Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package yast2 for openSUSE:Factory checked
in at 2022-10-10 18:43:43
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/yast2 (Old)
and /work/SRC/openSUSE:Factory/.yast2.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "yast2"
Mon Oct 10 18:43:43 2022 rev:541 rq:1008736 version:4.5.16
Changes:
--------
--- /work/SRC/openSUSE:Factory/yast2/yast2.changes 2022-09-30
17:57:22.669195174 +0200
+++ /work/SRC/openSUSE:Factory/.yast2.new.2275/yast2.changes 2022-10-10
18:43:54.602784388 +0200
@@ -1,0 +2,7 @@
+Thu Oct 6 13:48:28 UTC 2022 - Josef Reidinger <jreidin...@suse.com>
+
+- add Yast::ReducedRecorder for Cheetah to filter out certain streams to
+ be able to not log sensitive information (bsc#1201962)
+- 4.5.16
+
+-------------------------------------------------------------------
Old:
----
yast2-4.5.15.tar.bz2
New:
----
yast2-4.5.16.tar.bz2
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ yast2.spec ++++++
--- /var/tmp/diff_new_pack.28wWfi/_old 2022-10-10 18:43:55.382786067 +0200
+++ /var/tmp/diff_new_pack.28wWfi/_new 2022-10-10 18:43:55.390786084 +0200
@@ -17,7 +17,7 @@
Name: yast2
-Version: 4.5.15
+Version: 4.5.16
Release: 0
Summary: YaST2 Main Package
++++++ yast2-4.5.15.tar.bz2 -> yast2-4.5.16.tar.bz2 ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/yast2-4.5.15/library/general/src/lib/installation/proposal_client.rb
new/yast2-4.5.16/library/general/src/lib/installation/proposal_client.rb
--- old/yast2-4.5.15/library/general/src/lib/installation/proposal_client.rb
2022-09-28 16:02:19.000000000 +0200
+++ new/yast2-4.5.16/library/general/src/lib/installation/proposal_client.rb
2022-10-07 11:03:03.000000000 +0200
@@ -172,10 +172,6 @@
# This module just caused a change of the root partition.
# This is only relevant for the "root part" module.
#
- # * **`"help"`** [String, nil] ---
- # Help text for this module which appears in the standard dialog
- # help (particular helps for modules sorted by presentation order).
- #
# * **`"trigger"`** [Hash, nil] defines circumstances when the proposal
# should be called again at the end. For instance, when partitioning or
# software selection changes. Mandatory keys of the trigger are:
@@ -273,6 +269,10 @@
# A programmer-readable unique identifier for this section. This is not
# auto-generated to keep the log file readable.
#
+ # * **`"help"`** [String, nil] ---
+ # Help text for this module which appears in the standard dialog
+ # help (particular helps for modules sorted by presentation order).
+ #
# This map may be empty. In this case, this proposal section will
silently
# be ignored. Proposal modules may use this if there is no useful
proposal
# at all. Use with caution - this may be confusing for the user.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-4.5.15/library/system/src/lib/yast2/execute.rb
new/yast2-4.5.16/library/system/src/lib/yast2/execute.rb
--- old/yast2-4.5.15/library/system/src/lib/yast2/execute.rb 2022-09-28
16:02:19.000000000 +0200
+++ new/yast2-4.5.16/library/system/src/lib/yast2/execute.rb 2022-10-07
11:03:03.000000000 +0200
@@ -32,6 +32,9 @@
# It also globally switches the default Cheetah logger to
# {http://www.rubydoc.info/github/yast/yast-ruby-bindings/Yast%2FLogger
Y2Logger}.
#
+ # To limit logging sensitive input/output/arguments,
+ # you can pass a {ReducedRecorder} as the *recorder* option.
+ #
# @example Methods of this class can be chained.
#
# Yast::Execute.locally!.stdout("ls", "-l")
@@ -245,4 +248,31 @@
""
end
end
+
+ # specific recorder which can be used when some sensitive information that
+ # should not go to log
+ class ReducedRecorder < Cheetah::DefaultRecorder
+ # @param skip [Array<Symbol>|Symbol] possible symbols are `:stdin`,
+ # `:stdout`, `:stderr` and `:args`. Those streams won't be recorded.
+ def initialize(skip: [], logger: Y2Logger.instance)
+ super(logger)
+
+ skip = Array(skip)
+
+ skip.each do |m|
+ method = PARAM_MAPPING[m]
+ raise ArgumentError, "Invalid value '#{m.inspect}'" unless method
+
+ define_singleton_method(method) { |_| } # intentionally empty
+ end
+ end
+
+ PARAM_MAPPING = {
+ stdin: :record_stdin,
+ stdout: :record_stdout,
+ stderr: :record_stderr,
+ args: :record_commands
+ }.freeze
+ private_constant :PARAM_MAPPING
+ end
end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-4.5.15/library/system/test/execute_test.rb
new/yast2-4.5.16/library/system/test/execute_test.rb
--- old/yast2-4.5.15/library/system/test/execute_test.rb 2022-09-28
16:02:19.000000000 +0200
+++ new/yast2-4.5.16/library/system/test/execute_test.rb 2022-10-07
11:03:03.000000000 +0200
@@ -148,3 +148,37 @@
end
end
end
+
+describe Yast::ReducedRecorder do
+ let(:logger) { double(debug: nil, info: nil, warn: nil, error: nil) }
+
+ it "skips logging stdin if :stdin is passed" do
+ expect(logger).to_not receive(:info).with(/secret/i)
+ recorder = described_class.new(skip: :stdin, logger: logger)
+
+ Yast::Execute.locally!("echo", stdin: "secret", recorder: recorder)
+ end
+
+ it "skips logging stdout if :stdout is passed" do
+ expect(logger).to_not receive(:info).with(/secret/i)
+ recorder = described_class.new(skip: [:stdout, :args], logger: logger)
+
+ Yast::Execute.locally!("echo", "secret", recorder: recorder)
+ end
+
+ it "skips logging stderr if :stderr is passed" do
+ expect(logger).to_not receive(:error).with(/secret/i)
+ recorder = described_class.new(skip: [:stderr, :args], logger: logger)
+
+ Yast::Execute.locally!("cat", "/dev/supersecretfile", recorder: recorder,
+ allowed_exitstatus: 1)
+ end
+
+ it "skips logging of arguments if :args are passed" do
+ expect(logger).to_not receive(:info).with(/secret/i)
+ recorder = described_class.new(skip: [:args], logger: logger)
+
+ Yast::Execute.locally!("false", "secret", recorder: recorder,
+ allowed_exitstatus: 1)
+ end
+end
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-4.5.15/package/yast2.changes
new/yast2-4.5.16/package/yast2.changes
--- old/yast2-4.5.15/package/yast2.changes 2022-09-28 16:02:19.000000000
+0200
+++ new/yast2-4.5.16/package/yast2.changes 2022-10-07 11:03:03.000000000
+0200
@@ -1,4 +1,11 @@
-------------------------------------------------------------------
+Thu Oct 6 13:48:28 UTC 2022 - Josef Reidinger <jreidin...@suse.com>
+
+- add Yast::ReducedRecorder for Cheetah to filter out certain streams to
+ be able to not log sensitive information (bsc#1201962)
+- 4.5.16
+
+-------------------------------------------------------------------
Wed Sep 28 12:22:59 UTC 2022 - Ancor Gonzalez Sosa <an...@suse.com>
- Better detection of YaST2 Journal (related to bsc#1199840).
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/yast2-4.5.15/package/yast2.spec
new/yast2-4.5.16/package/yast2.spec
--- old/yast2-4.5.15/package/yast2.spec 2022-09-28 16:02:19.000000000 +0200
+++ new/yast2-4.5.16/package/yast2.spec 2022-10-07 11:03:03.000000000 +0200
@@ -17,7 +17,7 @@
Name: yast2
-Version: 4.5.15
+Version: 4.5.16
Release: 0
Summary: YaST2 Main Package
