Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package lychee for openSUSE:Factory checked 
in at 2025-06-17 18:23:42
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/lychee (Old)
 and      /work/SRC/openSUSE:Factory/.lychee.new.19631 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "lychee"

Tue Jun 17 18:23:42 2025 rev:8 rq:1286319 version:0.19.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/lychee/lychee.changes    2025-06-12 
15:54:36.896558065 +0200
+++ /work/SRC/openSUSE:Factory/.lychee.new.19631/lychee.changes 2025-06-17 
18:24:33.296126667 +0200
@@ -1,0 +2,9 @@
+Tue Jun 17 09:19:38 UTC 2025 - Alessio Biancalana <dottorblas...@opensuse.org>
+
+- Update to version 0.19.1:
+  * chore: release v0.19.1 (#1726)
+  * fix: skip the fragment check if the uri doesn't contain fragment (#1730)
+  * Don't echo potentially sensitive header data (#1728)
+  * Update changelog
+
+-------------------------------------------------------------------

Old:
----
  lychee-0.19.0~0.tar.zst

New:
----
  lychee-0.19.1.tar.zst

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ lychee.spec ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old  2025-06-17 18:24:34.876192369 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new  2025-06-17 18:24:34.880192535 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           lychee
-Version:        0.19.0~0
+Version:        0.19.1
 Release:        0
 Summary:        Fast, async, stream-based link checker written in Rust
 License:        Apache-2.0 OR MIT

++++++ _service ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old  2025-06-17 18:24:34.908193699 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new  2025-06-17 18:24:34.912193865 +0200
@@ -1,14 +1,14 @@
 <services>
   <service mode="disabled" name="obs_scm">
     <param name="url">https://github.com/lycheeverse/lychee.git</param>
-    <param name="versionformat">@PARENT_TAG@~@TAG_OFFSET@</param>
+    <param name="versionformat">@PARENT_TAG@</param>
     <param name="scm">git</param>
-    <param name="revision">lychee-v0.19.0</param>
+    <param name="revision">lychee-v0.19.1</param>
     <param name="match-tag">*</param>
     <param name="versionrewrite-pattern">lychee-v(\d+\.\d+\.\d+)</param>
     <param name="versionrewrite-replacement">\1</param>
     <param name="changesgenerate">enable</param>
-    <param name="changesauthor">alessio.biancal...@suse.com</param>
+    <param name="changesauthor">dottorblas...@opensuse.org</param>
   </service>
   <service mode="disabled" name="tar" />
   <service mode="disabled" name="recompress">

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old  2025-06-17 18:24:34.932194697 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new  2025-06-17 18:24:34.936194863 +0200
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param 
name="url">https://github.com/lycheeverse/lychee.git</param>
-              <param 
name="changesrevision">639c74e392a025158eb5c30655fb543c05cd33b7</param></service></servicedata>
+              <param 
name="changesrevision">3592972d6462ceb6081c3945cc43121bc3ce2039</param></service></servicedata>
 (No newline at EOF)
 

++++++ lychee-0.19.0~0.tar.zst -> lychee-0.19.1.tar.zst ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/Cargo.lock 
new/lychee-0.19.1/Cargo.lock
--- old/lychee-0.19.0~0/Cargo.lock      2025-06-11 16:04:34.000000000 +0200
+++ new/lychee-0.19.1/Cargo.lock        2025-06-16 13:56:32.000000000 +0200
@@ -2490,7 +2490,7 @@
 
 [[package]]
 name = "lychee"
-version = "0.19.0"
+version = "0.19.1"
 dependencies = [
  "anyhow",
  "assert-json-diff",
@@ -2538,7 +2538,7 @@
 
 [[package]]
 name = "lychee-lib"
-version = "0.19.0"
+version = "0.19.1"
 dependencies = [
  "async-stream",
  "async-trait",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/Cargo.toml 
new/lychee-0.19.1/Cargo.toml
--- old/lychee-0.19.0~0/Cargo.toml      2025-06-11 16:04:34.000000000 +0200
+++ new/lychee-0.19.1/Cargo.toml        2025-06-16 13:56:32.000000000 +0200
@@ -3,7 +3,7 @@
 resolver = "2"
 
 [workspace.package]
-version = "0.19.0"
+version = "0.19.1"
 
 [profile.release]
 debug = true
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/CHANGELOG.md 
new/lychee-0.19.1/lychee-bin/CHANGELOG.md
--- old/lychee-0.19.0~0/lychee-bin/CHANGELOG.md 2025-06-11 16:04:34.000000000 
+0200
+++ new/lychee-0.19.1/lychee-bin/CHANGELOG.md   2025-06-16 13:56:32.000000000 
+0200
@@ -7,53 +7,54 @@
 
 ## [Unreleased]
 
+## 
[0.19.1](https://github.com/lycheeverse/lychee/compare/lychee-v0.19.0...lychee-v0.19.1)
 - 2025-06-16
+
+### Other
+
+- Don't echo potentially sensitive header data 
([#1728](https://github.com/lycheeverse/lychee/pull/1728))
+- Update changelog
+
 ## 
[0.19.0](https://github.com/lycheeverse/lychee/compare/lychee-v0.18.1...lychee-v0.19.0)
 - 2025-06-11
 
+Most notably with this release the deprecated `--exclude-mail` flag was 
removed and the behavior of the `--accept` flag was updated. Previously, status 
codes such as `200 OK` were always accepted. Now they are only accepted by 
default. This means providing the argument `--accept 201` now rejects status 
code `200 OK`.
+
 ### Added
 
-- raise error when the default config file is invalid 
([#1715](https://github.com/lycheeverse/lychee/pull/1715))
-- detect website fragments 
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Raise error when the default config file is invalid 
([#1715](https://github.com/lycheeverse/lychee/pull/1715))
+- Detect website fragments 
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Move archive functionality to library 
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
+- Add TLS version option 
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
+- Add FreeBSD-Ask to users 
([#1662](https://github.com/lycheeverse/lychee/pull/1662))
+- Add support for custom file extensions in link checking. 
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
+- Add support for custom headers in input processing 
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
+- Add possible values for minimum TLS version in help message 
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
 
 ### Fixed
 
-- only check the fragment when it's a file 
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Only check fragments inside files 
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Update --accept behaviour (https://github.com/lycheeverse/lychee/issues/1661)
+- Allow header values that contain equal signs 
([#1647](https://github.com/lycheeverse/lychee/pull/1647))
 
 ### Other
 
-- Add cli test
-- Use StatusCodeSelector default as default accepted StatusCodes
-- Update tests
-- Remove duplicated information from output
-- Update test
-- Update test
-- Move archive functionality to library 
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
+- Remove deprecated `--exclude-mail` flag 
([#1669](https://github.com/lycheeverse/lychee/issues/1669))
 - Bump the dependencies group across 1 directory with 3 updates 
([#1714](https://github.com/lycheeverse/lychee/pull/1714))
 - Upgrade to 2024 edition 
([#1711](https://github.com/lycheeverse/lychee/pull/1711))
 - Fix `test_exclude_example_domains` 
([#1712](https://github.com/lycheeverse/lychee/pull/1712))
-- Add support for custom headers in input processing 
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
 - Fix lints ([#1705](https://github.com/lycheeverse/lychee/pull/1705))
-- Remove flag
 - Bump the dependencies group with 2 updates
-- Add possible values for minimum TLS version in help message 
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
-- Add TLS version option 
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
 - Bump the dependencies group across 1 directory with 11 updates 
([#1692](https://github.com/lycheeverse/lychee/pull/1692))
 - Specify MSRV ([#1676](https://github.com/lycheeverse/lychee/pull/1676))
-- Fix outdated link
-- Remove once_cell as direct dependency
 - Make clippy happy ([#1681](https://github.com/lycheeverse/lychee/pull/1681))
 - Bump the dependencies group with 3 updates 
([#1670](https://github.com/lycheeverse/lychee/pull/1670))
 - Fix accept/exclude range syntax and docs 
([#1668](https://github.com/lycheeverse/lychee/pull/1668))
-- Add FreeBSD-Ask to users 
([#1662](https://github.com/lycheeverse/lychee/pull/1662))
 - Bump the dependencies group with 4 updates 
([#1664](https://github.com/lycheeverse/lychee/pull/1664))
-- Allow header values that contain equal signs 
([#1647](https://github.com/lycheeverse/lychee/pull/1647))
 - Bump the dependencies group with 11 updates 
([#1656](https://github.com/lycheeverse/lychee/pull/1656))
 - Bump the dependencies group across 1 directory with 14 updates 
([#1653](https://github.com/lycheeverse/lychee/pull/1653))
-- Add support for custom file extensions in link checking. 
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
 - Format Markdown URLs with `<>` instead of `[]()` 
([#1638](https://github.com/lycheeverse/lychee/pull/1638))
 - Bump the dependencies group across 1 directory with 21 updates 
([#1643](https://github.com/lycheeverse/lychee/pull/1643))
-- add tests for URL extraction ending with a period 
([#1641](https://github.com/lycheeverse/lychee/pull/1641))
-- renamed `base` to `base_url` (fixes #1607) 
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
-- Sort compact/detailed/markdown error output by file path 
([#1622](https://github.com/lycheeverse/lychee/pull/1622))
+- Add tests for URL extraction ending with a period 
([#1641](https://github.com/lycheeverse/lychee/pull/1641))
+- Renamed `base` to `base_url` (fixes #1607) 
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
 
 ## 
[0.18.1](https://github.com/lycheeverse/lychee/compare/lychee-v0.18.0...lychee-v0.18.1)
 - 2025-02-06
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/Cargo.toml 
new/lychee-0.19.1/lychee-bin/Cargo.toml
--- old/lychee-0.19.0~0/lychee-bin/Cargo.toml   2025-06-11 16:04:34.000000000 
+0200
+++ new/lychee-0.19.1/lychee-bin/Cargo.toml     2025-06-16 13:56:32.000000000 
+0200
@@ -15,7 +15,7 @@
 [dependencies]
 # NOTE: We need to specify the version of lychee-lib here because crates.io
 # requires all dependencies to have a version number.
-lychee-lib = { path = "../lychee-lib", version = "0.19.0", default-features = 
false }
+lychee-lib = { path = "../lychee-lib", version = "0.19.1", default-features = 
false }
 
 anyhow = "1.0.98"
 assert-json-diff = "2.0.2"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-bin/src/options.rs 
new/lychee-0.19.1/lychee-bin/src/options.rs
--- old/lychee-0.19.0~0/lychee-bin/src/options.rs       2025-06-11 
16:04:34.000000000 +0200
+++ new/lychee-0.19.1/lychee-bin/src/options.rs 2025-06-16 13:56:32.000000000 
+0200
@@ -212,19 +212,24 @@
 ///
 /// If the header contains multiple colons, the part after the first colon is
 /// considered the value.
+///
+/// # Errors
+///
+/// This fails if the header does not contain exactly one `:` character or
+/// if the header name contains non-ASCII characters.
 fn parse_single_header(header: &str) -> Result<(HeaderName, HeaderValue)> {
     let parts: Vec<&str> = header.splitn(2, ':').collect();
     match parts.as_slice() {
         [name, value] => {
-            let name = HeaderName::from_bytes(name.trim().as_bytes())
-                .map_err(|e| anyhow!("Invalid header name '{}': {}", 
name.trim(), e))?;
-            let value = HeaderValue::from_str(value.trim())
-                .map_err(|e| anyhow!("Invalid header value '{}': {}", 
value.trim(), e))?;
+            let name = HeaderName::from_str(name.trim())
+                .map_err(|e| anyhow!("Unable to convert header name '{}': {}", 
name.trim(), e))?;
+            let value = HeaderValue::from_str(value.trim()).map_err(|e| {
+                anyhow!("Unable to read value of header with name '{}': {}", 
name, e)
+            })?;
             Ok((name, value))
         }
         _ => Err(anyhow!(
-            "Invalid header format. Expected colon-separated string in the 
format 'HeaderName: HeaderValue', got '{}'",
-            header
+            "Invalid header format. Expected colon-separated string in the 
format 'HeaderName: HeaderValue'"
         )),
     }
 }
@@ -871,6 +876,18 @@
     }
 
     #[test]
+    /// We should not reveal potentially sensitive data contained in the 
headers.
+    /// See: [#1297](https://github.com/lycheeverse/lychee/issues/1297)
+    fn test_does_not_echo_sensitive_data() {
+        let error = parse_single_header("My-HeaderšŸ’£: secret")
+            .expect_err("Should not allow unicode as key");
+        assert!(!error.to_string().contains("secret"));
+
+        let error = parse_single_header("secret").expect_err("Should fail when 
no `:` given");
+        assert!(!error.to_string().contains("secret"));
+    }
+
+    #[test]
     fn test_header_parsing_and_merging() {
         // Simulate commandline arguments with multiple headers
         let args = vec![
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-lib/CHANGELOG.md 
new/lychee-0.19.1/lychee-lib/CHANGELOG.md
--- old/lychee-0.19.0~0/lychee-lib/CHANGELOG.md 2025-06-11 16:04:34.000000000 
+0200
+++ new/lychee-0.19.1/lychee-lib/CHANGELOG.md   2025-06-16 13:56:32.000000000 
+0200
@@ -7,43 +7,38 @@
 
 ## [Unreleased]
 
+## 
[0.19.1](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.19.0...lychee-lib-v0.19.1)
 - 2025-06-16
+
+### Fixed
+
+- skip the fragment check if the uri doesn't contain fragment 
([#1730](https://github.com/lycheeverse/lychee/pull/1730))
+
+### Other
+
+- Update changelog
+
 ## 
[0.19.0](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.18.1...lychee-lib-v0.19.0)
 - 2025-06-11
 
 ### Added
 
-- respect the `disabled` property for stylesheet links 
([#1716](https://github.com/lycheeverse/lychee/pull/1716))
-- detect website fragments 
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
+- Respect the `disabled` property for stylesheet links 
([#1716](https://github.com/lycheeverse/lychee/pull/1716))
+- Detect website fragments 
([#1675](https://github.com/lycheeverse/lychee/pull/1675))
 
 ### Fixed
 
-- only check the fragment when it's a file 
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
-- ignore gitlab table of content in wikilinks 
([#1710](https://github.com/lycheeverse/lychee/pull/1710))
+- Only check the fragment when it's a file 
([#1713](https://github.com/lycheeverse/lychee/pull/1713))
+- Ignore gitlab table of content in wikilinks 
([#1710](https://github.com/lycheeverse/lychee/pull/1710))
 
 ### Other
 
-- Add explanation
-- Fix grammar
-- Update docs
-- Extract DEFAULT_ACCEPTED_STATUS_CODES & apply clippy's suggestions
-- Use StatusCodeSelector default as default accepted StatusCodes
-- Tiny improvements
-- Remove dbg macro
-- Pass accepted values by reference
-- Make accepted codes non-optional
-- Handle rejected TOO_MANY_REQUESTS
-- Update Status::code
-- Remove duplicated information from output
-- Change usage of ErrorKind::NetworkRequest, as it no longer represents 
rejected status codes
-- Update doc comment
-- Make error message more user-friendly
-- Remove hardcoded rule for handling erroneous status codes differently
+- Update --accept behaviour 
[#1661](https://github.com/lycheeverse/lychee/issues/1661)
 - Move archive functionality to library 
([#1720](https://github.com/lycheeverse/lychee/pull/1720))
 - Bump the dependencies group across 1 directory with 3 updates 
([#1714](https://github.com/lycheeverse/lychee/pull/1714))
 - Upgrade to 2024 edition 
([#1711](https://github.com/lycheeverse/lychee/pull/1711))
 - Add support for custom headers in input processing 
([#1561](https://github.com/lycheeverse/lychee/pull/1561))
 - Fix lints ([#1705](https://github.com/lycheeverse/lychee/pull/1705))
-- Remove flag
-- detect wikilinks, prevent plaintext extraction from links #1650 
([#1679](https://github.com/lycheeverse/lychee/pull/1679))
+- Remove deprecated `--exclude-mail` flag 
([#1669](https://github.com/lycheeverse/lychee/issues/1669))
+- Detect wikilinks, prevent plaintext extraction from links #1650 
([#1679](https://github.com/lycheeverse/lychee/pull/1679))
 - Bump the dependencies group with 2 updates
 - Add possible values for minimum TLS version in help message 
([#1693](https://github.com/lycheeverse/lychee/pull/1693))
 - Add TLS version option 
([#1655](https://github.com/lycheeverse/lychee/pull/1655))
@@ -60,7 +55,7 @@
 - Bump the dependencies group across 1 directory with 14 updates 
([#1653](https://github.com/lycheeverse/lychee/pull/1653))
 - Add support for custom file extensions in link checking. 
([#1559](https://github.com/lycheeverse/lychee/pull/1559))
 - Bump the dependencies group across 1 directory with 21 updates 
([#1643](https://github.com/lycheeverse/lychee/pull/1643))
-- renamed `base` to `base_url` (fixes #1607) 
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
+- Renamed `base` to `base_url` (fixes #1607) 
([#1629](https://github.com/lycheeverse/lychee/pull/1629))
 
 ## 
[0.18.1](https://github.com/lycheeverse/lychee/compare/lychee-lib-v0.18.0...lychee-lib-v0.18.1)
 - 2025-02-06
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/lychee-0.19.0~0/lychee-lib/src/checker/file.rs 
new/lychee-0.19.1/lychee-lib/src/checker/file.rs
--- old/lychee-0.19.0~0/lychee-lib/src/checker/file.rs  2025-06-11 
16:04:34.000000000 +0200
+++ new/lychee-0.19.1/lychee-lib/src/checker/file.rs    2025-06-16 
13:56:32.000000000 +0200
@@ -123,8 +123,9 @@
     ///
     /// Returns a `Status` indicating the result of the check.
     async fn check_existing_path(&self, path: &Path, uri: &Uri) -> Status {
-        // only files can contain content with fragments
-        if self.include_fragments && path.is_file() {
+        // Only files can contain content with fragments.
+        // Skip if the uri doesn't have the fragment.
+        if self.include_fragments && path.is_file() && 
uri.url.fragment().is_some() {
             self.check_fragment(path, uri).await
         } else {
             Status::Ok(StatusCode::OK)

++++++ lychee.obsinfo ++++++
--- /var/tmp/diff_new_pack.Kkfq27/_old  2025-06-17 18:24:35.140203346 +0200
+++ /var/tmp/diff_new_pack.Kkfq27/_new  2025-06-17 18:24:35.144203513 +0200
@@ -1,5 +1,5 @@
 name: lychee
-version: 0.19.0~0
-mtime: 1749650674
-commit: 639c74e392a025158eb5c30655fb543c05cd33b7
+version: 0.19.1
+mtime: 1750074992
+commit: 3592972d6462ceb6081c3945cc43121bc3ce2039
 

++++++ vendor.tar.zst ++++++
/work/SRC/openSUSE:Factory/lychee/vendor.tar.zst 
/work/SRC/openSUSE:Factory/.lychee.new.19631/vendor.tar.zst differ: char 7, 
line 1

Reply via email to