Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cargo-audit for openSUSE:Factory
checked in at 2021-07-07 18:30:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cargo-audit (Old)
and /work/SRC/openSUSE:Factory/.cargo-audit.new.2625 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cargo-audit"
Wed Jul 7 18:30:19 2021 rev:3 rq:904295 version:0.15.0~git0.16c8aa4
Changes:
--------
--- /work/SRC/openSUSE:Factory/cargo-audit/cargo-audit.changes 2021-06-04
00:33:45.984906371 +0200
+++ /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/cargo-audit.changes
2021-07-07 18:31:26.450538403 +0200
@@ -1,0 +2,584 @@
+Mon Jul 05 05:01:17 UTC 2021 - wbr...@suse.de
+
+- Update to version 0.15.0~git0.16c8aa4:
+ * cargo-audit v0.15.0 (#392)
+ * rustsec-admin v0.5.0 (#389)
+ * README.md: ???????????????
+ * rustsec v0.24.0 (#388)
+ * OSV export (#366)
+ * Bump semver from 1.0.1 to 1.0.3
+ * Bump semver from 1.0.0 to 1.0.1 (#381)
+ * Bump git2 from 0.13.19 to 0.13.20 (#375)
+ * Bump crates-index from 0.16.6 to 0.16.7 (#380)
+ * cargo-lock v7.0.0 (#379)
+ * Bump to semver 1.0.0 (#378)
+ * rustsec-admin v0.4.3 (#374)
+ * list-affected-versions: Also print the crate in question
+ * Bump crates-index from 0.16.5 to 0.16.6
+ * Fix doc comments
+ * Added docs
+ * Clean up the code and commit stuff I forgot to add to git
+ * Implement list-affected-versions subcommand, works fine with current DB
+ * Add list-affected-versions subcommand stub
+ * Clarify error message
+ * Update the crates.io index if not up to date
+ * Drop ureq dependency
+ * cargo fmt
+ * Better error reporting
+ * Initial untested attempt to get rid of crates.io API querying completely
+ * Comment, thanks Alex
+ * cargo fmt
+ * Fix crates.io API interaction
+ * Ditched crates_io_api crate, did the same thing with ureq. Gets rid of
tokio and a whole lot of other deps. Fixes breakage due to the recent crates.io
API breakage, and prevents similar breakage in the future
+ * Add new exit status for errors (#368)
+ * Bump git2 from 0.13.18 to 0.13.19 (#365)
+ * cargo-lock: add support for V3 format (#363)
+ * cvss v1.0.3 (#362)
+ * CI: gate workflow execution for PRs on changed files
+ * cvss: fixups
+ * Update CI badges
+ * Add some tier 3 targets
+ * Workspace CI configuration
+ * Update repo urls in Cargo.toml files
+ * README.md: add new toplevel one for workspace
+ * platforms: sync with Rust platform support documentation
+ * CI configuration
+ * Wire up Cargo workspace
+ * cargo-audit: prepare for merge into RustSec monorepo
+ * rustsec: prepare for merge into RustSec monorepo
+ * platforms: prepare for merge into RustSec monorepo
+ * cvss: prepare for merge into RustSec monorepo
+ * rustsec-admin: prepare for merge into RustSec monorepo
+ * rustsec-admin: prepare for merge into RustSec monorepo
+ * Web: Add pages per package (#143)
+ * v0.4.2 (#142)
+ * web: Add back an Atom feed for advisories (#140)
+ * Cargo.lock: bump dependencies (#136)
+ * Upgrade to GitHub-native Dependabot (#134)
+ * v0.4.1 (#135)
+ * Display more information on the website (#133)
+ * Upgrade to GitHub-native Dependabot (#344)
+ * Vendor OpenSSL for arm and musl builds (#343)
+ * Bump git2 from 0.13.17 to 0.13.18 (#314)
+ * Bump crates-index from 0.16.3 to 0.16.5 (#313)
+ * Bump comrak from 0.9.1 to 0.10.0 (#129)
+ * Fix typo in comments about mips64. (#36)
+ * Bump rustsec from 0.23.2 to 0.23.3 (#128)
+ * v0.23.3 (#310)
+ * Workaround for stale git refs (#309)
+ * Bump rustsec from 0.23.0 to 0.23.2 (#127)
+ * v0.23.2 (#308)
+ * Rename advisory-db `master` branch to `main` (#307)
+ * CI: use actions-rs/audit-check for self-audit (#306)
+ * Cargo.lock: bump dependencies (#305)
+ * v0.4.0 (#126)
+ * v0.3.5 (#124)
+ * Use rust-embed for static assets (#122)
+ * Add argument to change where website is outputted (#123)
+ * v0.23.1 (#301)
+ * Bump url from 2.2.0 to 2.2.1 (#98)
+ * Fix parsing error on windows (#295)
+ * Cargo.lock: bump deps (#296)
+ * Bump comrak from 0.9.0 to 0.9.1 (#116)
+ * Use a fully Rust based solution for rendering web page (#115)
+ * v0.3.4 (#113)
+ * Bump `rustsec` crate to v0.23 (#112)
+ * v0.23.0 (#292)
+ * Cargo.toml: dependency cleanups (#291)
+ * Add `thread-safety` category (#290)
+ * Rename default branch to `main` (#289)
+ * v1.0.1 (#15)
+ * Rename default branch to `main` (#14)
+ * Cargo.lock: bump deps (#288)
+ * v6.0.1 (#96)
+ * Rename CI workflow (#95)
+ * Rename default branch to `main` (#94)
+ * Cargo.lock: bump deps (#93)
+ * Bump semver-parser from 0.10.0 to 0.10.2 (#280)
+ * v0.3.3 (#106)
+ * Cargo.lock: bump dependencies (#105)
+ * Rename `master` branch to `main` (#104)
+ * CI config improvements (#103)
+ * assigner: fix "new year's" bug (#102)
+ * Bump handlebars from 3.5.1 to 3.5.2 (#101)
+ * Bump platforms from 1.0.3 to 1.1.0 (#279)
+ * v1.1.0 (#35)
+ * Rename default branch to `main` (#34)
+ * Rename GH Actions workflow to "CI" (#33)
+ * Update README platform list using table gen
+ * Add aarch64-apple-darwin, a.k.a. Apple Silicon macOS
+ * Bump serde from 1.0.117 to 1.0.118 (#88)
+ * Bump toml from 0.5.7 to 0.5.8 (#89)
+ * v0.3.2 (#97)
+ * Bump `rustsec` crate to v0.23.0-pre (#96)
+ * v0.23.0-pre (#272)
+ * Rename `repository::GitRepository` to `repository::git::Repository` (#271)
+ * Rename `fetch` Cargo feature to `git` (#270)
+ * Use `SystemTime` instead of a `git::Timestamp` type (#269)
+ * Add support for omitting leading `[advisory]` table (#268)
+ * Mark enums as non_exhaustive (#267)
+ * Re-add advisory `references` as a URL list (#266)
+ * Replace `chrono` with `humantime` (#265)
+ * Bump `smol_str` to v0.1.17; MSRV 1.46+ (#264)
+ * Use `url` crate to parse metadata URL (#263)
+ * Remove `markdown` feature (#262)
+ * Bump termcolor from 1.1.0 to 1.1.1 (#94)
+ * Rename `references` to `related` (#261)
+ * Bump once_cell from 1.5.1 to 1.5.2 (#259)
+ * Bump crates-index from 0.16.0 to 0.16.2 (#260)
+ * Bump once_cell from 1.5.0 to 1.5.1 (#92)
+ * Cargo.lock: bump deps (#258)
+ * Bump once_cell from 1.4.1 to 1.5.1 (#257)
+ * .github: rename CI workflow to "CI" (#256)
+ * Bump once_cell from 1.4.1 to 1.5.0 (#91)
+ * Bump serde from 1.0.116 to 1.0.117 (#86)
+ * Bump url from 2.1.1 to 2.2.0 (#87)
+ * Bump platforms from 1.0.2 to 1.0.3 (#252)
+ * v1.0.3 (#30)
+ * fix Platform::guess_current to use actual target architecture (#29)
+ * v0.3.1 (#89)
+ * Bump `rustsec` crate to v0.22.2 (#88)
+ * v0.22.2 (#250)
+ * Revert "Refactor Advisory type handling (#246)" (#249)
+ * Cargo.lock: bump dependencies (#248)
+ * Cargo.lock: bump dependencies (#87)
+ * v0.22.1 (#247)
+ * Refactor Advisory type handling (#246)
+ * Bump handlebars from 3.5.0 to 3.5.1 (#84)
+ * Bump toml from 0.5.6 to 0.5.7 (#85)
+ * v0.3.0 (#86)
+ * Bump `rustsec` crate dependency to v0.22 (#83)
+ * v0.22.0 (#245)
+ * Bump `cargo-lock` to v6; `semver` to v0.11 (#244)
+ * Remove more V2 advisory format vestiges (#243)
+ * Remove support for the V2 advisory format (#242)
+ * v0.3.0-pre3 (#82)
+ * assign-id: fix TOML front matter parsing (#81)
+ * v0.3.0-pre2 (#80)
+ * Attempt to fix `assign-id` command (#79)
+ * v0.22.0-pre3 (#241)
+ * advisory: mark the `parser` module as `pub` (#240)
+ * Bump thiserror from 1.0.20 to 1.0.21 (#74)
+ * Bump rustsec from 0.22.0-pre to 0.22.0-pre2 (#78)
+ * Bump thiserror from 1.0.20 to 1.0.21 (#232)
+ * clippy fixes (#77)
+ * Bump cargo-edit from 0.6.0 to 0.7.0 (#231)
+ * v0.22.0-pre2 (#239)
+ * advisory/linter: make V2 advisories fail (#238)
+ * Bump crates-index from 0.15.4 to 0.16.0 (#237)
+ * CI: ignore RUSTSEC-2020-0053 (dirs unmaintained) (#236)
+ * Bump toml from 0.5.6 to 0.5.7 (#233)
+ * Bump toml from 0.5.6 to 0.5.7 (#85)
+ * v0.3.0-pre (#73)
+ * Bump `rustsec` crate to v0.22.0-pre (#72)
+ * v0.22.0-pre (#230)
+ * advisory: laxer function path handling (#229)
+ * linter: fully deprecate `obsolete` in favor of `yanked` (#228)
+ * advisory: `markdown` feature and `Advisory::description_html` (#227)
+ * Refactor changes from `fetch` feature (#213) (#226)
+ * linter: add support for V3 advisory format (#225)
+ * Bump chrono from 0.4.15 to 0.4.19 (#224)
+ * cargo fmt
+ * Linter: correctly handle crates with dashes in names
+ * v6.0.0 (#84)
+ * Bump semver from 0.10.0 to 0.11.0 (#83)
+ * Bump handlebars from 3.3.0 to 3.5.0 (#69)
+ * Bump `cargo-lock` to v5.0; semver to v0.10; MSRV 1.41+ (#217)
+ * v5.0.0 (#82)
+ * rustdoc fixups (#81)
+ * README.md: switch chat badge to Zulip (#80)
+ * 5.0.0-rc (#79)
+ * Add `docsrs` cfg (#78)
+ * Support for listing a single dependency (#77)
+ * Implement/extract Cargo-compatible serializer (#76)
+ * Add `--dependencies` and `--sources` flags to `cargo lock list` (#75)
+ * Implement `cargo lock tree` without arguments (#74)
+ * Add `dependency::Tree::roots()` method (#73)
+ * bin: make `list` the default command (#72)
++++ 387 more lines (skipped)
++++ between /work/SRC/openSUSE:Factory/cargo-audit/cargo-audit.changes
++++ and /work/SRC/openSUSE:Factory/.cargo-audit.new.2625/cargo-audit.changes
Old:
----
rustsec-0.14.1~git0.e46dce8.tar.xz
New:
----
rustsec-0.15.0~git0.16c8aa4.tar.xz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cargo-audit.spec ++++++
--- /var/tmp/diff_new_pack.m9AYN8/_old 2021-07-07 18:31:27.722528421 +0200
+++ /var/tmp/diff_new_pack.m9AYN8/_new 2021-07-07 18:31:27.722528421 +0200
@@ -20,7 +20,7 @@
%global workspace_name rustsec
Name: cargo-audit
-Version: 0.14.1~git0.e46dce8
+Version: 0.15.0~git0.16c8aa4
Release: 0
Summary: Audit rust sources for known security vulnerabilities
License: License: ( 0BSD OR MIT OR Apache-2.0 ) AND ( Apache-2.0 OR
BSL-1.0 ) AND ( Apache-2.0 OR MIT ) AND ( Apache-2.0 WITH LLVM-exception OR
Apache-2.0 OR MIT ) AND ( MIT OR Zlib OR Apache-2.0 ) AND ( Unlicense OR MIT )
AND ( Zlib OR Apache-2.0 OR MIT ) AND Apache-2.0 AND BSD-2-Clause AND
BSD-3-Clause AND CC0-1.0 AND MIT AND MPL-2.0 AND MPL-2.0+
@@ -31,6 +31,7 @@
Source2: cargo_config
BuildRequires: cargo
+BuildRequires: pkgconfig(libgit2)
BuildRequires: pkgconfig(openssl)
ExcludeArch: s390 s390x ppc ppc64 ppc64le %ix86
++++++ _service ++++++
--- /var/tmp/diff_new_pack.m9AYN8/_old 2021-07-07 18:31:27.766528076 +0200
+++ /var/tmp/diff_new_pack.m9AYN8/_new 2021-07-07 18:31:27.766528076 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/RustSec/rustsec.git</param>
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
<param name="scm">git</param>
- <param name="revision">cargo-audit/v0.14.1</param>
+ <param name="revision">cargo-audit/v0.15.0</param>
<param name="match-tag">cargo-audit*</param>
<param name="versionrewrite-pattern">.*v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
@@ -22,6 +22,6 @@
</service>
<service name="cargo_audit" mode="disabled">
<param name="srcdir">rustsec</param>
- <!-- <param name="lockfile">rustsec/cargo-audit/Cargo.lock</param> -->
+ <param name="lockfile">Cargo.lock</param>
</service>
</services>
++++++ rustsec-0.14.1~git0.e46dce8.tar.xz -> rustsec-0.15.0~git0.16c8aa4.tar.xz
++++++
/work/SRC/openSUSE:Factory/cargo-audit/rustsec-0.14.1~git0.e46dce8.tar.xz
/work/SRC/openSUSE:Factory/.cargo-audit.new.2625/rustsec-0.15.0~git0.16c8aa4.tar.xz
differ: char 15, line 1
++++++ vendor.tar.xz ++++++
/work/SRC/openSUSE:Factory/cargo-audit/vendor.tar.xz
/work/SRC/openSUSE:Factory/.cargo-audit.new.2625/vendor.tar.xz differ: char 26,
line 1
