commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package guava for openSUSE:Factory checked in at 2024-06-12 15:39:25 Comparing /work/SRC/openSUSE:Factory/guava (Old) and /work/SRC/openSUSE:Factory/.guava.new.19518 (New) Package is "guava" Wed Jun 12 15:39:25 2024 rev:13 rq:1180163 version:33.2.1 Changes: --- /work/SRC/openSUSE:Factory/guava/guava.changes 2024-04-18 22:13:15.742928514 +0200 +++ /work/SRC/openSUSE:Factory/.guava.new.19518/guava.changes 2024-06-12 15:40:20.702576990 +0200 @@ -1,0 +2,56 @@ +Wed Jun 12 10:14:08 UTC 2024 - Fridrich Strba + +- Upgrade to guava 33.2.1 + * Changes of version 33.2.1 ++ net: Changed InetAddress-String conversion methods to preserve + the IPv6 scope ID if present. The scope ID can be necessary + for IPv6-capable devices with multiple network interfaces. + However, preserving it can also lead to problems for callers + that rely on the returned values not to include the scope ID: + - Callers might compensate for the old behavior of the methods +by appending the scope ID to a returned string themselves. +If so, you can update your code to stop doing so at the same +time as you upgrade Guava. Of, if your code might run +against multiple versions of Guava, you can check whether +Guava has included a scope ID before you add one yourself. + - Callers might pass the returned string to another system +that does not understand scope IDs. If so, you can strip the +scope ID off, whether by truncating the string form at a % +character (leaving behind any trailing ] character in the +case of forUriString) or by replacing the returned +InetAddress with a new instance constructed by calling +InetAddress.getByAddress(addr). + - java.net.InetAddress validates any provided scope ID against +the interfaces available on the machine. As a result, +methods in InetAddresses may now fail if the scope ID fails +validation. +* Notable cases in which this may happen include: + - if the code runs in an Android app without networking +permission + - if code passes InetAddress instances or strings across +devices +* If this is not the behavior that you want, then you can + strip off the scope ID from the input string before + passing it to Guava, as discussed above. + * Changes of version 33.2.0 ++ Dropped testing for Android versions before Lollipop (API + Level 21). Guava may stop working under older versions in + the future, or it may have done so already. ++ Fixed a GWT compilation breakage under Gradle. ++ collect: Made our Collector APIs (e.g., + ImmutableList.toImmutableList()) available in guava-android. + More Java 8 APIs will follow in future releases. + - As always, streams are available to Android code only when +that code enables library desugaring or targets a new enough +API Level (24 (Nougat) for many stream APIs). (But note that +we test only with library desugaring, so we don't currently +know if API Level 24 is high enough to use our Collector +APIs unless you have also enabled library desugaring.) Guava +users who avoid the Collector APIs do not need to meet this +requirement. ++ collect: Fixed a potential NullPointerException in + ImmutableMap.Builder on a rare code path. ++ net: Added HttpHeaders constants Ad-Auction-Allowed, + Permissions-Policy-Report-Only, and Sec-GPC. + +--- Old: v33.1.0.tar.gz New: v33.2.1.tar.gz Other differences: -- ++ guava.spec ++ --- /var/tmp/diff_new_pack.Kn7Q8m/_old 2024-06-12 15:40:21.254597213 +0200 +++ /var/tmp/diff_new_pack.Kn7Q8m/_new 2024-06-12 15:40:21.258597359 +0200 @@ -17,7 +17,7 @@ Name: guava -Version:33.1.0 +Version:33.2.1 Release:0 Summary:Google Core Libraries for Java License:Apache-2.0 AND CC0-1.0 ++ v33.1.0.tar.gz -> v33.2.1.tar.gz ++ 10173 lines of diff (skipped)
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package guava for openSUSE:Factory checked in at 2024-04-18 22:12:11 Comparing /work/SRC/openSUSE:Factory/guava (Old) and /work/SRC/openSUSE:Factory/.guava.new.26366 (New) Package is "guava" Thu Apr 18 22:12:11 2024 rev:12 rq:1168638 version:33.1.0 Changes: --- /work/SRC/openSUSE:Factory/guava/guava.changes 2024-03-13 22:20:17.932076216 +0100 +++ /work/SRC/openSUSE:Factory/.guava.new.26366/guava.changes 2024-04-18 22:13:15.742928514 +0200 @@ -1,0 +2,118 @@ +Wed Apr 17 16:34:39 UTC 2024 - Fridrich Strba + +- Upgrade to guava 33.1.0 + * Changes of version 33.1.0: ++ Updated our Error Prone dependency to 2.26.1, which includes + a JPMS-ready jar of annotations. If you use the Error Prone + annotations in a modular build of your own code, you may need + to add a requires line for them. ++ base: Added a Duration overload for + Suppliers.memoizeWithExpiration. ++ base: Deprecated the remaining two overloads of + Throwables.propagateIfPossible. They won't be deleted, but we + recommend migrating off them. ++ cache: Fixed a bug that could cause false "recursive load" + reports during refresh. ++ graph: Changed the return types of transitiveClosure() and + reachableNodes() to Immutable* types. reachableNodes() already + returned an immutable object (even though that was not + reflected in the declared return type); transitiveClosure() + used to return a mutable object. The old signatures remain + available, so this change does not break binary compatibility. ++ graph: Changed the behavior of views returned by graph + accessor methods that take a graph element as input: They now + throw IllegalStateException when that element is removed from + the graph. ++ hash: Optimized Checksum-based hash functions for Java 9+. ++ testing: Exposed FakeTicker Duration methods to Android users. ++ util.concurrent: Deprecated the constructors of + UncheckedExecutionException and ExecutionError that don't + accept a cause. We won't remove these constructors, but we + recommend migrating off them, as users of those classes often + assume that instances will contain a cause. ++ util.concurrent: Improved the correctness of racy accesses for + J2ObjC users. + * Changes of version 33.0.0: ++ This version of guava-android contains some package-private + methods whose signature includes the Java 8 Collector API. + This is a test to identify any problems before we expose those + methods publicly to users. Please report any problems that you + encounter. ++ Changed various classes to catch Exception instead of + RuntimeException even when only RuntimeException is + theoretically possible. This can help code that throws + undeclared exceptions, as some bytecode rewriters (e.g., + Robolectric) and languages (e.g., Kotlin) do. ++ Added an Automatic-Module-Name to failureaccess, Guava's one + strong runtime dependency. ++ reflect: In guava-android only, removed + Invokable.getAnnotatedReturnType() and + Parameter.getAnnotatedType(). These methods never worked in an + Android VM, and to reflect that, they were born @Deprecated, + @Beta, and @DoNotCall. They're now preventing us from rolling + out some new Android compatibility testing. This is the only + binary-incompatible change in this release, and it should have + no effect in practice. Still, we bump the major version number + to follow Semantic Versioning. ++ util.concurrent: Changed our implementations to avoid eagerly + initializing loggers during class loading. This can help + performance, especially under Android. + * Changes of version 32.1.3: ++ Changed Gradle Metadata to include dependency versions + directly. This may address "Could not find some-dependency" + errors that some users have reported (which might be a result + of users' excluding guava-parent). ++ collect: Changed Multisets.unmodifiableMultiset(set) + .removeIf(predicate) to throw an exception always, even if + nothing matches predicate. ++ graph: Fixed the behavior of Graph/ValueGraph views for a node + when that node is removed from the graph. ++ io: Fixed Files.createTempDir and FileBackedOutputStream under + Windows services, a rare use case. (The fix actually covers + only Java 9+ because Java 8 would require an additional + approach. Let us know if you need support under Java 8.) ++ net: Made MediaType.parse allow and skip over whitespace + around the / and = separator tokens in addition to the ; + separator, for which it was
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package guava for openSUSE:Factory checked
in at 2024-03-13 22:19:21
Comparing /work/SRC/openSUSE:Factory/guava (Old)
and /work/SRC/openSUSE:Factory/.guava.new.1770 (New)
Package is "guava"
Wed Mar 13 22:19:21 2024 rev:11 rq:1157419 version:32.0.1
Changes:
--- /work/SRC/openSUSE:Factory/guava/guava.changes 2024-02-22
20:58:54.332018102 +0100
+++ /work/SRC/openSUSE:Factory/.guava.new.1770/guava.changes2024-03-13
22:20:17.932076216 +0100
@@ -1,0 +2,5 @@
+Tue Mar 12 18:57:05 UTC 2024 - Fridrich Strba
+
+- Fix version mismatch in the ant build files.
+
+---
Other differences:
--
++ guava-build.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/common.xml new/common.xml
--- old/common.xml 2023-06-15 15:14:12.153667258 +0200
+++ new/common.xml 2024-03-12 19:51:46.831190765 +0100
@@ -3,9 +3,10 @@
-
+
-
+
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/guava/build.xml new/guava/build.xml
--- old/guava/build.xml 2021-05-10 20:21:25.778710719 +0200
+++ new/guava/build.xml 2024-03-12 19:55:31.971831344 +0100
@@ -228,13 +228,13 @@
-
-
+
+
-
+
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/guava-testlib/build.xml new/guava-testlib/build.xml
--- old/guava-testlib/build.xml 2021-05-10 17:41:35.613376965 +0200
+++ new/guava-testlib/build.xml 2024-03-12 19:50:50.967697439 +0100
@@ -61,6 +61,7 @@
optimize="false"
deprecation="true"
encoding="UTF-8"
+ release="${compiler.release}"
target="${compiler.target}"
verbose="false"
fork="false"
@@ -92,6 +93,7 @@
optimize="false"
deprecation="true"
encoding="UTF-8"
+ release="${compiler.release}"
target="${compiler.target}"
verbose="false"
fork="false"
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package guava for openSUSE:Factory checked
in at 2023-06-16 16:54:40
Comparing /work/SRC/openSUSE:Factory/guava (Old)
and /work/SRC/openSUSE:Factory/.guava.new.15902 (New)
Package is "guava"
Fri Jun 16 16:54:40 2023 rev:9 rq:1093336 version:32.0.1
Changes:
--- /work/SRC/openSUSE:Factory/guava/guava.changes 2022-05-25
20:35:13.500283134 +0200
+++ /work/SRC/openSUSE:Factory/.guava.new.15902/guava.changes 2023-06-16
16:55:47.402042224 +0200
@@ -1,0 +2,54 @@
+Thu Jun 15 13:20:35 UTC 2023 - Fridrich Strba
+
+- Upgrade to guava 32.0.1
+ * Security fixes:
++ Reimplemented Files.createTempDir and FileBackedOutputStream
+ to further address CVE-2020-8908 (#4011, bsc#1179926) and
+ CVE-2023-2976 (#2575, bsc#1212401)
+ * Fixes:
++ io: Fixed Files.createTempDir and FileBackedOutputStream under
+ Windows, which broke as part of the security fix in release
+ 32.0.0
++ Removed @Beta from almost all APIs. Most of the remaining
+ @Beta APIs are in graph and hash.
++ Enhanced the Guava jar to include Proguard configurations that
+ are picked up automatically by the Android Gradle Plugin. This
+ should help with warnings that were promoted to errors in
+ Android Gradle Plugin 8.x.
++ Enhanced the Guava jar to include information about method
+ parameters in its class files. If you use static analyzers
+ that look at method-parameter names, you may see new warnings
+ or errors if they are now able to detect mismatches. But
+ mostly, you may see better tooltips and autocompletion in
+ DEs.
++ Improved nullness annotations on a few classes.
++ Modified classes with "serial proxies" to declare
+ exception-throwing readObject methods, in accordance with best
+ practice.
++ collect: Fixed Maps.newHashMapWithExpectedSize to stop
+ allocating maps that were larger than they needed to be.
++ collect: Made various APIs work J2CL:
+ Maps.immutableEnumMap+toImmutableEnumMap, EnumMultiset,
+ CollectorTester. Previously, the APIs were present but failed
+ at runtime.
++ collect: Optimized memory usage for Interner and MapMaker.
++ graph: Changed directed graphs to reject attempts to add
+ undirected edges.
++ io: Added BaseEncoding.ignoreCase() to support
+ case-insensitive decoding.
++ net: Added HttpHeaders constants:
+ ~ No-Vary-Search
+ ~ Sec-CH-DPR
+ ~ Sec-CH-UA-Wow64
+ ~ Sec-CH-Viewport-Width and Sec-CH-Viewport-Height
+ ~ Supports-Loading-Mode
++ net: Added the MediaType constant for JWT.
++ primitives: Added rotate() for arrays of all primitive types.
++ util.concurrent: Changed AbstractFuture to run
+ interruptTask() just before afterDone(). Until this change, it
+ ran slightly earlier than that: We used to run it before
+ unblocking any pending get() calls, and now we run it after.
++ util.concurrent: Fixed some cases in which we could catch
+ InterruptedException but fail to restore the interrupt bit.
+
+---
Old:
v31.1.tar.gz
New:
v32.0.1.tar.gz
Other differences:
--
++ guava.spec ++
--- /var/tmp/diff_new_pack.1YXPyI/_old 2023-06-16 16:55:47.978045622 +0200
+++ /var/tmp/diff_new_pack.1YXPyI/_new 2023-06-16 16:55:47.982045646 +0200
@@ -1,7 +1,7 @@
#
# spec file for package guava
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: guava
-Version:31.1
+Version:32.0.1
Release:0
Summary:Google Core Libraries for Java
License:Apache-2.0 AND CC0-1.0
@@ -118,11 +118,11 @@
%files -f .mfiles
%doc CONTRIBUTORS README*
-%license COPYING
+%license LICENSE
%files javadoc
%{_javadocdir}/%{name}
-%license COPYING
+%license LICENSE
%files testlib -f .mfiles-guava-testlib
++ guava-build.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/common.xml new/common.xml
--- old/common.xml 2022-05-17 02:33:57.060608131 +0200
+++ new/common.xml 2023-06-15 15:14:12.153667258 +0200
@@ -3,7 +3,7 @@
-
+
++ v31.1.tar.gz -> v32.0.1.tar.gz ++
108051 lines of diff (skipped)
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package guava for openSUSE:Factory checked in at 2022-05-25 20:34:43 Comparing /work/SRC/openSUSE:Factory/guava (Old) and /work/SRC/openSUSE:Factory/.guava.new.2254 (New) Package is "guava" Wed May 25 20:34:43 2022 rev:8 rq:979202 version:31.1 Changes: --- /work/SRC/openSUSE:Factory/guava/guava.changes 2022-05-19 22:49:36.322356833 +0200 +++ /work/SRC/openSUSE:Factory/.guava.new.2254/guava.changes2022-05-25 20:35:13.500283134 +0200 @@ -4,0 +5,44 @@ + * Fixes: ++ base: Deprecated the Throwables methods lazyStackTrace and + lazyStackTraceIsLazy. They are no longer useful on any current + platform. ++ collect: Added a new method + ImmutableMap.Builder.buildKeepingLast(), which keeps the last + value for any given key rather than throwing an exception when + a key appears more than once. ++ collect: As a side-effect of the buildKeepingLast() change, + the idiom + ImmutableList.copyOf(Maps.transformValues(map, function)) + may produce different results if function has side-effects. ++ hash: Added Hashing.fingerprint2011(). ++ io: Changed ByteStreams.nullOutputStream() to follow the + contract of OutputStream.write by throwing an exception if + the range of bytes is out of bounds. ++ net: Added @CheckReturnValue to the package (with a few + exceptions). ++ net: Added HttpHeaders constant for + Access-Control-Allow-Private-Network. ++ util.concurrent: Added accumulate/update methods for + AtomicDouble and AtomicDoubleArray. + * APIs promoted from @Beta: ++ base: Throwables methods getCausalChain and getCauseAs ++ collect: Streams methods mapWithIndex and findLast ++ collect: the remaining methods in Comparators: min, max, + lexicographical, emptiesFirst, emptiesLast, isInOrder, + isInStrictOrder ++ escape: various APIs ++ io: various APIs in Files ++ net: various APIs ++ reflect: various APIs ++ testlib: various APIs ++ util.concurrent: AsyncCallable, ListenableScheduledFuture, + and ClosingFuture ++ util.concurrent: ExecutionSequencer, + MoreExecutors.newSequentialExecutor, and Monitor ++ util.concurrent: Futures methods: submit, submitAsync, + scheduleAsync, nonCancellationPropagating, inCompletionOrder ++ util.concurrent: Uninterruptibles: + awaitTerminationUninterruptibly and the Duration overloads in + the class ++ util.concurrent: the FluentFuture type, its factory methods, + and addCallback @@ -19,0 +64,8 @@ + * Fixes: ++ cache: Fixed compatibility between asMap().compute(...) + and a load. ++ cache: Added @CheckReturnValue to some APIs. ++ collect: Added @DoNotCall to the mutator methods on immutable + types ++ hash: Removed @Beta from HashCode. ++ io: Removed @Beta from CountingOutputStream. Other differences: --
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package guava for openSUSE:Factory checked
in at 2022-05-19 22:49:23
Comparing /work/SRC/openSUSE:Factory/guava (Old)
and /work/SRC/openSUSE:Factory/.guava.new.1538 (New)
Package is "guava"
Thu May 19 22:49:23 2022 rev:7 rq:977988 version:31.1
Changes:
--- /work/SRC/openSUSE:Factory/guava/guava.changes 2022-03-11
21:42:02.442106270 +0100
+++ /work/SRC/openSUSE:Factory/.guava.new.1538/guava.changes2022-05-19
22:49:36.322356833 +0200
@@ -1,0 +2,10 @@
+Wed May 18 17:26:01 UTC 2022 - Fridrich Strba
+
+- Upgrade to guava 31.1
+ * Remove the hack of removing annotations, since we have now
+all the required dependencies packaged
+- Removed patch:
+ * donotmock.patch
++ hack not needed any more
+
+---
Old:
donotmock.patch
v30.1.1.tar.gz
New:
v31.1.tar.gz
Other differences:
--
++ guava.spec ++
--- /var/tmp/diff_new_pack.WyfXuA/_old 2022-05-19 22:49:37.290358074 +0200
+++ /var/tmp/diff_new_pack.WyfXuA/_new 2022-05-19 22:49:37.290358074 +0200
@@ -17,7 +17,7 @@
Name: guava
-Version:30.1.1
+Version:31.1
Release:0
Summary:Google Core Libraries for Java
License:Apache-2.0 AND CC0-1.0
@@ -25,9 +25,11 @@
URL:https://github.com/google/guava
Source0:https://github.com/google/guava/archive/v%{version}.tar.gz
Source1:%{name}-build.tar.xz
-Patch0: donotmock.patch
BuildRequires: ant
+BuildRequires: checker-qual
BuildRequires: fdupes
+BuildRequires: google-errorprone-annotations
+BuildRequires: j2objc-annotations
BuildRequires: javapackages-local
BuildRequires: jsr-305
BuildRequires: junit
@@ -52,8 +54,6 @@
%package testlib
Summary:The guava-testlib artifact
Group: Development/Libraries/Java
-Requires: mvn(com.google.code.findbugs:jsr305)
-Requires: mvn(com.google.guava:guava)
Requires: mvn(junit:junit)
%description testlib
@@ -61,7 +61,6 @@
%prep
%setup -q -a1
-%patch0 -p1
find . -name '*.jar' -delete
@@ -74,29 +73,9 @@
%pom_xpath_inject
/pom:project/pom:build/pom:plugins/pom:plugin/pom:configuration/pom:instructions
"<_nouses>true" guava/pom.xml
-%pom_remove_dep -r :error_prone_annotations
-%pom_remove_dep -r :j2objc-annotations
-%pom_remove_dep -r org.checkerframework:
-
%pom_remove_dep -r :listenablefuture
%pom_remove_dep -r :failureaccess
-annotations=$(
-find -name '*.java' \
-| xargs grep -F -h \
--e 'import com.google.j2objc.annotations' \
--e 'import com.google.errorprone.annotation' \
--e 'import org.codehaus.mojo.animal_sniffer' \
--e 'import org.checkerframework' \
-| sort -u \
-| sed 's/.*\.\([^.]*\);/\1/' \
-| paste -sd\|
-)
-# guava started using quite a few annotation libraries for code quality, which
-# we don't have. This ugly regex is supposed to remove their usage from the
code
-find -name '*.java' | xargs sed -ri \
-"s/^import
.*\.($annotations);//;s/@($annotations)"'\>\s*(\((("[^"]*")|([^)]*))\))?//g'
-
for mod in guava guava-testlib futures/failureaccess; do
%pom_remove_parent ${mod}
%pom_xpath_inject pom:project '
@@ -104,11 +83,15 @@
%{version}' ${mod}
done
-%pom_change_dep -r -f : :
+%pom_change_dep -r :error_prone_annotations :::provided
+%pom_change_dep -r :j2objc-annotations :::provided
+%pom_change_dep -r org.checkerframework: :::provided
+
+%pom_change_dep -r -f
%build
mkdir -p lib
-build-jar-repository -s lib junit jsr-305
+build-jar-repository -s lib junit jsr-305 google-errorprone/annotations
checker-qual j2objc-annotations
%{ant} -Dtest.skip=true package javadoc
%install
++ guava-build.tar.xz ++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/common.xml new/common.xml
--- old/common.xml 2021-05-10 17:05:58.631896847 +0200
+++ new/common.xml 2022-05-17 02:33:57.060608131 +0200
@@ -3,7 +3,7 @@
-
+
++ v30.1.1.tar.gz -> v31.1.tar.gz ++
151384 lines of diff (skipped)
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package guava for openSUSE:Factory checked
in at 2022-03-11 21:41:39
Comparing /work/SRC/openSUSE:Factory/guava (Old)
and /work/SRC/openSUSE:Factory/.guava.new.25692 (New)
Package is "guava"
Fri Mar 11 21:41:39 2022 rev:6 rq:961077 version:30.1.1
Changes:
--- /work/SRC/openSUSE:Factory/guava/guava.changes 2021-05-11
23:04:20.948906020 +0200
+++ /work/SRC/openSUSE:Factory/.guava.new.25692/guava.changes 2022-03-11
21:42:02.442106270 +0100
@@ -1,0 +2,5 @@
+Fri Mar 11 12:13:02 UTC 2022 - Fridrich Strba
+
+- Remove parent reference from ALL distributed pom files
+
+---
Other differences:
--
++ guava.spec ++
--- /var/tmp/diff_new_pack.m8AO5g/_old 2022-03-11 21:42:02.922106638 +0100
+++ /var/tmp/diff_new_pack.m8AO5g/_new 2022-03-11 21:42:02.926106641 +0100
@@ -1,7 +1,7 @@
#
# spec file for package guava
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -97,7 +97,7 @@
find -name '*.java' | xargs sed -ri \
"s/^import
.*\.($annotations);//;s/@($annotations)"'\>\s*(\((("[^"]*")|([^)]*))\))?//g'
-for mod in guava guava-testlib; do
+for mod in guava guava-testlib futures/failureaccess; do
%pom_remove_parent ${mod}
%pom_xpath_inject pom:project '
com.google.guava
commit guava for openSUSE:Factory
Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package guava for openSUSE:Factory checked
in at 2021-05-11 23:04:14
Comparing /work/SRC/openSUSE:Factory/guava (Old)
and /work/SRC/openSUSE:Factory/.guava.new.2988 (New)
Package is "guava"
Tue May 11 23:04:14 2021 rev:5 rq:892204 version:30.1.1
Changes:
--- /work/SRC/openSUSE:Factory/guava/guava.changes 2019-12-10
22:41:18.181834050 +0100
+++ /work/SRC/openSUSE:Factory/.guava.new.2988/guava.changes2021-05-11
23:04:20.948906020 +0200
@@ -1,0 +2,14 @@
+Mon May 10 14:59:41 UTC 2021 - Fridrich Strba
+
+- Upgrade to guava 30.1.1
+ * fixes bsc#1179926, CVE-2020-8908: temp directory creation
+vulnerability in Guava versions prior to 30.0
+- Removed patch:
+ * guava-25.0-java8compat.patch
++ the compatibility is handled in the upstream code
+- Added patch:
+ * donotmock.patch
++ patch @DoNotMock annotation occurrences in order to put them
+ in a format that our regex is able to identify and kill
+
+---
Old:
guava-25.0-java8compat.patch
v25.0.tar.gz
New:
donotmock.patch
v30.1.1.tar.gz
Other differences:
--
++ guava.spec ++
--- /var/tmp/diff_new_pack.A0ic1g/_old 2021-05-11 23:04:21.676902699 +0200
+++ /var/tmp/diff_new_pack.A0ic1g/_new 2021-05-11 23:04:21.680902681 +0200
@@ -1,7 +1,7 @@
#
# spec file for package guava
#
-# Copyright (c) 2019 SUSE LLC
+# Copyright (c) 2021 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: guava
-Version:25.0
+Version:30.1.1
Release:0
Summary:Google Core Libraries for Java
License:Apache-2.0 AND CC0-1.0
@@ -25,7 +25,7 @@
URL:https://github.com/google/guava
Source0:https://github.com/google/guava/archive/v%{version}.tar.gz
Source1:%{name}-build.tar.xz
-Patch0: %{name}-%{version}-java8compat.patch
+Patch0: donotmock.patch
BuildRequires: ant
BuildRequires: fdupes
BuildRequires: javapackages-local
@@ -74,11 +74,13 @@
%pom_xpath_inject
/pom:project/pom:build/pom:plugins/pom:plugin/pom:configuration/pom:instructions
"<_nouses>true" guava/pom.xml
-%pom_remove_dep -r :animal-sniffer-annotations
%pom_remove_dep -r :error_prone_annotations
%pom_remove_dep -r :j2objc-annotations
%pom_remove_dep -r org.checkerframework:
+%pom_remove_dep -r :listenablefuture
+%pom_remove_dep -r :failureaccess
+
annotations=$(
find -name '*.java' \
| xargs grep -F -h \
@@ -107,7 +109,7 @@
%build
mkdir -p lib
build-jar-repository -s lib junit jsr-305
-%ant -Dtest.skip=true package javadoc
+%{ant} -Dtest.skip=true package javadoc
%install
# jars
@@ -118,7 +120,10 @@
# poms
install -dm 0755 %{buildroot}%{_mavenpomdir}/%{name}
install -pm 0644 %{name}/pom.xml
%{buildroot}%{_mavenpomdir}/%{name}/%{name}.pom
-%add_maven_depmap %{name}/%{name}.pom %{name}/%{name}.jar -f %{name}
+%add_maven_depmap %{name}/%{name}.pom %{name}/%{name}.jar
+# We integrated this artifact in our main package
+install -pm 0644 futures/failureaccess/pom.xml
%{buildroot}%{_mavenpomdir}/%{name}/failureaccess.pom
+%add_maven_depmap %{name}/failureaccess.pom %{name}/%{name}.jar
install -pm 0644 %{name}-testlib/pom.xml
%{buildroot}%{_mavenpomdir}/%{name}/%{name}-testlib.pom
%add_maven_depmap %{name}/%{name}-testlib.pom %{name}/%{name}-testlib.jar -f
%{name}-testlib
@@ -128,7 +133,7 @@
cp -r %{name}-testlib/target/site/apidocs
%{buildroot}%{_javadocdir}/%{name}/%{name}-testlib
%fdupes -s %{buildroot}%{_javadocdir}
-%files -f .mfiles-guava
+%files -f .mfiles
%doc CONTRIBUTORS README*
%license COPYING
++ donotmock.patch ++
--- guava-30.1/guava/src/com/google/common/graph/Traverser.java 2021-05-10
16:45:16.248098756 +0200
+++ guava-30.1/guava/src/com/google/common/graph/Traverser.java 2021-05-10
16:53:38.627252038 +0200
@@ -60,9 +60,7 @@
* @since 23.1
*/
@Beta
-@DoNotMock(
-"Call forGraph or forTree, passing a lambda or a Graph with the desired
edges (built with"
-+ " GraphBuilder)")
+@DoNotMock("Call forGraph or forTree, passing a lambda or a Graph with the
desired edges (built with GraphBuilder)")
public abstract class Traverser {
private final SuccessorsFunction successorFunction;
--- guava-30.1/guava/src/com/google/common/util/concurrent/ClosingFuture.java
2021-05-10 16:45:16.256098806 +0200
+++ guava-30.1/guava/src/com/google/common/util/concurrent/ClosingFuture.java
2021-05-10 16:55:44.184040192 +0200
@@ -32,6 +32,7 @@
import static
