commit grafana for openSUSE:Factory

Source-Sync Thu, 16 Feb 2023 08:03:26 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package grafana for openSUSE:Factory checked 
in at 2023-02-16 17:03:12
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grafana (Old)
 and      /work/SRC/openSUSE:Factory/.grafana.new.22824 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "grafana"

Thu Feb 16 17:03:12 2023 rev:40 rq:1066204 version:8.5.20

Changes:
--------
--- /work/SRC/openSUSE:Factory/grafana/grafana.changes  2023-02-07 
18:49:53.715392937 +0100
+++ /work/SRC/openSUSE:Factory/.grafana.new.22824/grafana.changes       
2023-02-16 17:03:14.396527186 +0100
@@ -1,0 +2,7 @@
+Wed Feb 15 08:35:28 UTC 2023 - Witek Bedyk <witold.be...@suse.com>
+
+- Add 0002-Update-exporter-toolkit-to-version-0.7.3.patch
+  (bsc#1208065, CVE-2022-46146)
+- Require Go 1.19 or newer
+
+-------------------------------------------------------------------

New:
----
  0002-Update-exporter-toolkit-to-version-0.7.3.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ grafana.spec ++++++
--- /var/tmp/diff_new_pack.eQLlun/_old  2023-02-16 17:03:17.124537897 +0100
+++ /var/tmp/diff_new_pack.eQLlun/_new  2023-02-16 17:03:17.128537913 +0100
@@ -36,11 +36,13 @@
 # Makefile to automate build process
 Source4:        Makefile
 Source5:        0001-Add-source-code-reference.patch
+# CVE-2022-46146 bsc#1208065
+Patch0:         0002-Update-exporter-toolkit-to-version-0.7.3.patch
 BuildRequires:  fdupes
 BuildRequires:  git-core
 BuildRequires:  golang-packaging
 BuildRequires:  wire
-BuildRequires:  golang(API) >= 1.17
+BuildRequires:  golang(API) >= 1.19
 Requires(post): %fillup_prereq
 Requires:       group(grafana)
 Requires:       user(grafana)
@@ -61,6 +63,7 @@
 %prep
 %setup -q -n grafana-%{version}
 %setup -q -T -D -a 1 -n grafana-%{version}
+%patch0 -p1
 
 %build
 %goprep github.com/grafana/grafana

++++++ 0002-Update-exporter-toolkit-to-version-0.7.3.patch ++++++
From: Witek Bedyk <witold.be...@suse.com>
Subject: [PATCH] Update exporter-toolkit to version 0.7.3

---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 2572cebe7e..91829bc695 100644
--- a/go.mod
+++ b/go.mod
@@ -218,7 +218,7 @@ require (
        github.com/opentracing-contrib/go-stdlib v1.0.0 // indirect
        github.com/pmezard/go-difflib v1.0.0 // indirect
        github.com/prometheus/common/sigv4 v0.1.0 // indirect
-       github.com/prometheus/exporter-toolkit v0.7.0 // indirect
+       github.com/prometheus/exporter-toolkit v0.7.3 // indirect
        github.com/prometheus/node_exporter 
v1.0.0-rc.0.0.20200428091818-01054558c289 // indirect
        github.com/prometheus/procfs v0.7.3 // indirect
        github.com/protocolbuffers/txtpbfmt v0.0.0-20201118171849-f6a6b3f636fc 
// indirect
-- 
2.35.3


++++++ Makefile ++++++
--- /var/tmp/diff_new_pack.eQLlun/_old  2023-02-16 17:03:17.200538195 +0100
+++ /var/tmp/diff_new_pack.eQLlun/_new  2023-02-16 17:03:17.208538227 +0100
@@ -24,7 +24,12 @@
        cd $$basename && \
        # Patches for the JS frontend go after here \
        patch --no-backup-if-mismatch -p1 -i 
../../0001-Add-source-code-reference.patch && \
+       patch --no-backup-if-mismatch -p1 -i 
../../0002-Update-exporter-toolkit-to-version-0.7.3.patch && \
        # End patches section \
+       go mod download && \
+       go mod verify && \
+       go mod vendor && \
+       tar --format=posix -cf ../../vendor.tar vendor && \
        # avoid ".git can't be found" \
        git init && \
        # avoid "FATAL ERROR: Ineffective mark-compacts near heap limit 
Allocation failed - JavaScript heap out of memory" \
@@ -36,5 +41,6 @@
        tar -rf ../$$tar $$basename/public && \
        cd .. && \
        gzip $$tar && \
+       gzip -f vendor.tar && \
        rm -rf $$tmpdir
 

++++++ _service ++++++
--- /var/tmp/diff_new_pack.eQLlun/_old  2023-02-16 17:03:17.252538400 +0100
+++ /var/tmp/diff_new_pack.eQLlun/_new  2023-02-16 17:03:17.256538415 +0100
@@ -15,6 +15,5 @@
   <service name="set_version" mode="disabled">
     <param name="basename">grafana</param>
   </service>
-  <service name="go_modules" mode="disabled"/>
 </services>
 

++++++ grafana-8.5.20.tar.gz ++++++
/work/SRC/openSUSE:Factory/grafana/grafana-8.5.20.tar.gz 
/work/SRC/openSUSE:Factory/.grafana.new.22824/grafana-8.5.20.tar.gz differ: 
char 5, line 1

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/grafana/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.grafana.new.22824/vendor.tar.gz differ: char 5, 
line 1

commit grafana for openSUSE:Factory

Reply via email to