Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package melange for openSUSE:Factory checked
in at 2025-06-02 21:59:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/melange (Old)
and /work/SRC/openSUSE:Factory/.melange.new.16005 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "melange"
Mon Jun 2 21:59:58 2025 rev:91 rq:1281733 version:0.26.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/melange/melange.changes 2025-05-31
19:18:23.006528625 +0200
+++ /work/SRC/openSUSE:Factory/.melange.new.16005/melange.changes
2025-06-02 22:00:20.532677796 +0200
@@ -1,0 +2,8 @@
+Mon Jun 02 05:30:05 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.26.4:
+ * [StepSecurity] Apply security best practices (#2019)
+ * fix: handle CACHEDIR properly (#2021)
+ * Add rust-src directories to ignoredPaths (#2017)
+
+-------------------------------------------------------------------
Old:
----
melange-0.26.3.obscpio
New:
----
melange-0.26.4.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ melange.spec ++++++
--- /var/tmp/diff_new_pack.kYYrb6/_old 2025-06-02 22:00:22.408755603 +0200
+++ /var/tmp/diff_new_pack.kYYrb6/_new 2025-06-02 22:00:22.416755934 +0200
@@ -17,7 +17,7 @@
Name: melange
-Version: 0.26.3
+Version: 0.26.4
Release: 0
Summary: Build APKs from source code
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.kYYrb6/_old 2025-06-02 22:00:22.732769041 +0200
+++ /var/tmp/diff_new_pack.kYYrb6/_new 2025-06-02 22:00:22.760770202 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/chainguard-dev/melange</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.26.3</param>
+ <param name="revision">v0.26.4</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.kYYrb6/_old 2025-06-02 22:00:22.908776340 +0200
+++ /var/tmp/diff_new_pack.kYYrb6/_new 2025-06-02 22:00:22.952778165 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/chainguard-dev/melange</param>
- <param
name="changesrevision">65b41ce13a37e4dfe7c4b7fcadc0d7b3a881e794</param></service></servicedata>
+ <param
name="changesrevision">956b377c5c5726e9b2b75fedbbd804c51853ee57</param></service></servicedata>
(No newline at EOF)
++++++ melange-0.26.3.obscpio -> melange-0.26.4.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/build/build.go
new/melange-0.26.4/pkg/build/build.go
--- old/melange-0.26.3/pkg/build/build.go 2025-05-29 23:04:12.000000000
+0200
+++ new/melange-0.26.4/pkg/build/build.go 2025-05-30 22:38:08.000000000
+0200
@@ -1146,6 +1146,7 @@
"SOURCE_DATE_EPOCH": fmt.Sprintf("%d",
b.SourceDateEpoch.Unix()),
},
WorkspaceDir: b.WorkspaceDir,
+ CacheDir: b.CacheDir,
Timeout: b.Configuration.Package.Timeout,
RunAsUID: runAsUID(b.Configuration.Environment.Accounts),
RunAs: runAs(b.Configuration.Environment.Accounts),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/build/test.go
new/melange-0.26.4/pkg/build/test.go
--- old/melange-0.26.3/pkg/build/test.go 2025-05-29 23:04:12.000000000
+0200
+++ new/melange-0.26.4/pkg/build/test.go 2025-05-30 22:38:08.000000000
+0200
@@ -512,6 +512,7 @@
Mounts: mounts,
Capabilities: caps,
WorkspaceDir: t.WorkspaceDir,
+ CacheDir: t.CacheDir,
Environment: map[string]string{},
RunAsUID: runAsUID(imgcfg.Accounts),
RunAs: runAs(imgcfg.Accounts),
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/build/test_test.go
new/melange-0.26.4/pkg/build/test_test.go
--- old/melange-0.26.3/pkg/build/test_test.go 2025-05-29 23:04:12.000000000
+0200
+++ new/melange-0.26.4/pkg/build/test_test.go 2025-05-30 22:38:08.000000000
+0200
@@ -109,6 +109,7 @@
want: func() *container.Config {
want := wantBase
want.Mounts = append(want.Mounts,
container.BindMount{Source: tmpDirReal, Destination: "/var/cache/melange"})
+ want.CacheDir = tmpDirReal
return &want
}(),
}, {
@@ -123,6 +124,7 @@
want := wantBase
want.Mounts = append(want.Mounts,
container.BindMount{Source: tmpDirReal, Destination: "/var/cache/melange"})
want.Environment = map[string]string{"FOO":
"bar", "BAZ": "zzz", "HOME": "/root"}
+ want.CacheDir = tmpDir
return &want
}(),
},
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/container/config.go
new/melange-0.26.4/pkg/container/config.go
--- old/melange-0.26.3/pkg/container/config.go 2025-05-29 23:04:12.000000000
+0200
+++ new/melange-0.26.4/pkg/container/config.go 2025-05-30 22:38:08.000000000
+0200
@@ -56,6 +56,7 @@
RunAsUID string
RunAs string
WorkspaceDir string
+ CacheDir string
CPU, CPUModel, Memory string
SSHKey ssh.Signer
SSHAddress string
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/container/qemu_runner.go
new/melange-0.26.4/pkg/container/qemu_runner.go
--- old/melange-0.26.3/pkg/container/qemu_runner.go 2025-05-29
23:04:12.000000000 +0200
+++ new/melange-0.26.4/pkg/container/qemu_runner.go 2025-05-30
22:38:08.000000000 +0200
@@ -490,8 +490,6 @@
}
func createMicroVM(ctx context.Context, cfg *Config) error {
- setupAdditionalMounts := false
-
log := clog.FromContext(ctx)
log.Debug("qemu: ssh - create ssh key pair")
pubKey, err := generateSSHKeys(ctx, cfg)
@@ -635,17 +633,9 @@
baseargs = append(baseargs, "-fsdev",
"local,security_model=mapped,id=fsdev100,path="+cfg.WorkspaceDir)
baseargs = append(baseargs, "-device",
"virtio-9p-pci,id=fs100,fsdev=fsdev100,mount_tag=defaultshare")
- for k, v := range cfg.Mounts {
- // we skip workspace as we mount it above, we also skip
resolv.conf as we can't 9p mount
- // single files.
- if v.Source == cfg.WorkspaceDir || strings.Contains(v.Source,
"resolv.conf") {
- continue
- }
- setupAdditionalMounts = true
- fsdev := fmt.Sprintf("%d", 200+k)
- fsid := fmt.Sprintf("%d", 200+k)
- baseargs = append(baseargs, "-fsdev",
"local,security_model=mapped,id=fsdev"+fsdev+",path="+v.Source)
- baseargs = append(baseargs, "-device",
"virtio-9p-pci,id=fs"+fsid+",fsdev=fsdev"+fsdev+",mount_tag="+v.Destination)
+ if cfg.CacheDir != "" {
+ baseargs = append(baseargs, "-fsdev",
"local,security_model=mapped,id=fsdev101,path="+cfg.CacheDir)
+ baseargs = append(baseargs, "-device",
"virtio-9p-pci,id=fs101,fsdev=fsdev101,mount_tag="+cfg.CacheDir)
}
// if no size is specified, let's go for a default
@@ -681,8 +671,8 @@
// append raw disk, init will take care of formatting it if present.
baseargs = append(baseargs, "-object", "iothread,id=io1")
- baseargs = append(baseargs, "-device",
"virtio-blk-pci,drive=disk0,iothread=io1,packed=on,num-queues=" +
fmt.Sprintf("%d", nproc/2))
- if runtime.GOOS == "linux"{
+ baseargs = append(baseargs, "-device",
"virtio-blk-pci,drive=disk0,iothread=io1,packed=on,num-queues="+fmt.Sprintf("%d",
nproc/2))
+ if runtime.GOOS == "linux" {
baseargs = append(baseargs, "-drive",
"if=none,id=disk0,cache=unsafe,cache.direct=on,format=raw,aio=native,file="+diskFile)
}
if runtime.GOOS == "darwin" {
@@ -691,7 +681,7 @@
// append the rootfs tar.gz, init will take care of populating the disk
with it
baseargs = append(baseargs, "-object", "iothread,id=io2")
- baseargs = append(baseargs, "-device",
"virtio-blk-pci,drive=image.tar,iothread=io2,packed=on,num-queues=" +
fmt.Sprintf("%d", nproc/2))
+ baseargs = append(baseargs, "-device",
"virtio-blk-pci,drive=image.tar,iothread=io2,packed=on,num-queues="+fmt.Sprintf("%d",
nproc/2))
baseargs = append(baseargs, "-blockdev",
"driver=raw,node-name=image.tar,file.driver=file,file.filename="+cfg.ImgRef)
// qemu-system-x86_64 or qemu-system-aarch64...
@@ -798,41 +788,19 @@
stdout, stderr := logwriter.New(log.Info), logwriter.New(log.Warn)
defer stdout.Close()
defer stderr.Close()
- clog.FromContext(ctx).Info("qemu: setting up local workspace")
- err = sendSSHCommand(ctx,
- cfg.SSHClient,
- cfg,
- nil,
- stderr,
- stdout,
- false,
- []string{"sh", "-c", "find /mnt/ -mindepth 1 -maxdepth 1 -exec
cp -a {} /home/build/ \\;"},
- )
- if err != nil {
- err = qemuCmd.Process.Kill()
- if err != nil {
- return err
- }
- }
-
- if setupAdditionalMounts {
- // we have additional 9p mounts other than our workspace so we
will
- // setup the mount commands for them
- // mkdir /mount/dest & mount [...] dest /mount/dest
- clog.FromContext(ctx).Info("qemu: setting up additional
mountpoints")
- setupMountCommand := ": "
- for _, v := range cfg.Mounts {
- // we skip workspace as we mount it above, we also skip
resolv.conf as we can't 9p mount
- // single files.
- if v.Source == cfg.WorkspaceDir ||
strings.Contains(v.Source, "resolv.conf") {
- continue
- }
-
- clog.FromContext(ctx).Debugf("qemu: additional
mountpoint %s into /mount/%s", v.Destination, v.Destination)
- setupMountCommand = setupMountCommand + "&& mkdir -p
/mount/" + v.Destination +
- " && mount -t 9p " + v.Destination + " /mount/"
+ v.Destination
- }
+ if cfg.CacheDir != "" {
+ clog.FromContext(ctx).Infof("qemu: setting up melange cachedir:
%s", cfg.CacheDir)
+ setupMountCommand := fmt.Sprintf(
+ "mkdir -p %s %s /mount/upper /mount/work && mount -t 9p
%s %s && "+
+ "mount -t overlay overlay -o
lowerdir=%s,upperdir=/mount/upper,workdir=/mount/work %s",
+ cfg.CacheDir,
+ filepath.Join("/mount", DefaultCacheDir),
+ cfg.CacheDir,
+ cfg.CacheDir,
+ cfg.CacheDir,
+ filepath.Join("/mount", DefaultCacheDir),
+ )
if setupMountCommand != ": " {
err = sendSSHCommand(ctx,
cfg.WorkspaceClient,
@@ -851,6 +819,24 @@
}
}
}
+
+ clog.FromContext(ctx).Info("qemu: setting up local workspace")
+ err = sendSSHCommand(ctx,
+ cfg.SSHClient,
+ cfg,
+ nil,
+ stderr,
+ stdout,
+ false,
+ []string{"sh", "-c", "find /mnt/ -mindepth 1 -maxdepth 1 -exec
cp -a {} /home/build/ \\;"},
+ )
+ if err != nil {
+ err = qemuCmd.Process.Kill()
+ if err != nil {
+ return err
+ }
+ }
+
cfg.QemuPID = qemuCmd.Process.Pid
return nil
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/license/license.go
new/melange-0.26.4/pkg/license/license.go
--- old/melange-0.26.3/pkg/license/license.go 2025-05-29 23:04:12.000000000
+0200
+++ new/melange-0.26.4/pkg/license/license.go 2025-05-30 22:38:08.000000000
+0200
@@ -177,10 +177,18 @@
// associated with the match, as some matches are potentially more relevant.
func IsLicenseFile(filename string) (bool, float64) {
// Ignore files in these paths
+
+ // Packages like Rust embed the semver in certain paths, so replace the
segment with `-`
+ // rust-1.86.0-src -> rust-src
+ re := regexp.MustCompile(`\-\d+\.\d+\.\d+\-`)
+ filename = re.ReplaceAllString(filename, "-")
+
ignoredPaths := []string{
".virtualenv",
"env",
"node_modules",
+ "rust-src",
+ "rustc-src",
"venv",
}
for _, i := range ignoredPaths {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/melange-0.26.3/pkg/license/license_test.go
new/melange-0.26.4/pkg/license/license_test.go
--- old/melange-0.26.3/pkg/license/license_test.go 2025-05-29
23:04:12.000000000 +0200
+++ new/melange-0.26.4/pkg/license/license_test.go 2025-05-30
22:38:08.000000000 +0200
@@ -117,6 +117,8 @@
"node_modules/copyme",
"node_modules/COPY",
"node_modules/LICENSE.txt",
+ "rust-src-1.86.0/rust-src/foo/LICENSE-MIT",
+ "rustc-src-1.86.0/rust-src/foo/LICENSE-MIT",
}
tmpDir = t.TempDir()
++++++ melange.obsinfo ++++++
--- /var/tmp/diff_new_pack.kYYrb6/_old 2025-06-02 22:00:23.196788285 +0200
+++ /var/tmp/diff_new_pack.kYYrb6/_new 2025-06-02 22:00:23.196788285 +0200
@@ -1,5 +1,5 @@
name: melange
-version: 0.26.3
-mtime: 1748552652
-commit: 65b41ce13a37e4dfe7c4b7fcadc0d7b3a881e794
+version: 0.26.4
+mtime: 1748637488
+commit: 956b377c5c5726e9b2b75fedbbd804c51853ee57
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/melange/vendor.tar.gz
/work/SRC/openSUSE:Factory/.melange.new.16005/vendor.tar.gz differ: char 13,
line 1
