Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package cargo-audit for openSUSE:Factory checked in at 2021-07-07 18:30:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/cargo-audit (Old) and /work/SRC/openSUSE:Factory/.cargo-audit.new.2625 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cargo-audit" Wed Jul 7 18:30:19 2021 rev:3 rq:904295 version:0.15.0~git0.16c8aa4 Changes: -------- --- /work/SRC/openSUSE:Factory/cargo-audit/cargo-audit.changes 2021-06-04 00:33:45.984906371 +0200 +++ /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/cargo-audit.changes 2021-07-07 18:31:26.450538403 +0200 @@ -1,0 +2,584 @@ +Mon Jul 05 05:01:17 UTC 2021 - wbr...@suse.de + +- Update to version 0.15.0~git0.16c8aa4: + * cargo-audit v0.15.0 (#392) + * rustsec-admin v0.5.0 (#389) + * README.md: ??????????????? + * rustsec v0.24.0 (#388) + * OSV export (#366) + * Bump semver from 1.0.1 to 1.0.3 + * Bump semver from 1.0.0 to 1.0.1 (#381) + * Bump git2 from 0.13.19 to 0.13.20 (#375) + * Bump crates-index from 0.16.6 to 0.16.7 (#380) + * cargo-lock v7.0.0 (#379) + * Bump to semver 1.0.0 (#378) + * rustsec-admin v0.4.3 (#374) + * list-affected-versions: Also print the crate in question + * Bump crates-index from 0.16.5 to 0.16.6 + * Fix doc comments + * Added docs + * Clean up the code and commit stuff I forgot to add to git + * Implement list-affected-versions subcommand, works fine with current DB + * Add list-affected-versions subcommand stub + * Clarify error message + * Update the crates.io index if not up to date + * Drop ureq dependency + * cargo fmt + * Better error reporting + * Initial untested attempt to get rid of crates.io API querying completely + * Comment, thanks Alex + * cargo fmt + * Fix crates.io API interaction + * Ditched crates_io_api crate, did the same thing with ureq. Gets rid of tokio and a whole lot of other deps. Fixes breakage due to the recent crates.io API breakage, and prevents similar breakage in the future + * Add new exit status for errors (#368) + * Bump git2 from 0.13.18 to 0.13.19 (#365) + * cargo-lock: add support for V3 format (#363) + * cvss v1.0.3 (#362) + * CI: gate workflow execution for PRs on changed files + * cvss: fixups + * Update CI badges + * Add some tier 3 targets + * Workspace CI configuration + * Update repo urls in Cargo.toml files + * README.md: add new toplevel one for workspace + * platforms: sync with Rust platform support documentation + * CI configuration + * Wire up Cargo workspace + * cargo-audit: prepare for merge into RustSec monorepo + * rustsec: prepare for merge into RustSec monorepo + * platforms: prepare for merge into RustSec monorepo + * cvss: prepare for merge into RustSec monorepo + * rustsec-admin: prepare for merge into RustSec monorepo + * rustsec-admin: prepare for merge into RustSec monorepo + * Web: Add pages per package (#143) + * v0.4.2 (#142) + * web: Add back an Atom feed for advisories (#140) + * Cargo.lock: bump dependencies (#136) + * Upgrade to GitHub-native Dependabot (#134) + * v0.4.1 (#135) + * Display more information on the website (#133) + * Upgrade to GitHub-native Dependabot (#344) + * Vendor OpenSSL for arm and musl builds (#343) + * Bump git2 from 0.13.17 to 0.13.18 (#314) + * Bump crates-index from 0.16.3 to 0.16.5 (#313) + * Bump comrak from 0.9.1 to 0.10.0 (#129) + * Fix typo in comments about mips64. (#36) + * Bump rustsec from 0.23.2 to 0.23.3 (#128) + * v0.23.3 (#310) + * Workaround for stale git refs (#309) + * Bump rustsec from 0.23.0 to 0.23.2 (#127) + * v0.23.2 (#308) + * Rename advisory-db `master` branch to `main` (#307) + * CI: use actions-rs/audit-check for self-audit (#306) + * Cargo.lock: bump dependencies (#305) + * v0.4.0 (#126) + * v0.3.5 (#124) + * Use rust-embed for static assets (#122) + * Add argument to change where website is outputted (#123) + * v0.23.1 (#301) + * Bump url from 2.2.0 to 2.2.1 (#98) + * Fix parsing error on windows (#295) + * Cargo.lock: bump deps (#296) + * Bump comrak from 0.9.0 to 0.9.1 (#116) + * Use a fully Rust based solution for rendering web page (#115) + * v0.3.4 (#113) + * Bump `rustsec` crate to v0.23 (#112) + * v0.23.0 (#292) + * Cargo.toml: dependency cleanups (#291) + * Add `thread-safety` category (#290) + * Rename default branch to `main` (#289) + * v1.0.1 (#15) + * Rename default branch to `main` (#14) + * Cargo.lock: bump deps (#288) + * v6.0.1 (#96) + * Rename CI workflow (#95) + * Rename default branch to `main` (#94) + * Cargo.lock: bump deps (#93) + * Bump semver-parser from 0.10.0 to 0.10.2 (#280) + * v0.3.3 (#106) + * Cargo.lock: bump dependencies (#105) + * Rename `master` branch to `main` (#104) + * CI config improvements (#103) + * assigner: fix "new year's" bug (#102) + * Bump handlebars from 3.5.1 to 3.5.2 (#101) + * Bump platforms from 1.0.3 to 1.1.0 (#279) + * v1.1.0 (#35) + * Rename default branch to `main` (#34) + * Rename GH Actions workflow to "CI" (#33) + * Update README platform list using table gen + * Add aarch64-apple-darwin, a.k.a. Apple Silicon macOS + * Bump serde from 1.0.117 to 1.0.118 (#88) + * Bump toml from 0.5.7 to 0.5.8 (#89) + * v0.3.2 (#97) + * Bump `rustsec` crate to v0.23.0-pre (#96) + * v0.23.0-pre (#272) + * Rename `repository::GitRepository` to `repository::git::Repository` (#271) + * Rename `fetch` Cargo feature to `git` (#270) + * Use `SystemTime` instead of a `git::Timestamp` type (#269) + * Add support for omitting leading `[advisory]` table (#268) + * Mark enums as non_exhaustive (#267) + * Re-add advisory `references` as a URL list (#266) + * Replace `chrono` with `humantime` (#265) + * Bump `smol_str` to v0.1.17; MSRV 1.46+ (#264) + * Use `url` crate to parse metadata URL (#263) + * Remove `markdown` feature (#262) + * Bump termcolor from 1.1.0 to 1.1.1 (#94) + * Rename `references` to `related` (#261) + * Bump once_cell from 1.5.1 to 1.5.2 (#259) + * Bump crates-index from 0.16.0 to 0.16.2 (#260) + * Bump once_cell from 1.5.0 to 1.5.1 (#92) + * Cargo.lock: bump deps (#258) + * Bump once_cell from 1.4.1 to 1.5.1 (#257) + * .github: rename CI workflow to "CI" (#256) + * Bump once_cell from 1.4.1 to 1.5.0 (#91) + * Bump serde from 1.0.116 to 1.0.117 (#86) + * Bump url from 2.1.1 to 2.2.0 (#87) + * Bump platforms from 1.0.2 to 1.0.3 (#252) + * v1.0.3 (#30) + * fix Platform::guess_current to use actual target architecture (#29) + * v0.3.1 (#89) + * Bump `rustsec` crate to v0.22.2 (#88) + * v0.22.2 (#250) + * Revert "Refactor Advisory type handling (#246)" (#249) + * Cargo.lock: bump dependencies (#248) + * Cargo.lock: bump dependencies (#87) + * v0.22.1 (#247) + * Refactor Advisory type handling (#246) + * Bump handlebars from 3.5.0 to 3.5.1 (#84) + * Bump toml from 0.5.6 to 0.5.7 (#85) + * v0.3.0 (#86) + * Bump `rustsec` crate dependency to v0.22 (#83) + * v0.22.0 (#245) + * Bump `cargo-lock` to v6; `semver` to v0.11 (#244) + * Remove more V2 advisory format vestiges (#243) + * Remove support for the V2 advisory format (#242) + * v0.3.0-pre3 (#82) + * assign-id: fix TOML front matter parsing (#81) + * v0.3.0-pre2 (#80) + * Attempt to fix `assign-id` command (#79) + * v0.22.0-pre3 (#241) + * advisory: mark the `parser` module as `pub` (#240) + * Bump thiserror from 1.0.20 to 1.0.21 (#74) + * Bump rustsec from 0.22.0-pre to 0.22.0-pre2 (#78) + * Bump thiserror from 1.0.20 to 1.0.21 (#232) + * clippy fixes (#77) + * Bump cargo-edit from 0.6.0 to 0.7.0 (#231) + * v0.22.0-pre2 (#239) + * advisory/linter: make V2 advisories fail (#238) + * Bump crates-index from 0.15.4 to 0.16.0 (#237) + * CI: ignore RUSTSEC-2020-0053 (dirs unmaintained) (#236) + * Bump toml from 0.5.6 to 0.5.7 (#233) + * Bump toml from 0.5.6 to 0.5.7 (#85) + * v0.3.0-pre (#73) + * Bump `rustsec` crate to v0.22.0-pre (#72) + * v0.22.0-pre (#230) + * advisory: laxer function path handling (#229) + * linter: fully deprecate `obsolete` in favor of `yanked` (#228) + * advisory: `markdown` feature and `Advisory::description_html` (#227) + * Refactor changes from `fetch` feature (#213) (#226) + * linter: add support for V3 advisory format (#225) + * Bump chrono from 0.4.15 to 0.4.19 (#224) + * cargo fmt + * Linter: correctly handle crates with dashes in names + * v6.0.0 (#84) + * Bump semver from 0.10.0 to 0.11.0 (#83) + * Bump handlebars from 3.3.0 to 3.5.0 (#69) + * Bump `cargo-lock` to v5.0; semver to v0.10; MSRV 1.41+ (#217) + * v5.0.0 (#82) + * rustdoc fixups (#81) + * README.md: switch chat badge to Zulip (#80) + * 5.0.0-rc (#79) + * Add `docsrs` cfg (#78) + * Support for listing a single dependency (#77) + * Implement/extract Cargo-compatible serializer (#76) + * Add `--dependencies` and `--sources` flags to `cargo lock list` (#75) + * Implement `cargo lock tree` without arguments (#74) + * Add `dependency::Tree::roots()` method (#73) + * bin: make `list` the default command (#72) ++++ 387 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/cargo-audit/cargo-audit.changes ++++ and /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/cargo-audit.changes Old: ---- rustsec-0.14.1~git0.e46dce8.tar.xz New: ---- rustsec-0.15.0~git0.16c8aa4.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ cargo-audit.spec ++++++ --- /var/tmp/diff_new_pack.m9AYN8/_old 2021-07-07 18:31:27.722528421 +0200 +++ /var/tmp/diff_new_pack.m9AYN8/_new 2021-07-07 18:31:27.722528421 +0200 @@ -20,7 +20,7 @@ %global workspace_name rustsec Name: cargo-audit -Version: 0.14.1~git0.e46dce8 +Version: 0.15.0~git0.16c8aa4 Release: 0 Summary: Audit rust sources for known security vulnerabilities License: License: ( 0BSD OR MIT OR Apache-2.0 ) AND ( Apache-2.0 OR BSL-1.0 ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR Apache-2.0 OR MIT ) AND ( MIT OR Zlib OR Apache-2.0 ) AND ( Unlicense OR MIT ) AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND CC0-1.0 AND MIT AND MPL-2.0 AND MPL-2.0+ @@ -31,6 +31,7 @@ Source2: cargo_config BuildRequires: cargo +BuildRequires: pkgconfig(libgit2) BuildRequires: pkgconfig(openssl) ExcludeArch: s390 s390x ppc ppc64 ppc64le %ix86 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.m9AYN8/_old 2021-07-07 18:31:27.766528076 +0200 +++ /var/tmp/diff_new_pack.m9AYN8/_new 2021-07-07 18:31:27.766528076 +0200 @@ -3,7 +3,7 @@ <param name="url">https://github.com/RustSec/rustsec.git</param> <param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param> <param name="scm">git</param> - <param name="revision">cargo-audit/v0.14.1</param> + <param name="revision">cargo-audit/v0.15.0</param> <param name="match-tag">cargo-audit*</param> <param name="versionrewrite-pattern">.*v(\d+\.\d+\.\d+)</param> <param name="versionrewrite-replacement">\1</param> @@ -22,6 +22,6 @@ </service> <service name="cargo_audit" mode="disabled"> <param name="srcdir">rustsec</param> - <!-- <param name="lockfile">rustsec/cargo-audit/Cargo.lock</param> --> + <param name="lockfile">Cargo.lock</param> </service> </services> ++++++ rustsec-0.14.1~git0.e46dce8.tar.xz -> rustsec-0.15.0~git0.16c8aa4.tar.xz ++++++ /work/SRC/openSUSE:Factory/cargo-audit/rustsec-0.14.1~git0.e46dce8.tar.xz /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/rustsec-0.15.0~git0.16c8aa4.tar.xz differ: char 15, line 1 ++++++ vendor.tar.xz ++++++ /work/SRC/openSUSE:Factory/cargo-audit/vendor.tar.xz /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/vendor.tar.xz differ: char 26, line 1