Overview

Request 1101006 accepted

- Upgrade to version 1.0.0 (jsc#PED-5405)
* Improved flag parsing
* Added support for custom headers
- Build with Go 1.19
- Build using promu
- Add _service file
- Fix sandboxing options
- Upgrade to version 0.13.4
* Fix denial of service vulnerability
(CVE-2022-32149, bsc#1204501)
- Upgrade to version 0.13.3
* Fix uncontrolled resource consumption
(CVE-2022-41723, bsc#1208270)
- Upgrade to version 0.13.1
* Fix panic caused by missing flagConfig options

- Upgrade to version 0.13.0
* Fix authentication bypass vulnarability
(CVE-2022-46146, bsc#1208046)

Staging Bot's avatar
Staging Bot (staging-bot) -

@STorresi, @aeneas_jaissle, @aldemir_a, @bitshuffler, @bnicholes, @ciriarte, @dakechi, @darix, @deadpoint, @dstoecker, @ecsos, @jcavalheiro, @jubalh, @lrupp, @marostegui, @mcaj, @mge1512, @mnhauke, @mseben, @netmask, @peternixon, @psmt, @rhomann, @schubi2, @shapbot, @witekbedyk, @worldcitizen, @wrosenauer: review reminder

Marina Latini's avatar
Marina Latini (deneb_alpha) -

@witekbedyk:

what about:

+Source:         https://%{githubrepo}/archive/refs/tags/v%{version}.tar.gz#/%{upstreamname}-%{version}.tar.gz

Do you still need to keep the old name?

Witek Bedyk's avatar
Witek Bedyk (witekbedyk) -
author source maintainer target maintainer

I think I do. Otherwise I get:

error: File /home/abuild/rpmbuild/SOURCES/v1.0.0.tar.gz: No such file or directory

Dirk Stoecker's avatar
Dirk Stoecker (dstoecker) -
target maintainer

Doesn't build ATM. I think you need to download and add the missing file: "osc service runall download_files". Thought I find the error message a bit strange, maybe the service file still influences this? I understand the 4th service entry for the go modules, but aren't the first 3 superfluous when a proper source file is supplied?

Dirk Stoecker's avatar
Dirk Stoecker (dstoecker) -
target maintainer

That's the typical method used for the GitHub downloads.

Staging Bot's avatar
Staging Bot (staging-bot) -

@STorresi, @aeneas_jaissle, @aldemir_a, @bitshuffler, @bnicholes, @ciriarte, @dakechi, @darix, @deadpoint, @dstoecker, @ecsos, @jcavalheiro, @jubalh, @lrupp, @marostegui, @mcaj, @mge1512, @mnhauke, @mseben, @netmask, @peternixon, @psmt, @rhomann, @schubi2, @shapbot, @witekbedyk, @worldcitizen, @wrosenauer: review reminder

Witek Bedyk's avatar
Witek Bedyk (witekbedyk) -
author source maintainer target maintainer

I have now reverted the changes in my branched package and it builds correctly. I think the spec looks good now or is there anything I should change?

Request History
Witek Bedyk's avatar

witekbedyk created request

- Upgrade to version 1.0.0 (jsc#PED-5405)
* Improved flag parsing
* Added support for custom headers
- Build with Go 1.19
- Build using promu
- Add _service file
- Fix sandboxing options
- Upgrade to version 0.13.4
* Fix denial of service vulnerability
(CVE-2022-32149, bsc#1204501)
- Upgrade to version 0.13.3
* Fix uncontrolled resource consumption
(CVE-2022-41723, bsc#1208270)
- Upgrade to version 0.13.1
* Fix panic caused by missing flagConfig options

- Upgrade to version 0.13.0
* Fix authentication bypass vulnarability
(CVE-2022-46146, bsc#1208046)

Witek Bedyk's avatar

witekbedyk accepted request

Self-accepting. Package builds on all SUMA supported versions and works as expected.

openSUSE Build Service is sponsored by
Places