Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package apko for openSUSE:Factory checked in at 2025-10-08 18:14:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/apko (Old) and /work/SRC/openSUSE:Factory/.apko.new.11973 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "apko" Wed Oct 8 18:14:44 2025 rev:70 rq:1309735 version:0.30.15 Changes: -------- --- /work/SRC/openSUSE:Factory/apko/apko.changes 2025-10-06 18:08:10.667396230 +0200 +++ /work/SRC/openSUSE:Factory/.apko.new.11973/apko.changes 2025-10-08 18:18:52.645375497 +0200 @@ -1,0 +2,8 @@ +Wed Oct 08 04:50:10 UTC 2025 - Johannes Kastl <[email protected]> + +- Update to version 0.30.15: + * DirFS: correct resetting of permissions (#1877) + * build(deps): bump chainguard-dev/actions from 1.5.2 to 1.5.3 + (#1876) + +------------------------------------------------------------------- Old: ---- apko-0.30.14.obscpio New: ---- apko-0.30.15.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ apko.spec ++++++ --- /var/tmp/diff_new_pack.nSvY4x/_old 2025-10-08 18:18:55.297486794 +0200 +++ /var/tmp/diff_new_pack.nSvY4x/_new 2025-10-08 18:18:55.297486794 +0200 @@ -17,7 +17,7 @@ Name: apko -Version: 0.30.14 +Version: 0.30.15 Release: 0 Summary: Build OCI images from APK packages directly without Dockerfile License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.nSvY4x/_old 2025-10-08 18:18:55.345488808 +0200 +++ /var/tmp/diff_new_pack.nSvY4x/_new 2025-10-08 18:18:55.349488977 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/chainguard-dev/apko</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v0.30.14</param> + <param name="revision">v0.30.15</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.nSvY4x/_old 2025-10-08 18:18:55.373489984 +0200 +++ /var/tmp/diff_new_pack.nSvY4x/_new 2025-10-08 18:18:55.377490151 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/chainguard-dev/apko</param> - <param name="changesrevision">7037060236af5a62102320414f46e2ed584d109e</param></service></servicedata> + <param name="changesrevision">9acc8ad7df7a2434fbdf65da196addf3f66d63bb</param></service></servicedata> (No newline at EOF) ++++++ apko-0.30.14.obscpio -> apko-0.30.15.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apko-0.30.14/pkg/apk/fs/rwosfs.go new/apko-0.30.15/pkg/apk/fs/rwosfs.go --- old/apko-0.30.14/pkg/apk/fs/rwosfs.go 2025-09-30 10:13:29.000000000 +0200 +++ new/apko-0.30.15/pkg/apk/fs/rwosfs.go 2025-10-07 22:58:22.000000000 +0200 @@ -236,8 +236,9 @@ file, err := os.Open(fullpath) if err == nil { return &fileImpl{ - file: file, - name: baseName, + file: file, + name: baseName, + fullpath: fullpath, }, nil } if !os.IsPermission(err) { @@ -258,9 +259,10 @@ } perms := fi.Mode() return &fileImpl{ - file: file, - name: baseName, - perms: &perms, + file: file, + name: baseName, + fullpath: fullpath, + perms: &perms, }, nil } @@ -618,8 +620,9 @@ type file File type fileImpl struct { file - name string - perms *os.FileMode + name string + fullpath string + perms *os.FileMode } func (f fileImpl) Close() error { @@ -627,7 +630,8 @@ return err } if f.perms != nil { - return os.Chmod(f.name, *f.perms) + // f.name is the basename of the path, use the f.file.name here + return os.Chmod(f.fullpath, *f.perms) } return nil } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/apko-0.30.14/pkg/apk/fs/rwosfs_test.go new/apko-0.30.15/pkg/apk/fs/rwosfs_test.go --- old/apko-0.30.14/pkg/apk/fs/rwosfs_test.go 2025-09-30 10:13:29.000000000 +0200 +++ new/apko-0.30.15/pkg/apk/fs/rwosfs_test.go 2025-10-07 22:58:22.000000000 +0200 @@ -44,6 +44,9 @@ {"a/b/c", false, 0o644, []byte("hello")}, {"foo/bar", true, 0o700, nil}, {"foo/bar/world", false, 0o600, []byte("world")}, + // ReadFile() fails on the following and doesn't fall back to + // trying to adjust the permissions. + // {"foo/bar/shadow", false, 0o000, []byte("shadow")}, } dir := t.TempDir() @@ -70,6 +73,62 @@ } } +// DirFS has differing behaviors depending on handling an inaccessible +// file due to permissions in ReadFile(), OpenFile(), and Open(). +func TestExistingDirUsingOpen(t *testing.T) { + var ( + err error + content []byte + ) + files := []struct { + path string + dir bool + perms os.FileMode + content []byte + }{ + {"a/b", true, 0o755, nil}, + {"a/b/c", false, 0o644, []byte("hello")}, + {"foo/bar", true, 0o700, nil}, + {"foo/bar/world", false, 0o600, []byte("world")}, + {"foo/bar/shadow", false, 0o000, []byte("shadow")}, + } + + dir := t.TempDir() + for _, f := range files { + if f.dir { + err = os.MkdirAll(filepath.Join(dir, f.path), f.perms) + require.NoError(t, err, "error creating dir %s", f.path) + } else { + err = os.WriteFile(filepath.Join(dir, f.path), f.content, f.perms) + require.NoError(t, err, "error creating file %s", f.path) + } + } + + fs := DirFS(t.Context(), dir) + require.NotNil(t, fs, "fs should be created") + + for _, f := range files { + if f.dir { + continue + } + fd, err := fs.Open(f.path) + require.NoError(t, err, "error opening file %s", f.path) + + content = make([]byte, len(f.content)) + _, err = fd.Read(content) + require.NoError(t, err, "error reading file %s", f.path) + + require.Equal(t, f.content, content, "content of %s should be %s", f.path, f.content) + + fd.Close() + // Ensure 0 permissions on the original file were maintained/reset correctly + if f.perms == 0o000 { + _, err = os.ReadFile(f.path) + require.Error(t, err, "expected permissions error reading %s", f.path) + } + } +} + func TestMissingDir(t *testing.T) { dir := t.TempDir() fs := DirFS(t.Context(), dir) ++++++ apko.obsinfo ++++++ --- /var/tmp/diff_new_pack.nSvY4x/_old 2025-10-08 18:18:56.089520032 +0200 +++ /var/tmp/diff_new_pack.nSvY4x/_new 2025-10-08 18:18:56.093520200 +0200 @@ -1,5 +1,5 @@ name: apko -version: 0.30.14 -mtime: 1759220009 -commit: 7037060236af5a62102320414f46e2ed584d109e +version: 0.30.15 +mtime: 1759870702 +commit: 9acc8ad7df7a2434fbdf65da196addf3f66d63bb ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/apko/vendor.tar.gz /work/SRC/openSUSE:Factory/.apko.new.11973/vendor.tar.gz differ: char 15, line 1
