Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package obs-service-cargo_audit for
openSUSE:Factory checked in at 2021-05-20 19:25:04
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/obs-service-cargo_audit (Old)
and /work/SRC/openSUSE:Factory/.obs-service-cargo_audit.new.2988 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "obs-service-cargo_audit"
Thu May 20 19:25:04 2021 rev:2 rq:894456 version:0.1.2~git0.e25df37
Changes:
--------
---
/work/SRC/openSUSE:Factory/obs-service-cargo_audit/obs-service-cargo_audit.changes
2021-03-30 21:45:29.938665648 +0200
+++
/work/SRC/openSUSE:Factory/.obs-service-cargo_audit.new.2988/obs-service-cargo_audit.changes
2021-05-20 19:25:31.309828931 +0200
@@ -1,0 +2,12 @@
+Thu May 20 00:30:47 UTC 2021 - [email protected]
+
+- Update to version 0.1.2~git0.e25df37:
+ * generate Cargo.lock from Cargo.toml if not present (#2)
+
+-------------------------------------------------------------------
+Wed May 19 00:16:31 UTC 2021 - [email protected]
+
+- Update to version 0.1.1~git0.a3a0827:
+ * Add outdir parameter
+
+-------------------------------------------------------------------
Old:
----
obs-service-cargo_audit-0.1.0~git0.660f61c.tar.gz
New:
----
obs-service-cargo_audit-0.1.2~git0.e25df37.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ obs-service-cargo_audit.spec ++++++
--- /var/tmp/diff_new_pack.LtROQr/_old 2021-05-20 19:25:31.725827225 +0200
+++ /var/tmp/diff_new_pack.LtROQr/_new 2021-05-20 19:25:31.725827225 +0200
@@ -1,5 +1,5 @@
#
-# spec file for package obs-service-cargo_vendor
+# spec file for package obs-service-cargo_audit
#
# Copyright (c) 2021 SUSE LLC
#
@@ -22,7 +22,7 @@
License: MPL-2.0
Group: Development/Tools/Building
URL: https://github.com/openSUSE/obs-service-%{service}
-Version: 0.1.0~git0.660f61c
+Version: 0.1.2~git0.e25df37
Release: 0
Source: %{name}-%{version}.tar.gz
BuildRequires: python3
++++++ _service ++++++
--- /var/tmp/diff_new_pack.LtROQr/_old 2021-05-20 19:25:31.753827109 +0200
+++ /var/tmp/diff_new_pack.LtROQr/_new 2021-05-20 19:25:31.753827109 +0200
@@ -3,7 +3,7 @@
<param
name="url">https://github.com/openSUSE/obs-service-cargo_audit.git</param>
<param name="versionformat">@PARENT_TAG@~git@TAG_OFFSET@.%h</param>
<param name="scm">git</param>
- <param name="revision">v0.1.0</param>
+ <param name="revision">v0.1.2</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
++++++ obs-service-cargo_audit-0.1.0~git0.660f61c.tar.gz ->
obs-service-cargo_audit-0.1.2~git0.e25df37.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/obs-service-cargo_audit-0.1.0~git0.660f61c/cargo_audit
new/obs-service-cargo_audit-0.1.2~git0.e25df37/cargo_audit
--- old/obs-service-cargo_audit-0.1.0~git0.660f61c/cargo_audit 2021-03-04
03:43:25.000000000 +0100
+++ new/obs-service-cargo_audit-0.1.2~git0.e25df37/cargo_audit 2021-05-19
02:24:02.000000000 +0200
@@ -42,6 +42,8 @@
description=description,
formatter_class=argparse.RawDescriptionHelpFormatter
)
parser.add_argument("--srcdir")
+# We always ignore this parameter.
+parser.add_argument("--outdir")
args = parser.parse_args()
srcdir = args.srcdir
@@ -53,6 +55,21 @@
if filename in files and 'vendor' not in root
]
+def generate_lock(path):
+ log.debug(f"Running cargo generate-lockfile against: {path}/Cargo.toml")
+ cmd = [
+ "cargo", "generate-lockfile", "-q",
+ "--manifest-path", f"{path}/Cargo.toml",
+ ]
+ dcmd = " ".join(cmd)
+ log.debug(f"Running {dcmd}")
+ proc = run(cmd, check=False, stdout=PIPE, stderr=STDOUT)
+ output = proc.stdout.decode("utf-8").strip()
+ log.debug(f"return: {proc.returncode}")
+ if proc.returncode != 0:
+ log.error(f"Could not generate Cargo.lock under {path}")
+ exit(1)
+
def cargo_audit(lock_file):
log.debug(f"Running cargo audit against: {lock_file}")
cmd = [
@@ -91,20 +108,26 @@
def main():
log.info(f"Running OBS Source Service ????: {service_name}")
log.info(f"Current working dir: {os.getcwd()}")
- log.info(f"Searching for Cargo.toml in: {srcdir}")
+ log.info(f"Searching for Cargo.lock in: {srcdir}")
cargo_lock_paths = find_file(srcdir, "Cargo.lock")
- if cargo_lock_paths:
- log.debug(f"Detected Rust lock files: {cargo_lock_paths}")
- status = any([cargo_audit(cargo_lock_path) for cargo_lock_path in
cargo_lock_paths])
- if status:
- log.error("???? Vulnerabilities may have been found. You must
review these.")
+ if not cargo_lock_paths:
+ log.info(f"No Rust Cargo.lock found under {srcdir}")
+ log.info(f"Searching for Cargo.toml in: {srcdir}")
+ if find_file(srcdir, "Cargo.toml"):
+ generate_lock(srcdir)
+ else:
+ log.error(f"No Rust Cargo.toml found under {srcdir}")
exit(1)
- log.info("No known issues detected ????????")
else:
- log.error("No Rust Cargo.lock found under {srcdir}")
+ log.debug(f"Detected Rust lock files: {cargo_lock_paths}")
+
+ status = any([cargo_audit(cargo_lock_path) for cargo_lock_path in
cargo_lock_paths])
+ if status:
+ log.error("???? Vulnerabilities may have been found. You must review
these.")
exit(1)
+ log.info("No known issues detected ????????")
if __name__ == "__main__":
main()
