Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package lychee for openSUSE:Factory checked
in at 2025-06-17 18:23:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lychee (Old)
and /work/SRC/openSUSE:Factory/.lychee.new.19631 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "lychee"
Tue Jun 17 18:23:42 2025 rev:8 rq:1286319 version:0.19.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/lychee/lychee.changes 2025-06-12
15:54:36.896558065 +0200
+++ /work/SRC/openSUSE:Factory/.lychee.new.19631/lychee.changes 2025-06-17
18:24:33.296126667 +0200
@@ -1,0 +2,9 @@
+Tue Jun 17 09:19:38 UTC 2025 - Alessio Biancalana <dottorblas...@opensuse.org>
+
+- Update to version 0.19.1:
+ * chore: release v0.19.1 (#1726)
+ * fix: skip the fragment check if the uri doesn't contain fragment (#1730)
+ * Don't echo potentially sensitive header data (#1728)
+ * Update changelog
+
+-------------------------------------------------------------------
Old:
----
lychee-0.19.0~0.tar.zst
New:
----
lychee-0.19.1.tar.zst
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ lychee.spec ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old 2025-06-17 18:24:34.876192369 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new 2025-06-17 18:24:34.880192535 +0200
@@ -17,7 +17,7 @@
Name: lychee
-Version: 0.19.0~0
+Version: 0.19.1
Release: 0
Summary: Fast, async, stream-based link checker written in Rust
License: Apache-2.0 OR MIT
++++++ _service ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old 2025-06-17 18:24:34.908193699 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new 2025-06-17 18:24:34.912193865 +0200
@@ -1,14 +1,14 @@
<services>
<service mode="disabled" name="obs_scm">
<param name="url">https://github.com/lycheeverse/lychee.git</param>
- <param name="versionformat">@PARENT_TAG@~@TAG_OFFSET@</param>
+ <param name="versionformat">@PARENT_TAG@</param>
<param name="scm">git</param>
- <param name="revision">lychee-v0.19.0</param>
+ <param name="revision">lychee-v0.19.1</param>
<param name="match-tag">*</param>
<param name="versionrewrite-pattern">lychee-v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
<param name="changesgenerate">enable</param>
- <param name="changesauthor">alessio.biancal...@suse.com</param>
+ <param name="changesauthor">dottorblas...@opensuse.org</param>
</service>
<service mode="disabled" name="tar" />
<service mode="disabled" name="recompress">
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old 2025-06-17 18:24:34.932194697 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new 2025-06-17 18:24:34.936194863 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/lycheeverse/lychee.git</param>
- <param
name="changesrevision">639c74e392a025158eb5c30655fb543c05cd33b7</param></service></servicedata>
+ <param
name="changesrevision">3592972d6462ceb6081c3945cc43121bc3ce2039</param></service></servicedata>
(No newline at EOF)
++++++ lychee-0.19.0~0.tar.zst -> lychee-0.19.1.tar.zst ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/Cargo.lock
new/lychee-0.19.1/Cargo.lock
--- old/lychee-0.19.0~0/Cargo.lock 2025-06-11 16:04:34.000000000 +0200
+++ new/lychee-0.19.1/Cargo.lock 2025-06-16 13:56:32.000000000 +0200
@@ -2490,7 +2490,7 @@
[[package]]
name = "lychee"
-version = "0.19.0"
+version = "0.19.1"
dependencies = [
"anyhow",
"assert-json-diff",
@@ -2538,7 +2538,7 @@
[[package]]
name = "lychee-lib"
-version = "0.19.0"
+version = "0.19.1"
dependencies = [
"async-stream",
"async-trait",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/Cargo.toml
new/lychee-0.19.1/Cargo.toml
--- old/lychee-0.19.0~0/Cargo.toml 2025-06-11 16:04:34.000000000 +0200
+++ new/lychee-0.19.1/Cargo.toml 2025-06-16 13:56:32.000000000 +0200
@@ -3,7 +3,7 @@
resolver = "2"
[workspace.package]
-version = "0.19.0"
+version = "0.19.1"
[profile.release]
debug = true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/CHANGELOG.md
new/lychee-0.19.1/lychee-bin/CHANGELOG.md
--- old/lychee-0.19.0~0/lychee-bin/CHANGELOG.md 2025-06-11 16:04:34.000000000
+0200
+++ new/lychee-0.19.1/lychee-bin/CHANGELOG.md 2025-06-16 13:56:32.000000000
+0200
@@ -7,53 +7,54 @@
## [Unreleased]
+##
[0.19.1](https://github.com/lycheeverse/lychee/compare/lychee-v0.19.0...lychee-v0.19.1)
- 2025-06-16
+
+### Other
+
+- Don't echo potentially sensitive header data
([#1728](https://github.com/lycheeverse/lychee/pull/1728))
+- Update changelog
+
##
[0.19.0](https://github.com/lycheeverse/lychee/compare/lychee-v0.18.1...lychee-v0.19.0)
- 2025-06-11
+Most notably with this release the deprecated `--exclude-mail` flag was
removed and the behavior of the `--accept` flag was updated. Previously, status
codes such as `200 OK` were always accepted. Now they are only accepted by
default. This means providing the argument `--accept 201` now rejects status
code `200 OK`.
+
### Added
-- raise error when the default config file is invalid
([#1715](https://github.com/lycheeverse/lychee/pull/1715))
-- detect website fragments
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Raise error when the default config file is invalid
([#1715](https://github.com/lycheeverse/lychee/pull/1715))
+- Detect website fragments
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Move archive functionality to library
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
+- Add TLS version option
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
+- Add FreeBSD-Ask to users
([#1662](https://github.com/lycheeverse/lychee/pull/1662))
+- Add support for custom file extensions in link checking.
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
+- Add support for custom headers in input processing
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
+- Add possible values for minimum TLS version in help message
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
### Fixed
-- only check the fragment when it's a file
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Only check fragments inside files
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Update --accept behaviour (https://github.com/lycheeverse/lychee/issues/1661)
+- Allow header values that contain equal signs
([#1647](https://github.com/lycheeverse/lychee/pull/1647))
### Other
-- Add cli test
-- Use StatusCodeSelector default as default accepted StatusCodes
-- Update tests
-- Remove duplicated information from output
-- Update test
-- Update test
-- Move archive functionality to library
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
+- Remove deprecated `--exclude-mail` flag
([#1669](https://github.com/lycheeverse/lychee/issues/1669))
- Bump the dependencies group across 1 directory with 3 updates
([#1714](https://github.com/lycheeverse/lychee/pull/1714))
- Upgrade to 2024 edition
([#1711](https://github.com/lycheeverse/lychee/pull/1711))
- Fix `test_exclude_example_domains`
([#1712](https://github.com/lycheeverse/lychee/pull/1712))
-- Add support for custom headers in input processing
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
- Fix lints ([#1705](https://github.com/lycheeverse/lychee/pull/1705))
-- Remove flag
- Bump the dependencies group with 2 updates
-- Add possible values for minimum TLS version in help message
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
-- Add TLS version option
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
- Bump the dependencies group across 1 directory with 11 updates
([#1692](https://github.com/lycheeverse/lychee/pull/1692))
- Specify MSRV ([#1676](https://github.com/lycheeverse/lychee/pull/1676))
-- Fix outdated link
-- Remove once_cell as direct dependency
- Make clippy happy ([#1681](https://github.com/lycheeverse/lychee/pull/1681))
- Bump the dependencies group with 3 updates
([#1670](https://github.com/lycheeverse/lychee/pull/1670))
- Fix accept/exclude range syntax and docs
([#1668](https://github.com/lycheeverse/lychee/pull/1668))
-- Add FreeBSD-Ask to users
([#1662](https://github.com/lycheeverse/lychee/pull/1662))
- Bump the dependencies group with 4 updates
([#1664](https://github.com/lycheeverse/lychee/pull/1664))
-- Allow header values that contain equal signs
([#1647](https://github.com/lycheeverse/lychee/pull/1647))
- Bump the dependencies group with 11 updates
([#1656](https://github.com/lycheeverse/lychee/pull/1656))
- Bump the dependencies group across 1 directory with 14 updates
([#1653](https://github.com/lycheeverse/lychee/pull/1653))
-- Add support for custom file extensions in link checking.
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
- Format Markdown URLs with `<>` instead of `[]()`
([#1638](https://github.com/lycheeverse/lychee/pull/1638))
- Bump the dependencies group across 1 directory with 21 updates
([#1643](https://github.com/lycheeverse/lychee/pull/1643))
-- add tests for URL extraction ending with a period
([#1641](https://github.com/lycheeverse/lychee/pull/1641))
-- renamed `base` to `base_url` (fixes #1607)
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
-- Sort compact/detailed/markdown error output by file path
([#1622](https://github.com/lycheeverse/lychee/pull/1622))
+- Add tests for URL extraction ending with a period
([#1641](https://github.com/lycheeverse/lychee/pull/1641))
+- Renamed `base` to `base_url` (fixes #1607)
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
##
[0.18.1](https://github.com/lycheeverse/lychee/compare/lychee-v0.18.0...lychee-v0.18.1)
- 2025-02-06
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/Cargo.toml
new/lychee-0.19.1/lychee-bin/Cargo.toml
--- old/lychee-0.19.0~0/lychee-bin/Cargo.toml 2025-06-11 16:04:34.000000000
+0200
+++ new/lychee-0.19.1/lychee-bin/Cargo.toml 2025-06-16 13:56:32.000000000
+0200
@@ -15,7 +15,7 @@
[dependencies]
# NOTE: We need to specify the version of lychee-lib here because crates.io
# requires all dependencies to have a version number.
-lychee-lib = { path = "../lychee-lib", version = "0.19.0", default-features =
false }
+lychee-lib = { path = "../lychee-lib", version = "0.19.1", default-features =
false }
anyhow = "1.0.98"
assert-json-diff = "2.0.2"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/src/options.rs
new/lychee-0.19.1/lychee-bin/src/options.rs
--- old/lychee-0.19.0~0/lychee-bin/src/options.rs 2025-06-11
16:04:34.000000000 +0200
+++ new/lychee-0.19.1/lychee-bin/src/options.rs 2025-06-16 13:56:32.000000000
+0200
@@ -212,19 +212,24 @@
///
/// If the header contains multiple colons, the part after the first colon is
/// considered the value.
+///
+/// # Errors
+///
+/// This fails if the header does not contain exactly one `:` character or
+/// if the header name contains non-ASCII characters.
fn parse_single_header(header: &str) -> Result<(HeaderName, HeaderValue)> {
let parts: Vec<&str> = header.splitn(2, ':').collect();
match parts.as_slice() {
[name, value] => {
- let name = HeaderName::from_bytes(name.trim().as_bytes())
- .map_err(|e| anyhow!("Invalid header name '{}': {}",
name.trim(), e))?;
- let value = HeaderValue::from_str(value.trim())
- .map_err(|e| anyhow!("Invalid header value '{}': {}",
value.trim(), e))?;
+ let name = HeaderName::from_str(name.trim())
+ .map_err(|e| anyhow!("Unable to convert header name '{}': {}",
name.trim(), e))?;
+ let value = HeaderValue::from_str(value.trim()).map_err(|e| {
+ anyhow!("Unable to read value of header with name '{}': {}",
name, e)
+ })?;
Ok((name, value))
}
_ => Err(anyhow!(
- "Invalid header format. Expected colon-separated string in the
format 'HeaderName: HeaderValue', got '{}'",
- header
+ "Invalid header format. Expected colon-separated string in the
format 'HeaderName: HeaderValue'"
)),
}
}
@@ -871,6 +876,18 @@
}
#[test]
+ /// We should not reveal potentially sensitive data contained in the
headers.
+ /// See: [#1297](https://github.com/lycheeverse/lychee/issues/1297)
+ fn test_does_not_echo_sensitive_data() {
+ let error = parse_single_header("My-Headerš£: secret")
+ .expect_err("Should not allow unicode as key");
+ assert!(!error.to_string().contains("secret"));
+
+ let error = parse_single_header("secret").expect_err("Should fail when
no `:` given");
+ assert!(!error.to_string().contains("secret"));
+ }
+
+ #[test]
fn test_header_parsing_and_merging() {
// Simulate commandline arguments with multiple headers
let args = vec![
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-lib/CHANGELOG.md
new/lychee-0.19.1/lychee-lib/CHANGELOG.md
--- old/lychee-0.19.0~0/lychee-lib/CHANGELOG.md 2025-06-11 16:04:34.000000000
+0200
+++ new/lychee-0.19.1/lychee-lib/CHANGELOG.md 2025-06-16 13:56:32.000000000
+0200
@@ -7,43 +7,38 @@
## [Unreleased]
+##
[0.19.1](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.19.0...lychee-lib-v0.19.1)
- 2025-06-16
+
+### Fixed
+
+- skip the fragment check if the uri doesn't contain fragment
([#1730](https://github.com/lycheeverse/lychee/pull/1730))
+
+### Other
+
+- Update changelog
+
##
[0.19.0](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.18.1...lychee-lib-v0.19.0)
- 2025-06-11
### Added
-- respect the `disabled` property for stylesheet links
([#1716](https://github.com/lycheeverse/lychee/pull/1716))
-- detect website fragments
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Respect the `disabled` property for stylesheet links
([#1716](https://github.com/lycheeverse/lychee/pull/1716))
+- Detect website fragments
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
### Fixed
-- only check the fragment when it's a file
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
-- ignore gitlab table of content in wikilinks
([#1710](https://github.com/lycheeverse/lychee/pull/1710))
+- Only check the fragment when it's a file
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Ignore gitlab table of content in wikilinks
([#1710](https://github.com/lycheeverse/lychee/pull/1710))
### Other
-- Add explanation
-- Fix grammar
-- Update docs
-- Extract DEFAULT_ACCEPTED_STATUS_CODES & apply clippy's suggestions
-- Use StatusCodeSelector default as default accepted StatusCodes
-- Tiny improvements
-- Remove dbg macro
-- Pass accepted values by reference
-- Make accepted codes non-optional
-- Handle rejected TOO_MANY_REQUESTS
-- Update Status::code
-- Remove duplicated information from output
-- Change usage of ErrorKind::NetworkRequest, as it no longer represents
rejected status codes
-- Update doc comment
-- Make error message more user-friendly
-- Remove hardcoded rule for handling erroneous status codes differently
+- Update --accept behaviour
[#1661](https://github.com/lycheeverse/lychee/issues/1661)
- Move archive functionality to library
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
- Bump the dependencies group across 1 directory with 3 updates
([#1714](https://github.com/lycheeverse/lychee/pull/1714))
- Upgrade to 2024 edition
([#1711](https://github.com/lycheeverse/lychee/pull/1711))
- Add support for custom headers in input processing
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
- Fix lints ([#1705](https://github.com/lycheeverse/lychee/pull/1705))
-- Remove flag
-- detect wikilinks, prevent plaintext extraction from links #1650
([#1679](https://github.com/lycheeverse/lychee/pull/1679))
+- Remove deprecated `--exclude-mail` flag
([#1669](https://github.com/lycheeverse/lychee/issues/1669))
+- Detect wikilinks, prevent plaintext extraction from links #1650
([#1679](https://github.com/lycheeverse/lychee/pull/1679))
- Bump the dependencies group with 2 updates
- Add possible values for minimum TLS version in help message
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
- Add TLS version option
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
@@ -60,7 +55,7 @@
- Bump the dependencies group across 1 directory with 14 updates
([#1653](https://github.com/lycheeverse/lychee/pull/1653))
- Add support for custom file extensions in link checking.
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
- Bump the dependencies group across 1 directory with 21 updates
([#1643](https://github.com/lycheeverse/lychee/pull/1643))
-- renamed `base` to `base_url` (fixes #1607)
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
+- Renamed `base` to `base_url` (fixes #1607)
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
##
[0.18.1](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.18.0...lychee-lib-v0.18.1)
- 2025-02-06
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-lib/src/checker/file.rs
new/lychee-0.19.1/lychee-lib/src/checker/file.rs
--- old/lychee-0.19.0~0/lychee-lib/src/checker/file.rs 2025-06-11
16:04:34.000000000 +0200
+++ new/lychee-0.19.1/lychee-lib/src/checker/file.rs 2025-06-16
13:56:32.000000000 +0200
@@ -123,8 +123,9 @@
///
/// Returns a `Status` indicating the result of the check.
async fn check_existing_path(&self, path: &Path, uri: &Uri) -> Status {
- // only files can contain content with fragments
- if self.include_fragments && path.is_file() {
+ // Only files can contain content with fragments.
+ // Skip if the uri doesn't have the fragment.
+ if self.include_fragments && path.is_file() &&
uri.url.fragment().is_some() {
self.check_fragment(path, uri).await
} else {
Status::Ok(StatusCode::OK)
++++++ lychee.obsinfo ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old 2025-06-17 18:24:35.140203346 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new 2025-06-17 18:24:35.144203513 +0200
@@ -1,5 +1,5 @@
name: lychee
-version: 0.19.0~0
-mtime: 1749650674
-commit: 639c74e392a025158eb5c30655fb543c05cd33b7
+version: 0.19.1
+mtime: 1750074992
+commit: 3592972d6462ceb6081c3945cc43121bc3ce2039
++++++ vendor.tar.zst ++++++
/work/SRC/openSUSE:Factory/lychee/vendor.tar.zst
/work/SRC/openSUSE:Factory/.lychee.new.19631/vendor.tar.zst differ: char 7,
line 1
