Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package pluto for openSUSE:Factory checked
in at 2025-07-10 22:12:38
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/pluto (Old)
and /work/SRC/openSUSE:Factory/.pluto.new.7373 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "pluto"
Thu Jul 10 22:12:38 2025 rev:53 rq:1291626 version:5.21.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/pluto/pluto.changes 2025-06-18
16:03:18.341935150 +0200
+++ /work/SRC/openSUSE:Factory/.pluto.new.7373/pluto.changes 2025-07-10
22:12:40.173015490 +0200
@@ -1,0 +2,11 @@
+Thu Jul 10 07:35:18 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 5.21.9:
+ * INS-1201: Fix pluto vulnerability (#570)
+ - golang.org/x/mod v0.25.0
+ - helm.sh/helm/v3 v3.18.4
+ - k8s.io/api v0.33.2
+ - k8s.io/apimachinery v0.33.2
+ - k8s.io/client-go v0.33.2
+
+-------------------------------------------------------------------
Old:
----
pluto-5.21.8.obscpio
New:
----
pluto-5.21.9.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ pluto.spec ++++++
--- /var/tmp/diff_new_pack.gxgcYo/_old 2025-07-10 22:12:41.077053090 +0200
+++ /var/tmp/diff_new_pack.gxgcYo/_new 2025-07-10 22:12:41.081053256 +0200
@@ -17,7 +17,7 @@
Name: pluto
-Version: 5.21.8
+Version: 5.21.9
Release: 0
Summary: A cli tool to help discover deprecated apiVersions in
Kubernetes
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.gxgcYo/_old 2025-07-10 22:12:41.109054420 +0200
+++ /var/tmp/diff_new_pack.gxgcYo/_new 2025-07-10 22:12:41.113054587 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/FairwindsOps/pluto</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v5.21.8</param>
+ <param name="revision">v5.21.9</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.gxgcYo/_old 2025-07-10 22:12:41.133055419 +0200
+++ /var/tmp/diff_new_pack.gxgcYo/_new 2025-07-10 22:12:41.137055585 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/FairwindsOps/pluto</param>
- <param
name="changesrevision">a2cd5c3a6161456c00b3105411493b0900d4da0e</param></service></servicedata>
+ <param
name="changesrevision">89c603e84537de13707702da064ce29008dbd08a</param></service></servicedata>
(No newline at EOF)
++++++ pluto-5.21.8.obscpio -> pluto-5.21.9.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.github/ISSUE_TEMPLATE/bug.yaml
new/pluto-5.21.9/.github/ISSUE_TEMPLATE/bug.yaml
--- old/pluto-5.21.8/.github/ISSUE_TEMPLATE/bug.yaml 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/ISSUE_TEMPLATE/bug.yaml 1970-01-01
01:00:00.000000000 +0100
@@ -1,58 +0,0 @@
-name: Bug Report
-description: File a bug report
-labels: [bug, triage]
-body:
- - type: markdown
- attributes:
- value: |
- Thanks for taking the time to fill out this bug report! Please fill
the form below.
- - type: textarea
- id: what-happened
- attributes:
- label: What happened?
- description: What happened?
- validations:
- required: true
- - type: textarea
- id: expected
- attributes:
- label: What did you expect to happen?
- description: What is the expected or desired behavior?
- validations:
- required: true
- - type: textarea
- id: reproducible
- attributes:
- label: How can we reproduce this?
- description: Please share the steps that we can take to reproduce this.
Also include any relevant configuration.
- validations:
- required: true
- - type: input
- id: version
- attributes:
- label: Version
- description: The version of the tool that you are using. If a helm
chart, please share the name of the chart.
- validations:
- required: true
- - type: checkboxes
- id: search
- attributes:
- label: Search
- options:
- - label: I did search for other open and closed issues before opening
this.
- required: true
- - type: checkboxes
- id: terms
- attributes:
- label: Code of Conduct
- description: By submitting this issue, you agree to follow the
CODE_OF_CONDUCT in this repository.
- options:
- - label: I agree to follow this project's Code of Conduct
- required: true
- - type: textarea
- id: ctx
- attributes:
- label: Additional context
- description: Anything else you would like to add
- validations:
- required: false
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/pluto-5.21.8/.github/ISSUE_TEMPLATE/feature_request.md
new/pluto-5.21.9/.github/ISSUE_TEMPLATE/feature_request.md
--- old/pluto-5.21.8/.github/ISSUE_TEMPLATE/feature_request.md 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/ISSUE_TEMPLATE/feature_request.md 1970-01-01
01:00:00.000000000 +0100
@@ -1,20 +0,0 @@
----
-name: Feature request
-about: Suggest an idea for this project
-title: ''
-labels: [triage, enhancement]
-assignees: ''
-
----
-
-**Is your feature request related to a problem? Please describe.**
-A clear and concise description of what the problem is. Ex. I'm always
frustrated when [...]
-
-**Describe the solution you'd like**
-A clear and concise description of what you want to happen.
-
-**Describe alternatives you've considered**
-A clear and concise description of any alternative solutions or features
you've considered.
-
-**Additional context**
-Add any other context or screenshots about the feature request here.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.github/ISSUE_TEMPLATE/other.md
new/pluto-5.21.9/.github/ISSUE_TEMPLATE/other.md
--- old/pluto-5.21.8/.github/ISSUE_TEMPLATE/other.md 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/ISSUE_TEMPLATE/other.md 1970-01-01
01:00:00.000000000 +0100
@@ -1,8 +0,0 @@
----
-name: Other
-about: For misc. tasks like research or continued conversation
-title: ''
-labels: [triage]
-assignees: ''
-
----
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.github/dependabot.yml
new/pluto-5.21.9/.github/dependabot.yml
--- old/pluto-5.21.8/.github/dependabot.yml 2025-06-17 13:59:11.000000000
+0200
+++ new/pluto-5.21.9/.github/dependabot.yml 1970-01-01 01:00:00.000000000
+0100
@@ -1,20 +0,0 @@
-## DO NOT EDIT - Managed by Terraform
-version: 2
-updates:
- - package-ecosystem: "docker"
- directory: "/"
- schedule:
- interval: "weekly"
-
- - package-ecosystem: "npm"
- directory: "/docs"
- schedule:
- interval: "weekly"
- open-pull-requests-limit: 0
- ignore:
- - dependency-name: "*"
-
- - package-ecosystem: "gomod"
- directory: "/"
- schedule:
- interval: "weekly"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.github/pull_request_template.md
new/pluto-5.21.9/.github/pull_request_template.md
--- old/pluto-5.21.8/.github/pull_request_template.md 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/pull_request_template.md 1970-01-01
01:00:00.000000000 +0100
@@ -1,14 +0,0 @@
-
-This PR fixes #
-
-## Checklist
-* [ ] I have signed the CLA
-* [ ] I have updated/added any relevant documentation
-
-## Description
-### What's the goal of this PR?
-
-### What changes did you make?
-
-### What alternative solution should we consider, if any?
-
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/pluto-5.21.8/.github/workflows/github-action-test.yml
new/pluto-5.21.9/.github/workflows/github-action-test.yml
--- old/pluto-5.21.8/.github/workflows/github-action-test.yml 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/workflows/github-action-test.yml 1970-01-01
01:00:00.000000000 +0100
@@ -1,17 +0,0 @@
-name: Test github action
-
-on: [push, pull_request]
-
-jobs:
- action:
- runs-on: ubuntu-latest
- steps:
- - name: Checkout
- uses: actions/checkout@v2
-
- - name: Download pluto
- uses: ./github-action
-
- - name: Pluto exists?
- run: |
- pluto version
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.github/workflows/stale.yml
new/pluto-5.21.9/.github/workflows/stale.yml
--- old/pluto-5.21.8/.github/workflows/stale.yml 2025-06-17
13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.github/workflows/stale.yml 1970-01-01
01:00:00.000000000 +0100
@@ -1,18 +0,0 @@
-name: 'Close stale issues and PRs'
-on:
- schedule:
- - cron: '32 1 * * *'
-
-permissions:
- issues: write
- pull-requests: write
-
-jobs:
- stale:
- runs-on: ubuntu-latest
- steps:
- - uses: actions/stale@v4
- with:
- exempt-issue-labels: pinned
- stale-pr-label: stale
- stale-issue-label: stale
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/.gitignore new/pluto-5.21.9/.gitignore
--- old/pluto-5.21.8/.gitignore 2025-06-17 13:59:11.000000000 +0200
+++ new/pluto-5.21.9/.gitignore 1970-01-01 01:00:00.000000000 +0100
@@ -1,17 +0,0 @@
-vendor
-
-# Output of the go coverage tool
-*.out
-cover-report.html
-coverage.txt
-cover.html
-
-/pluto
-pkged.go
-
-node_modules
-/dist
-
-orb.yml
-venom.*.log
-docs/README.md
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/go.mod new/pluto-5.21.9/go.mod
--- old/pluto-5.21.8/go.mod 2025-06-17 13:59:11.000000000 +0200
+++ new/pluto-5.21.9/go.mod 2025-07-09 21:04:34.000000000 +0200
@@ -9,12 +9,12 @@
github.com/spf13/viper v1.20.1
github.com/stretchr/testify v1.10.0
github.com/thoas/go-funk v0.9.3
- golang.org/x/mod v0.24.0
+ golang.org/x/mod v0.25.0
gopkg.in/yaml.v3 v3.0.1
- helm.sh/helm/v3 v3.17.3
- k8s.io/api v0.33.0
- k8s.io/apimachinery v0.33.0
- k8s.io/client-go v0.33.0
+ helm.sh/helm/v3 v3.18.4
+ k8s.io/api v0.33.2
+ k8s.io/apimachinery v0.33.2
+ k8s.io/client-go v0.33.2
k8s.io/klog/v2 v2.130.1
sigs.k8s.io/controller-runtime v0.20.4
)
@@ -70,13 +70,12 @@
golang.org/x/oauth2 v0.30.0 // indirect
golang.org/x/sys v0.33.0 // indirect
golang.org/x/term v0.32.0 // indirect
- golang.org/x/text v0.25.0 // indirect
+ golang.org/x/text v0.26.0 // indirect
golang.org/x/time v0.11.0 // indirect
- golang.org/x/tools v0.33.0 // indirect
google.golang.org/protobuf v1.36.6 // indirect
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
- k8s.io/apiextensions-apiserver v0.33.0 // indirect
+ k8s.io/apiextensions-apiserver v0.33.2 // indirect
k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff // indirect
k8s.io/utils v0.0.0-20250502105355-0f33e8f1c979 // indirect
sigs.k8s.io/json v0.0.0-20241014173422-cfa47c3a1cc8 // indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/pluto-5.21.8/go.sum new/pluto-5.21.9/go.sum
--- old/pluto-5.21.8/go.sum 2025-06-17 13:59:11.000000000 +0200
+++ new/pluto-5.21.9/go.sum 2025-07-09 21:04:34.000000000 +0200
@@ -160,8 +160,8 @@
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod
h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.24.0 h1:ZfthKaKaT4NrhGVZHO1/WDTwGES4De8KtWO0SIbNJMU=
-golang.org/x/mod v0.24.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
+golang.org/x/mod v0.25.0 h1:n7a+ZbQKQA/Ysbyb0/6IbB1H/X41mKgbhfv7AfG/44w=
+golang.org/x/mod v0.25.0/go.mod h1:IXM97Txy2VM4PJ3gI61r1YEk/gAj6zAHN3AdZt6S9Ww=
golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod
h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod
h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod
h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -182,8 +182,8 @@
golang.org/x/term v0.32.0/go.mod
h1:uZG1FhGx848Sqfsq4/DlJr3xGGsYMu/L5GW4abiaEPQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.25.0 h1:qVyWApTSYLk/drJRO5mDlNYskwQznZmkpV2c8q9zls4=
-golang.org/x/text v0.25.0/go.mod
h1:WEdwpYrmk1qmdHvhkSTNPm3app7v4rsT8F2UD6+VHIA=
+golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M=
+golang.org/x/text v0.26.0/go.mod
h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA=
golang.org/x/time v0.11.0 h1:/bpjEDfN9tkoN/ryeYHnv5hcMlc8ncjMcM4XBk5NWV0=
golang.org/x/time v0.11.0/go.mod
h1:CDIdPxbZBQxdj6cxyCIdrNogrJKMJ7pr37NYpMcMDSg=
golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod
h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
@@ -208,16 +208,16 @@
gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-helm.sh/helm/v3 v3.17.3 h1:3n5rW3D0ArjFl0p4/oWO8IbY/HKaNNwJtOQFdH2AZHg=
-helm.sh/helm/v3 v3.17.3/go.mod h1:+uJKMH/UiMzZQOALR3XUf3BLIoczI2RKKD6bMhPh4G8=
-k8s.io/api v0.33.0 h1:yTgZVn1XEe6opVpP1FylmNrIFWuDqe2H0V8CT5gxfIU=
-k8s.io/api v0.33.0/go.mod h1:CTO61ECK/KU7haa3qq8sarQ0biLq2ju405IZAd9zsiM=
-k8s.io/apiextensions-apiserver v0.33.0
h1:d2qpYL7Mngbsc1taA4IjJPRJ9ilnsXIrndH+r9IimOs=
-k8s.io/apiextensions-apiserver v0.33.0/go.mod
h1:VeJ8u9dEEN+tbETo+lFkwaaZPg6uFKLGj5vyNEwwSzc=
-k8s.io/apimachinery v0.33.0 h1:1a6kHrJxb2hs4t8EE5wuR/WxKDwGN1FKH3JvDtA0CIQ=
-k8s.io/apimachinery v0.33.0/go.mod
h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
-k8s.io/client-go v0.33.0 h1:UASR0sAYVUzs2kYuKn/ZakZlcs2bEHaizrrHUZg0G98=
-k8s.io/client-go v0.33.0/go.mod h1:kGkd+l/gNGg8GYWAPr0xF1rRKvVWvzh9vmZAMXtaKOg=
+helm.sh/helm/v3 v3.18.4 h1:pNhnHM3nAmDrxz6/UC+hfjDY4yeDATQCka2/87hkZXQ=
+helm.sh/helm/v3 v3.18.4/go.mod h1:WVnwKARAw01iEdjpEkP7Ii1tT1pTPYfM1HsakFKM3LI=
+k8s.io/api v0.33.2 h1:YgwIS5jKfA+BZg//OQhkJNIfie/kmRsO0BmNaVSimvY=
+k8s.io/api v0.33.2/go.mod h1:fhrbphQJSM2cXzCWgqU29xLDuks4mu7ti9vveEnpSXs=
+k8s.io/apiextensions-apiserver v0.33.2
h1:6gnkIbngnaUflR3XwE1mCefN3YS8yTD631JXQhsU6M8=
+k8s.io/apiextensions-apiserver v0.33.2/go.mod
h1:IvVanieYsEHJImTKXGP6XCOjTwv2LUMos0YWc9O+QP8=
+k8s.io/apimachinery v0.33.2 h1:IHFVhqg59mb8PJWTLi8m1mAoepkUNYmptHsV+Z1m5jY=
+k8s.io/apimachinery v0.33.2/go.mod
h1:BHW0YOu7n22fFv/JkYOEfkUYNRN0fj0BlvMFWA7b+SM=
+k8s.io/client-go v0.33.2 h1:z8CIcc0P581x/J1ZYf4CNzRKxRvQAwoAolYPbtQes+E=
+k8s.io/client-go v0.33.2/go.mod h1:9mCgT4wROvL948w6f6ArJNb7yQd7QsvqavDeZHvNmHo=
k8s.io/klog/v2 v2.130.1 h1:n9Xl7H1Xvksem4KFG4PYbdQCQxqc/tTUyrgXaOhHSzk=
k8s.io/klog/v2 v2.130.1/go.mod h1:3Jpz1GvMt720eyJH1ckRHK1EDfpxISzJ7I9OYgaDtPE=
k8s.io/kube-openapi v0.0.0-20250318190949-c8a335a9a2ff
h1:/usPimJzUKKu+m+TE36gUyGcf03XZEP0ZIKgKj35LS4=
++++++ pluto.obsinfo ++++++
--- /var/tmp/diff_new_pack.gxgcYo/_old 2025-07-10 22:12:41.333063738 +0200
+++ /var/tmp/diff_new_pack.gxgcYo/_new 2025-07-10 22:12:41.333063738 +0200
@@ -1,5 +1,5 @@
name: pluto
-version: 5.21.8
-mtime: 1750161551
-commit: a2cd5c3a6161456c00b3105411493b0900d4da0e
+version: 5.21.9
+mtime: 1752087874
+commit: 89c603e84537de13707702da064ce29008dbd08a
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/pluto/vendor.tar.gz
/work/SRC/openSUSE:Factory/.pluto.new.7373/vendor.tar.gz differ: char 15, line 1
