6i89pk2j7u2f@staging-enforce-cd1e.iam.gserviceaccount.com
+# prod: ai-build-failurexiszcy26s41ogv@prod-enforce-fabc.iam.gserviceaccount.com
+subject_pattern: "(117815286528662951292|110160732638115110864)"
+
+permissions:
+ contents: read
+ pull_requests: write
diff --git a/.github/chainguard/lifecycle-gpt.sts.yaml b/.github/chainguard/lifecycle-gpt.sts.yaml
deleted file mode 100644
index a68218715fb..00000000000
--- a/.github/chainguard/lifecycle-gpt.sts.yaml
+++ /dev/null
@@ -1,9 +0,0 @@
-issuer: https://accounts.google.com
-
-# staging-images: not in use
-# prod-images: bot-gpt@prod-images-c6e5.iam.gserviceaccount.com
-subject: "113866670232979663129"
-
-permissions:
- contents: read
- pull_requests: write
\ No newline at end of file
diff --git a/.github/workflows/backfill.yaml b/.github/workflows/backfill.yaml
index 2482ee60369..00d85316639 100644
--- a/.github/workflows/backfill.yaml
+++ b/.github/workflows/backfill.yaml
@@ -15,7 +15,7 @@ jobs:
steps:
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/618116202522/locations/global/workloadIdentityPools/prod-shared-e350/providers/prod-shared-gha"
service_account: "prod-images-ci@prod-images-c6e5.iam.gserviceaccount.com"
@@ -24,7 +24,7 @@ jobs:
with:
project_id: "prod-images-c6e5"
- - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3
+ - uses: chainguard-dev/setup-chainctl@8d93dcbef466d3cf3533f67084f52eb74ef9d262 # v0.2.4
with:
# Managed here:
# https://github.com/chainguard-dev/mono/blob/main/env/chainguard-images/iac/wolfi-os-pusher.tf
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 02f556eb900..0ed1702f76e 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -29,7 +29,7 @@ jobs:
contents: read
container:
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b
# TODO: Deprivilege
options: |
--cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined
@@ -175,7 +175,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b
steps:
- name: Harden Runner
@@ -210,7 +210,7 @@ jobs:
name: packages-aarch64
# This is managed here: https://github.com/chainguard-dev/secrets/blob/main/wolfi-dev.tf
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
id: auth
with:
workload_identity_provider: "projects/12758742386/locations/global/workloadIdentityPools/github-pool/providers/github-provider"
@@ -257,7 +257,7 @@ jobs:
- run: rm ./wolfi-signing.rsa
# We use a different GSA for our interaction with GCS.
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/618116202522/locations/global/workloadIdentityPools/prod-shared-e350/providers/prod-shared-gha"
service_account: "prod-images-ci@prod-images-c6e5.iam.gserviceaccount.com"
@@ -303,7 +303,7 @@ jobs:
container:
# NOTE: This step only signs and uploads, so it doesn't need any privileges
- image: ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa
+ image: ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b
steps:
- name: Harden Runner
@@ -321,7 +321,7 @@ jobs:
- id: auth
name: 'Authenticate to Google Cloud'
- uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/618116202522/locations/global/workloadIdentityPools/prod-shared-e350/providers/prod-shared-gha"
service_account: "prod-images-ci@prod-images-c6e5.iam.gserviceaccount.com"
@@ -397,7 +397,7 @@ jobs:
done
# use public chainguard provider.
- - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3
+ - uses: chainguard-dev/setup-chainctl@8d93dcbef466d3cf3533f67084f52eb74ef9d262 # v0.2.4
with:
# Managed here:
# https://github.com/chainguard-dev/mono/blob/main/env/chainguard-images/iac/wolfi-os-pusher.tf
diff --git a/.github/workflows/update-cache.yaml b/.github/workflows/update-cache.yaml
index 26857223def..17feb69f816 100644
--- a/.github/workflows/update-cache.yaml
+++ b/.github/workflows/update-cache.yaml
@@ -33,7 +33,7 @@ jobs:
- uses: chainguard-dev/actions/setup-melange@2cadca168a422313df94f6169691a86498ae51b1 # main
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/618116202522/locations/global/workloadIdentityPools/prod-shared-e350/providers/prod-shared-gha"
service_account: ${{env.FQ_SERVICE_ACCOUNT}}
diff --git a/.github/workflows/withdraw-packages.yaml b/.github/workflows/withdraw-packages.yaml
index 0a2d2d77997..cbf2f20bfda 100644
--- a/.github/workflows/withdraw-packages.yaml
+++ b/.github/workflows/withdraw-packages.yaml
@@ -33,7 +33,7 @@ jobs:
uses: wolfi-dev/actions/install-wolfictl@main # main
# This is managed here: https://github.com/chainguard-dev/secrets/blob/main/wolfi-dev.tf
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
id: auth
with:
workload_identity_provider: "projects/12758742386/locations/global/workloadIdentityPools/github-pool/providers/github-provider"
@@ -55,7 +55,7 @@ jobs:
sudo cp ./wolfi-signing.rsa.pub /etc/apk/keys/wolfi-signing.rsa.pub
# We use a different GSA for our interaction with GCS.
- - uses: google-github-actions/auth@8254fb75a33b976a221574d287e93919e6a36f70 # v2.1.6
+ - uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
with:
workload_identity_provider: "projects/618116202522/locations/global/workloadIdentityPools/prod-shared-e350/providers/prod-shared-gha"
service_account: "prod-images-ci@prod-images-c6e5.iam.gserviceaccount.com"
@@ -110,7 +110,7 @@ jobs:
done
# use public chainguard provider.
- - uses: chainguard-dev/setup-chainctl@598499528905f95b94e62e4831cf42035e768933 # v0.2.3
+ - uses: chainguard-dev/setup-chainctl@8d93dcbef466d3cf3533f67084f52eb74ef9d262 # v0.2.4
with:
# Managed here:
# https://github.com/chainguard-dev/mono/blob/main/env/chainguard-images/iac/wolfi-os-pusher.tf
diff --git a/Makefile b/Makefile
index 83b669e4a1c..1efa4343a1f 100644
--- a/Makefile
+++ b/Makefile
@@ -167,7 +167,7 @@ dev-container:
-v "${PWD}:${PWD}" \
-w "${PWD}" \
-e SOURCE_DATE_EPOCH=0 \
- ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa
+ ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b
PACKAGES_CONTAINER_FOLDER ?= /work/packages
# This target spins up a docker container that is helpful for testing local
@@ -234,6 +234,6 @@ dev-container-wolfi:
--mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \
--mount type=bind,source="$(TMP_REPOS_FILE)",destination="/etc/apk/repositories",readonly \
-w "$(PACKAGES_CONTAINER_FOLDER)" \
- ghcr.io/wolfi-dev/sdk:latest@sha256:5d1156182c94a55ce0fe8c7243ef276d647cd745591092525814c5734247e6aa
+ ghcr.io/wolfi-dev/sdk:latest@sha256:6328466c08242a4bd5dcf4ddb66a25961271bfd233f5237a3e1a6fae78a78e1b
@rm "$(TMP_REPOS_FILE)"
@rmdir "$(TMP_REPOS_DIR)"
diff --git a/R-sf.yaml b/R-sf.yaml
index ef30871dff7..f61b8dd640d 100644
--- a/R-sf.yaml
+++ b/R-sf.yaml
@@ -1,6 +1,6 @@
package:
name: R-sf
- version: 1.0.18
+ version: 1.0.19
epoch: 1
description: Simple Features for R
copyright:
@@ -49,7 +49,7 @@ pipeline:
with:
repository: https://github.com/cran/sf
tag: ${{vars.mangled-package-version}}
- expected-commit: 5de2e6893c6c7d84702a781f5368035ecbbf15cc
+ expected-commit: 146bdea6d359abe64517217675966bf765785d8a
- uses: R/build
with:
diff --git a/R.yaml b/R.yaml
index d310f45d48d..ebc0271688f 100644
--- a/R.yaml
+++ b/R.yaml
@@ -1,8 +1,8 @@
# Generated from https://git.alpinelinux.org/aports/plain/community/R/APKBUILD
package:
name: R
- version: 4.3.1
- epoch: 6
+ version: 4.4.2
+ epoch: 0
description: Language and environment for statistical computing
copyright:
- license: ( GPL-2.0-only OR GPL-3.0-only ) AND LGPL-2.1-or-later
@@ -80,7 +80,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 8dd0bf24f1023c6f618c3b317383d291b4a494f40d73b983ac22ffea99e4ba99
+ expected-sha256: 1578cd603e8d866b58743e49d8bf99c569e81079b6a60cf33cdf7bdffeb817ec
uri: https://cloud.r-project.org/src/base/R-4/R-${{package.version}}.tar.gz
- runs: |
@@ -167,6 +167,7 @@ subpackages:
description: R manpages
update:
+ enabled: true
release-monitor:
identifier: 4150
diff --git a/aactl.yaml b/aactl.yaml
index b1876c0b481..e6a5cb0a16c 100644
--- a/aactl.yaml
+++ b/aactl.yaml
@@ -1,7 +1,7 @@
package:
name: aactl
version: 0.4.12
- epoch: 18
+ epoch: 19
description: Google Container Analysis data import utility, supports OSS vulnerability scanner reports, SLSA provenance and sigstore attestations.
copyright:
- license: Apache-2.0
@@ -23,7 +23,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/docker/distribution@v2.8.2-beta.1 github.com/sigstore/rekor@v1.2.0 github.com/cloudflare/circl@v1.3.7 golang.org/x/crypto@v0.17.0 gopkg.in/go-jose/go-jose.v2@v2.6.3 google.golang.org/grpc@v1.56.3 google.golang.org/protobuf@v1.33.0 github.com/sigstore/cosign/v2@v2.2.4 golang.org/x/net@v0.23.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/docker/docker@v26.1.5
+ deps: github.com/docker/distribution@v2.8.2-beta.1 github.com/sigstore/rekor@v1.2.0 github.com/cloudflare/circl@v1.3.7 golang.org/x/crypto@v0.17.0 gopkg.in/go-jose/go-jose.v2@v2.6.3 google.golang.org/grpc@v1.56.3 google.golang.org/protobuf@v1.33.0 github.com/sigstore/cosign/v2@v2.2.4 golang.org/x/net@v0.23.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/docker/docker@v26.1.5 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/go-jose/go-jose/v3=github.com/go-jose/go-jose/v3@v3.0.3 github.com/sigstore/cosign/v2=github.com/sigstore/cosign/v2@v2.2.4
- runs: |
diff --git a/actions-runner-controller.yaml b/actions-runner-controller.yaml
index ad3dcec6f0e..f8f727b1837 100644
--- a/actions-runner-controller.yaml
+++ b/actions-runner-controller.yaml
@@ -1,7 +1,7 @@
package:
name: actions-runner-controller
version: 0.9.3
- epoch: 2
+ epoch: 3
description: Kubernetes controller for GitHub Actions self-hosted runners
copyright:
- license: Apache-2.0
@@ -20,6 +20,10 @@ pipeline:
tag: gha-runner-scale-set-${{package.version}}
expected-commit: 80d848339e5eeaa6b2cda3c4a5393dfcb4614794
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: .
diff --git a/airflow.yaml b/airflow.yaml
index adc32439bcd..bb529098ae5 100644
--- a/airflow.yaml
+++ b/airflow.yaml
@@ -1,7 +1,7 @@
package:
name: airflow
- version: 2.10.2
- epoch: 1
+ version: 2.10.3
+ epoch: 0
description: Platform to programmatically author, schedule, and monitor workflows
options:
# There is a dependency on libarrow.so although it
@@ -39,7 +39,7 @@ pipeline:
with:
repository: https://github.com/apache/airflow
tag: ${{package.version}}
- expected-commit: 35087d7d10714130cc3e9e9730e34b07fc56938d
+ expected-commit: c99887ec11ce3e1a43f2794fcf36d27555140f00
- runs: |
# by default airflow celery provider is not built,but running the upstream helm chart requires it
diff --git a/alsa-lib.yaml b/alsa-lib.yaml
index e2359631cec..02776f0daa8 100644
--- a/alsa-lib.yaml
+++ b/alsa-lib.yaml
@@ -1,7 +1,7 @@
package:
name: alsa-lib
- version: 1.2.12
- epoch: 2
+ version: 1.2.13
+ epoch: 0
description: Advanced Linux Sound Architecture (ALSA) library
copyright:
- license: LGPL-2.1-or-later
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/alsa-project/alsa-lib.git
tag: v${{package.version}}
- expected-commit: 34422861f5549aee3e9df9fd8240d10b530d9abd
+ expected-commit: 785fd327ada6fc1778a2bb21176cb66705eb6b33
- runs: |
libtoolize --force --copy --automake
diff --git a/amazon-cloudwatch-agent-operator.yaml b/amazon-cloudwatch-agent-operator.yaml
index 4a2864927ef..5ac3da42ed3 100644
--- a/amazon-cloudwatch-agent-operator.yaml
+++ b/amazon-cloudwatch-agent-operator.yaml
@@ -1,6 +1,6 @@
package:
name: amazon-cloudwatch-agent-operator
- version: 1.6.0
+ version: 1.9.0
epoch: 0
description: Software developed to manage the CloudWatch Agent on kubernetes.
copyright:
@@ -9,13 +9,13 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: e4fd9a62a095b26e58fdc09cc59a0e9f10b0e333
+ expected-commit: 8e78c016b614b62c0d5770e0f95f2012526f51cd
repository: https://github.com/aws/amazon-cloudwatch-agent-operator
tag: v${{package.version}}
- uses: go/bump
with:
- deps: golang.org/x/net@v0.23.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/docker/docker@v25.0.6
+ deps: github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/docker/docker@v25.0.6
- uses: go/build
with:
@@ -47,6 +47,8 @@ update:
github:
identifier: aws/amazon-cloudwatch-agent-operator
strip-prefix: v
+ tag-filter: v
+ use-tag: true
test:
environment:
diff --git a/amazon-cloudwatch-agent.yaml b/amazon-cloudwatch-agent.yaml
index 75932a0705c..d062460b282 100644
--- a/amazon-cloudwatch-agent.yaml
+++ b/amazon-cloudwatch-agent.yaml
@@ -1,6 +1,6 @@
package:
name: amazon-cloudwatch-agent
- version: 1.300048.1
+ version: 1.300049.1
epoch: 0
description: CloudWatch Agent enables you to collect and export host-level metrics and logs on instances running Linux or Windows server.
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/aws/amazon-cloudwatch-agent
tag: v${{package.version}}
- expected-commit: bde3bd9775ae1d4e4f8a2fdb92d7b6fdd5186fba
+ expected-commit: 8ac5454dd18dc136bfa0238a394abf12bf4649d5
- uses: go/bump
with:
@@ -64,6 +64,7 @@ update:
identifier: aws/amazon-cloudwatch-agent
strip-prefix: v
tag-filter: v
+ use-tag: true
test:
pipeline:
diff --git a/aom.yaml b/aom.yaml
index fe5e3f3a9e2..c8cd7b735e0 100644
--- a/aom.yaml
+++ b/aom.yaml
@@ -4,8 +4,8 @@
#nolint:git-checkout-must-use-github-updates
package:
name: aom
- version: 3.10.0
- epoch: 1
+ version: 3.11.0
+ epoch: 0
description: Alliance for Open Media (AOM) AV1 codec SDK
copyright:
- license: BSD-2-Clause
@@ -33,7 +33,7 @@ pipeline:
with:
repository: https://aomedia.googlesource.com/aom
tag: v${{package.version}}
- expected-commit: c2fe6bf370f7c14fbaf12884b76244a3cfd7c5fc
+ expected-commit: d6f30ae474dd6c358f26de0a0fc26a0d7340a84c
destination: aom
- runs: |
diff --git a/apache-arrow.yaml b/apache-arrow.yaml
index 2ee0f7b9c52..4e805dd65cd 100644
--- a/apache-arrow.yaml
+++ b/apache-arrow.yaml
@@ -223,8 +223,6 @@ update:
ignore-regex-patterns:
- 'js-'
- '.*\.dev$'
- github:
- use-tag: true
- identifier: apache/arrow
+ git:
strip-prefix: apache-arrow-
- tag-filter: apache-arrow-
+ tag-filter-prefix: apache-arrow-
diff --git a/apache-nifi.yaml b/apache-nifi.yaml
index 9e839d90c12..8bc32f78930 100644
--- a/apache-nifi.yaml
+++ b/apache-nifi.yaml
@@ -1,7 +1,7 @@
package:
name: apache-nifi
version: 2.0.0
- epoch: 0
+ epoch: 1
description: Apache NiFi is an easy to use, powerful, and reliable system to process and distribute data.
copyright:
- license: Apache-2.0
@@ -29,6 +29,7 @@ environment:
- nodejs-20
- npm
- openjdk-21-default-jdk
+ - openssf-compiler-options
- openssl-dev
- rsync
environment:
diff --git a/apache-orc.yaml b/apache-orc.yaml
index 5297d2a6d55..018f1647b43 100644
--- a/apache-orc.yaml
+++ b/apache-orc.yaml
@@ -1,7 +1,7 @@
package:
name: apache-orc
- version: 2.0.2
- epoch: 1
+ version: 2.0.3
+ epoch: 0
description: "the smallest, fastest columnar storage for Hadoop workloads"
copyright:
- license: Apache-2.0
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/apache/orc
tag: v${{package.version}}
- expected-commit: 801b2b90373cf9925d3d22a2cb51260fb28f81a3
+ expected-commit: 9f35b2593376e0ba14c008d564e5a87fb25d09f6
- runs: |
cmake -B build -G Ninja \
diff --git a/apko.yaml b/apko.yaml
index d66746369bb..072e6477b92 100644
--- a/apko.yaml
+++ b/apko.yaml
@@ -1,6 +1,6 @@
package:
name: apko
- version: 0.19.7
+ version: 0.20.0
epoch: 0
description: Build OCI images using APK directly without Dockerfile
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/chainguard-dev/apko
tag: v${{package.version}}
- expected-commit: c8b52a03eb1b6bb4285380c7b885ee660cb10349
+ expected-commit: 87846cbbf05d84f9b699c9a848a8ec1b539f06fd
- runs: |
make apko
diff --git a/argo-cd-2.12.yaml b/argo-cd-2.13.yaml
similarity index 95%
rename from argo-cd-2.12.yaml
rename to argo-cd-2.13.yaml
index 710532c7f47..89851adc857 100644
--- a/argo-cd-2.12.yaml
+++ b/argo-cd-2.13.yaml
@@ -1,6 +1,6 @@
package:
- name: argo-cd-2.12
- version: 2.12.6
+ name: argo-cd-2.13
+ version: 2.13.0
epoch: 0
description: Declarative continuous deployment for Kubernetes.
copyright:
@@ -24,11 +24,11 @@ pipeline:
with:
repository: https://github.com/argoproj/argo-cd
tag: v${{package.version}}
- expected-commit: 4dab5bd6a60adea12e084ad23519e35b710060a2
+ expected-commit: 347f221adba5599ef4d5f12ee572b2c17d01db4d
- uses: go/bump
with:
- deps: github.com/rs/cors@v1.11.0 k8s.io/kubernetes@v1.29.7
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
cd ui
@@ -109,7 +109,7 @@ update:
github:
identifier: argoproj/argo-cd
strip-prefix: v
- tag-filter: v2.12.
+ tag-filter: v2.13.
test:
pipeline:
diff --git a/argo-events.yaml b/argo-events.yaml
index e4d88092f3b..b438a3c34bf 100644
--- a/argo-events.yaml
+++ b/argo-events.yaml
@@ -1,7 +1,7 @@
package:
name: argo-events
version: 1.9.2
- epoch: 1
+ epoch: 2
description: Event-driven Automation Framework for Kubernetes.
copyright:
- license: Apache-2.0
@@ -15,7 +15,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7
+ deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/whilp/git-urls=github.com/chainguard-dev/git-urls@v1.0.2 github.com/hamba/avro=github.com/hamba/avro/v2@v2.13.0
- uses: go/build
diff --git a/argo-rollouts.yaml b/argo-rollouts.yaml
index 186841776bc..84bf4a73118 100644
--- a/argo-rollouts.yaml
+++ b/argo-rollouts.yaml
@@ -1,7 +1,7 @@
package:
name: argo-rollouts
version: 1.7.2
- epoch: 0
+ epoch: 1
description: Progressive Delivery for Kubernetes
copyright:
- license: Apache-2.0
@@ -15,7 +15,7 @@ pipeline:
- uses: go/bump
with:
- deps: golang.org/x/net@v0.23.0 github.com/cloudflare/circl@v1.3.7 github.com/hashicorp/go-retryablehttp@v0.7.7 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.46.0 go.opentelemetry.io/otel/sdk@v1.21.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc@v1.21.0 k8s.io/apiserver@v0.29.4 k8s.io/kubernetes@v1.29.7
+ deps: golang.org/x/net@v0.23.0 github.com/cloudflare/circl@v1.3.7 github.com/hashicorp/go-retryablehttp@v0.7.7 go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.46.0 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.46.0 go.opentelemetry.io/otel/sdk@v1.21.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc@v1.21.0 k8s.io/apiserver@v0.29.4 k8s.io/kubernetes@v1.29.7 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/whilp/git-urls=github.com/chainguard-dev/git-urls@v1.0.2
- uses: go/build
diff --git a/argo-workflows.yaml b/argo-workflows.yaml
index 4c4e09e91e9..ee33b70b14d 100644
--- a/argo-workflows.yaml
+++ b/argo-workflows.yaml
@@ -1,7 +1,7 @@
package:
name: argo-workflows
version: 3.5.12
- epoch: 0
+ epoch: 1
description: Workflow engine for Kubernetes.
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/docker/docker@v26.1.5
+ deps: github.com/docker/docker@v26.1.5 github.com/golang-jwt/jwt/v4@v4.5.1
- name: clean yarn user global cache
runs: |
diff --git a/atlantis.yaml b/atlantis.yaml
index 61043f6e5f6..1a44809acff 100644
--- a/atlantis.yaml
+++ b/atlantis.yaml
@@ -1,7 +1,7 @@
package:
name: atlantis
version: 0.30.0
- epoch: 0
+ epoch: 1
description: Terraform Pull Request Automation
copyright:
- license: Apache-2.0
@@ -26,6 +26,11 @@ pipeline:
tag: v${{package.version}}
expected-commit: 03e9e71f92b06cc27335524b8f59feef5a86f217
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: .
+
- uses: go/build
with:
modroot: .
diff --git a/aws-application-networking-k8s.yaml b/aws-application-networking-k8s.yaml
index 4ccd5df18c0..80b9f013fc8 100644
--- a/aws-application-networking-k8s.yaml
+++ b/aws-application-networking-k8s.yaml
@@ -1,7 +1,7 @@
package:
name: aws-application-networking-k8s
version: 1.0.7
- epoch: 0
+ epoch: 1
description: A Kubernetes controller for Amazon VPC Lattice
copyright:
- license: Apache-2.0
@@ -12,7 +12,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 03fdeb6fc933de7fbe3a1c5e4ee1438fae022313
+ expected-commit: d0dca4e76c284513af852229f4137901b7447d12
repository: https://github.com/aws/aws-application-networking-k8s
tag: v${{package.version}}
diff --git a/aws-c-common.yaml b/aws-c-common.yaml
index ee9bf629bce..9742f0c19c0 100644
--- a/aws-c-common.yaml
+++ b/aws-c-common.yaml
@@ -1,6 +1,6 @@
package:
name: aws-c-common
- version: 0.10.0
+ version: 0.10.3
epoch: 0
description: Core c99 package for AWS SDK for C including cross-platform primitives, configuration, data structures, and error handling
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: f41b772f0de9454a4e7a65750b58c2379533bbf1
+ expected-commit: 63187b976a482309e23296c5f967fc19c4131746
repository: https://github.com/awslabs/aws-c-common
tag: v${{package.version}}
diff --git a/aws-c-http.yaml b/aws-c-http.yaml
index e3e8a651925..3c1f798288a 100644
--- a/aws-c-http.yaml
+++ b/aws-c-http.yaml
@@ -1,6 +1,6 @@
package:
name: aws-c-http
- version: 0.9.0
+ version: 0.9.2
epoch: 0
description: AWS C99 implementation of the HTTP/1.1 and HTTP/2 specifications
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 74b3a0dd1396b72f701c8bdf24e5c6f41e52cf87
+ expected-commit: fc3eded2465c37d07fd9cc15e9b5b011224c9c9a
repository: https://github.com/awslabs/aws-c-http
tag: v${{package.version}}
diff --git a/aws-c-io.yaml b/aws-c-io.yaml
index 07790552039..65abe0c3835 100644
--- a/aws-c-io.yaml
+++ b/aws-c-io.yaml
@@ -1,6 +1,6 @@
package:
name: aws-c-io
- version: 0.15.1
+ version: 0.15.3
epoch: 0
description: Module for the AWS SDK for C handling all IO and TLS work for application protocols
copyright:
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: e247ef89cdf170cadcb4c665fb0146e82cd6e135
+ expected-commit: fcb38c804364dd627c335da752a99a125a88f6e9
repository: https://github.com/awslabs/aws-c-io
tag: v${{package.version}}
diff --git a/aws-c-s3.yaml b/aws-c-s3.yaml
index 61387c934fb..7c8589a1680 100644
--- a/aws-c-s3.yaml
+++ b/aws-c-s3.yaml
@@ -1,6 +1,6 @@
package:
name: aws-c-s3
- version: 0.7.0
+ version: 0.7.1
epoch: 0
description: "AWS C99 library implementation for communicating with the S3 service"
copyright:
@@ -37,7 +37,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 8c1969bce5bfe0e063cbc719182dbe344342b880
+ expected-commit: 5877f40f87c77ccf2b278839995a6ee91983080f
repository: https://github.com/awslabs/aws-c-s3
tag: v${{package.version}}
diff --git a/aws-c-sdkutils.yaml b/aws-c-sdkutils.yaml
index cc09a102d01..ab686d22c5c 100644
--- a/aws-c-sdkutils.yaml
+++ b/aws-c-sdkutils.yaml
@@ -1,6 +1,6 @@
package:
name: aws-c-sdkutils
- version: 0.2.0
+ version: 0.2.1
epoch: 0
description: C99 library implementing AWS SDK specific utilities
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 0818f28ee436b892f09fbe8e3a6ae37ff40e9436
+ expected-commit: ce09f79768653dbdc810fc14cad8685dd90acba1
repository: https://github.com/awslabs/aws-c-sdkutils
tag: v${{package.version}}
diff --git a/aws-checksums.yaml b/aws-checksums.yaml
index 901cf66dcb4..d925403c4cf 100644
--- a/aws-checksums.yaml
+++ b/aws-checksums.yaml
@@ -1,6 +1,6 @@
package:
name: aws-checksums
- version: 0.2.0
+ version: 0.2.2
epoch: 0
description: AWS Cross-Platform HW accelerated CRC32c and CRC32 with fallback to efficient SW implementations
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 0d2f5521f61215f38f791d106ae304402208112d
+ expected-commit: 3e4101b9f85a2c090774d27ae2131fca1082f522
repository: https://github.com/awslabs/aws-checksums
tag: v${{package.version}}
diff --git a/aws-cli-v2.yaml b/aws-cli-v2.yaml
index 6c336a6b0b1..a383a18ad51 100644
--- a/aws-cli-v2.yaml
+++ b/aws-cli-v2.yaml
@@ -2,7 +2,7 @@
#nolint:documentation
package:
name: aws-cli-v2
- version: 2.19.1
+ version: 2.21.3
epoch: 0
description: "Universal Command Line Interface for Amazon Web Services (v2)"
copyright:
@@ -31,7 +31,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/aws/aws-cli
- expected-commit: 980ea872d151bbe55f84ad981fef0fb5209dcd0e
+ expected-commit: 502d994f22e55a7cb7b5d02d99dc13b6463beb24
tag: ${{package.version}}
- runs: |
diff --git a/aws-crt-cpp.yaml b/aws-crt-cpp.yaml
index 6238aaa6cb7..ce61b5a2dda 100644
--- a/aws-crt-cpp.yaml
+++ b/aws-crt-cpp.yaml
@@ -1,6 +1,6 @@
package:
name: aws-crt-cpp
- version: 0.29.0
+ version: 0.29.4
epoch: 0
description: "C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++"
copyright:
@@ -33,7 +33,7 @@ pipeline:
with:
repository: https://github.com/awslabs/aws-crt-cpp
tag: v${{package.version}}
- expected-commit: fbd5310be54cc853807c06e85a9290560fc8f986
+ expected-commit: 827b178c64a9d3df9684f8b75f819f08f67119f6
- runs: |
if [ "$CBUILD" != "$CHOST" ]; then
diff --git a/aws-ebs-csi-driver.yaml b/aws-ebs-csi-driver.yaml
index 9d11ebb4071..0624ea98c75 100644
--- a/aws-ebs-csi-driver.yaml
+++ b/aws-ebs-csi-driver.yaml
@@ -1,7 +1,7 @@
package:
name: aws-ebs-csi-driver
- version: 1.36.0
- epoch: 1
+ version: 1.37.0
+ epoch: 0
description: CSI driver for Amazon EBS.
copyright:
- license: Apache-2.0
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/kubernetes-sigs/aws-ebs-csi-driver
tag: v${{package.version}}
- expected-commit: e6dae6132fc8383340024440fc639a135bebd4ba
+ expected-commit: 20c4a7c784098dc3247d8afa13780a23a9c5693d
- uses: go/build
with:
diff --git a/aws-eks-pod-identity-agent.yaml b/aws-eks-pod-identity-agent.yaml
index b3edafe6fe4..a56e2505f97 100644
--- a/aws-eks-pod-identity-agent.yaml
+++ b/aws-eks-pod-identity-agent.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag
package:
name: aws-eks-pod-identity-agent
- version: 0_git20241103
+ version: 0_git20241116
epoch: 0
description: EKS Pod Identity is a feature of Amazon EKS that simplifies the process for cluster administrators to configure Kubernetes applications with AWS IAM permissions
copyright:
diff --git a/az.yaml b/az.yaml
index 8930d045e61..b8b687cb9d8 100644
--- a/az.yaml
+++ b/az.yaml
@@ -1,7 +1,7 @@
package:
name: az
- version: 2.65.0
- epoch: 1
+ version: 2.66.0
+ epoch: 0
description: Azure CLI
copyright:
- license: MIT
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/Azure/azure-cli/
tag: azure-cli-${{package.version}}
- expected-commit: a0acfb32a5966fac72f54d25639ebc5fbd53a509
+ expected-commit: 34dac6f0c68d053073d5bff50acaf90f2de4f0fb
- name: Python Build
runs: |
diff --git a/azcopy.yaml b/azcopy.yaml
index 9d7b144af8d..627d7ceec76 100644
--- a/azcopy.yaml
+++ b/azcopy.yaml
@@ -1,6 +1,6 @@
package:
name: azcopy
- version: 10.27.0
+ version: 10.27.1
epoch: 0
description: The new Azure Storage data transfer utility
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/Azure/azure-storage-azcopy
tag: v${{package.version}}
- expected-commit: fed3e4fafa1352d249a0be799b56a76c5e792e7e
+ expected-commit: 741ca876e9874f2f169fbfb355c123fe39337081
- uses: go/build
with:
diff --git a/azuredisk-csi-1.31.yaml b/azuredisk-csi-1.31.yaml
index 86c4f1a3027..2e2b75d9f11 100644
--- a/azuredisk-csi-1.31.yaml
+++ b/azuredisk-csi-1.31.yaml
@@ -1,7 +1,7 @@
package:
name: azuredisk-csi-1.31
- version: 1.31.0
- epoch: 2
+ version: 1.31.1
+ epoch: 0
description: Azure Disk CSI Driver
copyright:
- license: Apache-2.0
@@ -25,7 +25,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 81f73ae6e758c2dd5efbaf127014e80d01d39f66
+ expected-commit: eae5420a651fafc994d8070f81e7f8003d8ea703
repository: https://github.com/kubernetes-sigs/azuredisk-csi-driver
tag: v${{package.version}}
diff --git a/bank-vaults.yaml b/bank-vaults.yaml
index d1f726dd840..a1b358427d2 100644
--- a/bank-vaults.yaml
+++ b/bank-vaults.yaml
@@ -1,7 +1,7 @@
package:
name: bank-vaults
version: 1.20.4
- epoch: 19
+ epoch: 20
description: A Vault swiss-army knife. A CLI tool to init, unseal and configure Vault (auth methods, secret engines).
copyright:
- license: Apache-2.0
@@ -25,7 +25,7 @@ pipeline:
- uses: go/bump
with:
# CVE-2023-39325 and CVE-2023-3978
- deps: google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0 github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7
+ deps: google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0 github.com/go-jose/go-jose/v3@v3.0.3 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/go-jose/go-jose/v3=github.com/go-jose/go-jose/v3@v3.0.3
- uses: go/build
diff --git a/bazel-7.yaml b/bazel-7.yaml
index 77e1d7d8eed..66923967d34 100644
--- a/bazel-7.yaml
+++ b/bazel-7.yaml
@@ -1,7 +1,7 @@
package:
name: bazel-7
- version: 7.4.0
- epoch: 1
+ version: 7.4.1
+ epoch: 0
description: Bazel is an open-source build and test tool
resources:
cpu: 16
@@ -29,7 +29,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 198d70bb73b93bb2b630c26feb08c4f832e7520c2390776672a853d68f46f428
+ expected-sha256: 83386618bc489f4da36266ef2620ec64a526c686cf07041332caff7c953afaf5
uri: https://github.com/bazelbuild/bazel/releases/download/${{package.version}}/bazel-${{package.version}}-dist.zip
extract: false
delete: false
diff --git a/bazelisk.yaml b/bazelisk.yaml
index c3059b7e2d7..9a3238cb30d 100644
--- a/bazelisk.yaml
+++ b/bazelisk.yaml
@@ -1,6 +1,6 @@
package:
name: bazelisk
- version: 1.22.1
+ version: 1.23.0
epoch: 0
description: A user-friendly launcher for Bazel.
copyright:
@@ -20,7 +20,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/bazelbuild/bazelisk
- expected-commit: 2f239be8786b93c573cae1ed15026dda7360c4c0
+ expected-commit: 22d3367e24c68889a8bc09eaac15584bf3755ab2
tag: v${{package.version}}
- uses: go/build
diff --git a/boring-registry.yaml b/boring-registry.yaml
index 768004ca283..361dcacb2f6 100644
--- a/boring-registry.yaml
+++ b/boring-registry.yaml
@@ -1,7 +1,7 @@
package:
name: boring-registry
version: 0.15.4
- epoch: 0
+ epoch: 1
description: Terraform Provider and Module Registry
copyright:
- license: MIT
@@ -23,6 +23,10 @@ pipeline:
repository: https://github.com/TierMobility/boring-registry
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
ldflags: |
diff --git a/brew.yaml b/brew.yaml
index 1620627f830..e8e787ec371 100644
--- a/brew.yaml
+++ b/brew.yaml
@@ -1,6 +1,6 @@
package:
name: brew
- version: 4.4.3
+ version: 4.4.5
epoch: 0
description: "The homebrew package manager"
copyright:
@@ -49,7 +49,7 @@ pipeline:
repository: https://github.com/Homebrew/brew
tag: ${{package.version}}
destination: ./brew
- expected-commit: 91f3671b16fe62121364c465c14e0dfd088d7ead
+ expected-commit: 254bf3fe9d8fa2e1b2fb55dbcf535b2d870180c4
- runs: |
set -x
diff --git a/buf.yaml b/buf.yaml
index 2e5ef455bfe..a760c14d7ad 100644
--- a/buf.yaml
+++ b/buf.yaml
@@ -1,6 +1,6 @@
package:
name: buf
- version: 1.46.0
+ version: 1.47.2
epoch: 0
description: A new way of working with Protocol Buffers.
copyright:
@@ -17,7 +17,7 @@ pipeline:
with:
repository: https://github.com/bufbuild/buf
tag: v${{package.version}}
- expected-commit: 72a73eaea88b4dfef9a00532cf741143dc9e93db
+ expected-commit: 13828a3ee61f19d0fba7ad11a898e03d2db6ccea
- uses: go/build
with:
diff --git a/build-aarch64.env b/build-aarch64.env
index 8ab3979a7ae..6b41c2341c2 100644
--- a/build-aarch64.env
+++ b/build-aarch64.env
@@ -1,8 +1,3 @@
-# Ampere Altra, the CPU used by most cloud providers, is Neoverse N1.
-export CFLAGS="-O2 -Wall -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -march=armv8-a+crc+crypto -mtune=neoverse-n1"
-export CPPFLAGS="-O2 -Wp,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS"
-export CXXFLAGS="$CFLAGS"
-export LDFLAGS="-Wl,--as-needed,-O1,--sort-common -Wl,-z,relro,-z,now,-z,noexecstack"
export GOFLAGS=""
export GOTOOLCHAIN=local
# Build jemalloc with 64k page support
diff --git a/build-x86_64.env b/build-x86_64.env
index 19ba12fb797..69d0b97b8d3 100644
--- a/build-x86_64.env
+++ b/build-x86_64.env
@@ -1,6 +1,2 @@
-export CFLAGS="-O2 -Wall -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -march=x86-64-v2 -mtune=broadwell"
-export CPPFLAGS="-O2 -Wp,-D_FORTIFY_SOURCE=3 -Wp,-D_GLIBCXX_ASSERTIONS"
-export CXXFLAGS="$CFLAGS"
-export LDFLAGS="-Wl,--as-needed,-O1,--sort-common -Wl,-z,relro,-z,now,-z,noexecstack"
export GOFLAGS=""
export GOTOOLCHAIN=local
diff --git a/buildkitd.yaml b/buildkitd.yaml
index a2586f77b17..d8de0a3f135 100644
--- a/buildkitd.yaml
+++ b/buildkitd.yaml
@@ -1,6 +1,6 @@
package:
name: buildkitd
- version: 0.17.0
+ version: 0.17.1
description: "concurrent, cache-efficient, and Dockerfile-agnostic builder toolkit"
epoch: 0
copyright:
@@ -27,7 +27,11 @@ pipeline:
with:
repository: https://github.com/moby/buildkit
tag: v${{package.version}}
- expected-commit: fd61877fa73693dcd4ef64c538f894ec216409a3
+ expected-commit: 8b1b83ef4947c03062cdcdb40c69989d8fe3fd04
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
PKG=github.com/moby/buildkit
diff --git a/bun-bootstrap.yaml b/bun-bootstrap.yaml
new file mode 100644
index 00000000000..350e0a0da30
--- /dev/null
+++ b/bun-bootstrap.yaml
@@ -0,0 +1,51 @@
+package:
+ name: bun-bootstrap
+ version: 1.1.34
+ epoch: 0
+ description: "Bun requires itself to bootstrap."
+ copyright:
+ - license: MIT
+ options:
+ no-provides: true
+
+environment:
+ contents:
+ packages:
+ - bash
+ - busybox
+ - curl
+
+pipeline:
+ - assertions:
+ required-steps: 1
+ pipeline:
+ - if: ${{build.arch}} == 'aarch64'
+ uses: fetch
+ with:
+ uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-aarch64.zip"
+ expected-sha256: "04862513246ec9476f8a9b025441d3391949a009c7fabbf5a20bf5d09507c8e0"
+ extract: false
+ - if: ${{build.arch}} == 'x86_64'
+ uses: fetch
+ with:
+ uri: "https://github.com/oven-sh/bun/releases/download/bun-v${{package.version}}/bun-linux-x64.zip"
+ expected-sha256: "4bc000ff5096c5348767ad04d993505f210039a95880273a76d7bd0af0fc2f1f"
+ extract: false
+
+ - runs: |
+ unzip bun*.zip
+ rm *.zip
+ mkdir -p ${{targets.destdir}}/usr/bin
+ mv bun*/bun ${{targets.destdir}}/usr/bin/
+
+update:
+ enabled: true
+ github:
+ identifier: oven-sh/bun
+ use-tag: true
+ strip-prefix: bun-v
+
+test:
+ pipeline:
+ - runs: |
+ bun --version
diff --git a/c-ares.yaml b/c-ares.yaml
index 586bfe55641..37f474057e4 100644
--- a/c-ares.yaml
+++ b/c-ares.yaml
@@ -1,6 +1,6 @@
package:
name: c-ares
- version: 1.34.2
+ version: 1.34.3
epoch: 0
description: "an asynchronous DNS resolution library"
copyright:
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/c-ares/c-ares
tag: v${{package.version}}
- expected-commit: a57ff692eeab8d21c853dc1ddaf0164f517074c3
+ expected-commit: c29e75d54c3743783d51a609980495cf553b4bca
- uses: cmake/configure
with:
diff --git a/ca-certificates.yaml b/ca-certificates.yaml
index fa128965e55..ba4c947c8dc 100644
--- a/ca-certificates.yaml
+++ b/ca-certificates.yaml
@@ -2,7 +2,7 @@ package:
name: ca-certificates
# manual: update java-cacerts
version: "20241010"
- epoch: 1
+ epoch: 2
description: "CA certificates from the Mozilla trusted root program"
copyright:
- license: MPL-2.0 AND MIT
@@ -66,6 +66,9 @@ subpackages:
# Provide Fedora compatible location for the bundle (fixes compat with Dart lang)
mkdir -p ${{targets.subpkgdir}}/etc/pki/tls/certs/
ln -s ../../../ssl/certs/ca-certificates.crt ${{targets.subpkgdir}}/etc/pki/tls/certs/ca-bundle.crt
+ # Provide RHEL compatible location for the bundle (fixes compat with fluent-bit)
+ mkdir -p ${{targets.subpkgdir}}/etc/ssl/certs/
+ ln -s ca-certificates.crt ${{targets.subpkgdir}}/etc/ssl/certs/ca-bundle.crt
test:
environment:
@@ -80,6 +83,8 @@ test:
SSL_CERT_FILE=/etc/ssl/certs/ca-certificates.crt curl --ipv4 -v https://packages.wolfi.dev
# Test Fedora-like compat path
SSL_CERT_FILE=/etc/pki/tls/certs/ca-bundle.crt curl --ipv4 -v https://packages.wolfi.dev
+ # Test Rhel-like compat path
+ SSL_CERT_FILE=/etc/ssl/certs/ca-bundle.crt curl --ipv4 -v https://packages.wolfi.dev
c_rehash -v
update-ca-certificates --version
update-ca-certificates --help
diff --git a/capslock.yaml b/capslock.yaml
index f8997c022e6..02c29baad0c 100644
--- a/capslock.yaml
+++ b/capslock.yaml
@@ -1,6 +1,6 @@
package:
name: capslock
- version: 0.2.5
+ version: 0.2.6
epoch: 0
description: Capslock is a capability analysis CLI for Go packages that informs users of which privileged operations a given package can access
copyright:
@@ -17,7 +17,7 @@ pipeline:
with:
repository: https://github.com/google/capslock
tag: v${{package.version}}
- expected-commit: e505c8d18295dc208f71d4de153da7bae899446b
+ expected-commit: 8e3377587589a1c2c34748fa75c70074f86e15dc
- uses: go/build
with:
diff --git a/cargo-auditable.yaml b/cargo-auditable.yaml
index 07af167ea87..ae77351cffc 100644
--- a/cargo-auditable.yaml
+++ b/cargo-auditable.yaml
@@ -1,7 +1,7 @@
package:
name: cargo-auditable
- version: 0.6.4
- epoch: 2
+ version: 0.6.5
+ epoch: 0
description: Cargo wrapper for embedding auditing data
copyright:
- license: MIT OR Apache-2.0
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/rust-secure-code/cargo-auditable
tag: v${{package.version}}
- expected-commit: a0ed9cb5b98a0c927fa8d78aed04065144b136e7
+ expected-commit: ceb4475d237b0296a3ddb946e0337fb658743ccc
- name: cargo deps bump
runs: |
diff --git a/cassandra-reaper.yaml b/cassandra-reaper.yaml
index bd8f80cd188..d61e055a623 100644
--- a/cassandra-reaper.yaml
+++ b/cassandra-reaper.yaml
@@ -1,6 +1,6 @@
package:
name: cassandra-reaper
- version: 3.6.1
+ version: 3.7.0
epoch: 0
description: Automated Repair Awesomeness for Apache Cassandra
copyright:
@@ -34,11 +34,10 @@ pipeline:
with:
repository: https://github.com/thelastpickle/cassandra-reaper
tag: ${{package.version}}
- expected-commit: c98903c9d4b65b1ad1f6566498865524681239c7
+ expected-commit: 46356166424bf1822442f78c5373b4959e8af46c
- - uses: patch
- with:
- patches: upgrade-deps.patch
+ - uses: maven/pombump
+ working-directory: src/server
# Install native binary JAR to $HOME/.m2 so it can be used later
- runs: |
diff --git a/cassandra-reaper/src/server/pombump-deps.yaml b/cassandra-reaper/src/server/pombump-deps.yaml
new file mode 100644
index 00000000000..6a31106d20c
--- /dev/null
+++ b/cassandra-reaper/src/server/pombump-deps.yaml
@@ -0,0 +1,7 @@
+patches:
+ - groupId: org.yaml
+ artifactId: snakeyaml
+ version: 1.33
+ - groupId: io.netty
+ artifactId: netty-handler
+ version: 4.1.115.Final
diff --git a/cassandra-reaper/upgrade-deps.patch b/cassandra-reaper/upgrade-deps.patch
deleted file mode 100644
index 6e7f341c518..00000000000
--- a/cassandra-reaper/upgrade-deps.patch
+++ /dev/null
@@ -1,38 +0,0 @@
-diff --git a/src/server/pom.xml b/src/server/pom.xml
-index 58aa96bc..47e4f7b2 100644
---- a/src/server/pom.xml
-+++ b/src/server/pom.xml
-@@ -33,7 +33,7 @@
- 2.35
- 1.3.14
- 3.4.5
-- 1.12.0
-+ 1.13.0
- 0.12.0
- src/main/docker
- ${maven.build.timestamp}
-@@ -160,16 +160,21 @@
- com.boundary
- high-scale-lib
-
--
-+
-
-
-+
-+ org.yaml
-+ snakeyaml
-+ 1.33
-+
-
- io.netty
- netty-handler
-- 4.1.70.Final
-+ 4.1.94.Final
-
-
- com.datastax.cassandra
diff --git a/cedar.yaml b/cedar.yaml
index 614d4047b12..e727a4081f9 100644
--- a/cedar.yaml
+++ b/cedar.yaml
@@ -1,7 +1,7 @@
package:
name: cedar
- version: 4.2.1
- epoch: 1
+ version: 4.2.2
+ epoch: 0
description: "Core implementation of the Cedar language"
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/cedar-policy/cedar
- expected-commit: 9edbddd1d26aa4af1c54ddfa965cd7df924de461
+ expected-commit: 4dea3e60201f92139141d65c4a52966e056b007d
tag: v${{package.version}}
- name: Configure and build
diff --git a/chartmuseum.yaml b/chartmuseum.yaml
index dfa3515a7a5..948b0136c08 100644
--- a/chartmuseum.yaml
+++ b/chartmuseum.yaml
@@ -1,7 +1,7 @@
package:
name: chartmuseum
version: 0.16.2
- epoch: 6
+ epoch: 7
description: helm chart repository server
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
- uses: go/bump
with:
- deps: oras.land/oras-go@v1.2.6 github.com/docker/docker@v27.1.1
+ deps: oras.land/oras-go@v1.2.6 github.com/docker/docker@v27.1.1 github.com/golang-jwt/jwt/v4@v4.5.1
modroot: .
- uses: go/build
diff --git a/chezmoi.yaml b/chezmoi.yaml
index 2e2d768639f..20ef5f5a8e6 100644
--- a/chezmoi.yaml
+++ b/chezmoi.yaml
@@ -1,6 +1,6 @@
package:
name: chezmoi
- version: 2.53.1
+ version: 2.54.0
epoch: 0
description: Manage your dotfiles across multiple diverse machines, securely.
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/twpayne/chezmoi
tag: v${{package.version}}
- expected-commit: c6f57876f17a52de87636746cba0a1124439cbfc
+ expected-commit: 92f8a9854bc9a234b937dab2f7d75764efdc0e80
- uses: go/build
with:
diff --git a/chromium.yaml b/chromium.yaml
index d4060d821a9..97ed4576042 100644
--- a/chromium.yaml
+++ b/chromium.yaml
@@ -6,7 +6,7 @@
# And remove the use of the strip pipeline below
package:
name: chromium
- version: 130.0.6723.91
+ version: 131.0.6778.69
epoch: 0
description: "Open souce version of Google's chrome web browser"
copyright:
@@ -147,7 +147,7 @@ pipeline:
repository: https://chromium.googlesource.com/chromium/src.git
tag: ${{package.version}}
depth: 1
- expected-commit: 53ac076783696778ecc8f360ea31765c29c240ad
+ expected-commit: 77e2244bbcda3ab9362d5b8aeeb006a86a6d4832
destination: /home/src
- runs: |
@@ -185,9 +185,7 @@ pipeline:
double-conversion
flac
fontconfig
- freetype
harfbuzz-ng
- icu
libdrm
libevent
libjpeg
@@ -237,6 +235,7 @@ pipeline:
enable_nacl=false
enable_nocompile_tests_new=false
enable_widevine=true
+ enable_freetype=true
ffmpeg_branding=\"Chrome\"
icu_use_data_file=false
is_debug=false
diff --git a/cilium-cli.yaml b/cilium-cli.yaml
index efc047cb41a..3170e1807a3 100644
--- a/cilium-cli.yaml
+++ b/cilium-cli.yaml
@@ -1,6 +1,6 @@
package:
name: cilium-cli
- version: 0.16.19
+ version: 0.16.20
epoch: 0
description: CLI to install, manage & troubleshoot Kubernetes clusters running Cilium
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/cilium/cilium-cli
tag: v${{package.version}}
- expected-commit: 6977c4a640ad45da3a95eb12054497f2bdd22c48
+ expected-commit: 3286926bbf80fdd0103a372256459e577224f9f6
destination: cilium-cli
- runs: |
diff --git a/clang-15.yaml b/clang-15.yaml
index 0e924a2af99..87ab0828606 100644
--- a/clang-15.yaml
+++ b/clang-15.yaml
@@ -1,7 +1,7 @@
package:
name: clang-15
version: 15.0.7
- epoch: 3
+ epoch: 4
description: "C language family frontend for LLVM"
copyright:
- license: Apache-2.0
@@ -11,6 +11,7 @@ package:
dependencies:
runtime:
- libLLVM-15
+ - openssf-compiler-options
environment:
contents:
diff --git a/clang-16.yaml b/clang-16.yaml
index 163d98f026e..74baa4bae9a 100644
--- a/clang-16.yaml
+++ b/clang-16.yaml
@@ -1,7 +1,7 @@
package:
name: clang-16
version: 16.0.6
- epoch: 5
+ epoch: 6
description: "C language family frontend for LLVM"
copyright:
- license: Apache-2.0
@@ -11,6 +11,7 @@ package:
dependencies:
runtime:
- libLLVM-16
+ - openssf-compiler-options
provides:
- clang=${{package.full-version}}
diff --git a/clang-17.yaml b/clang-17.yaml
index 843f7607d11..854b0ce7bc1 100644
--- a/clang-17.yaml
+++ b/clang-17.yaml
@@ -1,7 +1,7 @@
package:
name: clang-17
version: 17.0.6
- epoch: 2
+ epoch: 3
description: "C language family frontend for LLVM"
copyright:
- license: Apache-2.0
@@ -11,6 +11,7 @@ package:
dependencies:
runtime:
- libLLVM-17
+ - openssf-compiler-options
provides:
- clang=${{package.full-version}}
diff --git a/clang-18.yaml b/clang-18.yaml
index 559b0cead1f..0191bd29481 100644
--- a/clang-18.yaml
+++ b/clang-18.yaml
@@ -1,7 +1,7 @@
package:
name: clang-18
version: 18.1.8
- epoch: 5
+ epoch: 6
description: "C language family frontend for LLVM"
copyright:
- license: Apache-2.0
@@ -15,6 +15,7 @@ package:
- libLLVM-18
- libclang-cpp-18
- llvm-18
+ - openssf-compiler-options
provides:
- clang=${{package.full-version}}
diff --git a/clang-19.yaml b/clang-19.yaml
index b1d4ff8874f..7e6b06d5593 100644
--- a/clang-19.yaml
+++ b/clang-19.yaml
@@ -1,7 +1,7 @@
package:
name: clang-19
version: 19.1.2
- epoch: 2
+ epoch: 3
description: "C language family frontend for LLVM"
copyright:
- license: Apache-2.0
@@ -15,6 +15,7 @@ package:
- libLLVM-19
- libclang-cpp-19
- llvm-19
+ - openssf-compiler-options
provides:
- clang=${{package.full-version}}
diff --git a/cloud-provider-azure-1.31.yaml b/cloud-provider-azure-1.31.yaml
new file mode 100644
index 00000000000..85183a18559
--- /dev/null
+++ b/cloud-provider-azure-1.31.yaml
@@ -0,0 +1,78 @@
+package:
+ name: cloud-provider-azure-1.31
+ version: 1.31.1
+ epoch: 0
+ description: Cloud provider for Azure
+ copyright:
+ - license: Apache-2.0
+
+var-transforms:
+ - from: ${{package.version}}
+ match: ^(\d+\.\d+)\.\d+$
+ replace: "$1"
+ to: major-minor-version
+
+data:
+ - name: cloud-provider-azure-packages
+ items:
+ cloud-controller-manager: Controller manager for Azure Cloud
+ cloud-node-manager: Node manager for Azure Cloud
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/kubernetes-sigs/cloud-provider-azure
+ tag: v${{package.version}}
+ expected-commit: 301bb5195472aa76bb36e24726c197ccbb19cfca
+
+subpackages:
+ - range: cloud-provider-azure-packages
+ name: cloud-provider-azure-${{range.key}}-${{vars.major-minor-version}}
+ description: ${{range.value}}
+ pipeline:
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ replaces: github.com/golang-jwt/jwt/v4=github.com/golang-jwt/jwt/v4@v4.5.1
+ - uses: go/build
+ with:
+ packages: ./cmd/${{range.key}}
+ ldflags: |
+ -X sigs.k8s.io/cloud-provider-azure/pkg/version.gitVersion=v${{package.version}}
+ -X k8s.io/client-go/pkg/version.gitVersion=v${{package.version}}
+ -X sigs.k8s.io/cloud-provider-azure/pkg/version.gitCommit=$(git rev-parse HEAD)
+ -X k8s.io/client-go/pkg/version.gitCommit=$(git rev-parse HEAD)
+ -X sigs.k8s.io/cloud-provider-azure/pkg/version.buildDate=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+ -X k8s.io/client-go/pkg/version.buildDate=$(date -u +'%Y-%m-%dT%H:%M:%SZ')
+ output: ${{range.key}}
+
+ - range: cloud-provider-azure-packages
+ name: cloud-provider-azure-${{range.key}}-${{vars.major-minor-version}}-compat
+ description: "compat package to place binaries at locations expected by upstream deployment"
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.subpkgdir}}/usr/local/bin
+ ln -sf /usr/bin/${{range.key}} ${{targets.subpkgdir}}/usr/local/bin/${{range.key}}
+
+test:
+ environment:
+ contents:
+ packages:
+ - cloud-provider-azure-cloud-controller-manager-1.31
+ - cloud-provider-azure-cloud-node-manager-1.31
+ pipeline:
+ - name: verify cloud-controller-manager
+ runs: |
+ /usr/bin/cloud-controller-manager --help
+ /usr/bin/cloud-controller-manager --version | grep v${{package.version}}
+ - name: verify cloud-node-manager
+ runs: |
+ /usr/bin/cloud-node-manager --help
+ /usr/bin/cloud-node-manager --version | grep v${{package.version}}
+
+update:
+ enabled: true
+ github:
+ identifier: kubernetes-sigs/cloud-provider-azure
+ strip-prefix: v
+ tag-filter: v1.31
diff --git a/cloudprober.yaml b/cloudprober.yaml
index b30d30faf25..c9b4dac242a 100644
--- a/cloudprober.yaml
+++ b/cloudprober.yaml
@@ -1,6 +1,6 @@
package:
name: cloudprober
- version: 0.13.7
+ version: 0.13.8
epoch: 0
description: An active monitoring software to detect failures before your customers do.
copyright:
@@ -9,7 +9,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: faf74212e6c4479df1c6027271b71eef54ef1774
+ expected-commit: 436fe4afb7fa4ce615ee46997d8a847fb3e62c4e
repository: https://github.com/cloudprober/cloudprober
tag: v${{package.version}}
diff --git a/cloudwatch-exporter.yaml b/cloudwatch-exporter.yaml
index c0ce125e054..772cd0fb891 100644
--- a/cloudwatch-exporter.yaml
+++ b/cloudwatch-exporter.yaml
@@ -1,7 +1,7 @@
package:
name: cloudwatch-exporter
version: 0.16.0 # Check if the version bump in the mvn command is still needed next time this package is updated
- epoch: 1
+ epoch: 2
description: Metrics exporter for Amazon AWS CloudWatch
copyright:
- license: Apache-2.0
diff --git a/cloudwatch-exporter/pombump-deps.yaml b/cloudwatch-exporter/pombump-deps.yaml
index bf6158705b7..99f34593e49 100644
--- a/cloudwatch-exporter/pombump-deps.yaml
+++ b/cloudwatch-exporter/pombump-deps.yaml
@@ -1,16 +1,12 @@
patches:
- - groupId: io.netty
- artifactId: netty-codec-http
- version: 4.1.108.Final
- scope: import
- - groupId: org.eclipse.jetty
- artifactId: jetty-servlet
- version: 11.0.24
- scope: import
- # - groupId: org.eclipse.jetty
- # artifactId: jetty-http
- # version: 12.0.12
- # scope: import
-
-# GHSA-qh8g-58pp-2wxh
-# GHSA-g8m5-722r-8whq
\ No newline at end of file
+ - groupId: io.netty
+ artifactId: netty-codec-http
+ version: 4.1.108.Final
+ scope: import
+ - groupId: org.eclipse.jetty
+ artifactId: jetty-servlet
+ version: 11.0.24
+ scope: import
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/cluster-api-controller.yaml b/cluster-api-controller.yaml
index c4fca190c06..3ecfe62c3cc 100644
--- a/cluster-api-controller.yaml
+++ b/cluster-api-controller.yaml
@@ -1,6 +1,6 @@
package:
name: cluster-api-controller
- version: 1.8.4
+ version: 1.8.5
epoch: 0
description: Cluster API core controller
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3cce0d973682f11ab0f0ba1c2522eba66dac2d91
+ expected-commit: 09f2f6b1758bb4e6eb88122209717b2525469258
repository: https://github.com/kubernetes-sigs/cluster-api
tag: v${{package.version}}
diff --git a/cluster-autoscaler-1.31.yaml b/cluster-autoscaler-1.31.yaml
index 781c2779bcd..5560453402a 100644
--- a/cluster-autoscaler-1.31.yaml
+++ b/cluster-autoscaler-1.31.yaml
@@ -1,7 +1,7 @@
package:
name: cluster-autoscaler-1.31
version: 1.31.0
- epoch: 1
+ epoch: 2
description: Autoscaling components for Kubernetes
copyright:
- license: Apache-2.0
@@ -28,7 +28,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/opencontainers/runc@v1.1.14 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
+ deps: github.com/opencontainers/runc@v1.1.14 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/golang-jwt/jwt/v4@v4.5.1
modroot: cluster-autoscaler
- uses: go/build
diff --git a/cluster-proportional-autoscaler.yaml b/cluster-proportional-autoscaler.yaml
index 1ac0af3b569..c786c3ac2a5 100644
--- a/cluster-proportional-autoscaler.yaml
+++ b/cluster-proportional-autoscaler.yaml
@@ -1,7 +1,7 @@
package:
name: cluster-proportional-autoscaler
- version: 1.8.11
- epoch: 9
+ version: 1.9.0
+ epoch: 0
description: Kubernetes Cluster Proportional Autoscaler Container
copyright:
- license: Apache-2.0
@@ -19,12 +19,7 @@ pipeline:
with:
repository: https://github.com/kubernetes-sigs/cluster-proportional-autoscaler
tag: v${{package.version}}
- expected-commit: 4162fb3a23917b918edc62d71b7da96c76a7377d
-
- - uses: go/bump
- with:
- deps: google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
- modroot: .
+ expected-commit: 9c84f0ca02e616aeb8074a34f1a4f76360265d5e
- uses: go/build
with:
diff --git a/clusterctl.yaml b/clusterctl.yaml
index 69080cb7bb3..975899a19fd 100644
--- a/clusterctl.yaml
+++ b/clusterctl.yaml
@@ -1,6 +1,6 @@
package:
name: clusterctl
- version: 1.8.4
+ version: 1.8.5
epoch: 0
description: A command line tool to manage clusters created by cluster API
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/kubernetes-sigs/cluster-api
tag: v${{package.version}}
- expected-commit: 3cce0d973682f11ab0f0ba1c2522eba66dac2d91
+ expected-commit: 09f2f6b1758bb4e6eb88122209717b2525469258
- uses: go/build
with:
diff --git a/confluent-docker-utils.yaml b/confluent-docker-utils.yaml
index 7751ac7a9cf..a8c54fa1754 100644
--- a/confluent-docker-utils.yaml
+++ b/confluent-docker-utils.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates
package:
name: confluent-docker-utils
- version: 0.0.108
+ version: 0.0.115
epoch: 0
description: This package provides Docker Utility Belt (dub) and Confluent Platform Utility Belt (cub).
copyright:
@@ -30,7 +30,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: b31712639e39e18e30d6c4543d4fd512b6e48973
+ expected-commit: 092d9c815bb5586df1ed923f525aaf5de2b91dd4
repository: https://github.com/confluentinc/confluent-docker-utils
tag: v${{package.version}}
diff --git a/confluent-kafka-images.yaml b/confluent-kafka-images.yaml
index 9bfb5f48842..dd0784b090a 100644
--- a/confluent-kafka-images.yaml
+++ b/confluent-kafka-images.yaml
@@ -1,7 +1,7 @@
#nolint:git-checkout-must-use-github-updates
package:
name: confluent-kafka-images
- version: 7.9.0.15
+ version: 7.9.0.20
epoch: 0
description: Provides build files for Apache Kafka and Confluent Docker images
copyright:
@@ -22,7 +22,7 @@ var-transforms:
pipeline:
- uses: git-checkout
with:
- expected-commit: 59165a5d19f0b1144bff753698dee8a6c3e49240
+ expected-commit: b44a00b914f9b6bf78c5493bd5416540bf48306a
repository: https://github.com/confluentinc/kafka-images
tag: v${{vars.mangled-package-version}}
diff --git a/confluent-kafka.yaml b/confluent-kafka.yaml
index 78a0e4b45d9..dc71eeae742 100644
--- a/confluent-kafka.yaml
+++ b/confluent-kafka.yaml
@@ -8,7 +8,7 @@ package:
# with the `version:` field.
# 2. Created a new variable `mangled-package-version` to append `-ccs` to the
# version.
- version: 8.0.0.86
+ version: 8.0.0.152
epoch: 0
description: Community edition of Confluent Kafka.
copyright:
@@ -46,7 +46,7 @@ var-transforms:
pipeline:
- uses: git-checkout
with:
- expected-commit: a7e0f5aa47b23ece98a5cbb4bf3fba1e3d4bae21
+ expected-commit: bf87087a48b0846af52a39c4ef09538c369f3d61
repository: https://github.com/confluentinc/kafka
tag: v${{vars.mangled-package-version}}
diff --git a/consul-k8s-1.5.yaml b/consul-k8s-1.6.yaml
similarity index 90%
rename from consul-k8s-1.5.yaml
rename to consul-k8s-1.6.yaml
index 1c4322b3b27..17446bb979c 100644
--- a/consul-k8s-1.5.yaml
+++ b/consul-k8s-1.6.yaml
@@ -1,6 +1,6 @@
package:
- name: consul-k8s-1.5
- version: 1.5.3
+ name: consul-k8s-1.6
+ version: 1.6.1
epoch: 0
description: The consul-k8s includes first-class integrations between Consul and Kubernetes.
copyright:
@@ -15,7 +15,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/hashicorp/consul-k8s
- expected-commit: 2cb07690ef4f557e65cd0606af30deafd18c3f6a
+ expected-commit: 7e1efe4d2e2de852449876999292eef843aa7bfc
tag: v${{package.version}}
- uses: go/build
@@ -50,7 +50,7 @@ update:
github:
identifier: hashicorp/consul-k8s
strip-prefix: v
- tag-filter-prefix: v1.5.
+ tag-filter-prefix: v1.6.
test:
pipeline:
diff --git a/coredns.yaml b/coredns.yaml
index 2596f51b7b2..940a1e74891 100644
--- a/coredns.yaml
+++ b/coredns.yaml
@@ -1,7 +1,7 @@
package:
name: coredns
- version: 1.11.3
- epoch: 7
+ version: 1.11.4
+ epoch: 0
description: CoreDNS is a DNS server that chains plugins
copyright:
- license: Apache-2.0
@@ -15,7 +15,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: a7ed346585e30b99317d36e4d007b7b19a228ea5
+ expected-commit: 6e11ebddfc13bfca683fcbcae72cc4af6de47dd2
repository: https://github.com/coredns/coredns
tag: v${{package.version}}
diff --git a/coreutils.yaml b/coreutils.yaml
index 49c220d9c6a..319529525c2 100644
--- a/coreutils.yaml
+++ b/coreutils.yaml
@@ -1,7 +1,7 @@
package:
name: coreutils
version: "9.5"
- epoch: 2
+ epoch: 3
description: "GNU core utilities"
copyright:
- license: GPL-3.0-or-later
@@ -18,6 +18,7 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
+ - openssf-compiler-options
- openssl-dev
- texinfo
- wolfi-base
diff --git a/cosign.yaml b/cosign.yaml
index c7c85769452..d4a666d0f49 100644
--- a/cosign.yaml
+++ b/cosign.yaml
@@ -1,7 +1,7 @@
package:
name: cosign
version: 2.4.1
- epoch: 0
+ epoch: 1
description: Container Signing
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/docker/docker@v26.1.5+incompatible
+ deps: github.com/docker/docker@v26.1.5+incompatible github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/docker/docker=github.com/docker/docker@v26.1.5+incompatible
- uses: go/build
diff --git a/croc.yaml b/croc.yaml
index bc088d276d6..09756747527 100644
--- a/croc.yaml
+++ b/croc.yaml
@@ -1,6 +1,6 @@
package:
name: croc
- version: 10.0.13
+ version: 10.1.0
epoch: 0
description: Easily and securely send things from one computer to another
copyright:
@@ -21,7 +21,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/schollz/croc
- expected-commit: 146f6413a9880bbee0424fff507efc9f5bada7a8
+ expected-commit: 53323cb8c43c05090543e5437fef8b1fa269aeea
tag: v${{package.version}}
- uses: go/build
diff --git a/crossplane-provider-aws.yaml b/crossplane-provider-aws.yaml
index 7d3fc274af8..8f6e5e4eda6 100644
--- a/crossplane-provider-aws.yaml
+++ b/crossplane-provider-aws.yaml
@@ -1,6 +1,6 @@
package:
name: crossplane-provider-aws
- version: 1.16.0
+ version: 1.17.0
epoch: 0
description: Official AWS Provider for Crossplane by Upbound
copyright:
@@ -30,7 +30,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: aa3b503407261b9b32fcda6051ca9f1d450563d4
+ expected-commit: 3d60c8cf56f04b3e80d56ea5c7b33e6712e323cb
repository: https://github.com/upbound/provider-aws
tag: v${{package.version}}
diff --git a/crossplane-provider-azure.yaml b/crossplane-provider-azure.yaml
index 554709367f0..692452c9b36 100644
--- a/crossplane-provider-azure.yaml
+++ b/crossplane-provider-azure.yaml
@@ -1,6 +1,6 @@
package:
name: crossplane-provider-azure
- version: 1.7.0
+ version: 1.8.0
epoch: 0
description: Official Azure Provider for Crossplane by Upbound
copyright:
@@ -28,9 +28,13 @@ pipeline:
with:
repository: https://github.com/upbound/provider-azure
tag: v${{package.version}}
- expected-commit: e5758fdcc88c49fcb0ba97c7a5b905ebf1d329b7
+ expected-commit: c73b635451ff59843574ad44be1df1cf0ae6a4fe
recurse-submodules: true
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
# `make` downloads `up`, unless we move our prebuilt `up` to where it expects it.
GOARCH=$(go env GOARCH)
diff --git a/crossplane-provider-gcp.yaml b/crossplane-provider-gcp.yaml
index ff00e76625c..e947da7fd1a 100644
--- a/crossplane-provider-gcp.yaml
+++ b/crossplane-provider-gcp.yaml
@@ -1,6 +1,6 @@
package:
name: crossplane-provider-gcp
- version: 1.8.3
+ version: 1.9.0
epoch: 0
description: Official GCP Provider for Crossplane by Upbound
copyright:
@@ -29,7 +29,7 @@ pipeline:
with:
repository: https://github.com/upbound/provider-gcp
tag: v${{package.version}}
- expected-commit: 3a30fa6cff7d41a2f87c93e7afcf83f364d2bc2d
+ expected-commit: f90cbe5ef5d6d701b99cc4446b1f1a215afd9c52
recurse-submodules: true
- runs: |
diff --git a/crossplane.yaml b/crossplane.yaml
index 31874e323e1..89048a42f15 100644
--- a/crossplane.yaml
+++ b/crossplane.yaml
@@ -1,6 +1,6 @@
package:
name: crossplane
- version: 1.17.2
+ version: 1.18.0
epoch: 0
description: Cloud Native Control Planes
copyright:
@@ -13,7 +13,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: b61cb6eab7bf5d8814e39a2fd9faca9c26d6499d
+ expected-commit: e663a43ece850e93fe5cdebb2e478e2fb9762ad1
repository: https://github.com/crossplane/crossplane
tag: v${{package.version}}
@@ -24,10 +24,6 @@ pipeline:
mkdir -p ${{targets.destdir}}/webhookconfigurations
cp cluster/webhookconfigurations/* ${{targets.destdir}}/webhookconfigurations
- - uses: go/bump
- with:
- deps: github.com/docker/docker@v26.1.5
-
- uses: go/build
with:
output: crossplane
diff --git a/curl-rustls.yaml b/curl-rustls.yaml
index 9fd96b88670..1a897ead2d6 100644
--- a/curl-rustls.yaml
+++ b/curl-rustls.yaml
@@ -1,7 +1,7 @@
package:
name: curl-rustls
- version: 8.10.1
- epoch: 1
+ version: 8.11.0
+ epoch: 0
description: "URL retrieval utility and library"
copyright:
- license: MIT
@@ -42,7 +42,7 @@ pipeline:
with:
repository: https://github.com/curl/curl.git
tag: curl-${{vars.mangled-package-version}}
- expected-commit: 7eb8c048470ed2cc14dca75be9c1cdae7ac8498b
+ expected-commit: b1ef0e1a01c0bb6ee5367bd9c186a603bde3615a
- runs: autoreconf -vif
diff --git a/curl.yaml b/curl.yaml
index 8eb472a7678..f869e711de5 100644
--- a/curl.yaml
+++ b/curl.yaml
@@ -1,7 +1,7 @@
package:
name: curl
- version: 8.10.1
- epoch: 2
+ version: 8.11.0
+ epoch: 0
description: "URL retrieval utility and library"
copyright:
- license: MIT
@@ -28,7 +28,11 @@ pipeline:
- uses: fetch
with:
uri: https://curl.se/download/curl-${{package.version}}.tar.xz
- expected-sha256: 73a4b0e99596a09fa5924a4fb7e4b995a85fda0d18a2c02ab9cf134bebce04ee
+ expected-sha256: db59cf0d671ca6e7f5c2c5ec177084a33a79e04c97e71cf183a5cdea235054eb
+
+ - uses: patch
+ with:
+ patches: netrc.patch
- uses: autoconf/configure
with:
@@ -50,7 +54,7 @@ pipeline:
- uses: autoconf/make
with:
- opts: CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_ENGINE"
+ opts: CPPFLAGS="$CPPFLAGS -DOPENSSL_NO_ENGINE -D_GNU_SOURCE"
- uses: autoconf/make-install
diff --git a/curl/netrc.patch b/curl/netrc.patch
new file mode 100644
index 00000000000..13b10abf3d9
--- /dev/null
+++ b/curl/netrc.patch
@@ -0,0 +1,217 @@
+From f5c616930b5cf148b1b2632da4f5963ff48bdf88 Mon Sep 17 00:00:00 2001
+From: Daniel Stenberg
+Date: Thu, 7 Nov 2024 08:52:38 +0100
+Subject: [PATCH] duphandle: also init netrc
+
+The netrc init was only done in the Curl_open, meaning that a duplicated
+handle would not get inited properly.
+
+Added test 2309 to verify. It does netrc auth with a duplicated handle.
+
+Regression from 3b43a05e000aa8f65bda513f733a
+
+Reported-by: tranzystorekk on github
+Fixes #15496
+Closes #15503
+---
+ lib/easy.c | 1 +
+ tests/data/Makefile.am | 2 +-
+ tests/data/test2309 | 66 ++++++++++++++++++++++++++++++++++++++
+ tests/libtest/Makefile.inc | 5 ++-
+ tests/libtest/lib2309.c | 66 ++++++++++++++++++++++++++++++++++++++
+ 5 files changed, 138 insertions(+), 2 deletions(-)
+ create mode 100644 tests/data/test2309
+ create mode 100644 tests/libtest/lib2309.c
+
+diff --git a/lib/easy.c b/lib/easy.c
+index d16fa8c07afec0..ac8fab34220d9b 100644
+--- a/lib/easy.c
++++ b/lib/easy.c
+@@ -940,6 +940,7 @@ CURL *curl_easy_duphandle(CURL *d)
+ goto fail;
+
+ Curl_dyn_init(&outcurl->state.headerb, CURL_MAX_HTTP_HEADER);
++ Curl_netrc_init(&outcurl->state.netrc);
+
+ /* the connection pool is setup on demand */
+ outcurl->state.lastconnect_id = -1;
+diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
+index 02bf2ae25bfd49..ea5221c00fd419 100644
+--- a/tests/data/Makefile.am
++++ b/tests/data/Makefile.am
+@@ -255,7 +255,7 @@ test2100 \
+ test2200 test2201 test2202 test2203 test2204 test2205 \
+ \
+ test2300 test2301 test2302 test2303 test2304 test2305 test2306 test2307 \
+-test2308 \
++test2308 test2309 \
+ \
+ test2400 test2401 test2402 test2403 test2404 test2405 test2406 \
+ \
+diff --git a/tests/data/test2309 b/tests/data/test2309
+new file mode 100644
+index 00000000000000..4ba78ee91e179c
+--- /dev/null
++++ b/tests/data/test2309
+@@ -0,0 +1,66 @@
++
++
++
++netrc
++HTTP
++
++
++#
++# Server-side
++
++
++HTTP/1.1 200 OK
++Date: Tue, 09 Nov 2010 14:49:00 GMT
++Server: test-server/fake
++Last-Modified: Tue, 13 Jun 2000 12:10:00 GMT
++ETag: "21025-dc7-39462498"
++Accept-Ranges: bytes
++Content-Length: 6
++Connection: close
++Content-Type: text/html
++Funny-head: yesyes
++
++-foo-
++
++
++
++#
++# Client-side
++
++
++http
++
++
++proxy
++
++
++# Reproducing issue 15496
++
++HTTP with .netrc using duped easy handle
++
++
++lib%TESTNUMBER
++
++
++http://github.com %LOGDIR/netrc%TESTNUMBER http://%HOSTIP:%HTTPPORT/
++
++
++
++machine github.com
++
++login daniel
++password $y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPul1
++
++
++
++
++
++GET http://github.com/ HTTP/1.1
++Host: github.com
++Authorization: Basic %b64[daniel:$y$j9T$WUVjiVvDbRAWafDLs6cab1$01NX.oaZKf5lw8MR2Nk9Yaxv4CqbE0IaDF.GpGxPul1]b64%
++Accept: */*
++Proxy-Connection: Keep-Alive
++
++
++
++
+diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
+index 339a00fc4ed41e..8f58fd64229d5c 100644
+--- a/tests/libtest/Makefile.inc
++++ b/tests/libtest/Makefile.inc
+@@ -77,7 +77,7 @@ LIBTESTPROGS = libauthretry libntlmconnect libprereq \
+ lib1945 lib1946 lib1947 lib1948 lib1955 lib1956 lib1957 lib1958 lib1959 \
+ lib1960 lib1964 \
+ lib1970 lib1971 lib1972 lib1973 lib1974 lib1975 \
+- lib2301 lib2302 lib2304 lib2305 lib2306 lib2308 \
++ lib2301 lib2302 lib2304 lib2305 lib2306 lib2308 lib2309 \
+ lib2402 lib2404 lib2405 \
+ lib2502 \
+ lib3010 lib3025 lib3026 lib3027 \
+@@ -683,6 +683,9 @@ lib2306_LDADD = $(TESTUTIL_LIBS)
+ lib2308_SOURCES = lib2308.c $(SUPPORTFILES)
+ lib2308_LDADD = $(TESTUTIL_LIBS)
+
++lib2309_SOURCES = lib2309.c $(SUPPORTFILES)
++lib2309_LDADD = $(TESTUTIL_LIBS)
++
+ lib2402_SOURCES = lib2402.c $(SUPPORTFILES) $(TESTUTIL) $(WARNLESS)
+ lib2402_LDADD = $(TESTUTIL_LIBS)
+
+diff --git a/tests/libtest/lib2309.c b/tests/libtest/lib2309.c
+new file mode 100644
+index 00000000000000..11f1c1fbd88684
+--- /dev/null
++++ b/tests/libtest/lib2309.c
+@@ -0,0 +1,66 @@
++/***************************************************************************
++ * _ _ ____ _
++ * Project ___| | | | _ \| |
++ * / __| | | | |_) | |
++ * | (__| |_| | _ <| |___
++ * \___|\___/|_| \_\_____|
++ *
++ * Copyright (C) Daniel Stenberg, , et al.
++ *
++ * This software is licensed as described in the file COPYING, which
++ * you should have received as part of this distribution. The terms
++ * are also available at https://curl.se/docs/copyright.html.
++ *
++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
++ * copies of the Software, and permit persons to whom the Software is
++ * furnished to do so, under the terms of the COPYING file.
++ *
++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
++ * KIND, either express or implied.
++ *
++ * SPDX-License-Identifier: curl
++ *
++ ***************************************************************************/
++
++#include "test.h"
++#include "testtrace.h"
++
++#include
++
++static size_t cb_ignore(char *buffer, size_t size, size_t nmemb, void *userp)
++{
++ (void)buffer;
++ (void)size;
++ (void)nmemb;
++ (void)userp;
++ return CURL_WRITEFUNC_ERROR;
++}
++
++CURLcode test(char *URL)
++{
++ CURL *curl;
++ CURL *curldupe;
++ CURLcode res = CURLE_OK;
++
++ global_init(CURL_GLOBAL_ALL);
++ curl = curl_easy_init();
++ if(curl) {
++ curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, cb_ignore);
++ curl_easy_setopt(curl, CURLOPT_URL, URL);
++ curl_easy_setopt(curl, CURLOPT_VERBOSE, 1L);
++ curl_easy_setopt(curl, CURLOPT_PROXY, libtest_arg3);
++ curl_easy_setopt(curl, CURLOPT_NETRC, (long)CURL_NETRC_REQUIRED);
++ curl_easy_setopt(curl, CURLOPT_NETRC_FILE, libtest_arg2);
++
++ curldupe = curl_easy_duphandle(curl);
++ if(curldupe) {
++ res = curl_easy_perform(curldupe);
++ printf("Returned %d, should be %d.\n", res, CURLE_WRITE_ERROR);
++ fflush(stdout);
++ curl_easy_cleanup(curldupe);
++ }
++ curl_easy_cleanup(curl);
++ }
++ curl_global_cleanup();
++ return CURLE_OK;
++}
diff --git a/cython-0.yaml b/cython-0.yaml
index 1c78d23a539..6726f5750ba 100644
--- a/cython-0.yaml
+++ b/cython-0.yaml
@@ -1,13 +1,15 @@
package:
name: cython-0
version: 0.29.37.1
- epoch: 0
+ epoch: 1
description: Cython is an optimising static compiler for both the Python & the extended Cython programming languages.
copyright:
- license: Apache-2.0
dependencies:
provides:
- cython=${{package.version}}-r${{package.epoch}}
+ runtime:
+ - python3
environment:
contents:
@@ -15,6 +17,7 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
+ - openssf-compiler-options
- py3-setuptools
- python3
- python3-dev
@@ -27,8 +30,8 @@ pipeline:
tag: ${{package.version}}
- runs: |
- python setup.py build
- python setup.py install --prefix=/usr --root="${{targets.destdir}}"
+ python3 setup.py build
+ python3 setup.py install --prefix=/usr --root="${{targets.destdir}}"
- uses: strip
diff --git a/dagdotdev.yaml b/dagdotdev.yaml
index 174e4ed6999..70a2c6d11fa 100644
--- a/dagdotdev.yaml
+++ b/dagdotdev.yaml
@@ -1,6 +1,6 @@
package:
name: dagdotdev
- version: 0.0.9
+ version: 0.0.10
epoch: 0
description: oci and apk explorer
copyright:
@@ -21,7 +21,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 9b6901489365b6f793e17f8166dc5ea92148b8a1
+ expected-commit: 7087a0d089eaee31c90b64be3bd135ab760cb7f7
repository: https://github.com/jonjohnsonjr/dagdotdev
tag: v${{package.version}}
diff --git a/dagger.yaml b/dagger.yaml
index 1512526f66b..c2308efd491 100644
--- a/dagger.yaml
+++ b/dagger.yaml
@@ -1,6 +1,6 @@
package:
name: dagger
- version: 0.13.7
+ version: 0.14.0
epoch: 0
description: Application Delivery as Code that Runs Anywhere
copyright:
@@ -15,7 +15,7 @@ pipeline:
with:
repository: https://github.com/dagger/dagger
tag: v${{package.version}}
- expected-commit: feb05dba7b9aa2be19f27a74a77e00305aaa3adf
+ expected-commit: ec9686a4b922e278614ed1754d308c75eaa59586
- uses: go/build
with:
diff --git a/dart.yaml b/dart.yaml
index c31e4f60a85..0ddad3964f9 100644
--- a/dart.yaml
+++ b/dart.yaml
@@ -1,6 +1,6 @@
package:
name: dart
- version: 3.5.3
+ version: 3.5.4
epoch: 0
description: The Dart SDK, including the VM, JS and Wasm compilers, analysis, core libraries, and more.
copyright:
@@ -36,7 +36,7 @@ pipeline:
cd sdk
git fetch --tags --all
git checkout tags/${{package.version}} -b ${{package.version}}
- gclient sync
+ gclient sync -D
- if: ${{build.arch}} == "x86_64"
working-directory: /home/dart-sdk/sdk
@@ -56,7 +56,7 @@ pipeline:
with:
repository: https://github.com/dart-lang/sdk
tag: ${{package.version}}
- expected-commit: 179da3ba67ead156a3ba718bd798cb7a1728e741
+ expected-commit: 88c9758ef131d430d8ce595c6bfb4c90574d3ddd
subpackages:
- name: ${{package.name}}-runtime
diff --git a/datadog-agent-nvml.yaml b/datadog-agent-nvml.yaml
index f7ef2552fc9..096c3efe822 100644
--- a/datadog-agent-nvml.yaml
+++ b/datadog-agent-nvml.yaml
@@ -1,7 +1,7 @@
package:
name: datadog-agent-nvml
version: 1.0.9
- epoch: 0
+ epoch: 2
description: "Checks NVIDIA Management Library (NVML) exposed metrics through the Datadog Agent and can correlate them with the exposed Kubernetes devices"
copyright:
- license: Apache-2.0
@@ -23,7 +23,7 @@ environment:
vars:
dd_conf: /etc/datadog-agent/conf.d
dd_home: / # agent being run by root expects /.
- dd_shared: /usr/share/datadog-agent
+ dd_shared: /opt/datadog-agent/embedded
python_version: "3.11"
pipeline:
@@ -66,6 +66,7 @@ pipeline:
#
# This project uses hatchling as build backend, instead of setuptools, as defaulted in pip.
pip install --no-deps --no-cache-dir --constraint /opt/datadog-agent/final_constraints-py3.txt ./nvml
+ pip install -r ./nvml/requirements.in
# Cleanup before preparing the package content.
find ${{vars.dd_shared}} -name "*.pyc" -delete
@@ -96,19 +97,18 @@ test:
- datadog-agent-core-integrations
- datadog-agent-nvml=${{package.full-version}}
environment:
- PYTHONPATH: /usr/share/datadog-agent/lib/python${{vars.python_version}}/site-packages
- PATH: /opt/datadog-agent/bin/agent/:/opt/datadog-agent/embedded/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin
+ PYTHONPATH: ${{vars.dd_shared}}/lib/python${{vars.python_version}}/site-packages
pipeline:
- runs: |
stat /etc/datadog-agent/conf.d/nvml.d/conf.yaml.example
- stat /usr/share/datadog-agent/lib/python${{vars.python_version}}/site-packages/datadog_checks/nvml/__init__.py
- stat /usr/share/datadog-agent/lib/python${{vars.python_version}}/site-packages/datadog_nvml-${{package.version}}.dist-info/WHEEL
+ stat ${{vars.dd_shared}}/lib/python${{vars.python_version}}/site-packages/datadog_checks/nvml/__init__.py
+ stat ${{vars.dd_shared}}/lib/python${{vars.python_version}}/site-packages/datadog_nvml-${{package.version}}.dist-info/WHEEL
- name: Verify the integration is installed # https://docs.datadoghq.com/agent/guide/integration-management/?tab=linux#install
runs: |
- cp /opt/datadog-agent/requirements-agent-release.txt ${{vars.dd_home}}/
- cp /opt/datadog-agent/final_constraints-py3.txt ${{vars.dd_home}}/
- mkdir -p /embedded/bin && ln -s $(which python3) ${{vars.dd_home}}/embedded/bin/python3
- VERSION="$(agent integration show datadog-nvml | cut -d ':' -f2 | tr -d ' ')"
+ /opt/datadog-agent/bin/agent/agent integration show datadog-nvml
+ - name: Verify the integration version
+ runs: |
+ VERSION="$(/opt/datadog-agent/bin/agent/agent integration show datadog-nvml | cut -d ':' -f2 | tr -d ' ')"
test $VERSION = ${{package.version}}
update:
@@ -117,3 +117,4 @@ update:
identifier: DataDog/integrations-extras
strip-prefix: nvml-
tag-filter: nvml-
+ use-tag: true
diff --git a/datadog-agent.yaml b/datadog-agent.yaml
index bbfb92ba8dd..c5687f7fd21 100644
--- a/datadog-agent.yaml
+++ b/datadog-agent.yaml
@@ -2,8 +2,8 @@ package:
name: datadog-agent
# This package has two git checkouts. For each new release, the commit SHA for
# DataDog/integrations-core must also be updated.
- version: 7.58.2
- epoch: 0
+ version: 7.59.0
+ epoch: 1
description: "Collect events and metrics from your hosts that send data to Datadog."
copyright:
- license: Apache-2.0
@@ -16,6 +16,10 @@ package:
- libseccomp
- shadow
+vars:
+ py-version: "3.11"
+ destd: /opt/datadog-agent
+
var-transforms:
- from: ${{package.version}}
match: ^(\d+\.\d+)\.\d+$
@@ -62,10 +66,11 @@ environment:
- ninja
- openssf-compiler-options
- procps-dev
- - py3.11-pip
- - py3.11-semver
- - python3-dev~3.11 # strictly requires python3.11
+ - py${{vars.py-version}}-pip
+ - py${{vars.py-version}}-semver
+ - python-${{vars.py-version}}-dev # strictly requires python3.11
- systemd-dev
+ - util-linux-misc # unshare
- wget # Required for downloading clang-12 and kernel headers from debian
environment:
# CGo allows Go programs to call C code
@@ -87,20 +92,20 @@ pipeline:
with:
repository: https://github.com/DataDog/datadog-agent
tag: ${{package.version}}
- expected-commit: 4ad1243fb72f187be315374ce0baaac5dbb74632
+ expected-commit: b97c90616b68239053e33f46f4db6900f2c59f4a
# Install `invoke` (build) dependencies. We ultimately package with venv so
# these won't leak into the package.
- runs: |
# install `invoke` and its dependencies
- python3.11 -m pip install invoke requests toml pyyaml packaging
+ python${{vars.py-version}} -m pip install invoke requests toml pyyaml packaging
# install `gitlab`
- python3.11 -m pip install python-gitlab
+ python${{vars.py-version}} -m pip install python-gitlab
- uses: go/bump
with:
- deps: github.com/moby/buildkit@v0.13.1 github.com/docker/docker@v26.1.5
+ deps: github.com/moby/buildkit@v0.13.1
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
show-diff: true
@@ -143,7 +148,8 @@ pipeline:
# Build once to correctly setup links/generates. The system-probe we end
# up using will be part of the multicall below.
- invoke -e system-probe.build \
+ unshare --user --map-root-user \
+ invoke -e system-probe.build \
--strip-object-files \
--no-bundle \
--bundle-ebpf
@@ -180,37 +186,48 @@ pipeline:
--embedded-path /usr/lib
- runs: |
- install -Dm755 bin/agent/agent ${{targets.destdir}}/usr/bin/agent
- # *-agent is just a symlink to the "agent" multicall
- ln -s agent ${{targets.destdir}}/usr/bin/process-agent
- ln -s agent ${{targets.destdir}}/usr/bin/security-agent
- ln -s agent ${{targets.destdir}}/usr/bin/trace-agent
- ln -s agent ${{targets.destdir}}/usr/bin/system-probe
-
- mkdir -p ${{targets.destdir}}/etc/datadog-agent/
-
- cp -r Dockerfiles/agent/s6-services ${{targets.destdir}}/etc/services.d
- cp -r Dockerfiles/agent/cont-init.d ${{targets.destdir}}/etc/cont-init.d
+ mkdir -p \
+ ${{targets.contextdir}}${{vars.destd}}/bin/agent \
+ ${{targets.contextdir}}${{vars.destd}}/embedded/bin
- install -Dm644 Dockerfiles/agent/datadog-docker.yaml ${{targets.destdir}}/etc/datadog-agent/datadog-docker.yaml
- install -Dm644 Dockerfiles/agent/datadog-ecs.yaml ${{targets.destdir}}/etc/datadog-agent/datadog-ecs.yaml
- install -Dm644 bin/agent/dist/datadog.yaml ${{targets.destdir}}/etc/datadog-agent/datadog.yaml.example
- install -Dm644 bin/agent/dist/system-probe.yaml ${{targets.destdir}}/etc/datadog-agent/system-probe.yaml.example
- install -Dm644 bin/agent/dist/security-agent.yaml ${{targets.destdir}}/etc/datadog-agent/security-agent.yaml.example
-
- install -Dm755 Dockerfiles/agent/entrypoint.sh ${{targets.destdir}}/bin/entrypoint.sh
- install -Dm755 Dockerfiles/agent/probe.sh ${{targets.destdir}}/probe.sh
- install -Dm755 Dockerfiles/agent/initlog.sh ${{targets.destdir}}/initlog.sh
- install -Dm755 Dockerfiles/agent/secrets-helper/readsecret.py ${{targets.destdir}}/readsecret.py
- install -Dm755 Dockerfiles/agent/secrets-helper/readsecret.sh ${{targets.destdir}}/readsecret.sh
- install -Dm755 Dockerfiles/agent/secrets-helper/readsecret_multiple_providers.sh ${{targets.destdir}}/readsecret_multiple_providers.sh
-
- cp -r bin/agent/dist/conf.d ${{targets.destdir}}/etc/datadog-agent/conf.d
+ install -Dm755 bin/agent/agent ${{targets.contextdir}}${{vars.destd}}/bin/agent
+ # *-agent is just a symlink to the "agent" multicall
+ ln -s ${{vars.destd}}/bin/agent/agent ${{targets.contextdir}}${{vars.destd}}/embedded/bin/process-agent
+ ln -s ${{vars.destd}}/bin/agent/agent ${{targets.contextdir}}${{vars.destd}}/embedded/bin/security-agent
+ ln -s ${{vars.destd}}/bin/agent/agent ${{targets.contextdir}}${{vars.destd}}/embedded/bin/trace-agent
+ ln -s ${{vars.destd}}/bin/agent/agent ${{targets.contextdir}}${{vars.destd}}/embedded/bin/system-probe
+
+ mkdir -p ${{targets.contextdir}}/etc/datadog-agent/
+
+ cp -r Dockerfiles/agent/s6-services ${{targets.contextdir}}/etc/services.d
+ cp -r Dockerfiles/agent/cont-init.d ${{targets.contextdir}}/etc/cont-init.d
+
+ install -Dm644 Dockerfiles/agent/datadog-docker.yaml ${{targets.contextdir}}/etc/datadog-agent/datadog-docker.yaml
+ install -Dm644 Dockerfiles/agent/datadog-ecs.yaml ${{targets.contextdir}}/etc/datadog-agent/datadog-ecs.yaml
+ install -Dm644 bin/agent/dist/datadog.yaml ${{targets.contextdir}}/etc/datadog-agent/datadog.yaml.example
+ install -Dm644 bin/agent/dist/system-probe.yaml ${{targets.contextdir}}/etc/datadog-agent/system-probe.yaml.example
+ install -Dm644 bin/agent/dist/security-agent.yaml ${{targets.contextdir}}/etc/datadog-agent/security-agent.yaml.example
+
+ install -Dm755 Dockerfiles/agent/entrypoint.sh ${{targets.contextdir}}/bin/entrypoint.sh
+ install -Dm755 Dockerfiles/agent/probe.sh ${{targets.contextdir}}/probe.sh
+ install -Dm755 Dockerfiles/agent/initlog.sh ${{targets.contextdir}}/initlog.sh
+ install -Dm755 Dockerfiles/agent/secrets-helper/readsecret.py ${{targets.contextdir}}/readsecret.py
+ install -Dm755 Dockerfiles/agent/secrets-helper/readsecret.sh ${{targets.contextdir}}/readsecret.sh
+ install -Dm755 Dockerfiles/agent/secrets-helper/readsecret_multiple_providers.sh ${{targets.contextdir}}/readsecret_multiple_providers.sh
+
+ confd=${{targets.contextdir}}/etc/datadog-agent/conf.d
+ cp -r bin/agent/dist/conf.d "$confd"
+ # https://github.com/NixOS/nixpkgs/pull/189795
+ # the agent apparently loads .yaml.default files, which then cause noise in logs.
+ rm -rf \
+ "$confd/apm.yaml.default" \
+ "$confd/process_agent.yaml.default" \
+ "$confd/winproc.d"
# Setup s3-overlay overrides
- mkdir -p ${{targets.destdir}}/etc/s6/init
- cp -r Dockerfiles/agent/init-stage3 ${{targets.destdir}}/etc/s6/init/init-stage3
- cp Dockerfiles/agent/init-stage3-host-pid ${{targets.destdir}}/etc/s6/init/init-stage3-host-pid
+ mkdir -p ${{targets.contextdir}}/etc/s6/init
+ cp -r Dockerfiles/agent/init-stage3 ${{targets.contextdir}}/etc/s6/init/init-stage3
+ cp Dockerfiles/agent/init-stage3-host-pid ${{targets.contextdir}}/etc/s6/init/init-stage3-host-pid
- uses: strip
@@ -225,7 +242,7 @@ subpackages:
pipeline:
- runs: |
mkdir -p ${{targets.contextdir}}/usr/bin/dist/jmx
- ln -sf /opt/datadog-agent/bin/agent/dist/jmx/jmxfetch.jar ${{targets.contextdir}}/usr/bin/dist/jmx/jmxfetch.jar
+ ln -sf ${{vars.destd}}/bin/agent/dist/jmx/jmxfetch.jar ${{targets.contextdir}}/usr/bin/dist/jmx/jmxfetch.jar
- name: datadog-agent-oci-compat
dependencies:
@@ -237,50 +254,43 @@ subpackages:
pipeline:
- runs: |
mkdir -p \
- ${{targets.subpkgdir}}/conf.d \
- ${{targets.subpkgdir}}/checks.d \
- ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/dist \
- ${{targets.subpkgdir}}/opt/datadog-agent/embedded/bin
-
- # several startup scripts assume binaries are located in /opt/datadog-agent/...
- ln -s /usr/bin/agent ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/agent
- ln -s /usr/bin/agent ${{targets.subpkgdir}}/opt/datadog-agent/embedded/bin/system-probe
- ln -s /usr/bin/agent ${{targets.subpkgdir}}/opt/datadog-agent/embedded/bin/security-agent
- ln -s /usr/bin/agent ${{targets.subpkgdir}}/opt/datadog-agent/embedded/bin/process-agent
- ln -s /usr/bin/agent ${{targets.subpkgdir}}/opt/datadog-agent/embedded/bin/trace-agent
+ ${{targets.contextdir}}/conf.d \
+ ${{targets.contextdir}}/checks.d \
+ ${{targets.contextdir}}${{vars.destd}}/embedded \
+ ${{targets.contextdir}}${{vars.destd}}/bin/agent/dist
- cp -r /opt/datadog-agent/embedded/share ${{targets.subpkgdir}}/opt/datadog-agent/embedded/share
+ cp -r ${{vars.destd}}/embedded/share ${{targets.contextdir}}${{vars.destd}}/embedded/share
- cp -r bin/agent/dist/checks ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/dist/
- install -Dm644 bin/agent/dist/config.py ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/dist/config.py
- cp -r bin/agent/dist/utils ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/dist/
- cp -r bin/agent/dist/views ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent/dist/
+ cp -r bin/agent/dist/checks ${{targets.contextdir}}${{vars.destd}}/bin/agent/dist/
+ install -Dm644 bin/agent/dist/config.py ${{targets.contextdir}}${{vars.destd}}/bin/agent/dist/config.py
+ cp -r bin/agent/dist/utils ${{targets.contextdir}}${{vars.destd}}/bin/agent/dist/
+ cp -r bin/agent/dist/views ${{targets.contextdir}}${{vars.destd}}/bin/agent/dist/
- cp -r Dockerfiles/agent/entrypoint.d ${{targets.subpkgdir}}/opt/entrypoints
+ cp -r Dockerfiles/agent/entrypoint.d ${{targets.contextdir}}/opt/entrypoints
- name: datadog-agent-core-integrations
dependencies:
runtime:
- bash
- coreutils
- - python-3.11
+ - python-${{vars.py-version}}-base
pipeline:
- working-directory: /home/integrations
pipeline:
- uses: git-checkout
with:
repository: https://github.com/DataDog/integrations-core
- branch: ${{vars.datadog-major-minor-x}} # 7.58.x
- expected-commit: 32f78c0c8aae400ecc1c14a5369e7f702be7b572 # needs to be updated with each new release
+ branch: ${{vars.datadog-major-minor-x}} # 7.59.x
+ expected-commit: cff91adb18fe879fd875d62d285a67deb69040fe # needs to be updated with each new release
- uses: patch
with:
- patches: /home/build/cve-fixes.patch
+ patches: /home/build/int-core-datadog_checks_dev-pyproject-toml.patch /home/build/int-core-mysql-hatch-toml.patch /home/build/int-core-singlestore-hatch-toml.patch /home/build/int-core-agent_requirements-in.patch /home/build/int-core-snowflake-pyproject-toml.patch
- runs: |
# This is needed to work around the error "ValueError: ZIP does not support timestamps before 1980"
SOURCE_DATE_EPOCH=315532800
# Create virtual environment
- python3.11 -m venv .venv
+ python${{vars.py-version}} -m venv .venv
# Install locked dependencies
.venv/bin/pip install --require-hashes --only-binary=:all: --no-deps -r .deps/resolved/linux-${{build.arch}}_py3.txt
@@ -296,19 +306,19 @@ subpackages:
find .venv -name "*.pyc" -delete
find .venv -name "__pycache__" -exec rm -rf {} +
- mkdir -p ${{targets.contextdir}}/opt/datadog-agent
- .venv/bin/pip freeze > ${{targets.contextdir}}/opt/datadog-agent/final_constraints-py3.txt
+ mkdir -p ${{targets.contextdir}}${{vars.destd}}
+ .venv/bin/pip freeze > ${{targets.contextdir}}${{vars.destd}}/final_constraints-py3.txt
# Include the agent's requirements for the core integrations.
- cp requirements-agent-release.txt ${{targets.contextdir}}/opt/datadog-agent/
+ cp requirements-agent-release.txt ${{targets.contextdir}}${{vars.destd}}/
# Use Python in virtual environment
- sed -i "s|$(pwd)/.venv|/usr/share/datadog-agent|g" .venv/pyvenv.cfg
- sed -i "s|$(pwd)/.venv|/usr/share/datadog-agent|g" .venv/bin/*
+ sed -i "s|$(pwd)/.venv|${{vars.destd}}/embedded|g" .venv/pyvenv.cfg
+ sed -i "s|$(pwd)/.venv|${{vars.destd}}/embedded|g" .venv/bin/*
# Install virtual environment
- mkdir -p ${{targets.contextdir}}/usr/share/datadog-agent
- cp -r .venv/* ${{targets.contextdir}}/usr/share/datadog-agent/
+ mkdir -p ${{targets.contextdir}}${{vars.destd}}/embedded
+ cp -r .venv/* ${{targets.contextdir}}${{vars.destd}}/embedded/
# this is intentionally referencing the main package, since we only "install" if a config doesn't already exist
conf_dir="${{targets.destdir}}/etc/datadog-agent/conf.d"
@@ -369,9 +379,9 @@ subpackages:
- coreutils
pipeline:
- runs: |
- mkdir -p ${{targets.subpkgdir}}/opt/datadog-agent/bin/
- ln -s /usr/bin/datadog-cluster-agent ${{targets.subpkgdir}}/opt/datadog-agent/bin/datadog-cluster-agent
- ln -s /usr/bin/datadog-cluster-agent ${{targets.subpkgdir}}/opt/datadog-agent/bin/agent
+ mkdir -p ${{targets.subpkgdir}}${{vars.destd}}/bin/
+ ln -s /usr/bin/datadog-cluster-agent ${{targets.subpkgdir}}${{vars.destd}}/bin/datadog-cluster-agent
+ ln -s /usr/bin/datadog-cluster-agent ${{targets.subpkgdir}}${{vars.destd}}/bin/agent
- working-directory: Dockerfiles/cluster-agent
runs: |
install -Dm755 entrypoint.sh ${{targets.subpkgdir}}/entrypoint.sh
@@ -538,24 +548,38 @@ test:
- datadog-agent-fakeintake=${{package.full-version}}
- datadog-agent-core-integrations=${{package.full-version}}
environment:
- PYTHONPATH: "/usr/share/datadog-agent/lib/python3.11/site-packages"
+ # cannot use vars.destd here. https://github.com/chainguard-dev/melange/issues/1402
+ # setting PATH here has no effect.
+ mypath: /opt/datadog-agent/bin/agent:/opt/datadog-agent/embedded/bin
pipeline:
- name: Ensure the agent's requirements.txt for integrations is included
runs: |
- ls /opt/datadog-agent/requirements-agent-release.txt
+ PATH=$mypath:$PATH
+ ls ${{vars.destd}}/requirements-agent-release.txt
+ - name: Ensure the agent integration subcommand works
+ runs: |
+ PATH=$mypath:$PATH
+ agent integration freeze >/dev/null
- name: Ensure checks can be loaded
runs: |
- python -c "import datadog_checks.base"
- agent version
- agent --help
+ PATH=$mypath:$PATH
+ # this is left without path to be explicit which python is used.
+ ${{vars.destd}}/embedded/bin/python3 -c "import datadog_checks.base"
+ - name: Execute bins
+ runs: |
+ PATH=$mypath:$PATH
process-agent --version
process-agent --help
security-agent --help
system-probe --help
trace-agent --version
trace-agent --help
+
+ agent version
+ agent --help
- name: Ensure agent can be started
runs: |
+ PATH=$mypath:$PATH
cat > /etc/datadog-agent/datadog.yaml <=0.10.0",
- "platformdirs>=2.0.0a3",
-- "pydantic>=2.0.2",
-+ "pydantic>=2.4.0",
- "pysmi==0.3.4",
- "securesystemslib[crypto]==0.28.0",
- "semver>=2.13.0",
-diff --git a/mysql/hatch.toml b/mysql/hatch.toml
-index 7361c558b8..c2eaf18b33 100644
---- a/mysql/hatch.toml
-+++ b/mysql/hatch.toml
-@@ -10,7 +10,7 @@ mypy-args = [
- mypy-deps = [
- "types-cachetools==0.1.10",
- "types-enum34==1.1.1",
-- "types-pymysql==1.1.0.1",
-+ "types-pymysql==1.1.1.1",
- ]
-
- [[envs.default.matrix]]
-diff --git a/singlestore/hatch.toml b/singlestore/hatch.toml
-index 3a56775cbf..e706f41b58 100644
---- a/singlestore/hatch.toml
-+++ b/singlestore/hatch.toml
-@@ -9,7 +9,7 @@ mypy-args = [
- "datadog_checks/singlestore",
- ]
- mypy-deps = [
-- "types-PyMySQL==1.1.0.1",
-+ "types-PyMySQL==1.1.1.1",
- ]
-
- [[envs.default.matrix]]
diff --git a/datadog-agent/int-core-agent_requirements-in.patch b/datadog-agent/int-core-agent_requirements-in.patch
new file mode 100644
index 00000000000..82016d47ec8
--- /dev/null
+++ b/datadog-agent/int-core-agent_requirements-in.patch
@@ -0,0 +1,13 @@
+diff --git a/agent_requirements.in b/agent_requirements.in
+index b4c724713e..0713f9b365 100644
+--- a/agent_requirements.in
++++ b/agent_requirements.in
+@@ -66,7 +66,7 @@ semver==3.0.2
+ service-identity[idna]==24.1.0
+ simplejson==3.19.3
+ six==1.16.0
+-snowflake-connector-python==3.12.1
++snowflake-connector-python==3.12.3; python_version > '3.0'
+ supervisor==4.2.5
+ tuf==4.0.0
+ uptime==3.0.1
diff --git a/datadog-agent/int-core-datadog_checks_dev-pyproject-toml.patch b/datadog-agent/int-core-datadog_checks_dev-pyproject-toml.patch
new file mode 100644
index 00000000000..7a199774fa3
--- /dev/null
+++ b/datadog-agent/int-core-datadog_checks_dev-pyproject-toml.patch
@@ -0,0 +1,13 @@
+diff --git a/datadog_checks_dev/pyproject.toml b/datadog_checks_dev/pyproject.toml
+index 260e4dc642..8f66624770 100644
+--- a/datadog_checks_dev/pyproject.toml
++++ b/datadog_checks_dev/pyproject.toml
+@@ -68,7 +68,7 @@ cli = [
+ "pip-tools",
+ "pathspec>=0.10.0",
+ "platformdirs>=2.0.0a3",
+- "pydantic>=2.0.2",
++ "pydantic>=2.4.0",
+ "pysmi==0.3.4",
+ "securesystemslib[crypto]==0.28.0",
+ "semver>=2.13.0",
diff --git a/datadog-agent/int-core-mysql-hatch-toml.patch b/datadog-agent/int-core-mysql-hatch-toml.patch
new file mode 100644
index 00000000000..6ff8e6f9823
--- /dev/null
+++ b/datadog-agent/int-core-mysql-hatch-toml.patch
@@ -0,0 +1,13 @@
+diff --git a/mysql/hatch.toml b/mysql/hatch.toml
+index 2f6784e9ce..b47f98c80c 100644
+--- a/mysql/hatch.toml
++++ b/mysql/hatch.toml
+@@ -10,7 +10,7 @@ mypy-args = [
+ mypy-deps = [
+ "types-cachetools==0.1.10",
+ "types-enum34==1.1.1",
+- "types-pymysql==1.1.0.1",
++ "types-pymysql==1.1.1.1",
+ ]
+
+ [[envs.default.matrix]]
diff --git a/datadog-agent/int-core-singlestore-hatch-toml.patch b/datadog-agent/int-core-singlestore-hatch-toml.patch
new file mode 100644
index 00000000000..71ad885302c
--- /dev/null
+++ b/datadog-agent/int-core-singlestore-hatch-toml.patch
@@ -0,0 +1,13 @@
+diff --git a/singlestore/hatch.toml b/singlestore/hatch.toml
+index 142ef97f7a..7ce040c208 100644
+--- a/singlestore/hatch.toml
++++ b/singlestore/hatch.toml
+@@ -2,7 +2,7 @@
+ check-types = false
+
+ mypy-deps = [
+- "types-PyMySQL==1.1.0.1",
++ "types-PyMySQL==1.1.1.1",
+ ]
+
+ [[envs.default.matrix]]
diff --git a/datadog-agent/int-core-snowflake-pyproject-toml.patch b/datadog-agent/int-core-snowflake-pyproject-toml.patch
new file mode 100644
index 00000000000..c3f0aaa7500
--- /dev/null
+++ b/datadog-agent/int-core-snowflake-pyproject-toml.patch
@@ -0,0 +1,13 @@
+diff --git a/snowflake/pyproject.toml b/snowflake/pyproject.toml
+index 4e01028620..e99c6a92cc 100644
+--- a/snowflake/pyproject.toml
++++ b/snowflake/pyproject.toml
+@@ -37,7 +37,7 @@ license = "BSD-3-Clause"
+
+ [project.optional-dependencies]
+ deps = [
+- "snowflake-connector-python==3.12.1",
++ "snowflake-connector-python==3.12.3; python_version > '3.0'",
+ ]
+
+ [project.urls]
diff --git a/datadog-jmxfetch.yaml b/datadog-jmxfetch.yaml
index 77aa0080701..b4396417ceb 100644
--- a/datadog-jmxfetch.yaml
+++ b/datadog-jmxfetch.yaml
@@ -1,6 +1,6 @@
package:
name: datadog-jmxfetch
- version: 0.49.5
+ version: 0.49.6
epoch: 0
description: Export JMX metrics
copyright:
@@ -24,7 +24,7 @@ pipeline:
with:
repository: https://github.com/DataDog/jmxfetch
tag: ${{package.version}}
- expected-commit: 6bb22a1ad220931a50bebb7131c9ee49f542eec4
+ expected-commit: f75d4037149f4a9f0f95e39305e3940c253a8a6d
- runs: |
./mvnw -DskipTests clean package assembly:single;
diff --git a/datawire-envoy-1.31.yaml b/datawire-envoy-1.31.yaml
index df35c9fa74d..b78673ce529 100644
--- a/datawire-envoy-1.31.yaml
+++ b/datawire-envoy-1.31.yaml
@@ -1,7 +1,7 @@
package:
name: datawire-envoy-1.31
- version: 1.31.2
- epoch: 2
+ version: 1.31.3
+ epoch: 0
description: Ambassador fork of Envoy Proxy.
copyright:
- license: Apache-2.0
@@ -46,7 +46,7 @@ pipeline:
with:
repository: https://github.com/datawire/envoy
tag: v${{package.version}}
- expected-commit: 07c86f395d7787eb6bdbc787bf775e1f7ddbb2e8
+ expected-commit: 628f5afc75a894a08504fa0f416269ec50c07bf9
destination: envoy
- runs: |
diff --git a/dbmate.yaml b/dbmate.yaml
index dd5c9dd1efa..ff9b10099a0 100644
--- a/dbmate.yaml
+++ b/dbmate.yaml
@@ -1,6 +1,6 @@
package:
name: dbmate
- version: 2.21.0
+ version: 2.23.0
epoch: 0
description: A lightweight, framework-agnostic database migration tool.
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/amacneil/dbmate
tag: v${{package.version}}
- expected-commit: f9c7be229f6aaa97906dcdee3330a38219c9c543
+ expected-commit: 9594248d266967e07e49627c8134e9ea3197fe87
- uses: go/build
with:
diff --git a/ddp-tool.yaml b/ddp-tool.yaml
index 075cafb1743..0228a727b84 100644
--- a/ddp-tool.yaml
+++ b/ddp-tool.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-commit,valid-pipeline-git-checkout-tag
package:
name: ddp-tool
- version: 1.0.34.0_git20241103
+ version: 1.0.34.0_git20241116
epoch: 0
description: Intel Dynamic Device Personalization Tool
copyright:
diff --git a/deno.yaml b/deno.yaml
index e66358443c5..a475e07a9d8 100644
--- a/deno.yaml
+++ b/deno.yaml
@@ -1,7 +1,7 @@
package:
name: deno
- version: 2.0.4
- epoch: 1
+ version: 2.0.6
+ epoch: 0
description: "A modern runtime for JavaScript and TypeScript."
copyright:
- license: MIT
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/denoland/deno
tag: v${{package.version}}
- expected-commit: b7c282d2f80b12b0b2a435780fb0ea2b236ab224
+ expected-commit: 8f59d18202e94e5c54ad7e5a79ec1383159e4a20
- name: Configure and build
runs: |
diff --git a/dgraph.yaml b/dgraph.yaml
index 7571e72e613..b1bf25da1b0 100644
--- a/dgraph.yaml
+++ b/dgraph.yaml
@@ -1,7 +1,7 @@
package:
name: dgraph
- version: 24.0.4
- epoch: 1
+ version: 24.0.5
+ epoch: 0
description: A distributed graph database
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/dgraph-io/dgraph
tag: v${{package.version}}
- expected-commit: 84b07e6376c94aa1c93d5797bb51851bd666e3c7
+ expected-commit: 27450c1a0bf1147e3afa14a6b9d146c690754469
- runs: |
make install_oss
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 66ffc907165..46d39d593ea 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -1,6 +1,6 @@
package:
name: docker-compose
- version: 2.30.1
+ version: 2.30.3
epoch: 0
description: Define and run multi-container applications with Docker
copyright:
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/docker/compose
tag: v${{package.version}}
- expected-commit: f51bc4cd0077988ec4799bd49f78e21a4d28e8e1
+ expected-commit: a8bfbc147a8b77bb0c0f9553365babb643b0a4f7
- runs: |
mkdir -p ${{targets.destdir}}/usr/bin
diff --git a/docker-credential-gcr.yaml b/docker-credential-gcr.yaml
index 35c0da81df9..54c97862609 100644
--- a/docker-credential-gcr.yaml
+++ b/docker-credential-gcr.yaml
@@ -1,6 +1,6 @@
package:
name: docker-credential-gcr
- version: 2.1.25
+ version: 2.1.26
epoch: 0
description: A Docker credential helper for GCR users
copyright:
@@ -18,11 +18,11 @@ pipeline:
with:
repository: https://github.com/GoogleCloudPlatform/docker-credential-gcr
tag: v${{package.version}}
- expected-commit: 4a91d2b5d00752c40c804e3a7a8a489de361cdf0
+ expected-commit: 074db22825a3231dc2ec9d7536c51910d8e14254
- uses: go/bump
with:
- deps: golang.org/x/net@v0.23.0 github.com/docker/docker@v26.1.5
+ deps: github.com/docker/docker@v26.1.5
- uses: go/build
with:
diff --git a/doppler-kubernetes-operator.yaml b/doppler-kubernetes-operator.yaml
index 54e930bf415..b9180bfc472 100644
--- a/doppler-kubernetes-operator.yaml
+++ b/doppler-kubernetes-operator.yaml
@@ -1,7 +1,7 @@
package:
name: doppler-kubernetes-operator
version: 1.5.1
- epoch: 4
+ epoch: 5
description: Automatically sync secrets from Doppler to Kubernetes and auto-reload deployments when secrets change.
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/gogo/protobuf@v1.3.2 golang.org/x/crypto@v0.17.0 github.com/prometheus/client_golang@v1.11.1 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
+ deps: github.com/gogo/protobuf@v1.3.2 golang.org/x/crypto@v0.17.0 github.com/prometheus/client_golang@v1.11.1 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0 github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
CGO_ENABLED=0 GO111MODULE=on GOOS=$(go env GOOS) GOARCH=$(go env GOARCH)
diff --git a/dotnet-6.yaml b/dotnet-6.yaml
index fd0d4f73a93..11125baa2b3 100644
--- a/dotnet-6.yaml
+++ b/dotnet-6.yaml
@@ -1,7 +1,7 @@
package:
name: dotnet-6
- version: 6.0.135
- epoch: 1
+ version: 6.0.136
+ epoch: 0
description: ".NET SDK, version 6"
copyright:
- license: MIT
@@ -45,7 +45,7 @@ pipeline:
with:
repository: https://github.com/dotnet/installer
tag: v${{package.version}}
- expected-commit: 9b2a203ee661f837f50486a8caedc688e05dedc4
+ expected-commit: d638663530d923adbe0442604b7a6562127321e9
destination: /home/build/installer
- working-directory: /home/build/installer
diff --git a/dotnet-8.yaml b/dotnet-8.yaml
index 006c9be8333..334a97aa81b 100644
--- a/dotnet-8.yaml
+++ b/dotnet-8.yaml
@@ -1,7 +1,7 @@
package:
name: dotnet-8
- version: 8.0.10
- epoch: 1
+ version: 8.0.11
+ epoch: 0
description: ".NET SDK"
copyright:
- license: MIT
@@ -44,7 +44,7 @@ pipeline:
with:
repository: https://github.com/dotnet/dotnet
tag: v${{package.version}}
- expected-commit: 8922fe64a1903ed4e35e24568efb056b3e0fad43
+ expected-commit: d5f3d652f9266d600777f626a9650a273419859b
destination: /home/build/src
- working-directory: /home/build/src
diff --git a/emissary.yaml b/emissary.yaml
index fd4f87474ac..3cfc6954d44 100644
--- a/emissary.yaml
+++ b/emissary.yaml
@@ -1,7 +1,7 @@
package:
name: emissary
version: 3.9.1
- epoch: 3
+ epoch: 4
description: "open source Kubernetes-native API gateway for microservices built on the Envoy Proxy"
copyright:
- license: Apache-2.0
@@ -96,7 +96,7 @@ subpackages:
orjson==3.9.15 \
requests==2.32.0 \
urllib3==1.26.19 \
- Werkzeug==3.0.3
+ Werkzeug==3.0.6
# The command above won't actually install setuptools (we think because it's already installed on the host at a higher version).
# We need --ignore-installed in order to force the installation of setuptools. Without it, pip only installs it for 1 version of python.
diff --git a/envoy-ratelimit.yaml b/envoy-ratelimit.yaml
index da4f748a0f5..4e3d4b89ff6 100644
--- a/envoy-ratelimit.yaml
+++ b/envoy-ratelimit.yaml
@@ -2,7 +2,7 @@
package:
name: envoy-ratelimit
# This project doesn't do releases and everything is commit based.
- version: 0.0.0_git20241104
+ version: 0.0.0_git20241111
epoch: 0
description: Go/gRPC service designed to enable generic rate limit scenarios from different types of applications.
copyright:
@@ -16,7 +16,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 28b1629a21e885bdd2b527d6a1c1de8483dc47d4
+ expected-commit: 0e630f156ae7a3d4198daf971af2e6c595f19a70
repository: https://github.com/envoyproxy/ratelimit
branch: main
diff --git a/eslint.yaml b/eslint.yaml
index 8d7d93f8308..13439c58811 100644
--- a/eslint.yaml
+++ b/eslint.yaml
@@ -1,6 +1,6 @@
package:
name: eslint
- version: 9.14.0
+ version: 9.15.0
epoch: 0
description: An AST-based pattern checker for JavaScript
copyright:
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/eslint/eslint
tag: v${{package.version}}
- expected-commit: db0b844a66ee25483f9619d04346de1a2a0d79fa
+ expected-commit: 6f37b0747a14dfa9a9e3bdebc5caed1f39b6b0e2
- runs: |
npm install --omit=dev --legacy-peer-deps
diff --git a/etcd-3.5.yaml b/etcd-3.5.yaml
index e23b59dd3ba..c46f508a383 100644
--- a/etcd-3.5.yaml
+++ b/etcd-3.5.yaml
@@ -1,7 +1,7 @@
package:
name: etcd-3.5
- version: 3.5.16
- epoch: 1
+ version: 3.5.17
+ epoch: 0
description: A highly-available key value store for shared configuration and service discovery.
copyright:
- license: Apache-2.0
@@ -26,7 +26,26 @@ pipeline:
with:
repository: https://github.com/etcd-io/etcd
tag: v${{package.version}}
- expected-commit: f20bbadd404b57c776d1e8876cefd1ac29b03fb5
+ expected-commit: 507c0de87bd5034e3de4ab76ebf96b54dae0cd52
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: etcdctl
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: etcdutl
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: server
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
bash -x ./build.sh
diff --git a/exim.yaml b/exim.yaml
index 78727bd5787..bd85a42ad63 100644
--- a/exim.yaml
+++ b/exim.yaml
@@ -1,7 +1,7 @@
package:
name: exim
version: "4.98"
- epoch: 2
+ epoch: 3
description: Message Transfer Agent
copyright:
- license: GPL-2.0-or-later
@@ -9,6 +9,13 @@ package:
disabled:
- setuidgid
+data:
+ - name: exim-lookups-with-deps
+ items:
+ mysql: "mariadb-connector-c"
+ sqlite: "sqlite-libs"
+ pgsql: "libpq"
+
environment:
contents:
packages:
@@ -35,7 +42,7 @@ environment:
accounts:
users:
- username: exim
- uid: 1001
+ uid: 65332
pipeline:
- uses: fetch
@@ -74,9 +81,78 @@ pipeline:
- uses: strip
subpackages:
+ - range: exim-lookups-with-deps
+ name: exim-${{range.key}}
+ description: "EXIM extension: ${{range.key}}"
+ pipeline:
+ - runs: |
+ install -D -m 755 ./build-Linux-${{build.arch}}/lookups/${{range.key}}.so ${{targets.subpkgdir}}/usr/lib/${{package.name}}/${{range.key}}.so
+ - uses: strip
+ dependencies:
+ runtime:
+ - exim=${{package.full-version}}
+ - ${{range.value}}
+
+ - name: exim-dnsdb
+ description: "EXIM extension: dnsdb"
+ pipeline:
+ - runs: |
+ install -D -m 755 ./build-Linux-${{build.arch}}/lookups/dnsdb.so ${{targets.subpkgdir}}/usr/lib/${{package.name}}/dnsdb.so
+ - uses: strip
+ dependencies:
+ runtime:
+ - exim=${{package.full-version}}
+
+ - name: exim-dbmdb
+ description: "EXIM extension: dbmdb"
+ pipeline:
+ - runs: |
+ install -D -m 755 ./build-Linux-${{build.arch}}/lookups/dbmdb.so ${{targets.subpkgdir}}/usr/lib/${{package.name}}/dbmdb.so
+ - uses: strip
+ dependencies:
+ runtime:
+ - exim=${{package.full-version}}
+
+ - name: exim-cdb
+ description: "EXIM extension: cdb"
+ pipeline:
+ - runs: |
+ install -D -m 755 ./build-Linux-${{build.arch}}/lookups/cdb.so ${{targets.subpkgdir}}/usr/lib/${{package.name}}/cdb.so
+
+ - name: exim-scripts
+ description: "EXIM scripts"
+ pipeline:
+ - runs: |
+ make DESTDIR="${{targets.subpkgdir}}" INSTALL_ARG="exicyclog exim_checkaccess eximstats exiqgrep exigrep exinext exiqsumm exipick exiwhat convert4r3 convert4r4 exim_msgdate exim_id_update" install
+ rm -fr "${{targets.subpkgdir}}/etc"
+ - uses: strip
+ dependencies:
+ runtime:
+ - exim=${{package.full-version}}
+ - perl
+ - perl-file-fcntllock
+
+ - name: exim-utils
+ description: "EXIM utils"
+ pipeline:
+ - runs: |
+ install -d "${{targets.subpkgdir}}/etc/mail"
+ make DESTDIR="${{targets.subpkgdir}}" INSTALL_ARG="exim_dbmbuild exim_dumpdb exim_tidydb exim_fixdb exim_lock" install
+ rm -fr "${{targets.subpkgdir}}/etc"
+ - uses: strip
+ dependencies:
+ runtime:
+ - exim=${{package.full-version}}
test:
environment:
+ accounts:
+ users:
+ - username: exim
+ uid: 65332
+ groups:
+ - groupname: exim
+ gid: 65332
contents:
packages:
- shadow
@@ -85,7 +161,6 @@ test:
pipeline:
- name: "Test exim is installed and working"
runs: |
- useradd exim
if ! command -v exim &> /dev/null; then
echo "Exim is not installed."
exit 1
diff --git a/expat.yaml b/expat.yaml
index e66ccaad29a..f35f2461ff7 100644
--- a/expat.yaml
+++ b/expat.yaml
@@ -1,7 +1,7 @@
package:
name: expat
- version: 2.6.3
- epoch: 1
+ version: 2.6.4
+ epoch: 0
description: "XML SAX Parser library written in C"
copyright:
- license: MIT
@@ -18,7 +18,7 @@ pipeline:
- uses: fetch
with:
uri: https://downloads.sourceforge.net/project/expat/expat/${{package.version}}/expat-${{package.version}}.tar.bz2
- expected-sha256: b8baef92f328eebcf731f4d18103951c61fa8c8ec21d5ff4202fb6f2198aeb2d
+ expected-sha256: 8dc480b796163d4436e6f1352e71800a774f73dbae213f1860b60607d2a83ada
- name: Configure
runs: |
diff --git a/external-secrets-operator.yaml b/external-secrets-operator.yaml
index b7775e1f899..64c928b0846 100644
--- a/external-secrets-operator.yaml
+++ b/external-secrets-operator.yaml
@@ -1,7 +1,7 @@
package:
name: external-secrets-operator
version: 0.10.5
- epoch: 0
+ epoch: 1
description: Integrate external secret management systems with Kubernetes
copyright:
- license: Apache-2.0
@@ -13,6 +13,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: a0be752c8aecf456a5393ea5fa18b5db41bc53b9
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
go-package: go
diff --git a/extism.yaml b/extism.yaml
index 261b436d0d3..56dd7a9861d 100644
--- a/extism.yaml
+++ b/extism.yaml
@@ -1,7 +1,7 @@
package:
name: extism
- version: 1.6.0
- epoch: 1
+ version: 1.6.1
+ epoch: 0
description: The extism CLI is used to manage Extism installations
copyright:
- license: BSD-3-Clause
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/extism/cli
tag: v${{package.version}}
- expected-commit: a3b9192872fa6bcec1e21fc59156447c6054a912
+ expected-commit: 490e40cf54da80a297b173a8fb4e6557af230b0f
- uses: go/build
with:
diff --git a/eza.yaml b/eza.yaml
index 65154f8834a..639fed9fa13 100644
--- a/eza.yaml
+++ b/eza.yaml
@@ -1,6 +1,6 @@
package:
name: eza
- version: 0.20.6
+ version: 0.20.8
epoch: 0
description: "A modern, maintained replacement for ls"
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/eza-community/eza
tag: v${{package.version}}
- expected-commit: 1065c6daffd1351fee9bfe68fb839c68345f0056
+ expected-commit: 2945fd0c236654c95648c7845bfea96e5536ad3a
- runs: |
cargo fetch
diff --git a/falcoctl.yaml b/falcoctl.yaml
index c0b462ab293..5c3d75bd88c 100644
--- a/falcoctl.yaml
+++ b/falcoctl.yaml
@@ -1,7 +1,7 @@
package:
name: falcoctl
version: 0.10.0
- epoch: 2
+ epoch: 3
description: Administrative tooling for Falco
copyright:
- license: Apache-2.0
@@ -22,6 +22,10 @@ pipeline:
repository: https://github.com/falcosecurity/falcoctl
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
make falcoctl RELEASE=${{package.version}}
mkdir -p ${{targets.destdir}}/usr/bin
diff --git a/ffmpeg.yaml b/ffmpeg.yaml
index 7138f43f0b8..3db4887d6b8 100644
--- a/ffmpeg.yaml
+++ b/ffmpeg.yaml
@@ -2,7 +2,7 @@
package:
name: ffmpeg
version: 7.1
- epoch: 2
+ epoch: 3
description: ffmpeg multimedia library
copyright:
- license: GPL-3.0-or-later AND LGPL-3.0-or-later
diff --git a/filebeat.yaml b/filebeat.yaml
index 63af6f2a071..93ef35cc02e 100644
--- a/filebeat.yaml
+++ b/filebeat.yaml
@@ -1,7 +1,7 @@
package:
name: filebeat
- version: 8.15.3
- epoch: 1
+ version: 8.16.0
+ epoch: 0
description: Filebeat is an open source file harvester, mostly used to fetch logs files and feed them into logstash
copyright:
- license: Apache-2.0
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/elastic/beats
tag: v${{package.version}}
- expected-commit: bbed3ae55602e83f57c62de85b57a3593aa49efa
+ expected-commit: dd6212261c57e41e1bf42532809a14a00c9072a9
- runs: |
cd filebeat
diff --git a/firefox.yaml b/firefox.yaml
index 8a198d196c5..422bbbeb38e 100644
--- a/firefox.yaml
+++ b/firefox.yaml
@@ -1,7 +1,7 @@
package:
name: firefox
- version: "132.0"
- epoch: 0
+ version: 132.0.1
+ epoch: 1
description: Firefox web browser
copyright:
- license: GPL-3.0-only AND LGPL-2.1-only AND LGPL-3.0-only AND MPL-2.0
@@ -10,7 +10,8 @@ package:
no-provides: true
dependencies:
runtime:
- - mesa-gl
+ - mesa
+ - mesa-glx
- pciutils-libs
vars:
diff --git a/flannel.yaml b/flannel.yaml
index 13fdc927e19..65ccdd4837f 100644
--- a/flannel.yaml
+++ b/flannel.yaml
@@ -1,6 +1,6 @@
package:
name: flannel
- version: 0.26.0
+ version: 0.26.1
epoch: 0
description: flannel is a network fabric for containers, designed for Kubernetes
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/flannel-io/flannel
tag: v${{package.version}}
- expected-commit: 79bd7f2d9264694e785c1d853339c42c39346f6d
+ expected-commit: 3c5afe727f2464c8335fbcd65bf69b7d31aa3577
# Build with CGO_ENABLED=1 to include the UDP backend
- runs: |
diff --git a/fluent-bit-3.1.yaml b/fluent-bit-3.1.yaml
index 0a516e4f2f5..762ae635cec 100644
--- a/fluent-bit-3.1.yaml
+++ b/fluent-bit-3.1.yaml
@@ -1,7 +1,7 @@
package:
name: fluent-bit-3.1
- version: 3.1.9
- epoch: 1
+ version: 3.1.10
+ epoch: 0
description: Fast and Lightweight Log processor and forwarder
copyright:
- license: Apache-2.0
@@ -33,7 +33,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/fluent/fluent-bit
- expected-commit: 431fa79ae27edaef8d050a7af6f038f4400193a1
+ expected-commit: e28f4479958918faa41615158a744d29b0f893fa
tag: v${{package.version}}
- runs: |
diff --git a/fluent-plugin-s3.yaml b/fluent-plugin-s3.yaml
index e2288d8f5e8..b15ff15ebd6 100644
--- a/fluent-plugin-s3.yaml
+++ b/fluent-plugin-s3.yaml
@@ -1,7 +1,7 @@
package:
name: fluent-plugin-s3
- version: 1.7.2
- epoch: 5
+ version: 1.8.1
+ epoch: 0
description: Amazon S3 output plugin for Fluentd event collector
copyright:
- license: Apache-2.0
@@ -26,7 +26,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cbe3db356d340c9b9d13adddf3f1e3766b391586
+ expected-commit: 6dd241ee770eb6b5863ecb558b9e8b374bea2754
repository: https://github.com/fluent/fluent-plugin-s3
tag: v${{package.version}}
diff --git a/fluent-plugin-tag-normaliser.yaml b/fluent-plugin-tag-normaliser.yaml
index 07d42be78c2..c72852e4f78 100644
--- a/fluent-plugin-tag-normaliser.yaml
+++ b/fluent-plugin-tag-normaliser.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-tag
package:
name: fluent-plugin-tag-normaliser
- version: 0_git20241103
+ version: 0_git20241116
epoch: 0
description: Tag-normaliser is a `fluentd` plugin to help re-tag logs with Kubernetes metadata. It uses special placeholders to change tag.
copyright:
diff --git a/flux-image-reflector-controller.yaml b/flux-image-reflector-controller.yaml
index 97a4ca56a43..172cc51d07e 100644
--- a/flux-image-reflector-controller.yaml
+++ b/flux-image-reflector-controller.yaml
@@ -1,7 +1,7 @@
package:
name: flux-image-reflector-controller
version: 0.33.0
- epoch: 1
+ epoch: 2
description: GitOps Toolkit controller that scans container registries
copyright:
- license: Apache-2.0
@@ -22,6 +22,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 3a0a0714680a96476a7f72276f85ca4ba48071b1
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: .
diff --git a/flux-notification-controller.yaml b/flux-notification-controller.yaml
index 14d9d92d6bd..e29e7fae730 100644
--- a/flux-notification-controller.yaml
+++ b/flux-notification-controller.yaml
@@ -1,7 +1,7 @@
package:
name: flux-notification-controller
version: 1.4.0
- epoch: 0
+ epoch: 1
description: The GitOps Toolkit event forwarded and notification dispatcher
copyright:
- license: Apache-2.0
@@ -20,6 +20,10 @@ pipeline:
repository: https://github.com/fluxcd/notification-controller
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
mkdir -p "${{targets.destdir}}"/usr/bin
CGO_ENABLED=0 go build \
diff --git a/flux-source-controller.yaml b/flux-source-controller.yaml
index ed8fe14ceb6..aab97d83c72 100644
--- a/flux-source-controller.yaml
+++ b/flux-source-controller.yaml
@@ -1,7 +1,7 @@
package:
name: flux-source-controller
version: 1.4.1
- epoch: 1
+ epoch: 2
description: The GitOps Toolkit source management component
copyright:
- license: Apache-2.0
@@ -26,7 +26,7 @@ pipeline:
- uses: go/bump
with:
- deps: oras.land/oras-go@v1.2.6
+ deps: oras.land/oras-go@v1.2.6 github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
mkdir -p "${{targets.destdir}}"/usr/bin
diff --git a/flyte.yaml b/flyte.yaml
index 5ee73b5f74e..1466608af0f 100644
--- a/flyte.yaml
+++ b/flyte.yaml
@@ -1,7 +1,7 @@
package:
name: flyte
version: 1.13.3
- epoch: 1
+ epoch: 2
description: Scalable and flexible workflow orchestration platform that seamlessly unifies data, ML and analytics stacks.
copyright:
- license: Apache-2.0
@@ -23,6 +23,11 @@ pipeline:
tag: v${{package.version}}
expected-commit: b5de6c190a5e9f4d52e6a9e461119469186ad03d
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: .
+
- uses: go/build
with:
modroot: .
diff --git a/freerdp-3.yaml b/freerdp-3.yaml
index 947fd5690c8..d142b44620c 100644
--- a/freerdp-3.yaml
+++ b/freerdp-3.yaml
@@ -1,7 +1,7 @@
package:
name: freerdp-3
- version: 3.5.1
- epoch: 4
+ version: 3.9.0
+ epoch: 0
description: FreeRDP client
copyright:
- license: Apache-2.0
@@ -29,6 +29,8 @@ environment:
- icu-dev
- krb5-dev
- libjpeg-turbo-dev
+ - libsdl2-dev
+ - libsdl2-ttf-dev
- libusb-dev
- libx11-dev
- libxcursor-dev
@@ -36,7 +38,6 @@ environment:
- libxext-dev
- libxi-dev
- libxinerama-dev
- # - libxkbfile-dev
- libxkb-dev
- libxkbcommon-dev
- libxrender-dev
@@ -54,7 +55,7 @@ pipeline:
with:
repository: https://github.com/FreeRDP/FreeRDP
tag: ${{package.version}}
- expected-commit: eda5c99686e15327f2f37b9cadf307e852b96adf
+ expected-commit: 4ae5b6c25452211f01f370d3e6e481553e72778a
- runs: |
CFLAGS="$CFLAGS -fPIC" \
diff --git a/freerdp.yaml b/freerdp.yaml
index 181b8beacfd..cc6fa027897 100644
--- a/freerdp.yaml
+++ b/freerdp.yaml
@@ -1,7 +1,7 @@
package:
name: freerdp
version: 2.11.7
- epoch: 2
+ epoch: 3
description: FreeRDP client
copyright:
- license: Apache-2.0
@@ -14,7 +14,6 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
- # - bsd-compat-headers
- cmake
- cups-dev
- gsm-dev
@@ -27,14 +26,16 @@ environment:
- libxext-dev
- libxi-dev
- libxinerama-dev
- # - libxkbfile-dev
- libxkb-dev
- libxkbcommon-dev
- libxrender-dev
- libxv-dev
- linux-headers
+ - openssf-compiler-options
- openssl-dev>3
- samurai
+ environment:
+ CFLAGS: -Wno-unused-variable -Wno-int-conversion -Wno-incompatible-pointer-types
pipeline:
- uses: git-checkout
@@ -44,10 +45,10 @@ pipeline:
expected-commit: 7f6cc93c21d7f0faad6daacca06f494f29ce882c
- runs: |
- CFLAGS="$CFLAGS -fPIC" \
- CXXFLAGS="$CXXFLAGS -fPIC" \
+ CFLAGS="$CFLAGS -fPIC -Wno-incompatible-pointer-types -Wno-int-conversion" \
+ CXXFLAGS="$CXXFLAGS -fPIC -Wno-incompatible-pointer-types -Wno-int-conversion" \
cmake -B build -G Ninja \
- -DCMAKE_BUILD_TYPE=MinSizeRel \
+ -DCMAKE_BUILD_TYPE=Release \
-DCMAKE_INSTALL_PREFIX=/usr \
-DCMAKE_INSTALL_LIBDIR=lib \
-DWITH_ALSA=ON \
diff --git a/frr-10.1.yaml b/frr-10.1.yaml
new file mode 100644
index 00000000000..4315ad9a989
--- /dev/null
+++ b/frr-10.1.yaml
@@ -0,0 +1,119 @@
+package:
+ name: frr-10.1
+ version: 10.1.1
+ epoch: 0
+ description: The FRRouting Protocol Suite
+ copyright:
+ - license: GPL-2.0-only
+ dependencies:
+ provides:
+ - frr=${{package.full-version}}
+ runtime:
+ - bash
+ - iproute2
+ - python-3.11
+
+environment:
+ contents:
+ packages:
+ - autoconf
+ - automake
+ - bison
+ - build-base
+ - busybox
+ - c-ares-dev
+ - elfutils-dev
+ - flex
+ - json-c-dev
+ - libcap-dev
+ - libtool
+ - libyang-dev
+ - linenoise-dev
+ - lua5.3
+ - lua5.3-dev
+ - m4
+ - openssf-compiler-options
+ - openssl-dev
+ - patch
+ - pcre2-dev
+ - protobuf-c-dev
+ - python3-dev
+ - readline-dev
+ - rtrlib-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: dbf8dac1cea2b1235746e2d966a8ded9cffd5dc3
+ repository: https://github.com/FRRouting/frr
+ tag: frr-${{package.version}}
+
+ - runs: autoreconf -vif
+
+ - uses: autoconf/configure
+ with:
+ opts: |
+ --sbindir=/usr/lib/frr \
+ --localstatedir=/var \
+ --sysconfdir=/etc \
+ --mandir=/usr/share/man \
+ --infodir=/usr/share/info \
+ --enable-rpki \
+ --enable-vtysh \
+ --enable-multipath=64 \
+ --enable-vty-group=frrvty \
+ --enable-user=frr \
+ --enable-group=frr \
+ --enable-pcre2posix \
+ --enable-scripting \
+ --with-crypto=openssl
+
+ - uses: autoconf/make
+
+ - uses: autoconf/make-install
+
+ - runs: |
+ cp docker/alpine/docker-start ${{targets.destdir}}/usr/lib/frr/docker-start
+ install -d ${{targets.destdir}}/etc/frr
+ install -m 0644 tools/etc/frr/daemons ${{targets.destdir}}/etc/frr/daemons
+ install -d ${{targets.destdir}}/etc/init.d
+ ln -s /usr/lib/frr ${{targets.destdir}}/etc/init.d/frr
+
+ - uses: strip
+
+subpackages:
+ - name: ${{package.name}}-dev
+ description: dev library for ${{package.name}}
+ dependencies:
+ provides:
+ - frr-dev=${{package.full-version}}
+ runtime:
+ - frr=${{package.full-version}}
+ pipeline:
+ - uses: split/dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
+
+ - name: ${{package.name}}-debug
+ dependencies:
+ provides:
+ - frr-debug=${{package.full-version}}
+ pipeline:
+ - uses: split/debug
+ description: ${{package.name}} debug
+
+update:
+ enabled: true
+ github:
+ identifier: frrouting/frr
+ strip-prefix: frr-
+ tag-filter: frr-10.1.
+
+test:
+ pipeline:
+ - name: "version tests"
+ runs: |
+ /usr/lib/frr/zebra --version | grep ${{package.version}}
+ /usr/lib/frr/bgpd --version | grep ${{package.version}}
+ /usr/lib/frr/bfdd --version | grep ${{package.version}}
diff --git a/fuse-overlayfs-snapshotter.yaml b/fuse-overlayfs-snapshotter.yaml
index 23cc3186cc1..473f79d44a0 100644
--- a/fuse-overlayfs-snapshotter.yaml
+++ b/fuse-overlayfs-snapshotter.yaml
@@ -1,7 +1,7 @@
package:
name: fuse-overlayfs-snapshotter
- version: 1.0.8
- epoch: 12
+ version: 2.0.0
+ epoch: 0
description: fuse-overlayfs plugin for rootless containerd
copyright:
- license: Apache-2.0
@@ -23,13 +23,9 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/containerd/fuse-overlayfs-snapshotter
- expected-commit: c54d1c1d71bd1cdc25bbae89208bea0267858ae9
+ expected-commit: 89b60836b7ba353916ff6b89589513e5fb69b2d9
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: github.com/containerd/containerd@v1.7.11 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
-
- runs: |
make bin/containerd-fuse-overlayfs-grpc
diff --git a/fzf.yaml b/fzf.yaml
index 9999df3a792..681ebcec5d0 100644
--- a/fzf.yaml
+++ b/fzf.yaml
@@ -1,6 +1,6 @@
package:
name: fzf
- version: 0.56.0
+ version: 0.56.3
epoch: 0
description: A command-line fuzzy finder
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/junegunn/fzf
tag: v${{package.version}}
- expected-commit: ff1687744db737c935db0f8e4d29373db9f84d8c
+ expected-commit: add1aec685ffe9033bb1fdcaf0df0eae95c9cacd
- uses: go/build
with:
diff --git a/gcc-12.yaml b/gcc-12.yaml
index b2e15369379..00cf7d26be4 100644
--- a/gcc-12.yaml
+++ b/gcc-12.yaml
@@ -1,7 +1,7 @@
package:
name: gcc-12
version: 12.4.0
- epoch: 6
+ epoch: 7
description: "the GNU compiler collection - version 12"
copyright:
- license: GPL-3.0-or-later WITH GCC-exception-3.1
@@ -12,6 +12,7 @@ package:
runtime:
- binutils
- libstdc++-12-dev
+ - openssf-compiler-options
- posix-cc-wrappers
environment:
diff --git a/gcc-13.yaml b/gcc-13.yaml
index a249a9d2ac8..b7c9782dcc3 100644
--- a/gcc-13.yaml
+++ b/gcc-13.yaml
@@ -1,7 +1,7 @@
package:
name: gcc-13
version: 13.3.0
- epoch: 5
+ epoch: 6
description: "the GNU compiler collection - version 13"
copyright:
- license: GPL-3.0-or-later WITH GCC-exception-3.1
@@ -12,6 +12,7 @@ package:
runtime:
- binutils
- libstdc++-13-dev
+ - openssf-compiler-options
- posix-cc-wrappers
environment:
diff --git a/gcc.yaml b/gcc.yaml
index 9dc61b318d0..43ed9cc3b78 100644
--- a/gcc.yaml
+++ b/gcc.yaml
@@ -1,7 +1,7 @@
package:
name: gcc
version: 14.2.0
- epoch: 4
+ epoch: 5
description: "the GNU compiler collection"
copyright:
- license: GPL-3.0-or-later WITH GCC-exception-3.1
@@ -12,6 +12,7 @@ package:
runtime:
- binutils
- libstdc++-dev
+ - openssf-compiler-options
- posix-cc-wrappers
environment:
diff --git a/gdal.yaml b/gdal.yaml
index 57de76a6b00..d756de8e9eb 100644
--- a/gdal.yaml
+++ b/gdal.yaml
@@ -1,7 +1,7 @@
package:
name: gdal
- version: 3.9.3
- epoch: 1
+ version: 3.10.0
+ epoch: 0
description: GDAL is an open source MIT licensed translator library for raster and vector geospatial data formats.
copyright:
- license: MIT
@@ -25,14 +25,15 @@ environment:
- arpack-dev
- autoconf
- automake
+ - bash
- basisu-dev
- bison
- blosc-dev
- brunsli-dev
- build-base
- - busybox
- ca-certificates-bundle
- cmake
+ - coreutils
- curl-dev
- expat-dev
- geos-dev
@@ -66,7 +67,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: f293d8ccc6b98f617db88f8593eae37f7e4b32d49a615b2cba5ced12c7bebdae
+ expected-sha256: 946ef444489bedbc1b04bd4c115d67ae8d3f3e4a5798d5a2f1cb2a11014105b2
uri: https://github.com/OSGeo/gdal/releases/download/v${{package.version}}/gdal-${{package.version}}.tar.gz
# Preffer gdal's FindZSTD which chooses shared linking, rather than
@@ -204,7 +205,7 @@ subpackages:
ogr2ogr --help
ogrinfo --version
ogrinfo --help
- ogrlineref --version
+ ogrlineref --help
ogrtindex --help
setdevenv.sh --version
setdevenv.sh --help
diff --git a/gh.yaml b/gh.yaml
index a05ea38a98f..b096be0ae03 100644
--- a/gh.yaml
+++ b/gh.yaml
@@ -1,6 +1,6 @@
package:
name: gh
- version: 2.60.1
+ version: 2.62.0
epoch: 0
description: GitHub's official command line tool
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: a381ca5dc43eaba63d2356b1442da119864a17ac
+ expected-commit: cd3f2ad064fbeca17d330e321fef0591eaa0fea5
repository: https://github.com/cli/cli
tag: v${{package.version}}
diff --git a/git-sync.yaml b/git-sync.yaml
index 4c0ac7f9fd0..9c0745a2195 100644
--- a/git-sync.yaml
+++ b/git-sync.yaml
@@ -1,7 +1,7 @@
package:
name: git-sync
version: 4.3.0
- epoch: 0
+ epoch: 1
description: A sidecar app which clones a git repo and keeps it in sync with the upstream.
copyright:
- license: Apache-2.0
@@ -17,6 +17,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 97c0d585a83057184821549b30945f2105cc8966
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: .
diff --git a/gitaly-17.5.yaml b/gitaly-17.5.yaml
index 4c7cc0d5aa3..0bd64484c3e 100644
--- a/gitaly-17.5.yaml
+++ b/gitaly-17.5.yaml
@@ -1,6 +1,6 @@
package:
name: gitaly-17.5
- version: "17.5.1"
+ version: 17.5.2
epoch: 0
description:
copyright:
@@ -36,7 +36,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/gitaly.git
tag: v${{package.version}}
- expected-commit: 42b2dc21d50d19003ae74ba9cdadc94aed686162
+ expected-commit: cdf74a7601c8b2902eab0e674f9ec656b9929191
- runs: |
make install DESTDIR="${{targets.destdir}}" PREFIX=/usr
diff --git a/gitea.yaml b/gitea.yaml
index 80592dd1ffa..c0bbc44afed 100644
--- a/gitea.yaml
+++ b/gitea.yaml
@@ -1,7 +1,7 @@
package:
name: gitea
version: 1.22.3
- epoch: 1
+ epoch: 2
description: self-hosted git service
copyright:
- license: MIT
@@ -32,6 +32,10 @@ pipeline:
set -x
CC= GOOS= GOARCH= CGO_ENABLED=0 go generate -tags 'bindata timetzdata sqlite sqlite_unlock_notify' ./...
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: .
diff --git a/gitlab-cng-17.5.yaml b/gitlab-cng-17.5.yaml
index 1791834daec..617a95947a2 100644
--- a/gitlab-cng-17.5.yaml
+++ b/gitlab-cng-17.5.yaml
@@ -34,7 +34,7 @@ package:
name: gitlab-cng-17.5
# ---Additional updates required--- Review 'vars' section (above), when reviewing version bumps.
version: "17.5.1"
- epoch: 0
+ epoch: 1
description: Cloud Native container images per component of GitLab
copyright:
- license: MIT
@@ -196,6 +196,10 @@ subpackages:
- working-directory: ./container-registry
runs: |
mkdir -p "${{targets.contextdir}}"/etc/docker/registry
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: ./container-registry
- uses: go/build
with:
packages: ./cmd/registry
diff --git a/gitlab-kas-17.5.yaml b/gitlab-kas-17.5.yaml
index cb2059a0ba5..843d8aefe0e 100644
--- a/gitlab-kas-17.5.yaml
+++ b/gitlab-kas-17.5.yaml
@@ -1,6 +1,6 @@
package:
name: gitlab-kas-17.5
- version: "17.5.1"
+ version: 17.5.2
epoch: 0
description: GitLab KAS is a component installed together with GitLab. It is required to manage the GitLab agent for Kubernetes.
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/cluster-integration/gitlab-agent
tag: v${{package.version}}
- expected-commit: a4846fa38b47638ef3d37ecc9ee0ebaaad8e88db
+ expected-commit: 847d7deea3b9937a8824fe8e783fd142ba426d8f
- uses: go/build
with:
diff --git a/gitlab-pages-17.5.yaml b/gitlab-pages-17.5.yaml
index 2e3d2a7d72b..4944626fd4c 100644
--- a/gitlab-pages-17.5.yaml
+++ b/gitlab-pages-17.5.yaml
@@ -1,6 +1,6 @@
package:
name: gitlab-pages-17.5
- version: "17.5.1"
+ version: 17.5.2
epoch: 0
description: GitLab Pages daemon used to serve static websites for GitLab users.
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/gitlab-pages.git
tag: v${{package.version}}
- expected-commit: ef355aa9cb110e9d568ee62432ab324330b7399c
+ expected-commit: 086dfbdfe2337874e342b48dba5508b7d3f59626
- uses: go/build
with:
diff --git a/gitlab-runner-17.5.yaml b/gitlab-runner-17.5.yaml
index 53c5aaacd1d..cc0e03998c1 100644
--- a/gitlab-runner-17.5.yaml
+++ b/gitlab-runner-17.5.yaml
@@ -20,8 +20,8 @@ var-transforms:
package:
name: gitlab-runner-17.5
# ---Additional updates required--- Review 'vars' section (above), when reviewing version bumps.
- version: "17.5.2"
- epoch: 0
+ version: "17.5.3"
+ epoch: 1
description: GitLab Runner is the open source project that is used to run your CI/CD jobs and send the results back to GitLab
copyright:
- license: MIT
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/gitlab-runner
tag: v${{package.version}}
- expected-commit: c6eae8d7b606df43f78e5c1508a932d007da4c3b
+ expected-commit: 12030cf4e1c6c9f8bc5a1e6eb515d7884e20f5c4
- uses: go/build
with:
@@ -100,6 +100,10 @@ subpackages:
tag: v${{vars.machine-tag}}
expected-commit: ${{vars.machine-commit}}
destination: ./machine
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: ./machine
- uses: go/build
with:
packages: ./cmd/docker-machine
diff --git a/gitsign.yaml b/gitsign.yaml
index eb2cc2a96d7..96739dbd483 100644
--- a/gitsign.yaml
+++ b/gitsign.yaml
@@ -1,7 +1,7 @@
package:
name: gitsign
- version: 0.10.2
- epoch: 7
+ version: 0.11.0
+ epoch: 1
description: Keyless Git signing with Sigstore!
copyright:
- license: Apache-2.0
@@ -15,11 +15,11 @@ pipeline:
with:
repository: https://github.com/sigstore/gitsign/
tag: v${{package.version}}
- expected-commit: 537cd20b0873a456650d2c018376f01b4dbe5a3f
+ expected-commit: 8e08985029f0c0e5f0603d20c21864a3a97316cc
- uses: go/bump
with:
- deps: github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/docker/docker@v26.1.5
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- uses: go/build
with:
diff --git a/glab.yaml b/glab.yaml
index 4ae73c605e2..06915c0b95e 100644
--- a/glab.yaml
+++ b/glab.yaml
@@ -4,7 +4,7 @@
#nolint:git-checkout-must-use-github-updates
package:
name: glab
- version: 1.48.0
+ version: 1.49.0
epoch: 0
description: A GitLab CLI tool bringing GitLab to your command line
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://gitlab.com/gitlab-org/cli
tag: v${{package.version}}
- expected-commit: 2db471edb1eb73439eecc04e0a6ab5acc1f32c80
+ expected-commit: 3e70664b62c2a06c5b1fced624612a99fc58a2ed
- uses: go/build
with:
diff --git a/glew.yaml b/glew.yaml
index 5d61065804c..e630e6169a7 100644
--- a/glew.yaml
+++ b/glew.yaml
@@ -1,7 +1,7 @@
package:
name: glew
version: 2.2.0
- epoch: 1
+ epoch: 2
description: "A cross-platform C/C++ extension loading library"
copyright:
- license: GPL-2.0-or-later
@@ -17,7 +17,7 @@ environment:
- libxi-dev
- libxmu-dev
- mesa-dev
- - mesa-gl
+ - mesa-glx
- mesa-libgallium
- openssf-compiler-options
- wolfi-base
diff --git a/glib.yaml b/glib.yaml
index e16fecb8bb6..8382cc1a17c 100644
--- a/glib.yaml
+++ b/glib.yaml
@@ -1,7 +1,7 @@
package:
name: glib
- version: 2.82.1
- epoch: 1
+ version: 2.83.0
+ epoch: 0
description: Common C routines used by Gtk+ and other libs
copyright:
- license: LGPL-2.1-or-later
@@ -46,7 +46,7 @@ pipeline:
with:
repository: https://gitlab.gnome.org/GNOME/glib.git
tag: ${{package.version}}
- expected-commit: bd40fbba132fb3d6e5d785ae9d2b05a9e0da8409
+ expected-commit: a429e56523f5b4565fe373a1138ccfd2d3d24f24
- uses: meson/configure
with:
@@ -132,8 +132,7 @@ subpackages:
update:
enabled: true
- release-monitor:
- identifier: 10024
+ git: {}
test:
pipeline:
diff --git a/gnutls.yaml b/gnutls.yaml
index ff0486a872e..64e9e43be04 100644
--- a/gnutls.yaml
+++ b/gnutls.yaml
@@ -1,7 +1,7 @@
package:
name: gnutls
- version: 3.8.7
- epoch: 1
+ version: 3.8.8
+ epoch: 0
description: TLS protocol implementation
copyright:
- license: LGPL-2.1-or-later
@@ -38,7 +38,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: fe302f2b6ad5a564bcb3678eb61616413ed5277aaf8e7bf7cdb9a95a18d9f477
+ expected-sha256: ac4f020e583880b51380ed226e59033244bc536cad2623f2e26f5afa2939d8fb
uri: https://www.gnupg.org/ftp/gcrypt/gnutls/v${{vars.mangled-package-version}}/gnutls-${{package.version}}.tar.xz
- runs: |
diff --git a/go-1.22.yaml b/go-1.22.yaml
index 37a74e1669b..2735a9fc1c0 100644
--- a/go-1.22.yaml
+++ b/go-1.22.yaml
@@ -1,6 +1,6 @@
package:
name: go-1.22
- version: 1.22.8
+ version: 1.22.9
epoch: 0
description: "the Go programming language"
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/golang/go
tag: go${{package.version}}
- expected-commit: aeccd613c896d39f582036aa52917c85ecf0b0c0
+ expected-commit: 8af39d30a4c4cf68d566345f26224c191960d9b0
- uses: patch
with:
diff --git a/go-1.23.yaml b/go-1.23.yaml
index f986187477f..60dca9bd9f8 100644
--- a/go-1.23.yaml
+++ b/go-1.23.yaml
@@ -1,7 +1,7 @@
package:
name: go-1.23
- version: 1.23.2
- epoch: 0
+ version: 1.23.3
+ epoch: 1
description: "the Go programming language"
copyright:
- license: BSD-3-Clause
@@ -34,11 +34,13 @@ pipeline:
with:
repository: https://github.com/golang/go
tag: go${{package.version}}
- expected-commit: ed07b321aef7632f956ce991dd10fdd7e1abd827
+ expected-commit: c390a1c22e8951263e6c01346a4281d604b25062
- uses: patch
with:
- patches: cmd-go-always-emit-ldflags-version-information.patch
+ patches: |
+ cmd-go-always-emit-ldflags-version-information.patch
+ change-default-telemetry-from-local-to-off.patch
- runs: |
cd src
@@ -146,3 +148,41 @@ test:
# Run the Go program with cgo and check the output
go run hello_cgo.go | grep "Hello from cgo!"
+ - name: Test telemetry settings
+ runs: |
+ fail() { echo "FAIL:" "$@" 1>&2; exit 1; }
+
+ tmpd=$(mktemp -d)
+ trap "rm -R '$tmpd'" EXIT
+ export HOME="$tmpd/home"
+ mkdir "$HOME"
+
+ out=$(go telemetry) || fail "'go telemetry' exited $?"
+ [ "$out" = "off" ] ||
+ fail "go telemetry output '$out'. expected 'off'"
+
+ cfgdir="$HOME/.config/go/telemetry"
+ if [ -d "$cfgdir" ]; then
+ fail "$cfgdir was created by running 'go telemetry'"
+ fi
+
+ go telemetry on ||
+ fail "'go telemetry on' exited $?"
+ out=$(go telemetry) || fail "'go telemetry' after 'on' exited $?"
+ [ "$out" = "on" ] ||
+ fail "go telemetry after 'on' output '$out'. expected 'on'"
+
+ [ -f "$cfgdir/mode" ] ||
+ fail "ERROR: 'go telemetry on' did not write ~/${cfgdir#$HOME/}"
+
+ go telemetry local ||
+ fail "'go telemetry local' exited $?"
+ out=$(go telemetry) || fail "'go telemetry' after 'local' exited $?"
+ [ "$out" = "local" ] ||
+ fail "go telemetry after 'local' output '$out'. expected 'on'"
+
+ go telemetry off ||
+ fail "explicit 'go telemetry off' exited $?"
+ out=$(go telemetry) || fail "'go telemetry' after explicit off exited $?"
+ [ "$out" = "off" ] ||
+ fail "go telemetry after explicit off output '$out'. expected 'off'"
diff --git a/go-1.23/change-default-telemetry-from-local-to-off.patch b/go-1.23/change-default-telemetry-from-local-to-off.patch
new file mode 100644
index 00000000000..283bd0561c2
--- /dev/null
+++ b/go-1.23/change-default-telemetry-from-local-to-off.patch
@@ -0,0 +1,48 @@
+From bccdae45d85882dc2fb2fafa80b8b2997f561fe3 Mon Sep 17 00:00:00 2001
+From: Scott Moser
+Date: Wed, 13 Nov 2024 14:01:30 -0500
+Subject: [PATCH] Change default telemetry setting from 'local' to 'off'
+
+Go 1.23 introduced a telemetry feature that collects local audit data
+about the Go toolchain, storing it by default in
+$HOME/.config/go/telemetry. While this data is not sent externally by
+default, the local storage path can trigger security alerts in tools
+like Falco, as it writes to a sensitive location under /root.
+
+The behavior can be disabled with 'go telemetry off', which writes
+to the config file above, but that means the user needs to do so
+before calling 'go' in any other manner. Doing so for a container
+is non-obvious. We could build /root/.config/go/telemetry into
+a 'go' image, but that would still provide a problem for any user
+other than uid 0.
+
+There is no mechanism to change the behavior "system wide" or an
+environment variable that can set the value.
+
+See https://github.com/golang/go/issues/68960 and
+https://github.com/golang/go/issues/69113. The second one requests that
+env GOTELEMETRY=off would disable telemetry. That would be easy for us
+to utilize but it was rejected upstream.
+
+Instead, we just change the default value returned if there is no
+.config/go/telemetry/mode file present.
+---
+ src/cmd/vendor/golang.org/x/telemetry/internal/telemetry/dir.go | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/cmd/vendor/golang.org/x/telemetry/internal/telemetry/dir.go b/src/cmd/vendor/golang.org/x/telemetry/internal/telemetry/dir.go
+index dd7a63c816..cc4d08f651 100644
+--- a/src/cmd/vendor/golang.org/x/telemetry/internal/telemetry/dir.go
++++ b/src/cmd/vendor/golang.org/x/telemetry/internal/telemetry/dir.go
+@@ -127,7 +127,7 @@ func (d Dir) Mode() (string, time.Time) {
+ }
+ data, err := os.ReadFile(d.modefile)
+ if err != nil {
+- return "local", time.Time{} // default
++ return "off", time.Time{} // default
+ }
+ mode := string(data)
+ mode = strings.TrimSpace(mode)
+--
+2.43.0
+
diff --git a/go-discover.yaml b/go-discover.yaml
index 386f53f4f21..bc6fbe13693 100644
--- a/go-discover.yaml
+++ b/go-discover.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-tag
package:
name: go-discover
- version: 0_git20241103
+ version: 0_git20241116
epoch: 0
description: go-discover is a Go (golang) library and command line tool to discover ip addresses of nodes in cloud environments based on meta information like tags provided by the environment.
copyright:
diff --git a/golangci-lint.yaml b/golangci-lint.yaml
index 32bd4779eb8..06c4fb16c52 100644
--- a/golangci-lint.yaml
+++ b/golangci-lint.yaml
@@ -1,7 +1,7 @@
package:
name: golangci-lint
- version: 1.61.0
- epoch: 1
+ version: 1.62.0
+ epoch: 0
description: Fast linters Runner for Go
copyright:
- license: Apache-2.0
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/golangci/golangci-lint
tag: v${{package.version}}
- expected-commit: a1d6c560de1a193a0c68ffed68cd5928ef39e884
+ expected-commit: 22b58c9b648f027d699f305c069a2a97ed0c5b06
- runs: |
make build
diff --git a/gomplate.yaml b/gomplate.yaml
index ac6c007dc41..7644c6adf4b 100644
--- a/gomplate.yaml
+++ b/gomplate.yaml
@@ -1,7 +1,7 @@
package:
name: gomplate
- version: 4.1.0
- epoch: 3
+ version: 4.2.0
+ epoch: 0
description: A go templating utility.
copyright:
- license: MIT
@@ -20,14 +20,10 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cc2584028866967a39b096265d5b9af4516c734f
+ expected-commit: 020f6d1a276ef39beeea83e2513ccead940bfea3
repository: https://github.com/hairyhenderson/gomplate
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: google.golang.org/grpc@v1.64.1
-
- runs: |
mkdir -p ${{targets.destdir}}/usr/bin
go build -o ${{targets.destdir}}/usr/bin \
diff --git a/google-cloud-sdk.yaml b/google-cloud-sdk.yaml
index ab05bf83336..ee69bb6be89 100644
--- a/google-cloud-sdk.yaml
+++ b/google-cloud-sdk.yaml
@@ -1,6 +1,6 @@
package:
name: google-cloud-sdk
- version: 499.0.0
+ version: 501.0.0
epoch: 0
description: "Google Cloud Command Line Interface"
copyright:
@@ -39,14 +39,14 @@ pipeline:
uses: fetch
with:
uri: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-${{package.version}}-linux-x86_64.tar.gz
- expected-sha256: a43370a34cbe4d7defbae25fb09872ace7df0793a36424033dce05e056fce77f
+ expected-sha256: b65ef3d0018bf213ba1da7a8f864fa9a1e413c740475ab0c8621935bd06a34e2
strip-components: 0
- if: ${{build.arch}} == "aarch64"
uses: fetch
with:
uri: https://dl.google.com/dl/cloudsdk/channels/rapid/downloads/google-cloud-cli-${{package.version}}-linux-arm.tar.gz
- expected-sha256: aa5d7cfcddb402d43005fc4c67621dc45d178890d18ee681c26232b9589e4db3
+ expected-sha256: 4b185338d3de13d96023c95ec2f8c983f4b1390034663ab1e6d77f9efd3c60c5
strip-components: 0
- runs: |
diff --git a/goreleaser.yaml b/goreleaser.yaml
index d6bf6803769..1e7cbfb5a9a 100644
--- a/goreleaser.yaml
+++ b/goreleaser.yaml
@@ -1,6 +1,6 @@
package:
name: goreleaser
- version: 2.4.2
+ version: 2.4.5
epoch: 0
description: Deliver Go binaries as fast and easily as possible
copyright:
@@ -16,7 +16,7 @@ pipeline:
with:
repository: https://github.com/goreleaser/goreleaser
tag: v${{package.version}}
- expected-commit: 23f35021ae6ea849241e55a5bc5e6f690b6f587c
+ expected-commit: 4529e9301072ada49ea368d0e6a4ec2e9cfef897
- uses: go/build
with:
diff --git a/gpgme.yaml b/gpgme.yaml
index ce3696067a6..f2b4140e375 100644
--- a/gpgme.yaml
+++ b/gpgme.yaml
@@ -1,7 +1,7 @@
package:
name: gpgme
- version: 1.23.2
- epoch: 2
+ version: 1.24.0
+ epoch: 0
description: GNU - GnuPG Made Easy
copyright:
- license: GPL-3.0-or-later
@@ -25,7 +25,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 9499e8b1f33cccb6815527a1bc16049d35a6198a6c5fae0185f2bd561bce5224
+ expected-sha256: 61e3a6ad89323fecfaff176bc1728fb8c3312f2faa83424d9d5077ba20f5f7da
uri: https://gnupg.org/ftp/gcrypt/gpgme/gpgme-${{package.version}}.tar.bz2
- uses: autoconf/configure
diff --git a/gradle-8.yaml b/gradle-8.yaml
index e26987dfbfe..ade6a2d5925 100644
--- a/gradle-8.yaml
+++ b/gradle-8.yaml
@@ -1,6 +1,6 @@
package:
name: gradle-8
- version: 8.10.2
+ version: 8.11.0
# For version upgrades check whether patches are still needed.
# Upstream changes are being tracked in https://github.com/gradle/gradle/issues/25945
epoch: 0
@@ -35,7 +35,7 @@ pipeline:
with:
repository: https://github.com/gradle/gradle
tag: v${{package.version}}
- expected-commit: 415adb9e06a516c44b391edff552fd42139443f7
+ expected-commit: b2ef976169a05b3c76d04f0fa76a940859f96fa4
- uses: patch
with:
diff --git a/grafana-11.3.yaml b/grafana-11.3.yaml
index e478c4e5a25..a7e03ac91da 100644
--- a/grafana-11.3.yaml
+++ b/grafana-11.3.yaml
@@ -1,7 +1,7 @@
package:
name: grafana-11.3
- version: 11.3.0
- epoch: 1
+ version: 11.3.0.01
+ epoch: 0
description: The open and composable observability and data visualization platform.
copyright:
- license: AGPL-3.0-or-later
@@ -25,12 +25,22 @@ environment:
- yarn
- zlib-dev
+var-transforms:
+ - from: ${{package.version}}
+ match: ^(\d+\.\d+\.\d+)\.(\d+)$
+ replace: "${1}+security-${2}"
+ to: upstream-package-version
+
pipeline:
- uses: git-checkout
with:
- expected-commit: d9455ff7db73b694db7d412e49a68bec767f2b5a
+ expected-commit: 83d342771da7137d3bbeabfc80709031532ddca3
repository: https://github.com/grafana/grafana
- tag: v${{package.version}}
+ tag: v${{vars.upstream-package-version}}
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- name: Build
runs: |
@@ -68,6 +78,9 @@ subpackages:
update:
enabled: true
+ version-transform:
+ - match: ^(\d+\.\d+\.\d+)\+security-(\d+)
+ replace: $1.$2
github:
identifier: grafana/grafana
strip-prefix: v
diff --git a/grafana-alloy.yaml b/grafana-alloy.yaml
index b47547f4415..325564f1dd6 100644
--- a/grafana-alloy.yaml
+++ b/grafana-alloy.yaml
@@ -1,7 +1,7 @@
package:
name: grafana-alloy
- version: 1.4.3
- epoch: 1
+ version: 1.5.0
+ epoch: 0
description: OpenTelemetry Collector distribution with programmable pipelines
copyright:
- license: Apache-2.0
@@ -26,11 +26,15 @@ pipeline:
with:
repository: https://github.com/grafana/alloy
tag: v${{package.version}}
- expected-commit: 21d118c9a816177efd01312a44b630a7568aded0
+ expected-commit: 3a39c06613073f2cc76dab03c7cf8210569871e9
- name: Generate UI
runs: make generate-ui
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: .
diff --git a/grafana-mimir.yaml b/grafana-mimir.yaml
index 72d8c0ae7ed..f514055c01e 100644
--- a/grafana-mimir.yaml
+++ b/grafana-mimir.yaml
@@ -1,6 +1,6 @@
package:
name: grafana-mimir
- version: 2.14.1
+ version: 2.14.2
epoch: 0
description: Grafana Mimir provides horizontally scalable, highly available, multi-tenant, long-term storage for Prometheus.
copyright:
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/grafana/mimir
tag: mimir-${{package.version}}
- expected-commit: c3a51a500b3e425019c34fbf2afe2714c60b4df8
+ expected-commit: 2db2c4d9de8565c52fcef3050b95b8a2808b407e
# the repo has an ssh://git@github.com URI for mimir-prometheus
# so just rm the file and default to the https URL for go.mod
diff --git a/grype.yaml b/grype.yaml
index a86f02012e2..64e33e836a4 100644
--- a/grype.yaml
+++ b/grype.yaml
@@ -1,6 +1,6 @@
package:
name: grype
- version: 0.83.0
+ version: 0.84.0
epoch: 0
description: Vulnerability scanner for container images, filesystems, and SBOMs
copyright:
@@ -15,7 +15,7 @@ pipeline:
with:
repository: https://github.com/anchore/grype
tag: v${{package.version}}
- expected-commit: 0602464ebc9f3c417b1175b3e104b19a006604b7
+ expected-commit: c8d5ffca8d304e0fd5db04fce109fe0d91fa5781
- uses: go/build
with:
diff --git a/gst-plugins-bad.yaml b/gst-plugins-bad.yaml
index f72f42a3114..bdf33927759 100644
--- a/gst-plugins-bad.yaml
+++ b/gst-plugins-bad.yaml
@@ -1,7 +1,7 @@
package:
name: gst-plugins-bad
version: 1.24.9
- epoch: 0
+ epoch: 1
description: GStreamer streaming media framework bad plug-ins
copyright:
- license: GPL-2.0-or-later AND LGPL-2.0-or-later
@@ -34,9 +34,8 @@ environment:
- libxv-dev
- mesa-dev
- mesa-gbm
- - mesa-gl
- mesa-glapi
- - mesa-gles
+ - mesa-glx
- mesa-libgallium
- meson
- openssf-compiler-options
diff --git a/gst-plugins-base.yaml b/gst-plugins-base.yaml
index 06f1d591007..8914c2d4381 100644
--- a/gst-plugins-base.yaml
+++ b/gst-plugins-base.yaml
@@ -1,7 +1,7 @@
package:
name: gst-plugins-base
version: 1.24.9
- epoch: 0
+ epoch: 2
description: GStreamer streaming media framework base plug-ins
copyright:
- license: GPL-2.0-or-later AND LGPL-2.0-or-later
@@ -34,9 +34,8 @@ environment:
- mesa-dev
- mesa-egl
- mesa-gbm
- - mesa-gl
- mesa-glapi
- - mesa-gles
+ - mesa-glx
- mesa-libgallium
- meson
- openssf-compiler-options
diff --git a/gtk-4.yaml b/gtk-4.yaml
index d8d911e55ce..7cba427aa38 100644
--- a/gtk-4.yaml
+++ b/gtk-4.yaml
@@ -1,6 +1,6 @@
package:
name: gtk-4
- version: 4.16.5
+ version: 4.17.0
epoch: 0
description: The GTK+ Toolkit (v4)
copyright:
@@ -93,7 +93,7 @@ pipeline:
with:
repository: https://gitlab.gnome.org/GNOME/gtk.git
tag: ${{package.version}}
- expected-commit: 08238a39a208af107688f938af398eb030b6f537
+ expected-commit: a4ee14d94f08c9c213a5fa6a18542c90e8be7981
- uses: meson/configure
with:
diff --git a/guac.yaml b/guac.yaml
index a67a2da081f..489b6820caa 100644
--- a/guac.yaml
+++ b/guac.yaml
@@ -1,7 +1,7 @@
package:
name: guac
version: 0.11.2
- epoch: 0
+ epoch: 1
description: GUAC aggregates software security metadata into a high fidelity graph database.
copyright:
- license: Apache-2.0
@@ -21,6 +21,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: a5fe0899c81ef78a4468ca66a8c7049c46f0f281
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: ./cmd/guaccollect
diff --git a/haproxy-3.0.yaml b/haproxy-3.0.yaml
index d0bcf751dd3..1178bf838d8 100644
--- a/haproxy-3.0.yaml
+++ b/haproxy-3.0.yaml
@@ -1,7 +1,7 @@
package:
name: haproxy-3.0
- version: 3.0.5
- epoch: 1
+ version: 3.0.6
+ epoch: 0
description: "A TCP/HTTP reverse proxy for high availability environments"
copyright:
- license: GPL-2.0-or-later
@@ -36,7 +36,7 @@ pipeline:
- uses: fetch
with:
uri: https://www.haproxy.org/download/${{vars.major-minor-version}}/src/haproxy-${{package.version}}.tar.gz
- expected-sha256: ae38221e85aeba038a725efbef5bfe5e76671ba7959e5eb74c39fd079e5d002e
+ expected-sha256: cf1bf58b5bc79c48db7b01667596ffd98343adb29a41096f075f00a8f90a7335
- uses: autoconf/make
with:
opts: |
diff --git a/harbor-2.11.yaml b/harbor-2.12.yaml
similarity index 97%
rename from harbor-2.11.yaml
rename to harbor-2.12.yaml
index 19fe56b0fab..ee12c0f5afb 100644
--- a/harbor-2.11.yaml
+++ b/harbor-2.12.yaml
@@ -1,6 +1,6 @@
package:
- name: harbor-2.11
- version: 2.11.1
+ name: harbor-2.12
+ version: 2.12.0
epoch: 1
description: An open source trusted cloud native registry project that stores, signs, and scans content
copyright:
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/goharbor/harbor
tag: v${{package.version}}
- expected-commit: 6b7ecba1b15a90cb8d1ff090dd9aaffe168ede4e
+ expected-commit: 9da38ae048a186acb022683b38bdea27dcf030e0
- runs: |
# Harbor swagger generation is broken with the latest swagger use the version below for now
@@ -45,8 +45,8 @@ pipeline:
- uses: go/bump
with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
modroot: ./src
- deps: github.com/docker/docker@v26.1.5
- uses: go/build
with:
@@ -183,5 +183,5 @@ update:
github:
identifier: goharbor/harbor
strip-prefix: v
- tag-filter-prefix: v2.11.
+ tag-filter-prefix: v2.12.
use-tag: true
diff --git a/harbor-scanner-trivy.yaml b/harbor-scanner-trivy.yaml
index 4e860d92eea..9de0350bddf 100644
--- a/harbor-scanner-trivy.yaml
+++ b/harbor-scanner-trivy.yaml
@@ -1,7 +1,7 @@
package:
name: harbor-scanner-trivy
- version: 0.31.4
- epoch: 1
+ version: 0.32.0
+ epoch: 0
description: Use Trivy as a plug-in vulnerability scanner in the Harbor registry
copyright:
- license: Apache-2.0
@@ -13,8 +13,8 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: d42c6b1f91f9ec87c789035f7583f684bcde0103
- repository: https://github.com/aquasecurity/harbor-scanner-trivy
+ expected-commit: 1087bb66fb81116f972ae7a10a8a87f1e0267c86
+ repository: https://github.com/goharbor/harbor-scanner-trivy
tag: v${{package.version}}
- uses: go/build
@@ -32,6 +32,8 @@ test:
update:
enabled: true
+ ignore-regex-patterns:
+ - rc
github:
- identifier: aquasecurity/harbor-scanner-trivy
+ identifier: goharbor/harbor-scanner-trivy
strip-prefix: v
diff --git a/hardening-check.yaml b/hardening-check.yaml
index fafeacbe562..63f2dc4cdba 100644
--- a/hardening-check.yaml
+++ b/hardening-check.yaml
@@ -1,6 +1,6 @@
package:
name: hardening-check
- version: 2.24.2
+ version: 2.24.3
epoch: 0
description: "Debian devscripts hardening-check"
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://salsa.debian.org/debian/devscripts.git
tag: v${{package.version}}
- expected-commit: 9b0efeea01020ab906b21c96e3e82c40aadacad2
+ expected-commit: 132a8383baaa537c150a9193d96fc6666ad87c8d
- runs: |
mkdir -p "${{targets.destdir}}"/usr/bin
diff --git a/harfbuzz.yaml b/harfbuzz.yaml
index c2bd366feb6..9be4047d627 100644
--- a/harfbuzz.yaml
+++ b/harfbuzz.yaml
@@ -1,7 +1,7 @@
package:
name: harfbuzz
- version: 10.0.1
- epoch: 1
+ version: 10.1.0
+ epoch: 0
description: Text shaping library
copyright:
- license: MIT
@@ -30,7 +30,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: b2cb13bd351904cb9038f907dc0dee0ae07127061242fe3556b2795c4e9748fc
+ expected-sha256: 6ce3520f2d089a33cef0fc48321334b8e0b72141f6a763719aaaecd2779ecb82
uri: https://github.com/harfbuzz/harfbuzz/releases/download/${{package.version}}/harfbuzz-${{package.version}}.tar.xz
- uses: meson/configure
diff --git a/hcloud.yaml b/hcloud.yaml
index c66bcd82582..a11cb72fe66 100644
--- a/hcloud.yaml
+++ b/hcloud.yaml
@@ -1,6 +1,6 @@
package:
name: hcloud
- version: 1.48.0
+ version: 1.49.0
epoch: 0
description: A command-line interface for Hetzner Cloud
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/hetznercloud/cli
tag: v${{package.version}}
- expected-commit: 0ea077a9a334c6e6a620ea46a5e224dfc7ef901a
+ expected-commit: fbcbf3b153e2ca14364a3af57ba574dbb1e472ac
- uses: go/build
with:
diff --git a/helix.yaml b/helix.yaml
index fd369ea432a..02a9a039f3c 100644
--- a/helix.yaml
+++ b/helix.yaml
@@ -1,7 +1,7 @@
package:
name: helix
version: "24.07"
- epoch: 0
+ epoch: 1
description: "A post-modern modal text editor."
copyright:
- license: MPL-2.0
@@ -12,6 +12,7 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
+ - openssf-compiler-options
- rust
- wolfi-base
diff --git a/helm.yaml b/helm.yaml
index c5417fca389..5d60dda8794 100644
--- a/helm.yaml
+++ b/helm.yaml
@@ -1,6 +1,6 @@
package:
name: helm
- version: 3.16.2
+ version: 3.16.3
epoch: 0
description: The Kubernetes Package Manager
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/helm/helm
tag: v${{package.version}}
- expected-commit: 13654a52f7c70a143b1dd51416d633e1071faffb
+ expected-commit: cfd07493f46efc9debd9cc1b02a0961186df7fdf
- uses: go/bump
with:
diff --git a/hugo-extended.yaml b/hugo-extended.yaml
index a903307c784..922343892f0 100644
--- a/hugo-extended.yaml
+++ b/hugo-extended.yaml
@@ -1,6 +1,6 @@
package:
name: hugo-extended
- version: 0.137.0
+ version: 0.138.0
epoch: 0
description: The world's fastest framework for building websites.
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/gohugoio/hugo
tag: v${{package.version}}
- expected-commit: 59c115813595cba1b1c0e70b867e734992648d1b
+ expected-commit: ad82998d54b3f9f8c2741b67356813b55b3134b9
- uses: go/build
with:
diff --git a/hugo.yaml b/hugo.yaml
index b10a1e33859..eec09690ba1 100644
--- a/hugo.yaml
+++ b/hugo.yaml
@@ -1,6 +1,6 @@
package:
name: hugo
- version: 0.137.0
+ version: 0.138.0
epoch: 0
description: The world's fastest framework for building websites.
copyright:
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/gohugoio/hugo
tag: v${{package.version}}
- expected-commit: 59c115813595cba1b1c0e70b867e734992648d1b
+ expected-commit: ad82998d54b3f9f8c2741b67356813b55b3134b9
- uses: go/build
with:
diff --git a/imagemagick.yaml b/imagemagick.yaml
index 3dbd04a32fb..1a0649208e3 100644
--- a/imagemagick.yaml
+++ b/imagemagick.yaml
@@ -1,7 +1,7 @@
package:
name: imagemagick
- version: 7.1.1.39
- epoch: 1
+ version: 7.1.1.40
+ epoch: 0
description: Tools and libraries for manipulating common image formats
copyright:
- license: ImageMagick
@@ -46,7 +46,7 @@ var-transforms:
pipeline:
- uses: fetch
with:
- expected-sha256: b2eb652d9221bdeb65772503891d8bfcfc36b3b1a2c9bb35b9d247a08965fd5d
+ expected-sha256: a6aba2cfd9c20c909614b332d8b91b389909e233041aa46d29db9e371c6f114a
uri: https://github.com/ImageMagick/ImageMagick/archive/refs/tags/${{vars.mangled-package-version}}.tar.gz
- uses: autoconf/configure
diff --git a/ingress-nginx-controller-1.11.yaml b/ingress-nginx-controller-1.11.yaml
index 367d0872f50..6c5b6b094f6 100644
--- a/ingress-nginx-controller-1.11.yaml
+++ b/ingress-nginx-controller-1.11.yaml
@@ -3,7 +3,7 @@ package:
name: ingress-nginx-controller-1.11
version: 1.11.3
# There are manual changes to review between each package update. See 'vars:' section.
- epoch: 1
+ epoch: 2
description: "Ingress-NGINX Controller for Kubernetes"
copyright:
- license: Apache-2.0
@@ -541,6 +541,7 @@ subpackages:
provides:
- ingress-nginx-opentelemetry=${{vars.nginx-ingress-major-minor}}
runtime:
+ - opentelemetry-plugin-nginx
- opentelemetry-plugin-nginx-compat
pipeline:
- uses: go/build
@@ -550,6 +551,10 @@ subpackages:
packages: init_module.go
modroot: images/opentelemetry/rootfs
test:
+ environment:
+ contents:
+ packages:
+ - opentelemetry-plugin-nginx
pipeline:
- runs: |
mkdir -p /modules_mount/etc/nginx/modules/otel
diff --git a/iperf.yaml b/iperf.yaml
index c4b8fb8b656..c365e7f3d01 100644
--- a/iperf.yaml
+++ b/iperf.yaml
@@ -1,7 +1,7 @@
package:
name: iperf
- version: 2.2.0
- epoch: 2
+ version: 2.2.1
+ epoch: 0
description: A tool to measure IP bandwidth using UDP or TCP
copyright:
- license: NCSA
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 16810a9575e4c6dd65e4a18ab5df3cdac6730b3c832cf080a8990f132f68364a
+ expected-sha256: 754ab0a7e28033dbea81308ef424bc7df4d6e2fe31b60cc536b61b51fefbd8fb
uri: https://sourceforge.net/projects/iperf2/files/iperf-${{package.version}}.tar.gz
- uses: autoconf/configure
diff --git a/ipfs.yaml b/ipfs.yaml
index 8d3478549c8..5f4fb957203 100644
--- a/ipfs.yaml
+++ b/ipfs.yaml
@@ -1,7 +1,7 @@
package:
name: ipfs
- version: 0.31.0
- epoch: 1
+ version: 0.32.1
+ epoch: 0
description: An IPFS implementation in Go
copyright:
- license: Apache-2.0
@@ -25,14 +25,10 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 5a32936f781ac1971899655856a2804cdf329032
+ expected-commit: 901745353f3b14b3dbf295a6d3f5f98a5a2ce38f
repository: https://github.com/ipfs/kubo
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: github.com/rs/cors@v1.11.0 google.golang.org/grpc@v1.64.1
-
- runs: |
CGO_ENABLED=1 GOOS=$(go env GOOS) GOARCH=$(go env GOARCH) GOFLAGS=-buildvcs=false make build GOTAGS=openssl
install -m755 -D ./cmd/ipfs/ipfs "${{targets.destdir}}"/usr/bin/ipfs
diff --git a/iptables.yaml b/iptables.yaml
index 567f7d49ae7..b0a9641fc21 100644
--- a/iptables.yaml
+++ b/iptables.yaml
@@ -1,7 +1,7 @@
package:
name: iptables
- version: 1.8.10
- epoch: 7
+ version: 1.8.11
+ epoch: 0
description: Linux kernel firewall, NAT and packet mangling tools
copyright:
- license: GPL-2.0-or-later
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://git.netfilter.org/iptables
tag: v${{package.version}}
- expected-commit: 8ae55c2a331e932c0aeef8c6c138bf60deb9fd42
+ expected-commit: 0506bea1dcc8f12d94e7c32bf2fb04abb3fdd269
depth: "-1"
- runs: |
diff --git a/istio-1.24.yaml b/istio-1.24.yaml
new file mode 100644
index 00000000000..2d8d9cd838d
--- /dev/null
+++ b/istio-1.24.yaml
@@ -0,0 +1,160 @@
+package:
+ name: istio-1.24
+ version: 1.24.0
+ epoch: 1
+ description: Istio is an open source service mesh that layers transparently onto existing distributed applications.
+ copyright:
+ - license: Apache-2.0
+
+var-transforms:
+ - from: ${{package.version}}
+ match: ^(\d+\.\d+)\.\d+$
+ replace: "$1"
+ to: major-minor-version
+
+environment:
+ contents:
+ packages:
+ - busybox
+ - ca-certificates-bundle
+ - go
+ environment:
+ CGO_ENABLED: "0"
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/istio/istio
+ tag: ${{package.version}}
+ expected-commit: 8825a6b7f8c9a2d66005a5f8b64e98aaee0dda99
+
+subpackages:
+ - name: istio-cni-${{vars.major-minor-version}}
+ pipeline:
+ - uses: go/build
+ with:
+ packages: ./cni/cmd/istio-cni
+ output: istio-cni
+ - uses: strip
+ dependencies:
+ provides:
+ - istio-cni=${{package.full-version}}
+
+ - name: istio-cni-${{vars.major-minor-version}}-compat
+ pipeline:
+ - runs: |
+ # See https://github.com/istio/istio/blob/1.20.2/cni/deployments/kubernetes/Dockerfile.install-cni
+ mkdir -p ${{targets.subpkgdir}}/opt/cni/bin
+ ln -sf /usr/bin/istio-cni ${{targets.subpkgdir}}/opt/cni/bin/istio-cni
+ dependencies:
+ provides:
+ - istio-cni-compat=${{package.full-version}}
+
+ - name: istio-install-cni-${{vars.major-minor-version}}
+ pipeline:
+ - uses: go/build
+ with:
+ packages: ./cni/cmd/install-cni
+ output: install-cni
+ - uses: strip
+ dependencies:
+ provides:
+ - istio-install-cni=${{package.full-version}}
+
+ - name: istio-install-cni-${{vars.major-minor-version}}-compat
+ pipeline:
+ - runs: |
+ # See https://github.com/istio/istio/blob/1.20.0/cni/deployments/kubernetes/Dockerfile.install-cni
+ mkdir -p ${{targets.subpkgdir}}/usr/local/bin
+ ln -sf /usr/bin/install-cni ${{targets.subpkgdir}}/usr/local/bin/install-cni
+ dependencies:
+ provides:
+ - istio-install-cni-compat=${{package.full-version}}
+
+ - name: istio-pilot-agent-${{vars.major-minor-version}}
+ pipeline:
+ - uses: go/build
+ with:
+ packages: ./pilot/cmd/pilot-agent
+ output: pilot-agent
+ # Extracted from https://github.com/istio/istio/blob/4358b84b911a80ba09ef36ac00ad85535a77e7ca/common/scripts/report_build_info.sh#L41-L48
+ # Use this instead for buildStatus once our pipeline stops dirtying the git tree: "$(if git diff-index --quiet HEAD --; then echo "Clean"; else echo "Modified"; fi)"
+ ldflags: |
+ -X istio.io/istio/pkg/version.buildVersion=${{package.version}}
+ -X istio.io/istio/pkg/version.buildGitRevision=$(git rev-parse HEAD)
+ -X istio.io/istio/pkg/version.buildTag=$(git describe --tags --always)
+ -X istio.io/istio/pkg/version.buildStatus="Clean"
+ - runs: |
+ mkdir -p ${{targets.subpkgdir}}/var/lib/istio/envoy
+ cp ./tools/packaging/common/envoy_bootstrap.json \
+ ${{targets.subpkgdir}}/var/lib/istio/envoy/envoy_bootstrap_tmpl.json
+
+ - name: istio-pilot-agent-${{vars.major-minor-version}}-compat
+ pipeline:
+ - runs: |
+ # link /usr/local/bin/pilot-agent -> /usr/bin/pilot-agent to match
+ # what the Istio Helm charts may expect.
+ mkdir -p ${{targets.subpkgdir}}/usr/local/bin
+ ln -sf /usr/bin/pilot-agent ${{targets.subpkgdir}}/usr/local/bin/pilot-agent
+ dependencies:
+ provides:
+ - istio-pilot-agent-compat=${{package.full-version}}
+
+ - name: istio-pilot-discovery-${{vars.major-minor-version}}
+ pipeline:
+ - uses: go/build
+ with:
+ packages: ./pilot/cmd/pilot-discovery
+ output: pilot-discovery
+ # Extracted from https://github.com/istio/istio/blob/4358b84b911a80ba09ef36ac00ad85535a77e7ca/common/scripts/report_build_info.sh#L41-L48
+ # Use this instead for buildStatus once our pipeline stops dirtying the git tree: "$(if git diff-index --quiet HEAD --; then echo "Clean"; else echo "Modified"; fi)"
+ ldflags: |
+ -X istio.io/istio/pkg/version.buildVersion=${{package.version}}
+ -X istio.io/istio/pkg/version.buildGitRevision=$(git rev-parse HEAD)
+ -X istio.io/istio/pkg/version.buildTag=$(git describe --tags --always)
+ -X istio.io/istio/pkg/version.buildStatus="Clean"
+ - runs: |
+ mkdir -p ${{targets.subpkgdir}}/var/lib/istio/envoy
+ cp ./tools/packaging/common/envoy_bootstrap.json \
+ ${{targets.subpkgdir}}/var/lib/istio/envoy/envoy_bootstrap_tmpl.json
+
+ - name: istio-pilot-discovery-${{vars.major-minor-version}}-compat
+ pipeline:
+ - runs: |
+ # link /usr/local/bin/pilot-discovery -> /usr/bin/pilot-discovery to match
+ # what the Istio Helm charts may expect.
+ mkdir -p ${{targets.subpkgdir}}/usr/local/bin
+ ln -sf /usr/bin/pilot-discovery ${{targets.subpkgdir}}/usr/local/bin/pilot-discovery
+ dependencies:
+ provides:
+ - istio-discovery-compat=${{package.full-version}}
+
+update:
+ enabled: true
+ ignore-regex-patterns:
+ - '-rc'
+ - '-beta'
+ github:
+ identifier: istio/istio
+ tag-filter-prefix: 1.24.
+ use-tag: true
+
+test:
+ environment:
+ contents:
+ packages:
+ - jq
+ - grep
+ - istio-pilot-agent-${{vars.major-minor-version}}
+ - istio-pilot-discovery-${{vars.major-minor-version}}
+ pipeline:
+ - runs: |
+ # check version/tag/commit are not "unknown" for pilot-discovery
+ pilot-discovery version -o json | jq .clientVersion.version | grep -q ${{package.version}}
+ pilot-discovery version -o json | jq .clientVersion.revision | grep -qv unknown
+ pilot-discovery version -o json | jq .clientVersion.tag | grep -qv unknown
+
+ # check version/tag/commit are not "unknown" for pilot-agent
+ pilot-agent version -o json | jq .clientVersion.version | grep -q ${{package.version}}
+ pilot-agent version -o json | jq .clientVersion.revision | grep -qv unknown
+ pilot-agent version -o json | jq .clientVersion.tag | grep -qv unknown
diff --git a/istio-envoy-1.23.yaml b/istio-envoy-1.24.yaml
similarity index 93%
rename from istio-envoy-1.23.yaml
rename to istio-envoy-1.24.yaml
index 230750e827c..a25be9fe60f 100644
--- a/istio-envoy-1.23.yaml
+++ b/istio-envoy-1.24.yaml
@@ -1,6 +1,6 @@
package:
- name: istio-envoy-1.23
- version: 1.23.2
+ name: istio-envoy-1.24
+ version: 1.24.0
epoch: 0
description: Envoy with additional Istio plugins (wasm, telemetry, etc)
copyright:
@@ -48,7 +48,7 @@ pipeline:
with:
repository: https://github.com/istio/proxy
tag: ${{package.version}}
- expected-commit: 6c72b2179f5a58988b920a55b0be8346de3f7b35
+ expected-commit: 739644f84930a8c0d416319aea97f58c2222f7ef
- runs: |
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk
@@ -83,7 +83,7 @@ update:
- '-beta'
github:
identifier: istio/proxy
- tag-filter-prefix: 1.23.
+ tag-filter-prefix: 1.24.
use-tag: true
test:
diff --git a/istio-envoy-1.23/fix-envoy-sha.patch b/istio-envoy-1.24/fix-envoy-sha.patch
similarity index 100%
rename from istio-envoy-1.23/fix-envoy-sha.patch
rename to istio-envoy-1.24/fix-envoy-sha.patch
diff --git a/jaeger.yaml b/jaeger.yaml
index 83d0a6c15a6..8698f63afbe 100644
--- a/jaeger.yaml
+++ b/jaeger.yaml
@@ -1,7 +1,7 @@
package:
name: jaeger
- version: 1.62.0
- epoch: 3
+ version: 1.63.0
+ epoch: 0
description: Jaeger, a Distributed Tracing Platform
pipeline:
@@ -9,7 +9,7 @@ pipeline:
with:
repository: https://github.com/jaegertracing/jaeger
tag: v${{package.version}}
- expected-commit: 4b7446248e087edffd15508e760e8e5da044f4b4
+ expected-commit: 3f752c2f434fabde20694816c264cfe8b546c575
recurse-submodules: true
environment:
@@ -18,6 +18,7 @@ environment:
- busybox
- ca-certificates-bundle
- nodejs-20
+ - npm
- yarn
data:
diff --git a/jellyfin.yaml b/jellyfin.yaml
index ddc6a8a42ab..d3846446a5c 100644
--- a/jellyfin.yaml
+++ b/jellyfin.yaml
@@ -1,6 +1,6 @@
package:
name: jellyfin
- version: 10.10.1
+ version: 10.10.2
epoch: 0
description: The Free Software Media System
copyright:
@@ -28,11 +28,11 @@ pipeline:
with:
repository: https://github.com/jellyfin/jellyfin
tag: v${{package.version}}
- expected-commit: f6f4cdf9e788ac522ca6d43eac4570c1fa607da4
+ expected-commit: be23f4eb0d94217f6e38a45c9a7343fbfd6886cd
- uses: patch
with:
- patches: GHSA-qrmm-w75w-3wpx.patch
+ patches: GHSA-qrmm-w75w-3wpx.patch match-dotnet-sdk.patch
- runs: |
# Set runtime arch
diff --git a/jellyfin/match-dotnet-sdk.patch b/jellyfin/match-dotnet-sdk.patch
new file mode 100644
index 00000000000..07a3288fc52
--- /dev/null
+++ b/jellyfin/match-dotnet-sdk.patch
@@ -0,0 +1,13 @@
+diff --git a/global.json b/global.json
+index c9b9320..f0a1466 100644
+--- a/global.json
++++ b/global.json
+@@ -1,6 +1,6 @@
+ {
+ "sdk": {
+- "version": "8.0.404",
++ "version": "8.0.111",
+ "rollForward": "latestMinor"
+ }
+ }
+
\ No newline at end of file
diff --git a/jenkins-docker.yaml b/jenkins-docker.yaml
index 15dad253d25..53b82435907 100644
--- a/jenkins-docker.yaml
+++ b/jenkins-docker.yaml
@@ -1,6 +1,6 @@
package:
name: jenkins-docker
- version: "2.483"
+ version: "2.485"
epoch: 0
description: Docker compatbility scripts and tooling for Jenkins
copyright:
@@ -31,7 +31,7 @@ pipeline:
with:
repository: https://github.com/jenkinsci/docker
tag: ${{package.version}}
- expected-commit: 55808b52b4444c10d68c399863461a4506812d31
+ expected-commit: 56d71df39b48f1221dd4130304a24d90c3abcc06
# https://github.com/jenkinsci/docker/blob/master/alpine/hotspot/Dockerfile#L136
- runs: |
diff --git a/jenkins-entrypoint.yaml b/jenkins-entrypoint.yaml
index 62ce1bf8f31..32645851911 100644
--- a/jenkins-entrypoint.yaml
+++ b/jenkins-entrypoint.yaml
@@ -3,7 +3,7 @@
# code, we need to fetch it and be able to auto-update.
package:
name: jenkins-entrypoint
- version: "2.483"
+ version: "2.485"
epoch: 0
description: Fetches the jenkins entrypoint script from upstream docker repository.
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/jenkinsci/docker.git
tag: ${{package.version}}
- expected-commit: 55808b52b4444c10d68c399863461a4506812d31
+ expected-commit: 56d71df39b48f1221dd4130304a24d90c3abcc06
- runs: |
mkdir -p ${{targets.destdir}}/usr/local/bin/
diff --git a/jenkins.yaml b/jenkins.yaml
index cacf69ef23c..0c4fd477bda 100644
--- a/jenkins.yaml
+++ b/jenkins.yaml
@@ -1,6 +1,6 @@
package:
name: jenkins
- version: "2.481"
+ version: "2.485"
epoch: 0
description: Open-source CI/CD application.
copyright:
@@ -44,12 +44,16 @@ pipeline:
with:
repository: https://github.com/jenkinsci/jenkins
tag: jenkins-${{package.version}}
- expected-commit: b21f42837783a0a817b7fc4e355f2cb361c9a084
+ expected-commit: a30309847a598d7d444f10bef744ee4d5c755e12
- uses: patch
with:
patches: ignoreArchiveNotReadableTest.patch
+ - uses: maven/pombump
+
+ - runs: mvn spotless:apply
+
- runs: |
# Use commit timestamp as build date to satisfy Jenkins in-place upgrade functionality (.war file needs to match release date)
export SOURCE_DATE_EPOCH=$(git show -s --format=%ct)
diff --git a/jenkins/pombump-deps.yaml b/jenkins/pombump-deps.yaml
new file mode 100644
index 00000000000..7e239bfe2a1
--- /dev/null
+++ b/jenkins/pombump-deps.yaml
@@ -0,0 +1,4 @@
+patches:
+ - groupId: com.thoughtworks.xstream
+ artifactId: xstream
+ version: 1.4.21
diff --git a/jitsucom-bulker.yaml b/jitsucom-bulker.yaml
index 1dea54eb18d..60a75c70839 100644
--- a/jitsucom-bulker.yaml
+++ b/jitsucom-bulker.yaml
@@ -1,6 +1,6 @@
package:
name: jitsucom-bulker
- version: 2.8.2
+ version: 2.8.3
epoch: 0
description: Service for bulk-loading data to databases with automatic schema management (Redshift, Snowflake, BigQuery, ClickHouse, Postgres, MySQL)
copyright:
@@ -16,7 +16,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 8a48c541626b1a150c9af3594776b1f8363cba8e
+ expected-commit: bd7bcd5eeb4bb88a2a3ce759fc4488b4288c11c6
repository: https://github.com/jitsucom/bulker
tag: jitsu2-v${{package.version}}
diff --git a/jupyterhub-k8s-hub.yaml b/jupyterhub-k8s-hub.yaml
index 4e34bdc45ea..fded37af38c 100644
--- a/jupyterhub-k8s-hub.yaml
+++ b/jupyterhub-k8s-hub.yaml
@@ -1,6 +1,6 @@
package:
name: jupyterhub-k8s-hub
- version: 3.3.8
+ version: 4.0.0
epoch: 0
description: Zero to JupyterHub with Kubernetes
copyright:
@@ -47,7 +47,7 @@ pipeline:
with:
repository: https://github.com/jupyterhub/zero-to-jupyterhub-k8s
tag: ${{package.version}}
- expected-commit: 17a5372be127d4272fd57bc65720ca1fdafef11e
+ expected-commit: 935283fa911b8adf280ca7f70516a304b44a4d36
- runs: |
mkdir -p "${{targets.destdir}}"/etc/jupyterhub
diff --git a/jupyterhub-k8s-network-tools.yaml b/jupyterhub-k8s-network-tools.yaml
index ab4cd8b57ea..6286d375d0a 100644
--- a/jupyterhub-k8s-network-tools.yaml
+++ b/jupyterhub-k8s-network-tools.yaml
@@ -1,7 +1,7 @@
# At the time of writing, the image only contains iptables. We also need the package to take it's versioning from the upstream repo. Essentially this is just a wolfi-base image with iptables, that takes it's versioning from the upstream image repo (Until such times that upstream add additional tool in future)
package:
name: jupyterhub-k8s-network-tools
- version: 3.3.8
+ version: 4.0.0
epoch: 0
description: Network diagnostic tools for use within a JupyterHub Kubernetes cluster
copyright:
diff --git a/k3s.yaml b/k3s.yaml
index ae65c6f5e50..6a8246048ba 100644
--- a/k3s.yaml
+++ b/k3s.yaml
@@ -1,7 +1,7 @@
package:
name: k3s
version: 1.31.2.1
- epoch: 2
+ epoch: 3
description:
copyright:
- license: Apache-2.0
@@ -65,7 +65,7 @@ pipeline:
./scripts/download
- uses: go/bump
with:
- deps: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.54.0 google.golang.org/grpc@v1.67.0
+ deps: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.54.0 google.golang.org/grpc@v1.67.0 github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
sed -i '/VERSION_RUNC=$(get-module-version github.com\/opencontainers\/runc)/a VERSION_RUNC="v1.1.14"' ./scripts/version.sh
diff --git a/k6.yaml b/k6.yaml
index 80579c1c4e3..ef6d3924487 100644
--- a/k6.yaml
+++ b/k6.yaml
@@ -1,6 +1,6 @@
package:
name: k6
- version: 0.54.0
+ version: 0.55.0
epoch: 0
description: A modern load testing tool, using Go and JavaScript
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/grafana/k6
tag: v${{package.version}}
- expected-commit: baba871c8a760352290f0402cd421b79f2a3e948
+ expected-commit: 90bb9415d0724355e93eb276624d25394751d54d
- uses: go/build
with:
diff --git a/k8sgpt.yaml b/k8sgpt.yaml
index 182f48e8b27..a8c2fb5454d 100644
--- a/k8sgpt.yaml
+++ b/k8sgpt.yaml
@@ -1,6 +1,6 @@
package:
name: k8sgpt
- version: 0.3.42
+ version: 0.3.46
epoch: 0
description: Giving Kubernetes Superpowers to everyone
copyright:
@@ -23,7 +23,11 @@ pipeline:
with:
repository: https://github.com/k8sgpt-ai/k8sgpt
tag: v${{package.version}}
- expected-commit: 9d68c470409a693e0cd313a31f1e3f851fc3f607
+ expected-commit: 69fd7c7696a8ee24761360a2d694d910ed0eac15
+
+ - uses: go/bump
+ with:
+ deps: github.com/open-policy-agent/opa@v0.68.0
- runs: |
make tidy
diff --git a/k9s.yaml b/k9s.yaml
index ed36bc449bd..7e0481550b7 100644
--- a/k9s.yaml
+++ b/k9s.yaml
@@ -1,7 +1,7 @@
package:
name: k9s
- version: 0.32.5
- epoch: 6
+ version: 0.32.6
+ epoch: 0
description: Kubernetes CLI To Manage Your Clusters In Style!
copyright:
- license: Apache-2.0
@@ -17,13 +17,13 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 1440643e8d1a101a38d9be1933131ddf5c863940
+ expected-commit: 9984e3f4bfa0b88a4c0ae62cd69b61f80b7ce3c2
repository: https://github.com/derailed/k9s
tag: v${{package.version}}
- uses: go/bump
with:
- deps: github.com/mholt/archiver/v3@v3.5.1 github.com/hashicorp/go-getter@v1.7.5 github.com/docker/docker@v26.1.5
+ deps: github.com/mholt/archiver/v3@v3.5.1
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
- uses: go/build
diff --git a/kafka-proxy.yaml b/kafka-proxy.yaml
index 15a40ce759c..1ce69f81b4c 100644
--- a/kafka-proxy.yaml
+++ b/kafka-proxy.yaml
@@ -1,7 +1,7 @@
package:
name: kafka-proxy
- version: 0.3.11
- epoch: 1
+ version: 0.3.12
+ epoch: 0
description: Allows a service to connect to Kafka brokers without having to deal with SASL/PLAIN authentication and SSL certificates
copyright:
- license: Apache-2.0
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/grepplabs/kafka-proxy
tag: v${{package.version}}
- expected-commit: 71d07615c0e733a5418e245e3fb8b7e117187834
+ expected-commit: f8b1a882aa89cb1615ac6813ed4e49a3043498e4
- uses: go/build
with:
diff --git a/kaniko.yaml b/kaniko.yaml
index 3ccd14536ea..94b767b64a2 100644
--- a/kaniko.yaml
+++ b/kaniko.yaml
@@ -1,7 +1,7 @@
package:
name: kaniko
version: 1.23.2
- epoch: 4
+ epoch: 5
description: Build Container Images In Kubernetes
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/opencontainers/runc@v1.1.12 google.golang.org/grpc@v1.64.1
+ deps: github.com/opencontainers/runc@v1.1.12 google.golang.org/grpc@v1.64.1 github.com/golang-jwt/jwt/v4@v4.5.1
tidy: false
- uses: go/build
diff --git a/karma.yaml b/karma.yaml
new file mode 100644
index 00000000000..772323cf267
--- /dev/null
+++ b/karma.yaml
@@ -0,0 +1,71 @@
+package:
+ name: karma
+ version: "0.120"
+ description: "A dashboard for managing alerts from Alertmanager"
+ epoch: 1
+ copyright:
+ - license: Apache-2.0
+
+environment:
+ contents:
+ packages:
+ - ca-certificates-bundle
+ - nodejs
+ - npm
+ - wolfi-base
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/prymitive/karma.git
+ tag: v${{package.version}}
+ expected-commit: 8009f4aa581980654e5c67b26b41e85d9e7ccce0
+
+ - name: install-npm-dependencies
+ working-directory: ui
+ pipeline:
+ - runs: |
+ mkdir -p node_modules/.bin
+ touch node_modules/.install
+ npm install --package-lock-only
+ npm prune --omit=dev
+ npm ci
+ cat node_modules/bootstrap/scss/_root.scss | sed s/':root {'/'* {'/ > src/Styles/BootstrapRoot.scss
+ npm run build
+
+ - name: Copy build files
+ runs: |
+ cp -r ui/src ./ui/dist ./ui/mock ./ui/embed.go .
+
+ - uses: go/build
+ with:
+ modroot: cmd/${{package.name}}
+ packages: .
+ ldflags: -X main.version=${{package.version}}
+ output: ${{package.name}}
+
+test:
+ environment:
+ contents:
+ packages:
+ - curl
+ pipeline:
+ - name: Run Karma test
+ runs: |
+ karma --version
+ - name: "Check karma health"
+ uses: test/daemon-check-output
+ with:
+ start: "${{package.name}}"
+ timeout: 60
+ expected_output: |
+ Starting HTTP server
+ post: |
+ sleep 3
+ curl -s http://localhost:8080/health | grep "Pong" || exit 1
+
+update:
+ enabled: true
+ github:
+ identifier: prymitive/karma
+ strip-prefix: v
diff --git a/karpenter-1.0.yaml b/karpenter-1.0.yaml
index bc63d536c74..91e6d6001ec 100644
--- a/karpenter-1.0.yaml
+++ b/karpenter-1.0.yaml
@@ -1,6 +1,6 @@
package:
name: karpenter-1.0
- version: 1.0.7
+ version: 1.0.8
epoch: 0
description: Karpenter is a Kubernetes Node Autoscaler built for flexibility, performance, and simplicity.
copyright:
@@ -15,7 +15,7 @@ pipeline:
with:
repository: https://github.com/aws/karpenter-provider-aws
tag: v${{package.version}}
- expected-commit: 901a5dc9d983f0fc4e49ff38b9191d34a5c72992
+ expected-commit: a2875e3f66b4d12b08e0462ee0b027b932f8930d
- uses: go/build
with:
diff --git a/keda-2.15.yaml b/keda-2.15.yaml
index f281f3703bf..238ee8cb5c0 100644
--- a/keda-2.15.yaml
+++ b/keda-2.15.yaml
@@ -1,7 +1,7 @@
package:
name: keda-2.15
version: 2.15.1
- epoch: 3
+ epoch: 4
description: KEDA is a Kubernetes-based Event Driven Autoscaling component. It provides event driven scale for any container running in Kubernetes
copyright:
- license: Apache-2.0
@@ -28,6 +28,14 @@ pipeline:
repository: https://github.com/kedacore/keda
tag: v${{package.version}}
+ - uses: patch
+ with:
+ patches: remove-dgrijalva-jwt-go.patch
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
ARCH=$(go env GOARCH) make build
mkdir -p "${{targets.destdir}}/usr/bin"
diff --git a/keda-2.15/remove-dgrijalva-jwt-go.patch b/keda-2.15/remove-dgrijalva-jwt-go.patch
new file mode 100644
index 00000000000..ebc28c9d21e
--- /dev/null
+++ b/keda-2.15/remove-dgrijalva-jwt-go.patch
@@ -0,0 +1,12 @@
+diff --git a/go.mod b/go.mod
+index b6eff2b66..205bcfab8 100644
+--- a/go.mod
++++ b/go.mod
+@@ -143,7 +143,6 @@ replace (
+ github.com/chzyer/logex => github.com/chzyer/logex v1.2.1
+
+ // https://www.whitesourcesoftware.com/vulnerability-database/CVE-2020-26160
+- github.com/dgrijalva/jwt-go => github.com/golang-jwt/jwt/v4 v4.4.0
+ github.com/golang-jwt/jwt/v4 => github.com/golang-jwt/jwt/v4 v4.5.0
+
+ // opentelemetry cannot update to 1.25.0 according to the dependencies of google.golang.org/grpc
diff --git a/keycloak-operator.yaml b/keycloak-operator.yaml
index d07ccbe6947..acd29d498ff 100644
--- a/keycloak-operator.yaml
+++ b/keycloak-operator.yaml
@@ -1,7 +1,7 @@
package:
name: keycloak-operator
version: 26.0.5
- epoch: 0
+ epoch: 1
description: A Kubernetes Operator based on the Operator SDK for installing and managing Keycloak.
copyright:
- license: Apache-2.0
diff --git a/keycloak-operator/pombump-deps.yaml b/keycloak-operator/pombump-deps.yaml
index a51dbdd6173..54de57e37fc 100644
--- a/keycloak-operator/pombump-deps.yaml
+++ b/keycloak-operator/pombump-deps.yaml
@@ -1,18 +1,18 @@
patches:
- # Fixes CVE-2024-29025
- - groupId: io.netty
- artifactId: netty-codec-http
- version: 4.1.108.Final
- scope: import
- # Fixes CVE-2024-34447
- - groupId: org.bouncycastle
- artifactId: bcprov-jdk18on
- version: 1.78
- scope: import
- type: jar
- # Fixes CVE-2024-29857, CVE-2024-30172 and CVE-2024-30171
- - groupId: org.bouncycastle
- artifactId: bcpkix-jdk18on
- version: 1.78
- scope: import
- type: jar
\ No newline at end of file
+ - groupId: io.netty
+ artifactId: netty-codec-http
+ version: 4.1.108.Final
+ scope: import
+ - groupId: org.bouncycastle
+ artifactId: bcprov-jdk18on
+ version: "1.78"
+ scope: import
+ type: jar
+ - groupId: org.bouncycastle
+ artifactId: bcpkix-jdk18on
+ version: "1.78"
+ scope: import
+ type: jar
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/keycloak.yaml b/keycloak.yaml
index 2bedfce7b36..77a1e0dd0f4 100644
--- a/keycloak.yaml
+++ b/keycloak.yaml
@@ -1,7 +1,7 @@
package:
name: keycloak
version: 26.0.5
- epoch: 0
+ epoch: 1
description: Open Source Identity and Access Management For Modern Applications and Services
copyright:
- license: Apache-2.0
diff --git a/keycloak/pombump-deps.yaml b/keycloak/pombump-deps.yaml
index 336e43646f1..ce63616cb30 100644
--- a/keycloak/pombump-deps.yaml
+++ b/keycloak/pombump-deps.yaml
@@ -1,5 +1,8 @@
patches:
- - groupId: io.netty
- artifactId: netty-codec-http
- version: 4.1.108.Final
- scope: import
+ - groupId: io.netty
+ artifactId: netty-codec-http
+ version: 4.1.108.Final
+ scope: import
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/kiali.yaml b/kiali.yaml
index efd1df3fdaf..99864422740 100644
--- a/kiali.yaml
+++ b/kiali.yaml
@@ -1,6 +1,6 @@
package:
name: kiali
- version: 2.0.0
+ version: 2.1.0
epoch: 0
description: The Console for Istio Service Mesh
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/kiali/kiali
tag: v${{package.version}}
- expected-commit: 1cb221e8ce373ec3a46ffc136258013c97387f21
+ expected-commit: db07c941bcec3312972cd9ce6bf6ad18bb65208a
subpackages:
- name: ${{package.name}}-api
diff --git a/kind.yaml b/kind.yaml
index 29204fd6b91..df93d077704 100644
--- a/kind.yaml
+++ b/kind.yaml
@@ -1,7 +1,7 @@
package:
name: kind
- version: 0.24.0
- epoch: 1
+ version: 0.25.0
+ epoch: 0
description: Kubernetes IN Docker - local clusters for testing Kubernetes
copyright:
- license: Apache-2.0
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/kubernetes-sigs/kind
tag: v${{package.version}}
- expected-commit: 36d544b02f143304f1c22720c0c3cf86372f8ed6
+ expected-commit: 51c0bf796fc215d9b339dbbcec47e22c71d5c999
- uses: go/build
with:
diff --git a/kine.yaml b/kine.yaml
index 06c4449368f..90c7bebab1a 100644
--- a/kine.yaml
+++ b/kine.yaml
@@ -1,6 +1,6 @@
package:
name: kine
- version: 0.13.2
+ version: 0.13.5
epoch: 0
description: Run Kubernetes on MySQL, Postgres, sqlite, dqlite, not etcd.
copyright:
@@ -22,7 +22,7 @@ pipeline:
- uses: git-checkout
with:
destination: kine
- expected-commit: c1b2bd81f697c6b7aec85ea2562bcbcdfb981307
+ expected-commit: 59c88f9b06d47d7f9338dcab688ec03f1ef751fd
repository: https://github.com/k3s-io/kine
tag: v${{package.version}}
diff --git a/ko.yaml b/ko.yaml
index b89e7b0c353..3ef0c43d3a4 100644
--- a/ko.yaml
+++ b/ko.yaml
@@ -1,7 +1,7 @@
package:
name: ko
version: 0.17.1
- epoch: 0
+ epoch: 1
description: Simple, fast container image builder for Go applications.
copyright:
- license: Apache-2.0
@@ -23,6 +23,11 @@ pipeline:
repository: https://github.com/ko-build/ko
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: ko
+
- uses: go/build
with:
ldflags: -X github.com/google/ko/pkg/commands.Version=${{package.version}}
diff --git a/kots.yaml b/kots.yaml
index 98b35b7e5f3..e160edb2c93 100644
--- a/kots.yaml
+++ b/kots.yaml
@@ -1,6 +1,6 @@
package:
name: kots
- version: 1.120.1
+ version: 1.121.0
epoch: 0
description: Kubernetes Off-The-Shelf (KOTS) Software
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/replicatedhq/kots
tag: v${{package.version}}
- expected-commit: 6bb64d109f31b3fbd44d830acd10f94c415a669f
+ expected-commit: 55b35f47fce43faf14bef8afb86d1fc15dcfad68
- runs: |
set -x
diff --git a/kserve-modelmesh.yaml b/kserve-modelmesh.yaml
index 6f43d9a1a8f..bf5f1fe9a44 100644
--- a/kserve-modelmesh.yaml
+++ b/kserve-modelmesh.yaml
@@ -1,7 +1,7 @@
package:
name: kserve-modelmesh
version: 0.12.0
- epoch: 4
+ epoch: 5
description: The ModelMesh framework is a mature, general-purpose model serving management/routing layer designed for high-scale, high-density and frequently-changing model use cases.
dependencies:
runtime:
diff --git a/kserve-modelmesh/pombump-properties.yaml b/kserve-modelmesh/pombump-properties.yaml
new file mode 100644
index 00000000000..c4b01852049
--- /dev/null
+++ b/kserve-modelmesh/pombump-properties.yaml
@@ -0,0 +1,3 @@
+properties:
+ - property: netty-version
+ value: "4.1.115.Final"
diff --git a/kube-bench.yaml b/kube-bench.yaml
index aeeb72ad2b6..622ae8e57e6 100644
--- a/kube-bench.yaml
+++ b/kube-bench.yaml
@@ -1,6 +1,6 @@
package:
name: kube-bench
- version: 0.9.1
+ version: 0.9.2
epoch: 0
description: Checks whether Kubernetes is deployed according to security best practices as defined in the CIS Kubernetes Benchmark
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/aquasecurity/kube-bench
tag: v${{package.version}}
- expected-commit: c5dc28ee6f13e8f7250146ad9adb285588ec79e9
+ expected-commit: 4de7b2095a8bef59f7c9a0ad46dadcb3cfa1724d
- uses: go/build
with:
diff --git a/kube-logging-operator.yaml b/kube-logging-operator.yaml
index 0e95dba8ebf..090a4da2918 100644
--- a/kube-logging-operator.yaml
+++ b/kube-logging-operator.yaml
@@ -1,6 +1,6 @@
package:
name: kube-logging-operator
- version: 4.10.0
+ version: 4.11.0
epoch: 0
description: Logging operator for Kubernetes
copyright:
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/kube-logging/logging-operator
tag: ${{package.version}}
- expected-commit: 3363023673b52399e981ac9284beaa10d4737d3c
+ expected-commit: 6beb08cf60853b62d3cbdb20d286caab8c4bbc83
- runs: |
CGO_ENABLED=0 GO111MODULE=on go build -o bin/manager main.go
diff --git a/kube-state-metrics.yaml b/kube-state-metrics.yaml
index 984a547ebf5..901dc250402 100644
--- a/kube-state-metrics.yaml
+++ b/kube-state-metrics.yaml
@@ -1,7 +1,7 @@
package:
name: kube-state-metrics
- version: 2.13.0
- epoch: 1
+ version: 2.14.0
+ epoch: 0
description: Add-on agent to generate and expose cluster-level metrics.
copyright:
- license: Apache-2.0
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/kubernetes/kube-state-metrics
tag: v${{package.version}}
- expected-commit: 76c5888e3402c946abd6f31876f3aada4c0c84fc
+ expected-commit: e763ea2aa37e7fa507775a8506387aaa95ff17d1
- uses: go/bump
with:
diff --git a/kube-vip.yaml b/kube-vip.yaml
index 278ad687068..347e8952913 100644
--- a/kube-vip.yaml
+++ b/kube-vip.yaml
@@ -1,7 +1,7 @@
package:
name: kube-vip
version: 0.8.6
- epoch: 0
+ epoch: 1
description: Kubernetes Control Plane Virtual IP and Load-Balancer
copyright:
- license: Apache-2.0
@@ -13,7 +13,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: dd06c3fb82bcc14dd876465e3b2ac4098f9d9ec6
+ expected-commit: e4b0b2a71f4459d686d31132624076e740c02708
repository: https://github.com/kube-vip/kube-vip
tag: v${{package.version}}
diff --git a/kubeadm-bootstrap-controller.yaml b/kubeadm-bootstrap-controller.yaml
index e2c774d0716..c2b6226786c 100644
--- a/kubeadm-bootstrap-controller.yaml
+++ b/kubeadm-bootstrap-controller.yaml
@@ -1,6 +1,6 @@
package:
name: kubeadm-bootstrap-controller
- version: 1.8.4
+ version: 1.8.5
epoch: 0
description: Cluster API kubeadm bootstrap controller
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3cce0d973682f11ab0f0ba1c2522eba66dac2d91
+ expected-commit: 09f2f6b1758bb4e6eb88122209717b2525469258
repository: https://github.com/kubernetes-sigs/cluster-api
tag: v${{package.version}}
@@ -37,3 +37,17 @@ update:
strip-prefix: v
tag-filter: v
use-tag: true
+
+test:
+ pipeline:
+ - runs: |
+ OUTPUT=$(kubeadm-bootstrap-controller --help 2>&1 || true)
+ # Display the output
+ echo "$OUTPUT"
+ # Check if the output contains the expected help message
+ if echo "$OUTPUT" | grep -q "Usage of kubeadm-bootstrap-controller:"; then
+ echo "Help flag output detected as expected."
+ else
+ echo "Help flag did not produce the expected output."
+ exit 1
+ fi
diff --git a/kubeadm-controlplane-controller.yaml b/kubeadm-controlplane-controller.yaml
index 4fc6f33e511..320f1b7aed9 100644
--- a/kubeadm-controlplane-controller.yaml
+++ b/kubeadm-controlplane-controller.yaml
@@ -1,6 +1,6 @@
package:
name: kubeadm-controlplane-controller
- version: 1.8.4
+ version: 1.8.5
epoch: 0
description: Cluster API kubeadm controlplane controller
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 3cce0d973682f11ab0f0ba1c2522eba66dac2d91
+ expected-commit: 09f2f6b1758bb4e6eb88122209717b2525469258
repository: https://github.com/kubernetes-sigs/cluster-api
tag: v${{package.version}}
@@ -37,3 +37,19 @@ update:
strip-prefix: v
tag-filter: v
use-tag: true
+
+test:
+ pipeline:
+ - runs: |
+ OUTPUT=$(kubeadm-controlplane-controller --help 2>&1 || true)
+
+ # Display the output
+ echo "$OUTPUT"
+
+ # Check if the output contains the expected help message
+ if echo "$OUTPUT" | grep -q "Usage of kubeadm-controlplane-controller:"; then
+ echo "Help flag output detected as expected."
+ else
+ echo "Help flag did not produce the expected output."
+ exit 1
+ fi
diff --git a/kubebuilder.yaml b/kubebuilder.yaml
index 8aa80f3ed5b..7e1a1548d58 100644
--- a/kubebuilder.yaml
+++ b/kubebuilder.yaml
@@ -1,6 +1,6 @@
package:
name: kubebuilder
- version: 4.3.0
+ version: 4.3.1
epoch: 0
description: SDK for building Kubernetes APIs using CRDs
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/kubernetes-sigs/kubebuilder
tag: v${{package.version}}
- expected-commit: eae8b2182a65df49eb04ed63d6c45043b454905c
+ expected-commit: a9ee3909f7686902879bd666b92deec4718d92c9
- uses: go/build
with:
diff --git a/kubeflow-katib.yaml b/kubeflow-katib.yaml
index f9fe786b20e..4ed2f3e5924 100644
--- a/kubeflow-katib.yaml
+++ b/kubeflow-katib.yaml
@@ -1,6 +1,6 @@
package:
name: kubeflow-katib
- epoch: 5
+ epoch: 6
version: 0.17.0
description: Kubeflow Katib services
copyright:
@@ -35,6 +35,10 @@ pipeline:
expected-commit: 5723604d419c5ba5bf01240b7be5ebf55aaee0bc
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: patch
with:
patches: bump_requirements.patch
diff --git a/kubernetes-1.31.yaml b/kubernetes-1.31.yaml
index a4e3df22bca..3b358466183 100644
--- a/kubernetes-1.31.yaml
+++ b/kubernetes-1.31.yaml
@@ -1,7 +1,7 @@
package:
name: kubernetes-1.31
version: 1.31.2
- epoch: 1
+ epoch: 2
description: Production-Grade Container Scheduling and Management
copyright:
- license: Apache-2.0
@@ -90,6 +90,23 @@ subpackages:
mkdir -p "${{targets.subpkgdir}}"/usr/share/bash-completion/completions
_output/bin/kubectl completion bash > "${{targets.subpkgdir}}"/usr/share/bash-completion/completions/kubectl-${{vars.kubernetes-version}}
+ - name: kubectl-${{vars.kubernetes-version}}-bitnami-compat
+ description: "compat package with bitnami/kubectl image"
+ dependencies:
+ provides:
+ - kubectl-bitnami-compat=${{package.full-version}}
+ runtime:
+ - bash
+ - busybox
+ - coreutils
+ - yq
+ pipeline:
+ - runs: |
+ mkdir -p "${{targets.subpkgdir}}/opt/bitnami/kubectl/bin"
+ ln -s /usr/bin/kubectl "${{targets.subpkgdir}}/opt/bitnami/kubectl/bin/kubectl"
+ mkdir -p "${{targets.subpkgdir}}/opt/bitnami/common/bin"
+ ln -s /usr/bin/yq "${{targets.subpkgdir}}/opt/bitnami/common/bin/yq"
+
- name: kubeadm-${{vars.kubernetes-version}}
description: A tool for quickly installing Kubernetes and setting up a secure cluster
dependencies:
diff --git a/kubernetes-dashboard-auth.yaml b/kubernetes-dashboard-auth.yaml
index eb63277ef0e..b4b4b777bed 100644
--- a/kubernetes-dashboard-auth.yaml
+++ b/kubernetes-dashboard-auth.yaml
@@ -1,7 +1,7 @@
package:
name: kubernetes-dashboard-auth
version: 1.2.2
- epoch: 0
+ epoch: 1
description: Stateless Go module, which could be referred to as a Kubernetes API extension
copyright:
- license: Apache-2.0
@@ -13,6 +13,11 @@ pipeline:
tag: auth/v${{package.version}}
expected-commit: 8c15a76aec0489f63ab841e4aaf09391d2e68912
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: ./modules/auth
+
- uses: go/build
with:
packages: .
diff --git a/kubernetes-ingress-defaultbackend.yaml b/kubernetes-ingress-defaultbackend.yaml
index 3248943cca3..478d11b5720 100644
--- a/kubernetes-ingress-defaultbackend.yaml
+++ b/kubernetes-ingress-defaultbackend.yaml
@@ -1,6 +1,6 @@
package:
name: kubernetes-ingress-defaultbackend
- version: 1.31.7
+ version: 1.32.0
epoch: 0
description: 'A simple web server that respond 404 common used in kubernetes ingress, serve pages 404 at root and 200 at /healthz'
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/kubernetes/ingress-gce
tag: v${{package.version}}
- expected-commit: 2db0459b19b9942306ec3223e8dcfdbbd0f31612
+ expected-commit: d712709781a63da1c8352c070cb6b4bb08835973
- uses: go/build
with:
diff --git a/kubernetes-replicator.yaml b/kubernetes-replicator.yaml
index 0e1435391ff..c3c56d79402 100644
--- a/kubernetes-replicator.yaml
+++ b/kubernetes-replicator.yaml
@@ -1,6 +1,6 @@
package:
name: kubernetes-replicator
- version: 2.10.2
+ version: 2.11.0
epoch: 0
description: Kubernetes controller for synchronizing secrets & config maps across namespaces
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/mittwald/kubernetes-replicator
tag: v${{package.version}}
- expected-commit: 8f4de965a57b974b446fae30048269894fd4ff3d
+ expected-commit: 0861231b9fcb2fd3c506f0e84384004d0238c6a4
- uses: go/build
with:
diff --git a/kubescape.yaml b/kubescape.yaml
index 17ae29c1453..1e1d83d72e4 100644
--- a/kubescape.yaml
+++ b/kubescape.yaml
@@ -1,7 +1,7 @@
package:
name: kubescape
version: 3.0.18
- epoch: 0
+ epoch: 1
description: Kubescape is an open-source Kubernetes security platform for your IDE, CI/CD pipelines, and clusters. It includes risk analysis, security, compliance, and misconfiguration scanning, saving Kubernetes users and administrators precious time, effort, and resources.
copyright:
- license: Apache-2.0 AND MIT
@@ -27,7 +27,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/mholt/archiver/v3@v3.5.1
+ deps: github.com/mholt/archiver/v3@v3.5.1 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
- runs: |
diff --git a/kuma-2.9.yaml b/kuma-2.9.yaml
index 579600a5b75..17b47485a12 100644
--- a/kuma-2.9.yaml
+++ b/kuma-2.9.yaml
@@ -1,6 +1,6 @@
package:
name: kuma-2.9
- version: 2.9.0
+ version: 2.9.1
epoch: 0
description: A multi-zone service mesh for containers, Kubernetes and VMs.
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/kumahq/kuma
tag: ${{package.version}}
- expected-commit: 948e6a4391632607148f4dcdf7e9adce422a8075
+ expected-commit: 1bd34064068f8913b765589f927998780b7e72d8
- uses: patch
with:
diff --git a/kyverno-1.12.yaml b/kyverno-1.13.yaml
similarity index 81%
rename from kyverno-1.12.yaml
rename to kyverno-1.13.yaml
index 264b0995efc..02c21f6fcda 100644
--- a/kyverno-1.12.yaml
+++ b/kyverno-1.13.yaml
@@ -1,6 +1,6 @@
package:
- name: kyverno-1.12
- version: 1.12.6
+ name: kyverno-1.13
+ version: 1.13.1
epoch: 0
description: Kubernetes Native Policy Management
copyright:
@@ -11,6 +11,12 @@ package:
provides:
- kyverno=${{package.full-version}}
+var-transforms:
+ - from: ${{package.name}}
+ match: '.*-(\d+\.\d+).*'
+ replace: '$1'
+ to: major-minor-version
+
environment:
contents:
packages:
@@ -24,13 +30,13 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: bf047e463beba8fc124793112e9fb92895cac1a2
+ expected-commit: 1c6c488e1064ca55ef2b4bcadc83c4184cbd2969
repository: https://github.com/kyverno/kyverno
tag: v${{package.version}}
- uses: go/bump
with:
- deps: golang.org/x/net@v0.23.0 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.55.0 go.opentelemetry.io/otel@v1.30.0 go.opentelemetry.io/otel/exporters/otlp/otlpmetric/otlpmetricgrpc@v1.30.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace@v1.30.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc@v1.30.0 go.opentelemetry.io/otel/exporters/prometheus@v0.52.0 go.opentelemetry.io/otel/metric@v1.30.0 go.opentelemetry.io/otel/sdk@v1.30.0 go.opentelemetry.io/otel/sdk/metric@v1.30.0 go.opentelemetry.io/otel/trace@v1.30.0 github.com/open-policy-agent/opa@v0.68.0
+ deps: github.com/open-policy-agent/opa@v0.68.0 github.com/golang-jwt/jwt/v4@v4.5.1
- uses: patch
# This patch (ideally) can be removed when a new release is cut by the kyverno maintainers.
@@ -45,7 +51,7 @@ pipeline:
- uses: strip
subpackages:
- - name: kyverno-init-container-1.12
+ - name: kyverno-init-container-${{vars.major-minor-version}}
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/bin
@@ -58,7 +64,7 @@ subpackages:
- runs: |
kyvernopre --help
- - name: kyverno-reports-controller-1.12
+ - name: kyverno-reports-controller-${{vars.major-minor-version}}
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/bin
@@ -71,7 +77,7 @@ subpackages:
- runs: |
reports-controller --help
- - name: kyverno-background-controller-1.12
+ - name: kyverno-background-controller-${{vars.major-minor-version}}
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/bin
@@ -84,7 +90,7 @@ subpackages:
- runs: |
background-controller --help
- - name: kyverno-cleanup-controller-1.12
+ - name: kyverno-cleanup-controller-${{vars.major-minor-version}}
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/bin
@@ -97,7 +103,7 @@ subpackages:
- runs: |
cleanup-controller --help
- - name: kyverno-cli-1.12
+ - name: kyverno-cli-${{vars.major-minor-version}}
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/bin
@@ -119,7 +125,7 @@ update:
github:
identifier: kyverno/kyverno
strip-prefix: v
- tag-filter: v1.12.
+ tag-filter: v1.13.
test:
environment:
diff --git a/kyverno-1.12/update-otel-semconv-to-1.26.0.patch b/kyverno-1.13/update-otel-semconv-to-1.26.0.patch
similarity index 100%
rename from kyverno-1.12/update-otel-semconv-to-1.26.0.patch
rename to kyverno-1.13/update-otel-semconv-to-1.26.0.patch
diff --git a/lcov.yaml b/lcov.yaml
index 97e0602b0c8..2be7328a9d7 100644
--- a/lcov.yaml
+++ b/lcov.yaml
@@ -1,7 +1,7 @@
package:
name: lcov
- version: "2.1"
- epoch: 1
+ version: "2.2"
+ epoch: 0
description: LCOV is an extension to GCOV. It provides a graphical frontend for converage information
copyright:
- license: GPL-2.0-or-later
@@ -39,7 +39,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 4d01d9f551a3f0e868ce84742fb60aac4407e3fc1622635a07e29d70e38f1faf
+ expected-sha256: caf5be723aa9ffe7bb7b0e52be7155e8953949fbf96586d088ebf3de6a9db0d0
uri: https://github.com/linux-test-project/lcov/releases/download/v${{package.version}}/lcov-${{package.version}}.tar.gz
- runs: |
diff --git a/lean4.yaml b/lean4.yaml
index 51bccd5413d..4190f1a7692 100644
--- a/lean4.yaml
+++ b/lean4.yaml
@@ -1,13 +1,16 @@
package:
name: lean4
version: 4.13.0
- epoch: 0
+ epoch: 1
description: "Secure Reliable Transport (SRT)"
copyright:
- license: Apache-2.0
resources:
cpu: 16
memory: 16Gi
+ dependencies:
+ runtime:
+ - openssf-compiler-options # this package picks up our wrapper
environment:
contents:
@@ -19,6 +22,7 @@ environment:
- cmake
- gmp-dev
- libuv-dev
+ - openssf-compiler-options
- wolfi-base
pipeline:
diff --git a/less.yaml b/less.yaml
index f4e2be57bd2..6cd02020f5b 100644
--- a/less.yaml
+++ b/less.yaml
@@ -1,8 +1,8 @@
# Generated from https://git.alpinelinux.org/aports/plain/main/less/APKBUILD
package:
name: less
- version: "668"
- epoch: 1
+ version: "670"
+ epoch: 0
description: File pager
copyright:
- license: GPL-3.0-or-later OR BSD-2-Clause
@@ -22,7 +22,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: e77e1176c80cca989694818866ae6cd7e7707161
+ expected-commit: adc077fa2bc607900484ed159983e95cb79e1ea4
repository: https://github.com/gwsw/less
tag: v${{package.version}}
diff --git a/libcap-ng.yaml b/libcap-ng.yaml
index 11c642df4d9..aa508e62822 100644
--- a/libcap-ng.yaml
+++ b/libcap-ng.yaml
@@ -1,7 +1,7 @@
package:
name: libcap-ng
version: 0.8.5
- epoch: 1
+ epoch: 2
description: POSIX capabilities library
copyright:
- license: GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -15,6 +15,7 @@ environment:
- busybox
- ca-certificates-bundle
- libtool
+ - openssf-compiler-options
pipeline:
- uses: git-checkout
diff --git a/libglfw.yaml b/libglfw.yaml
new file mode 100644
index 00000000000..27ecf42fb4f
--- /dev/null
+++ b/libglfw.yaml
@@ -0,0 +1,66 @@
+package:
+ name: libglfw
+ version: 3.4
+ epoch: 0
+ description: A multi-platform library for OpenGL, OpenGL ES, Vulkan, window and input
+ copyright:
+ - license: Zlib
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - cmake
+ - doxygen
+ - libglvnd-dev
+ - libx11-dev
+ - libxcursor-dev
+ - libxi-dev
+ - libxinerama-dev
+ - libxrandr-dev
+ - libxrender-dev
+ - pkgconf
+ - pkgconf-dev
+ - xorg-server-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/glfw/glfw
+ tag: ${{package.version}}
+ expected-commit: 7b6aead9fb88b3623e3b3725ebb42670cbe4c579
+
+ - uses: cmake/configure
+ with:
+ opts: |
+ -DGLFW_BUILD_WAYLAND=0 -DGLFW_LIBRARY_TYPE=SHARED
+
+ - uses: cmake/build
+
+ - uses: cmake/install
+
+ - uses: strip
+
+subpackages:
+ - name: "libglfw-doc"
+ description: "libglfw documentation"
+ pipeline:
+ - uses: split/manpages
+ - uses: split/infodir
+ - runs: |
+ mkdir -p "${{targets.subpkgdir}}"/usr/share/doc
+ mv "${{targets.destdir}}"/usr/share/doc/GLFW "${{targets.subpkgdir}}"/usr/share/doc/
+
+ - name: "libglfw-dev"
+ description: "glfw development headers"
+ pipeline:
+ - uses: split/dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
+
+update:
+ enabled: true
+ github:
+ identifier: glfw/glfw
diff --git a/libgpg-error.yaml b/libgpg-error.yaml
index 5d42e57882d..9f9aa425fd0 100644
--- a/libgpg-error.yaml
+++ b/libgpg-error.yaml
@@ -1,7 +1,7 @@
package:
name: libgpg-error
version: "1.50"
- epoch: 3
+ epoch: 0
description: Support library for libgcrypt
copyright:
- license: GPL-2.0-or-later AND LGPL-2.1-or-later
@@ -21,7 +21,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- repository: git://git.gnupg.org/libgpg-error.git
+ repository: https://github.com/gpg/libgpg-error.git
tag: libgpg-error-${{package.version}}
expected-commit: bb732615daad9bba9026354ae90f0f5292ea4908
@@ -64,8 +64,11 @@ subpackages:
update:
enabled: true
- release-monitor:
- identifier: 1628
+ github:
+ use-tag: true
+ identifier: gpg/libgpg-error
+ strip-prefix: libgpg-error-
+ tag-filter: libgpg-error-
test:
pipeline:
diff --git a/libmamba.yaml b/libmamba.yaml
index c0fe081f5f0..f26a15ce7fe 100644
--- a/libmamba.yaml
+++ b/libmamba.yaml
@@ -1,7 +1,7 @@
package:
name: libmamba
- version: 2024.08.31
- epoch: 1
+ version: 2024.10.02
+ epoch: 0
description: Cross-Platform Package Manager
copyright:
- license: BSD-3-Clause
@@ -25,8 +25,10 @@ environment:
- nlohmann-json
- openssf-compiler-options
- openssl-dev
+ - py3-distro
- py3-pip
- py3-pybind11-dev
+ - py3-scikit-build
- py3-wheel
- python3-dev
- reproc
@@ -38,15 +40,19 @@ environment:
- yaml-cpp-dev
- zstd-dev
- zstd-static
+ environment:
+ CXXFLAGS: "-fPIC"
pipeline:
- uses: git-checkout
with:
- expected-commit: 25cdc05ae56f96734d3e1b3cbd104405dedbddcd
+ expected-commit: 31b23473e059b47c03b065e5592ea5a7cf77fc9b
repository: https://github.com/mamba-org/mamba
tag: ${{package.version}}
- cherry-picks: |
- pull/3386/head/c1fabca58d05ac192466420659abd922b4481012: Backport fmt 11 support from main
+
+ - uses: patch
+ with:
+ patches: support-shared-libs.patch
- uses: cmake/configure
with:
@@ -71,10 +77,9 @@ subpackages:
- libmamba
pipeline:
- runs: |
- python -m pip install --root=${{targets.subpkgdir}} --no-deps --no-build-isolation --ignore-installed ./libmambapy/
- PYVER=$(python --version | awk '{print $2}' | awk -F. '{print $1"."$2}')
- mkdir -p "${{targets.subpkgdir}}"/usr/lib/python${PYVER}/site-packages/libmambapy
- mv ${{targets.destdir}}/home/build/libmambapy/libmambapy/bindings.*.so "${{targets.subpkgdir}}"/usr/lib/python${PYVER}/site-packages/libmambapy/
+ CMAKE_PREFIX_PATH=${{targets.subpkgdir}}/usr \
+ libmamba_DIR=${{targets.destdir}}/usr/lib/cmake/libmamba \
+ python -m pip install --root=${{targets.subpkgdir}} --no-deps --no-build-isolation --ignore-installed ./libmambapy/
- name: libmamba-dev
pipeline:
diff --git a/libmamba/support-shared-libs.patch b/libmamba/support-shared-libs.patch
new file mode 100644
index 00000000000..69129116193
--- /dev/null
+++ b/libmamba/support-shared-libs.patch
@@ -0,0 +1,199 @@
+diff --git a/libmamba/CMakeLists.txt b/libmamba/CMakeLists.txt
+index 16716339..72dcfd1f 100644
+--- a/libmamba/CMakeLists.txt
++++ b/libmamba/CMakeLists.txt
+@@ -445,171 +445,29 @@ macro(libmamba_create_target target_name linkage output_name)
+ SPDLOG_FMT_EXTERNAL "SPDLOG_ACTIVE_LEVEL=SPDLOG_LEVEL_${BUILD_LOG_LEVEL}"
+ )
+
+- if(${linkage_upper} STREQUAL "STATIC")
+- message(" -> Statically linking against libmamba (static) dependencies")
+-
+- mamba_target_check_type(yaml-cpp::yaml-cpp STATIC_LIBRARY FATAL_ERROR)
+- mamba_target_check_type(reproc STATIC_LIBRARY FATAL_ERROR)
+- mamba_target_check_type(reproc++ STATIC_LIBRARY FATAL_ERROR)
+-
+- target_link_libraries(
+- ${target_name}
+- PUBLIC fmt::fmt-header-only spdlog::spdlog_header_only yaml-cpp::yaml-cpp
+- PRIVATE
+- reproc
+- reproc++
+- simdjson::simdjson_static
+- solv::libsolv_static
+- solv::libsolvext_static
+- solv::cpp
+- )
+-
+- if(UNIX)
+-
+- set(
+- REQUIRED_STATIC_DEPS
+- libcurl.a
+- libssh2.a
+- libgssapi_krb5.a
+- libkrb5.a
+- libk5crypto.a
+- libkrb5support.a
+- libcom_err.a
+- libssl.a
+- libcrypto.a
+- libarchive.a
+- libiconv.a
+- libbz2.a
+- liblz4.a
+- libzstd.a
+- libz.a
+- liblzma.a
+- libnghttp2.a
+- )
+- if(APPLE)
+- set(REQUIRED_STATIC_DEPS ${REQUIRED_STATIC_DEPS} libc++.a)
+- endif()
+-
+- if(UNIX AND NOT APPLE)
+- list(REMOVE_ITEM REQUIRED_STATIC_DEPS libiconv.a)
+- endif()
+-
+- set(STATIC_DEPS "")
+- foreach(LIB ${REQUIRED_STATIC_DEPS})
+- set(TMP_LIB "${LIB}-NOTFOUND")
+- find_library(TMP_LIB NAMES "${LIB}")
+- if(NOT ${TMP_LIB} STREQUAL "TMP_LIB-NOTFOUND")
+- list(APPEND STATIC_DEPS "${TMP_LIB}")
+- else()
+- list(APPEND STATIC_DEPS "${LIB}-NOTFOUND")
+- endif()
+- endforeach(LIB)
+-
+- if(APPLE)
+- find_library(SECURITY_LIBRARY Security)
+- find_library(SYSTEMCONFIGURATION_LIBRARY SystemConfiguration)
+- find_library(COREFOUNDATION_LIBRARY CoreFoundation)
+- message("Found library: ${SECURITY_LIBRARY}\n${COREFOUNDATION_LIBRARY}")
+- list(
+- APPEND
+- STATIC_DEPS
+- ${COREFOUNDATION_LIBRARY}
+- ${SECURITY_LIBRARY}
+- ${SYSTEMCONFIGURATION_LIBRARY}
+- )
+- endif()
+-
+- message(" -> Found static dependencies:")
+- foreach(LIB ${STATIC_DEPS})
+- message(" - ${LIB}")
+- endforeach(LIB)
+-
+- if(APPLE)
+- set(MAMBA_FORCE_DYNAMIC_LIBS resolv c++abi)
+- target_link_options(${target_name} PRIVATE -nostdlib++)
+- elseif(UNIX)
+- set(MAMBA_FORCE_DYNAMIC_LIBS rt dl resolv)
+- target_link_options(${target_name} PUBLIC -static-libstdc++ -static-libgcc)
+- endif()
+-
+- target_link_libraries(${target_name} PUBLIC ${STATIC_DEPS} ${MAMBA_FORCE_DYNAMIC_LIBS})
+-
+- elseif(WIN32)
+-
+- set(CMAKE_PREFIX_PATH "$ENV{VCPKG_ROOT}/installed/x64-windows-static-md/")
+-
+- # For Windows we have a vcpkg based build system right now.
+- find_package(LibArchive REQUIRED)
+- find_package(CURL CONFIG REQUIRED)
+- find_library(LIBLZMA_LIBRARIES lzma REQUIRED)
+- find_library(LZ4_LIBRARY NAMES lz4)
+- find_library(LZO2_LIBRARY NAMES lzo2)
+- find_package(zstd CONFIG REQUIRED)
+- find_library(BZIP2_LIBRARIES NAMES bz2)
+- find_library(CRYPTO_LIBRARIES NAMES libcrypto)
+-
+- find_library(LIBXML2_LIBRARY NAMES libxml2)
+- find_library(ICONV_LIBRARY NAMES libiconv iconv)
+- find_library(CHARSET_LIBRARY NAMES libcharset charset)
+- message("Found: ${LIBXML2_LIBRARY} ${ICONV_LIBRARY} ${CHARSET_LIBRARY}")
+-
+- target_link_libraries(
+- ${target_name}
+- PUBLIC
+- ${CRYPTO_LIBRARIES}
+- ${LibArchive_LIBRARY}
+- ${LIBXML2_LIBRARY}
+- ${ICONV_LIBRARY}
+- ${CHARSET_LIBRARY}
+- zstd::libzstd_static
+- ${LZ4_LIBRARY}
+- ${LZO2_LIBRARY}
+- ${BZIP2_LIBRARIES}
+- ${LIBLZMA_LIBRARIES}
+- CURL::libcurl
+- ${sodium_LIBRARY_RELEASE}
+- )
+-
+- add_compile_definitions(LIBARCHIVE_STATIC CURL_STATICLIB)
+- include_directories($ENV{CONDA_PREFIX}/Library/include/)
+- include_directories($ENV{VCPKG_ROOT}/installed/x64-windows-static-md/include/)
+- endif()
+- else()
+- message(" -> Dynamically linking against libmamba (shared) dependencies")
+-
+- mamba_target_check_type(yaml-cpp::yaml-cpp SHARED_LIBRARY WARNING)
+-
+- find_package(CURL REQUIRED)
+- find_package(LibArchive REQUIRED)
+- find_package(zstd REQUIRED)
+- find_package(BZip2 REQUIRED)
+- find_package(OpenSSL REQUIRED)
+-
+- target_link_libraries(
+- ${target_name}
+- PUBLIC
+- ${LIBSOLV_LIBRARIES}
+- ${LIBSOLVEXT_LIBRARIES}
+- yaml-cpp::yaml-cpp
+- fmt::fmt
+- # Since conda-forge spdlog is built with a bundled version of fmt we use the header
+- # only version to avoid chasing after the correct fmt version matching the one used
+- # in the bundle
+- spdlog::spdlog_header_only
+- PRIVATE
+- ${LibArchive_LIBRARIES}
+- ${CURL_LIBRARIES}
+- ${OPENSSL_LIBRARIES}
+- BZip2::BZip2
+- reproc
+- reproc++
+- simdjson::simdjson
+- zstd::libzstd_shared
+- solv::libsolv
+- solv::libsolvext
+- solv::cpp
+- )
+- endif()
++ message(" -> Using shared libraries for libmamba dependencies")
++ find_package(CURL REQUIRED)
++ find_package(LibArchive REQUIRED)
++ find_package(zstd REQUIRED)
++ find_package(BZip2 REQUIRED)
++ find_package(OpenSSL REQUIRED)
++
++ target_link_libraries(
++ ${target_name}
++ PUBLIC ${LIBSOLV_LIBRARIES} ${LIBSOLVEXT_LIBRARIES} yaml-cpp::yaml-cpp fmt::fmt spdlog::spdlog_header_only
++ PRIVATE
++ ${LibArchive_LIBRARIES}
++ ${CURL_LIBRARIES}
++ ${OPENSSL_LIBRARIES}
++ BZip2::BZip2
++ reproc
++ reproc++
++ simdjson::simdjson
++ zstd::libzstd_shared
++ solv::libsolv
++ solv::libsolvext
++ solv::cpp
++ )
+
+ if(WIN32)
+ find_path(
diff --git a/libnvidia-container.yaml b/libnvidia-container.yaml
index 48e592d9e5f..5cb817009e7 100644
--- a/libnvidia-container.yaml
+++ b/libnvidia-container.yaml
@@ -1,7 +1,7 @@
package:
name: libnvidia-container
- version: 1.17.0
- epoch: 1
+ version: 1.17.2
+ epoch: 0
description: NVIDIA container runtime library
copyright:
- license: Apache-2.0
diff --git a/libnvme.yaml b/libnvme.yaml
index b9300a9a80d..dfefbb561cc 100644
--- a/libnvme.yaml
+++ b/libnvme.yaml
@@ -1,6 +1,6 @@
package:
name: libnvme
- version: "1.11"
+ version: 1.11.1
epoch: 0
description: C Library for NVM Express on Linux
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 2b3cb1746451f58583408a25857ca897d18cd4ca
+ expected-commit: cec9feaeb03da8046d14bb395f592c601cf2ae5f
repository: https://github.com/linux-nvme/libnvme
tag: v${{package.version}}
diff --git a/librsvg.yaml b/librsvg.yaml
index e44f1937947..9046382ad48 100644
--- a/librsvg.yaml
+++ b/librsvg.yaml
@@ -2,7 +2,7 @@
package:
name: librsvg
version: 2.59.2
- epoch: 0
+ epoch: 1
description: SAX-based renderer for SVG files into a GdkPixbuf
copyright:
- license: LGPL-2.1-or-later
diff --git a/libsdl2-ttf.yaml b/libsdl2-ttf.yaml
new file mode 100644
index 00000000000..223c8d465b8
--- /dev/null
+++ b/libsdl2-ttf.yaml
@@ -0,0 +1,55 @@
+package:
+ name: libsdl2-ttf
+ version: 2.22.0
+ epoch: 0
+ description: A library that allows you to use TrueType fonts in your SDL applications (Version 2)
+ copyright:
+ - license: Zlib
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - freetype-dev
+ - libsdl2-dev
+ - openssf-compiler-options
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/libsdl-org/SDL_ttf
+ tag: release-${{package.version}}
+ expected-commit: 4a318f8dfaa1bb6f10e0c5e54052e25d3c7f3440
+
+ - uses: cmake/configure
+
+ - uses: cmake/build
+
+ - uses: cmake/install
+
+subpackages:
+ - name: ${{package.name}}-dev
+ dependencies:
+ runtime:
+ - libsdl2-ttf
+ pipeline:
+ - uses: split/dev
+
+update:
+ enabled: true
+ github:
+ identifier: libsdl-org/SDL_ttf
+ strip-prefix: release-
+
+test:
+ environment:
+ contents:
+ packages:
+ - ${{package.name}}-dev
+ - pkgconf
+ pipeline:
+ - runs: |
+ set -euo pipefail
+ pkg-config --modversion SDL2_ttf | grep -q "${{package.version}}"
diff --git a/libsolv.yaml b/libsolv.yaml
index 2a03063f45f..e7a2b26a82f 100644
--- a/libsolv.yaml
+++ b/libsolv.yaml
@@ -1,7 +1,7 @@
package:
name: libsolv
- version: 0.7.30
- epoch: 1
+ version: 0.7.31
+ epoch: 0
description: Library for solving packages and reading repositories
copyright:
- license: BSD-3-Clause
@@ -22,7 +22,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/openSUSE/libsolv
- expected-commit: 27aa6a72c7db73d78aa711ae412231768e77c9e0
+ expected-commit: 95aef5cc57d0f51782e55b6903b30ec93afbfa15
tag: ${{package.version}}
- uses: cmake/configure
diff --git a/libspatialindex.yaml b/libspatialindex.yaml
new file mode 100644
index 00000000000..8d16aa2b1b9
--- /dev/null
+++ b/libspatialindex.yaml
@@ -0,0 +1,150 @@
+package:
+ name: libspatialindex
+ version: 2.0.0
+ epoch: 0
+ description: "C++ implementation of R*-tree, an MVR-tree and a TPR-tree with C API"
+ copyright:
+ - license: MIT
+
+environment:
+ contents:
+ packages:
+ - autoconf
+ - automake
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - cmake
+ - openssf-compiler-options
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/libspatialindex/libspatialindex
+ tag: ${{package.version}}
+ expected-commit: 4a3bd449b9f2858d31a4619ba60bae6d1d30b77d
+
+ - uses: cmake/configure
+
+ - uses: cmake/build
+
+ - uses: cmake/install
+
+ - uses: strip
+
+subpackages:
+ - name: libspatialindex-dev
+ pipeline:
+ - uses: split/dev
+
+test:
+ environment:
+ contents:
+ packages:
+ - libspatialindex-dev
+ - build-base
+ pipeline:
+ - name: "Check libspatialindex.h header"
+ runs: |
+ test -f /usr/include/spatialindex/RTree.h
+ - name: "Check libspatialindex.so library"
+ runs: |
+ test -f /usr/lib64/libspatialindex.so.7
+ - name: "Check if libspatialindex can be linked"
+ runs: |
+ # This test was taken from here:
+ # https://raw.githubusercontent.com/libspatialindex/libspatialindex/refs/heads/main/test/geometry/Intersection.cc
+ cat > test.cc << EOF
+ #include
+
+ using namespace SpatialIndex;
+ using namespace std;
+
+ /*
+ * Test the Geometry
+ * Nowhere near complete, but it's something
+ */
+ int main(int /*argc*/, char** /*argv*/) {
+ //define points
+ double c1[2] = {1.0, 0.0};
+ double c2[2] = {3.0, 2.0};
+ double c3[2] = {2.0, 0.0};
+ double c4[2] = {2.0, 4.0};
+ double c5[2] = {1.0, 1.0};
+ double c6[2] = {2.5, 3.0};
+ double c7[2] = {1.0, 2.0};
+ double c8[2] = {0.0, -1.0};
+ double c9[2] = {4.0, 3.0};
+ Point p1 = Point(&c1[0], 2);
+ Point p2 = Point(&c2[0], 2);
+ Point p3 = Point(&c3[0], 2);
+ Point p4 = Point(&c4[0], 2);
+ Point p5 = Point(&c5[0], 2);
+ Point p6 = Point(&c6[0], 2);
+ Point p7 = Point(&c7[0], 2);
+ Point p8 = Point(&c8[0], 2);
+ Point p9 = Point(&c9[0], 2);
+
+ double c3a[2] = {2.0, 3.0};
+ Point p3a = Point(&c3a[0], 2);
+
+ //Now Test LineSegment intersection
+ LineSegment ls1 = LineSegment(p1, p2);
+ LineSegment ls2 = LineSegment(p3, p4);
+ LineSegment ls3 = LineSegment(p3a, p4);
+
+ if (!ls1.intersectsShape(ls2)) {
+ cerr << "Test failed: intersectsShape returned false, but should be true." << endl;
+ cerr << ls1 << ", " << ls2 << endl;
+ return -1;
+ }
+
+ if (ls1.intersectsShape(ls3)) {
+ cerr << "Test failed: intersectsShape returned true, but should be false." << endl;
+ cerr << ls1 << ", " << ls3 << endl;
+ return -1;
+ }
+
+ //Now LineSegment Region intersection
+ Region r1 = Region(p5, p6);
+ Region r2 = Region(p7, p6);
+ Region r3 = Region(p8, p9);
+
+ if (!r1.intersectsShape(ls1) || !ls1.intersectsShape(r1)) {
+ cerr << "Test failed: intersectsShape returned false, but should be true." << endl;
+ cerr << r1 << ", " << ls1 << endl;
+ return -1;
+ }
+
+ if (r2.intersectsShape(ls1) || ls1.intersectsShape(r2)) {
+ cerr << "Test failed: intersectsShape returned true, but should be false." << endl;
+ cerr << r2 << ", " << ls1 << endl;
+ return -1;
+ }
+
+ // This is the contains test
+ if (!r3.intersectsShape(ls1) || !ls1.intersectsShape(r3)) {
+ cerr << "Test failed: intersectsShape returned false, but should be true." << endl;
+ cerr << r3 << ", " << ls1 << endl;
+ return -1;
+ }
+
+ return 0;
+ }
+
+ EOF
+
+ # Compile user space program
+ g++ -o test_prog test.cc -lspatialindex
+
+ # Run the program to check if it can open the BPF object
+ ./test_prog
+ - name: "Check pkg-config"
+ runs: |
+ pkg-config --exists libspatialindex
+ pkg-config --modversion libspatialindex
+
+update:
+ enabled: true
+ github:
+ identifier: libspatialindex/libspatialindex
diff --git a/libsrt.yaml b/libsrt.yaml
index 8a0514e2043..cd39d96070b 100644
--- a/libsrt.yaml
+++ b/libsrt.yaml
@@ -1,7 +1,7 @@
package:
name: libsrt
- version: 1.5.3
- epoch: 2
+ version: 1.5.4
+ epoch: 0
description: "Secure Reliable Transport (SRT)"
copyright:
- license: MPL-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/Haivision/srt
tag: v${{package.version}}
- expected-commit: 09f35c0f1743e23f514cb41444504a7faeacf89e
+ expected-commit: a8c6b65520f814c5bd8f801be48c33ceece7c4a6
- uses: cmake/configure
with:
diff --git a/libxcursor.yaml b/libxcursor.yaml
index 8ca154cea69..707c23f49c3 100644
--- a/libxcursor.yaml
+++ b/libxcursor.yaml
@@ -1,6 +1,6 @@
package:
name: libxcursor
- version: 1.2.2
+ version: 1.2.3
epoch: 0
description: X cursor management library
copyright:
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 53d071bd2cc56e517a30998d5e685c8a74556ddada43c6985d14da9a023a88ee
+ expected-sha256: fde9402dd4cfe79da71e2d96bb980afc5e6ff4f8a7d74c159e1966afb2b2c2c0
uri: https://www.x.org/releases/individual/lib/libXcursor-${{package.version}}.tar.xz
- uses: autoconf/configure
diff --git a/libxml2.yaml b/libxml2.yaml
index f934d970f48..8fcfc8d7a71 100644
--- a/libxml2.yaml
+++ b/libxml2.yaml
@@ -1,7 +1,7 @@
package:
name: libxml2
- version: 2.13.4
- epoch: 2
+ version: 2.13.5
+ epoch: 0
description: XML parsing library, version 2
copyright:
- license: MIT
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://gitlab.gnome.org/GNOME/libxml2.git
tag: v${{package.version}}
- expected-commit: 60d3056c97067e6cb2125284878ed7c99c90ed81
+ expected-commit: de918d45e1b2276a28a4cd32bcf556bef65284e4
- runs: ./autogen.sh
diff --git a/libyang.yaml b/libyang.yaml
index 9c9516584c3..1237ff2b15b 100644
--- a/libyang.yaml
+++ b/libyang.yaml
@@ -71,10 +71,14 @@ test:
environment:
contents:
packages:
+ - glibc-dev
+ - gcc
- pkgconf
- libyang
- libyang-dev
pipeline:
+ - name: version test
+ runs: /usr/bin/yanglint --version | grep ${{package.version}}
- name: pkg-config tests
runs: |
pkg-config --exists libyang
@@ -83,3 +87,37 @@ test:
runs: |
stat /usr/include/libyang/*.h
stat /usr/lib/libyang.so
+ - name: run a sample test
+ runs: |
+ cat < yang.c
+ #include
+ #include
+ #include
+
+ int main() {
+ struct lys_module *mod = NULL;
+ struct ly_ctx *ctx = NULL;
+
+ if (ly_ctx_new(NULL, 0, &ctx) != LY_SUCCESS) {
+ fprintf(stderr, "failed to create context\n");
+ exit(1);
+ }
+
+ printf("libyang version: %s\n", LIBYANG_VERSION);
+
+ const char *yang_model = "module example { namespace \"urn:example\"; prefix ex; leaf example-leaf { type string; } }";
+
+ if (lys_parse_mem(ctx, yang_model, LYS_IN_YANG, &mod) != LY_SUCCESS) {
+ fprintf(stderr, "failed to parse module\n");
+ ly_ctx_destroy(ctx);
+ exit(1);
+ }
+ printf("parsed '%s' yang module\n", mod->name);
+ ly_ctx_destroy(ctx);
+ }
+ EOF
+
+ gcc -o yang yang.c -l:libyang.so -DLIBYANG_VERSION=\"$(pkg-config --modversion libyang)\"
+ ./yang
+ ./yang | grep ${{package.version}}
+ ./yang | grep "parsed 'example' yang module"
diff --git a/linkerd2-proxy.yaml b/linkerd2-proxy.yaml
index 70363827b1f..54f5f1102c9 100644
--- a/linkerd2-proxy.yaml
+++ b/linkerd2-proxy.yaml
@@ -1,6 +1,6 @@
package:
name: linkerd2-proxy
- version: 2.260.0
+ version: 2.265.0
epoch: 0
description: "A program that validates linkerd networks"
copyright:
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/linkerd/linkerd2-proxy
tag: release/v${{package.version}}
- expected-commit: c2687744a0db3016b7645b0589f72373c2ad7a08
+ expected-commit: aaf6db0d580eb9385326474293783f0dd49f3f1b
- runs: |
cargo fetch
diff --git a/linkerd2.yaml b/linkerd2.yaml
index f8125eafb14..045e3cee53f 100644
--- a/linkerd2.yaml
+++ b/linkerd2.yaml
@@ -1,6 +1,6 @@
package:
name: linkerd2
- version: 24.10.5
+ version: 24.11.2
epoch: 0
description: "meta linkerd package"
copyright:
@@ -25,7 +25,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 6c2635f4675006b86f33179df27db8a5a6b223ed
+ expected-commit: caf8e82e7a31172fbc0f6696e00540611bfd5508
repository: https://github.com/linkerd/linkerd2/
tag: edge-${{package.version}}
diff --git a/logstash-8.yaml b/logstash-8.yaml
index 61c2fd3a7f1..da79d293db6 100644
--- a/logstash-8.yaml
+++ b/logstash-8.yaml
@@ -16,8 +16,8 @@
# subpackage to be installed separately.
package:
name: logstash-8
- version: 8.15.3
- epoch: 7
+ version: 8.16.0
+ epoch: 2
description: Logstash - transport and process your logs, events, or other data
copyright:
- license: Apache-2.0
@@ -73,12 +73,12 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: 8364c8e89cfb113e38ec3f966df7eb1e9abe9d33
+ expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
- name: Patch sources
runs: |
echo "gem 'fugit', '1.11.1'" >> Gemfile.template
- echo "gem 'rexml', '3.3.6'" >> Gemfile.template
+ echo "gem 'rexml', '3.3.9'" >> Gemfile.template
echo "gem 'puma', '6.4.3'" >> Gemfile.template
echo "gem 'logstash-integration-kafka', '11.5.2'" >> Gemfile.template
# Disable the logstash-integration-jdbc plugin download as we build and
diff --git a/logstash-exporter.yaml b/logstash-exporter.yaml
index a1b9c4505df..323dae0c145 100644
--- a/logstash-exporter.yaml
+++ b/logstash-exporter.yaml
@@ -1,6 +1,6 @@
package:
name: logstash-exporter
- version: 1.8.2
+ version: 1.8.3
epoch: 0
description: Prometheus exporter for Logstash written in Go
copyright:
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 078156893ad9ccf5b35de9a7240074be6ba4c632
+ expected-commit: 023b3c1e20442219a5db6d2b6789f204122603b8
repository: https://github.com/kuskoman/logstash-exporter
tag: v${{package.version}}
diff --git a/loki-3.2.yaml b/loki-3.2.yaml
index eefab317a59..7825b6fb00d 100644
--- a/loki-3.2.yaml
+++ b/loki-3.2.yaml
@@ -1,7 +1,7 @@
package:
name: loki-3.2
version: 3.2.1
- epoch: 1
+ epoch: 2
description: Like Prometheus, but for logs.
copyright:
- license: AGPL-3.0-or-later
@@ -25,6 +25,10 @@ pipeline:
repository: https://github.com/grafana/loki
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: autoconf/make
- runs: |
diff --git a/lsof.yaml b/lsof.yaml
new file mode 100644
index 00000000000..89d74cbaa81
--- /dev/null
+++ b/lsof.yaml
@@ -0,0 +1,98 @@
+package:
+ name: lsof
+ version: 4.99.3
+ epoch: 0
+ description: List Open Files
+ copyright:
+ - license: lsof
+
+environment:
+ contents:
+ packages:
+ - autoconf
+ - automake
+ - bash
+ - build-base
+ - busybox
+ - groff
+ - libtool
+ - linux-headers
+ - openssf-compiler-options
+ - pkgconf-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/lsof-org/lsof
+ tag: ${{package.version}}
+ expected-commit: 2e4c7a1a9bc7258dc5b6a3ab28ebca44174279a8
+
+ - name: "update release version in configure.ac"
+ runs: |
+ # configure.ac in release tarballs has updated major.minor.micro (4.99.3)
+ # git has just major.minor.0 (4.99.0). So change
+ # AC_INIT([lsof],[4.99.0])
+ # to
+ # AC_INIT([lsof],[4.99.3])
+ expected="AC_INIT([lsof],[${{package.version}}])"
+ grep -F -q "$expected" configure.ac &&
+ { echo "configure.ac did not need updating"; exit 0; }
+
+ sed -i '1s/\(AC_INIT(\[lsof\],\)\[\([^\[]\+\)]/\1[${{package.version}}]/' configure.ac
+
+ grep -F "$expected" configure.ac && exit 0
+ echo "patching version into configure.ac seems to have failed"
+
+ - runs: autoreconf -vif
+
+ - uses: autoconf/configure
+
+ - uses: autoconf/make
+
+ - uses: autoconf/make-install
+
+ - uses: strip
+
+subpackages:
+ - name: lsof-dev
+ description: dev library for lsof
+ dependencies:
+ runtime:
+ - lsof
+ pipeline:
+ - uses: split/dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
+
+ - name: lsof-doc
+ pipeline:
+ - uses: split/manpages
+ description: lsof manpages
+
+ - name: lsof-debug
+ pipeline:
+ - uses: split/debug
+ description: lsof debug
+
+update:
+ enabled: true
+ github:
+ identifier: lsof-org/lsof
+
+test:
+ pipeline:
+ - name: Verify lsof installation
+ runs: |
+ set +x
+ fail() { echo "FAIL:" "$@"; exit 1; }
+
+ # both -h and -v output to stderr
+ lsof -h 2>&1 || fail "'lsof -h' exited $?"
+ echo "PASS: 'lsof -h' exited 0"
+
+ ver="${{package.version}}"
+ out=$(lsof -v 2>&1) || fail "'lsof -v' exited $?"
+ echo "$out" | grep -F -q -- "$ver" ||
+ fail "'lsof -v' output did not include '$ver': $out"
+ echo "PASS: 'lsof -v' contained version '$ver' in output"
diff --git a/lvm2.yaml b/lvm2.yaml
index 6a30e0efcc2..76473663e47 100644
--- a/lvm2.yaml
+++ b/lvm2.yaml
@@ -1,8 +1,8 @@
# Generated from https://git.alpinelinux.org/aports/plain/main/lvm2/APKBUILD
package:
name: lvm2
- version: 2.03.27
- epoch: 1
+ version: 2.03.28
+ epoch: 0
description: Logical Volume Manager 2 utilities
copyright:
- license: GPL-2.0-only AND LGPL-2.1-only
@@ -31,7 +31,7 @@ pipeline:
with:
repository: https://gitlab.com/lvmteam/lvm2.git
tag: v${{vars.mangled-package-version}}
- expected-commit: 207990a8770208151b2f39b51526580a9dca24c4
+ expected-commit: f87a6ad6d6f7cde0170fd479a45ee5b0a1c63d52
- runs: |
# during cross-compilation malloc test goes wrong
diff --git a/mailpit.yaml b/mailpit.yaml
index 7730fd8892d..f7cd7ece9a6 100644
--- a/mailpit.yaml
+++ b/mailpit.yaml
@@ -1,6 +1,6 @@
package:
name: mailpit
- version: 1.21.1
+ version: 1.21.3
epoch: 0
description: An email and SMTP testing tool with API for developers
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/axllent/mailpit
tag: v${{package.version}}
- expected-commit: 0f24496ee2a2d7e38e2531ade3b6ea9a8d70a1cc
+ expected-commit: b698e037bf5791a08019427c6e365ad91b9140b8
- runs: |
npm install
diff --git a/malcontent.yaml b/malcontent.yaml
index 3019d384458..bc2bf74921d 100644
--- a/malcontent.yaml
+++ b/malcontent.yaml
@@ -1,7 +1,7 @@
package:
name: malcontent
- version: 1.3.0
- epoch: 1
+ version: 1.4.0
+ epoch: 0
description: enumerate file capabilities, including malicious behaviors
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/chainguard-dev/malcontent
tag: v${{package.version}}
- expected-commit: 958cfb32ae0f87e193a22dc904fc160f66ce67a1
+ expected-commit: 26dcc4535337388f10781a2d39cf9f634b786861
- uses: go/build
with:
@@ -61,7 +61,7 @@ test:
- name: Verify malcontent diff
runs: |
set -o pipefail
- mal diff /usr/bin/openssl /usr/bin/crane | grep "[+]MED.*archives/zip"
+ mal diff /usr/bin/openssl /usr/bin/crane | grep "archives/zip"
update:
enabled: true
diff --git a/mariadb-connector-c.yaml b/mariadb-connector-c.yaml
index 520ba64b9de..5dd8eb567c5 100644
--- a/mariadb-connector-c.yaml
+++ b/mariadb-connector-c.yaml
@@ -1,7 +1,7 @@
package:
name: mariadb-connector-c
- version: 3.4.1
- epoch: 1
+ version: 3.4.3
+ epoch: 0
description: The MariaDB Native Client library (C driver)
copyright:
- license: LGPL-2.1-or-later
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 0a7f2522a44a7369c1dda89676e43485037596a7b1534898448175178aedeb4d
+ expected-sha256: a9033833a88ca74789bd6db565965382c982d06aae1c086097fa9c3e7c7d1eaf
uri: https://mirror.vpsfree.cz/mariadb/connector-c-${{package.version}}/mariadb-connector-c-${{package.version}}-src.tar.gz
- runs: |
diff --git a/mc.yaml b/mc.yaml
index ccebd684e26..7f4573547e0 100644
--- a/mc.yaml
+++ b/mc.yaml
@@ -1,6 +1,6 @@
package:
name: mc
- version: 0.20241029.153459
+ version: 0.20241105.112945
epoch: 0
description: Multi-Cloud Object Storage
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/minio/mc
tag: ${{vars.mangled-package-version}}
- expected-commit: 9f4659884dd45dca726ba38ee6bfacb2bf776eb8
+ expected-commit: 6ac18619cf881074fe6edcc79ab62c9c85da60b9
- runs: |
make build
diff --git a/mdbook.yaml b/mdbook.yaml
index dfbe3348df8..30167e03dd5 100644
--- a/mdbook.yaml
+++ b/mdbook.yaml
@@ -1,7 +1,7 @@
package:
name: mdbook
- version: 0.4.40
- epoch: 2
+ version: 0.4.42
+ epoch: 0
description: "Create book from markdown files. Like Gitbook but implemented in Rust."
copyright:
- license: MPL-2.0
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/rust-lang/mdbook
tag: v${{package.version}}
- expected-commit: 94b922d27aea47183ebf270e2f6f32561d960852
+ expected-commit: 3f4f287e6e5437d83a6e1e6414739a57e4409767
- name: Configure and build
runs: |
diff --git a/meilisearch.yaml b/meilisearch.yaml
index ec1dca2f2fc..e19fa25b985 100644
--- a/meilisearch.yaml
+++ b/meilisearch.yaml
@@ -1,7 +1,7 @@
package:
name: meilisearch
- version: 1.11.0
- epoch: 1
+ version: 1.11.3
+ epoch: 0
description: "A lightning-fast search engine that fits effortlessly into your apps, websites, and workflow."
copyright:
- license: MIT
@@ -20,7 +20,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/meilisearch/meilisearch.git
- expected-commit: 3753f87fd89ed57045c2e05172a4139011579ed6
+ expected-commit: cfaac6f7ca55e91ec3cf40f8682f528cd8743562
tag: v${{package.version}}
recurse-submodules: true
diff --git a/melange.yaml b/melange.yaml
index 48264940d62..f61106b523a 100644
--- a/melange.yaml
+++ b/melange.yaml
@@ -1,6 +1,6 @@
package:
name: melange
- version: 0.15.0
+ version: 0.15.9
epoch: 0
description: build APKs from source code
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: e1fb07674e1d11b0691011c29cc256a2b4e88e5f
+ expected-commit: 5ce2bb4ea7969d8a65f43c154a1f597872a7d844
repository: https://github.com/chainguard-dev/melange
tag: v${{package.version}}
diff --git a/memcached-exporter.yaml b/memcached-exporter.yaml
index c3a2f1585f3..6dfd6feb668 100644
--- a/memcached-exporter.yaml
+++ b/memcached-exporter.yaml
@@ -1,7 +1,7 @@
package:
name: memcached-exporter
- version: 0.14.4
- epoch: 2
+ version: 0.15.0
+ epoch: 0
description: Exports metrics from memcached servers for consumption by Prometheus.
copyright:
- license: Apache-2.0
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/prometheus/memcached_exporter
tag: v${{package.version}}
- expected-commit: 277c78894347b087cae7fa34a2f550b677f8e383
+ expected-commit: ceb946ecae3aace775a0becb8233ca3890a829c3
- uses: go/build
with:
diff --git a/mesa.yaml b/mesa.yaml
index d16dfca562c..dbbf36730ee 100644
--- a/mesa.yaml
+++ b/mesa.yaml
@@ -1,10 +1,13 @@
package:
name: mesa
- version: 24.2.6
- epoch: 1
+ version: 24.2.7
+ epoch: 0
description: Mesa DRI OpenGL library
copyright:
- license: MIT AND SGI-B-2.0 AND BSL-1.0
+ dependencies:
+ runtime:
+ - libglvnd
vars:
llvm-ver: 19
@@ -25,6 +28,7 @@ environment:
- gettext
- glslang-dev
- libdrm-dev
+ - libglvnd-dev
- libtool
- libva
- libva-dev
@@ -64,7 +68,7 @@ pipeline:
with:
repository: https://gitlab.freedesktop.org/mesa/mesa
tag: mesa-${{package.version}}
- expected-commit: c6b3580271ce028a9ddf06423378d26f03d2c049
+ expected-commit: 3900828265aab07f31942fd0a8afe5b07e75c94b
- runs: |
export CFLAGS="$CFLAGS -O2 -g1"
@@ -84,6 +88,7 @@ pipeline:
-Dvulkan-layers=$_vulkan_layers \
-Dplatforms=x11,wayland \
-Dllvm=enabled \
+ -Dglvnd=true \
-Dshared-llvm=enabled \
-Dshared-glapi=enabled \
-Dgbm=enabled \
@@ -113,9 +118,8 @@ pipeline:
data:
- name: libs
items:
- gles: libGLES*
- egl: libEGL
- gl: libGL
+ egl: libEGL_mesa
+ glx: libGLX_mesa
glapi: libglapi
xatracker: libxatracker*
osmesa: libOSMesa
@@ -123,18 +127,37 @@ data:
libd3dadapter9: d3d/d3dadapter9
libgallium: libgallium-${{package.version}}
+ - name: transitive
+ items:
+ gl: ""
+ gles: ""
+
subpackages:
- range: libs
name: mesa-${{range.key}}
description: mesa ${{range.key}}
+ dependencies:
+ runtime:
+ - libglvnd
pipeline:
- runs: |
mkdir -p ${{targets.subpkgdir}}/usr/lib
mv ${{targets.destdir}}/usr/lib/${{range.value}}.so* ${{targets.subpkgdir}}/usr/lib
+ - range: transitive
+ name: mesa-${{range.key}}
+ description: mesa transitive package for ${{range.key}}
+ dependencies:
+ runtime:
+ - mesa
+ - mesa-glx
+
- name: mesa-dev
pipeline:
- uses: split/dev
+ dependencies:
+ runtime:
+ - libglvnd-dev
description: mesa dev
test:
pipeline:
@@ -145,12 +168,12 @@ test:
contents:
packages:
- gcc
+ - libglvnd-dev
- libx11-dev
- libxext-dev
- - mesa-dev
+ - mesa
- wget
- glibc-dev
- - mesa-gl
pipeline:
- name: Compile and run glxgears
runs: |
diff --git a/minio-operator.yaml b/minio-operator.yaml
index 24476fa0502..9a4c3e7ad03 100644
--- a/minio-operator.yaml
+++ b/minio-operator.yaml
@@ -1,19 +1,11 @@
package:
name: minio-operator
version: 6.0.4
- epoch: 0
+ epoch: 2
description: Minio Operator creates/configures/manages Minio on Kubernetes
copyright:
- license: AGPL-3.0-only
-environment:
- contents:
- packages:
- - bash
- - build-base
- - ca-certificates-bundle
- - go
-
pipeline:
- uses: git-checkout
with:
@@ -21,20 +13,47 @@ pipeline:
tag: v${{package.version}}
expected-commit: c5b838c475609921935bd4f335fdbc4b6846be14
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
modroot: ./cmd/operator
packages: .
output: minio-operator
- ldflags: -s -w -X github.com/minio/operator/pkg.ReleaseTag=${{package.full-version}} -X github.com/minio/operator/pkg.Version=${{package.full-version}} -X github.com/minio/operator/pkg.ShortCommitID=$(git rev-parse HEAD)
-
- - uses: strip
+ ldflags: -w -X github.com/minio/operator/pkg.ReleaseTag=${{package.full-version}} -X github.com/minio/operator/pkg.Version=${{package.full-version}} -X github.com/minio/operator/pkg.ShortCommitID=$(git rev-parse HEAD)
- runs: |
mkdir ${{targets.destdir}}/licenses
cp CREDITS LICENSE ${{targets.destdir}}/licenses/
subpackages:
+ - name: ${{package.name}}-sidecar
+ description: sidecar for minio-operator
+ pipeline:
+ - uses: go/bump
+ working-directory: ./sidecar
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ - uses: go/build
+ working-directory: ./sidecar
+ with:
+ modroot: ./cmd/sidecar
+ packages: .
+ output: minio-operator-sidecar
+ ldflags: -w -X github.com/minio/operator/sidecar/pkg.ReleaseTag=${{package.full-version}} -X github.com/minio/operator/sidecar/pkg.Version=${{package.full-version}} -X github.com/minio/operator/sidecar/pkg.ShortCommitID=$(git rev-parse HEAD)
+ - runs: |
+ mkdir ${{targets.contextdir}}/licenses
+ cp CREDITS LICENSE ${{targets.contextdir}}/licenses/
+
+ - name: ${{package.name}}-sidecar-compat
+ description: compatibility symlinks package for minio-operator-sidecar Dockerfile
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/
+ ln -sf /usr/bin/minio-operator-sidecar ${{targets.contextdir}}/minio-operator-sidecar
+
- name: ${{package.name}}-compat
description: compatibility symlinks package for minio-operator Dockerfile
pipeline:
diff --git a/minio.yaml b/minio.yaml
index 37a68fb344d..c17d63b9fcb 100644
--- a/minio.yaml
+++ b/minio.yaml
@@ -1,6 +1,6 @@
package:
name: minio
- version: 0.20241029.160148
+ version: 0.20241107.005220
epoch: 0
description: Multi-Cloud Object Storage
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/minio/minio
tag: ${{vars.mangled-package-version}}
- expected-commit: c4239ced225b9fead5f6b44e3665c5ccd7eacc89
+ expected-commit: cefc43e4daa4cbb490ef6726ea374e26a93eb85e
- runs: |
make build
diff --git a/mockery.yaml b/mockery.yaml
index 0e9a5383d34..99f95b95293 100644
--- a/mockery.yaml
+++ b/mockery.yaml
@@ -1,7 +1,7 @@
package:
name: mockery
- version: 2.46.3
- epoch: 1
+ version: 2.47.0
+ epoch: 0
description: A mock code autogenerator for Go
copyright:
- license: BSD-3-Clause
@@ -17,7 +17,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/vektra/mockery
- expected-commit: 4d3bfa76952904bec1e08840c81dd951b671f18a
+ expected-commit: f6ecb446008d2691e9c411900bf61403368c7c53
tag: v${{package.version}}
- runs: |
diff --git a/mountpoint-s3-csi-driver.yaml b/mountpoint-s3-csi-driver.yaml
index 573a2b7f321..f7893cb4df6 100644
--- a/mountpoint-s3-csi-driver.yaml
+++ b/mountpoint-s3-csi-driver.yaml
@@ -1,6 +1,6 @@
package:
name: mountpoint-s3-csi-driver
- version: 1.9.0
+ version: 1.10.0
epoch: 0
description: Built on Mountpoint for Amazon S3, the Mountpoint CSI driver presents an Amazon S3 bucket as a storage volume accessible by containers in your Kubernetes cluster
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/awslabs/mountpoint-s3-csi-driver
tag: v${{package.version}}
- expected-commit: 2c96c14bffa755e61b4d5dfbb4913278589526e5
+ expected-commit: f8cc674930e41058d665d7ab133d48d62e8311f8
- uses: go/build
with:
diff --git a/multipath-tools.yaml b/multipath-tools.yaml
index 116b9459ed5..23ea32a6a93 100644
--- a/multipath-tools.yaml
+++ b/multipath-tools.yaml
@@ -1,7 +1,7 @@
package:
name: multipath-tools
version: 0.10.0
- epoch: 1
+ epoch: 2
description: Device Mapper Multipathing Driver
copyright:
- license: LGPL-2.0-only
@@ -21,6 +21,7 @@ environment:
- libaio-dev
- lvm2-dev
- ncurses-dev
+ - openssf-compiler-options
- perl
- readline-dev
- userspace-rcu-dev
@@ -63,6 +64,3 @@ test:
multipath -h
mpathpersist -h
[ -x /usr/sbin/kpartx ]
- mpathpersist --help
- multipathd version
- multipathd help
diff --git a/mycli.yaml b/mycli.yaml
index 545c50bb9e5..7dba127014b 100644
--- a/mycli.yaml
+++ b/mycli.yaml
@@ -1,6 +1,6 @@
package:
name: mycli
- version: 1.27.2
+ version: 1.28.0
epoch: 0
description: "static code and composition analysis tool for IaC"
copyright:
@@ -35,7 +35,7 @@ pipeline:
- uses: fetch
with:
uri: https://files.pythonhosted.org/packages/source/m/mycli/mycli-${{package.version}}.tar.gz
- expected-sha256: d11da4e614640096ea8066443d75946f8f281714ca30a89065c91fdc5f950b72
+ expected-sha256: 66bfac0be21df16e01ff6187cc9cece6676a4c5f1bd3435887e633b5e380e4c3
- runs: |
python3 -m gpep517 build-wheel --wheel-dir dist --output-fd 1
@@ -46,6 +46,80 @@ pipeline:
- uses: strip
+test:
+ environment:
+ contents:
+ packages:
+ - py3-click
+ - py3-pymysql
+ - py3-pyperclip
+ - py3-sqlparse
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ from mycli import __version__
+ - uses: py/one-python
+ with:
+ content: |
+ python3 <<-EOF
+ from mycli import __version__
+ from unittest.mock import Mock, patch, PropertyMock
+ import pymysql
+
+ assert __version__ == "1.28.0", f"Expected version 1.28.0, got {__version__}"
+ print(f"Version check passed: {__version__}")
+
+ # Test core mycli functionality
+ from mycli.packages.special import iocommands
+ assert hasattr(iocommands, 'write_tee')
+ print("Core functionality test passed")
+
+ # Test connection and query functionality
+ from mycli.sqlexecute import SQLExecute
+ with patch('pymysql.connect') as mock_connect:
+ mock_conn = Mock()
+ mock_cursor = Mock()
+
+ # Setup the mock connection with proper version string
+ type(mock_conn).server_version = PropertyMock(return_value='5.7.0-MySQL')
+ mock_conn.get_server_info.return_value = '5.7.0-MySQL'
+ mock_connect.return_value = mock_conn
+ mock_conn.cursor.return_value = mock_cursor
+
+ # Setup mock responses
+ mock_cursor.fetchall.return_value = [("mycli",)]
+ mock_cursor.description = [("Database",)]
+
+ sql = SQLExecute(
+ host='localhost',
+ user='test',
+ password='test',
+ port=3306,
+ database='test',
+ socket=None,
+ charset='utf8mb4',
+ local_infile=False,
+ ssl=None,
+ ssh_user=None,
+ ssh_host=None,
+ ssh_port=None,
+ ssh_password=None,
+ ssh_key_filename=None,
+ )
+
+ # Test connection
+ sql.connect()
+ print("Connection test passed")
+
+ # Test a basic query
+ result = sql.run("SHOW DATABASES")
+ assert result is not None
+ print("Query test passed")
+
+ print("All tests passed")
+ EOF
+
update:
enabled: true
release-monitor:
diff --git a/neon.yaml b/neon.yaml
index a9679bade98..3ef9c7582ef 100644
--- a/neon.yaml
+++ b/neon.yaml
@@ -1,6 +1,6 @@
package:
name: neon
- version: "6935"
+ version: "7125"
epoch: 0
description: "Serverless Postgres. We separated storage and compute to offer autoscaling, branching, and bottomless storage."
copyright:
@@ -46,7 +46,7 @@ pipeline:
with:
repository: https://github.com/neondatabase/neon
tag: release-${{package.version}}
- expected-commit: c4e5693145abc58bac7830a87437a5907b2905d4
+ expected-commit: 6dba1a36b8eaef43828611da2201a1e19e9b5638
recurse-submodules: true
- runs: |
diff --git a/nerdctl.yaml b/nerdctl.yaml
index 980d6120368..10141a8ae23 100644
--- a/nerdctl.yaml
+++ b/nerdctl.yaml
@@ -1,6 +1,6 @@
package:
name: nerdctl
- version: 1.7.7
+ version: 2.0.0
epoch: 0
description: Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...
copyright:
@@ -19,11 +19,7 @@ pipeline:
with:
repository: https://github.com/containerd/nerdctl
tag: v${{package.version}}
- expected-commit: 5882c720f4e7f358fb26b759e514b3ae9dd8ea83
-
- - uses: go/bump
- with:
- deps: github.com/docker/cli@v26.1.4 github.com/docker/docker@v26.1.5
+ expected-commit: ef588dafa080e3dbc9c061ff3802affb66aef291
- runs: |
make nerdctl
diff --git a/newrelic-infrastructure-agent.yaml b/newrelic-infrastructure-agent.yaml
index d536fae91e7..5fc66e96ce6 100644
--- a/newrelic-infrastructure-agent.yaml
+++ b/newrelic-infrastructure-agent.yaml
@@ -1,7 +1,7 @@
package:
name: newrelic-infrastructure-agent
- version: 1.57.2
- epoch: 1
+ version: 1.58.0
+ epoch: 0
description: New Relic Infrastructure Agent
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/newrelic/infrastructure-agent
tag: ${{package.version}}
- expected-commit: edc8ef7b36ee41f1e3488cfcd56c2a2d9e08fcef
+ expected-commit: 1a19023b867cc2aac94959aa1bb82e3b53cb4d48
- runs: |
# Our global LDFLAGS conflict with a Makefile parameter: https://github.com/newrelic/infrastructure-agent/blob/07ab68f181e25a1552588a3953167e0b15f52372/build/build.mk#L20-L22
diff --git a/newrelic-infrastructure-bundle.yaml b/newrelic-infrastructure-bundle.yaml
index 0cc66bb4465..06f8d5f508d 100644
--- a/newrelic-infrastructure-bundle.yaml
+++ b/newrelic-infrastructure-bundle.yaml
@@ -1,6 +1,6 @@
package:
name: newrelic-infrastructure-bundle
- version: 3.2.60
+ version: 3.2.61
epoch: 0
description: New Relic Infrastructure containerised agent bundle
copyright:
@@ -62,7 +62,7 @@ pipeline:
with:
repository: https://github.com/newrelic/infrastructure-bundle
tag: v${{package.version}}
- expected-commit: 77174e59099965250827095a555903f8660afe09
+ expected-commit: 6c97c8d3a0f658ff59cfefa4f97b39cfa17d6757
destination: ${{package.name}}
# NO-OP. We were using `go run downloader.go` to fetch the pre-compiled binaries
diff --git a/nodejs-18.yaml b/nodejs-18.yaml
index d0542227eb9..a3baa098de9 100644
--- a/nodejs-18.yaml
+++ b/nodejs-18.yaml
@@ -1,7 +1,7 @@
package:
name: nodejs-18
- version: 18.20.4
- epoch: 1
+ version: 18.20.5
+ epoch: 0
description: "JavaScript runtime built on V8 engine - LTS version"
copyright:
- license: MIT
@@ -39,7 +39,7 @@ pipeline:
with:
repository: https://github.com/nodejs/node.git
tag: v${{package.version}}
- expected-commit: e922fb64b53530af4ad2e3df298a302225645f5b
+ expected-commit: f73db8f4779ca5fcac8fc84b8515b276e4cb671d
- name: Configure and build
runs: |
diff --git a/npth.yaml b/npth.yaml
index 4d10f06c79e..dd1727cb931 100644
--- a/npth.yaml
+++ b/npth.yaml
@@ -1,7 +1,7 @@
package:
name: npth
- version: "1.7"
- epoch: 2
+ version: "1.8"
+ epoch: 0
description: The New GNU Portable Threads library
copyright:
- license: LGPL-3.0-or-later OR GPL-2.0-or-later
@@ -20,7 +20,7 @@ pipeline:
with:
repository: git://git.gnupg.org/npth.git
tag: npth-${{package.version}}
- expected-commit: 150dc11942c90ff8190c2d48344eb4c1c48c7cd8
+ expected-commit: 64905e765aad9de6054ef70a97fc30bd992ce999
- runs: ./autogen.sh
diff --git a/nri-kubernetes.yaml b/nri-kubernetes.yaml
index a74427acb7c..69e9bbdf6dc 100644
--- a/nri-kubernetes.yaml
+++ b/nri-kubernetes.yaml
@@ -1,6 +1,6 @@
package:
name: nri-kubernetes
- version: 3.30.1
+ version: 3.31.0
epoch: 0
description: New Relic integration for Kubernetes
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/newrelic/nri-kubernetes
tag: v${{package.version}}
- expected-commit: a394a4207f48a8643a13d246e5d8083759458f28
+ expected-commit: 8ae6af0b41fccc190102dbfec2e4936b176050b5
- runs: |
# Our global LDFLAGS conflict with a Makefile parameter
diff --git a/nss.yaml b/nss.yaml
index c7cf5b59c7f..d938adb9c83 100644
--- a/nss.yaml
+++ b/nss.yaml
@@ -1,7 +1,7 @@
package:
name: nss
version: "3.106"
- epoch: 0
+ epoch: 1
description: "Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications."
copyright:
- license: MPL-2.0
@@ -15,11 +15,14 @@ environment:
- libnspr
- libnspr-dev
- mercurial
+ - openssf-compiler-options
- perl
- py3-gyp-next
- samurai
- sqlite-dev
- zlib-dev
+ environment:
+ CFLAGS: -Wno-error=format-truncation=
var-transforms:
- from: ${{package.version}}
diff --git a/nuclei.yaml b/nuclei.yaml
index 45e554bc6aa..d75fce60f69 100644
--- a/nuclei.yaml
+++ b/nuclei.yaml
@@ -1,7 +1,7 @@
package:
name: nuclei
version: 3.3.5
- epoch: 0
+ epoch: 1
description: "yaml based vulnerability scanner"
copyright:
- license: MIT
@@ -24,7 +24,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/mholt/archiver/v3@v3.5.2
+ deps: github.com/mholt/archiver/v3@v3.5.2 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
- uses: patch
diff --git a/nushell.yaml b/nushell.yaml
new file mode 100644
index 00000000000..dc9d1dc309e
--- /dev/null
+++ b/nushell.yaml
@@ -0,0 +1,75 @@
+package:
+ name: nushell
+ version: 0.100.0
+ epoch: 0
+ description: A new type of shell
+ copyright:
+ - license: MIT
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - cargo-auditable
+ - libgit2-dev
+ - libssh2-dev
+ - openssf-compiler-options
+ - openssl-dev
+ - rust
+ - sqlite-dev
+
+pipeline:
+ - uses: fetch
+ with:
+ expected-sha256: 00b94984d3140e286e06d4beca2926ef80e0a0cc3ada75916e4fb9fa66ec28ad
+ uri: https://github.com/nushell/nushell/archive/${{package.version}}.tar.gz
+
+ # TODO: figure out why I cant link against mimalloc
+ # error: gnu/bin/ld: cannot find -lmimalloc: No such file or directory
+ - runs: |
+ #!/bin/bash
+ set -x
+
+ export LIBSSH2_SYS_USE_PKG_CONFIG=1 # use system libssh2
+ export TARGET=$(rustc -vV | sed -n 's/host: //p')
+ mkdir -p ~/.cargo
+ cat >> ~/.cargo/config.toml <<-EOF
+
+ [target.$TARGET]
+ git2 = { rustc-link-lib = ["git2"] }
+ rusqlite = { rustc-link-lib = ["sqlite3"] }
+ EOF
+
+ - runs: |
+ cargo auditable build --workspace --locked --release
+
+ find target/release \
+ -maxdepth 1 \
+ -executable \
+ -type f \
+ -name "nu*" \
+ -exec install -vDm755 -t "${{targets.destdir}}/usr/bin" "{}" +
+
+ - uses: strip
+
+subpackages:
+ - name: nushell-plugins
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/usr/bin/
+ mv ${{targets.destdir}}/usr/bin/nu_plugin_* ${{targets.contextdir}}/usr/bin/
+ description: nushell plugins
+
+test:
+ pipeline:
+ - name: version and command test
+ runs: |
+ nu --version || exit 1
+ nu -c 'echo "hello"'
+
+update:
+ enabled: true
+ github:
+ identifier: nushell/nushell
diff --git a/octo-sts.yaml b/octo-sts.yaml
index e81fbf31fed..a9546737491 100644
--- a/octo-sts.yaml
+++ b/octo-sts.yaml
@@ -1,7 +1,7 @@
package:
name: octo-sts
version: 0.4.2
- epoch: 1
+ epoch: 2
description: A GitHub App that acts like a Security Token Service (STS) for the Github API.
copyright:
- license: Apache-2.0
@@ -14,6 +14,11 @@ pipeline:
repository: https://github.com/octo-sts/app
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: octo-sts
+
- uses: go/build
with:
modroot: octo-sts
diff --git a/ollama.yaml b/ollama.yaml
index 7c12337d6db..610aaa48f4b 100644
--- a/ollama.yaml
+++ b/ollama.yaml
@@ -1,6 +1,6 @@
package:
name: ollama
- version: 0.3.14
+ version: 0.4.2
epoch: 0
description: Get up and running with Llama 2 and other large language models locally
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/ollama/ollama
tag: v${{package.version}}
- expected-commit: f2890a4494f9fb3722ee7a4c506252362d1eab65
+ expected-commit: d875e99e4639dc07af90b2e3ea0d175e2e692efb
- runs: |
go generate ./...
diff --git a/openbao.yaml b/openbao.yaml
index dc3ddc0886e..294b842a2de 100644
--- a/openbao.yaml
+++ b/openbao.yaml
@@ -1,7 +1,7 @@
package:
name: openbao
- version: 2.0.2
- epoch: 2
+ version: 2.0.3
+ epoch: 0
description: OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys.
copyright:
- license: MPL-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/openbao/openbao
tag: v${{package.version}}
- expected-commit: 96853bb4de27ab8ffd1b0c2898c691460d43edeb
+ expected-commit: a2522eb71d1854f83c7e2e02fdbfc01ae74c3a78
- runs: |
# NOTE: uncomment when enabling embedding of UI
# make ember-dist
diff --git a/opencl.yaml b/opencl.yaml
index 431b49c528d..2bc944882d9 100644
--- a/opencl.yaml
+++ b/opencl.yaml
@@ -1,7 +1,7 @@
package:
name: opencl
- version: 2024.05.08
- epoch: 1
+ version: 2024.10.24
+ epoch: 0
description: OpenCL SDK
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/KhronosGroup/OpenCL-SDK
tag: v${{package.version}}
- expected-commit: 78e494f824d0dbe9279c4693ab1d2d807d29ac96
+ expected-commit: 34e6cfccdd75c6c4b591ac64681f9adcc94151c0
recurse-submodules: true
- uses: cmake/configure
diff --git a/openexr.yaml b/openexr.yaml
index e54231160ea..bd8c6978ea2 100644
--- a/openexr.yaml
+++ b/openexr.yaml
@@ -1,7 +1,7 @@
# Generated from https://git.alpinelinux.org/aports/plain/community/openexr/APKBUILD
package:
name: openexr
- version: 3.3.1
+ version: 3.3.2
epoch: 0
description: High dynamic-range image file format library
copyright:
@@ -36,7 +36,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/openexr/openexr
- expected-commit: f723c3940fff287c0a26b425b90a8e764823bfd4
+ expected-commit: 55d1a1404cec5b4b187009d9f7fe55a5622ac4e5
tag: v${{package.version}}
- uses: cmake/configure
diff --git a/openipmi.yaml b/openipmi.yaml
index cb2ad2e36ac..57f70e8a362 100644
--- a/openipmi.yaml
+++ b/openipmi.yaml
@@ -1,7 +1,7 @@
package:
name: openipmi
version: 2.0.36
- epoch: 0
+ epoch: 1
description: IPMI (Intelligent Platform Management Interface) library and tools
copyright:
- license: LGPL-2.0-or-later AND GPL-2.0-or-later OR BSD-3-Clause
@@ -19,6 +19,7 @@ environment:
- linux-headers
- ncurses-dev
- net-snmp-dev
+ - openssf-compiler-options
- openssl-dev
- popt-dev
- readline-dev
@@ -49,6 +50,7 @@ subpackages:
dependencies:
runtime:
- openipmi
+ - ncurses-dev
description: openipmi dev
- name: openipmi-doc
diff --git a/openjdk-8.yaml b/openjdk-8.yaml
index a873a294452..5c8b9e4f68a 100644
--- a/openjdk-8.yaml
+++ b/openjdk-8.yaml
@@ -1,7 +1,7 @@
package:
name: openjdk-8
- version: 8.422.05 # this corresponds to same release as jdk8u422-ga / jdk8u422-b05
- epoch: 3
+ version: 8.432.06 # this corresponds to same release as jdk8u432-ga / jdk8u432-b06
+ epoch: 0
description: "IcedTea distribution of OpenJDK 8"
copyright:
- license: GPL-2.0-or-later
@@ -72,15 +72,15 @@ environment:
pipeline:
- uses: fetch
with:
- uri: https://icedtea.classpath.org/download/source/icedtea-3.32.0.tar.xz
- expected-sha512: 151a1edb7fc459ee2bf43b44d90561513b2fdce39429bf1deca6ef004692fb946a58ad113f02876926df3ec7bcbf639484b903cd0c8840fc9457cab5bc2fa44a
+ uri: https://icedtea.classpath.org/download/source/icedtea-3.33.0.tar.xz
+ expected-sha512: ff2803f4be50ac11b6fa8b758c934357423a9cb9d7f41922486e062e1cfe565441af830a8698d67319e61ec0ee7e7de692749ccd18bd5b4c1bf078852c3d3862
- working-directory: /home/build/icedtea-drops
pipeline:
- uses: fetch
with:
- uri: https://icedtea.classpath.org/download/drops/icedtea8/3.32.0/openjdk-git.tar.xz
- expected-sha512: 502f2d84bf430468464247f9a67d68a18b5d57b09fd47150da05e6da4f848ce48ab368702b347d0b3df1773657ea452491841f4aa5257a8fefd947a0b1e9ec5c
+ uri: https://icedtea.classpath.org/download/drops/icedtea8/3.33.0/openjdk-git.tar.xz
+ expected-sha512: bb2946bbea3e63cd9f4aea88e498403317d0c07b3e283a4789d142ecd2bc35547518ec6b2f3ea97a37b7aa469311ac0217dcca9ffa65cbbacd316dd1306e82fa
extract: false
- uses: fetch
with:
diff --git a/openlibm.yaml b/openlibm.yaml
index 7e86d4b39ad..f343e53ad15 100644
--- a/openlibm.yaml
+++ b/openlibm.yaml
@@ -1,7 +1,7 @@
# Generated from https://git.alpinelinux.org/aports/plain/community/openlibm/APKBUILD
package:
name: openlibm
- version: 0.8.3
+ version: 0.8.4
epoch: 0
description: High quality system independent, portable, open source libm implementation
copyright:
@@ -22,7 +22,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 87e5f0b3f242e88caec8b9bba3c0196b73fdaa55
+ expected-commit: c4667caea25ae3487adf6760b4a1dcf32477a4b8
repository: https://github.com/JuliaLang/openlibm
tag: v${{package.version}}
diff --git a/opensearch-k8s-operator.yaml b/opensearch-k8s-operator.yaml
index b5d3210d4a0..581500c006f 100644
--- a/opensearch-k8s-operator.yaml
+++ b/opensearch-k8s-operator.yaml
@@ -1,6 +1,6 @@
package:
name: opensearch-k8s-operator
- version: 2.6.1
+ version: 2.7.0
epoch: 0
description: OpenSearch Kubernetes Operator
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/opensearch-project/opensearch-k8s-operator
tag: v${{package.version}}
- expected-commit: b2417013b570cc2dec3acd8204c15f73ba887efa
+ expected-commit: 5e786e794e5a34c9bba11cba36f7d82f3d87c8e6
- uses: go/bump
with:
diff --git a/openssl.yaml b/openssl.yaml
index fa7b14dbfe5..21757ba4c75 100644
--- a/openssl.yaml
+++ b/openssl.yaml
@@ -2,7 +2,7 @@
package:
name: openssl
version: 3.4.0
- epoch: 1
+ epoch: 2
description: "the OpenSSL cryptography suite"
copyright:
- license: Apache-2.0
@@ -49,6 +49,10 @@ pipeline:
tag: openssl-${{package.version}}
expected-commit: 98acb6b02839c609ef5b837794e08d906d965335
+ - uses: patch
+ with:
+ patches: fix-jitter-old-providers.patch
+
- name: Create dbg sourcecode
runs: |
SRCDIR=$(mktemp -d)
@@ -187,7 +191,10 @@ test:
contents:
packages:
- curl
+ - gdb
- git
+ - openssl
+ - openssl-dbg
- wget
pipeline:
- uses: test/hardening-check
@@ -212,6 +219,71 @@ test:
runs: |
wget -O /dev/null https://github.com/openssl/openssl
! wget https://expired.badssl.com/
+ - name: Verify jitter cherry-pick has no effect by default
+ runs: |
+ # Possibly python gdb would be easier to read
+ cat <openssl.gdb
+ set pagination off
+ set logging file gdb.log
+ set logging on
+ set width 0
+ set height 0
+ set verbose off
+ set breakpoint pending on
+ break get_jitter_random_value
+ commands 1
+ continue
+ end
+ break syscall_random
+ commands 2
+ continue
+ end
+ run genrsa -out /dev/null
+ EOF
+ gdb --batch --command ./openssl.gdb openssl
+ # Assert that jitter entropy was not used
+ grep -q 'Breakpoint 1,' gdb.log && exit 1
+ # Assert that getrandom syscall wrapper was used
+ grep -q 'Breakpoint 2,' gdb.log || exit 1
+ - name: Verify jitter entropy source opt-in works
+ runs: |
+ cat <openssl.cnf
+ openssl_conf = openssl_init
+ [openssl_init]
+ providers = provider_sect
+ random = random
+ [random]
+ seed = JITTER
+ [provider_sect]
+ default = default_sect
+ [default_sect]
+ activate = 1
+ EOF
+ export OPENSSL_CONF=openssl.cnf
+ # Possibly python gdb would be easier to read
+ cat <openssl.gdb
+ set pagination off
+ set logging file jitter.log
+ set logging on
+ set width 0
+ set height 0
+ set verbose off
+ set breakpoint pending on
+ break get_jitter_random_value
+ commands 1
+ continue
+ end
+ break syscall_random
+ commands 2
+ continue
+ end
+ run genrsa -out /dev/null
+ EOF
+ gdb --batch --command ./openssl.gdb openssl
+ # Assert that jitter entropy was not used
+ grep -q 'Breakpoint 1,' jitter.log || exit 1
+ # Assert that getrandom syscall wrapper was used
+ grep -q 'Breakpoint 2,' jitter.log && exit 1
update:
enabled: true
diff --git a/openssl/fix-jitter-old-providers.patch b/openssl/fix-jitter-old-providers.patch
new file mode 100644
index 00000000000..611f8209cd1
--- /dev/null
+++ b/openssl/fix-jitter-old-providers.patch
@@ -0,0 +1,87 @@
+From https://github.com/openssl/openssl/pull/25929/commits/0c306cb74ae1de27abc873d5384d6d97be01353c.patch
+From 0c306cb74ae1de27abc873d5384d6d97be01353c Mon Sep 17 00:00:00 2001
+From: Dimitri John Ledkov
+Date: Sat, 9 Nov 2024 21:32:48 +0000
+Subject: [PATCH] Force use jitter entropy in the FIPS 3.0.9 provider callback
+
+FIPS 3.0.9 provider does not honor runtime seed configuration, thus if
+one desires to use JITTER entropy source with FIPS 3.0.9 provider
+something like this needs to be applied to the core (libcrypto) build.
+
+Not sure if this is at all suitable for upstream.
+---
+ crypto/provider_core.c | 26 +++++++++++++++++++
+ .../implementations/rands/seed_src_jitter.c | 16 ++++++++++++
+ 2 files changed, 42 insertions(+)
+
+diff --git a/crypto/provider_core.c b/crypto/provider_core.c
+index 266423dda9551..e5e40d5e82003 100644
+--- a/crypto/provider_core.c
++++ b/crypto/provider_core.c
+@@ -2111,6 +2111,7 @@ static void core_self_test_get_callback(OPENSSL_CORE_CTX *libctx,
+ OSSL_SELF_TEST_get_callback((OSSL_LIB_CTX *)libctx, cb, cbarg);
+ }
+
++# ifdef OPENSSL_NO_JITTER
+ static size_t rand_get_entropy(const OSSL_CORE_HANDLE *handle,
+ unsigned char **pout, int entropy,
+ size_t min_len, size_t max_len)
+@@ -2118,6 +2119,31 @@ static size_t rand_get_entropy(const OSSL_CORE_HANDLE *handle,
+ return ossl_rand_get_entropy((OSSL_LIB_CTX *)core_get_libctx(handle),
+ pout, entropy, min_len, max_len);
+ }
++# else
++/*
++ * OpenSSL FIPS providers prior to 3.2 call rand_get_entropy API from
++ * core, instead of the newer get_user_entropy. Newer API call honors
++ * runtime configuration of random seed source and can be configured
++ * to use os getranom() or another seed source, such as
++ * JITTER. However, 3.0.9 only calls this API. Note that no other
++ * providers known to use this, and it is core <-> provider only
++ * API. Public facing EVP and getrandom bytes already correctly honor
++ * runtime configuration for seed source. There are no other providers
++ * packaged in Wolfi, or even known to exist that use this api. Thus
++ * it is safe to say any caller of this API is in fact 3.0.9 FIPS
++ * provider. Also note that the passed in handle is invalid and cannot
++ * be safely dereferences in such cases. Due to a bug in FIPS
++ * providers 3.0.0, 3.0.8 and 3.0.9. See
++ * https://github.com/openssl/openssl/blob/master/doc/internal/man3/ossl_rand_get_entropy.pod#notes
++ */
++size_t ossl_rand_jitter_get_seed(unsigned char **, int, size_t, size_t);
++static size_t rand_get_entropy(const OSSL_CORE_HANDLE *handle,
++ unsigned char **pout, int entropy,
++ size_t min_len, size_t max_len)
++{
++ return ossl_rand_jitter_get_seed(pout, entropy, min_len, max_len);
++}
++# endif
+
+ static size_t rand_get_user_entropy(const OSSL_CORE_HANDLE *handle,
+ unsigned char **pout, int entropy,
+diff --git a/providers/implementations/rands/seed_src_jitter.c b/providers/implementations/rands/seed_src_jitter.c
+index 3dea0959d4004..7092114e92c96 100644
+--- a/providers/implementations/rands/seed_src_jitter.c
++++ b/providers/implementations/rands/seed_src_jitter.c
+@@ -290,6 +290,22 @@ static size_t jitter_get_seed(void *vseed, unsigned char **pout,
+ return ret;
+ }
+
++size_t ossl_rand_jitter_get_seed(unsigned char **pout, int entropy, size_t min_len, size_t max_len)
++{
++ size_t ret = 0;
++ OSSL_PARAM params[1] = { OSSL_PARAM_END };
++ PROV_JITTER *s = jitter_new(NULL, NULL, NULL);
++
++ if (s == NULL)
++ return ret;
++ if (!jitter_instantiate(s, 0, 0, NULL, 0, params))
++ goto end;
++ ret = jitter_get_seed(s, pout, entropy, min_len, max_len, 0, NULL, 0);
++ end:
++ jitter_free(s);
++ return ret;
++}
++
+ static void jitter_clear_seed(ossl_unused void *vdrbg,
+ unsigned char *out, size_t outlen)
+ {
diff --git a/opentelemetry-collector-contrib.yaml b/opentelemetry-collector-contrib.yaml
index 5545525f678..2f0f52644aa 100644
--- a/opentelemetry-collector-contrib.yaml
+++ b/opentelemetry-collector-contrib.yaml
@@ -1,6 +1,6 @@
package:
name: opentelemetry-collector-contrib
- version: 0.112.0
+ version: 0.113.0
epoch: 0
description: Contrib repository for the OpenTelemetry Collector
copyright:
@@ -11,12 +11,17 @@ pipeline:
with:
repository: https://github.com/open-telemetry/opentelemetry-collector-contrib
tag: v${{package.version}}
- expected-commit: 7090083be4629eac26aade2f78d3c5a6d4c0886a
+ expected-commit: 1af2707d433c969abf3234e0e73d9d1462ab062b
# https://github.com/open-telemetry/opentelemetry-collector-contrib/issues/35631
- runs: |
make genotelcontribcol
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: ./cmd/otelcontribcol
+
- uses: go/build
with:
modroot: ./cmd/otelcontribcol
diff --git a/opentelemetry-collector.yaml b/opentelemetry-collector.yaml
index 4ea345dcfea..149bc5c1c3b 100644
--- a/opentelemetry-collector.yaml
+++ b/opentelemetry-collector.yaml
@@ -1,7 +1,7 @@
package:
name: opentelemetry-collector
- version: 0.112.0
- epoch: 1
+ version: 0.113.0
+ epoch: 0
description: OpenTelemetry Collector
copyright:
- license: Apache-2.0
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/open-telemetry/opentelemetry-collector
tag: v${{package.version}}
- expected-commit: fee2daa249acdedddb6a4002875ef5f0c40fde12
+ expected-commit: 3da496be5387ab0d4881bd535389ab2b184d3e1e
- uses: go/build
with:
diff --git a/opentelemetry-plugin-nginx.yaml b/opentelemetry-plugin-nginx.yaml
index beeafb19e0b..0c41049f76b 100644
--- a/opentelemetry-plugin-nginx.yaml
+++ b/opentelemetry-plugin-nginx.yaml
@@ -1,7 +1,7 @@
#nolint:valid-pipeline-git-checkout-tag
package:
name: opentelemetry-plugin-nginx
- version: 0_git20241104
+ version: 0_git20241111
epoch: 0
description: Adds OpenTelemetry distributed tracing support to nginx. This is the otel community plugin for nginx, not the official nginx plugin for otel.
copyright:
@@ -37,7 +37,7 @@ pipeline:
with:
repository: https://github.com/open-telemetry/opentelemetry-cpp-contrib
branch: main
- expected-commit: f6d29426ee9b4d6b476c09ca3cb9bed3cf23906f
+ expected-commit: aee44e2ddc5ecbe7df5fc449ed0ea832250ed07f
- uses: cmake/configure
working-directory: instrumentation/nginx
@@ -90,7 +90,7 @@ test:
with:
repository: https://github.com/open-telemetry/opentelemetry-cpp-contrib
branch: main
- expected-commit: f6d29426ee9b4d6b476c09ca3cb9bed3cf23906f
+ expected-commit: aee44e2ddc5ecbe7df5fc449ed0ea832250ed07f
- runs: |
cat < /etc/nginx/nginx.conf
load_module /usr/share/nginx/modules/otel_ngx_module.so;
diff --git a/opentofu-1.8.yaml b/opentofu-1.8.yaml
index 0b5570fcdeb..d96d5da56ba 100644
--- a/opentofu-1.8.yaml
+++ b/opentofu-1.8.yaml
@@ -1,7 +1,7 @@
package:
name: opentofu-1.8
- version: 1.8.4
- epoch: 0
+ version: 1.8.5
+ epoch: 1
copyright:
- license: MPL-2.0
dependencies:
@@ -15,10 +15,15 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 68c124a7cae47bc97e5ec7674d833576abff8fe9
+ expected-commit: b1062873d3ce1199c3b5b63d633e718d441bdcbb
repository: https://github.com/opentofu/opentofu
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: .
+
- uses: go/build
with:
ldflags: -s -w -X 'github.com/opentofu/opentofu/version.dev=no'
diff --git a/parseable.yaml b/parseable.yaml
index abdd1e46fd3..6dafd7d80c0 100644
--- a/parseable.yaml
+++ b/parseable.yaml
@@ -1,6 +1,6 @@
package:
name: parseable
- version: 1.6.0
+ version: 1.6.1
epoch: 0
description: "Parseable is a log analytics system built for high throughput log ingestion cases."
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/parseablehq/parseable
tag: v${{package.version}}
- expected-commit: 7217dd5331930f048134155e506075072aeee030
+ expected-commit: e3230209c49c26b17284f25643cefc0a1b03dcbe
- runs: |
cargo auditable build --release
diff --git a/percona-server-8.4.yaml b/percona-server-8.4.yaml
index cb363efcb3b..3708d55843b 100644
--- a/percona-server-8.4.yaml
+++ b/percona-server-8.4.yaml
@@ -1,7 +1,7 @@
package:
name: percona-server-8.4
- version: 8.4.0.1
- epoch: 1
+ version: 8.4.2.2
+ epoch: 0
description: "Percona Server for MySQL is a free, fully compatible, enhanced, and open source drop-in replacement for any MySQL database. It provides superior performance, scalability, and instrumentation."
copyright:
- license: GPL-3.0-or-later
@@ -71,7 +71,7 @@ pipeline:
with:
repository: https://github.com/percona/percona-server
tag: Percona-Server-${{vars.mangled-package-version}}
- expected-commit: 238b3c022afec1fc0a2fbffda77cb35cc3697b26
+ expected-commit: d5292ef1219a4bb3dcc788ba6bd2034d0bcf6e3c
recurse-submodules: true
- name: "Remove Coredumper Support"
diff --git a/perl-uri.yaml b/perl-uri.yaml
index 5bd14adc1ff..a2e29fd00f4 100644
--- a/perl-uri.yaml
+++ b/perl-uri.yaml
@@ -1,7 +1,7 @@
package:
name: perl-uri
- version: "5.30"
- epoch: 1
+ version: "5.31"
+ epoch: 0
description: Uniform Resource Identifiers (absolute and relative)
copyright:
- license: GPL-1.0-or-later OR Artistic-1.0-Perl
@@ -21,7 +21,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha512: 054c0ef59b1eb017e28dff9774b869b700b5cfe7234e2e7e37c70fe5d786459675e4d7600d84b785cf199e0b71e6e7d4490f00b6377044448e2637c2129858d8
+ expected-sha512: 81bc29fbfc06c4b884bc5d47b6b7a3d171f526bb1edd6618aec6d72a65407c3130130dbfe31de18c439d03f5e60cfab6573352b1473959c6edc6e4ad828672c5
uri: https://cpan.metacpan.org/authors/id/O/OA/OALDERS/URI-${{package.version}}.tar.gz
- uses: perl/make
diff --git a/php-8.1-excimer.yaml b/php-8.1-excimer.yaml
index 62b1b72bfae..21aebb0b863 100644
--- a/php-8.1-excimer.yaml
+++ b/php-8.1-excimer.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.1-excimer
- version: 1.2.2
- epoch: 1
+ version: 1.2.3
+ epoch: 0
description: "Excimer is a PHP extension that provides an interrupting timer and a low-overhead sampling profiler."
copyright:
- license: Apache-2.0
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/wikimedia/mediawiki-php-excimer
tag: "${{package.version}}"
- expected-commit: 67bf470e9f62858d68c4d624f5fd841caa7cbbdb
+ expected-commit: c52285d4e29be23dfbf54591ed23ad822ec02de0
- name: Prepare build
runs: phpize
diff --git a/php-8.1-imagick.yaml b/php-8.1-imagick.yaml
index 9fd2de829fa..540556188a9 100644
--- a/php-8.1-imagick.yaml
+++ b/php-8.1-imagick.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.1-imagick
version: 3.7.0
- epoch: 2
+ epoch: 3
description: "PHP extension for ImageMagick"
copyright:
- license: PHP-3.01
diff --git a/php-8.1-zstd.yaml b/php-8.1-zstd.yaml
index 823253a95cf..5a32b7416f3 100644
--- a/php-8.1-zstd.yaml
+++ b/php-8.1-zstd.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.1-zstd
- version: 0.13.3
- epoch: 1
+ version: 0.14.0
+ epoch: 0
description: Zstd Extension for PHP
copyright:
- license: MIT
@@ -32,7 +32,7 @@ pipeline:
with:
repository: https://github.com/kjdev/php-ext-zstd
tag: "${{package.version}}"
- expected-commit: 0bf5825ad683e637211a0eacec4fe545992f5b67
+ expected-commit: ebd5372f1d464167f2a7743da3d1ac3c552f10d7
- name: Prepare build
runs: phpize
diff --git a/php-8.2-excimer.yaml b/php-8.2-excimer.yaml
index ad7baeb40d5..97fa4f49534 100644
--- a/php-8.2-excimer.yaml
+++ b/php-8.2-excimer.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.2-excimer
- version: 1.2.2
- epoch: 1
+ version: 1.2.3
+ epoch: 0
description: "Excimer is a PHP extension that provides an interrupting timer and a low-overhead sampling profiler."
copyright:
- license: Apache-2.0
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/wikimedia/mediawiki-php-excimer
tag: "${{package.version}}"
- expected-commit: 67bf470e9f62858d68c4d624f5fd841caa7cbbdb
+ expected-commit: c52285d4e29be23dfbf54591ed23ad822ec02de0
- name: Prepare build
runs: phpize
diff --git a/php-8.2-imagick.yaml b/php-8.2-imagick.yaml
index dc51fa4e8ad..e9ecea44686 100644
--- a/php-8.2-imagick.yaml
+++ b/php-8.2-imagick.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.2-imagick
version: 3.7.0
- epoch: 2
+ epoch: 3
description: "PHP extension for ImageMagick"
copyright:
- license: PHP-3.01
diff --git a/php-8.2-zstd.yaml b/php-8.2-zstd.yaml
index b700481217b..cf47c915642 100644
--- a/php-8.2-zstd.yaml
+++ b/php-8.2-zstd.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.2-zstd
- version: 0.13.3
- epoch: 1
+ version: 0.14.0
+ epoch: 0
description: Zstd Extension for PHP
copyright:
- license: MIT
@@ -32,7 +32,7 @@ pipeline:
with:
repository: https://github.com/kjdev/php-ext-zstd
tag: "${{package.version}}"
- expected-commit: 0bf5825ad683e637211a0eacec4fe545992f5b67
+ expected-commit: ebd5372f1d464167f2a7743da3d1ac3c552f10d7
- name: Prepare build
runs: phpize
diff --git a/php-8.3-excimer.yaml b/php-8.3-excimer.yaml
index 292213db84b..a76196dc1a1 100644
--- a/php-8.3-excimer.yaml
+++ b/php-8.3-excimer.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.3-excimer
- version: 1.2.2
- epoch: 1
+ version: 1.2.3
+ epoch: 0
description: "Excimer is a PHP extension that provides an interrupting timer and a low-overhead sampling profiler."
copyright:
- license: Apache-2.0
@@ -32,7 +32,7 @@ pipeline:
with:
repository: https://github.com/wikimedia/mediawiki-php-excimer
tag: "${{package.version}}"
- expected-commit: 67bf470e9f62858d68c4d624f5fd841caa7cbbdb
+ expected-commit: c52285d4e29be23dfbf54591ed23ad822ec02de0
- name: Prepare build
runs: phpize
diff --git a/php-8.3-imagick.yaml b/php-8.3-imagick.yaml
index 3cf8dd393ec..128aa72f0fe 100644
--- a/php-8.3-imagick.yaml
+++ b/php-8.3-imagick.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.3-imagick
version: 3.7.0
- epoch: 2
+ epoch: 3
description: "PHP extension for ImageMagick"
copyright:
- license: PHP-3.01
diff --git a/php-8.3-zstd.yaml b/php-8.3-zstd.yaml
index 2abe408a62c..b538fe99954 100644
--- a/php-8.3-zstd.yaml
+++ b/php-8.3-zstd.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.3-zstd
- version: 0.13.3
- epoch: 1
+ version: 0.14.0
+ epoch: 0
description: Zstd Extension for PHP
copyright:
- license: MIT
@@ -32,7 +32,7 @@ pipeline:
with:
repository: https://github.com/kjdev/php-ext-zstd
tag: "${{package.version}}"
- expected-commit: 0bf5825ad683e637211a0eacec4fe545992f5b67
+ expected-commit: ebd5372f1d464167f2a7743da3d1ac3c552f10d7
- name: Prepare build
runs: phpize
diff --git a/php-8.3.yaml b/php-8.3.yaml
index 814e09a0c1e..e6250847722 100644
--- a/php-8.3.yaml
+++ b/php-8.3.yaml
@@ -1,7 +1,7 @@
package:
name: php-8.3
version: 8.3.13
- epoch: 0
+ epoch: 1
description: "the PHP programming language"
copyright:
- license: PHP-3.01
@@ -12,6 +12,12 @@ package:
- ${{package.name}}-config
- libxml2
+var-transforms:
+ - from: ${{package.name}}
+ match: ^php-(\d\.\d+)
+ replace: $1
+ to: phpMM
+
environment:
contents:
packages:
@@ -230,7 +236,7 @@ subpackages:
echo "${prefix}extension=${{range.key}}.so" > $CONF_DIR/"$((order+order*deps))-${{range.key}}.ini"
- name: ${{package.name}}-dev
- description: PHP 8.3 development headers
+ description: PHP ${{vars.phpMM}} development headers
dependencies:
provides:
- php-dev=${{package.full-version}}
@@ -242,7 +248,7 @@ subpackages:
mv ${{targets.destdir}}/usr/lib ${{targets.subpkgdir}}/usr
- name: ${{package.name}}-doc
- description: PHP 8.3 documentation
+ description: PHP ${{vars.phpMM}} documentation
dependencies:
provides:
- php-doc=${{package.full-version}}
@@ -250,7 +256,7 @@ subpackages:
- uses: split/manpages
- name: "${{package.name}}-cgi"
- description: PHP 8.3 CGI
+ description: PHP ${{vars.phpMM}} CGI
dependencies:
provides:
- php-cgi=${{package.full-version}}
@@ -270,7 +276,7 @@ subpackages:
mv ${{targets.destdir}}/usr/bin/phpdbg ${{targets.subpkgdir}}/usr/bin/
- name: "${{package.name}}-fpm"
- description: PHP 8.3 FastCGI Process Manager (FPM)
+ description: PHP ${{vars.phpMM}} FastCGI Process Manager (FPM)
dependencies:
runtime:
- "${{package.name}}-fpm-config"
@@ -282,7 +288,7 @@ subpackages:
mv ${{targets.destdir}}/usr/sbin/php-fpm ${{targets.subpkgdir}}/usr/sbin/
- name: ${{package.name}}-fpm-config
- description: PHP 8.3 FastCGI Process Manager (FPM) configuration
+ description: PHP ${{vars.phpMM}} FastCGI Process Manager (FPM) configuration
dependencies:
provides:
- php-fpm-config=${{package.full-version}}
diff --git a/pipelines/py/pip-build-install.yaml b/pipelines/py/pip-build-install.yaml
index a6eab5b0b7f..8cfa9d5a513 100644
--- a/pipelines/py/pip-build-install.yaml
+++ b/pipelines/py/pip-build-install.yaml
@@ -13,6 +13,11 @@ inputs:
needs-exe-named-python:
description: Does the build actually need 'python' in its PATH
default: false
+ prevent-inclusion:
+ description: |
+ prevent the provided filesystem entries from being included in
+ the wheel by means of hiding them from build.
+ required: false
pipeline:
- name: "pip build"
@@ -87,6 +92,16 @@ pipeline:
fi
fi
+ prevents="${{inputs.prevent-inclusion}}"
+ if [ -n "$prevents" ]; then
+ # do not allow expansion of prevents
+ ( set -f; vr tar -cpf "$tmpd/prevent-inclusion.tar" $prevents &&
+ vr rm -rf $prevents ) ||
+ { echo "ERROR: failed creation of prevent-inclusion.tar with $prevents"; exit 1; }
+ echo "prevented-inclusion of $prevents"
+ fi
+
+ [ -d build ] && hadbuild=true || hadbuild=false
# --find-links to an empty dir and --no-index makes pip fully "offline"
distwheelsd="$tmpd/dist-wheels"
mkdir -p "$distwheelsd"
@@ -97,3 +112,13 @@ pipeline:
"--find-links=$distwheelsd" --no-index --no-build-isolation --no-deps \
--force-reinstall --no-compile --prefix=/usr "--root=$root" "$wd"/*.whl
vr $py -m compileall --invalidation-mode=unchecked-hash -r100 "$root/$sitepkgd"
+
+ if [ "$hadbuild" = "false" -a -d build ]; then
+ vr rm -Rf build
+ fi
+ if [ -n "$prevents" ]; then
+ vr tar -xpf "$tmpd/prevent-inclusion.tar" ||
+ { echo "ERROR: failed restoring 'prevent-inclusion' files"; exit 1; }
+ echo "restored $prevents"
+ fi
+ exit 0
diff --git a/pixi.yaml b/pixi.yaml
index b99474a35d7..d84476cffbe 100644
--- a/pixi.yaml
+++ b/pixi.yaml
@@ -1,6 +1,6 @@
package:
name: pixi
- version: 0.34.0
+ version: 0.36.0
epoch: 0
description: "Package management made easy"
copyright:
@@ -23,7 +23,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/prefix-dev/pixi
- expected-commit: 61d4eba5dd244073a2d6fa33a75211e9e6eec217
+ expected-commit: ce2345b4c84afe6f748f1a8b579f6168acff83c0
tag: v${{package.version}}
- uses: rust/cargobump
diff --git a/pixman.yaml b/pixman.yaml
index 263c1f4b900..8408d77569e 100644
--- a/pixman.yaml
+++ b/pixman.yaml
@@ -1,6 +1,6 @@
package:
name: pixman
- version: 0.43.4
+ version: 0.44.0
epoch: 0
description: Low-level pixel manipulation library
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 48d8539f35488d694a2fef3ce17394d1153ed4e71c05d1e621904d574be5df19
+ expected-sha256: ea55473db5ec9f068bbf4d14ec3186b742804bf74fdc782fc89aa87d2656fc46
uri: https://www.x.org/releases/individual/lib/pixman-${{package.version}}.tar.xz
- runs: |
diff --git a/pnpm.yaml b/pnpm.yaml
index bdc52c4f0ce..78f63ff5045 100644
--- a/pnpm.yaml
+++ b/pnpm.yaml
@@ -1,6 +1,6 @@
package:
name: pnpm
- version: 9.12.3
+ version: 9.13.2
epoch: 0
description: "Fast, disk space efficient package manager"
copyright:
@@ -29,7 +29,7 @@ pipeline:
with:
repository: https://github.com/pnpm/pnpm
tag: v${{package.version}}
- expected-commit: 0309365fda250d939460e08fdae9f3a45cc75427
+ expected-commit: 5fd56173f76a7b845eeb8e72f06ba19914f8d8fc
- name: "Update pnpm version in package.json"
runs: |
diff --git a/podman.yaml b/podman.yaml
index 40bd6fba1d7..248f0ce2d65 100644
--- a/podman.yaml
+++ b/podman.yaml
@@ -1,6 +1,6 @@
package:
name: podman
- version: 5.2.5
+ version: 5.3.0
epoch: 0
description: "A tool for managing OCI containers and pods"
copyright:
@@ -44,11 +44,7 @@ pipeline:
with:
repository: https://github.com/containers/podman
tag: v${{package.version}}
- expected-commit: 10c5aa720d59480bc7edad347c1f5d5b75d4424f
-
- - uses: go/bump
- with:
- deps: github.com/opencontainers/runc@v1.1.14
+ expected-commit: 874bf2c301ecf0ba645f1bb45f81966cc755b7da
- runs: |
make
diff --git a/policy-controller.yaml b/policy-controller.yaml
index 69389d55137..05890b08f8a 100644
--- a/policy-controller.yaml
+++ b/policy-controller.yaml
@@ -1,7 +1,7 @@
package:
name: policy-controller
version: 0.9.0
- epoch: 10
+ epoch: 11
description: The policy admission controller used to enforce policy on a cluster on verifiable supply-chain metadata from cosign.
copyright:
- license: Apache-2.0
@@ -26,7 +26,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/docker/docker@v26.1.5 github.com/open-policy-agent/opa@v0.68.0
+ deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/docker/docker@v26.1.5 github.com/open-policy-agent/opa@v0.68.0 github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
mkdir -p "${{targets.destdir}}/usr/bin"
diff --git a/portieris.yaml b/portieris.yaml
index 7f955a82849..df112330c7f 100644
--- a/portieris.yaml
+++ b/portieris.yaml
@@ -1,6 +1,6 @@
package:
name: portieris
- version: 0.13.20
+ version: 0.13.21
epoch: 0
description: A Kubernetes Admission Controller for verifying image trust.
copyright:
@@ -15,7 +15,7 @@ pipeline:
with:
repository: https://github.com/IBM/portieris.git
tag: v${{package.version}}
- expected-commit: 91018c61c4b424e86e7c9ef0785b286229d89d9e
+ expected-commit: 1d6d5ca909b73a6105eb9680f2e4c5d23e1feb6b
- uses: go/build
with:
diff --git a/postgis-17 b/postgis-17
new file mode 120000
index 00000000000..928a3a19b38
--- /dev/null
+++ b/postgis-17
@@ -0,0 +1 @@
+postgis
\ No newline at end of file
diff --git a/postgis.yaml b/postgis-17.yaml
similarity index 57%
rename from postgis.yaml
rename to postgis-17.yaml
index a3d2ce96f08..c5842431e7c 100644
--- a/postgis.yaml
+++ b/postgis-17.yaml
@@ -1,5 +1,5 @@
package:
- name: postgis
+ name: postgis-17
version: 3.5.0
epoch: 0
description: Geographic Information Systems Extensions to PostgreSQL
@@ -18,12 +18,19 @@ environment:
- json-c-dev
- libxml2-dev
- make
+ - pcre-dev
- perl-dev
- postgresql-dev
- proj-dev
- protobuf-c-dev
- protoc
+var-transforms:
+ - from: ${{package.name}}
+ match: "postgis-(.+)"
+ replace: "$1"
+ to: postgresql-version
+
pipeline:
- uses: fetch
with:
@@ -41,6 +48,25 @@ pipeline:
- runs: |
make install DESTDIR="${{targets.destdir}}"
+ - runs: |
+ cd extensions
+ make
+ make install DESTDIR="${{targets.destdir}}"
+
+subpackages:
+ - name: ${{package.name}}-compat
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.subpkgdir}}/usr/libexec/postgresql${{vars.postgresql-version}}/
+ install -m755 update-postgis.sh ${{targets.subpkgdir}}/usr/libexec/postgresql${{vars.postgresql-version}}/
+ sed -i "s|/docker-entrypoint-initdb.d|/var/lib/postgres/initdb|g" ${{targets.subpkgdir}}/usr/libexec/postgresql${{vars.postgresql-version}}/*.sh
+ sed -i "s|/usr/local|/usr|g" ${{targets.subpkgdir}}/usr/libexec/postgresql${{vars.postgresql-version}}/*.sh
+
+ mkdir -p ${{targets.subpkgdir}}/var/lib/postgres/initdb/
+ # 644 is important! docker-entrypoint execs 755 files, but sources if there are no exec bits set
+ install -m644 initdb-postgis.sh ${{targets.subpkgdir}}/usr/libexec/postgresql${{vars.postgresql-version}}/initdb-postgis.sh
+ ln -sf /usr/libexec/postgresql${{vars.postgresql-version}}/initdb-postgis.sh ${{targets.subpkgdir}}/var/lib/postgres/initdb/10_postgis.sh
+
test:
environment:
contents:
@@ -76,6 +102,10 @@ test:
runs: |
psql -d testdb -c "CREATE EXTENSION postgis;"
psql -d testdb -c "SELECT PostGIS_Full_Version();" | grep -q "POSTGIS="
+ - name: "Test PostGIS extension is installed and working"
+ runs: |
+ psql -d testdb -c "CREATE EXTENSION address_standardizer;"
+ psql -d testdb -c "SELECT num, street, city, state, zip FROM parse_address('1 Devonshire Place PH301, Boston, MA 02109');" |grep 'Devonshire Place PH301'
update:
enabled: true
diff --git a/postgis/initdb-postgis.sh b/postgis/initdb-postgis.sh
new file mode 100644
index 00000000000..ad293873bb2
--- /dev/null
+++ b/postgis/initdb-postgis.sh
@@ -0,0 +1,27 @@
+# COPIED FROM https://github.com/postgis/docker-postgis/blob/master/17-3.5/initdb-postgis.sh
+
+#!/bin/bash
+
+set -e
+
+# Perform all actions as $POSTGRES_USER
+export PGUSER="$POSTGRES_USER"
+
+# Create the 'template_postgis' template db
+"${psql[@]}" <<- 'EOSQL'
+CREATE DATABASE template_postgis IS_TEMPLATE true;
+EOSQL
+
+# Load PostGIS into both template_database and $POSTGRES_DB
+for DB in template_postgis "$POSTGRES_DB"; do
+ echo "Loading PostGIS extensions into $DB"
+ "${psql[@]}" --dbname="$DB" <<-'EOSQL'
+ CREATE EXTENSION IF NOT EXISTS postgis;
+ CREATE EXTENSION IF NOT EXISTS postgis_topology;
+ -- Reconnect to update pg_setting.resetval
+ -- See https://github.com/postgis/docker-postgis/issues/288
+ \c
+ CREATE EXTENSION IF NOT EXISTS fuzzystrmatch;
+ CREATE EXTENSION IF NOT EXISTS postgis_tiger_geocoder;
+EOSQL
+done
diff --git a/postgis/update-postgis.sh b/postgis/update-postgis.sh
new file mode 100644
index 00000000000..a0327dd117d
--- /dev/null
+++ b/postgis/update-postgis.sh
@@ -0,0 +1,30 @@
+# COPIED FROM https://github.com/postgis/docker-postgis/blob/master/17-3.5/update-postgis.sh
+
+#!/bin/sh
+
+set -e
+
+# Perform all actions as $POSTGRES_USER
+export PGUSER="$POSTGRES_USER"
+
+POSTGIS_VERSION="${POSTGIS_VERSION%%+*}"
+
+# Load PostGIS into both template_database and $POSTGRES_DB
+for DB in template_postgis "$POSTGRES_DB" "${@}"; do
+ echo "Updating PostGIS extensions '$DB' to $POSTGIS_VERSION"
+ psql --dbname="$DB" -c "
+ -- Upgrade PostGIS (includes raster)
+ CREATE EXTENSION IF NOT EXISTS postgis VERSION '$POSTGIS_VERSION';
+ ALTER EXTENSION postgis UPDATE TO '$POSTGIS_VERSION';
+
+ -- Upgrade Topology
+ CREATE EXTENSION IF NOT EXISTS postgis_topology VERSION '$POSTGIS_VERSION';
+ ALTER EXTENSION postgis_topology UPDATE TO '$POSTGIS_VERSION';
+
+ -- Install Tiger dependencies in case not already installed
+ CREATE EXTENSION IF NOT EXISTS fuzzystrmatch;
+ -- Upgrade US Tiger Geocoder
+ CREATE EXTENSION IF NOT EXISTS postgis_tiger_geocoder VERSION '$POSTGIS_VERSION';
+ ALTER EXTENSION postgis_tiger_geocoder UPDATE TO '$POSTGIS_VERSION';
+ "
+done
diff --git a/postgresql-16.yaml b/postgresql-16.yaml
index 80733fe1edd..6e696682f0a 100644
--- a/postgresql-16.yaml
+++ b/postgresql-16.yaml
@@ -1,7 +1,7 @@
package:
name: postgresql-16
- version: "16.4"
- epoch: 3
+ version: "16.5"
+ epoch: 0
description: A sophisticated object-relational DBMS
copyright:
- license: BSD-3-Clause
@@ -48,7 +48,7 @@ var-transforms:
pipeline:
- uses: git-checkout
with:
- expected-commit: 2caa85f4aae689e6f6721d7363b4c66a2a6417d6
+ expected-commit: 8c9d34cdc4d213a57fa8b8a7197f7d6f22fca4c9
repository: https://github.com/postgres/postgres
tag: REL_${{vars.mangled-package-version}}
diff --git a/postgresql-17.yaml b/postgresql-17.yaml
index 772641bd424..eb4e7e7de3d 100644
--- a/postgresql-17.yaml
+++ b/postgresql-17.yaml
@@ -1,6 +1,6 @@
package:
name: postgresql-17
- version: "17.0"
+ version: "17.1"
epoch: 0
description: A sophisticated object-relational DBMS
copyright:
@@ -48,7 +48,7 @@ var-transforms:
pipeline:
- uses: git-checkout
with:
- expected-commit: d7ec59a63d745ba74fba0e280bbf85dc6d1caa3e
+ expected-commit: 91f20bc2f7e4fcf5de5c65a6cb1190e0afa91c0b
repository: https://github.com/postgres/postgres
tag: REL_${{vars.mangled-package-version}}
diff --git a/powershell.yaml b/powershell.yaml
index 926c23753cb..9f7863a66ad 100644
--- a/powershell.yaml
+++ b/powershell.yaml
@@ -1,7 +1,7 @@
package:
name: powershell
version: 7.4.1
- epoch: 0
+ epoch: 1
description: 'cross-platform automation and configuration tool/framework'
copyright:
- license: MIT
@@ -40,7 +40,7 @@ pipeline:
- runs: |
rm -f global.json
- runs: |
- dotnet restore src/powershell-unix
+ dotnet restore src/powershell-unix -p:NuGetAudit=false
dotnet restore src/ResGen
dotnet restore src/TypeCatalogGen
- runs: |
@@ -61,6 +61,7 @@ pipeline:
--output bin \
--no-self-contained \
--runtime "$(dotnet --info | awk '$1=="RID:"{print $2}')" \
+ -p:NuGetAudit=false \
-p:PublishReadyToRun=true /v:n \
/consoleLoggerParameters:ShowTimestamp
- runs: |
diff --git a/prometheus-2.55.yaml b/prometheus-2.55.yaml
index d2a4793088d..a0318ebf47e 100644
--- a/prometheus-2.55.yaml
+++ b/prometheus-2.55.yaml
@@ -1,7 +1,7 @@
package:
name: prometheus-2.55
- version: 2.55.0
- epoch: 1
+ version: 2.55.1
+ epoch: 0
description: The Prometheus monitoring system and time series database.
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 91d80252c3e528728b0f88d254dd720f6be07cb8
+ expected-commit: 6d7569113f1ca814f1e149f74176656540043b8d
repository: https://github.com/prometheus/prometheus
tag: v${{package.version}}
diff --git a/prometheus-bind-exporter.yaml b/prometheus-bind-exporter.yaml
index 576aef48fee..4a678348de7 100644
--- a/prometheus-bind-exporter.yaml
+++ b/prometheus-bind-exporter.yaml
@@ -1,7 +1,7 @@
package:
name: prometheus-bind-exporter
- version: 0.7.0
- epoch: 13
+ version: 0.8.0
+ epoch: 0
description: Prometheus exporter for BIND
copyright:
- license: Apache-2.0
@@ -21,11 +21,7 @@ pipeline:
with:
repository: https://github.com/prometheus-community/bind_exporter
tag: v${{package.version}}
- expected-commit: b9e01efa3fa37e78c65b2f09e84e027a954b5d32
-
- - uses: go/bump
- with:
- deps: golang.org/x/crypto@v0.17.0 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
+ expected-commit: 5cc1b62b9c866184193007a0f7ec3b2eb31460bf
- runs: |
make common-build
diff --git a/prometheus-mongodb-exporter.yaml b/prometheus-mongodb-exporter.yaml
index e67896ab70f..2d7d7ea142f 100644
--- a/prometheus-mongodb-exporter.yaml
+++ b/prometheus-mongodb-exporter.yaml
@@ -1,6 +1,6 @@
package:
name: prometheus-mongodb-exporter
- version: 0.42.0
+ version: 0.42.1
epoch: 0
description: A Prometheus exporter for MongoDB including sharding, replication and storage engines
copyright:
@@ -17,7 +17,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/percona/mongodb_exporter
- expected-commit: dac67a8a393f8bee6bba4765b5a91086fbf1c4dd
+ expected-commit: 02d5d2f503595ba24a1932a83813a2de18119c54
tag: v${{package.version}}
- runs: |
diff --git a/prometheus-mysqld-exporter.yaml b/prometheus-mysqld-exporter.yaml
index c54bf2d2cae..f5728e60faa 100644
--- a/prometheus-mysqld-exporter.yaml
+++ b/prometheus-mysqld-exporter.yaml
@@ -1,8 +1,8 @@
package:
name: prometheus-mysqld-exporter
# When bumping this version you can remove the `go get` line in the build script
- version: 0.15.1
- epoch: 13
+ version: 0.16.0
+ epoch: 0
description: Prometheus Exporter for MySQL server metrics
copyright:
- license: Apache-2.0
@@ -14,11 +14,7 @@ pipeline:
with:
repository: https://github.com/prometheus/mysqld_exporter
tag: v${{package.version}}
- expected-commit: cc349684494b5038ec5a52233bdca9eb9291e6f2
-
- - uses: go/bump
- with:
- deps: golang.org/x/net@v0.17.0 golang.org/x/crypto@v0.17.0 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
+ expected-commit: c366424252a3140838a344a6cb0d40d44f1be91d
- uses: go/build
with:
diff --git a/prometheus-operator.yaml b/prometheus-operator.yaml
index 21cdb0eec88..3a3d3976509 100644
--- a/prometheus-operator.yaml
+++ b/prometheus-operator.yaml
@@ -1,6 +1,6 @@
package:
name: prometheus-operator
- version: 0.78.0
+ version: 0.78.1
epoch: 0
description: Prometheus Operator creates/configures/manages Prometheus clusters atop Kubernetes
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/prometheus-operator/prometheus-operator.git
tag: v${{package.version}}
- expected-commit: 2efb519a31d93945a2d8ea2c0c3d47cadf15843e
+ expected-commit: 40104e6b861f6794243d65a11ef5ba3bc356e121
- uses: autoconf/make
with:
diff --git a/prometheus-postgres-exporter.yaml b/prometheus-postgres-exporter.yaml
index 6ca986c9248..87f9244c522 100644
--- a/prometheus-postgres-exporter.yaml
+++ b/prometheus-postgres-exporter.yaml
@@ -1,7 +1,7 @@
package:
name: prometheus-postgres-exporter
- version: 0.15.0
- epoch: 12
+ version: 0.16.0
+ epoch: 0
description: Prometheus Exporter for Postgres server metrics
copyright:
- license: Apache-2.0
@@ -21,11 +21,7 @@ pipeline:
with:
repository: https://github.com/prometheus-community/postgres_exporter
tag: v${{package.version}}
- expected-commit: 68c176b8833b7580bf847cecf60f8e0ad5923f9a
-
- - uses: go/bump
- with:
- deps: golang.org/x/crypto@v0.17.0 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0
+ expected-commit: a324fe37bca5193a293118b940b3df7ab3a8505c
- runs: |
make build
diff --git a/promitor.yaml b/promitor.yaml
new file mode 100644
index 00000000000..e4a1f45f6a4
--- /dev/null
+++ b/promitor.yaml
@@ -0,0 +1,98 @@
+package:
+ name: promitor
+ version: 2.11.2
+ epoch: 0
+ description: Bringing Azure Monitor metrics where you need them.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - aspnet-8-runtime-default
+ - dotnet-8-runtime-default
+
+environment:
+ contents:
+ packages:
+ - busybox
+ - dotnet-8-sdk
+ - openssf-compiler-options
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/tomkerkhove/promitor
+ tag: Scraper-v${{package.version}}
+ expected-commit: a457a98b6e2920ea2751f4d07d0d8e085946eeec
+
+ - uses: patch
+ with:
+ patches: mitigate-CVE-2024-35255.patch
+
+ - working-directory: src
+ pipeline:
+ - name: "Build Promitor Scraper"
+ runs: |
+ # Set runtime arch
+ if [[ "${{build.arch}}" == "aarch64" ]]; then
+ runtime_arch="arm64"
+ elif [[ "${{build.arch}}" == "x86_64" ]]; then
+ runtime_arch="x64"
+ fi
+
+ dotnet publish \
+ Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj \
+ --configuration release \
+ --output app \
+ --runtime linux-$runtime_arch \
+ --no-self-contained \
+ /p:Version=${{package.version}} \
+ -p:DebugSymbols=false \
+ -p:DebugType=none
+
+ mkdir -p "${{targets.contextdir}}"/usr/lib
+ cp -dr app "${{targets.contextdir}}"/usr/lib/promitor
+
+ - uses: strip
+
+subpackages:
+ - name: "${{package.name}}-compat"
+ description: "Compatibility package to place binaries in the location expected by upstream image"
+ pipeline:
+ - runs: |
+ mkdir -p "${{targets.contextdir}}/app"
+ ln -sf /usr/lib/promitor/Promitor.Agents.Scraper.dll "${{targets.contextdir}}/app/Promitor.Agents.Scraper.dll"
+
+update:
+ enabled: true
+ github:
+ identifier: tomkerkhove/promitor
+ use-tag: true
+ strip-prefix: Scraper-v
+ tag-filter: Scraper-v
+
+test:
+ environment:
+ contents:
+ packages:
+ - curl
+ - promitor-compat
+ environment:
+ PROMITOR_CONFIG_FOLDER: "/config"
+ DOTNET_SYSTEM_GLOBALIZATION_INVARIANT: "false"
+ pipeline:
+ - name: "start daemon"
+ uses: test/daemon-check-output
+ with:
+ setup: |
+ # Config will be mounted on deployment time already so we can just download it for testing
+ # There is two "Validation failed" errors in the logs, its because upstream configs seems to be outdated a bit
+ # Azure related options also requires real Azure credentials to be set, that we cant provide in here
+ mkdir -p /config
+ curl -sL https://raw.githubusercontent.com/tomkerkhove/promitor/refs/heads/master/config/promitor/scraper/runtime.yaml -o /config/runtime.yaml
+ curl -sL https://raw.githubusercontent.com/tomkerkhove/promitor/refs/heads/master/config/promitor/scraper/metrics.yaml -o /config/metrics-declaration.yaml
+ start: "dotnet /app/Promitor.Agents.Scraper.dll"
+ timeout: 60
+ expected_output: |
+ Booting up Promitor
+ OpenTelemetry Collector Metric │ Success │ Everything is well-configured.
+ Prometheus Scraping Endpoint │ Success │ Everything is well-configured.
diff --git a/promitor/mitigate-CVE-2024-35255.patch b/promitor/mitigate-CVE-2024-35255.patch
new file mode 100644
index 00000000000..470f2590971
--- /dev/null
+++ b/promitor/mitigate-CVE-2024-35255.patch
@@ -0,0 +1,25 @@
+From 423e03c47eeee866da82e6945f32f76f151e938e Mon Sep 17 00:00:00 2001
+From: Dentrax
+Date: Thu, 7 Nov 2024 17:02:46 +0300
+Subject: [PATCH] mitigate CVE-2024-35255
+
+Signed-off-by: Dentrax
+---
+ src/Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj | 1 +
+ 1 file changed, 1 insertion(+)
+
+diff --git a/src/Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj b/src/Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj
+index b244403..dc95a26 100644
+--- a/src/Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj
++++ b/src/Promitor.Agents.Scraper/Promitor.Agents.Scraper.csproj
+@@ -47,6 +47,7 @@
+
+
+
++
+
+
+
+--
+2.39.5 (Apple Git-154)
+
diff --git a/promxy.yaml b/promxy.yaml
index 051534a9764..d47c0b346a4 100644
--- a/promxy.yaml
+++ b/promxy.yaml
@@ -1,7 +1,7 @@
package:
name: promxy
version: 0.0.91
- epoch: 0
+ epoch: 1
description: An aggregating proxy to enable HA prometheus.
copyright:
- license: MIT
@@ -16,6 +16,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 127fb5bc26e0e9f64b0b67f19519bd9b7e3bd3e1
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: ./cmd/promxy
diff --git a/protoc-gen-go.yaml b/protoc-gen-go.yaml
index 0db45002409..019972efdf6 100644
--- a/protoc-gen-go.yaml
+++ b/protoc-gen-go.yaml
@@ -1,6 +1,6 @@
package:
name: protoc-gen-go
- version: 1.35.1
+ version: 1.35.2
epoch: 0
description: Go support for Google's protocol buffers
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/protocolbuffers/protobuf-go
tag: v${{package.version}}
- expected-commit: 158d2b331a354322bceddf905a52b129d1a740d7
+ expected-commit: c72053a9062dd4bc86a75c21f5d8134136ccbf2e
- uses: go/build
with:
diff --git a/prrte.yaml b/prrte.yaml
index 11825ecf600..55fb876d8d4 100644
--- a/prrte.yaml
+++ b/prrte.yaml
@@ -1,7 +1,7 @@
package:
name: prrte
- version: 3.0.6
- epoch: 1
+ version: 3.0.7
+ epoch: 0
description: PMIx Reference RunTime Environment (PRRTE)
copyright:
- license: BSD-3-Clause-Open-MPI
@@ -25,26 +25,21 @@ environment:
- openpmix-dev
- openssf-compiler-options
- perl
- - py3-pip
+ - py3-docutils
- py3-recommonmark
- - py3-sphinx-7
+ - py3-sphinx-bin
- py3-sphinx-rtd-theme
- - python-3.12
pipeline:
- uses: git-checkout
with:
repository: https://github.com/openpmix/prrte
tag: v${{package.version}}
- expected-commit: b68a0acb32cfc0d3c19249e5514820555bcf438b
+ expected-commit: b2f4163e40a84fe777fa36dfbffa4db23d8d31dd
recurse-submodules: true
- runs: |
mkdir output
- # Manually run configure with sphinx for docs
- python3 -m venv .venv --system-site-packages
- source .venv/bin/activate
- pip install -r docs/requirements.txt
# Remove rc= from version
sed -i s'/greek=.*/greek=/' VERSION
perl autogen.pl
diff --git a/pulumi-kubernetes-operator.yaml b/pulumi-kubernetes-operator.yaml
index bf6080c86d8..e721b3e0209 100644
--- a/pulumi-kubernetes-operator.yaml
+++ b/pulumi-kubernetes-operator.yaml
@@ -1,7 +1,7 @@
package:
name: pulumi-kubernetes-operator
version: 1.16.0
- epoch: 1
+ epoch: 2
description: A Kubernetes Operator that automates the deployment of Pulumi Stacks
copyright:
- license: Apache-2.0
@@ -23,7 +23,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/hashicorp/go-retryablehttp@v0.7.7
+ deps: github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/whilp/git-urls=github.com/chainguard-dev/git-urls@v1.0.2
- runs: |
diff --git a/pulumi-language-java.yaml b/pulumi-language-java.yaml
index 361fb7eaa1a..4350f16c4d7 100644
--- a/pulumi-language-java.yaml
+++ b/pulumi-language-java.yaml
@@ -1,6 +1,6 @@
package:
name: pulumi-language-java
- version: 0.16.1
+ version: 0.17.0
epoch: 0
description: Pulumi Language SDK for Java
copyright:
@@ -17,7 +17,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 10deceae9cf034b2aa66cf4a31ab2dacd243b477
+ expected-commit: 2a665a885bc967f1488e84a89ebdcf001ceb8e3f
repository: https://github.com/pulumi/pulumi-java.git
tag: v${{package.version}}
diff --git a/pulumi.yaml b/pulumi.yaml
index 134f9ef687d..2fd7cd87894 100644
--- a/pulumi.yaml
+++ b/pulumi.yaml
@@ -1,6 +1,6 @@
package:
name: pulumi
- version: 3.137.0
+ version: 3.139.0
epoch: 0
description: Infrastructure as Code in any programming language
copyright:
@@ -26,7 +26,7 @@ pipeline:
- uses: git-checkout
with:
destination: ${{package.name}}
- expected-commit: 0d458a47df69aeabefb79632884c9411eb611a36
+ expected-commit: 9a508794531630adb9eb46ea15a759be4923d69b
repository: https://github.com/pulumi/pulumi.git
tag: v${{package.version}}
diff --git a/py3-aiohttp.yaml b/py3-aiohttp.yaml
index 1073fd78aee..b4252113a7a 100644
--- a/py3-aiohttp.yaml
+++ b/py3-aiohttp.yaml
@@ -1,7 +1,7 @@
# Generated from https://pypi.org/project/aiohttp/
package:
name: py3-aiohttp
- version: 3.10.10
+ version: 3.10.11
epoch: 0
description: Async http client/server framework (asyncio)
copyright:
@@ -35,7 +35,7 @@ pipeline:
with:
repository: https://github.com/aio-libs/aiohttp/
tag: v${{package.version}}
- expected-commit: 47475c5b74768e516fee3c9546917e8688caf998
+ expected-commit: 3e09325e4839117df13fbac301f360edf8d3a0ee
- uses: patch
with:
diff --git a/py3-ansible-core.yaml b/py3-ansible-core.yaml
new file mode 100644
index 00000000000..9593bd0521a
--- /dev/null
+++ b/py3-ansible-core.yaml
@@ -0,0 +1,77 @@
+package:
+ name: py3-ansible-core
+ version: 2.18.0
+ epoch: 0
+ description: Ansible is a radically simple IT automation platform
+ copyright:
+ - license: GPL-3.0
+ dependencies:
+ provider-priority: 0
+
+vars:
+ pypi-package: ansible-core
+
+data:
+ - name: py-versions
+ items:
+ 3.11: "311"
+ 3.12: "312"
+ 3.13: "300"
+
+environment:
+ contents:
+ packages:
+ - py3-supported-build-base
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: ec78526b976481f3fcdf91a904eeaa68b89ccdea
+ repository: https://github.com/ansible/ansible
+ tag: v${{package.version}}
+
+ - uses: patch
+ with:
+ patches: resolvlib.patch
+
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ runtime:
+ - openssl # requires because of py3-cryptography
+ - py${{range.key}}-cryptography
+ - py${{range.key}}-jinja2
+ - py${{range.key}}-packaging
+ - py${{range.key}}-pyyaml
+ - py${{range.key}}-resolvelib
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - uses: strip
+
+update:
+ enabled: true
+ github:
+ identifier: ansible/ansible
+ strip-prefix: v
+
+test:
+ pipeline:
+ - name: version tests
+ runs: |
+ ansible --version
+ ansible-config --version
+ ansible-console --version
+ ansible-doc --version
+ ansible-galaxy --version
+ ansible-inventory --version
+ ansible-playbook --version
+ ansible-pull --version
+ ansible-test --version
+ ansible-vault --version
diff --git a/py3-ansible-core/resolvlib.patch b/py3-ansible-core/resolvlib.patch
new file mode 100644
index 00000000000..268462af56a
--- /dev/null
+++ b/py3-ansible-core/resolvlib.patch
@@ -0,0 +1,166 @@
+From d4085a56e00a6f9059e7df6e4a16eef4f5737501 Mon Sep 17 00:00:00 2001
+From: s-hertel <19572925+s-hertel@users.noreply.github.com>
+Date: Fri, 1 Nov 2024 11:49:04 -0400
+Subject: [PATCH 1/2] Bump ansible-galaxy's resolvelib requirement upperbound
+ to 1.2.0
+
+Test against the newest resolvelib release 1.1.0
+
+Only test the oldest supported resolvelib version, latest minor release,
+and releases that offer additional coverage
+---
+ changelogs/fragments/update-resolvelib-lt-1_2_0.yml | 2 ++
+ lib/ansible/galaxy/dependency_resolution/providers.py | 2 +-
+ requirements.txt | 2 +-
+ .../targets/ansible-galaxy-collection/vars/main.yml | 11 +++++------
+ test/lib/ansible_test/_data/requirements/ansible.txt | 2 +-
+ 5 files changed, 10 insertions(+), 9 deletions(-)
+ create mode 100644 changelogs/fragments/update-resolvelib-lt-1_2_0.yml
+
+diff --git a/changelogs/fragments/update-resolvelib-lt-1_2_0.yml b/changelogs/fragments/update-resolvelib-lt-1_2_0.yml
+new file mode 100644
+index 00000000000000..461f436339b4c5
+--- /dev/null
++++ b/changelogs/fragments/update-resolvelib-lt-1_2_0.yml
+@@ -0,0 +1,2 @@
++minor_changes:
++ - ansible-galaxy - support ``resolvelib >= 0.5.3, < 1.2.0`` (https://github.com/ansible/ansible/issues/84217).
+diff --git a/lib/ansible/galaxy/dependency_resolution/providers.py b/lib/ansible/galaxy/dependency_resolution/providers.py
+index 7578cae785c100..f0f30c9cc4be58 100644
+--- a/lib/ansible/galaxy/dependency_resolution/providers.py
++++ b/lib/ansible/galaxy/dependency_resolution/providers.py
+@@ -39,7 +39,7 @@ class AbstractProvider: # type: ignore[no-redef]
+
+ # TODO: add python requirements to ansible-test's ansible-core distribution info and remove the hardcoded lowerbound/upperbound fallback
+ RESOLVELIB_LOWERBOUND = SemanticVersion("0.5.3")
+-RESOLVELIB_UPPERBOUND = SemanticVersion("1.1.0")
++RESOLVELIB_UPPERBOUND = SemanticVersion("1.2.0")
+ RESOLVELIB_VERSION = SemanticVersion.from_loose_version(LooseVersion(resolvelib_version))
+
+
+diff --git a/requirements.txt b/requirements.txt
+index 5eaf9f2cbc2911..e0126172e5e39e 100644
+--- a/requirements.txt
++++ b/requirements.txt
+@@ -12,4 +12,4 @@ packaging
+ # NOTE: Ref: https://github.com/sarugaku/resolvelib/issues/69
+ # NOTE: When updating the upper bound, also update the latest version used
+ # NOTE: in the ansible-galaxy-collection test suite.
+-resolvelib >= 0.5.3, < 1.1.0 # dependency resolver used by ansible-galaxy
++resolvelib >= 0.5.3, < 1.2.0 # dependency resolver used by ansible-galaxy
+diff --git a/test/integration/targets/ansible-galaxy-collection/vars/main.yml b/test/integration/targets/ansible-galaxy-collection/vars/main.yml
+index 066d2678bca56e..abbc40cbc1eff4 100644
+--- a/test/integration/targets/ansible-galaxy-collection/vars/main.yml
++++ b/test/integration/targets/ansible-galaxy-collection/vars/main.yml
+@@ -4,13 +4,12 @@ gpg_homedir: "{{ galaxy_dir }}/gpg"
+
+ offline_server: https://test-hub.demolab.local/api/galaxy/content/api/
+
++# Test oldest and most recently supported, and versions with notable changes
+ supported_resolvelib_versions:
+- - "0.5.3" # Oldest supported
+- - "0.6.0"
+- - "0.7.0"
+- - "0.8.0"
+- - "0.9.0"
+- - "1.0.1"
++ - "0.5.3" # test CollectionDependencyProvider050
++ - "0.6.0" # test CollectionDependencyProvider060
++ - "0.7.0" # test CollectionDependencyProvider070
++ - "1.1.0" # test CollectionDependencyProvider080
+
+ unsupported_resolvelib_versions:
+ - "0.2.0" # Fails on import
+diff --git a/test/lib/ansible_test/_data/requirements/ansible.txt b/test/lib/ansible_test/_data/requirements/ansible.txt
+index 5eaf9f2cbc2911..e0126172e5e39e 100644
+--- a/test/lib/ansible_test/_data/requirements/ansible.txt
++++ b/test/lib/ansible_test/_data/requirements/ansible.txt
+@@ -12,4 +12,4 @@ packaging
+ # NOTE: Ref: https://github.com/sarugaku/resolvelib/issues/69
+ # NOTE: When updating the upper bound, also update the latest version used
+ # NOTE: in the ansible-galaxy-collection test suite.
+-resolvelib >= 0.5.3, < 1.1.0 # dependency resolver used by ansible-galaxy
++resolvelib >= 0.5.3, < 1.2.0 # dependency resolver used by ansible-galaxy
+
+From 659042e85509da0192b8afd8429d6ad5c31af20c Mon Sep 17 00:00:00 2001
+From: s-hertel <19572925+s-hertel@users.noreply.github.com>
+Date: Tue, 5 Nov 2024 17:09:36 -0500
+Subject: [PATCH 2/2] Update the upperbound to 2.0.0 since minor SemVer
+ releases should not contain breaking changes
+
+Add a better code comment about the resolvelib versions tested against
+---
+ ...olvelib-lt-1_2_0.yml => update-resolvelib-lt-2_0_0.yml} | 2 +-
+ lib/ansible/galaxy/dependency_resolution/providers.py | 2 +-
+ requirements.txt | 2 +-
+ .../targets/ansible-galaxy-collection/vars/main.yml | 7 +++++--
+ test/lib/ansible_test/_data/requirements/ansible.txt | 2 +-
+ 5 files changed, 9 insertions(+), 6 deletions(-)
+ rename changelogs/fragments/{update-resolvelib-lt-1_2_0.yml => update-resolvelib-lt-2_0_0.yml} (50%)
+
+diff --git a/changelogs/fragments/update-resolvelib-lt-1_2_0.yml b/changelogs/fragments/update-resolvelib-lt-2_0_0.yml
+similarity index 50%
+rename from changelogs/fragments/update-resolvelib-lt-1_2_0.yml
+rename to changelogs/fragments/update-resolvelib-lt-2_0_0.yml
+index 461f436339b4c5..10c4f1a0838b91 100644
+--- a/changelogs/fragments/update-resolvelib-lt-1_2_0.yml
++++ b/changelogs/fragments/update-resolvelib-lt-2_0_0.yml
+@@ -1,2 +1,2 @@
+ minor_changes:
+- - ansible-galaxy - support ``resolvelib >= 0.5.3, < 1.2.0`` (https://github.com/ansible/ansible/issues/84217).
++ - ansible-galaxy - support ``resolvelib >= 0.5.3, < 2.0.0`` (https://github.com/ansible/ansible/issues/84217).
+diff --git a/lib/ansible/galaxy/dependency_resolution/providers.py b/lib/ansible/galaxy/dependency_resolution/providers.py
+index f0f30c9cc4be58..d336c3441e2e1d 100644
+--- a/lib/ansible/galaxy/dependency_resolution/providers.py
++++ b/lib/ansible/galaxy/dependency_resolution/providers.py
+@@ -39,7 +39,7 @@ class AbstractProvider: # type: ignore[no-redef]
+
+ # TODO: add python requirements to ansible-test's ansible-core distribution info and remove the hardcoded lowerbound/upperbound fallback
+ RESOLVELIB_LOWERBOUND = SemanticVersion("0.5.3")
+-RESOLVELIB_UPPERBOUND = SemanticVersion("1.2.0")
++RESOLVELIB_UPPERBOUND = SemanticVersion("2.0.0")
+ RESOLVELIB_VERSION = SemanticVersion.from_loose_version(LooseVersion(resolvelib_version))
+
+
+diff --git a/requirements.txt b/requirements.txt
+index e0126172e5e39e..45c9c01b803647 100644
+--- a/requirements.txt
++++ b/requirements.txt
+@@ -12,4 +12,4 @@ packaging
+ # NOTE: Ref: https://github.com/sarugaku/resolvelib/issues/69
+ # NOTE: When updating the upper bound, also update the latest version used
+ # NOTE: in the ansible-galaxy-collection test suite.
+-resolvelib >= 0.5.3, < 1.2.0 # dependency resolver used by ansible-galaxy
++resolvelib >= 0.5.3, < 2.0.0 # dependency resolver used by ansible-galaxy
+diff --git a/test/integration/targets/ansible-galaxy-collection/vars/main.yml b/test/integration/targets/ansible-galaxy-collection/vars/main.yml
+index abbc40cbc1eff4..c865871c4fe692 100644
+--- a/test/integration/targets/ansible-galaxy-collection/vars/main.yml
++++ b/test/integration/targets/ansible-galaxy-collection/vars/main.yml
+@@ -4,12 +4,15 @@ gpg_homedir: "{{ galaxy_dir }}/gpg"
+
+ offline_server: https://test-hub.demolab.local/api/galaxy/content/api/
+
+-# Test oldest and most recently supported, and versions with notable changes
++# Test oldest and most recently supported, and versions with notable changes.
++# The last breaking change for a feature ansible-galaxy uses was in 0.8.0.
++# It would be redundant to test every minor version since 0.8.0, so we just test against the latest minor release.
++# NOTE: If ansible-galaxy incorporates new resolvelib features, this matrix should be updated to verify the features work on all supported versions.
+ supported_resolvelib_versions:
+ - "0.5.3" # test CollectionDependencyProvider050
+ - "0.6.0" # test CollectionDependencyProvider060
+ - "0.7.0" # test CollectionDependencyProvider070
+- - "1.1.0" # test CollectionDependencyProvider080
++ - "<2.0.0" # test CollectionDependencyProvider080
+
+ unsupported_resolvelib_versions:
+ - "0.2.0" # Fails on import
+diff --git a/test/lib/ansible_test/_data/requirements/ansible.txt b/test/lib/ansible_test/_data/requirements/ansible.txt
+index e0126172e5e39e..45c9c01b803647 100644
+--- a/test/lib/ansible_test/_data/requirements/ansible.txt
++++ b/test/lib/ansible_test/_data/requirements/ansible.txt
+@@ -12,4 +12,4 @@ packaging
+ # NOTE: Ref: https://github.com/sarugaku/resolvelib/issues/69
+ # NOTE: When updating the upper bound, also update the latest version used
+ # NOTE: in the ansible-galaxy-collection test suite.
+-resolvelib >= 0.5.3, < 1.2.0 # dependency resolver used by ansible-galaxy
++resolvelib >= 0.5.3, < 2.0.0 # dependency resolver used by ansible-galaxy
diff --git a/py3-ansible-runner-http.yaml b/py3-ansible-runner-http.yaml
new file mode 100644
index 00000000000..caaa62b49cf
--- /dev/null
+++ b/py3-ansible-runner-http.yaml
@@ -0,0 +1,69 @@
+package:
+ name: py3-ansible-runner-http
+ version: 1.0.0
+ epoch: 0
+ description: This project is a plugin for Ansible Runner.
+ copyright:
+ - license: Apache-2.0
+ dependencies:
+ provider-priority: 0
+
+vars:
+ pypi-package: ansible-runner-http
+ import: ansible_runner_http
+
+data:
+ - name: py-versions
+ items:
+ 3.10: '310'
+ 3.11: '311'
+ 3.12: '312'
+ 3.13: '300'
+
+environment:
+ contents:
+ packages:
+ - py3-supported-build-base
+
+pipeline:
+ - uses: fetch
+ with:
+ expected-sha256: e2f34880531d4088a5e04967fd5eae602eb400cc4eb541b22c8c6853e342587f
+ uri: https://files.pythonhosted.org/packages/source/a/ansible-runner-http/ansible-runner-http-${{package.version}}.tar.gz
+
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ runtime:
+ - py${{range.key}}-requests
+ - py${{range.key}}-requests-unixsocket
+ - py${{range.key}}-ansible-runner
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
+
+test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ import ${{vars.import}}
+
+update:
+ enabled: true
+ release-monitor:
+ identifier: 375442
diff --git a/py3-ansible-runner.yaml b/py3-ansible-runner.yaml
new file mode 100644
index 00000000000..3ef0ec969ad
--- /dev/null
+++ b/py3-ansible-runner.yaml
@@ -0,0 +1,70 @@
+package:
+ name: py3-ansible-runner
+ version: 2.4.0
+ epoch: 0
+ description: A tool and python library that helps when interfacing with Ansible directly.
+ copyright:
+ - license: Apache-2.0
+ dependencies:
+ provider-priority: 0
+
+vars:
+ pypi-package: ansible-runner
+ import: ansible_runner
+
+data:
+ - name: py-versions
+ items:
+ 3.10: "310"
+ 3.11: "311"
+ 3.12: "312"
+ 3.13: "300"
+
+environment:
+ contents:
+ packages:
+ - py3-supported-build-base
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: 82efc86afae56f3f5eb0809a0ac5a3b6f8cc400e
+ repository: https://github.com/ansible/ansible-runner
+ tag: ${{package.version}}
+
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ runtime:
+ - py${{range.key}}-pyyaml
+ - py${{range.key}}-packaging
+ - py${{range.key}}-pexpect
+ - py${{range.key}}-python-daemon
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
+
+update:
+ enabled: true
+ github:
+ identifier: ansible/ansible-runner
+
+test:
+ pipeline:
+ - name: version tests
+ runs: |
+ ansible-runner --version | grep ${{package.version}}
diff --git a/py3-azure-storage-blob.yaml b/py3-azure-storage-blob.yaml
index d10f50814f9..168b862e87a 100644
--- a/py3-azure-storage-blob.yaml
+++ b/py3-azure-storage-blob.yaml
@@ -1,7 +1,7 @@
package:
name: py3-azure-storage-blob
- version: 12.23.1
- epoch: 1
+ version: 12.24.0
+ epoch: 0
description: Microsoft Azure Blob Storage Client Library for Python
copyright:
- license: MIT
@@ -28,7 +28,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: c92ee71ba58af9f419d517c124711c04e6eca052
+ expected-commit: 9f436690b476ada88b08b37771a4c0ae215e2feb
repository: https://github.com/Azure/azure-sdk-for-python
tag: azure-storage-blob_${{package.version}}
diff --git a/py3-blinker.yaml b/py3-blinker.yaml
index 152d3bfff57..244d28bf3d8 100644
--- a/py3-blinker.yaml
+++ b/py3-blinker.yaml
@@ -1,7 +1,7 @@
package:
name: py3-blinker
- version: 1.8.2
- epoch: 1
+ version: 1.9.0
+ epoch: 0
description: Fast, simple object-to-object and broadcast signaling
copyright:
- license: MIT
@@ -32,7 +32,7 @@ pipeline:
with:
repository: https://github.com/pallets-eco/blinker/
tag: ${{package.version}}
- expected-commit: 0a6be69aaaf72917bbedf41643f83128c8623075
+ expected-commit: 669f3a027828d19786e708b511277fabcd6b9532
subpackages:
- range: py-versions
diff --git a/py3-bokeh.yaml b/py3-bokeh.yaml
index b02d75a2ca9..6606f74a32c 100644
--- a/py3-bokeh.yaml
+++ b/py3-bokeh.yaml
@@ -1,23 +1,25 @@
# Generated from https://pypi.org/project/bokeh/
package:
name: py3-bokeh
- version: 3.6.0
- epoch: 0
+ version: 3.6.1
+ epoch: 1
description: Interactive plots and applications in the browser from Python
copyright:
- license: BSD-3-Clause
dependencies:
- runtime:
- - py3-jinja2
- - py3-contourpy
- - numpy
- - py3-packaging
- - py3-pandas
- - py3-pillow
- - py3-pyyaml
- - py3-tornado
- - py3-xyzservices
- - python-3
+ provider-priority: 0
+
+vars:
+ pypi-package: bokeh
+ import: bokeh
+
+data:
+ - name: py-versions
+ items:
+ 3.10: "310"
+ 3.11: "311"
+ 3.12: "312"
+ 3.13: "300"
environment:
contents:
@@ -25,20 +27,81 @@ environment:
- build-base
- busybox
- ca-certificates-bundle
- - py3-setuptools
- - python-3
+ - py3-supported-cython
+ - py3-supported-pip
+ - py3-supported-python-dev
+ - py3-supported-setuptools-git-versioning
- wolfi-base
pipeline:
- uses: fetch
with:
- expected-sha256: 0032dc1e76ad097b07626e51584685ff48c65481fbaaad105663b1046165867a
+ expected-sha256: 04d3fb5fac871423f38e4535838164cd90c3d32e707bcb74c8bf991ed28878fc
uri: https://files.pythonhosted.org/packages/source/b/bokeh/bokeh-${{package.version}}.tar.gz
- - name: Python Build
- uses: python/build-wheel
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ runtime:
+ - py${{range.key}}-jinja2
+ - py${{range.key}}-contourpy
+ - py${{range.key}}-numpy
+ - py${{range.key}}-packaging
+ - py${{range.key}}-pandas
+ - py${{range.key}}-pillow
+ - py${{range.key}}-pyyaml
+ - py${{range.key}}-tornado
+ - py${{range.key}}-xyzservices
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - name: "move usr/bin executables for -bin"
+ runs: |
+ mkdir -p ./cleanup/${{range.key}}/
+ mv ${{targets.contextdir}}/usr/bin ./cleanup/${{range.key}}/
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ import: ${{vars.import}}
+
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}-bin
+ description: Executable binaries for ${{vars.pypi-package}} installed for python${{range.key}}
+ dependencies:
+ runtime:
+ - py${{range.key}}-${{vars.pypi-package}}
+ provides:
+ - py3-${{vars.pypi-package}}-bin
+ - py3-${{vars.pypi-package}}
+ provider-priority: ${{range.value}}
+ pipeline:
+ - runs: |
+ mkdir -p ${{targets.contextdir}}/usr/
+ mv ./cleanup/${{range.key}}/bin ${{targets.contextdir}}/usr/
+ test:
+ pipeline:
+ - runs: |
+ bokeh --version
+ bokeh --help
- - uses: strip
+ - name: py3-supported-${{vars.pypi-package}}
+ description: meta package providing ${{vars.pypi-package}} for supported python versions.
+ dependencies:
+ runtime:
+ - py3.10-${{vars.pypi-package}}
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python3.10
+ import: ${{vars.import}}
update:
enabled: true
@@ -48,16 +111,5 @@ update:
test:
pipeline:
- runs: |
- LIBRARY="bokeh"
- IMPORT_STATEMENT="import bokeh"
-
- if ! python -c "$IMPORT_STATEMENT"; then
- echo "Failed to import library '$LIBRARY'."
- python -c "$IMPORT_STATEMENT" 2>&1
- exit 1
- else
- echo "Library '$LIBRARY' is installed and can be imported successfully."
- exit 0
- fi
bokeh --version
bokeh --help
diff --git a/py3-boto3.yaml b/py3-boto3.yaml
index 9a2a7e2c3a5..a00dfeb85d6 100644
--- a/py3-boto3.yaml
+++ b/py3-boto3.yaml
@@ -1,6 +1,6 @@
package:
name: py3-boto3
- version: 1.35.54
+ version: 1.35.63
epoch: 0
description: The AWS SDK for Python
copyright:
@@ -28,7 +28,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 7d9c359bbbc858a60b51c86328db813353c8bd1940212cdbd0a7da835291c2e1
+ expected-sha256: deb593d9a0fb240deb4c43e4da8e6626d7c36be7b2fd2fe28f49d44d395b7de0
uri: https://files.pythonhosted.org/packages/source/b/boto3/boto3-${{package.version}}.tar.gz
subpackages:
diff --git a/py3-botocore.yaml b/py3-botocore.yaml
index 6b2736edd63..0489eee5584 100644
--- a/py3-botocore.yaml
+++ b/py3-botocore.yaml
@@ -1,6 +1,6 @@
package:
name: py3-botocore
- version: 1.35.54
+ version: 1.35.63
epoch: 0
description: The low-level, core functionality of Boto3
copyright:
@@ -29,7 +29,7 @@ pipeline:
- uses: fetch
with:
uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz
- expected-sha256: 131bb59ce59c8a939b31e8e647242d70cf11d32d4529fa4dca01feea1e891a76
+ expected-sha256: 2b8196bab0a997d206c3d490b52e779ef47dffb68c57c685443f77293aca1589
subpackages:
- range: py-versions
diff --git a/py3-cachecontrol.yaml b/py3-cachecontrol.yaml
index 880bf748328..ca8bba90506 100644
--- a/py3-cachecontrol.yaml
+++ b/py3-cachecontrol.yaml
@@ -1,8 +1,8 @@
# Generated from https://pypi.org/project/CacheControl/
package:
name: py3-cachecontrol
- version: 0.14.0
- epoch: 3
+ version: 0.14.1
+ epoch: 0
description: httplib2 caching for requests
copyright:
- license: Apache-2.0
@@ -36,7 +36,7 @@ pipeline:
with:
repository: https://github.com/psf/cachecontrol
tag: v${{package.version}}
- expected-commit: e2be0c2f8e7c61ab5e2611dd58748f803f520d4d
+ expected-commit: 8cfe98e594eb796238eeb469ac05a96dff1baf19
subpackages:
- range: py-versions
diff --git a/py3-changelog-chug.yaml b/py3-changelog-chug.yaml
new file mode 100644
index 00000000000..f5b93fb687e
--- /dev/null
+++ b/py3-changelog-chug.yaml
@@ -0,0 +1,79 @@
+package:
+ name: py3-changelog-chug
+ version: 0.0.3
+ epoch: 0
+ description: Parser library for project Change Log documents.
+ copyright:
+ - license: AGPL-3.0-only
+ dependencies:
+ provider-priority: 0
+
+vars:
+ pypi-package: changelog-chug
+ import: chug
+
+data:
+ - name: py-versions
+ items:
+ 3.10: '310'
+ 3.11: '311'
+ 3.12: '312'
+ 3.13: '300'
+
+environment:
+ contents:
+ packages:
+ - py3-supported-build-base
+ - py3-supported-docutils
+ - py3-supported-semver
+
+pipeline:
+ - uses: fetch
+ with:
+ expected-sha256: 98ee1e8be75b6e9d512c35292c3c293a124541a4ec2014a6ec3cf33a3d265d2d
+ uri: https://files.pythonhosted.org/packages/source/c/changelog_chug/changelog_chug-${{package.version}}.tar.gz
+
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ runtime:
+ - py${{range.key}}-semver
+ - py${{range.key}}-docutils
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
+
+ - name: py3-supported-${{vars.pypi-package}}
+ description: meta package providing ${{vars.pypi-package}} for supported python versions.
+ dependencies:
+ runtime:
+ - py3.10-${{vars.pypi-package}}
+ - py3.11-${{vars.pypi-package}}
+ - py3.12-${{vars.pypi-package}}
+ - py3.13-${{vars.pypi-package}}
+
+test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ import ${{vars.import}}
+
+update:
+ enabled: true
+ release-monitor:
+ identifier: 375371
diff --git a/py3-codespell.yaml b/py3-codespell.yaml
index fbf98a8ff0e..ae8d8ad20b3 100644
--- a/py3-codespell.yaml
+++ b/py3-codespell.yaml
@@ -1,7 +1,7 @@
package:
name: py3-codespell
version: 2.3.0
- epoch: 1
+ epoch: 2
description: 'checker for common misspellings '
copyright:
- license: GPL-2.0-or-later
diff --git a/py3-conda-libmamba-solver.yaml b/py3-conda-libmamba-solver.yaml
index 981e5296591..e98d74e7126 100644
--- a/py3-conda-libmamba-solver.yaml
+++ b/py3-conda-libmamba-solver.yaml
@@ -1,7 +1,7 @@
package:
name: py3-conda-libmamba-solver
version: 24.9.0
- epoch: 0
+ epoch: 1
description: The libmamba based solver for conda.
copyright:
- license: BSD-3-Clause
@@ -32,6 +32,10 @@ pipeline:
repository: https://github.com/conda/conda-libmamba-solver
tag: ${{package.version}}
expected-commit: bbaab52122674e0991e1bd14bdfc114a33f70975
+ cherry-picks: |
+ 24.11.0rc/1b491d911e97bfb5ef7695b2b1376e1bebe08974: mamba version 2 support refactor prerequisite
+ 24.11.0rc/fa9f2ccb3cbc4d50b0d7db4eeb10946549c291d4: mamba version 2 support refactor prerequisite
+ 24.11.0rc/cbc9f1f80400e6fe68ae08937ae949191b9cd2d5: mamba version 2 support refactor
- name: Python Build
runs: python -m build
diff --git a/py3-contourpy.yaml b/py3-contourpy.yaml
index 6fb33c78dc5..52a46b3065d 100644
--- a/py3-contourpy.yaml
+++ b/py3-contourpy.yaml
@@ -1,7 +1,7 @@
package:
name: py3-contourpy
- version: 1.3.0
- epoch: 2
+ version: 1.3.1
+ epoch: 0
description: Python library for calculating contours of 2D quadrilateral grids
copyright:
- license: BSD-3-Clause
@@ -33,7 +33,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/contourpy/contourpy
- expected-commit: a59061cbf00dbbee09c56d1b1c36260946c37567
+ expected-commit: 1b253baa44e05b65859e97a68ddeb34cf23b7a71
tag: v${{package.version}}
subpackages:
diff --git a/py3-debugpy.yaml b/py3-debugpy.yaml
index 32fa1e6ffd0..6448ce93c5a 100644
--- a/py3-debugpy.yaml
+++ b/py3-debugpy.yaml
@@ -1,6 +1,6 @@
package:
name: py3-debugpy
- version: 1.8.7
+ version: 1.8.8
epoch: 0
description: An implementation of the Debug Adapter Protocol for Python
copyright:
@@ -28,7 +28,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: f7d5df027c0407ac02c080bb4c39eab963913bf6
+ expected-commit: 3573ca0e2bb562e8a0d3de68e531c3419a06c82a
repository: https://github.com/microsoft/debugpy
tag: v${{package.version}}
diff --git a/py3-deprecated.yaml b/py3-deprecated.yaml
index 1954aebb4ca..0e37538509b 100644
--- a/py3-deprecated.yaml
+++ b/py3-deprecated.yaml
@@ -1,8 +1,8 @@
# Generated from https://pypi.org/project/Deprecated/
package:
name: py3-deprecated
- version: 1.2.14
- epoch: 2
+ version: 1.2.15
+ epoch: 0
description: Python @deprecated decorator to deprecate old python classes, functions or methods.
copyright:
- license: MIT
@@ -33,7 +33,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 378636d8a1e3d62d5894329c57f44ba0030c2dbd
+ expected-commit: 7773ef0a33a936f78b1e4d6a9d4bcde0448b7610
repository: https://github.com/tantale/deprecated
tag: v${{package.version}}
diff --git a/py3-diffoscope.yaml b/py3-diffoscope.yaml
index 731e1549ac4..a1bf357a9c1 100644
--- a/py3-diffoscope.yaml
+++ b/py3-diffoscope.yaml
@@ -1,7 +1,7 @@
# Generated from https://pypi.org/project/diffoscope/
package:
name: py3-diffoscope
- version: "282"
+ version: "283"
epoch: 0
description: in-depth comparison of files, archives, and directories
copyright:
@@ -22,7 +22,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 04893051cbf68043aa5bc496a554f76e96b847375a74d7bc90ee150583c7488b
+ expected-sha256: 0469ff70e1f37b5e96496f5e3c88dbafcf03fafff409a90601ed84febc31c543
uri: https://files.pythonhosted.org/packages/source/d/diffoscope/diffoscope-${{package.version}}.tar.gz
subpackages:
diff --git a/py3-django.yaml b/py3-django.yaml
index 6951bcf8e97..1c2246f5393 100644
--- a/py3-django.yaml
+++ b/py3-django.yaml
@@ -1,7 +1,7 @@
package:
name: py3-django
- version: 5.1.2
- epoch: 1
+ version: 5.1.3
+ epoch: 0
description: A high-level Python Web framework that encourages rapid development and clean, pragmatic design.
copyright:
- license: BSD-3-Clause
@@ -28,7 +28,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: c499184f198df8deb8b5f7282b679babef8384ff
+ expected-commit: 69bf08e3a32492998871eb91ad84b3c8d8117180
repository: https://github.com/django/django
tag: ${{package.version}}
diff --git a/py3-docker-squash.yaml b/py3-docker-squash.yaml
index 2e33f8b8cdf..e1a57a614c3 100644
--- a/py3-docker-squash.yaml
+++ b/py3-docker-squash.yaml
@@ -3,8 +3,8 @@ package:
# When bumping this version, please remove the StrictVersion patching
# if https://github.com/goldmann/docker-squash/pull/234 was merged
# and released.
- version: 1.2.1
- epoch: 1
+ version: 1.2.2
+ epoch: 0
description: Docker layer squashing tool
copyright:
- license: MIT
@@ -31,7 +31,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 68d6d7d5501051d781716906dced8503fe74eec3
+ expected-commit: 0fe8285a6a82430599d7855dfe8757291723415e
repository: https://github.com/goldmann/docker-squash
tag: ${{package.version}}
diff --git a/py3-dulwich.yaml b/py3-dulwich.yaml
index 97c4199cd3d..932c1166bbd 100644
--- a/py3-dulwich.yaml
+++ b/py3-dulwich.yaml
@@ -1,7 +1,7 @@
# Generated from https://pypi.org/project/dulwich/
package:
name: py3-dulwich
- version: 0.22.4
+ version: 0.22.5
epoch: 0
description: Python Git Library
copyright:
@@ -35,7 +35,7 @@ pipeline:
with:
repository: https://github.com/jelmer/dulwich
tag: dulwich-${{package.version}}
- expected-commit: 3dd2600919d67da352eed0fc960f5523ad0f0a93
+ expected-commit: f87ed2e730c42276a96f27e74868cb98e0a73566
subpackages:
- range: py-versions
diff --git a/py3-flask-opentracing.yaml b/py3-flask-opentracing.yaml
index bf365f43305..e99a78635ca 100644
--- a/py3-flask-opentracing.yaml
+++ b/py3-flask-opentracing.yaml
@@ -1,21 +1,29 @@
-# Generated from https://pypi.org/project/Flask-OpenTracing/
package:
name: py3-flask-opentracing
version: 2.0.0
- epoch: 2
+ epoch: 3
description: OpenTracing support for Flask applications
copyright:
- license: BSD-3-Clause
+ dependencies:
+ provider-priority: 0
+
+vars:
+ pypi-package: flask-opentracing
+ import: flask_opentracing
+
+data:
+ - name: py-versions
+ items:
+ 3.10: '310'
+ 3.11: '311'
+ 3.12: '312'
+ 3.13: '300'
environment:
contents:
packages:
- - build-base
- - busybox
- - ca-certificates-bundle
- - py3-setuptools
- - python3
- - wolfi-base
+ - py3-supported-build-base
pipeline:
- uses: fetch
@@ -23,13 +31,45 @@ pipeline:
expected-sha256: 4de9db3d4f0d2b506ce3874fc721278d41b2e8b0125ea567164be0100df502fe
uri: https://files.pythonhosted.org/packages/source/F/Flask-OpenTracing/Flask-OpenTracing-${{package.version}}.tar.gz
- - name: Python Build
- runs: python setup.py build
+subpackages:
+ - range: py-versions
+ name: py${{range.key}}-${{vars.pypi-package}}
+ description: python${{range.key}} version of ${{vars.pypi-package}}
+ dependencies:
+ provider-priority: ${{range.value}}
+ provides:
+ - py3-${{vars.pypi-package}}
+ runtime:
+ - py${{range.key}}-flask
+ - py${{range.key}}-opentracing
+ pipeline:
+ - uses: py/pip-build-install
+ with:
+ python: python${{range.key}}
+ - uses: strip
+ test:
+ pipeline:
+ - uses: python/import
+ with:
+ python: python${{range.key}}
+ imports: |
+ import ${{vars.import}}
- - name: Python Install
- runs: python setup.py install --prefix=/usr --root="${{targets.destdir}}"
+ - name: py3-supported-${{vars.pypi-package}}
+ description: meta package providing ${{vars.pypi-package}} for supported python versions.
+ dependencies:
+ runtime:
+ - py3.10-${{vars.pypi-package}}
+ - py3.11-${{vars.pypi-package}}
+ - py3.12-${{vars.pypi-package}}
+ - py3.13-${{vars.pypi-package}}
- - uses: strip
+test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: |
+ import ${{vars.import}}
update:
enabled: true
diff --git a/py3-flask.yaml b/py3-flask.yaml
index fd8fb2c8e03..271e1484bea 100644
--- a/py3-flask.yaml
+++ b/py3-flask.yaml
@@ -1,7 +1,7 @@
package:
name: py3-flask
- version: 3.0.3
- epoch: 2
+ version: 3.1.0
+ epoch: 0
description: A simple framework for building complex web applications.
copyright:
- license: BSD-3-Clause
@@ -29,7 +29,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: ceb27b0af3823ea2737928a4d99d125a06175b8512c445cbd9a9ce200ef76842
+ expected-sha256: 5f873c5184c897c8d9d1b05df1e3d01b14910ce69607a117bd3277098a5836ac
uri: https://files.pythonhosted.org/packages/source/f/flask/flask-${{package.version}}.tar.gz
subpackages:
diff --git a/py3-fonttools.yaml b/py3-fonttools.yaml
index d0c70277f52..a66282f08b4 100644
--- a/py3-fonttools.yaml
+++ b/py3-fonttools.yaml
@@ -1,7 +1,7 @@
package:
name: py3-fonttools
- version: 4.54.1
- epoch: 1
+ version: 4.55.0
+ epoch: 0
description: Tools to manipulate font files
copyright:
- license: MIT
@@ -29,7 +29,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/fonttools/fonttools
- expected-commit: 112ace818935dbc554a88e56c5304d432dccc794
+ expected-commit: 6ad1c3192ad6d7a3c34f467d710fe64ca0e266d7
tag: ${{package.version}}
subpackages:
diff --git a/py3-fromager.yaml b/py3-fromager.yaml
index 3b65feca21a..aee86794c1f 100644
--- a/py3-fromager.yaml
+++ b/py3-fromager.yaml
@@ -1,6 +1,6 @@
package:
name: py3-fromager
- version: 0.32.1
+ version: 0.34.0
epoch: 0
description: Wheel maker
copyright:
@@ -36,7 +36,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/python-wheel-build/fromager
- expected-commit: d74742d6f5f3a1c277811ab20b26d3113b6ad41d
+ expected-commit: 2075b40fe39aa9d63e19c0ce0ecdf9dde11f44e9
tag: ${{package.version}}
subpackages:
diff --git a/py3-gevent.yaml b/py3-gevent.yaml
index 6c9f8ae10c3..9c031305854 100644
--- a/py3-gevent.yaml
+++ b/py3-gevent.yaml
@@ -1,6 +1,6 @@
package:
name: py3-gevent
- version: 24.10.3
+ version: 24.11.1
epoch: 0
description: Coroutine-based network library
copyright:
@@ -32,7 +32,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: aa7ee1bd5cabb2b7ef35105f863b386c8d5e332f754b60cfc354148bd70d35d1
+ expected-sha256: 8bd1419114e9e4a3ed33a5bad766afff9a3cf765cb440a582a1b3a9bc80c1aca
uri: https://files.pythonhosted.org/packages/source/g/gevent/gevent-${{package.version}}.tar.gz
subpackages:
diff --git a/py3-google-api-core.yaml b/py3-google-api-core.yaml
index 04e9f4cfe6f..f080884f81d 100644
--- a/py3-google-api-core.yaml
+++ b/py3-google-api-core.yaml
@@ -1,7 +1,7 @@
package:
name: py3-google-api-core
- version: 2.22.0
- epoch: 1
+ version: 2.23.0
+ epoch: 0
description: Google API client core library
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: e1b5a110157388a8f7ed2ecfb380afbef9a6cd57
+ expected-commit: 2844cf09ea8b2b78d53c7f0fe4d5e5bd1b926329
repository: https://github.com/googleapis/python-api-core
tag: v${{package.version}}
diff --git a/py3-google-api-python-client.yaml b/py3-google-api-python-client.yaml
index 9003cfcabb7..a2571209b0d 100644
--- a/py3-google-api-python-client.yaml
+++ b/py3-google-api-python-client.yaml
@@ -1,7 +1,7 @@
package:
name: py3-google-api-python-client
- version: 2.151.0
- epoch: 1
+ version: 2.153.0
+ epoch: 0
description: Google API Client Library for Python
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 1e01f260f28de99975558179b192873026d2bdeb
+ expected-commit: 1ed2f395850a43e966f448ef8943e062bbae32d9
repository: https://github.com/googleapis/google-api-python-client
tag: v${{package.version}}
diff --git a/py3-google-auth-oauthlib.yaml b/py3-google-auth-oauthlib.yaml
index 76f1b1bd842..24a69c4e50b 100644
--- a/py3-google-auth-oauthlib.yaml
+++ b/py3-google-auth-oauthlib.yaml
@@ -1,7 +1,7 @@
package:
name: py3-google-auth-oauthlib
version: 1.2.1
- epoch: 1
+ epoch: 2
description: Google Authentication Library
copyright:
- license: Apache-2.0
@@ -45,6 +45,7 @@ subpackages:
- uses: py/pip-build-install
with:
python: python${{range.key}}
+ prevent-inclusion: scripts docs
- name: move usr/bin executables for -bin
runs: |
mkdir -p ./cleanup/${{range.key}}/
diff --git a/py3-google-auth.yaml b/py3-google-auth.yaml
index 71d3f835770..498711919e2 100644
--- a/py3-google-auth.yaml
+++ b/py3-google-auth.yaml
@@ -1,6 +1,6 @@
package:
name: py3-google-auth
- version: 2.36.0
+ version: 2.36.1
epoch: 0
description: Google Authentication Library
copyright:
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/googleapis/google-auth-library-python
tag: v${{package.version}}
- expected-commit: 3fae8f8368d4651cd11d4af3d80f687eab033175
+ expected-commit: bfab59288fb5e4a9d86f5fff55307a72a0b86e47
subpackages:
- range: py-versions
diff --git a/py3-google-cloud-bigquery.yaml b/py3-google-cloud-bigquery.yaml
index 08b3543a004..db99e6063fa 100644
--- a/py3-google-cloud-bigquery.yaml
+++ b/py3-google-cloud-bigquery.yaml
@@ -1,7 +1,7 @@
# Generated from https://pypi.org/project/google-cloud-bigquery/
package:
name: py3-google-cloud-bigquery
- version: 3.26.0
+ version: 3.27.0
epoch: 0
description: Google BigQuery API client library
copyright:
@@ -32,7 +32,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cad34f1afe20bc430c631ba9c2b69e442281d08d
+ expected-commit: 53c289e032caf083505b33bef323878671b58cd9
repository: https://github.com/googleapis/python-bigquery
tag: v${{package.version}}
diff --git a/py3-google-cloud-bigtable.yaml b/py3-google-cloud-bigtable.yaml
index d06da9428e9..d80bbefb830 100644
--- a/py3-google-cloud-bigtable.yaml
+++ b/py3-google-cloud-bigtable.yaml
@@ -1,7 +1,7 @@
# Generated from https://pypi.org/project/google-cloud-bigtable/
package:
name: py3-google-cloud-bigtable
- version: 2.26.0
+ version: 2.27.0
epoch: 0
description: Google Cloud Bigtable API client library
copyright:
@@ -29,7 +29,7 @@ pipeline:
- uses: git-checkout
with:
# README: for version v2.21.0, if you use this, update the package.version above to this version
- expected-commit: f7905007d6e2a2a23b941f42d03ceee00715dcbb
+ expected-commit: 14aec68b6e58f135e829608b9e00ffb3799833b7
repository: https://github.com/googleapis/python-bigtable
tag: v${{package.version}}
@@ -38,6 +38,42 @@ pipeline:
- uses: strip
+test:
+ pipeline:
+ - uses: python/import
+ with:
+ imports: import google.cloud.bigtable
+ - name: Simple mocked usage
+ runs: |
+ echo > test.py <> /tmp/hello.rb
diff --git a/ruby-3.3/0001-change-bundled-gems.patch b/ruby-3.3/0001-change-bundled-gems.patch
new file mode 100644
index 00000000000..fc66c989e48
--- /dev/null
+++ b/ruby-3.3/0001-change-bundled-gems.patch
@@ -0,0 +1,15 @@
+diff --git a/gems/bundled_gems b/gems/bundled_gems
+index 806af42076..29ba48cdd4 100644
+--- a/gems/bundled_gems
++++ b/gems/bundled_gems
+@@ -9,10 +9,8 @@ minitest 5.20.0 https://github.com/minitest/minitest
+ power_assert 2.0.3 https://github.com/ruby/power_assert
+ rake 13.1.0 https://github.com/ruby/rake
+ test-unit 3.6.1 https://github.com/test-unit/test-unit
+-rexml 3.3.9 https://github.com/ruby/rexml
+ rss 0.3.1 https://github.com/ruby/rss
+ net-ftp 0.3.4 https://github.com/ruby/net-ftp
+-net-imap 0.4.9.1 https://github.com/ruby/net-imap
+ net-pop 0.1.2 https://github.com/ruby/net-pop
+ net-smtp 0.4.0.1 https://github.com/ruby/net-smtp
+ matrix 0.4.2 https://github.com/ruby/matrix
diff --git a/ruby3.0-bundler.yaml b/ruby3.0-bundler.yaml
index 4315bdcbd7a..f97859eaa06 100644
--- a/ruby3.0-bundler.yaml
+++ b/ruby3.0-bundler.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.0-bundler
- version: 2.5.22
+ version: 2.5.23
epoch: 0
description: "Manage an application's gem dependencies"
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 342d4542fdaaea847507a84a1ccef3a157fd03a4
+ expected-commit: 35f4611265e8f5c6c4eeed9d152be12b3bf29fe1
repository: https://github.com/rubygems/rubygems
tag: bundler-v${{package.version}}
diff --git a/ruby3.1-bundler.yaml b/ruby3.1-bundler.yaml
index 7f832070e88..80b491ead31 100644
--- a/ruby3.1-bundler.yaml
+++ b/ruby3.1-bundler.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.1-bundler
- version: 2.5.22
+ version: 2.5.23
epoch: 0
description: "Manage an application's gem dependencies"
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 342d4542fdaaea847507a84a1ccef3a157fd03a4
+ expected-commit: 35f4611265e8f5c6c4eeed9d152be12b3bf29fe1
repository: https://github.com/rubygems/rubygems
tag: bundler-v${{package.version}}
diff --git a/ruby3.2-activemodel.yaml b/ruby3.2-activemodel.yaml
index a4e02f178bf..748faae03c3 100644
--- a/ruby3.2-activemodel.yaml
+++ b/ruby3.2-activemodel.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-activemodel
- version: 7.2.1.2
- epoch: 1
+ version: 8.0.0
+ epoch: 0
description: A toolkit for building modeling frameworks like Active Record. Rich support for attributes, callbacks, validations, serialization, internationalization, and testing.
copyright:
- license: MIT
@@ -24,7 +24,7 @@ pipeline:
with:
repository: https://github.com/rails/rails
tag: v${{package.version}}
- expected-commit: 7750d64a65e5b2641d87ef45e6e65ace193d9a27
+ expected-commit: dd8f7185faeca6ee968a6e9367f6d8601a83b8db
- uses: ruby/build
with:
@@ -42,6 +42,91 @@ pipeline:
vars:
gem: activemodel
+test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-activesupport
+ - ruby${{vars.rubyMM}}-benchmark
+ - ruby${{vars.rubyMM}}-uri
+ pipeline:
+ - name: Basic require test
+ runs: ruby -e "require 'active_model'"
+ - name: Test validations and errors
+ runs: |
+ ruby < name, 'price' => price}
+ end
+ end
+
+ product = Product.new
+ product.name = 'Widget'
+ product.price = 19.99
+
+ serialized = product.serializable_hash
+ raise 'Serialization failed for name' unless serialized['name'] == 'Widget'
+ raise 'Serialization failed for price' unless serialized['price'] == 19.99
+
+ puts 'ActiveModel serialization tests passed'
+ EOF-
+
update:
enabled: true
github:
diff --git a/ruby3.2-activesupport.yaml b/ruby3.2-activesupport.yaml
index b4907544ac4..4562468820c 100644
--- a/ruby3.2-activesupport.yaml
+++ b/ruby3.2-activesupport.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-activesupport
- version: 7.2.1.2
- epoch: 1
+ version: 8.0.0
+ epoch: 0
description: A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
copyright:
- license: MIT
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/rails/rails
tag: v${{package.version}}
- expected-commit: 7750d64a65e5b2641d87ef45e6e65ace193d9a27
+ expected-commit: dd8f7185faeca6ee968a6e9367f6d8601a83b8db
- uses: ruby/build
with:
@@ -53,8 +53,62 @@ update:
strip-prefix: v
test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-uri
+ - ruby${{vars.rubyMM}}-benchmark
pipeline:
- - runs: ruby -e "require 'active_support'"
+ - name: Basic require test
+ runs: |
+ ruby -e "require 'active_support'"
+ - name: Test core extensions
+ runs: |
+ ruby < 0, "Wrapped key should not be empty"
+ puts "Wrap test passed"
+
+ # Test unwrapping with IV
+ unwrapped_key = AESKeyWrap.unwrap(wrapped_key, kek, iv)
+ assert_equal plaintext_key, unwrapped_key, "Unwrapped key should match the original plaintext key"
+ puts "Unwrap test passed"
+
+ puts "Basic wrap/unwrap test with explicit IV passed"
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-async-http.yaml b/ruby3.2-async-http.yaml
index c6fddb8dfa5..87f08378c95 100644
--- a/ruby3.2-async-http.yaml
+++ b/ruby3.2-async-http.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.2-async-http
- version: 0.82.3
+ version: 0.83.1
epoch: 0
description: A HTTP client and server library.
copyright:
@@ -32,7 +32,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 6429f222cb9ffdfbbf3e3a6fe805c4d4768995bf
+ expected-commit: 4ce90b1879ad80ade9ee2379ea86e85789ecd689
repository: https://github.com/socketry/async-http
tag: v${{package.version}}
@@ -51,6 +51,76 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-io-endpoint
+ - ruby${{vars.rubyMM}}-io-stream
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'async/http/server'
+ require 'async/http/client'
+ require 'async/http/endpoint'
+ require 'protocol/http/response'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Define the HTTP server endpoint
+ server_endpoint = Async::HTTP::Endpoint.parse("http://127.0.0.1:9292")
+
+ # Define the server app that responds to GET requests only
+ app = proc do |request|
+ case request.method
+ when "GET"
+ Protocol::HTTP::Response[200, {}, ["Hello, World!"]]
+ else
+ Protocol::HTTP::Response[405, {}, ["Method Not Allowed"]]
+ end
+ end
+
+ # Run the server and client tasks within a timeout block
+ Async::Reactor.run do |task|
+ begin
+ # Server task: Start the server with the endpoint
+ server = Async::HTTP::Server.new(app, server_endpoint)
+
+ # Run server in a child task
+ server_task = task.async do
+ server.run
+ end
+
+ # Delay to ensure server is ready
+ task.sleep(0.5)
+
+ # Client task: Perform a single GET request
+ client_task = task.async do
+ client = Async::HTTP::Client.new(server_endpoint)
+
+ # Test GET request
+ response = client.get("/")
+ assert_equal 200, response.status, "Expected 200 OK for GET request"
+ assert_equal "Hello, World!", response.read, "Expected 'Hello, World!' in response body for GET request"
+ puts "GET request test passed"
+
+ client.close
+ end
+
+ # Wait for the client task to finish, then stop the server
+ client_task.wait
+ server_task.stop
+ rescue => e
+ puts "Error encountered: #{e.class} - #{e.message}"
+ puts e.backtrace
+ end
+ end
+
+ puts "Minimal async-http test completed."
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-async-io.yaml b/ruby3.2-async-io.yaml
index 1cbb11fa1c9..77565156f69 100644
--- a/ruby3.2-async-io.yaml
+++ b/ruby3.2-async-io.yaml
@@ -45,6 +45,55 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'async/io'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsyncIO < Test::Unit::TestCase
+ def test_basic_tcp_connection
+ host = "127.0.0.1"
+ port = 9090
+
+ Async do |task|
+ # Server task: responds with a message
+ server_task = task.async do
+ server = Async::IO::TCPServer.new(host, port)
+ client = server.accept
+ client.write("Hello, Async!")
+ client.close
+ server.close
+ end
+
+ # Allow server to start
+ task.sleep(0.1)
+
+ # Client task: connects and reads message
+ client_task = task.async do
+ client = Async::IO::TCPSocket.new(host, port)
+ message = client.read
+ assert_equal "Hello, Async!", message, "Expected message from server"
+ client.close
+ end
+
+ client_task.wait
+ server_task.stop
+ end
+
+ puts "Basic TCP connection test passed."
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-async-pool.yaml b/ruby3.2-async-pool.yaml
index 4ccf25f8301..e0b70246129 100644
--- a/ruby3.2-async-pool.yaml
+++ b/ruby3.2-async-pool.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-async-pool
- version: 0.10.1
- epoch: 1
+ version: 0.10.2
+ epoch: 0
description: A singleplex and multiplex resource pool for implementing robust clients.
copyright:
- license: MIT
@@ -28,7 +28,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 2b213d0cbdca13888233542268973a695196e95a
+ expected-commit: 538d46c45f603d85d87680e06df8f032c14ecdca
repository: https://github.com/socketry/async-pool
tag: v${{package.version}}
@@ -53,9 +53,36 @@ update:
use-tag: true
test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
pipeline:
- runs: |
- ruby -e "require 'async/pool'"
+ ruby <<-EOF
+ require 'async'
+ require 'async/pool'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsyncPool < Test::Unit::TestCase
+ def test_pool_limit
+ Async do
+ pool = Async::Pool::Controller.new(limit: 2)
+ tasks = []
+
+ 3.times do
+ tasks << pool.async { sleep(0.1) } # Simulate task work
+ end
+
+ # Ensure only 2 tasks run concurrently
+ assert tasks.count { |task| task.running? } <= 2, "Expected limit of 2 concurrent tasks"
+ puts "Pool limit test passed."
+ end
+ end
+ end
+ EOF
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.2-async.yaml b/ruby3.2-async.yaml
index 17e37565bc7..49b52b27de5 100644
--- a/ruby3.2-async.yaml
+++ b/ruby3.2-async.yaml
@@ -47,6 +47,33 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsync < Test::Unit::TestCase
+ def test_async_execution
+ result = nil
+ Async { result = "done" }
+ assert_equal "done", result, "Async task should complete"
+ end
+
+ def test_async_sleep
+ start_time = Time.now
+ Async { Async::Task.current.sleep(0.1) }
+ assert Time.now - start_time < 0.2, "Async sleep should not block"
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-attr_required.yaml b/ruby3.2-attr_required.yaml
index 1ac73604190..fb30c165f36 100644
--- a/ruby3.2-attr_required.yaml
+++ b/ruby3.2-attr_required.yaml
@@ -37,6 +37,32 @@ pipeline:
vars:
gem: attr_required
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'attr_required'
+ require 'test/unit'
+
+ class SimpleAttrTest < Test::Unit::TestCase
+ class TestClass
+ include AttrRequired
+ attr_required :name
+ end
+
+ def test_required_attribute
+ obj = TestClass.new
+ obj.name = "Alice"
+ assert_equal "Alice", obj.name
+ puts "attr_required test passed."
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-aws-eventstream.yaml b/ruby3.2-aws-eventstream.yaml
index 3ef1a35894c..0fcb05deee3 100644
--- a/ruby3.2-aws-eventstream.yaml
+++ b/ruby3.2-aws-eventstream.yaml
@@ -41,6 +41,37 @@ pipeline:
vars:
gem: aws-eventstream
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-eventstream'
+ require 'test/unit'
+ require 'stringio'
+ include Test::Unit::Assertions
+
+ # Create and test a simple message
+ message = Aws::EventStream::Message.new(
+ headers: {'event-type' => Aws::EventStream::HeaderValue.new(value: 'test', type: 'string')},
+ payload: StringIO.new("test_data")
+ )
+
+ encoded = Aws::EventStream::Encoder.new.encode(message)
+
+ messages = []
+ decoder = Aws::EventStream::Decoder.new
+ decoder.decode(StringIO.new(encoded)) do |decoded_msg|
+ messages << decoded_msg
+ end
+
+ assert_equal "test_data", messages.first.payload.read
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.2-aws-partitions.yaml b/ruby3.2-aws-partitions.yaml
index 7c331684531..d64308debd8 100644
--- a/ruby3.2-aws-partitions.yaml
+++ b/ruby3.2-aws-partitions.yaml
@@ -41,6 +41,46 @@ pipeline:
vars:
gem: aws-partitions
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-partitions'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test partition listing and default aws partition
+ partitions = Aws::Partitions.partitions
+ assert partitions.any?
+ assert_equal 'aws', partitions.first.name
+ puts "Partition listing test passed"
+
+ # Test region enumeration for aws partition
+ aws_partition = Aws::Partitions.partitions.find { |p| p.name == 'aws' }
+ regions = aws_partition.regions
+ assert regions.any?
+ assert regions.any? { |r| r.name == 'us-east-1' }
+ puts "Region enumeration test passed"
+
+ # Test service IDs
+ service_ids = Aws::Partitions.service_ids
+ assert service_ids.include?('S3') || service_ids.include?('s3')
+ assert service_ids.include?('EC2') || service_ids.include?('ec2')
+ puts "Service ID test passed"
+
+ # Test partition regions
+ aws_regions = aws_partition.regions.map(&:name)
+ assert aws_regions.include?('us-east-1'), "AWS partition should include us-east-1"
+ assert aws_regions.include?('us-west-2'), "AWS partition should include us-west-2"
+ puts "Partition regions test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.2-aws-sdk-cloudwatchlogs.yaml b/ruby3.2-aws-sdk-cloudwatchlogs.yaml
index 8c5602fde3c..9fc007be9ea 100644
--- a/ruby3.2-aws-sdk-cloudwatchlogs.yaml
+++ b/ruby3.2-aws-sdk-cloudwatchlogs.yaml
@@ -43,6 +43,43 @@ pipeline:
vars:
gem: aws-sdk-cloudwatchlogs
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-sdk-cloudwatchlogs'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test client initialization with stubs
+ client = Aws::CloudWatchLogs::Client.new(
+ region: 'us-west-2',
+ stub_responses: true
+ )
+ assert_kind_of Aws::CloudWatchLogs::Client, client
+ puts "Client initialization test passed"
+
+ # Test describe_log_groups API
+ client.stub_responses(:describe_log_groups, {
+ log_groups: [
+ {
+ log_group_name: "test-group",
+ retention_in_days: 7
+ }
+ ]
+ })
+
+ resp = client.describe_log_groups
+ assert_equal "test-group", resp.log_groups[0].log_group_name
+ puts "API call test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.2-aws-sdk-core.yaml b/ruby3.2-aws-sdk-core.yaml
index ea9134f3119..f578291d249 100644
--- a/ruby3.2-aws-sdk-core.yaml
+++ b/ruby3.2-aws-sdk-core.yaml
@@ -47,6 +47,41 @@ pipeline:
vars:
gem: aws-sdk-core
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-sdk-core'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test credentials
+ creds = Aws::Credentials.new('access_key', 'secret_key')
+ assert_equal 'access_key', creds.access_key_id
+ assert_equal 'secret_key', creds.secret_access_key
+ puts "Credentials test passed"
+
+ # Test global configuration
+ Aws.config.update(
+ region: 'us-west-2',
+ credentials: creds
+ )
+ assert_equal 'us-west-2', Aws.config[:region]
+ puts "Configuration test passed"
+
+ # Test presence of core modules
+ assert defined?(Aws::Errors)
+ assert defined?(Aws::PageableResponse)
+ assert defined?(Aws::Structure)
+ puts "Core modules test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.2-benchmark.yaml b/ruby3.2-benchmark.yaml
new file mode 100644
index 00000000000..cc1470afe29
--- /dev/null
+++ b/ruby3.2-benchmark.yaml
@@ -0,0 +1,50 @@
+package:
+ name: ruby3.2-benchmark
+ version: 0.4.0
+ epoch: 0
+ description: "A performance benchmarking library for Ruby."
+ copyright:
+ - license: BSD-2-Clause OR Ruby
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-3.2
+ - ruby-3.2-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/ruby/benchmark
+ tag: v${{package.version}}
+ expected-commit: a5d77ceae06d69a8b1b06d45760c9590a466707d
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: benchmark
+
+test:
+ pipeline:
+ - runs: ruby -e "require 'benchmark'"
+ - runs: |
+ ruby -e 'require "benchmark"; Benchmark.measure { 1 + 1 }; puts "OK"'
+
+update:
+ enabled: true
+ github:
+ identifier: ruby/benchmark
+ strip-prefix: v
diff --git a/ruby3.2-bundler.yaml b/ruby3.2-bundler.yaml
index 4e16ee41018..13f05c6f494 100644
--- a/ruby3.2-bundler.yaml
+++ b/ruby3.2-bundler.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-bundler
- version: 2.5.22
- epoch: 1
+ version: 2.5.23
+ epoch: 0
description: Manage an application's gem dependencies
copyright:
- license: MIT
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 342d4542fdaaea847507a84a1ccef3a157fd03a4
+ expected-commit: 35f4611265e8f5c6c4eeed9d152be12b3bf29fe1
repository: https://github.com/rubygems/rubygems
tag: bundler-v${{package.version}}
diff --git a/ruby3.2-console.yaml b/ruby3.2-console.yaml
index eca0243de1c..b4a1028941d 100644
--- a/ruby3.2-console.yaml
+++ b/ruby3.2-console.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-console
- version: 1.27.0
- epoch: 2
+ version: 1.29.0
+ epoch: 0
description: Beautiful logging for Ruby.
copyright:
- license: MIT
@@ -29,7 +29,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: b40f588e6e98f743402b3c93921d5053d5c15127
+ expected-commit: ebd30eca2797b448a791d2e4149b1f1b56db7207
repository: https://github.com/socketry/console
tag: v${{package.version}}
diff --git a/ruby3.2-console/001-remove-signing-key.patch b/ruby3.2-console/001-remove-signing-key.patch
index f1c7244dac3..1e6b8b2d45f 100644
--- a/ruby3.2-console/001-remove-signing-key.patch
+++ b/ruby3.2-console/001-remove-signing-key.patch
@@ -1,12 +1,12 @@
diff --git a/console.gemspec b/console.gemspec
-index f20efa4..d7ab9ae 100644
+index 073394d..0fc50be 100644
--- a/console.gemspec
+++ b/console.gemspec
@@ -11,7 +11,6 @@ Gem::Specification.new do |spec|
spec.license = "MIT"
- spec.cert_chain = ['release.cert']
-- spec.signing_key = File.expand_path('~/.gem/release.pem')
+ spec.cert_chain = ["release.cert"]
+- spec.signing_key = File.expand_path("~/.gem/release.pem")
- spec.homepage = "https://github.com/socketry/console"
+ spec.homepage = "https://socketry.github.io/console"
diff --git a/ruby3.2-elasticsearch-api.yaml b/ruby3.2-elasticsearch-api.yaml
index f912ad4c4f8..dfbaa41a177 100644
--- a/ruby3.2-elasticsearch-api.yaml
+++ b/ruby3.2-elasticsearch-api.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-elasticsearch-api
- version: 8.15.0
- epoch: 1
+ version: 8.16.0
+ epoch: 0
description: |
Ruby API for Elasticsearch. See the `elasticsearch` gem for full integration.
copyright:
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/elastic/elasticsearch-ruby.git
tag: v${{package.version}}
- expected-commit: d37bf317b5273bbcd8b0038e812a16b41a0712da
+ expected-commit: 2acbce702ecdc3c7f8e8116e81a76a836f75c6f0
- working-directory: ${{vars.gem}}
pipeline:
diff --git a/ruby3.2-elasticsearch.yaml b/ruby3.2-elasticsearch.yaml
index 96ed785b72d..674c9764f01 100644
--- a/ruby3.2-elasticsearch.yaml
+++ b/ruby3.2-elasticsearch.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-elasticsearch
- version: 8.15.0
- epoch: 1
+ version: 8.16.0
+ epoch: 0
description: |
Ruby integrations for Elasticsearch (client, API, etc.)
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/elastic/elasticsearch-ruby.git
tag: v${{package.version}}
- expected-commit: d37bf317b5273bbcd8b0038e812a16b41a0712da
+ expected-commit: 2acbce702ecdc3c7f8e8116e81a76a836f75c6f0
- working-directory: ${{vars.gem}}
pipeline:
diff --git a/ruby3.2-excon.yaml b/ruby3.2-excon.yaml
index 69910b0e4be..c2f4fda3611 100644
--- a/ruby3.2-excon.yaml
+++ b/ruby3.2-excon.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/excon/excon
package:
name: ruby3.2-excon
- version: 1.1.1
+ version: 1.2.1
epoch: 0
description: EXtended http(s) CONnections
copyright:
@@ -21,7 +21,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/excon/excon
- expected-commit: 161d414d55649e7f392c93f9b287f857d8963e34
+ expected-commit: 239111877ffa6f56ccc6d8f43d0fae2dec17e164
tag: v${{package.version}}
- uses: ruby/build
diff --git a/ruby3.2-faraday.yaml b/ruby3.2-faraday.yaml
index 09d32a0205c..ffa1bc9e1bc 100644
--- a/ruby3.2-faraday.yaml
+++ b/ruby3.2-faraday.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-faraday
- version: 2.12.0
- epoch: 1
+ version: 2.12.1
+ epoch: 0
description: HTTP/REST API client library.
copyright:
- license: MIT
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 59c5003ceb350096ade65086f8c17efbb7e0e53c
+ expected-commit: 93ef9e0ea905675358e2ae3edadebe1e13df95ef
repository: https://github.com/lostisland/faraday
tag: v${{package.version}}
@@ -41,6 +41,19 @@ pipeline:
vars:
gem: faraday
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'faraday'"
+ - name: Basic usage
+ runs: |
+ cat < /tmp/test.rb
+ require 'faraday'
+ response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/")
+ print response.status
+ EOF
+ ruby /tmp/test.rb
+
update:
enabled: true
github:
diff --git a/ruby3.2-gems.yaml b/ruby3.2-gems.yaml
index 1869fa55327..ac21a945115 100644
--- a/ruby3.2-gems.yaml
+++ b/ruby3.2-gems.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/rubygems/gems
package:
name: ruby3.2-gems
- version: 1.2.0
- epoch: 2
+ version: 1.3.0
+ epoch: 0
description: Ruby wrapper for the RubyGems.org API
copyright:
- license: MIT
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 639a640c59be27e0488091309ea37c1485de1134
+ expected-commit: 4106516c2530187f56e951d264d23e26559b91ab
repository: https://github.com/rubygems/gems
tag: v${{package.version}}
@@ -38,6 +38,18 @@ pipeline:
vars:
gem: gems
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'gems'"
+ - name: Basic usage
+ runs: |
+ cat < /tmp/test.rb
+ require 'gems'
+ print Gems.info 'rails'
+ EOF
+ ruby /tmp/test.rb
+
update:
enabled: true
github:
diff --git a/ruby3.2-io-endpoint.yaml b/ruby3.2-io-endpoint.yaml
new file mode 100644
index 00000000000..d31de48258f
--- /dev/null
+++ b/ruby3.2-io-endpoint.yaml
@@ -0,0 +1,105 @@
+package:
+ name: ruby3.2-io-endpoint
+ version: 0.14.0
+ epoch: 0
+ description: A Ruby gem providing endpoint abstractions for network clients and servers.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - ruby-${{vars.rubyMM}}
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: ecdbd0d2c86730e4bac3637dd9d1a2b2a18d0dca
+ repository: https://github.com/socketry/io-endpoint
+ tag: v${{package.version}}
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: io-endpoint
+
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
+ - ruby${{vars.rubyMM}}-async-io
+ - ruby${{vars.rubyMM}}-io-stream
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'io/endpoint'
+ require 'async'
+ require 'async/io'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ class TestIOEndpoint < Test::Unit::TestCase
+ def test_tcp_endpoint
+ host = "127.0.0.1"
+ port = 9292
+ # Define a simple TCP endpoint
+ server_endpoint = Async::IO::Endpoint.tcp(host, port)
+ # Start Async reactor
+ Async do |task|
+ # Server task: listens and responds to connections
+ server_task = task.async do
+ server_endpoint.accept do |socket|
+ socket.write("Hello from TCP server!")
+ socket.close
+ end
+ end
+ # Delay to ensure server is ready
+ task.sleep(0.5)
+ # Client task: connects to the server and reads the response
+ client_task = task.async do
+ client_endpoint = Async::IO::Endpoint.tcp(host, port)
+ client_endpoint.connect do |socket|
+ message = socket.read
+ assert_equal "Hello from TCP server!", message, "Expected server greeting message"
+ puts "Client received correct message"
+ end
+ end
+ # Wait for client task to finish and stop server
+ client_task.wait
+ server_task.stop
+ end
+ puts "TCP endpoint test passed."
+ end
+ end
+ EOF
+
+update:
+ enabled: true
+ github:
+ identifier: socketry/io-endpoint
+ strip-prefix: v
+ use-tag: true
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.2-io-stream.yaml b/ruby3.2-io-stream.yaml
new file mode 100644
index 00000000000..519668bc03d
--- /dev/null
+++ b/ruby3.2-io-stream.yaml
@@ -0,0 +1,92 @@
+package:
+ name: ruby3.2-io-stream
+ version: 0.6.1
+ epoch: 0
+ description: A Ruby gem providing stream abstractions for input and output.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - ruby-${{vars.rubyMM}}
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: 8b0080a120e085e8f22afcd08b51b06cf5cab78c
+ repository: https://github.com/socketry/io-stream
+ tag: v${{package.version}}
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: io-stream
+
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'io/stream'
+ require 'stringio'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ class TestIOStream < Test::Unit::TestCase
+ def test_write_and_read
+ # Create a StringIO object and wrap it in IO::Stream
+ buffer = StringIO.new
+ stream = IO::Stream::Buffered.new(buffer)
+ # Write to the stream
+ stream.write("Hello, Stream!")
+ stream.flush # Ensure data is written to the buffer
+ # Reset buffer for reading and read back the data
+ buffer.rewind
+ message = buffer.read
+ # Assert that the message matches what was written
+ assert_equal "Hello, Stream!", message, "Expected written message to be read back from stream"
+ puts "Basic write and read test passed."
+ end
+ def test_close
+ buffer = StringIO.new
+ stream = IO::Stream::Buffered.new(buffer)
+ # Close the stream and assert it's closed
+ stream.close
+ assert stream.closed?, "Expected stream to be closed"
+ puts "Stream close test passed."
+ end
+ end
+ EOF
+
+update:
+ enabled: true
+ github:
+ identifier: socketry/io-stream
+ strip-prefix: v
+ use-tag: true
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.2-json.yaml b/ruby3.2-json.yaml
index 9bfb1fe120f..b5c68bdebae 100644
--- a/ruby3.2-json.yaml
+++ b/ruby3.2-json.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/flori/json
package:
name: ruby3.2-json
- version: 2.7.5
+ version: 2.8.2
epoch: 0
description: This is a JSON implementation as a Ruby extension in C.
copyright:
@@ -22,9 +22,7 @@ pipeline:
with:
repository: https://github.com/ruby/json
tag: v${{package.version}}
- expected-commit: 9d711865da1ee4fe90e91e692e320d5ed5eb4fa2
- cherry-picks: |
- v2.7.x/e6f569d20a937ccd9677a72d85c7dfb3f1267c05: fixed version number
+ expected-commit: d5e4a6e3fd10d4707a5bd0d5c1e8dcc771724ccf
- uses: ruby/build
with:
diff --git a/ruby3.2-logstash-core-plugin-api.yaml b/ruby3.2-logstash-core-plugin-api.yaml
index 339dd8d7374..6698052f593 100644
--- a/ruby3.2-logstash-core-plugin-api.yaml
+++ b/ruby3.2-logstash-core-plugin-api.yaml
@@ -1,8 +1,8 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.2-logstash-core-plugin-api
- version: 8.15.3
- epoch: 1
+ version: 8.16.0
+ epoch: 0
description: Logstash plugin API
copyright:
- license: Apache-2.0
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: 8364c8e89cfb113e38ec3f966df7eb1e9abe9d33
+ expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
- working-directory: logstash-core-plugin-api
pipeline:
diff --git a/ruby3.2-logstash-core.yaml b/ruby3.2-logstash-core.yaml
index a180c585049..2fcca4b26cb 100644
--- a/ruby3.2-logstash-core.yaml
+++ b/ruby3.2-logstash-core.yaml
@@ -1,8 +1,8 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.2-logstash-core
- version: 8.15.3
- epoch: 1
+ version: 8.16.0
+ epoch: 0
description: The core components of logstash, the scalable log and event management tool
copyright:
- license: Apache-2.0
@@ -45,7 +45,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: 8364c8e89cfb113e38ec3f966df7eb1e9abe9d33
+ expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
- working-directory: logstash-core
pipeline:
diff --git a/ruby3.2-metrics.yaml b/ruby3.2-metrics.yaml
index bef3c9d0943..21900eee5b7 100644
--- a/ruby3.2-metrics.yaml
+++ b/ruby3.2-metrics.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-metrics
- version: 0.12.0
- epoch: 1
+ version: 0.12.1
+ epoch: 0
description: Application metrics and instrumentation.
copyright:
- license: MIT
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 7c34b8de9902b66f267d2ecda8f3b3b93ac6425c
+ expected-commit: f392d30054a8d063a51777469af9e59942f6747d
repository: https://github.com/socketry/metrics
tag: v${{package.version}}
diff --git a/ruby3.2-mime-types-data.yaml b/ruby3.2-mime-types-data.yaml
index 12c5494a22d..45266d58252 100644
--- a/ruby3.2-mime-types-data.yaml
+++ b/ruby3.2-mime-types-data.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-mime-types-data
- version: 3.2024.1001
- epoch: 1
+ version: 3.2024.1105
+ epoch: 0
description: MIME Type registry data
copyright:
- license: MIT
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/mime-types/mime-types-data.git
tag: v${{package.version}}
- expected-commit: 5109e7227b7a97caa3317b95bb1e2d5036549eed
+ expected-commit: 06c34687e700b93869f4b9ad27b954cd9fddc28f
- uses: ruby/build
with:
diff --git a/ruby3.2-msgpack.yaml b/ruby3.2-msgpack.yaml
index b181998277e..1ce95b9a01b 100644
--- a/ruby3.2-msgpack.yaml
+++ b/ruby3.2-msgpack.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-msgpack
- version: 1.7.3
- epoch: 1
+ version: 1.7.5
+ epoch: 0
description: MessagePack is a binary-based efficient object serialization library. It enables to exchange structured objects between many languages like JSON. But unlike JSON, it is very fast and small.
copyright:
- license: Apache-2.0
@@ -28,7 +28,7 @@ pipeline:
- uses: git-checkout
with:
destination: ${{vars.gem}}
- expected-commit: 6bbaa97600430c438675540e1f970d61ce5ccd9e
+ expected-commit: 2a92ffbf0b84904147826f514ed544cc5c19f24d
repository: https://github.com/msgpack/msgpack-ruby.git
tag: v${{package.version}}
@@ -43,6 +43,59 @@ pipeline:
version: ${{package.version}}
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'msgpack'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ # Test basic integer packing/unpacking
+ packed = 42.to_msgpack
+ assert_equal 42, MessagePack.unpack(packed)
+ puts "Integer serialization test passed"
+ # Test string packing/unpacking
+ packed = "hello".to_msgpack
+ assert_equal "hello", MessagePack.unpack(packed)
+ puts "String serialization test passed"
+ # Test array packing/unpacking
+ data = [1, "abc", true]
+ packed = data.to_msgpack
+ assert_equal data, MessagePack.unpack(packed)
+ puts "Array serialization test passed"
+ # Test hash packing/unpacking
+ data = {"name" => "test", "value" => 123}
+ packed = data.to_msgpack
+ assert_equal data, MessagePack.unpack(packed)
+ puts "Hash serialization test passed"
+ # Test nested structure
+ nested = {
+ "array" => [1, 2, 3],
+ "hash" => {"a" => 1, "b" => 2},
+ "mixed" => [{"x" => 1}, [1, 2], "test"]
+ }
+ packed = nested.to_msgpack
+ assert_equal nested, MessagePack.unpack(packed)
+ puts "Nested structure serialization test passed"
+ # Test packer/unpacker streaming API
+ packer = MessagePack::Packer.new
+ packer.write(1)
+ packer.write("string")
+ packer.write([1,2,3])
+ data = packer.to_s
+ unpacker = MessagePack::Unpacker.new
+ unpacker.feed(data)
+ results = []
+ unpacker.each {|obj| results << obj }
+ assert_equal [1, "string", [1,2,3]], results
+ puts "Streaming API test passed"
+ puts "All tests passed!"
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.2-net-imap.yaml b/ruby3.2-net-imap.yaml
index a92acd24bf3..29c335b3086 100644
--- a/ruby3.2-net-imap.yaml
+++ b/ruby3.2-net-imap.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-net-imap
- version: 0.5.0
- epoch: 1
+ version: 0.5.1
+ epoch: 0
description: Ruby client api for Internet Message Access Protocol
copyright:
- license: Ruby
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cc13c91c65b78ee33ebf4960d547173e761cafdc
+ expected-commit: ea47e348079f78b3cee5c5c72d12fd013fffed53
repository: https://github.com/ruby/net-imap
tag: v${{package.version}}
diff --git a/ruby3.2-protocol-http.yaml b/ruby3.2-protocol-http.yaml
index 7db34e80acf..a8b31f40bb6 100644
--- a/ruby3.2-protocol-http.yaml
+++ b/ruby3.2-protocol-http.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-protocol-http
- version: 0.42.0
- epoch: 1
+ version: 0.44.0
+ epoch: 0
description: Provides abstractions to handle HTTP protocols.
copyright:
- license: MIT
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: b6d92cbedd9b7906128d6b85132dd31329da675d
+ expected-commit: bdabfd7e25a4949406d8c420f67427005518091c
repository: https://github.com/socketry/protocol-http
tag: v${{package.version}}
diff --git a/ruby3.2-protocol-http2.yaml b/ruby3.2-protocol-http2.yaml
index 317d66046e9..e8f1cd9c23d 100644
--- a/ruby3.2-protocol-http2.yaml
+++ b/ruby3.2-protocol-http2.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.2-protocol-http2
- version: 0.19.4
+ version: 0.20.0
epoch: 0
description: A low level implementation of the HTTP/2 protocol.
copyright:
@@ -27,7 +27,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 1c870bc61869dc446a8d5bfafdab3ccb5b96cf83
+ expected-commit: 76a6cda55ac572af57ae7d87e12dc297930c9d42
repository: https://github.com/socketry/protocol-http2
tag: v${{package.version}}
diff --git a/ruby3.2-pry.yaml b/ruby3.2-pry.yaml
index 989070d557b..7571a24ffe5 100644
--- a/ruby3.2-pry.yaml
+++ b/ruby3.2-pry.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/pry/pry
package:
name: ruby3.2-pry
- version: 0.14.2
- epoch: 4
+ version: 0.15.0
+ epoch: 0
description: A runtime developer console and IRB alternative with powerful introspection capabilities
copyright:
- license: MIT
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 24f6190e42f24979886cf6d974b70bd7638fda46
+ expected-commit: 52d1489b8912c208366730004c65bb05cabf2e2a
repository: https://github.com/pry/pry
tag: v${{package.version}}
diff --git a/ruby3.2-psych.yaml b/ruby3.2-psych.yaml
index fd052de2090..c1201d2102a 100644
--- a/ruby3.2-psych.yaml
+++ b/ruby3.2-psych.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/ruby/psych
package:
name: ruby3.2-psych
- version: 5.1.2
- epoch: 2
+ version: 5.2.0
+ epoch: 0
description: Psych is a YAML parser and emitter.
copyright:
- license: MIT
@@ -27,7 +27,7 @@ pipeline:
with:
repository: https://github.com/ruby/psych.git
tag: v${{package.version}}
- expected-commit: a9ab74d13270aa1403cb9089c407b32b8126233f
+ expected-commit: 6ea07fdadd8245ed01d26122baacb56ff01662b8
- uses: ruby/build
with:
diff --git a/ruby3.2-reline.yaml b/ruby3.2-reline.yaml
index 658e6dcd025..ca8660be54d 100644
--- a/ruby3.2-reline.yaml
+++ b/ruby3.2-reline.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/ruby/reline
package:
name: ruby3.2-reline
- version: 0.5.10
- epoch: 1
+ version: 0.5.11
+ epoch: 0
description: Alternative GNU Readline or Editline implementation by pure Ruby.
copyright:
- license: Ruby
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/ruby/reline.git
tag: v${{package.version}}
- expected-commit: 0ebd54f67591e333619caafa98168815ad8047e2
+ expected-commit: 4d90743409fbfbe79ea5b70c862a03d66e202e52
- uses: ruby/build
with:
diff --git a/ruby3.2-securerandom.yaml b/ruby3.2-securerandom.yaml
index 13e93b78268..81d0cf1ffee 100644
--- a/ruby3.2-securerandom.yaml
+++ b/ruby3.2-securerandom.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-securerandom
- version: 0.3.1
- epoch: 1
+ version: 0.3.2
+ epoch: 0
description: Interface for secure random number generator.
copyright:
- license: Ruby
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/ruby/securerandom
tag: v${{package.version}}
- expected-commit: 890d659970f945a4671814066f311f4038fa9e49
+ expected-commit: 9703d96a76ee72a278558a474d69cc0eb0bc0d6e
- uses: ruby/build
with:
diff --git a/ruby3.2-stringio.yaml b/ruby3.2-stringio.yaml
index d40c530f7c4..a80d6873945 100644
--- a/ruby3.2-stringio.yaml
+++ b/ruby3.2-stringio.yaml
@@ -1,8 +1,8 @@
# Generated from https://github.com/ruby/stringio
package:
name: ruby3.2-stringio
- version: 3.1.1
- epoch: 1
+ version: 3.1.2
+ epoch: 0
description: Pseudo `IO` class from/to `String`.
copyright:
- license: Ruby
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/ruby/stringio.git
tag: v${{package.version}}
- expected-commit: 59b747e1f3a68ec04202f6da46483b26343d7385
+ expected-commit: 7cc9fb1bf54d8fc873094eb36cbf8193e28fe05c
- uses: ruby/build
with:
diff --git a/ruby3.2-timeout.yaml b/ruby3.2-timeout.yaml
index 6882f93a6fb..e65567ebf0b 100644
--- a/ruby3.2-timeout.yaml
+++ b/ruby3.2-timeout.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-timeout
- version: 0.4.1
- epoch: 5
+ version: 0.4.2
+ epoch: 0
description: Auto-terminate potentially long-running operations in Ruby.
copyright:
- license: Ruby
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: a65e49cc31bcdaad892330cdd93ab8e5481e1fc7
+ expected-commit: 2f5252299403e00135b694455fb31a2bded32cd5
repository: https://github.com/ruby/timeout
tag: v${{package.version}}
diff --git a/ruby3.2-traces.yaml b/ruby3.2-traces.yaml
index b5d22036782..59fb9845ca8 100644
--- a/ruby3.2-traces.yaml
+++ b/ruby3.2-traces.yaml
@@ -1,7 +1,7 @@
package:
name: ruby3.2-traces
- version: 0.13.1
- epoch: 1
+ version: 0.14.1
+ epoch: 0
description: Application instrumentation and tracing.
copyright:
- license: MIT
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 865f2fe80d52f31295b69799246dc48727e74ebe
+ expected-commit: e15e6c4af451393e0482391a9d278ac5d00cd3aa
repository: https://github.com/socketry/traces
tag: v${{package.version}}
@@ -44,6 +44,37 @@ pipeline:
- uses: ruby/clean
+test:
+ pipeline:
+ - name: Validate import
+ runs: ruby -e "require 'traces'"
+ - name: Basic example
+ runs: |
+ cat > example.rb < 'bar'
+ }
+
+ Traces.trace('my_method', attributes: attributes) do
+ super
+ end
+ end
+ end
+
+ MyClass.new.my_method
+ EOF
+ ruby example.rb
+
update:
enabled: true
github:
diff --git a/ruby3.2-uri.yaml b/ruby3.2-uri.yaml
new file mode 100644
index 00000000000..98dec16c9f3
--- /dev/null
+++ b/ruby3.2-uri.yaml
@@ -0,0 +1,50 @@
+package:
+ name: ruby3.2-uri
+ version: 1.0.2
+ epoch: 0
+ description: "URI is a module providing classes to handle Uniform Resource Identifiers"
+ copyright:
+ - license: BSD-2-Clause OR Ruby
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-3.2
+ - ruby-3.2-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/ruby/uri
+ tag: v${{package.version}}
+ expected-commit: e46960a467f2ed398731286ec78b899e1a01655f
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: uri
+
+test:
+ pipeline:
+ - runs: ruby -e "require 'uri'"
+ - runs: |
+ ruby -e 'require "uri"; uri = URI("https://wolfi.dev"); raise "Failed to parse URI" unless uri.host == "wolfi.dev" && uri.scheme == "https"'
+
+update:
+ enabled: true
+ github:
+ identifier: ruby/uri
+ strip-prefix: v
diff --git a/ruby3.3-activemodel.yaml b/ruby3.3-activemodel.yaml
index 623f6c62065..88a542a2014 100644
--- a/ruby3.3-activemodel.yaml
+++ b/ruby3.3-activemodel.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-activemodel
- version: 7.2.2
+ version: 8.0.0
epoch: 0
description: A toolkit for building modeling frameworks like Active Record. Rich support for attributes, callbacks, validations, serialization, internationalization, and testing.
copyright:
@@ -24,7 +24,7 @@ pipeline:
with:
repository: https://github.com/rails/rails
tag: v${{package.version}}
- expected-commit: d0dcb8fa6073a0c4d42600c15e82e3bb386b27d3
+ expected-commit: dd8f7185faeca6ee968a6e9367f6d8601a83b8db
- uses: ruby/build
with:
diff --git a/ruby3.3-activesupport.yaml b/ruby3.3-activesupport.yaml
index 210e4d59275..cc5f075c724 100644
--- a/ruby3.3-activesupport.yaml
+++ b/ruby3.3-activesupport.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-activesupport
- version: 7.2.2
+ version: 8.0.0
epoch: 0
description: A toolkit of support libraries and Ruby core extensions extracted from the Rails framework. Rich support for multibyte strings, internationalization, time zones, and testing.
copyright:
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/rails/rails
tag: v${{package.version}}
- expected-commit: d0dcb8fa6073a0c4d42600c15e82e3bb386b27d3
+ expected-commit: dd8f7185faeca6ee968a6e9367f6d8601a83b8db
- uses: ruby/build
with:
@@ -53,8 +53,62 @@ update:
strip-prefix: v
test:
+ environment:
+ contents:
+ packages:
+ - ruby${{vars.rubyMM}}-uri
+ - ruby${{vars.rubyMM}}-benchmark
pipeline:
- - runs: ruby -e "require 'active_support'"
+ - name: Basic require test
+ runs: |
+ ruby -e "require 'active_support'"
+ - name: Test core extensions
+ runs: |
+ ruby < 0, "Wrapped key should not be empty"
+ puts "Wrap test passed"
+
+ # Test unwrapping with IV
+ unwrapped_key = AESKeyWrap.unwrap(wrapped_key, kek, iv)
+ assert_equal plaintext_key, unwrapped_key, "Unwrapped key should match the original plaintext key"
+ puts "Unwrap test passed"
+
+ puts "Basic wrap/unwrap test with explicit IV passed"
+ EOF
+
vars:
gem: aes_key_wrap
diff --git a/ruby3.3-async-http.yaml b/ruby3.3-async-http.yaml
index 0e99f6e533f..0fa5a7eaed5 100644
--- a/ruby3.3-async-http.yaml
+++ b/ruby3.3-async-http.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-async-http
- version: 0.82.3
+ version: 0.83.1
epoch: 0
description: A HTTP client and server library.
copyright:
@@ -32,7 +32,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 6429f222cb9ffdfbbf3e3a6fe805c4d4768995bf
+ expected-commit: 4ce90b1879ad80ade9ee2379ea86e85789ecd689
repository: https://github.com/socketry/async-http
tag: v${{package.version}}
@@ -51,6 +51,76 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-io-endpoint
+ - ruby${{vars.rubyMM}}-io-stream
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'async/http/server'
+ require 'async/http/client'
+ require 'async/http/endpoint'
+ require 'protocol/http/response'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Define the HTTP server endpoint
+ server_endpoint = Async::HTTP::Endpoint.parse("http://127.0.0.1:9292")
+
+ # Define the server app that responds to GET requests only
+ app = proc do |request|
+ case request.method
+ when "GET"
+ Protocol::HTTP::Response[200, {}, ["Hello, World!"]]
+ else
+ Protocol::HTTP::Response[405, {}, ["Method Not Allowed"]]
+ end
+ end
+
+ # Run the server and client tasks within a timeout block
+ Async::Reactor.run do |task|
+ begin
+ # Server task: Start the server with the endpoint
+ server = Async::HTTP::Server.new(app, server_endpoint)
+
+ # Run server in a child task
+ server_task = task.async do
+ server.run
+ end
+
+ # Delay to ensure server is ready
+ task.sleep(0.5)
+
+ # Client task: Perform a single GET request
+ client_task = task.async do
+ client = Async::HTTP::Client.new(server_endpoint)
+
+ # Test GET request
+ response = client.get("/")
+ assert_equal 200, response.status, "Expected 200 OK for GET request"
+ assert_equal "Hello, World!", response.read, "Expected 'Hello, World!' in response body for GET request"
+ puts "GET request test passed"
+
+ client.close
+ end
+
+ # Wait for the client task to finish, then stop the server
+ client_task.wait
+ server_task.stop
+ rescue => e
+ puts "Error encountered: #{e.class} - #{e.message}"
+ puts e.backtrace
+ end
+ end
+
+ puts "Minimal async-http test completed."
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-async-io.yaml b/ruby3.3-async-io.yaml
index 320a54f8dab..b1fa056df85 100644
--- a/ruby3.3-async-io.yaml
+++ b/ruby3.3-async-io.yaml
@@ -45,6 +45,55 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'async/io'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsyncIO < Test::Unit::TestCase
+ def test_basic_tcp_connection
+ host = "127.0.0.1"
+ port = 9090
+
+ Async do |task|
+ # Server task: responds with a message
+ server_task = task.async do
+ server = Async::IO::TCPServer.new(host, port)
+ client = server.accept
+ client.write("Hello, Async!")
+ client.close
+ server.close
+ end
+
+ # Allow server to start
+ task.sleep(0.1)
+
+ # Client task: connects and reads message
+ client_task = task.async do
+ client = Async::IO::TCPSocket.new(host, port)
+ message = client.read
+ assert_equal "Hello, Async!", message, "Expected message from server"
+ client.close
+ end
+
+ client_task.wait
+ server_task.stop
+ end
+
+ puts "Basic TCP connection test passed."
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-async-pool.yaml b/ruby3.3-async-pool.yaml
index df984a8f10e..527a868a26d 100644
--- a/ruby3.3-async-pool.yaml
+++ b/ruby3.3-async-pool.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-async-pool
- version: 0.10.1
+ version: 0.10.2
epoch: 0
description: A singleplex and multiplex resource pool for implementing robust clients.
copyright:
@@ -28,7 +28,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 2b213d0cbdca13888233542268973a695196e95a
+ expected-commit: 538d46c45f603d85d87680e06df8f032c14ecdca
repository: https://github.com/socketry/async-pool
tag: v${{package.version}}
@@ -53,9 +53,36 @@ update:
use-tag: true
test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
pipeline:
- runs: |
- ruby -e "require 'async/pool'"
+ ruby <<-EOF
+ require 'async'
+ require 'async/pool'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsyncPool < Test::Unit::TestCase
+ def test_pool_limit
+ Async do
+ pool = Async::Pool::Controller.new(limit: 2)
+ tasks = []
+
+ 3.times do
+ tasks << pool.async { sleep(0.1) } # Simulate task work
+ end
+
+ # Ensure only 2 tasks run concurrently
+ assert tasks.count { |task| task.running? } <= 2, "Expected limit of 2 concurrent tasks"
+ puts "Pool limit test passed."
+ end
+ end
+ end
+ EOF
var-transforms:
- from: ${{package.name}}
diff --git a/ruby3.3-async.yaml b/ruby3.3-async.yaml
index 9944cd52991..4b3a4bb503f 100644
--- a/ruby3.3-async.yaml
+++ b/ruby3.3-async.yaml
@@ -47,6 +47,33 @@ pipeline:
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'async'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ class TestAsync < Test::Unit::TestCase
+ def test_async_execution
+ result = nil
+ Async { result = "done" }
+ assert_equal "done", result, "Async task should complete"
+ end
+
+ def test_async_sleep
+ start_time = Time.now
+ Async { Async::Task.current.sleep(0.1) }
+ assert Time.now - start_time < 0.2, "Async sleep should not block"
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-attr_required.yaml b/ruby3.3-attr_required.yaml
index 2cc61e3121d..df4dcae7af4 100644
--- a/ruby3.3-attr_required.yaml
+++ b/ruby3.3-attr_required.yaml
@@ -37,6 +37,32 @@ pipeline:
vars:
gem: attr_required
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'attr_required'
+ require 'test/unit'
+
+ class SimpleAttrTest < Test::Unit::TestCase
+ class TestClass
+ include AttrRequired
+ attr_required :name
+ end
+
+ def test_required_attribute
+ obj = TestClass.new
+ obj.name = "Alice"
+ assert_equal "Alice", obj.name
+ puts "attr_required test passed."
+ end
+ end
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-aws-eventstream.yaml b/ruby3.3-aws-eventstream.yaml
index f07ac20257f..6b8b3a39738 100644
--- a/ruby3.3-aws-eventstream.yaml
+++ b/ruby3.3-aws-eventstream.yaml
@@ -41,6 +41,37 @@ pipeline:
vars:
gem: aws-eventstream
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-eventstream'
+ require 'test/unit'
+ require 'stringio'
+ include Test::Unit::Assertions
+
+ # Create and test a simple message
+ message = Aws::EventStream::Message.new(
+ headers: {'event-type' => Aws::EventStream::HeaderValue.new(value: 'test', type: 'string')},
+ payload: StringIO.new("test_data")
+ )
+
+ encoded = Aws::EventStream::Encoder.new.encode(message)
+
+ messages = []
+ decoder = Aws::EventStream::Decoder.new
+ decoder.decode(StringIO.new(encoded)) do |decoded_msg|
+ messages << decoded_msg
+ end
+
+ assert_equal "test_data", messages.first.payload.read
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.3-aws-partitions.yaml b/ruby3.3-aws-partitions.yaml
index 9415944bf96..aadbab00c32 100644
--- a/ruby3.3-aws-partitions.yaml
+++ b/ruby3.3-aws-partitions.yaml
@@ -41,6 +41,46 @@ pipeline:
vars:
gem: aws-partitions
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-partitions'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test partition listing and default aws partition
+ partitions = Aws::Partitions.partitions
+ assert partitions.any?
+ assert_equal 'aws', partitions.first.name
+ puts "Partition listing test passed"
+
+ # Test region enumeration for aws partition
+ aws_partition = Aws::Partitions.partitions.find { |p| p.name == 'aws' }
+ regions = aws_partition.regions
+ assert regions.any?
+ assert regions.any? { |r| r.name == 'us-east-1' }
+ puts "Region enumeration test passed"
+
+ # Test service IDs
+ service_ids = Aws::Partitions.service_ids
+ assert service_ids.include?('S3') || service_ids.include?('s3')
+ assert service_ids.include?('EC2') || service_ids.include?('ec2')
+ puts "Service ID test passed"
+
+ # Test partition regions
+ aws_regions = aws_partition.regions.map(&:name)
+ assert aws_regions.include?('us-east-1'), "AWS partition should include us-east-1"
+ assert aws_regions.include?('us-west-2'), "AWS partition should include us-west-2"
+ puts "Partition regions test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.3-aws-sdk-cloudwatchlogs.yaml b/ruby3.3-aws-sdk-cloudwatchlogs.yaml
index 8a63a51900c..993bcb7e66b 100644
--- a/ruby3.3-aws-sdk-cloudwatchlogs.yaml
+++ b/ruby3.3-aws-sdk-cloudwatchlogs.yaml
@@ -43,6 +43,43 @@ pipeline:
vars:
gem: aws-sdk-cloudwatchlogs
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-sdk-cloudwatchlogs'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test client initialization with stubs
+ client = Aws::CloudWatchLogs::Client.new(
+ region: 'us-west-2',
+ stub_responses: true
+ )
+ assert_kind_of Aws::CloudWatchLogs::Client, client
+ puts "Client initialization test passed"
+
+ # Test describe_log_groups API
+ client.stub_responses(:describe_log_groups, {
+ log_groups: [
+ {
+ log_group_name: "test-group",
+ retention_in_days: 7
+ }
+ ]
+ })
+
+ resp = client.describe_log_groups
+ assert_equal "test-group", resp.log_groups[0].log_group_name
+ puts "API call test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.3-aws-sdk-core.yaml b/ruby3.3-aws-sdk-core.yaml
index acac0c3b0f0..73abe241b55 100644
--- a/ruby3.3-aws-sdk-core.yaml
+++ b/ruby3.3-aws-sdk-core.yaml
@@ -47,6 +47,41 @@ pipeline:
vars:
gem: aws-sdk-core
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'aws-sdk-core'
+ require 'test/unit'
+ include Test::Unit::Assertions
+
+ # Test credentials
+ creds = Aws::Credentials.new('access_key', 'secret_key')
+ assert_equal 'access_key', creds.access_key_id
+ assert_equal 'secret_key', creds.secret_access_key
+ puts "Credentials test passed"
+
+ # Test global configuration
+ Aws.config.update(
+ region: 'us-west-2',
+ credentials: creds
+ )
+ assert_equal 'us-west-2', Aws.config[:region]
+ puts "Configuration test passed"
+
+ # Test presence of core modules
+ assert defined?(Aws::Errors)
+ assert defined?(Aws::PageableResponse)
+ assert defined?(Aws::Structure)
+ puts "Core modules test passed"
+
+ puts "All tests passed!"
+ EOF
+
update:
enabled: false
manual: true # the library we fetch uses a different version then the package version
diff --git a/ruby3.3-benchmark.yaml b/ruby3.3-benchmark.yaml
new file mode 100644
index 00000000000..dfea9fa37f9
--- /dev/null
+++ b/ruby3.3-benchmark.yaml
@@ -0,0 +1,50 @@
+package:
+ name: ruby3.3-benchmark
+ version: 0.4.0
+ epoch: 0
+ description: "A performance benchmarking library for Ruby"
+ copyright:
+ - license: BSD-2-Clause OR Ruby
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-3.3
+ - ruby-3.3-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/ruby/benchmark
+ tag: v${{package.version}}
+ expected-commit: a5d77ceae06d69a8b1b06d45760c9590a466707d
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: benchmark
+
+test:
+ pipeline:
+ - runs: ruby -e "require 'benchmark'"
+ - runs: |
+ ruby -e 'require "benchmark"; Benchmark.measure { 1 + 1 }; puts "OK"'
+
+update:
+ enabled: true
+ github:
+ identifier: ruby/benchmark
+ strip-prefix: v
diff --git a/ruby3.3-bundler.yaml b/ruby3.3-bundler.yaml
index 3bdbc262ee2..0035196baba 100644
--- a/ruby3.3-bundler.yaml
+++ b/ruby3.3-bundler.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-bundler
- version: 2.5.22
+ version: 2.5.23
epoch: 0
description: "Manage an application's gem dependencies"
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 342d4542fdaaea847507a84a1ccef3a157fd03a4
+ expected-commit: 35f4611265e8f5c6c4eeed9d152be12b3bf29fe1
repository: https://github.com/rubygems/rubygems
tag: bundler-v${{package.version}}
diff --git a/ruby3.3-console.yaml b/ruby3.3-console.yaml
index 1ffee0f8c02..aa293be4d8a 100644
--- a/ruby3.3-console.yaml
+++ b/ruby3.3-console.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-console
- version: 1.27.0
+ version: 1.29.0
epoch: 0
description: Beautiful logging for Ruby.
copyright:
@@ -29,7 +29,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: b40f588e6e98f743402b3c93921d5053d5c15127
+ expected-commit: ebd30eca2797b448a791d2e4149b1f1b56db7207
repository: https://github.com/socketry/console
tag: v${{package.version}}
diff --git a/ruby3.3-console/001-remove-signing-key.patch b/ruby3.3-console/001-remove-signing-key.patch
index f1c7244dac3..1e6b8b2d45f 100644
--- a/ruby3.3-console/001-remove-signing-key.patch
+++ b/ruby3.3-console/001-remove-signing-key.patch
@@ -1,12 +1,12 @@
diff --git a/console.gemspec b/console.gemspec
-index f20efa4..d7ab9ae 100644
+index 073394d..0fc50be 100644
--- a/console.gemspec
+++ b/console.gemspec
@@ -11,7 +11,6 @@ Gem::Specification.new do |spec|
spec.license = "MIT"
- spec.cert_chain = ['release.cert']
-- spec.signing_key = File.expand_path('~/.gem/release.pem')
+ spec.cert_chain = ["release.cert"]
+- spec.signing_key = File.expand_path("~/.gem/release.pem")
- spec.homepage = "https://github.com/socketry/console"
+ spec.homepage = "https://socketry.github.io/console"
diff --git a/ruby3.3-elasticsearch-api.yaml b/ruby3.3-elasticsearch-api.yaml
index ec8d457628e..c9594ce7a67 100644
--- a/ruby3.3-elasticsearch-api.yaml
+++ b/ruby3.3-elasticsearch-api.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-elasticsearch-api
- version: 8.15.0
+ version: 8.16.0
epoch: 0
description: |
Ruby API for Elasticsearch. See the `elasticsearch` gem for full integration.
@@ -28,7 +28,7 @@ pipeline:
with:
repository: https://github.com/elastic/elasticsearch-ruby.git
tag: v${{package.version}}
- expected-commit: d37bf317b5273bbcd8b0038e812a16b41a0712da
+ expected-commit: 2acbce702ecdc3c7f8e8116e81a76a836f75c6f0
- working-directory: ${{vars.gem}}
pipeline:
diff --git a/ruby3.3-elasticsearch.yaml b/ruby3.3-elasticsearch.yaml
index 3ab9202801a..e5f6dd0185b 100644
--- a/ruby3.3-elasticsearch.yaml
+++ b/ruby3.3-elasticsearch.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-elasticsearch
- version: 8.15.0
+ version: 8.16.0
epoch: 0
description: |
Ruby integrations for Elasticsearch (client, API, etc.)
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/elastic/elasticsearch-ruby.git
tag: v${{package.version}}
- expected-commit: d37bf317b5273bbcd8b0038e812a16b41a0712da
+ expected-commit: 2acbce702ecdc3c7f8e8116e81a76a836f75c6f0
- working-directory: ${{vars.gem}}
pipeline:
diff --git a/ruby3.3-excon.yaml b/ruby3.3-excon.yaml
index 484cbe763ee..0643ec8163e 100644
--- a/ruby3.3-excon.yaml
+++ b/ruby3.3-excon.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/excon/excon
package:
name: ruby3.3-excon
- version: 1.1.1
+ version: 1.2.1
epoch: 0
description: EXtended http(s) CONnections
copyright:
@@ -21,7 +21,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/excon/excon
- expected-commit: 161d414d55649e7f392c93f9b287f857d8963e34
+ expected-commit: 239111877ffa6f56ccc6d8f43d0fae2dec17e164
tag: v${{package.version}}
- uses: ruby/build
@@ -38,6 +38,18 @@ pipeline:
vars:
gem: excon
+test:
+ pipeline:
+ - runs: ruby -e "require 'excon'"
+ - name: HTTP GET
+ runs: |
+ cat < /tmp/test.rb
+ require 'excon'
+ response = Excon.get("https://edu.chainguard.dev/open-source/wolfi/overview/")
+ print response.status
+ EOF
+ ruby /tmp/test.rb
+
update:
enabled: true
github:
diff --git a/ruby3.3-faraday.yaml b/ruby3.3-faraday.yaml
index fc4667b0011..a8a05f39e2e 100644
--- a/ruby3.3-faraday.yaml
+++ b/ruby3.3-faraday.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-faraday
- version: 2.12.0
+ version: 2.12.1
epoch: 0
description: HTTP/REST API client library.
copyright:
@@ -23,7 +23,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 59c5003ceb350096ade65086f8c17efbb7e0e53c
+ expected-commit: 93ef9e0ea905675358e2ae3edadebe1e13df95ef
repository: https://github.com/lostisland/faraday
tag: v${{package.version}}
@@ -41,6 +41,19 @@ pipeline:
vars:
gem: faraday
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'faraday'"
+ - name: Basic usage
+ runs: |
+ cat < /tmp/test.rb
+ require 'faraday'
+ response = Faraday.get("https://edu.chainguard.dev/open-source/wolfi/overview/")
+ print response.status
+ EOF
+ ruby /tmp/test.rb
+
update:
enabled: true
github:
diff --git a/ruby3.3-gems.yaml b/ruby3.3-gems.yaml
index dd5020815e4..791a8939b87 100644
--- a/ruby3.3-gems.yaml
+++ b/ruby3.3-gems.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/rubygems/gems
package:
name: ruby3.3-gems
- version: 1.2.0
+ version: 1.3.0
epoch: 0
description: Ruby wrapper for the RubyGems.org API
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 639a640c59be27e0488091309ea37c1485de1134
+ expected-commit: 4106516c2530187f56e951d264d23e26559b91ab
repository: https://github.com/rubygems/gems
tag: v${{package.version}}
@@ -38,6 +38,18 @@ pipeline:
vars:
gem: gems
+test:
+ pipeline:
+ - name: Verify library import
+ runs: ruby -e "require 'gems'"
+ - name: Basic usage
+ runs: |
+ cat < /tmp/test.rb
+ require 'gems'
+ print Gems.info 'rails'
+ EOF
+ ruby /tmp/test.rb
+
update:
enabled: true
github:
diff --git a/ruby3.3-io-endpoint.yaml b/ruby3.3-io-endpoint.yaml
new file mode 100644
index 00000000000..26bfb944835
--- /dev/null
+++ b/ruby3.3-io-endpoint.yaml
@@ -0,0 +1,105 @@
+package:
+ name: ruby3.3-io-endpoint
+ version: 0.14.0
+ epoch: 0
+ description: A Ruby gem providing endpoint abstractions for network clients and servers.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - ruby-${{vars.rubyMM}}
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: ecdbd0d2c86730e4bac3637dd9d1a2b2a18d0dca
+ repository: https://github.com/socketry/io-endpoint
+ tag: v${{package.version}}
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: io-endpoint
+
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ - ruby${{vars.rubyMM}}-async
+ - ruby${{vars.rubyMM}}-async-io
+ - ruby${{vars.rubyMM}}-io-stream
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'io/endpoint'
+ require 'async'
+ require 'async/io'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ class TestIOEndpoint < Test::Unit::TestCase
+ def test_tcp_endpoint
+ host = "127.0.0.1"
+ port = 9292
+ # Define a simple TCP endpoint
+ server_endpoint = Async::IO::Endpoint.tcp(host, port)
+ # Start Async reactor
+ Async do |task|
+ # Server task: listens and responds to connections
+ server_task = task.async do
+ server_endpoint.accept do |socket|
+ socket.write("Hello from TCP server!")
+ socket.close
+ end
+ end
+ # Delay to ensure server is ready
+ task.sleep(0.5)
+ # Client task: connects to the server and reads the response
+ client_task = task.async do
+ client_endpoint = Async::IO::Endpoint.tcp(host, port)
+ client_endpoint.connect do |socket|
+ message = socket.read
+ assert_equal "Hello from TCP server!", message, "Expected server greeting message"
+ puts "Client received correct message"
+ end
+ end
+ # Wait for client task to finish and stop server
+ client_task.wait
+ server_task.stop
+ end
+ puts "TCP endpoint test passed."
+ end
+ end
+ EOF
+
+update:
+ enabled: true
+ github:
+ identifier: socketry/io-endpoint
+ strip-prefix: v
+ use-tag: true
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.3-io-stream.yaml b/ruby3.3-io-stream.yaml
new file mode 100644
index 00000000000..1a4e531ee87
--- /dev/null
+++ b/ruby3.3-io-stream.yaml
@@ -0,0 +1,92 @@
+package:
+ name: ruby3.3-io-stream
+ version: 0.6.1
+ epoch: 0
+ description: A Ruby gem providing stream abstractions for input and output.
+ copyright:
+ - license: MIT
+ dependencies:
+ runtime:
+ - ruby-${{vars.rubyMM}}
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-${{vars.rubyMM}}
+ - ruby-${{vars.rubyMM}}-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: 8b0080a120e085e8f22afcd08b51b06cf5cab78c
+ repository: https://github.com/socketry/io-stream
+ tag: v${{package.version}}
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: io-stream
+
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'io/stream'
+ require 'stringio'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ class TestIOStream < Test::Unit::TestCase
+ def test_write_and_read
+ # Create a StringIO object and wrap it in IO::Stream
+ buffer = StringIO.new
+ stream = IO::Stream::Buffered.new(buffer)
+ # Write to the stream
+ stream.write("Hello, Stream!")
+ stream.flush # Ensure data is written to the buffer
+ # Reset buffer for reading and read back the data
+ buffer.rewind
+ message = buffer.read
+ # Assert that the message matches what was written
+ assert_equal "Hello, Stream!", message, "Expected written message to be read back from stream"
+ puts "Basic write and read test passed."
+ end
+ def test_close
+ buffer = StringIO.new
+ stream = IO::Stream::Buffered.new(buffer)
+ # Close the stream and assert it's closed
+ stream.close
+ assert stream.closed?, "Expected stream to be closed"
+ puts "Stream close test passed."
+ end
+ end
+ EOF
+
+update:
+ enabled: true
+ github:
+ identifier: socketry/io-stream
+ strip-prefix: v
+ use-tag: true
+
+var-transforms:
+ - from: ${{package.name}}
+ match: ^ruby(\d\.\d+)-.*
+ replace: $1
+ to: rubyMM
diff --git a/ruby3.3-json.yaml b/ruby3.3-json.yaml
index bb2a9a616c0..eb899c90e9f 100644
--- a/ruby3.3-json.yaml
+++ b/ruby3.3-json.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/flori/json
package:
name: ruby3.3-json
- version: 2.7.6
+ version: 2.8.2
epoch: 0
description: This is a JSON implementation as a Ruby extension in C.
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/flori/json
tag: v${{package.version}}
- expected-commit: e3a36954eb2cdca6020938ff0b6d8067ab30546b
+ expected-commit: d5e4a6e3fd10d4707a5bd0d5c1e8dcc771724ccf
- runs: |
# Upstream sometimes forgets to update the version in their version.rb file after a release.
diff --git a/ruby3.3-logstash-core-plugin-api.yaml b/ruby3.3-logstash-core-plugin-api.yaml
index a3b539ebf0d..5f32e8c6976 100644
--- a/ruby3.3-logstash-core-plugin-api.yaml
+++ b/ruby3.3-logstash-core-plugin-api.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.3-logstash-core-plugin-api
- version: 8.15.3
+ version: 8.16.0
epoch: 0
description: Logstash plugin API
copyright:
@@ -34,7 +34,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: 8364c8e89cfb113e38ec3f966df7eb1e9abe9d33
+ expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
- working-directory: logstash-core-plugin-api
pipeline:
diff --git a/ruby3.3-logstash-core.yaml b/ruby3.3-logstash-core.yaml
index 34a67340dff..222a0f125c0 100644
--- a/ruby3.3-logstash-core.yaml
+++ b/ruby3.3-logstash-core.yaml
@@ -1,7 +1,7 @@
# Generated from http://www.elastic.co/guide/en/logstash/current/index.html
package:
name: ruby3.3-logstash-core
- version: 8.15.3
+ version: 8.16.0
epoch: 0
description: The core components of logstash, the scalable log and event management tool
copyright:
@@ -45,7 +45,7 @@ pipeline:
with:
repository: https://github.com/elastic/logstash
tag: v${{package.version}}
- expected-commit: 8364c8e89cfb113e38ec3f966df7eb1e9abe9d33
+ expected-commit: e4cb5c1ff7b7e5c3c38dae35ba4c01d5478a3100
- working-directory: logstash-core
pipeline:
diff --git a/ruby3.3-metrics.yaml b/ruby3.3-metrics.yaml
index 819c5f739b1..4d8fb8e4448 100644
--- a/ruby3.3-metrics.yaml
+++ b/ruby3.3-metrics.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-metrics
- version: 0.12.0
+ version: 0.12.1
epoch: 0
description: Application metrics and instrumentation.
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 7c34b8de9902b66f267d2ecda8f3b3b93ac6425c
+ expected-commit: f392d30054a8d063a51777469af9e59942f6747d
repository: https://github.com/socketry/metrics
tag: v${{package.version}}
diff --git a/ruby3.3-mime-types-data.yaml b/ruby3.3-mime-types-data.yaml
index 702e2a639da..a1dfbe4b097 100644
--- a/ruby3.3-mime-types-data.yaml
+++ b/ruby3.3-mime-types-data.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-mime-types-data
- version: 3.2024.1001
+ version: 3.2024.1105
epoch: 0
description: MIME Type registry data
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/mime-types/mime-types-data.git
tag: v${{package.version}}
- expected-commit: 5109e7227b7a97caa3317b95bb1e2d5036549eed
+ expected-commit: 06c34687e700b93869f4b9ad27b954cd9fddc28f
- uses: ruby/build
with:
diff --git a/ruby3.3-msgpack.yaml b/ruby3.3-msgpack.yaml
index 9a4130f564b..e04c89ae274 100644
--- a/ruby3.3-msgpack.yaml
+++ b/ruby3.3-msgpack.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-msgpack
- version: 1.7.3
+ version: 1.7.5
epoch: 0
description: MessagePack is a binary-based efficient object serialization library. It enables to exchange structured objects between many languages like JSON. But unlike JSON, it is very fast and small.
copyright:
@@ -28,7 +28,7 @@ pipeline:
- uses: git-checkout
with:
destination: ${{vars.gem}}
- expected-commit: 6bbaa97600430c438675540e1f970d61ce5ccd9e
+ expected-commit: 2a92ffbf0b84904147826f514ed544cc5c19f24d
repository: https://github.com/msgpack/msgpack-ruby.git
tag: v${{package.version}}
@@ -43,6 +43,59 @@ pipeline:
version: ${{package.version}}
- uses: ruby/clean
+test:
+ environment:
+ contents:
+ packages:
+ - ruby-${{vars.rubyMM}}
+ pipeline:
+ - runs: |
+ ruby <<-EOF
+ require 'msgpack'
+ require 'test/unit'
+ include Test::Unit::Assertions
+ # Test basic integer packing/unpacking
+ packed = 42.to_msgpack
+ assert_equal 42, MessagePack.unpack(packed)
+ puts "Integer serialization test passed"
+ # Test string packing/unpacking
+ packed = "hello".to_msgpack
+ assert_equal "hello", MessagePack.unpack(packed)
+ puts "String serialization test passed"
+ # Test array packing/unpacking
+ data = [1, "abc", true]
+ packed = data.to_msgpack
+ assert_equal data, MessagePack.unpack(packed)
+ puts "Array serialization test passed"
+ # Test hash packing/unpacking
+ data = {"name" => "test", "value" => 123}
+ packed = data.to_msgpack
+ assert_equal data, MessagePack.unpack(packed)
+ puts "Hash serialization test passed"
+ # Test nested structure
+ nested = {
+ "array" => [1, 2, 3],
+ "hash" => {"a" => 1, "b" => 2},
+ "mixed" => [{"x" => 1}, [1, 2], "test"]
+ }
+ packed = nested.to_msgpack
+ assert_equal nested, MessagePack.unpack(packed)
+ puts "Nested structure serialization test passed"
+ # Test packer/unpacker streaming API
+ packer = MessagePack::Packer.new
+ packer.write(1)
+ packer.write("string")
+ packer.write([1,2,3])
+ data = packer.to_s
+ unpacker = MessagePack::Unpacker.new
+ unpacker.feed(data)
+ results = []
+ unpacker.each {|obj| results << obj }
+ assert_equal [1, "string", [1,2,3]], results
+ puts "Streaming API test passed"
+ puts "All tests passed!"
+ EOF
+
update:
enabled: true
github:
diff --git a/ruby3.3-net-imap.yaml b/ruby3.3-net-imap.yaml
index f42b6b3aaea..ca2de96c386 100644
--- a/ruby3.3-net-imap.yaml
+++ b/ruby3.3-net-imap.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-net-imap
- version: 0.5.0
+ version: 0.5.1
epoch: 0
description: Ruby client api for Internet Message Access Protocol
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: cc13c91c65b78ee33ebf4960d547173e761cafdc
+ expected-commit: ea47e348079f78b3cee5c5c72d12fd013fffed53
repository: https://github.com/ruby/net-imap
tag: v${{package.version}}
diff --git a/ruby3.3-protocol-http.yaml b/ruby3.3-protocol-http.yaml
index 8a83466bc01..bb5bcd044ba 100644
--- a/ruby3.3-protocol-http.yaml
+++ b/ruby3.3-protocol-http.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-protocol-http
- version: 0.42.0
+ version: 0.44.0
epoch: 0
description: Provides abstractions to handle HTTP protocols.
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: b6d92cbedd9b7906128d6b85132dd31329da675d
+ expected-commit: bdabfd7e25a4949406d8c420f67427005518091c
repository: https://github.com/socketry/protocol-http
tag: v${{package.version}}
diff --git a/ruby3.3-pry.yaml b/ruby3.3-pry.yaml
index a72dad62800..b3a3672aa84 100644
--- a/ruby3.3-pry.yaml
+++ b/ruby3.3-pry.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/pry/pry
package:
name: ruby3.3-pry
- version: 0.14.2
+ version: 0.15.0
epoch: 0
description: A runtime developer console and IRB alternative with powerful introspection capabilities
copyright:
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 24f6190e42f24979886cf6d974b70bd7638fda46
+ expected-commit: 52d1489b8912c208366730004c65bb05cabf2e2a
repository: https://github.com/pry/pry
tag: v${{package.version}}
diff --git a/ruby3.3-psych.yaml b/ruby3.3-psych.yaml
index 92e59fd4142..d6455cf2039 100644
--- a/ruby3.3-psych.yaml
+++ b/ruby3.3-psych.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/ruby/psych
package:
name: ruby3.3-psych
- version: 5.1.2
+ version: 5.2.0
epoch: 0
description: Psych is a YAML parser and emitter.
copyright:
@@ -27,7 +27,7 @@ pipeline:
with:
repository: https://github.com/ruby/psych.git
tag: v${{package.version}}
- expected-commit: a9ab74d13270aa1403cb9089c407b32b8126233f
+ expected-commit: 6ea07fdadd8245ed01d26122baacb56ff01662b8
- uses: ruby/build
with:
diff --git a/ruby3.3-reline.yaml b/ruby3.3-reline.yaml
index 9f64c68a7bf..2fa1283df54 100644
--- a/ruby3.3-reline.yaml
+++ b/ruby3.3-reline.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/ruby/reline
package:
name: ruby3.3-reline
- version: 0.5.10
+ version: 0.5.11
epoch: 0
description: Alternative GNU Readline or Editline implementation by pure Ruby.
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/ruby/reline.git
tag: v${{package.version}}
- expected-commit: 0ebd54f67591e333619caafa98168815ad8047e2
+ expected-commit: 4d90743409fbfbe79ea5b70c862a03d66e202e52
- uses: ruby/build
with:
diff --git a/ruby3.3-securerandom.yaml b/ruby3.3-securerandom.yaml
index 5bedf4036f6..d3563a2bf70 100644
--- a/ruby3.3-securerandom.yaml
+++ b/ruby3.3-securerandom.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-securerandom
- version: 0.3.1
+ version: 0.3.2
epoch: 0
description: Interface for secure random number generator.
copyright:
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/ruby/securerandom
tag: v${{package.version}}
- expected-commit: 890d659970f945a4671814066f311f4038fa9e49
+ expected-commit: 9703d96a76ee72a278558a474d69cc0eb0bc0d6e
- uses: ruby/build
with:
diff --git a/ruby3.3-stringio.yaml b/ruby3.3-stringio.yaml
index eb8ded0ad12..d99743ba5be 100644
--- a/ruby3.3-stringio.yaml
+++ b/ruby3.3-stringio.yaml
@@ -1,7 +1,7 @@
# Generated from https://github.com/ruby/stringio
package:
name: ruby3.3-stringio
- version: 3.1.1
+ version: 3.1.2
epoch: 0
description: Pseudo `IO` class from/to `String`.
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/ruby/stringio.git
tag: v${{package.version}}
- expected-commit: 59b747e1f3a68ec04202f6da46483b26343d7385
+ expected-commit: 7cc9fb1bf54d8fc873094eb36cbf8193e28fe05c
- uses: ruby/build
with:
diff --git a/ruby3.3-timeout.yaml b/ruby3.3-timeout.yaml
index 48385f13d8a..85b9c9f02a4 100644
--- a/ruby3.3-timeout.yaml
+++ b/ruby3.3-timeout.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-timeout
- version: 0.4.1
+ version: 0.4.2
epoch: 0
description: Auto-terminate potentially long-running operations in Ruby.
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: a65e49cc31bcdaad892330cdd93ab8e5481e1fc7
+ expected-commit: 2f5252299403e00135b694455fb31a2bded32cd5
repository: https://github.com/ruby/timeout
tag: v${{package.version}}
diff --git a/ruby3.3-traces.yaml b/ruby3.3-traces.yaml
index 5e1625f7e62..dacf8e68c2d 100644
--- a/ruby3.3-traces.yaml
+++ b/ruby3.3-traces.yaml
@@ -1,6 +1,6 @@
package:
name: ruby3.3-traces
- version: 0.13.1
+ version: 0.14.1
epoch: 0
description: Application instrumentation and tracing.
copyright:
@@ -25,7 +25,7 @@ vars:
pipeline:
- uses: git-checkout
with:
- expected-commit: 865f2fe80d52f31295b69799246dc48727e74ebe
+ expected-commit: e15e6c4af451393e0482391a9d278ac5d00cd3aa
repository: https://github.com/socketry/traces
tag: v${{package.version}}
@@ -44,6 +44,37 @@ pipeline:
- uses: ruby/clean
+test:
+ pipeline:
+ - name: Validate import
+ runs: ruby -e "require 'traces'"
+ - name: Basic example
+ runs: |
+ cat > example.rb < 'bar'
+ }
+
+ Traces.trace('my_method', attributes: attributes) do
+ super
+ end
+ end
+ end
+
+ MyClass.new.my_method
+ EOF
+ ruby example.rb
+
update:
enabled: true
github:
diff --git a/ruby3.3-uri.yaml b/ruby3.3-uri.yaml
new file mode 100644
index 00000000000..6e36b48e86b
--- /dev/null
+++ b/ruby3.3-uri.yaml
@@ -0,0 +1,50 @@
+package:
+ name: ruby3.3-uri
+ version: 1.0.2
+ epoch: 0
+ description: "URI is a module providing classes to handle Uniform Resource Identifiers"
+ copyright:
+ - license: BSD-2-Clause OR Ruby
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - ca-certificates-bundle
+ - git
+ - ruby-3.3
+ - ruby-3.3-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/ruby/uri
+ tag: v${{package.version}}
+ expected-commit: e46960a467f2ed398731286ec78b899e1a01655f
+
+ - uses: ruby/build
+ with:
+ gem: ${{vars.gem}}
+
+ - uses: ruby/install
+ with:
+ gem: ${{vars.gem}}
+ version: ${{package.version}}
+
+ - uses: ruby/clean
+
+vars:
+ gem: uri
+
+test:
+ pipeline:
+ - runs: ruby -e "require 'uri'"
+ - runs: |
+ ruby -e 'require "uri"; uri = URI("https://wolfi.dev"); raise "Failed to parse URI" unless uri.host == "wolfi.dev" && uri.scheme == "https"'
+
+update:
+ enabled: true
+ github:
+ identifier: ruby/uri
+ strip-prefix: v
diff --git a/ruff.yaml b/ruff.yaml
index 9a0a91502db..4637ed77d48 100644
--- a/ruff.yaml
+++ b/ruff.yaml
@@ -1,7 +1,7 @@
package:
name: ruff
- version: 0.7.2
- epoch: 1
+ version: 0.7.4
+ epoch: 0
description: An extremely fast Python linter, written in Rust.
copyright:
- license: MIT
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/astral-sh/ruff
tag: ${{package.version}}
- expected-commit: 11c3b52fd5e8a2f39d3e21faebd76fdbaf3d748b
+ expected-commit: ed7b98cf9b5ec915bc196a2cab84d4f735d77693
- runs: |
cargo auditable build --release
diff --git a/runc.yaml b/runc.yaml
index d3500403c5a..8f6aeef2f13 100644
--- a/runc.yaml
+++ b/runc.yaml
@@ -1,6 +1,6 @@
package:
name: runc
- version: 1.2.1
+ version: 1.2.2
epoch: 0
description: CLI tool for spawning and running containers according to the OCI specification
copyright:
@@ -26,7 +26,7 @@ pipeline:
with:
repository: https://github.com/opencontainers/runc
tag: v${{package.version}}
- expected-commit: d7735e388ef5eecbd60d93bfbe5afe0f3fbc8a6b
+ expected-commit: 7cb363254b69e10320360b63fb73e0ffb5da7bf2
- runs: |
make COMMIT=$(git rev-parse HEAD)
diff --git a/rust-bindgen.yaml b/rust-bindgen.yaml
new file mode 100644
index 00000000000..e7584ee5dec
--- /dev/null
+++ b/rust-bindgen.yaml
@@ -0,0 +1,39 @@
+package:
+ name: rust-bindgen
+ version: 0.70.1
+ epoch: 0
+ description: Automatically generates Rust FFI bindings to C (and some C++) libraries
+ copyright:
+ - license: BSD-3-Clause
+
+pipeline:
+ - name: Checkout bindgen
+ uses: git-checkout
+ with:
+ expected-commit: 21c60f473f4e824d4aa9b2b508056320d474b110
+ repository: https://github.com/rust-lang/rust-bindgen
+ tag: v${{package.version}}
+
+ - name: Bump bindgen deps
+ runs: cargo update --package rustix --precise 0.37.25
+
+ - name: Build bindgen
+ uses: cargo/build
+ with:
+ output: bindgen
+
+ - name: Strip bindgen
+ uses: strip
+
+update:
+ enabled: true
+ github:
+ identifier: rust-lang/rust-bindgen
+ strip-prefix: v
+
+test:
+ pipeline:
+ - name: Test bindgen
+ runs: |
+ bindgen --help
+ bindgen --version
diff --git a/s2n-tls.yaml b/s2n-tls.yaml
index 5a12baefdf9..e2e276a5aca 100644
--- a/s2n-tls.yaml
+++ b/s2n-tls.yaml
@@ -1,6 +1,6 @@
package:
name: s2n-tls
- version: 1.5.7
+ version: 1.5.9
epoch: 0
description: AWS C99 implementation of the TLS/SSL protocols
copyright:
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 9f4baecc753d6fe01c13e4f422d2e327c64d06b8
+ expected-commit: 493b77167dc367c394de23cfe78a029298e2a254
repository: https://github.com/aws/s2n-tls
tag: v${{package.version}}
@@ -58,6 +58,16 @@ subpackages:
- s2n-tls
description: s2n-tls dev
+test:
+ environment:
+ contents:
+ packages:
+ - posix-libc-utils
+ pipeline:
+ - name: "Verify shared library dependencies"
+ runs: |
+ ldd /usr/lib/libs2n.so.1.0.0
+
update:
enabled: true
github:
diff --git a/sbom-convert.yaml b/sbom-convert.yaml
index fa142f114e3..aa290d4bc6b 100644
--- a/sbom-convert.yaml
+++ b/sbom-convert.yaml
@@ -1,6 +1,6 @@
package:
name: sbom-convert
- version: 0.0.5
+ version: 0.0.6
epoch: 0
description: CLI tool based on the protobom library that converts Software Bills of Materials across formats (SPDX and CycloneDX).
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/protobom/sbom-convert
tag: v${{package.version}}
- expected-commit: a53a28c85b6164f17b020dc2da35c5831c502a51
+ expected-commit: 02baf6a86c46ca9dd0f9abb580f7e068b59a0271
- uses: go/build
with:
diff --git a/sbomqs.yaml b/sbomqs.yaml
index 7cc59694ae6..bd476bfd4e0 100644
--- a/sbomqs.yaml
+++ b/sbomqs.yaml
@@ -1,6 +1,6 @@
package:
name: sbomqs
- version: 0.2.0
+ version: 0.2.3
epoch: 0
description: SBOM quality score - Quality metrics for your sboms
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/interlynk-io/sbomqs
tag: v${{package.version}}
- expected-commit: 535bcec4bb80a2624a088d9ca1a23160f2ab8750
+ expected-commit: bb27163dc82f922a2db6bc031a1828548f2d2a61
- uses: go/build
with:
diff --git a/scap-security-guide.yaml b/scap-security-guide.yaml
index 998e1e3e6e3..4fadc2be4b6 100644
--- a/scap-security-guide.yaml
+++ b/scap-security-guide.yaml
@@ -1,7 +1,7 @@
package:
name: scap-security-guide
- version: 0.1.74
- epoch: 1
+ version: 0.1.75
+ epoch: 0
description: Security automation content in SCAP, Bash, Ansible, and other formats
copyright:
- license: BSD-3-Clause
@@ -29,7 +29,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/ComplianceAsCode/content
- expected-commit: 1bf21b05fa9581e8ca44e104e741e13fad3551ef
+ expected-commit: 73a89fbfd70f4122e2253e4715a9ba6f4525a393
tag: v${{package.version}}
- uses: cmake/configure
diff --git a/scorecard.yaml b/scorecard.yaml
index 9c39e480d20..20db99cda7a 100644
--- a/scorecard.yaml
+++ b/scorecard.yaml
@@ -1,7 +1,7 @@
package:
name: scorecard
version: 5.0.0
- epoch: 1
+ epoch: 2
description: OpenSSF Scorecard - Security health metrics for Open Source
copyright:
- license: Apache-2.0
@@ -25,6 +25,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: ea7e27ed41b76ab879c862fa0ca4cc9c61764ee4
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
make build-scorecard
install -Dm755 ./scorecard "${{targets.destdir}}/usr/bin/scorecard"
diff --git a/secrets-store-csi-driver-provider-azure.yaml b/secrets-store-csi-driver-provider-azure.yaml
index f14c910e615..819de4cf208 100644
--- a/secrets-store-csi-driver-provider-azure.yaml
+++ b/secrets-store-csi-driver-provider-azure.yaml
@@ -1,7 +1,7 @@
package:
name: secrets-store-csi-driver-provider-azure
version: 1.6.0
- epoch: 0
+ epoch: 1
description: Azure Key Vault provider for Secret Store CSI driver
copyright:
- license: MIT
@@ -22,6 +22,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 56bddf7af1eb1b64fa16471fbd5013aad988f6d0
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
unset LDFLAGS
make build ARCH=$(go env GOARCH)
diff --git a/semgrep.yaml b/semgrep.yaml
index f860a6ce7c5..0207073444e 100644
--- a/semgrep.yaml
+++ b/semgrep.yaml
@@ -1,7 +1,7 @@
package:
name: semgrep
- version: 1.95.0
- epoch: 1
+ version: 1.96.0
+ epoch: 0
description: "Lightweight static analysis for many languages. Find bug variants with patterns that look like source code."
copyright:
- license: LGPL-2.1-or-later
@@ -47,7 +47,7 @@ pipeline:
with:
repository: https://github.com/returntocorp/semgrep
tag: v${{package.version}}
- expected-commit: 4472baa7bb9b3e8422f8e5d7be23287758a4732b
+ expected-commit: e743e2d243c83e6ba20e8f2096569f7383c00239
- runs: |
git submodule update --init --recursive
diff --git a/sftpgo-plugin-auth.yaml b/sftpgo-plugin-auth.yaml
index 0d195a01820..9056d33f675 100644
--- a/sftpgo-plugin-auth.yaml
+++ b/sftpgo-plugin-auth.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-auth
- version: 1.0.9
+ version: 1.0.10
epoch: 0
description: "LDAP/Active Directory authentication for SFTPGo"
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-auth
tag: v${{package.version}}
- expected-commit: a560ab4478c8add26369092f49e42fe6aa25e8a4
+ expected-commit: 200dd4eff733822f487316ff0e3e4df873519055
- uses: go/build
with:
@@ -19,6 +19,16 @@ pipeline:
output: sftpgo-plugin-auth
ldflags: -X github.com/sftpgo/sftpgo-plugin-auth/cmd.commitHash=$(git describe --always) -X github.com/sftpgo/sftpgo-plugin-auth/cmd.buildDate=$(date -u +%FT%TZ)
+test:
+ pipeline:
+ # This is a plugin and meant to be run with the sftpgo service directly.
+ - name: Stat the plugin
+ runs: stat /usr/bin/sftpgo-plugin-auth
+ - name: Help output
+ runs: /usr/bin/sftpgo-plugin-auth --help
+ - name: Version output
+ runs: /usr/bin/sftpgo-plugin-auth --version
+
update:
enabled: true
github:
diff --git a/sftpgo-plugin-eventsearch.yaml b/sftpgo-plugin-eventsearch.yaml
index 3c8e5131033..37b2cc6235e 100644
--- a/sftpgo-plugin-eventsearch.yaml
+++ b/sftpgo-plugin-eventsearch.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-eventsearch
- version: 1.0.18
+ version: 1.0.19
epoch: 0
description: "Search SFTPGo events stored in supported database engines"
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-eventsearch
tag: v${{package.version}}
- expected-commit: 677ebc70b0311f8589a941e24513035f161f2339
+ expected-commit: f57e8340076a544615d6e42a3bfd1d44b9012316
- uses: go/build
with:
@@ -19,6 +19,16 @@ pipeline:
output: sftpgo-plugin-eventsearch
ldflags: -X github.com/sftpgo/sftpgo-plugin-eventsearch/cmd.commitHash=$(git describe --always) -X github.com/sftpgo/sftpgo-plugin-eventsearch/cmd.buildDate=$(date -u +%FT%TZ)
+test:
+ pipeline:
+ # This is a plugin and meant to be run with the sftpgo service directly.
+ - name: Stat the plugin
+ runs: stat /usr/bin/sftpgo-plugin-eventsearch
+ - name: Help output
+ runs: /usr/bin/sftpgo-plugin-eventsearch --help
+ - name: Version output
+ runs: /usr/bin/sftpgo-plugin-eventsearch --version
+
update:
enabled: true
github:
diff --git a/sftpgo-plugin-eventstore.yaml b/sftpgo-plugin-eventstore.yaml
index e01a8acb265..3a03abf7880 100644
--- a/sftpgo-plugin-eventstore.yaml
+++ b/sftpgo-plugin-eventstore.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-eventstore
- version: 1.0.18
+ version: 1.0.19
epoch: 0
description: "Stores SFTPGo events in supported database engines"
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-eventstore
tag: v${{package.version}}
- expected-commit: c5642534772fcb4e7a3275292dc9a34ee3b34282
+ expected-commit: f53f642bc1ee72de88d0ec4878b53efd9519be8e
- uses: go/build
with:
@@ -19,6 +19,16 @@ pipeline:
output: sftpgo-plugin-eventstore
ldflags: -X github.com/sftpgo/sftpgo-plugin-eventstore/cmd.commitHash=$(git describe --always) -X github.com/sftpgo/sftpgo-plugin-eventstore/cmd.buildDate=$(date -u +%FT%TZ)
+test:
+ pipeline:
+ # This is a plugin and meant to be run with the sftpgo service directly.
+ - name: Stat the plugin
+ runs: stat /usr/bin/sftpgo-plugin-eventstore
+ - name: Help output
+ runs: /usr/bin/sftpgo-plugin-eventstore --help
+ - name: Version output
+ runs: /usr/bin/sftpgo-plugin-eventstore --version
+
update:
enabled: true
github:
diff --git a/sftpgo-plugin-geoipfilter.yaml b/sftpgo-plugin-geoipfilter.yaml
index 4edc3a094c9..a8d80c19f39 100644
--- a/sftpgo-plugin-geoipfilter.yaml
+++ b/sftpgo-plugin-geoipfilter.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-geoipfilter
- version: 1.0.8
+ version: 1.0.9
epoch: 0
description: "Geo-IP filtering support for SFTPGo"
copyright:
@@ -11,11 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-geoipfilter
tag: v${{package.version}}
- expected-commit: b975da59bb923e944a40f5df5fe49863b25019fd
-
- - uses: go/bump
- with:
- deps: google.golang.org/grpc@v1.64.1
+ expected-commit: 87830b206952701b2125bb54f6323f748b43fea0
- uses: go/build
with:
@@ -23,6 +19,16 @@ pipeline:
output: sftpgo-plugin-geoipfilter
ldflags: -X github.com/sftpgo/sftpgo-plugin-geoipfilter/cmd.commitHash=$(git describe --always) -X github.com/sftpgo/sftpgo-plugin-geoipfilter/cmd.buildDate=$(date -u +%FT%TZ)
+test:
+ pipeline:
+ # This is a plugin and meant to be run with the sftpgo service directly.
+ - name: Stat the plugin
+ runs: stat /usr/bin/sftpgo-plugin-geoipfilter
+ - name: Help output
+ runs: /usr/bin/sftpgo-plugin-geoipfilter --help
+ - name: Version output
+ runs: /usr/bin/sftpgo-plugin-geoipfilter --version
+
update:
enabled: true
github:
diff --git a/sftpgo-plugin-kms.yaml b/sftpgo-plugin-kms.yaml
index 6f3287ad449..e2b803398eb 100644
--- a/sftpgo-plugin-kms.yaml
+++ b/sftpgo-plugin-kms.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-kms
- version: 1.0.13
+ version: 1.0.14
epoch: 0
description: "Additional KMS secret providers for SFTPGo"
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-kms
tag: v${{package.version}}
- expected-commit: 3ad520d9f25812f83ce8ced4dd3c46d78884d7ea
+ expected-commit: 80fef54ef2a087cc8d515a2a330db6ba62350301
- uses: go/build
with:
diff --git a/sftpgo-plugin-pubsub.yaml b/sftpgo-plugin-pubsub.yaml
index bd8a0797909..4d22567db8b 100644
--- a/sftpgo-plugin-pubsub.yaml
+++ b/sftpgo-plugin-pubsub.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo-plugin-pubsub
- version: 1.0.12
+ version: 1.0.13
epoch: 0
description: "Additional KMS secret providers for SFTPGo"
copyright:
@@ -11,11 +11,7 @@ pipeline:
with:
repository: https://github.com/sftpgo/sftpgo-plugin-pubsub
tag: v${{package.version}}
- expected-commit: a302e8c9dad78e675a08d618010a14bba1c64d57
-
- - uses: go/bump
- with:
- deps: google.golang.org/grpc@v1.64.1 github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0
+ expected-commit: 3795faa51b5b2129b91a9a2187c1feedca8e3262
- uses: go/build
with:
@@ -23,6 +19,12 @@ pipeline:
output: sftpgo-plugin-pubsub
ldflags: -X main.commitHash=$(git describe --always) -X main.date=$(date -u +%FT%TZ)
+test:
+ pipeline:
+ # This is a plugin and meant to be run with the sftpgo service directly.
+ - name: Stat the plugin
+ runs: stat /usr/bin/sftpgo-plugin-pubsub
+
update:
enabled: true
github:
diff --git a/sftpgo.yaml b/sftpgo.yaml
index a349c93cbda..daca6ae73e9 100644
--- a/sftpgo.yaml
+++ b/sftpgo.yaml
@@ -1,6 +1,6 @@
package:
name: sftpgo
- version: 2.6.2
+ version: 2.6.3
epoch: 0
description: "Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob"
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/drakkan/sftpgo
tag: v${{package.version}}
- expected-commit: 636a1c2c385a16966842da4acad5acd36163ffb4
+ expected-commit: cf3e1d3ec0c3061a6ad629f0d6d5a48a2456b7c3
- runs: |
# Modify the default configuration file
@@ -19,10 +19,6 @@ pipeline:
sed -i 's|"backups"|"/srv/sftpgo/backups"|' sftpgo.json && \
sed -i 's|"sqlite"|"bolt"|' sftpgo.json
- - uses: go/bump
- with:
- deps: google.golang.org/grpc@v1.64.1
-
- uses: go/build
with:
packages: .
@@ -43,6 +39,13 @@ pipeline:
cp -r static "${{targets.destdir}}"/usr/share/sftpgo/static
cp -r openapi "${{targets.destdir}}"/usr/share/sftpgo/openapi
+test:
+ pipeline:
+ - name: Version
+ runs: /usr/bin/sftpgo --version
+ - name: Help output
+ runs: /usr/bin/sftpgo --help
+
update:
enabled: true
github:
diff --git a/sigstore-scaffolding.yaml b/sigstore-scaffolding.yaml
index 6456c11eb5b..7792f1d7f9b 100644
--- a/sigstore-scaffolding.yaml
+++ b/sigstore-scaffolding.yaml
@@ -1,6 +1,6 @@
package:
name: sigstore-scaffolding
- version: 0.7.15
+ version: 0.7.16
epoch: 0
description: Software Supply Chain Transparency Log
copyright:
@@ -38,7 +38,7 @@ pipeline:
with:
repository: https://github.com/sigstore/scaffolding
tag: v${{package.version}}
- expected-commit: 9379057673daaaf28519d3afaf9f732189dadae5
+ expected-commit: 0a45e0d19e1c26a559da567e9cbc7695731bd40a
subpackages:
- range: components
diff --git a/skaffold.yaml b/skaffold.yaml
index 9019506b3d0..4347b12ae5b 100644
--- a/skaffold.yaml
+++ b/skaffold.yaml
@@ -1,7 +1,7 @@
package:
name: skaffold
version: 2.13.2
- epoch: 1
+ epoch: 2
description: Easy and Repeatable Kubernetes Development
copyright:
- license: Apache-2.0
@@ -22,6 +22,10 @@ pipeline:
repository: https://github.com/GoogleContainerTools/skaffold
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
make
install -m755 -D ./out/skaffold "${{targets.destdir}}"/usr/bin/skaffold
diff --git a/skopeo.yaml b/skopeo.yaml
index 55c189f5c80..89ef6ef05e0 100644
--- a/skopeo.yaml
+++ b/skopeo.yaml
@@ -1,7 +1,7 @@
package:
name: skopeo
- version: 1.16.1
- epoch: 2
+ version: 1.17.0
+ epoch: 0
description: Work with remote images registries - retrieving information, images, signing content
copyright:
- license: Apache-2.0
@@ -19,14 +19,10 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: fe07cc958acae9bb520f685474a50178e00b815b
+ expected-commit: e354a1431a2319619bb3fea9e8aa81a9e1bfcbb0
repository: https://github.com/containers/skopeo
tag: v${{package.version}}
- - uses: go/bump
- with:
- deps: github.com/containers/common@v0.60.4
-
- uses: go/build
with:
packages: ./cmd/skopeo
diff --git a/spdlog.yaml b/spdlog.yaml
index 7deb023c747..3b82ea7a59d 100644
--- a/spdlog.yaml
+++ b/spdlog.yaml
@@ -1,7 +1,7 @@
package:
name: spdlog
- version: 1.14.1
- epoch: 2
+ version: 1.15.0
+ epoch: 0
description: Fast C++ logging library.
copyright:
- license: MIT
@@ -19,7 +19,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 27cb4c76708608465c413f6d0e6b8d99a4d84302
+ expected-commit: 8e5613379f5140fefb0b60412fbf1f5406e7c7f8
repository: https://github.com/gabime/spdlog
tag: v${{package.version}}
@@ -49,6 +49,42 @@ subpackages:
pipeline:
- uses: split/dev
+test:
+ environment:
+ contents:
+ packages:
+ - posix-libc-utils
+ - spdlog-dev
+ pipeline:
+ - name: "Verify spdlog headers and library installation"
+ runs: |
+ # Check for the main spdlog header file
+ echo "Checking if spdlog headers are installed..."
+ if [ -f /usr/include/spdlog/spdlog.h ]; then
+ echo "Found spdlog header: /usr/include/spdlog/spdlog.h"
+ else
+ echo "Error: spdlog header not found!"
+ exit 1
+ fi
+
+ # Check for the spdlog library file
+ echo "Checking if spdlog library is installed..."
+ if [ -f /usr/lib/libspdlog.so ]; then
+ echo "Found spdlog library: /usr/lib/libspdlog.so"
+ else
+ echo "Error: spdlog library not found!"
+ exit 1
+ fi
+ - name: "Verify spdlog library linkability"
+ runs: |
+ echo "Checking if spdlog library links correctly..."
+ if ldd /usr/lib/libspdlog.so | grep -q "fmt"; then
+ echo "spdlog library links correctly with required dependencies."
+ else
+ echo "Error: spdlog library failed to link with required dependencies."
+ exit 1
+ fi
+
update:
enabled: true
github:
diff --git a/spin.yaml b/spin.yaml
index ca6f75720c8..a97f20534b7 100644
--- a/spin.yaml
+++ b/spin.yaml
@@ -1,7 +1,7 @@
package:
name: spin
- version: 2.7.0
- epoch: 1
+ version: 3.0.0
+ epoch: 0
description: "Spin is the open source developer tool for building and running serverless applications powered by WebAssembly."
copyright:
- license: Apache-2.0
@@ -30,7 +30,7 @@ pipeline:
with:
repository: https://github.com/fermyon/spin
tag: v${{package.version}}
- expected-commit: a11151706449fa1ba39bfe96597fe1041438dc67
+ expected-commit: 737778e9d7dc1a7f590a398d2734ff0cc91002f0
- name: Configure and build
runs: |
diff --git a/spqr.yaml b/spqr.yaml
index 7c5e407b690..682f540a186 100644
--- a/spqr.yaml
+++ b/spqr.yaml
@@ -1,7 +1,7 @@
package:
name: spqr
- version: "2.0"
- epoch: 1
+ version: 2.1.0
+ epoch: 0
description: Stateless Postgres Query Router
copyright:
- license: BSD-2-Clause
@@ -22,7 +22,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/pg-sharding/spqr
- expected-commit: e87e43895f4be5d20c78516e9740d20eb0c8c240
+ expected-commit: 51c4c60a701ed9e42fd0570d22a5176fef8f8a5d
tag: ${{package.version}}
- runs: |
diff --git a/sqlite.yaml b/sqlite.yaml
index b2fba26d09c..429bae01291 100644
--- a/sqlite.yaml
+++ b/sqlite.yaml
@@ -1,7 +1,7 @@
package:
name: sqlite
- version: 3.46.1
- epoch: 1
+ version: 3.47.0
+ epoch: 0
description: "C library which implements an SQL database engine"
copyright:
- license: blessing
@@ -22,8 +22,8 @@ environment:
pipeline:
- uses: fetch
with:
- uri: https://www.sqlite.org/2024/sqlite-autoconf-3450100.tar.gz
- expected-sha256: cd9c27841b7a5932c9897651e20b86c701dd740556989b01ca596fcfa3d49a0a
+ uri: https://www.sqlite.org/2024/sqlite-autoconf-3470000.tar.gz
+ expected-sha256: 83eb21a6f6a649f506df8bd3aab85a08f7556ceed5dbd8dea743ea003fc3a957
- name: Configure
runs: |
_amalgamation="-DSQLITE_ENABLE_FTS4 \
diff --git a/src.yaml b/src.yaml
index 622d9640988..fb6f38ade70 100644
--- a/src.yaml
+++ b/src.yaml
@@ -1,6 +1,6 @@
package:
name: src
- version: 5.8.2
+ version: 5.9.1
epoch: 0
description: Sourcegraph CLI
copyright:
@@ -22,7 +22,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/sourcegraph/src-cli
- expected-commit: a404f176b725939277cde2dfe572e636664c8d40
+ expected-commit: b9d5d30c00db384bfe6420ab2bb6b5f2e7d25dba
tag: ${{package.version}}
- uses: go/bump
diff --git a/sriov-network-device-plugin.yaml b/sriov-network-device-plugin.yaml
new file mode 100644
index 00000000000..7739b0fe19a
--- /dev/null
+++ b/sriov-network-device-plugin.yaml
@@ -0,0 +1,43 @@
+package:
+ name: sriov-network-device-plugin
+ version: 3.8.0
+ epoch: 0
+ description: SRIOV network device plugin for Kubernetes
+ copyright:
+ - license: Apache-2.0
+
+pipeline:
+ - uses: git-checkout
+ with:
+ expected-commit: a380ca568b4f85e105255af0aa7facc0128d611e
+ repository: https://github.com/k8snetworkplumbingwg/sriov-network-device-plugin
+ tag: v${{package.version}}
+
+ - uses: go/bump
+ with:
+ deps: github.com/opencontainers/runc@v1.1.14
+
+ - uses: go/build
+ with:
+ output: sriovdp
+ packages: ./cmd/sriovdp
+
+subpackages:
+ - name: ${{package.name}}-entrypoint
+ description: "upstream image have executable (entrypoint.sh) placed at /"
+ pipeline:
+ - runs: |
+ mkdir -p "${{targets.contextdir}}/"
+ install -Dm755 ./images/entrypoint.sh "${{targets.contextdir}}/"
+
+update:
+ enabled: true
+ github:
+ identifier: k8snetworkplumbingwg/sriov-network-device-plugin
+ strip-prefix: v
+
+test:
+ pipeline:
+ - name: Verify help
+ runs: |
+ sriovdp --help
diff --git a/ssdeep.yaml b/ssdeep.yaml
index 74db0e1ae8c..9cd2564453e 100644
--- a/ssdeep.yaml
+++ b/ssdeep.yaml
@@ -1,7 +1,7 @@
package:
name: ssdeep
version: 2.14.1
- epoch: 3
+ epoch: 4
description: "Fuzzy hashing API and fuzzy hashing tool"
copyright:
- license: GPL-2.0-or-later
@@ -17,6 +17,7 @@ environment:
- cmake
- libtool
- make
+ - openssf-compiler-options
- pkgconf
- wolfi-baselayout
@@ -29,6 +30,9 @@ pipeline:
- name: 'Configure SSDEEP'
runs: |
+ unset CFLAGS
+ unset CXXFLAGS
+ unset LDFLAGS
./bootstrap
./configure
diff --git a/strimzi-kafka-operator.yaml b/strimzi-kafka-operator.yaml
index 4bedd4a6f6f..66af2aa9f05 100644
--- a/strimzi-kafka-operator.yaml
+++ b/strimzi-kafka-operator.yaml
@@ -1,7 +1,7 @@
package:
name: strimzi-kafka-operator
version: 0.44.0
- epoch: 0
+ epoch: 1
description: Apache Kafka® running on Kubernetes
copyright:
- license: Apache-2.0
diff --git a/strimzi-kafka-operator/pombump-deps.yaml b/strimzi-kafka-operator/pombump-deps.yaml
index 37794107c3c..aa40ecdabbb 100644
--- a/strimzi-kafka-operator/pombump-deps.yaml
+++ b/strimzi-kafka-operator/pombump-deps.yaml
@@ -1,35 +1,32 @@
patches:
- # Fixes CVE-2023-51775
- - groupId: org.bitbucket.b_c
- artifactId: jose4j
- version: 0.9.6
- scope: import
- type: pom
- # Fixes CVE-2024-23944
- - groupId: org.apache.zookeeper
- artifactId: zookeeper
- version: 3.8.4
- scope: import
- type: pom
- # Fixes CVE-2024-27309
- - groupId: org.apache.kafka
- artifactId: kafka-clients
- version: 3.6.2
- scope: import
- type: pom
- # Fixes CVE-2024-27309
- - groupId: org.apache.kafka
- artifactId: kafka-metadata
- version: 3.6.2
- scope: import
- type: pom
- # Fixes CVE-2023-52428
- - groupId: com.nimbusds
- artifactId: nimbus-jose-jwt
- version: 9.37.2
- scope: import
- type: pom
- # Fixes CVE-2023-52428
- - groupId: commons-io
- artifactId: commons-io
- version: 2.17.0
+ - groupId: org.bitbucket.b_c
+ artifactId: jose4j
+ version: 0.9.6
+ scope: import
+ type: pom
+ - groupId: org.apache.zookeeper
+ artifactId: zookeeper
+ version: 3.8.4
+ scope: import
+ type: pom
+ - groupId: org.apache.kafka
+ artifactId: kafka-clients
+ version: 3.6.2
+ scope: import
+ type: pom
+ - groupId: org.apache.kafka
+ artifactId: kafka-metadata
+ version: 3.6.2
+ scope: import
+ type: pom
+ - groupId: com.nimbusds
+ artifactId: nimbus-jose-jwt
+ version: 9.37.2
+ scope: import
+ type: pom
+ - groupId: commons-io
+ artifactId: commons-io
+ version: 2.17.0
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/superset.yaml b/superset.yaml
index 27a3f10e5bc..92c64c2b55b 100644
--- a/superset.yaml
+++ b/superset.yaml
@@ -1,10 +1,13 @@
package:
name: superset
- version: 4.0.2
- epoch: 3
+ version: 4.1.0
+ epoch: 0
description: Data Visualization and Data Exploration Platform
copyright:
- license: Apache-2.0
+ resources:
+ cpu: 65
+ memory: 128Gi
options:
# There is a dependency on libarrow-substrait.so although it
# is provided in the virtual environment. Enabling no-depends
@@ -37,12 +40,7 @@ pipeline:
with:
repository: https://github.com/apache/superset.git
tag: ${{package.version}}
- expected-commit: f11fa091e261a35f4d39d8567a859fad07547d84
-
- - uses: patch
- with:
- # to relax gunicorn and sqlparse version requirements
- patches: version-requirements.patch
+ expected-commit: 855f4c4897771cf454c8a0172eb21e47d13f3614
- runs: |
# Back-end build
@@ -57,11 +55,11 @@ pipeline:
pip install -r requirements/base.txt
# To fix vulnerabilities
- pip install --upgrade dnspython==2.6.1 gunicorn==22.0.0 idna==3.7 setuptools==70.0.0 sqlparse==0.5.0 Jinja2==3.1.4 Werkzeug==3.0.3 requests==2.32.0 urllib3==1.26.19 certifi==2024.07.04 zipp==3.19.2
+ pip install --upgrade dnspython==2.6.1 gunicorn==22.0.0 idna==3.7 setuptools==70.0.0 sqlparse==0.5.0 Jinja2==3.1.4 Werkzeug==3.0.6 requests==2.32.0 urllib3==1.26.19 certifi==2024.07.04 zipp==3.19.2
# Dependencies required during runtime
pip install pillow pyarrow
# For running translations
- pip install flask flask-appbuilder
+ pip install flask flask-appbuilder==4.5.1
# Build Apache Superset
pip install .
@@ -98,7 +96,6 @@ update:
- 'rc\d+$'
github:
identifier: apache/superset
- use-tag: true
test:
pipeline:
diff --git a/superset/version-requirements.patch b/superset/version-requirements.patch
deleted file mode 100644
index e7602ebc4a1..00000000000
--- a/superset/version-requirements.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 7bf18ce49c110a1e6135f2d0c24e95aabb0b056c Mon Sep 17 00:00:00 2001
-From: Srishti Hegde
-Date: Tue, 30 Apr 2024 16:16:09 -0700
-Subject: [PATCH] version requirements
-
----
- setup.py | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/setup.py b/setup.py
-index 1ecf23f284..f91ec6365a 100644
---- a/setup.py
-+++ b/setup.py
-@@ -93,7 +93,7 @@ setup(
- "flask-wtf>=1.1.0, <2.0",
- "func_timeout",
- "geopy",
-- "gunicorn>=21.2.0, <22.0; sys_platform != 'win32'",
-+ "gunicorn>=21.2.0",
- "hashids>=1.3.1, <2",
- "holidays>=0.25, <0.26",
- "humanize",
-@@ -127,7 +127,7 @@ setup(
- "sqlalchemy>=1.4, <2",
- "sqlalchemy-utils>=0.38.3, <0.39",
- "sqlglot>=23.0.2,<24",
-- "sqlparse>=0.4.4, <0.5",
-+ "sqlparse>=0.4.4",
- "tabulate>=0.8.9, <0.9",
- "typing-extensions>=4, <5",
- "waitress; sys_platform == 'win32'",
---
-2.39.3 (Apple Git-146)
-
diff --git a/syft.yaml b/syft.yaml
index 151d94da5f7..3b86592e5ac 100644
--- a/syft.yaml
+++ b/syft.yaml
@@ -1,6 +1,6 @@
package:
name: syft
- version: 1.15.0
+ version: 1.16.0
epoch: 0
description: CLI tool and library for generating a Software Bill of Materials from container images and filesystems
copyright:
@@ -15,7 +15,7 @@ pipeline:
with:
repository: https://github.com/anchore/syft
tag: v${{package.version}}
- expected-commit: 55cc1877ef246d8cabfd9bbeb0a8747b59c03431
+ expected-commit: 8a41d772509d37267a65e0b425808e883e4b9dce
- uses: go/build
with:
diff --git a/systemd.yaml b/systemd.yaml
index eeb740bb669..b1f279f35cc 100644
--- a/systemd.yaml
+++ b/systemd.yaml
@@ -1,7 +1,7 @@
package:
name: systemd
- version: "256.7"
- epoch: 3
+ version: "256.8"
+ epoch: 0
description: The systemd System and Service Manager
copyright:
- license: LGPL-2.1-or-later AND GPL-2.0-or-later
@@ -39,7 +39,7 @@ pipeline:
with:
repository: https://github.com/systemd/systemd
tag: v${{package.version}}
- expected-commit: 7635d01869ba325b9cf450923c8f13912b7ca536
+ expected-commit: a2240d1cf9f3515728186c2c98a6f4b64a40e4da
- uses: meson/configure
@@ -59,6 +59,9 @@ subpackages:
- libudev
pipeline:
- uses: split/dev
+ test:
+ pipeline:
+ - uses: test/pkgconf
- name: "libudev"
description: "udev library"
diff --git a/tailscale.yaml b/tailscale.yaml
index da1eb5aee41..f368a52811e 100644
--- a/tailscale.yaml
+++ b/tailscale.yaml
@@ -1,7 +1,7 @@
package:
name: tailscale
- version: 1.76.1
- epoch: 1
+ version: 1.76.6
+ epoch: 0
description: The easiest, most secure way to use WireGuard and 2FA.
copyright:
- license: BSD-3-Clause
@@ -19,7 +19,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 24929f6b611127cdc40d45ef40d75c6afc1fcc4c
+ expected-commit: 1edcf9d466ceafedd2816db1a24d5ba4b0b18a5b
repository: https://github.com/tailscale/tailscale
tag: v${{package.version}}
diff --git a/task.yaml b/task.yaml
index e4bfa7bd7fe..91fec3de37b 100644
--- a/task.yaml
+++ b/task.yaml
@@ -1,6 +1,6 @@
package:
name: task
- version: 3.39.2
+ version: 3.40.0
epoch: 0
description: A task runner / simpler Make alternative written in Go
copyright:
@@ -13,7 +13,7 @@ pipeline:
with:
repository: https://github.com/go-task/task
tag: v${{package.version}}
- expected-commit: 58ab26c4abcaff48d99aeaf7d333b3e1e08d0438
+ expected-commit: d8e176311d323f79fbf4de1557614c9d70f5b5f0
- uses: go/build
with:
diff --git a/tekton-chains.yaml b/tekton-chains.yaml
index 634e16d5bd4..fb381ab7ab9 100644
--- a/tekton-chains.yaml
+++ b/tekton-chains.yaml
@@ -1,6 +1,6 @@
package:
name: tekton-chains
- version: 0.22.2
+ version: 0.23.0
epoch: 0
description: Supply Chain Security in Tekton Pipelines
copyright:
@@ -13,13 +13,13 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 1390c44e4fe12c81d28dac64a3177a2c11602bc5
+ expected-commit: 227b3119c6a4e6c1e09dcd70e66439d9f5c4a59e
repository: https://github.com/tektoncd/chains
tag: v${{package.version}}
- uses: go/bump
with:
- deps: github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.6.0 github.com/docker/docker@v26.1.5
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- uses: go/build
with:
diff --git a/tekton-pipelines.yaml b/tekton-pipelines.yaml
index 8b65681399a..bd4ecb061b6 100644
--- a/tekton-pipelines.yaml
+++ b/tekton-pipelines.yaml
@@ -1,6 +1,6 @@
package:
name: tekton-pipelines
- version: 0.65.0
+ version: 0.65.1
epoch: 0
description: A cloud-native Pipeline resource.
copyright:
@@ -15,9 +15,14 @@ pipeline:
with:
repository: https://github.com/tektoncd/pipeline
tag: v${{package.version}}
- expected-commit: 96db451723e5c30785e729899ee458b07ceb6869
+ expected-commit: 58910a4910efd2a4c16ab857fc7ad08da37b961b
destination: tekton
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: tekton
+
- uses: go/build
with:
packages: ./cmd/controller
diff --git a/telegraf-1.32.yaml b/telegraf-1.32.yaml
index bce27a3d404..f117795a15f 100644
--- a/telegraf-1.32.yaml
+++ b/telegraf-1.32.yaml
@@ -1,7 +1,7 @@
package:
name: telegraf-1.32
version: 1.32.2
- epoch: 0
+ epoch: 1
description: Telegraf is an agent for collecting, processing, aggregating, and writing metric
copyright:
- license: MIT
@@ -25,6 +25,10 @@ pipeline:
expected-commit: 160548d795bbfd3889b30fffb27c71ea08e5ca6e
repository: https://github.com/influxdata/telegraf
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
make package include_packages="linux_${{build.goarch}}.tar.gz"
diff --git a/teleport.yaml b/teleport.yaml
index 947d58e9acc..eedc9282074 100644
--- a/teleport.yaml
+++ b/teleport.yaml
@@ -1,7 +1,7 @@
package:
name: teleport
- version: 16.4.6
- epoch: 1
+ version: 17.0.1
+ epoch: 0
description: The easiest, and most secure way to access and protect all of your infrastructure.
copyright:
- license: AGPL-3.0-only
@@ -19,7 +19,7 @@ environment:
- busybox
- ca-certificates-bundle
- corepack
- - go-1.22
+ - go
- node-gyp
- nodejs
- openssf-compiler-options
@@ -35,9 +35,13 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/gravitational/teleport
- expected-commit: 3104d1ac1ceac0d0405f6a675110f258a67dbb2a
+ expected-commit: dc5837102a82fdfc4807a8c760839f4ca4be08a9
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
# https://github.com/gravitational/teleport#building-teleport
mkdir -p "${{targets.contextdir}}"/var/lib/teleport
diff --git a/temporal-server.yaml b/temporal-server.yaml
index b77bfa2cb18..17fcf24d262 100644
--- a/temporal-server.yaml
+++ b/temporal-server.yaml
@@ -1,6 +1,6 @@
package:
name: temporal-server
- version: 1.25.1
+ version: 1.25.2
epoch: 0
description: Temporal server executes units of application logic, Workflows, in a resilient manner that automatically handles intermittent failures, and retries failed operations
copyright:
@@ -26,7 +26,11 @@ pipeline:
with:
repository: https://github.com/temporalio/temporal
tag: v${{package.version}}
- expected-commit: 72d6a9c0e531b34fd696d121a95f435a4957cd05
+ expected-commit: 9129d9c7e9870e132e09db679562d0217f1dfb39
+
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
make bins
diff --git a/temporal.yaml b/temporal.yaml
index a96cf88a187..e12322711d9 100644
--- a/temporal.yaml
+++ b/temporal.yaml
@@ -1,7 +1,7 @@
package:
name: temporal
version: 1.1.1
- epoch: 0
+ epoch: 1
description: Command-line interface for running Temporal Server and interacting with Workflows, Activities, Namespaces, and other parts of Temporal
copyright:
- license: MIT
@@ -24,6 +24,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 8a133d95ace58c936d9ec52633b6b6835a6f6ed8
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: ./cmd/temporal
diff --git a/terraform-provider-aws.yaml b/terraform-provider-aws.yaml
index daa9f499351..34cf87f8b93 100644
--- a/terraform-provider-aws.yaml
+++ b/terraform-provider-aws.yaml
@@ -1,6 +1,6 @@
package:
name: terraform-provider-aws
- version: 5.74.0
+ version: 5.76.0
epoch: 0
description: Terraform AWS provider
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/hashicorp/terraform-provider-aws
tag: v${{package.version}}
- expected-commit: 2d8df6e0c897d90d71584735cd1f09d2a4ac7ffb
+ expected-commit: 6a499196b4e29f596106b09bb15ed33426366d0c
- uses: go/build
with:
diff --git a/terraform-provider-azurerm.yaml b/terraform-provider-azurerm.yaml
index 6fd634d63d0..3c47cdd92a2 100644
--- a/terraform-provider-azurerm.yaml
+++ b/terraform-provider-azurerm.yaml
@@ -1,6 +1,6 @@
package:
name: terraform-provider-azurerm
- version: 4.8.0
+ version: 4.10.0
epoch: 0
description: Terraform provider for Azure Resource Manager
copyright:
@@ -14,7 +14,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: 474f00e7a0745d8b7d62469db1f2112b3646b668
+ expected-commit: 7d5c0779bce9b783e8a7e3ac67f1621c6d757972
repository: https://github.com/hashicorp/terraform-provider-azurerm
tag: v${{package.version}}
diff --git a/terraform-provider-google.yaml b/terraform-provider-google.yaml
index f1463513f8d..13f1ad8512b 100644
--- a/terraform-provider-google.yaml
+++ b/terraform-provider-google.yaml
@@ -1,6 +1,6 @@
package:
name: terraform-provider-google
- version: 6.9.0
+ version: 6.11.2
epoch: 0
description: Terraform GCP provider
copyright:
@@ -16,7 +16,7 @@ pipeline:
with:
repository: https://github.com/hashicorp/terraform-provider-google
tag: v${{package.version}}
- expected-commit: 39e428df10a564df7f5552a7ef0fd524cf524da5
+ expected-commit: 1001a9f99b5167c37efc06e9dc3829b0912ea71f
- uses: go/build
with:
diff --git a/terraform.yaml b/terraform.yaml
index 69f7b2f0bd9..f21755809d8 100644
--- a/terraform.yaml
+++ b/terraform.yaml
@@ -1,7 +1,7 @@
package:
name: terraform
version: 1.5.7
- epoch: 16
+ epoch: 17
copyright:
- license: MPL-2.0
@@ -14,7 +14,7 @@ pipeline:
- uses: go/bump
with:
- deps: google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/hashicorp/go-getter@v1.7.5
+ deps: google.golang.org/grpc@v1.56.3 golang.org/x/crypto@v0.17.0 google.golang.org/protobuf@v1.33.0 golang.org/x/net@v0.23.0 github.com/hashicorp/go-retryablehttp@v0.7.7 github.com/hashicorp/go-getter@v1.7.5 github.com/golang-jwt/jwt/v4@v4.5.1
- uses: go/build
with:
diff --git a/terragrunt.yaml b/terragrunt.yaml
index e5b66c34e81..025e35e8d56 100644
--- a/terragrunt.yaml
+++ b/terragrunt.yaml
@@ -1,6 +1,6 @@
package:
name: terragrunt
- version: 0.68.7
+ version: 0.68.14
epoch: 0
description: Thin wrapper for Terraform providing extra tools
copyright:
@@ -21,7 +21,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 326c3251e74f7ea5156ace251fdcc1d49f1084c3
+ expected-commit: cb852440a92a00ab221e87830eb5bffea9054a55
repository: https://github.com/gruntwork-io/terragrunt
tag: v${{package.version}}
diff --git a/tesseract.yaml b/tesseract.yaml
index 105c7963fd4..1b5de097b86 100644
--- a/tesseract.yaml
+++ b/tesseract.yaml
@@ -1,7 +1,7 @@
package:
name: tesseract
- version: 5.4.1
- epoch: 3
+ version: 5.5.0
+ epoch: 0
description: Tesseract Open Source OCR Engine
copyright:
- license: Apache-2.0
@@ -115,7 +115,7 @@ pipeline:
with:
repository: https://github.com/tesseract-ocr/tesseract
tag: ${{package.version}}
- expected-commit: b5f279ec7582dc57f6464557ed938558791f200d
+ expected-commit: 64eab6c457b2337dd690746a5fde5c222b40d5f8
- runs: |
# They have some hardcoded include paths
diff --git a/tflint.yaml b/tflint.yaml
index dc364d9bbd9..0aa13b53fc5 100644
--- a/tflint.yaml
+++ b/tflint.yaml
@@ -1,7 +1,7 @@
package:
name: tflint
- version: 0.53.0
- epoch: 2
+ version: 0.54.0
+ epoch: 0
description: A Pluggable Terraform Linter
copyright:
- license: MPL-2.0
@@ -19,7 +19,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 51fe0738442a0cbcc6d55ec7326abe807bce763f
+ expected-commit: b77539470949bf637f827a0d292ac880c94ec4ba
repository: https://github.com/terraform-linters/tflint
tag: v${{package.version}}
diff --git a/thingsboard.yaml b/thingsboard.yaml
index 82c2314e741..9175da1da25 100644
--- a/thingsboard.yaml
+++ b/thingsboard.yaml
@@ -1,7 +1,7 @@
package:
name: thingsboard
version: 3.8.1
- epoch: 0
+ epoch: 2
description: "Open-source IoT Platform - Device management, data collection, processing and visualization."
copyright:
- license: Apache-2.0
@@ -130,6 +130,12 @@ subpackages:
cp -r ${{targets.subpkgdir}}/usr/share/thingsboard/conf/* ${{targets.subpkgdir}}/config
test:
pipeline:
+ # This test needs to be run in order to ensure that tomcat-embed-core exists to provide jakarta/servlet/Filter.class (issue with pombump before)
+ - name: Test for tomcat-embed-core
+ runs: |
+ cd /usr/share/thingsboard/bin/
+ unzip thingsboard.jar
+ ls BOOT-INF/lib/ | grep -q "tomcat-embed-core" || { echo "tomcat-embed-core not found"; exit 1; }
- name: Test server logs
uses: test/daemon-check-output
with:
diff --git a/thingsboard/pombump-deps.yaml b/thingsboard/pombump-deps.yaml
index 47ae92e97b6..b3e8c7b797f 100644
--- a/thingsboard/pombump-deps.yaml
+++ b/thingsboard/pombump-deps.yaml
@@ -1,25 +1,25 @@
patches:
- - groupId: com.nimbusds
- artifactId: nimbus-jose-jwt
- version: 9.37.2
- - groupId: com.squareup.okio
- artifactId: okio
- version: 3.4.0
- - groupId: org.apache.tomcat.embed
- artifactId: tomcat-embed-core
- version: 10.1.25
- - groupId: kotlin-stdlib
- artifactId: kotlin-stdlib
- version: 1.4.21
- - groupId: net.minidev
- artifactId: json-smart
- version: 2.4.9
- - groupId: com.squareup.wire
- artifactId: wire-schema-jvm
- version: 4.9.9
- - groupID: com.google.protobuf
- artifactID: protobuf-java
- version: 3.25.5
- - groupId: org.springframework
- artifactId: spring-web
- version: 6.1.12
\ No newline at end of file
+ - groupId: com.nimbusds
+ artifactId: nimbus-jose-jwt
+ version: 9.37.2
+ - groupId: com.squareup.okio
+ artifactId: okio
+ version: 3.4.0
+ - groupId: kotlin-stdlib
+ artifactId: kotlin-stdlib
+ version: 1.4.21
+ - groupId: net.minidev
+ artifactId: json-smart
+ version: 2.4.9
+ - groupId: com.squareup.wire
+ artifactId: wire-schema-jvm
+ version: 4.9.9
+ - groupID: com.google.protobuf
+ artifactID: protobuf-java
+ version: 3.25.5
+ - groupId: org.springframework
+ artifactId: spring-web
+ version: 6.1.12
+ - groupId: org.springframework
+ artifactId: spring-context
+ version: 6.1.14
diff --git a/thingsboard/pombump-properties.yaml b/thingsboard/pombump-properties.yaml
new file mode 100644
index 00000000000..01866ae6b46
--- /dev/null
+++ b/thingsboard/pombump-properties.yaml
@@ -0,0 +1,13 @@
+properties:
+ - property: spring.version
+ value: "6.1.14"
+ - property: spring-boot.version
+ value: "3.2.11"
+ - property: spring-data.version
+ value: "3.2.11"
+ - property: spring-security.version
+ value: "6.2.7"
+ - property: spring-data-redis.version
+ value: "3.2.11"
+ - property: spring-redis.version
+ value: "6.2.10"
diff --git a/tigera-operator-1.35.yaml b/tigera-operator-1.35.yaml
index daf88a7afd0..4228fb81c40 100644
--- a/tigera-operator-1.35.yaml
+++ b/tigera-operator-1.35.yaml
@@ -1,6 +1,6 @@
package:
name: tigera-operator-1.35
- version: 1.35.2
+ version: 1.35.3
epoch: 0
description: Kubernetes operator for installing Calico and Calico Enterprise
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/tigera/operator
tag: v${{package.version}}
- expected-commit: 7982f6735353dfce3603a9c35bda2f4a6609c3ca
+ expected-commit: a95cfe15b029e9adc4b218b1cd73be8786da5a0b
- runs: |
PACKAGE_NAME=github.com/tigera/operator
diff --git a/tigerbeetle.yaml b/tigerbeetle.yaml
index 1d4de1f31da..b988c969454 100644
--- a/tigerbeetle.yaml
+++ b/tigerbeetle.yaml
@@ -1,6 +1,6 @@
package:
name: tigerbeetle
- version: 0.16.11
+ version: 0.16.12
epoch: 0
description: "The distributed financial accounting database designed for mission critical safety and performance."
copyright:
@@ -19,7 +19,7 @@ pipeline:
with:
repository: https://github.com/tigerbeetledb/tigerbeetle
tag: ${{package.version}}
- expected-commit: ea8a3e445fd1801d8f5ad1dbd6a9320861053912
+ expected-commit: 6203ca014b7494e0bb8eaa11dc7d54bafcd2e487
- runs: |
zig build -Drelease
diff --git a/tileserver-gl.yaml b/tileserver-gl.yaml
new file mode 100644
index 00000000000..66bc457cd9a
--- /dev/null
+++ b/tileserver-gl.yaml
@@ -0,0 +1,168 @@
+package:
+ name: tileserver-gl
+ version: 5.0.0
+ epoch: 1
+ description: Vector and raster maps with GL styles. Server side rendering by MapLibre GL Native. Map tile server for MapLibre GL JS, Android, iOS, Leaflet, OpenLayers, GIS via WMTS, etc.
+ copyright:
+ - license: BSD-2-Clause
+ dependencies:
+ runtime:
+ - Xvfb
+ - busybox
+ - mesa
+ - mesa-glx
+ - nodejs-20
+ - npm
+ - xkbcomp
+ - xkeyboard-config
+
+environment:
+ contents:
+ packages:
+ - build-base
+ - busybox
+ - cairo-dev
+ - cmake
+ - curl-dev
+ - fribidi-dev
+ - harfbuzz-dev
+ - icu-dev
+ - jq
+ - libglfw-dev
+ - libglvnd-dev
+ - libjpeg-turbo-dev
+ - libpng-dev
+ - libuv-dev
+ - libwebp
+ - libwebp-dev
+ - libxft-dev
+ - mesa
+ - mesa-glx
+ - nodejs-20
+ - npm
+ - openssf-compiler-options
+ - pango-dev
+ - pixman-dev
+ - py3.11-pip
+ - python-3.11
+ - xorg-server-dev
+
+pipeline:
+ - uses: git-checkout
+ with:
+ repository: https://github.com/maptiler/tileserver-gl
+ tag: v${{package.version}}
+ expected-commit: 6cda7a0b384940b781838be7415b2ae448edcd29
+ destination: app
+
+ # patch and install npm dependencies
+ - uses: patch
+ with:
+ patches: package-json.patch
+
+ # install packages
+ - working-directory: app
+ runs: |
+ npm install --omit=dev
+
+ # remove test code for resolve module that is triggering a false positive CVE scan
+ # see https://github.com/browserify/resolve/issues/319 for more details
+ - working-directory: app
+ runs: |
+ rm -fR node_modules/resolve/test
+
+ # build canvas from source code to use system libraries
+ - working-directory: app/node_modules/canvas
+ runs: |
+ ../.bin/node-pre-gyp install --build-from-source
+ # Clean up intermediate build files
+ find . -name "*.o" -type f -delete
+ find . -path "*/obj.target/*" -type f -delete
+
+ # reinstall sharp and remove any musl packages
+ - working-directory: app
+ runs: |
+ rm -fR node_modules/@img/*musl* node_modules/sharp
+ sharp_version="$(jq /tmp/test.png ; then
+ if file /tmp/test.png | grep PNG >/dev/null ; then
+ echo "PNG file downloaded successfully"
+ exit 0
+ fi
+ fi
+ sleep $attempt
+ done
+
+ echo "Unable to retrieve map PNG file - type is $(file /tmp/test.png)"
+ ls -la /tmp/test.png
+ exit 1
diff --git a/tileserver-gl/docker-entrypoint.sh b/tileserver-gl/docker-entrypoint.sh
new file mode 100644
index 00000000000..58f90093324
--- /dev/null
+++ b/tileserver-gl/docker-entrypoint.sh
@@ -0,0 +1,11 @@
+#!/bin/sh
+
+if ! which -- "${1}"; then
+ # first arg is not an executable
+ if [ -e /tmp/.X99-lock ]; then rm /tmp/.X99-lock -f; fi
+ export DISPLAY=:99
+ Xvfb "${DISPLAY}" -nolisten unix &
+ exec node /usr/src/app/ "$@"
+fi
+
+exec "$@"
diff --git a/tileserver-gl/package-json.patch b/tileserver-gl/package-json.patch
new file mode 100644
index 00000000000..f1811f699c1
--- /dev/null
+++ b/tileserver-gl/package-json.patch
@@ -0,0 +1,11 @@
+--- a/app/package.json
++++ b/app/package.json
+@@ -33,7 +33,7 @@
+ "color": "4.2.3",
+ "commander": "12.1.0",
+ "cors": "2.8.5",
+- "express": "4.19.2",
++ "express": "^4.21.1",
+ "handlebars": "4.7.8",
+ "http-shutdown": "1.2.2",
+ "morgan": "1.10.0",
diff --git a/tkn.yaml b/tkn.yaml
index da861139a27..90a56ef1c13 100644
--- a/tkn.yaml
+++ b/tkn.yaml
@@ -1,7 +1,7 @@
package:
name: tkn
version: 0.38.1
- epoch: 1
+ epoch: 2
description: A CLI for interacting with Tekton!
copyright:
- license: Apache-2.0
@@ -22,6 +22,10 @@ pipeline:
tag: v${{package.version}}
expected-commit: 1da09c088bf9f3f82eeee7508bbddf0e7c28fa4b
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- runs: |
make bin/tkn
install -Dm755 ./bin/tkn ${{targets.destdir}}/usr/bin/tkn
diff --git a/tomcat-11.0.yaml b/tomcat-11.0.yaml
index 8d745e9dc44..83b182067df 100644
--- a/tomcat-11.0.yaml
+++ b/tomcat-11.0.yaml
@@ -1,6 +1,6 @@
package:
name: tomcat-11.0
- version: 11.0.0
+ version: 11.0.1
epoch: 0
description: Apache Tomcat Web Server
copyright:
@@ -35,7 +35,7 @@ pipeline:
with:
repository: https://github.com/apache/tomcat
tag: ${{package.version}}
- expected-commit: 56e547d387ab49f688c93fe9ca082b1b5d94deed
+ expected-commit: 6c56147c3966fde5ae34aab2b253593e8700a28c
- runs: |
cat < build.properties
diff --git a/traefik-3.2.yaml b/traefik-3.2.yaml
index 28e9986d4d8..e37be5e4416 100644
--- a/traefik-3.2.yaml
+++ b/traefik-3.2.yaml
@@ -1,7 +1,7 @@
package:
name: traefik-3.2
version: 3.2.0
- epoch: 0
+ epoch: 1
description: The Cloud Native Application Proxy
copyright:
- license: MIT
@@ -32,6 +32,11 @@ pipeline:
yarn install
yarn build
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: .
+
- uses: go/build
with:
modroot: .
diff --git a/trafficserver-9.yaml b/trafficserver-9.yaml
index 4c5c811ceb9..04770b16522 100644
--- a/trafficserver-9.yaml
+++ b/trafficserver-9.yaml
@@ -1,7 +1,7 @@
package:
name: trafficserver-9
- version: 9.2.4
- epoch: 3
+ version: 9.2.6
+ epoch: 0
description: Apache Traffic Serverâ„¢ is a fast, scalable and extensible HTTP/1.1 and HTTP/2 compliant caching proxy server.
copyright:
- license: Apache-2.0
@@ -24,7 +24,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 90fbf13db0858cef0e0a094f445d846b60a4c1ef
+ expected-commit: de3e58726f6f58a95266a41eaa31ff3c6fc14336
repository: https://github.com/apache/trafficserver
tag: ${{package.version}}
diff --git a/tree-sitter.yaml b/tree-sitter.yaml
index f835d6a81ec..2b6a7b9aa64 100644
--- a/tree-sitter.yaml
+++ b/tree-sitter.yaml
@@ -1,6 +1,6 @@
package:
name: tree-sitter
- version: 0.24.3
+ version: 0.24.4
epoch: 0
description: "Incremental parsing system for programming tools"
copyright:
@@ -20,7 +20,7 @@ pipeline:
with:
repository: https://github.com/tree-sitter/tree-sitter
tag: v${{package.version}}
- expected-commit: bdfe32402e85673bbc693216f0a6ef72c98bb665
+ expected-commit: fc8c1863e2e5724a0c40bb6e6cfc8631bfe5908b
- uses: autoconf/make
diff --git a/trino.yaml b/trino.yaml
index 68f1e8c3491..e9ddb114374 100644
--- a/trino.yaml
+++ b/trino.yaml
@@ -1,7 +1,7 @@
package:
name: trino
- version: "463"
- epoch: 0
+ version: "464"
+ epoch: 1
description: The distributed SQL query engine for big data, formerly known as PrestoSQL
copyright:
- license: Apache-2.0
@@ -25,7 +25,7 @@ environment:
- git
- jvmkill
- maven
- - openjdk-22
+ - openjdk-23
- wolfi-base
pipeline:
@@ -33,20 +33,14 @@ pipeline:
with:
repository: https://github.com/trinodb/trino.git
tag: ${{package.version}}
- expected-commit: 3f9d25efbb7fbc17b25ea80d6fb4b8bf528f5537
+ expected-commit: 299842e3cddde87b2f4b2589edbe53c41743f71a
- uses: maven/pombump
- - uses: maven/pombump
- with:
- patch-file: ""
- properties-file: pombump-properties-es.yaml
- pom: plugin/trino-elasticsearch/pom.xml
-
- runs: |
set -x
- export JAVA_HOME=/usr/lib/jvm/java-22-openjdk
+ export JAVA_HOME=/usr/lib/jvm/java-23-openjdk
./mvnw package -q -DskipTests -Dmaven.source.skip=true -Dair.check.skip-all -T 8 -pl '!:trino-docs,!:trino-server-rpm,!:trino-tests,!:trino-product-tests,!:trino-product-tests-launcher,!:trino-web-ui' -am
@@ -64,7 +58,6 @@ pipeline:
data:
- name: plugins
items:
- accumulo: accumulo
bigquery: bigquery
blackhole: blackhole
cassandra: cassandra
@@ -73,25 +66,32 @@ data:
druid: druid
elasticsearch: elasticsearch
example-http: example-http
+ exasol: exasol
exchange-filesystem: exchange-filesystem
exchange-hdfs: exchange-hdfs
+ faker: faker
geospatial: geospatial
google-sheets: google-sheets
hive: hive
http-event-listener: http-event-listener
+ http-server-event-listener: http-server-event-listener
hudi: hudi
iceberg: iceberg
ignite: ignite
jmx: jmx
kafka: kafka
+ kafka-event-listener: kafka-event-listener
kinesis: kinesis
- kudu: kudu
+ # kudu: kudu # kudu has an unfixable CVE (GHSA-735f-pc8j-v9w8), so we're not incuding it.
mariadb: mariadb
memory: memory
ml: ml
mongodb: mongodb
mysql: mysql
mysql-event-listener: mysql-event-listener
+ opa: opa
+ openlineage: openlineage
+ opensearch: opensearch
oracle: oracle
password-authenticators: password-authenticators
# phoenix5: phoenix5 # phoenix5 is riddled with CVEs, so we're not including it.
@@ -103,11 +103,13 @@ data:
resource-group-managers: resource-group-managers
session-property-managers: session-property-managers
singlestore: singlestore
+ snowflake: snowflake
sqlserver: sqlserver
teradata-functions: teradata-functions
thrift: thrift
tpcds: tpcds
tpch: tpch
+ vertica: vertica
subpackages:
- name: ${{package.name}}-config
diff --git a/trino/pombump-deps.yaml b/trino/pombump-deps.yaml
index 48a82bb980f..ac73dc88e99 100644
--- a/trino/pombump-deps.yaml
+++ b/trino/pombump-deps.yaml
@@ -1,18 +1,4 @@
patches:
- - groupId: ch.qos.logback
- artifactId: logback-core
- version: '[1.4.12,2.0.0)'
- scope: import
- type: jar
- # Fixes CVE-2024-29133 CVE-2024-29131
- - groupId: org.apache.commons
- artifactId: commons-configuration2
- version: 2.10.1
- scope: import
- type: jar
- # Fixes CVE-2024-7254
- - groupId: com.google.protobuf
- artifactId: protobuf-java
- version: 3.25.5
- scope: import
- type: pom
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/trino/pombump-properties-es.yaml b/trino/pombump-properties-es.yaml
deleted file mode 100644
index 16cda0f116c..00000000000
--- a/trino/pombump-properties-es.yaml
+++ /dev/null
@@ -1,3 +0,0 @@
-properties:
- - property: dep.elasticsearch.version
- value: "7.17.24"
diff --git a/trivy.yaml b/trivy.yaml
index 8382e689941..6cc708ec4c4 100644
--- a/trivy.yaml
+++ b/trivy.yaml
@@ -1,7 +1,7 @@
package:
name: trivy
version: 0.57.0
- epoch: 0
+ epoch: 1
description: Simple and comprehensive vulnerability scanner for containers
copyright:
- license: Apache-2.0
@@ -13,6 +13,10 @@ pipeline:
repository: https://github.com/aquasecurity/trivy
tag: v${{package.version}}
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+
- uses: go/build
with:
packages: ./cmd/trivy
diff --git a/ugrep.yaml b/ugrep.yaml
index 74d0d83ba27..32448d4341b 100644
--- a/ugrep.yaml
+++ b/ugrep.yaml
@@ -1,8 +1,8 @@
# Generated from https://git.alpinelinux.org/aports/plain/community/ugrep/APKBUILD
package:
name: ugrep
- version: 7.0.2
- epoch: 1
+ version: 7.0.4
+ epoch: 0
description: Ultra fast grep with interactive query UI and fuzzy search
copyright:
- license: BSD-3-Clause
@@ -29,7 +29,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/Genivia/ugrep
- expected-commit: bddae22190a4b0c3968d9badb4590632c6ca9194
+ expected-commit: ffd990fcd9e1280bb747c19545ca36a0313d2f16
tag: v${{package.version}}
- uses: autoconf/configure
diff --git a/util-macros.yaml b/util-macros.yaml
index 4b47bd89185..df86a5ebb07 100644
--- a/util-macros.yaml
+++ b/util-macros.yaml
@@ -1,7 +1,7 @@
package:
name: util-macros
- version: 1.20.1
- epoch: 1
+ version: 1.20.2
+ epoch: 0
description: X.Org Autotools macros
copyright:
- license: MIT
@@ -18,7 +18,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: b373f72887b1394ce2193180a60cb0d1fb8b17bc96ddd770cfd7a808cb489a15
+ expected-sha256: f642f8964d81acdf06653fdf9dbc210c43ce4bd308bd644a8d573148d0ced76b
uri: https://www.x.org/releases/individual/util/util-macros-${{package.version}}.tar.gz
- uses: autoconf/configure
diff --git a/uutils.yaml b/uutils.yaml
index 5054b66c0cd..f1aed073792 100644
--- a/uutils.yaml
+++ b/uutils.yaml
@@ -1,7 +1,7 @@
package:
name: uutils
- version: 0.0.27
- epoch: 3
+ version: 0.0.28
+ epoch: 0
description: "Cross-platform Rust rewrite of the GNU coreutils."
copyright:
- license: MIT
@@ -25,7 +25,7 @@ pipeline:
with:
repository: https://github.com/uutils/coreutils
tag: ${{package.version}}
- expected-commit: 9b11753e7cb06b0f76f4221fc237019c0a86f8f5
+ expected-commit: 1d9e1626377cbaea3b21842a3525a62ba60f905f
- name: Configure and build
runs: |
diff --git a/uv.yaml b/uv.yaml
index 00ff2d2710a..685b8fbc2e8 100644
--- a/uv.yaml
+++ b/uv.yaml
@@ -1,6 +1,6 @@
package:
name: uv
- version: 0.4.29
+ version: 0.5.2
epoch: 0
description: An extremely fast Python package installer and resolver, written in Rust.
copyright:
@@ -24,7 +24,7 @@ pipeline:
with:
repository: https://github.com/astral-sh/uv
tag: ${{package.version}}
- expected-commit: 85f9a0d0ec6d8dd703bf188744bad726703352bc
+ expected-commit: 195f4b634ff0230fcef5445c6023a74faab92184
- runs: |
cargo auditable build --locked --release
@@ -40,8 +40,20 @@ update:
test:
pipeline:
- - runs: |
+ - name: uv version and help
+ runs: |
uv --version | grep ${{package.version}}
uvx --version | grep ${{package.version}}
uv --help
uvx --help
+ - name: uv simple example
+ runs: |
+ uv init example
+ cd example
+ uv add ruff
+ uv run ruff check
+ - name: uv toolings
+ runs: |
+ uv tool install ruff
+ uv venv
+ uv python list
diff --git a/varnish.yaml b/varnish.yaml
index 42cfc74dcc8..ca52f46d97d 100644
--- a/varnish.yaml
+++ b/varnish.yaml
@@ -1,7 +1,7 @@
package:
name: varnish
- version: 7.6.0
- epoch: 1
+ version: 7.6.1
+ epoch: 0
description: "Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy"
copyright:
- license: BSD-2-Clause
@@ -23,6 +23,7 @@ environment:
- pkgconf-dev
- py3-docutils
- py3-sphinx
+ - python3
- wolfi-baselayout
pipeline:
@@ -30,7 +31,7 @@ pipeline:
with:
repository: https://github.com/varnishcache/varnish-cache
tag: varnish-${{package.version}}
- expected-commit: ed1243ca162a7b1d975bc0332f0d66d33f0bc78e
+ expected-commit: c3d5882003eb87e5e93dc09fb9513ca96db3ca3c
- runs: autoreconf -vif
@@ -60,9 +61,15 @@ update:
tag-filter: varnish-
test:
+ environment:
+ contents:
+ packages:
+ - build-base
+ - curl
pipeline:
# AUTOGENERATED
- - runs: |
+ - name: Basic binary checks
+ runs: |
varnishadm -h
varnishhist -h
varnishlog -h
@@ -72,3 +79,10 @@ test:
varnishtop -h
varnishd -V
varnishstat_help_gen --help
+ - name: Checks varnish can be launched
+ runs: |
+ varnishd -a :8080 -b localhost:80 &
+ sleep 4
+ curl -I http://localhost:8080 | grep "HTTP/1.1 503" || (echo "Expected cache miss or backend error"; exit 1)
+ pkill varnishd
+ echo "Varnish cache response test passed."
diff --git a/vault-k8s.yaml b/vault-k8s.yaml
index eb19ccf9b78..4a3ad12b13a 100644
--- a/vault-k8s.yaml
+++ b/vault-k8s.yaml
@@ -1,7 +1,7 @@
package:
name: vault-k8s
- version: 1.4.2 # When updating, make sure to check that the license is still MPL!
- epoch: 1
+ version: 1.5.0 # When updating, make sure to check that the license is still MPL!
+ epoch: 0
description: Tool for encryption as a service, secrets and privileged access management
copyright:
- license: MPL-2.0
@@ -18,7 +18,7 @@ pipeline:
with:
repository: https://github.com/hashicorp/vault-k8s
tag: v${{package.version}}
- expected-commit: 09f70c84b3d2f51ac9ef0e00efe6e12fa2472908
+ expected-commit: 57a108b3979db91f00f4ecf5c559840eb014e664
- runs: |
# Our builtin LDFLAGS conflict with some makefile defined Go-specific ones.
diff --git a/vcluster.yaml b/vcluster.yaml
index 0474b224e53..7c392f7304d 100644
--- a/vcluster.yaml
+++ b/vcluster.yaml
@@ -1,7 +1,7 @@
package:
name: vcluster
- version: 0.20.4
- epoch: 1
+ version: 0.21.0
+ epoch: 0
description: Create fully functional virtual Kubernetes clusters
copyright:
- license: Apache-2.0
@@ -12,6 +12,7 @@ package:
environment:
contents:
packages:
+ - curl
- helm
- openssf-compiler-options
@@ -20,11 +21,11 @@ pipeline:
with:
repository: https://github.com/loft-sh/vcluster
tag: v${{package.version}}
- expected-commit: 7808698af19bc2b08d86f535c57188d8d3483719
+ expected-commit: 0c5dde79d5d8aa811c34b3869695e389309948af
- uses: go/bump
with:
- deps: github.com/docker/docker@v26.1.5 google.golang.org/grpc@v1.64.1
+ deps: github.com/docker/docker@v26.1.5
- runs: |
export RELEASE_VERSION=${{package.version}}
diff --git a/velero-plugin-for-aws.yaml b/velero-plugin-for-aws.yaml
index 3798311b9a2..f91552073e1 100644
--- a/velero-plugin-for-aws.yaml
+++ b/velero-plugin-for-aws.yaml
@@ -1,7 +1,7 @@
package:
name: velero-plugin-for-aws
- version: 1.10.1
- epoch: 1
+ version: 1.11.0
+ epoch: 0
description: Plugins to support Velero on AWS
copyright:
- license: Apache-2.0
@@ -10,7 +10,7 @@ pipeline:
- uses: git-checkout
with:
tag: v${{package.version}}
- expected-commit: 5c92b55632c269ba69c4bbeeb827ddae36b94f89
+ expected-commit: 1dcd0597ad07ce7477a419524eac6cf02ec76800
repository: https://github.com/vmware-tanzu/velero-plugin-for-aws
- uses: go/build
diff --git a/velero-plugin-for-microsoft-azure.yaml b/velero-plugin-for-microsoft-azure.yaml
index ff930741f3f..88c8002853f 100644
--- a/velero-plugin-for-microsoft-azure.yaml
+++ b/velero-plugin-for-microsoft-azure.yaml
@@ -1,6 +1,6 @@
package:
name: velero-plugin-for-microsoft-azure
- version: 1.10.1
+ version: 1.11.0
epoch: 0
description: Plugins to support Velero on microsoft-azure
copyright:
@@ -10,7 +10,7 @@ pipeline:
- uses: git-checkout
with:
tag: v${{package.version}}
- expected-commit: c66d19610bee718f5c1930b55d51c46a5b5a48aa
+ expected-commit: 3b08906e50a1a152e4a86161794774364e005b5b
repository: https://github.com/vmware-tanzu/velero-plugin-for-microsoft-azure
- uses: go/build
diff --git a/velero.yaml b/velero.yaml
index 191d4262f51..bf9e73c787f 100644
--- a/velero.yaml
+++ b/velero.yaml
@@ -1,7 +1,7 @@
package:
name: velero
- version: 1.14.1
- epoch: 1
+ version: 1.15.0
+ epoch: 0
description: Backup and migrate Kubernetes applications and their persistent volumes
copyright:
- license: Apache-2.0
@@ -13,7 +13,7 @@ pipeline:
- uses: git-checkout
with:
tag: v${{package.version}}
- expected-commit: 8afe3cea8b7058f7baaf447b9fb407312c40d2da
+ expected-commit: 1d4f1475975b5107ec35f4d19ff17f7d1fcb3edf
repository: https://github.com/vmware-tanzu/velero
- uses: go/build
diff --git a/vexctl.yaml b/vexctl.yaml
index b91cd1ad784..02812a907f5 100644
--- a/vexctl.yaml
+++ b/vexctl.yaml
@@ -1,7 +1,7 @@
package:
name: vexctl
version: 0.3.0
- epoch: 0
+ epoch: 1
description: A tool to create, transform and attest VEX metadata
copyright:
- license: Apache-2.0
@@ -13,6 +13,11 @@ pipeline:
tag: v${{package.version}}
expected-commit: c613023a69ce990a54c25c2f5e69d5d78285927f
+ - uses: go/bump
+ with:
+ deps: github.com/golang-jwt/jwt/v4@v4.5.1
+ modroot: .
+
- uses: go/build
with:
packages: .
diff --git a/victoriametrics-cluster.yaml b/victoriametrics-cluster.yaml
index b681ed8c56a..3567c770074 100644
--- a/victoriametrics-cluster.yaml
+++ b/victoriametrics-cluster.yaml
@@ -1,6 +1,6 @@
package:
name: victoriametrics-cluster
- version: 1.105.0
+ version: 1.106.0
epoch: 0
description: VictoriaMetrics is a fast, cost-effective, and scalable monitoring solution and time series database designed for high performance and reliability. It supports both single-server and clustered installations, providing flexibility for various deployment needs, and integrates well with tools like Grafana for data visualization.
copyright:
@@ -18,7 +18,7 @@ data:
pipeline:
- uses: git-checkout
with:
- expected-commit: 7ba360adad0dcca4cec4ed56a8f47eb3e7d7ede8
+ expected-commit: 48d3052901c0ffb596c4e9d3cfdad97194c2859c
repository: https://github.com/VictoriaMetrics/VictoriaMetrics
tag: v${{package.version}}-cluster
diff --git a/victoriametrics-operator.yaml b/victoriametrics-operator.yaml
index 689ff3b14fa..071a77b58dd 100644
--- a/victoriametrics-operator.yaml
+++ b/victoriametrics-operator.yaml
@@ -1,6 +1,6 @@
package:
name: victoriametrics-operator
- version: 0.48.4
+ version: 0.49.1
epoch: 0
description: Kubernetes operator for Victoria Metrics
copyright:
@@ -9,7 +9,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: c79edbaff0c5ce4f2ae9bc5646bbcb45487fbec2
+ expected-commit: 593d5237127af436087245a036970145ef4042f4
repository: https://github.com/VictoriaMetrics/operator
tag: v${{package.version}}
diff --git a/victoriametrics.yaml b/victoriametrics.yaml
index abb4ba2e350..e409dea83a0 100644
--- a/victoriametrics.yaml
+++ b/victoriametrics.yaml
@@ -1,6 +1,6 @@
package:
name: victoriametrics
- version: 1.105.0
+ version: 1.106.0
epoch: 0
description: VictoriaMetrics is a fast, cost-effective, and scalable monitoring solution and time series database designed for high performance and reliability. It supports both single-server and clustered installations, providing flexibility for various deployment needs, and integrates well with tools like Grafana for data visualization.
copyright:
@@ -16,7 +16,7 @@ data:
pipeline:
- uses: git-checkout
with:
- expected-commit: 05f6ea621d814e030c0eb738b712ce546cb5c59e
+ expected-commit: 371e193279f900ad45bba588be41d73663d963f3
repository: https://github.com/VictoriaMetrics/VictoriaMetrics
tag: v${{package.version}}
diff --git a/vim.yaml b/vim.yaml
index f241546ede1..2565ebf7a09 100644
--- a/vim.yaml
+++ b/vim.yaml
@@ -1,6 +1,6 @@
package:
name: vim
- version: 9.1.0836
+ version: 9.1.0867
epoch: 0
description: "Improved vi-style text editor"
copyright:
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/vim/vim
tag: v${{package.version}}
- expected-commit: a54816b884157f6b7973a188f85c708d15cbf72f
+ expected-commit: 5c66e23c624717216d380d938d0bba5d34a004fe
- runs: |
# vim seems to manually set FORTIFY_SOURCE=1, and setting both breaks the build
diff --git a/vite.yaml b/vite.yaml
index 9576451febe..bdba4464ac8 100644
--- a/vite.yaml
+++ b/vite.yaml
@@ -1,6 +1,6 @@
package:
name: vite
- version: 5.4.10
+ version: 5.4.11
epoch: 0
description: Vite (French word for "quick", pronounced /vit/, like "veet") is a build tool that aims to provide a faster and leaner development experience for modern web projects.
copyright:
diff --git a/vitess-20.0.yaml b/vitess-20.0.yaml
index c86be0bb96d..d5005b77314 100644
--- a/vitess-20.0.yaml
+++ b/vitess-20.0.yaml
@@ -1,7 +1,7 @@
package:
name: vitess-20.0
- version: 20.0.2
- epoch: 2
+ version: 20.0.3
+ epoch: 0
description: Autoscaling components for Kubernetes
copyright:
- license: Apache-2.0
@@ -55,11 +55,7 @@ pipeline:
with:
repository: https://github.com/vitessio/vitess
tag: v${{package.version}}
- expected-commit: 2592c5932b3036647868299b6df76f8ef28dfbc8
-
- - uses: patch
- with:
- patches: mitigate-CVEs.patch
+ expected-commit: 6eddcaeac58bed83ebfa3b9ada903ddc8ff36ff6
- uses: go/bump
with:
diff --git a/vitess-20.0/mitigate-CVEs.patch b/vitess-20.0/mitigate-CVEs.patch
deleted file mode 100644
index 843a748ecbc..00000000000
--- a/vitess-20.0/mitigate-CVEs.patch
+++ /dev/null
@@ -1,76 +0,0 @@
-From 658569d183da84d55816c9ee599ac664224af036 Mon Sep 17 00:00:00 2001
-From: Dentrax
-Date: Fri, 18 Oct 2024 21:03:39 +0300
-Subject: [PATCH] mitigate CVEs
-
-Signed-off-by: Dentrax
----
- web/vtadmin/package-lock.json | 26 +++++++++++++-------------
- 1 file changed, 13 insertions(+), 13 deletions(-)
-
-diff --git a/web/vtadmin/package-lock.json b/web/vtadmin/package-lock.json
-index cda1061d5d..3e1ed7219f 100644
---- a/web/vtadmin/package-lock.json
-+++ b/web/vtadmin/package-lock.json
-@@ -14130,9 +14130,9 @@
- }
- },
- "node_modules/path-to-regexp": {
-- "version": "6.2.2",
-- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.2.2.tgz",
-- "integrity": "sha512-GQX3SSMokngb36+whdpRXE+3f9V8UzyAorlYvOGx87ufGHehNTn5lCxrKtLyZ4Yl/wEKnNnr98ZzOwwDZV5ogw==",
-+ "version": "6.3.0",
-+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-6.3.0.tgz",
-+ "integrity": "sha512-Yhpw4T9C6hPpgPeA28us07OJeqZ5EzQTkbfwuhsUg0c237RomFoETJgmp2sa3F/41gfLE6G5cqcYwznmeEeOlQ==",
- "dev": true
- },
- "node_modules/path-type": {
-@@ -15538,9 +15538,9 @@
- "integrity": "sha512-D2S+3GLxWH+uhrNEcoh/fnmYeP8E8/zHl644d/jdA0g2uyXvy3sb0qxotE+ne0LtccHknQzWwZEzhak7oJ0COQ=="
- },
- "node_modules/react-router/node_modules/path-to-regexp": {
-- "version": "1.8.0",
-- "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.8.0.tgz",
-- "integrity": "sha512-n43JRhlUKUAlibEJhPeir1ncUID16QnEjNpwzNdO3Lm4ywrBpBZ5oLD0I6br9evr1Y9JTqwRtAh7JLoOzAQdVA==",
-+ "version": "1.9.0",
-+ "resolved": "https://registry.npmjs.org/path-to-regexp/-/path-to-regexp-1.9.0.tgz",
-+ "integrity": "sha512-xIp7/apCFJuUHdDLWe8O1HIkb0kQrOMb/0u6FXQjemHn/ii5LrIzU6bdECnsiTF/GjZkMEKg1xdiZwNqDYlZ6g==",
- "dependencies": {
- "isarray": "0.0.1"
- }
-@@ -16009,9 +16009,9 @@
- "integrity": "sha512-IXgzBWvWQwE6PrDI05OvmXUIruQTcoMDzRsOd5CDvHCVLcLHMTSYvOK5Cm46kWqlV3yAbuSpBZdJ5oP5OUoStg=="
- },
- "node_modules/rollup": {
-- "version": "3.29.4",
-- "resolved": "https://registry.npmjs.org/rollup/-/rollup-3.29.4.tgz",
-- "integrity": "sha512-oWzmBZwvYrU0iJHtDmhsm662rC15FRXmcjCk1xD771dFDx5jJ02ufAQQTn0etB2emNk4J9EZg/yWKpsn9BWGRw==",
-+ "version": "3.29.5",
-+ "resolved": "https://registry.npmjs.org/rollup/-/rollup-3.29.5.tgz",
-+ "integrity": "sha512-GVsDdsbJzzy4S/v3dqWPJ7EfvZJfCHiDqe80IyrF59LYuP+e6U1LJoUqeuqRbwAWoMNoXivMNeNAOf5E22VA1w==",
- "dev": true,
- "bin": {
- "rollup": "dist/bin/rollup"
-@@ -17768,9 +17768,9 @@
- }
- },
- "node_modules/vite-plugin-eslint/node_modules/rollup": {
-- "version": "2.79.1",
-- "resolved": "https://registry.npmjs.org/rollup/-/rollup-2.79.1.tgz",
-- "integrity": "sha512-uKxbd0IhMZOhjAiD5oAFp7BqvkA4Dv47qpOCtaNvng4HBwdbWtdOh8f5nZNuk2rp51PMGk3bzfWu5oayNEuYnw==",
-+ "version": "2.79.2",
-+ "resolved": "https://registry.npmjs.org/rollup/-/rollup-2.79.2.tgz",
-+ "integrity": "sha512-fS6iqSPZDs3dr/y7Od6y5nha8dW1YnbgtsyotCVvoFGKbERG++CVRFv1meyGDE1SNItQA8BrnCw7ScdAhRJ3XQ==",
- "dev": true,
- "bin": {
- "rollup": "dist/bin/rollup"
-@@ -18312,4 +18312,4 @@
- }
- }
- }
--}
-+}
-\ No newline at end of file
---
-2.39.3 (Apple Git-146)
-
diff --git a/volume-modifier-for-k8s.yaml b/volume-modifier-for-k8s.yaml
index 2f746eee414..0ee5628d994 100644
--- a/volume-modifier-for-k8s.yaml
+++ b/volume-modifier-for-k8s.yaml
@@ -1,6 +1,6 @@
package:
name: volume-modifier-for-k8s
- version: 0.3.2
+ version: 0.4.0
epoch: 0
description: volume-modifier-for-k8s is a sidecar deployed alongside CSI drivers to enable volume modification through annotations on the PVC.
copyright:
@@ -15,7 +15,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 25bb74de6d8a24145cda799bc8d99b51601519ab
+ expected-commit: 5eb7d23f72d688ae0b7d9db8019d3371f4e93289
repository: https://github.com/awslabs/volume-modifier-for-k8s
tag: v${{package.version}}
diff --git a/wash.yaml b/wash.yaml
index 7d64778d636..56a9851b9dc 100644
--- a/wash.yaml
+++ b/wash.yaml
@@ -1,7 +1,7 @@
package:
name: wash
version: 0.36.1
- epoch: 1
+ epoch: 2
description: "WAsmcloud SHell - a comprehensive command-line tool for wasmCloud development"
copyright:
- license: Apache-2.0
diff --git a/wash/cargobump-deps.yaml b/wash/cargobump-deps.yaml
index 8b011296632..6b116623c21 100644
--- a/wash/cargobump-deps.yaml
+++ b/wash/cargobump-deps.yaml
@@ -1,3 +1,7 @@
packages:
- name: wasmtime
- version: 25.0.2
+ version: 25.0.3
+ - name: cap-primitives
+ version: 3.4.1
+ - name: cap-std
+ version: 3.4.1
diff --git a/wasm-pack.yaml b/wasm-pack.yaml
index a7a2a596433..e4a3dbb8ac0 100644
--- a/wasm-pack.yaml
+++ b/wasm-pack.yaml
@@ -1,7 +1,7 @@
package:
name: wasm-pack
- version: 0.13.0
- epoch: 1
+ version: 0.13.1
+ epoch: 0
description: rust to wasm build tool
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ pipeline:
- uses: git-checkout
with:
repository: https://github.com/rustwasm/wasm-pack
- expected-commit: cbe074a60755304cfe3b23901182061bc7528e79
+ expected-commit: 24bdca457abad34e444912e6165eb71422a51046
tag: v${{package.version}}
- runs: |
diff --git a/wasm-tools.yaml b/wasm-tools.yaml
index 798d2901a27..a70b8401d74 100644
--- a/wasm-tools.yaml
+++ b/wasm-tools.yaml
@@ -1,7 +1,7 @@
package:
name: wasm-tools
- version: 1.219.1
- epoch: 1
+ version: 1.220.0
+ epoch: 0
description: "Low level tooling for WebAssembly in Rust"
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/bytecodealliance/wasm-tools
tag: v${{package.version}}
- expected-commit: 91be0bbc8c5df685a74d87295e9cfff0be9c07c7
+ expected-commit: aab1ac81bb31762509b5ea4b39973070725b5d73
- name: Configure and build
runs: |
diff --git a/wasmcloud.yaml b/wasmcloud.yaml
index 3b58097120d..bc30f9e01a3 100644
--- a/wasmcloud.yaml
+++ b/wasmcloud.yaml
@@ -1,7 +1,7 @@
package:
name: wasmcloud
- version: 1.4.0
- epoch: 1
+ version: 1.4.2
+ epoch: 0
description: "wasmCloud allows for simple, secure, distributed application development using WebAssembly components and capability providers."
copyright:
- license: Apache-2.0
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/wasmCloud/wasmCloud
tag: v${{package.version}}
- expected-commit: 34b8064fe173599d299855514a132646df131ba7
+ expected-commit: acd6143f35ad25edf094e93d24118e2a8f13e1d8
- uses: rust/cargobump
diff --git a/wasmcloud/cargobump-deps.yaml b/wasmcloud/cargobump-deps.yaml
index ed7a98a59cf..fddc93910c4 100644
--- a/wasmcloud/cargobump-deps.yaml
+++ b/wasmcloud/cargobump-deps.yaml
@@ -2,4 +2,8 @@ packages:
- name: quinn-proto
version: 0.11.7
- name: wasmtime
- version: 25.0.2
+ version: 25.0.3
+ - name: cap-primitives
+ version: 3.4.1
+ - name: cap-std
+ version: 3.4.1
diff --git a/wasmer.yaml b/wasmer.yaml
index 7fcbb4bc59b..f57653d6fe0 100644
--- a/wasmer.yaml
+++ b/wasmer.yaml
@@ -1,7 +1,7 @@
package:
name: wasmer
- version: 5.0.0
- epoch: 1
+ version: 5.0.1
+ epoch: 0
description: The leading WebAssembly Runtime supporting WASI and Emscripten.
copyright:
- license: MIT
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/wasmerio/wasmer
tag: v${{package.version}}
- expected-commit: 49b1fcc98e739b4cf5b9d6200397a472d9233de9
+ expected-commit: 19db01a1fe6065f8db952e5274b996031f9617ac
- runs: |
make build-wasmer build-capi
diff --git a/wasmtime.yaml b/wasmtime.yaml
index 2ad4225607b..d80e5b95b7e 100644
--- a/wasmtime.yaml
+++ b/wasmtime.yaml
@@ -1,7 +1,7 @@
package:
name: wasmtime
- version: 26.0.0
- epoch: 1
+ version: 26.0.1
+ epoch: 0
description: "A fast and secure runtime for WebAssembly"
copyright:
- license: Apache-2.0
@@ -23,7 +23,7 @@ pipeline:
with:
repository: https://github.com/bytecodealliance/wasmtime
tag: v${{package.version}}
- expected-commit: c92317bcc9f84ef2dd8958e97d6e45c2b3fcece8
+ expected-commit: c138e08bfbe09b96a58bf409ee98244fa715988e
- name: Configure and build
runs: |
diff --git a/wavefront-proxy.yaml b/wavefront-proxy.yaml
index abe6b6ef16e..147b6e11149 100644
--- a/wavefront-proxy.yaml
+++ b/wavefront-proxy.yaml
@@ -1,7 +1,7 @@
package:
name: wavefront-proxy
version: "13.7" # When version is bumped, check if patches are still needed to address CVE-2023-1428
- epoch: 2
+ epoch: 3
description: Wavefront Proxy Project
copyright:
- license: Apache-2.0
diff --git a/wavefront-proxy/proxy/pombump-deps.yaml b/wavefront-proxy/proxy/pombump-deps.yaml
index 73166033326..e5e731f8bbd 100644
--- a/wavefront-proxy/proxy/pombump-deps.yaml
+++ b/wavefront-proxy/proxy/pombump-deps.yaml
@@ -1,40 +1,37 @@
patches:
- # Fixes CVE-2024-26308
- - groupId: org.apache.commons
- artifactId: commons-compress
- version: 1.26.0
- scope: import
- type: jar
- # Fixes CVE-2023-1428
- - groupId: io.grpc
- artifactId: grpc-protobuf
- version: 1.53.0
- scope: import
- type: jar
- # Fixes GHSA-5jpm-x58v-624v
- - groupId: io.netty
- artifactId: netty-bom
- version: 4.1.109.Final
- scope: import
- type: jar
- - groupId: com.squareup.okio
- artifactId: okio
- version: 3.4.0
- scope: import
- type: jar
- # Fixes CVE-2024-21634
- - groupId: com.amazonaws
- artifactId: aws-java-sdk-sqs
- version: 1.12.725
- scope: compile
- type: jar
- # Fixes GHSA-735f-pc8j-v9w8
- - groupId: com.google.protobuf
- artifactId: protobuf-bom
- version: 3.25.5
- scope: import
- type: pom
- # Fixes GHSA-r7pg-v2c8-mfg3
- - groupId: org.apache.avro
- artifactId: avro
- version: 1.11.4
+ - groupId: org.apache.commons
+ artifactId: commons-compress
+ version: 1.26.0
+ scope: import
+ type: jar
+ - groupId: io.grpc
+ artifactId: grpc-protobuf
+ version: 1.53.0
+ scope: import
+ type: jar
+ - groupId: io.netty
+ artifactId: netty-bom
+ version: 4.1.109.Final
+ scope: import
+ type: jar
+ - groupId: com.squareup.okio
+ artifactId: okio
+ version: 3.4.0
+ scope: import
+ type: jar
+ - groupId: com.amazonaws
+ artifactId: aws-java-sdk-sqs
+ version: 1.12.725
+ scope: compile
+ type: jar
+ - groupId: com.google.protobuf
+ artifactId: protobuf-bom
+ version: 3.25.5
+ scope: import
+ type: pom
+ - groupId: org.apache.avro
+ artifactId: avro
+ version: 1.11.4
+ - groupId: io.netty
+ artifactId: netty-common
+ version: 4.1.115.Final
diff --git a/weaviate.yaml b/weaviate.yaml
index fee68d58875..a07c6b219a0 100644
--- a/weaviate.yaml
+++ b/weaviate.yaml
@@ -1,7 +1,7 @@
package:
name: weaviate
- version: 1.27.1
- epoch: 1
+ version: 1.27.3
+ epoch: 0
description: Weaviate is an open source vector database that stores both objects and vectors, allowing for combining vector search with structured filtering with the fault-tolerance and scalability of a cloud-native database, all accessible through GraphQL, REST, and various language clients.
copyright:
- license: BSD-3-Clause
@@ -17,7 +17,7 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 05de0dbea192d8ea59b9408707f0d536f4081b8f
+ expected-commit: 4258bdfc28dd2768db02ce36686404baf8b99439
repository: https://github.com/weaviate/weaviate
tag: v${{package.version}}
diff --git a/wget.yaml b/wget.yaml
index 2bb72ffe144..af634518ea5 100644
--- a/wget.yaml
+++ b/wget.yaml
@@ -1,7 +1,7 @@
package:
name: wget
- version: 1.24.5
- epoch: 5
+ version: 1.25.0
+ epoch: 0
description: "GNU wget"
copyright:
- license: MPL-2.0 AND MIT
@@ -19,7 +19,7 @@ pipeline:
- uses: fetch
with:
uri: https://ftp.gnu.org/gnu/wget/wget-${{package.version}}.tar.gz
- expected-sha256: fa2dc35bab5184ecbc46a9ef83def2aaaa3f4c9f3c97d4bd19dcb07d4da637de
+ expected-sha256: 766e48423e79359ea31e41db9e5c289675947a7fcf2efdcedb726ac9d0da3784
- runs: |
./configure \
diff --git a/wit-bindgen.yaml b/wit-bindgen.yaml
index 1776edf164c..b9da47c6006 100644
--- a/wit-bindgen.yaml
+++ b/wit-bindgen.yaml
@@ -1,7 +1,7 @@
package:
name: wit-bindgen
- version: 0.34.0
- epoch: 1
+ version: 0.35.0
+ epoch: 0
description: "A language binding generator for WebAssembly interface types"
copyright:
- license: Apache-2.0
@@ -22,7 +22,7 @@ pipeline:
with:
repository: https://github.com/bytecodealliance/wit-bindgen
tag: v${{package.version}}
- expected-commit: 98b26cf9e011940b008351b93e7098dab1a5ff86
+ expected-commit: af2d6e8d9086efbe00258bbdac4767a46ae9ee53
- name: Configure and build
runs: |
diff --git a/wizer.yaml b/wizer.yaml
index e94f6b69d0a..da58279d93c 100644
--- a/wizer.yaml
+++ b/wizer.yaml
@@ -1,7 +1,7 @@
package:
name: wizer
version: 7.0.5
- epoch: 2
+ epoch: 3
description: "The WebAssembly Pre-Initializer"
copyright:
- license: Apache-2.0
diff --git a/wizer/cargobump-deps.yaml b/wizer/cargobump-deps.yaml
index d0f0b70e1f2..dc6554ba511 100644
--- a/wizer/cargobump-deps.yaml
+++ b/wizer/cargobump-deps.yaml
@@ -1,3 +1,7 @@
packages:
- name: wasmtime
version: 23.0.3
+ - name: cap-primitives
+ version: 3.4.1
+ - name: cap-std
+ version: 3.4.1
diff --git a/wolfictl.yaml b/wolfictl.yaml
index b6ca3daac9a..f8d36214217 100644
--- a/wolfictl.yaml
+++ b/wolfictl.yaml
@@ -1,6 +1,6 @@
package:
name: wolfictl
- version: 0.24.9
+ version: 0.24.10
epoch: 0
description: Helper CLI for managing Wolfi
copyright:
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/wolfi-dev/wolfictl
tag: v${{package.version}}
- expected-commit: d40e90299405bf9afd0b0dbc3373487844d0e98b
+ expected-commit: 87e103dfc1ee88bbe0709f0d4a828780893be5ca
- uses: go/build
with:
diff --git a/wordpress.yaml b/wordpress.yaml
index d4764401449..f48acb49267 100644
--- a/wordpress.yaml
+++ b/wordpress.yaml
@@ -1,6 +1,6 @@
package:
name: wordpress
- version: 6.6.2
+ version: "6.7"
epoch: 0
description: "The Open Source Publishing Platform"
copyright:
@@ -21,7 +21,7 @@ pipeline:
with:
repository: https://github.com/wordpress/wordpress
tag: ${{package.version}}
- expected-commit: 00a39b7510b97b76c86768b0c0ba4ecb9797534b
+ expected-commit: 7766f0a793653329067bd50874872cc363af4461
destination: "${{targets.destdir}}/usr/src/wordpress"
subpackages:
diff --git a/xcaddy.yaml b/xcaddy.yaml
index 11604b3c3ef..8390467d462 100644
--- a/xcaddy.yaml
+++ b/xcaddy.yaml
@@ -1,7 +1,7 @@
package:
name: xcaddy
- version: 0.4.2
- epoch: 3
+ version: 0.4.4
+ epoch: 0
description: Build Caddy with plugins
copyright:
- license: Apache-2.0
@@ -9,7 +9,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: d7277dbc5dad26d22ea8e77fba92943c508c9b0f
+ expected-commit: c548f44e2d9290d6c490868336699d65f43dd36e
repository: https://github.com/caddyserver/xcaddy
tag: v${{package.version}}
diff --git a/xorg-server.yaml b/xorg-server.yaml
index dfc6a78eac1..3a1f4ec81ad 100644
--- a/xorg-server.yaml
+++ b/xorg-server.yaml
@@ -1,7 +1,7 @@
package:
name: xorg-server
version: 21.1.14
- epoch: 2
+ epoch: 4
description: "X Server"
copyright:
- license: SGI-B-2.0
@@ -40,7 +40,7 @@ environment:
- libxxf86vm-dev
- mesa-dev
- mesa-gbm
- - mesa-gl
+ - mesa-glx
- mesa-libgallium
- openssf-compiler-options
- openssl-dev
@@ -119,7 +119,7 @@ subpackages:
with:
repository: https://salsa.debian.org/xorg-team/xserver/xorg-server
branch: debian-unstable
- expected-commit: 1273445c1249e31beaa4e112d3f4b1b3dee76ab3
+ expected-commit: 8152a2a0ee4de01981730d944b31a8c42591572e
- working-directory: debian/local
pipeline:
- runs: |
diff --git a/xprop.yaml b/xprop.yaml
index 1aeba35ecac..e6661e216f3 100644
--- a/xprop.yaml
+++ b/xprop.yaml
@@ -1,7 +1,7 @@
package:
name: xprop
- version: 1.2.7
- epoch: 1
+ version: 1.2.8
+ epoch: 0
description: Property displayer for X
copyright:
- license: MIT
@@ -20,7 +20,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: 4436e3148bb91a162406230d9f736a49ca8b50b74790015dc15d78d6ce8e825f
+ expected-sha256: d689e2adb7ef7b439f6469b51cda8a7daefc83243854c2a3b8f84d0f029d67ee
uri: https://www.x.org/archive/individual/app/xprop-${{package.version}}.tar.xz
- uses: autoconf/configure
diff --git a/xtrans.yaml b/xtrans.yaml
index fef81dc4cb7..c1393639509 100644
--- a/xtrans.yaml
+++ b/xtrans.yaml
@@ -1,6 +1,6 @@
package:
name: xtrans
- version: 1.5.1
+ version: 1.5.2
epoch: 0
description: X transport library
copyright:
@@ -21,7 +21,7 @@ environment:
pipeline:
- uses: fetch
with:
- expected-sha256: dea80fbd8c3c941495b4b1d2785cb652815d016849a0d2ef90d1140de916993e
+ expected-sha256: 5c5cbfe34764a9131d048f03c31c19e57fb4c682d67713eab6a65541b4dff86c
uri: https://www.x.org/releases/individual/lib/xtrans-${{package.version}}.tar.xz
- uses: autoconf/configure
diff --git a/yq.yaml b/yq.yaml
index 990ba5b584b..c495af999b2 100644
--- a/yq.yaml
+++ b/yq.yaml
@@ -1,7 +1,7 @@
package:
name: yq
- version: 4.44.3
- epoch: 1
+ version: 4.44.5
+ epoch: 0
description: "yq is a portable command-line YAML, JSON, XML, CSV and properties processor"
copyright:
- license: Apache-2.0
@@ -11,7 +11,7 @@ pipeline:
with:
repository: https://github.com/mikefarah/yq
tag: v${{package.version}}
- expected-commit: bbdd97482f2d439126582a59689eb1c855944955
+ expected-commit: bc5b54cb1d1f720db16c9f75c5b45384d00e5cbf
- uses: go/build
with:
diff --git a/ytt.yaml b/ytt.yaml
index 2a4240fa6ea..03416c4d8bd 100644
--- a/ytt.yaml
+++ b/ytt.yaml
@@ -1,7 +1,7 @@
package:
name: ytt
- version: 0.50.0
- epoch: 1
+ version: 0.51.0
+ epoch: 0
description: YAML templating tool that works on YAML structure instead of text
copyright:
- license: Apache-2.0
@@ -9,7 +9,7 @@ package:
pipeline:
- uses: git-checkout
with:
- expected-commit: b60ca0d4900a558b1fa71d744ee095316d9b84e1
+ expected-commit: 64ec9d28dad3d698b19cec14b25df37bbf77d475
repository: https://github.com/carvel-dev/ytt
tag: v${{package.version}}
diff --git a/zarf.yaml b/zarf.yaml
index 17c12a26e97..339bc50d485 100644
--- a/zarf.yaml
+++ b/zarf.yaml
@@ -1,7 +1,7 @@
package:
name: zarf
- version: 0.42.1
- epoch: 1
+ version: 0.43.0
+ epoch: 0
description: DevSecOps for Air Gap & Limited-Connection Systems.
copyright:
- license: Apache-2.0
@@ -19,13 +19,13 @@ environment:
pipeline:
- uses: git-checkout
with:
- expected-commit: 1e906ffee49f31366fffc0150c85417e82ef5c38
+ expected-commit: 5943cea4366158847fafc63665c33147678ea47e
repository: https://github.com/zarf-dev/zarf
tag: v${{package.version}}
- uses: go/bump
with:
- deps: github.com/mholt/archiver/v3@v3.5.2
+ deps: github.com/mholt/archiver/v3@v3.5.2 github.com/golang-jwt/jwt/v4@v4.5.1
replaces: github.com/mholt/archiver/v3=github.com/anchore/archiver/v3@v3.5.2
show-diff: true
diff --git a/zed.yaml b/zed.yaml
index ea969ba8001..1446a010308 100644
--- a/zed.yaml
+++ b/zed.yaml
@@ -1,6 +1,6 @@
package:
name: zed
- version: 0.159.10
+ version: 0.161.2
epoch: 0
description: Code at the speed of thought – Zed is a high-performance, multiplayer code editor from the creators of Atom and Tree-sitter.
copyright:
@@ -40,7 +40,7 @@ pipeline:
with:
repository: https://github.com/zed-industries/zed
tag: v${{package.version}}
- expected-commit: 1ffb8f3ab8db156e8adf35178635a20862c818fe
+ expected-commit: d664f56fac161cec8b14d9093dc553c07936fe34
- uses: rust/cargobump
diff --git a/zed/cargobump-deps.yaml b/zed/cargobump-deps.yaml
index 6d19f52ce23..5e208afe9da 100644
--- a/zed/cargobump-deps.yaml
+++ b/zed/cargobump-deps.yaml
@@ -1,3 +1,7 @@
packages:
- name: wasmtime
- version: 24.0.1
+ version: 24.0.2
+ - name: cap-primitives
+ version: 3.4.1
+ - name: cap-std
+ version: 3.4.1
diff --git a/zeromq.yaml b/zeromq.yaml
index eeb8f12c46b..ad7f392da4e 100644
--- a/zeromq.yaml
+++ b/zeromq.yaml
@@ -1,7 +1,7 @@
package:
name: zeromq
version: 4.3.5
- epoch: 1
+ epoch: 2
description: The ZeroMQ messaging library and tools
copyright:
- license: MPL-2.0
@@ -14,6 +14,7 @@ environment:
- busybox
- ca-certificates-bundle
- libsodium-dev
+ - openssf-compiler-options
- perl
- util-linux-dev
- xmlto
@@ -24,16 +25,9 @@ pipeline:
expected-sha256: 6653ef5910f17954861fe72332e68b03ca6e4d9c7160eb3a8de5a5a913bfab43
uri: https://github.com/zeromq/libzmq/releases/download/v${{package.version}}/zeromq-${{package.version}}.tar.gz
- - runs: |
- ./configure \
- --build=$CBUILD \
- --host=$CHOST \
- --prefix=/usr \
- --sysconfdir=/etc \
- --mandir=/usr/share/man \
- --infodir=/usr/share/info \
- --with-libsodium \
- --disable-Werror
+ - uses: autoconf/configure
+ with:
+ opts: --with-libsodium --disable-Werror
- uses: autoconf/make
diff --git a/zot.yaml b/zot.yaml
index 5b5c6a62838..c84c5c36b0e 100644
--- a/zot.yaml
+++ b/zot.yaml
@@ -1,7 +1,7 @@
package:
name: zot
version: 2.1.1
- epoch: 4
+ epoch: 5
description: A production-ready vendor-neutral OCI-native container image registry (purely based on OCI Distribution Specification)
copyright:
- license: Apache-2.0
@@ -27,7 +27,7 @@ pipeline:
- uses: go/bump
with:
- deps: github.com/open-policy-agent/opa@v0.68.0 github.com/containers/common@v0.60.4
+ deps: github.com/open-policy-agent/opa@v0.68.0 github.com/containers/common@v0.60.4 github.com/golang-jwt/jwt/v4@v4.5.1
- runs: |
GOARCH=$(go env GOARCH)