Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package cargo-auditable for openSUSE:Factory
checked in at 2026-04-23 17:04:18
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/cargo-auditable (Old)
and /work/SRC/openSUSE:Factory/.cargo-auditable.new.11940 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "cargo-auditable"
Thu Apr 23 17:04:18 2026 rev:9 rq:1348661 version:0.7.4~0
Changes:
--------
--- /work/SRC/openSUSE:Factory/cargo-auditable/cargo-auditable.changes
2026-02-12 17:24:59.737254425 +0100
+++
/work/SRC/openSUSE:Factory/.cargo-auditable.new.11940/cargo-auditable.changes
2026-04-23 17:04:25.048264904 +0200
@@ -1,0 +2,29 @@
+Tue Mar 10 03:15:43 UTC 2026 - [email protected]
+
+- Update to version 0.7.4~0:
+ * Bump version
+ * Update changelog
+ * Update comment
+ * Add bare linker tests for Windows
+ * re-add the lost wasm target
+ * Clearer job naming
+ * Fix linking on i686 MSVC when using bare linkers
+ * Split Windows job into three
+ * Drop bare linker tests from Windows for now
+ * Enable bare linker for all Windows targets
+ * Make bare linker test also configure a bare linker on i686-pc-windows-msvc
+ * Fix i686 MSVC linking by handling name mangling
+ * Also run tests for the i686-pc-windows-msvc target
+ * Upgrade cargo-dist to hopefully work around macos 13 deprecation
+ * Update changelog
+ * Revert "Deliberately inject faults to verify CI tests these paths"
+ * Make Cargo actually load the config file; it doesn't load the associated
config when just passing Cargo.toml path
+ * Deliberately inject faults to verify CI tests these paths
+ * Bump time crate to get rid of vuln reports
+ * Add a test for bare linker configuration
+ * Fix bare linker argument passing on Apple platforms
+ * Bump version
+ * Update changelog
+ * Use POSIX `-u` instead of GNU `--undefined` for zig linker support
+
+-------------------------------------------------------------------
Old:
----
cargo-auditable-0.7.2~0.tar.zst
New:
----
cargo-auditable-0.7.4~0.tar.zst
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ cargo-auditable.spec ++++++
--- /var/tmp/diff_new_pack.KSGn5e/_old 2026-04-23 17:04:25.948301983 +0200
+++ /var/tmp/diff_new_pack.KSGn5e/_new 2026-04-23 17:04:25.948301983 +0200
@@ -22,7 +22,7 @@
%define __cargo_common_opts %{?_smp_mflags}
Name: cargo-auditable
-Version: 0.7.2~0
+Version: 0.7.4~0
Release: 0
Summary: A tool to embed auditing information in ELF sections of rust
binaries
# If you know the license, put it's SPDX string here.
++++++ _service ++++++
--- /var/tmp/diff_new_pack.KSGn5e/_old 2026-04-23 17:04:25.992303795 +0200
+++ /var/tmp/diff_new_pack.KSGn5e/_new 2026-04-23 17:04:25.996303960 +0200
@@ -3,7 +3,7 @@
<param
name="url">https://github.com/rust-secure-code/cargo-auditable.git</param>
<param name="versionformat">@PARENT_TAG@~@TAG_OFFSET@</param>
<param name="scm">git</param>
- <param name="revision">v0.7.2</param>
+ <param name="revision">v0.7.4</param>
<param name="match-tag">v*</param>
<param name="versionrewrite-pattern">v(\d+\.\d+\.\d+)</param>
<param name="versionrewrite-replacement">\1</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.KSGn5e/_old 2026-04-23 17:04:26.028305279 +0200
+++ /var/tmp/diff_new_pack.KSGn5e/_new 2026-04-23 17:04:26.032305443 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/rust-secure-code/cargo-auditable.git</param>
- <param
name="changesrevision">0c4c6591a355c0fec883f70a4e9280974f15e02c</param></service></servicedata>
+ <param
name="changesrevision">1d50810095d1a40d02c4f5c38152cdb9d0ea06bd</param></service></servicedata>
(No newline at EOF)
++++++ cargo-auditable-0.7.2~0.tar.zst -> cargo-auditable-0.7.4~0.tar.zst ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/.github/workflows/release.yml
new/cargo-auditable-0.7.4~0/.github/workflows/release.yml
--- old/cargo-auditable-0.7.2~0/.github/workflows/release.yml 2025-11-09
11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/.github/workflows/release.yml 2026-03-04
20:15:52.000000000 +0100
@@ -56,7 +56,7 @@
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v6
with:
persist-credentials: false
submodules: recursive
@@ -64,9 +64,9 @@
# we specify bash to get pipefail; it guards against the `curl` command
# failing. otherwise `sh` won't catch that `curl` returned non-0
shell: bash
- run: "curl --proto '=https' --tlsv1.2 -LsSf
https://github.com/axodotdev/cargo-dist/releases/download/v0.30.0/cargo-dist-installer.sh
| sh"
+ run: "curl --proto '=https' --tlsv1.2 -LsSf
https://github.com/axodotdev/cargo-dist/releases/download/v0.31.0/cargo-dist-installer.sh
| sh"
- name: Cache dist
- uses: actions/upload-artifact@v4
+ uses: actions/upload-artifact@v6
with:
name: cargo-dist-cache
path: ~/.cargo/bin/dist
@@ -82,7 +82,7 @@
cat plan-dist-manifest.json
echo "manifest=$(jq -c "." plan-dist-manifest.json)" >>
"$GITHUB_OUTPUT"
- name: "Upload dist-manifest.json"
- uses: actions/upload-artifact@v4
+ uses: actions/upload-artifact@v6
with:
name: artifacts-plan-dist-manifest
path: plan-dist-manifest.json
@@ -116,7 +116,7 @@
- name: enable windows longpaths
run: |
git config --global core.longpaths true
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v6
with:
persist-credentials: false
submodules: recursive
@@ -131,7 +131,7 @@
run: ${{ matrix.install_dist.run }}
# Get the dist-manifest
- name: Fetch local artifacts
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
pattern: artifacts-*
path: target/distrib/
@@ -158,7 +158,7 @@
cp dist-manifest.json "$BUILD_MANIFEST_NAME"
- name: "Upload artifacts"
- uses: actions/upload-artifact@v4
+ uses: actions/upload-artifact@v6
with:
name: artifacts-build-local-${{ join(matrix.targets, '_') }}
path: |
@@ -175,19 +175,19 @@
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
BUILD_MANIFEST_NAME: target/distrib/global-dist-manifest.json
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v6
with:
persist-credentials: false
submodules: recursive
- name: Install cached dist
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
name: cargo-dist-cache
path: ~/.cargo/bin/
- run: chmod +x ~/.cargo/bin/dist
# Get all the local artifacts for the global tasks to use (for e.g.
checksums)
- name: Fetch local artifacts
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
pattern: artifacts-*
path: target/distrib/
@@ -205,7 +205,7 @@
cp dist-manifest.json "$BUILD_MANIFEST_NAME"
- name: "Upload artifacts"
- uses: actions/upload-artifact@v4
+ uses: actions/upload-artifact@v6
with:
name: artifacts-build-global
path: |
@@ -217,27 +217,27 @@
- plan
- build-local-artifacts
- build-global-artifacts
- # Only run if we're "publishing", and only if local and global didn't fail
(skipped is fine)
- if: ${{ always() && needs.plan.outputs.publishing == 'true' &&
(needs.build-global-artifacts.result == 'skipped' ||
needs.build-global-artifacts.result == 'success') &&
(needs.build-local-artifacts.result == 'skipped' ||
needs.build-local-artifacts.result == 'success') }}
+ # Only run if we're "publishing", and only if plan, local and global
didn't fail (skipped is fine)
+ if: ${{ always() && needs.plan.result == 'success' &&
needs.plan.outputs.publishing == 'true' && (needs.build-global-artifacts.result
== 'skipped' || needs.build-global-artifacts.result == 'success') &&
(needs.build-local-artifacts.result == 'skipped' ||
needs.build-local-artifacts.result == 'success') }}
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
runs-on: "ubuntu-22.04"
outputs:
val: ${{ steps.host.outputs.manifest }}
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v6
with:
persist-credentials: false
submodules: recursive
- name: Install cached dist
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
name: cargo-dist-cache
path: ~/.cargo/bin/
- run: chmod +x ~/.cargo/bin/dist
# Fetch artifacts from scratch-storage
- name: Fetch artifacts
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
pattern: artifacts-*
path: target/distrib/
@@ -250,14 +250,14 @@
cat dist-manifest.json
echo "manifest=$(jq -c "." dist-manifest.json)" >> "$GITHUB_OUTPUT"
- name: "Upload dist-manifest.json"
- uses: actions/upload-artifact@v4
+ uses: actions/upload-artifact@v6
with:
# Overwrite the previous copy
name: artifacts-dist-manifest
path: dist-manifest.json
# Create a GitHub Release while uploading all files to it
- name: "Download GitHub Artifacts"
- uses: actions/download-artifact@v4
+ uses: actions/download-artifact@v7
with:
pattern: artifacts-*
path: artifacts
@@ -290,7 +290,7 @@
env:
GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
steps:
- - uses: actions/checkout@v4
+ - uses: actions/checkout@v6
with:
persist-credentials: false
submodules: recursive
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/.github/workflows/windows.yml
new/cargo-auditable-0.7.4~0/.github/workflows/windows.yml
--- old/cargo-auditable-0.7.2~0/.github/workflows/windows.yml 2025-11-09
11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/.github/workflows/windows.yml 2026-03-04
20:15:52.000000000 +0100
@@ -6,26 +6,48 @@
branches: master
jobs:
- test:
- strategy:
- matrix:
- platform:
- - windows-latest
- toolchain:
- - stable
- runs-on: ${{ matrix.platform }}
+ test-x86_64-pc-windows-msvc:
+ runs-on: windows-latest
steps:
- uses: actions/checkout@v2
- uses: swatinem/rust-cache@v2
- uses: dtolnay/rust-toolchain@stable
with:
- toolchain: ${{ matrix.toolchain }}
+ toolchain: stable
profile: minimal
override: true
targets: "wasm32-unknown-unknown"
- - name: "Test on the native x86_64-pc-windows-mscv"
+ - name: "Test on the native x86_64-pc-windows-msvc"
run: cargo test --all-features --workspace
+
+ test-x86_64-pc-windows-gnu:
+ runs-on: windows-latest
+ steps:
+ - uses: actions/checkout@v2
+ - uses: swatinem/rust-cache@v2
+ - uses: dtolnay/rust-toolchain@stable
+ with:
+ toolchain: stable
+ profile: minimal
+ override: true
+ targets: "wasm32-unknown-unknown"
- name: "Test when cross-compiling to x86_64-pc-windows-gnu"
env:
AUDITABLE_TEST_TARGET: "x86_64-pc-windows-gnu"
run: cargo test --all-features --workspace
+
+ test-i686-pc-windows-msvc:
+ runs-on: windows-latest
+ steps:
+ - uses: actions/checkout@v2
+ - uses: swatinem/rust-cache@v2
+ - uses: dtolnay/rust-toolchain@stable
+ with:
+ toolchain: stable
+ profile: minimal
+ override: true
+ targets: "wasm32-unknown-unknown,i686-pc-windows-msvc"
+ - name: "Test when cross-compiling to i686-pc-windows-msvc"
+ env:
+ AUDITABLE_TEST_TARGET: "i686-pc-windows-msvc"
+ run: cargo test --all-features --workspace
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cargo-auditable-0.7.2~0/Cargo.lock
new/cargo-auditable-0.7.4~0/Cargo.lock
--- old/cargo-auditable-0.7.2~0/Cargo.lock 2025-11-09 11:06:58.000000000
+0100
+++ new/cargo-auditable-0.7.4~0/Cargo.lock 2026-03-04 20:15:52.000000000
+0100
@@ -116,7 +116,7 @@
[[package]]
name = "cargo-auditable"
-version = "0.7.2"
+version = "0.7.4"
dependencies = [
"auditable-info",
"auditable-serde",
@@ -355,9 +355,9 @@
[[package]]
name = "num-conv"
-version = "0.1.0"
+version = "0.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "51d515d32fb182ee37cda2ccdcb92950d6a3c2893aa280e540671c2cd0f3b1d9"
+checksum = "cf97ec579c3c42f953ef76dbf8d55ac91fb219dde70e49aa4a6b7d74e9919050"
[[package]]
name = "num-traits"
@@ -699,30 +699,30 @@
[[package]]
name = "time"
-version = "0.3.44"
+version = "0.3.47"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "91e7d9e3bb61134e77bde20dd4825b97c010155709965fedf0f49bb138e52a9d"
+checksum = "743bd48c283afc0388f9b8827b976905fb217ad9e647fae3a379a9283c4def2c"
dependencies = [
"deranged",
"itoa",
"num-conv",
"powerfmt",
- "serde",
+ "serde_core",
"time-core",
"time-macros",
]
[[package]]
name = "time-core"
-version = "0.1.6"
+version = "0.1.8"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "40868e7c1d2f0b8d73e4a8c7f0ff63af4f6d19be117e90bd73eb1d62cf831c6b"
+checksum = "7694e1cfe791f8d31026952abf09c69ca6f6fa4e1a1229e18988f06a04a12dca"
[[package]]
name = "time-macros"
-version = "0.2.24"
+version = "0.2.27"
source = "registry+https://github.com/rust-lang/crates.io-index";
-checksum = "30cfb0125f12d9c277f35663a0a33f8c30190f4e4574868a330595412d34ebf3"
+checksum = "2e70e4c5a0e0a8a4823ad65dfe1a6930e4f4d756dcd9dd7939022b5e8c501215"
dependencies = [
"num-conv",
"time-core",
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cargo-auditable-0.7.2~0/Cargo.toml
new/cargo-auditable-0.7.4~0/Cargo.toml
--- old/cargo-auditable-0.7.2~0/Cargo.toml 2025-11-09 11:06:58.000000000
+0100
+++ new/cargo-auditable-0.7.4~0/Cargo.toml 2026-03-04 20:15:52.000000000
+0100
@@ -13,7 +13,7 @@
# Config for 'dist'
[workspace.metadata.dist]
# The preferred dist version to use in CI (Cargo.toml SemVer syntax)
-cargo-dist-version = "0.30.0"
+cargo-dist-version = "0.31.0"
# CI backends to support
ci = "github"
# The installers to generate for each app
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cargo-auditable-0.7.2~0/cargo-auditable/CHANGELOG.md
new/cargo-auditable-0.7.4~0/cargo-auditable/CHANGELOG.md
--- old/cargo-auditable-0.7.2~0/cargo-auditable/CHANGELOG.md 2025-11-09
11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/CHANGELOG.md 2026-03-04
20:15:52.000000000 +0100
@@ -5,6 +5,22 @@
The format is based on [Keep a
Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic
Versioning](https://semver.org/spec/v2.0.0.html).
+## [0.7.4] - 2026-03-04
+
+### Fixed
+
+ - Fixed build failures when targeting i686-pc-windows-msvc. Added tests to
test this target on CI, including the bare linker configuration.
+
+## [0.7.3] - 2026-03-03
+
+### Changed
+
+ - On Unix, use `-u` linker flag instead of `--undefined` for broader
compatibility. Most notably fixes compatibility with the Zig toolchain linker,
making `cargo zigbuild` work with `cargo auditable`.
+
+### Fixed
+
+ - Fixed build failures for bare linker configurations on Apple platforms, and
added test for bare linker configurations for Apple and linux-musl.
+
## [0.7.2] - 2025-11-09
### Changed
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cargo-auditable-0.7.2~0/cargo-auditable/Cargo.toml
new/cargo-auditable-0.7.4~0/cargo-auditable/Cargo.toml
--- old/cargo-auditable-0.7.2~0/cargo-auditable/Cargo.toml 2025-11-09
11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/Cargo.toml 2026-03-04
20:15:52.000000000 +0100
@@ -1,6 +1,6 @@
[package]
name = "cargo-auditable"
-version = "0.7.2"
+version = "0.7.4"
edition = "2021"
authors = ["Sergey \"Shnatsel\" Davidoff <[email protected]>"]
license = "MIT OR Apache-2.0"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/src/object_file.rs
new/cargo-auditable-0.7.4~0/cargo-auditable/src/object_file.rs
--- old/cargo-auditable-0.7.2~0/cargo-auditable/src/object_file.rs
2025-11-09 11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/src/object_file.rs
2026-03-04 20:15:52.000000000 +0100
@@ -181,6 +181,44 @@
abi_version,
e_flags,
};
+
+ // Add the COFF `@feat.00` symbol used to communicate linker feature flags.
+ //
+ // When linking with /SAFESEH on x86, lld requires that all linker inputs
be marked as safe
+ // exception handling compatible. Our metadata objects masquerade as
regular COFF objects and
+ // are treated as linker inputs, so they need the flag too.
+ //
+ // This implementation mirrors the rustc's metadata object generation:
+ //
<https://github.com/rust-lang/rust/blob/b90dc1e597db0bbc0cab0eccb39747b1a9d7e607/compiler/rustc_codegen_ssa/src/back/metadata.rs#L224-L252>
+ //
+ // See also:
+ //
+ // - <https://github.com/rust-lang/rust/issues/96498>
+ // - <https://learn.microsoft.com/en-us/windows/win32/debug/pe-format>
+ if binary_format == BinaryFormat::Coff {
+ // Disable mangling so the "@feat.00" symbol name is written verbatim.
+ // CoffI386 mangling adds a `_` prefix which would break this special
symbol.
+ let original_mangling = file.mangling();
+ file.set_mangling(write::Mangling::None);
+
+ let mut feature: u64 = 0;
+ if architecture == Architecture::I386 {
+ feature |= 1; // IMAGE_FILE_SAFE_EXCEPTION_HANDLER
+ }
+ file.add_symbol(Symbol {
+ name: b"@feat.00".to_vec(),
+ value: feature,
+ size: 0,
+ kind: SymbolKind::Data,
+ scope: SymbolScope::Compilation,
+ weak: false,
+ section: SymbolSection::Absolute,
+ flags: SymbolFlags::None,
+ });
+
+ file.set_mangling(original_mangling);
+ }
+
Some(file)
}
@@ -323,6 +361,87 @@
}
#[test]
+ fn test_create_object_file_windows_msvc_i686() {
+ let rustc_output = br#"debug_assertions
+target_arch="x86"
+target_endian="little"
+target_env="msvc"
+target_family="windows"
+target_feature="fxsr"
+target_feature="sse"
+target_feature="sse2"
+target_os="windows"
+target_pointer_width="32"
+target_vendor="pc"
+windows
+"#;
+ let target_triple = "i686-pc-windows-msvc";
+ let target_info = parse_rustc_target_info(rustc_output);
+ let result = create_object_file(&target_info, target_triple).unwrap();
+ assert_eq!(result.format(), BinaryFormat::Coff);
+ assert_eq!(result.architecture(), Architecture::I386);
+ }
+
+ /// Verify that i686 COFF metadata objects contain an absolute `@feat.00`
symbol with
+ /// `IMAGE_FILE_SAFE_EXCEPTION_HANDLER` (bit 0) set.
+ ///
+ /// See <https://github.com/rust-lang/rust/issues/96498>
+ #[test]
+ fn test_create_metadata_file_windows_msvc_i686_has_feat00() {
+ let rustc_output = br#"debug_assertions
+target_arch="x86"
+target_endian="little"
+target_env="msvc"
+target_family="windows"
+target_feature="fxsr"
+target_feature="sse"
+target_feature="sse2"
+target_os="windows"
+target_pointer_width="32"
+target_vendor="pc"
+windows
+"#;
+ let target_triple = "i686-pc-windows-msvc";
+ let target_info = parse_rustc_target_info(rustc_output);
+ let contents = b"test audit data";
+ let result = create_metadata_file(
+ &target_info,
+ target_triple,
+ contents,
+ "AUDITABLE_VERSION_INFO",
+ )
+ .expect("should produce an object file for i686-pc-windows-msvc");
+
+ // Parse the COFF symbol table and verify `@feat.00` has value bit0=1
and absolute section.
+ let symtab_ptr = u32::from_le_bytes(result[8..12].try_into().unwrap())
as usize;
+ let sym_count = u32::from_le_bytes(result[12..16].try_into().unwrap())
as usize;
+ let symbol_size = 18;
+
+ let feat = (0..sym_count).find_map(|i| {
+ let start = symtab_ptr + i * symbol_size;
+ let end = start + symbol_size;
+ let entry = result.get(start..end)?;
+ if &entry[0..8] != b"@feat.00" {
+ return None;
+ }
+ let value = u32::from_le_bytes(entry[8..12].try_into().unwrap());
+ let section_number =
i16::from_le_bytes(entry[12..14].try_into().unwrap());
+ Some((value, section_number))
+ });
+
+ let (value, section_number) = feat.expect("COFF object for i686 must
contain @feat.00");
+ assert_eq!(
+ value & 1,
+ 1,
+ "@feat.00 must set IMAGE_FILE_SAFE_EXCEPTION_HANDLER on i686"
+ );
+ assert_eq!(
+ section_number, -1,
+ "@feat.00 must be an absolute COFF symbol (section number -1)"
+ );
+ }
+
+ #[test]
fn test_create_object_file_windows_gnu() {
let rustc_output = br#"debug_assertions
target_arch="x86_64"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/src/platform_detection.rs
new/cargo-auditable-0.7.4~0/cargo-auditable/src/platform_detection.rs
--- old/cargo-auditable-0.7.2~0/cargo-auditable/src/platform_detection.rs
2025-11-09 11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/src/platform_detection.rs
2026-03-04 20:15:52.000000000 +0100
@@ -22,6 +22,10 @@
key_equals(target_info, "target_pointer_width", "32")
}
+pub fn is_32bit_x86(target_info: &RustcTargetInfo) -> bool {
+ key_equals(target_info, "target_arch", "x86")
+}
+
fn key_equals(target_info: &RustcTargetInfo, key: &str, value: &str) -> bool {
target_info.get(key).map(|s| s.as_str()) == Some(value)
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/src/rustc_wrapper.rs
new/cargo-auditable-0.7.4~0/cargo-auditable/src/rustc_wrapper.rs
--- old/cargo-auditable-0.7.2~0/cargo-auditable/src/rustc_wrapper.rs
2025-11-09 11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/src/rustc_wrapper.rs
2026-03-04 20:15:52.000000000 +0100
@@ -6,7 +6,7 @@
use crate::{
binary_file, collect_audit_data,
- platform_detection::{is_apple, is_msvc, is_wasm},
+ platform_detection::{is_32bit_x86, is_apple, is_msvc, is_wasm},
rustc_arguments::{self, should_embed_audit_data},
target_info,
};
@@ -128,21 +128,31 @@
// Prevent the symbol from being removed as unused by the linker
if is_apple(&target_info) {
if args.bare_linker() {
- command.arg("-Clink-arg=-u,_AUDITABLE_VERSION_INFO");
+ command.arg("-Clink-arg=-u");
+ command.arg("-Clink-arg=_AUDITABLE_VERSION_INFO");
} else {
command.arg("-Clink-arg=-Wl,-u,_AUDITABLE_VERSION_INFO");
}
} else if is_msvc(&target_info) {
- command.arg("-Clink-arg=/INCLUDE:AUDITABLE_VERSION_INFO");
+ // On x86 MSVC, the `object` crate's CoffI386 mangling adds a `_`
+ // prefix to global symbols, so the linker must reference the
+ // decorated name.
+ if is_32bit_x86(&target_info) {
+ command.arg("-Clink-arg=/INCLUDE:_AUDITABLE_VERSION_INFO");
+ } else {
+ command.arg("-Clink-arg=/INCLUDE:AUDITABLE_VERSION_INFO");
+ }
} else if is_wasm(&target_info) {
// We don't emit the symbol name in WASM, so nothing to do
} else {
- // Unrecognized platform, assume it to be unix-like
- #[allow(clippy::collapsible_else_if)]
+ // Unrecognized platform, assume it to be unix-like.
+ // Use POSIX `-u` instead of GNU `--undefined=` for broad
compatibility
+ // (e.g. zig rejects the GNU form).
if args.bare_linker() {
- command.arg("-Clink-arg=--undefined=AUDITABLE_VERSION_INFO");
+ command.arg("-Clink-arg=-u");
+ command.arg("-Clink-arg=AUDITABLE_VERSION_INFO");
} else {
-
command.arg("-Clink-arg=-Wl,--undefined=AUDITABLE_VERSION_INFO");
+ command.arg("-Clink-arg=-Wl,-u,AUDITABLE_VERSION_INFO");
}
}
Some(command)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/.cargo/config.toml
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/.cargo/config.toml
---
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/.cargo/config.toml
1970-01-01 01:00:00.000000000 +0100
+++
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/.cargo/config.toml
2026-03-04 20:15:52.000000000 +0100
@@ -0,0 +1,46 @@
+# copied from
https://github.com/EFForg/rayhunter/blob/adeeb751667d3b44ba6ad215a1bc0ac73d90ae72/.cargo/config.toml#L1
+# as a motivating example for bare linker support
+
+[target.aarch64-apple-darwin]
+linker = "rust-lld"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+[target.aarch64-unknown-linux-musl]
+linker = "rust-lld"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+# apt install build-essential libc6-armhf-cross libc6-dev-armhf-cross
gcc-arm-linux-gnueabihf
+[target.armv7-unknown-linux-gnueabihf]
+linker = "arm-linux-gnueabihf-gcc"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+[target.armv7-unknown-linux-musleabihf]
+linker = "rust-lld"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+[target.armv7-unknown-linux-musleabi]
+linker = "rust-lld"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+# Disable rust-lld for x86 macOS because the linker crashers when compiling
+# the installer in release mode with debug info on.
+# [target.x86_64-apple-darwin]
+# linker = "rust-lld"
+# rustflags = ["-C", "target-feature=+crt-static"]
+
+[target.x86_64-unknown-linux-musl]
+linker = "rust-lld"
+rustflags = ["-C", "target-feature=+crt-static"]
+
+# === Not included in the original Rayhunter example ===
+
+# this tests for https://github.com/rust-lang/rust/issues/96498
+[target.i686-pc-windows-msvc]
+linker = "rust-lld"
+
+# this Just Works so we might as well see if it keeps working
+[target.x86_64-pc-windows-msvc]
+linker = "rust-lld"
+
+# GNU targets generally don't work with bare linkers; not even rayhunter uses
it there.
+# So we're not testing windows-gnu or linux-gnu
\ No newline at end of file
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/Cargo.toml
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/Cargo.toml
---
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/Cargo.toml
1970-01-01 01:00:00.000000000 +0100
+++
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/Cargo.toml
2026-03-04 20:15:52.000000000 +0100
@@ -0,0 +1,8 @@
+[package]
+name = "bare_linker"
+version = "0.1.0"
+edition = "2024"
+
+[dependencies]
+
+[workspace]
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/src/main.rs
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/src/main.rs
---
old/cargo-auditable-0.7.2~0/cargo-auditable/tests/fixtures/bare_linker/src/main.rs
1970-01-01 01:00:00.000000000 +0100
+++
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/fixtures/bare_linker/src/main.rs
2026-03-04 20:15:52.000000000 +0100
@@ -0,0 +1,3 @@
+fn main() {
+ println!("Hello, world!");
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/cargo-auditable-0.7.2~0/cargo-auditable/tests/it.rs
new/cargo-auditable-0.7.4~0/cargo-auditable/tests/it.rs
--- old/cargo-auditable-0.7.2~0/cargo-auditable/tests/it.rs 2025-11-09
11:06:58.000000000 +0100
+++ new/cargo-auditable-0.7.4~0/cargo-auditable/tests/it.rs 2026-03-04
20:15:52.000000000 +0100
@@ -585,3 +585,37 @@
.expect("Could not find 'syn' in the embedded dependency list!");
assert_eq!(syn_info.kind, DependencyKind::Build);
}
+
+#[test]
+fn test_bare_linker() {
+ test_bare_linker_inner(false);
+ test_bare_linker_inner(true);
+}
+fn test_bare_linker_inner(sbom: bool) {
+ // Path to workspace fixture Cargo.toml
+ let cargo_toml =
+
PathBuf::from(env!("CARGO_MANIFEST_DIR")).join("tests/fixtures/bare_linker/Cargo.toml");
+ // The motivating example is
https://github.com/EFForg/rayhunter/blob/main/.cargo/config.toml
+ // and the config file fixture is based on that, with some additions.
+ //
+ // The config file doesn't specify a bare linker for all targets;
+ // e.g. GNU doesn't seem to support using a bare linker at all.
+ // See the config file for the exact list of targets where this is tested.
+ let config_path = PathBuf::from(env!("CARGO_MANIFEST_DIR"))
+ .join("tests/fixtures/bare_linker/.cargo/config.toml");
+
+ let bins = run_cargo_auditable(
+ cargo_toml,
+ &["--config", config_path.to_str().unwrap()],
+ &[],
+ sbom,
+ );
+ eprintln!("Test fixture binary map: {bins:?}");
+
+ // bare_linker should only depend on itself
+ let bare_linker_bin = &bins.get("bare_linker").unwrap()[0];
+ let dep_info = get_dependency_info(bare_linker_bin);
+ eprintln!("{bare_linker_bin} dependency info: {dep_info:?}");
+ assert!(dep_info.packages.len() == 1);
+ assert!(dep_info.packages.iter().any(|p| p.name == "bare_linker"));
+}
++++++ cargo-auditable.obsinfo ++++++
--- /var/tmp/diff_new_pack.KSGn5e/_old 2026-04-23 17:04:26.332317803 +0200
+++ /var/tmp/diff_new_pack.KSGn5e/_new 2026-04-23 17:04:26.336317968 +0200
@@ -1,5 +1,5 @@
name: cargo-auditable
-version: 0.7.2~0
-mtime: 1762682818
-commit: 0c4c6591a355c0fec883f70a4e9280974f15e02c
+version: 0.7.4~0
+mtime: 1772651752
+commit: 1d50810095d1a40d02c4f5c38152cdb9d0ea06bd
++++++ vendor.tar.zst ++++++
/work/SRC/openSUSE:Factory/cargo-auditable/vendor.tar.zst
/work/SRC/openSUSE:Factory/.cargo-auditable.new.11940/vendor.tar.zst differ:
char 7, line 1
