Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package google-osconfig-agent for
openSUSE:Factory checked in at 2026-05-13 17:22:29
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/google-osconfig-agent (Old)
and /work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1966 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "google-osconfig-agent"
Wed May 13 17:22:29 2026 rev:52 rq:1352950 version:20260511.00
Changes:
--------
---
/work/SRC/openSUSE:Factory/google-osconfig-agent/google-osconfig-agent.changes
2026-05-04 17:24:36.895150414 +0200
+++
/work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1966/google-osconfig-agent.changes
2026-05-13 17:24:45.924798590 +0200
@@ -1,0 +2,25 @@
+Wed May 13 07:43:51 UTC 2026 - John Paul Adrian Glaubitz
<[email protected]>
+
+- Update to version 20260511.00
+ * switch to t2a-standard-2 on ARM package build (#977)
+- from version 20260505.03
+ * Cover zypper_patch by unit tests (#958)
+- from version 20260505.02
+ * Remove unused functions DisableAutoUpdates (#970)
+- from version 20260505.01
+ * Bump
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
(#966)
+- from version 20260505.00
+ * Upgrade a few dependencies across the repo (#968)
+ + github.com/go-git/go-git/v5 5.16.2->5.18.0 (bsc#1264923, CVE-2026-41506)
+ + github.com/go-jose/go-jose/v4 4.1.3->4.1.4 (bsc#1262926, CVE-2026-34986)
+ + github.com/go-viper/mapstructure/v2 2.3.0->2.4.0
+ + go.opentelemetry.io/otel 1.40.0->1.41.0
+ + go.opentelemetry.io/otel/sdk 1.39.0->1.43.0
+- from version 20260504.01
+ * bump github.com/docker/cli to 29.2.0 (#962)
+- from version 20260504.00
+ * Bump github.com/opencontainers/selinux (#960)
+- Add missing CVE reference to previous changelog entry
+- Drop CVE-2026-34986.patch, merged upstream
+
+-------------------------------------------------------------------
@@ -11,0 +37 @@
+ (bsc#1260264, CVE-2026-33186)
Old:
----
CVE-2026-34986.patch
osconfig-20260428.00.tar.gz
New:
----
osconfig-20260511.00.tar.gz
----------(Old B)----------
Old:- Add missing CVE reference to previous changelog entry
- Drop CVE-2026-34986.patch, merged upstream
----------(Old E)----------
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ google-osconfig-agent.spec ++++++
--- /var/tmp/diff_new_pack.Dy6iBM/_old 2026-05-13 17:24:49.468945603 +0200
+++ /var/tmp/diff_new_pack.Dy6iBM/_new 2026-05-13 17:24:49.472945769 +0200
@@ -24,7 +24,7 @@
%global import_path %{provider_prefix}
Name: google-osconfig-agent
-Version: 20260428.00
+Version: 20260511.00
Release: 0
Summary: Google Cloud Guest Agent
License: Apache-2.0
@@ -33,8 +33,6 @@
Source0: %{repo}-%{version}.tar.gz
Source1: vendor.tar.gz
Source2: rpmlintrc
-# PATCH-FIX-UPSTREAM - Fix crafted JWE input with a missing encrypted key can
lead to a denial of service
-Patch0: CVE-2026-34986.patch
BuildRequires: golang(API) >= 1.24.5
BuildRequires: golang-packaging
Requires: google-guest-configs
@@ -51,9 +49,6 @@
%prep
%setup -q -n %{repo}-%{version}
%setup -q -D -T -a 1 -n %{repo}-%{version}
-pushd vendor/github.com/go-jose/go-jose/v4
-%patch -P0 -p1
-popd
%build
%goprep %{import_path}
++++++ _service ++++++
--- /var/tmp/diff_new_pack.Dy6iBM/_old 2026-05-13 17:24:49.560949419 +0200
+++ /var/tmp/diff_new_pack.Dy6iBM/_new 2026-05-13 17:24:49.568949751 +0200
@@ -3,8 +3,8 @@
<param name="url">https://github.com/GoogleCloudPlatform/osconfig</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="versionformat">20260428.00</param>
- <param name="revision">20260428.00</param>
+ <param name="versionformat">20260511.00</param>
+ <param name="revision">20260511.00</param>
<param name="changesgenerate">enable</param>
</service>
<service name="recompress" mode="disabled">
@@ -15,7 +15,7 @@
<param name="basename">osconfig</param>
</service>
<service name="go_modules" mode="disabled">
- <param name="archive">osconfig-20260428.00.tar.gz</param>
+ <param name="archive">osconfig-20260511.00.tar.gz</param>
</service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Dy6iBM/_old 2026-05-13 17:24:49.608951411 +0200
+++ /var/tmp/diff_new_pack.Dy6iBM/_new 2026-05-13 17:24:49.624952074 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param
name="url">https://github.com/GoogleCloudPlatform/osconfig</param>
- <param
name="changesrevision">5b7da888d9b39bd8dded65f94078b0e29b94b78c</param></service></servicedata>
+ <param
name="changesrevision">ce895ae780529f489dbc26bac76392c5734b13d2</param></service></servicedata>
(No newline at EOF)
++++++ osconfig-20260428.00.tar.gz -> osconfig-20260511.00.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20260428.00/go.mod
new/osconfig-20260511.00/go.mod
--- old/osconfig-20260428.00/go.mod 2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/go.mod 2026-05-11 23:09:03.000000000 +0200
@@ -1,8 +1,6 @@
module github.com/GoogleCloudPlatform/osconfig
-go 1.24.6
-
-toolchain go1.24.13
+go 1.25.0
require (
cloud.google.com/go/compute/metadata v0.9.0
@@ -14,19 +12,19 @@
github.com/go-ole/go-ole v1.3.0
github.com/golang/mock v1.6.0
github.com/google/go-cmp v0.7.0
- github.com/google/osv-scalibr v0.4.3
+ github.com/google/osv-scalibr v0.4.5
github.com/googleapis/gax-go/v2 v2.16.0
github.com/kr/pretty v0.3.1
github.com/package-url/packageurl-go v0.1.3
github.com/tarm/serial v0.0.0-20180830185346-98f6abe2eb07
github.com/ulikunitz/xz v0.5.15
- golang.org/x/crypto v0.47.0
+ golang.org/x/crypto v0.49.0
golang.org/x/oauth2 v0.34.0
- golang.org/x/sys v0.40.0
+ golang.org/x/sys v0.42.0
google.golang.org/api v0.259.0
google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217
- google.golang.org/genproto/googleapis/rpc
v0.0.0-20251222181119-0a764e51fe1b
- google.golang.org/grpc v1.79.3
+ google.golang.org/genproto/googleapis/rpc
v0.0.0-20260406210006-6f92a3bedf2d
+ google.golang.org/grpc v1.80.0
google.golang.org/protobuf v1.36.11
)
@@ -39,6 +37,7 @@
cloud.google.com/go/logging v1.13.1 // indirect
cloud.google.com/go/longrunning v0.8.0 // indirect
cloud.google.com/go/monitoring v1.24.3 // indirect
+ cyphar.com/go-pathrs v0.2.1 // indirect
deps.dev/api/v3 v3.0.0-20250903005441-604c45d5b44b // indirect
deps.dev/api/v3alpha v0.0.0-20250903005441-604c45d5b44b // indirect
deps.dev/util/maven v0.0.0-20251104021112-20ad94767ddf // indirect
@@ -50,14 +49,16 @@
github.com/BurntSushi/toml v1.5.0 // indirect
github.com/CycloneDX/cyclonedx-go v0.9.2 // indirect
github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5 //
indirect
-
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.30.0 // indirect
+
github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.31.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.54.0 // indirect
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/resourcemapping
v0.54.0 // indirect
github.com/Microsoft/go-winio v0.6.2 // indirect
github.com/Microsoft/hcsshim v0.13.0 // indirect
+ github.com/aead/serpent v0.0.0-20160714141033-fba169763ea6 // indirect
github.com/agext/levenshtein v1.2.3 // indirect
github.com/anchore/go-lzo v0.1.0 // indirect
github.com/anchore/go-struct-converter v0.1.0 // indirect
+ github.com/bazelbuild/buildtools v0.0.0-20250826111327-4006b543a694 //
indirect
github.com/cespare/xxhash/v2 v2.3.0 // indirect
github.com/cncf/xds/go v0.0.0-20251210132809-ee656c7534f5 // indirect
github.com/compose-spec/compose-go/v2 v2.8.1 // indirect
@@ -73,12 +74,13 @@
github.com/containerd/stargz-snapshotter/estargz v0.16.3 // indirect
github.com/containerd/ttrpc v1.2.7 // indirect
github.com/containerd/typeurl/v2 v2.2.3 // indirect
+ github.com/cyphar/filepath-securejoin v0.6.0 // indirect
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc //
indirect
github.com/deitch/magic v0.0.0-20240306090643-c67ab88f10cb // indirect
github.com/diskfs/go-diskfs v1.7.0 // indirect
github.com/distribution/reference v0.6.0 // indirect
github.com/djherbis/times v1.6.0 // indirect
- github.com/docker/cli v28.2.2+incompatible // indirect
+ github.com/docker/cli v29.2.0+incompatible // indirect
github.com/docker/distribution v2.8.3+incompatible // indirect
github.com/docker/docker v28.2.2+incompatible // indirect
github.com/docker/docker-credential-helpers v0.9.3 // indirect
@@ -96,13 +98,13 @@
github.com/felixge/httpsnoop v1.0.4 // indirect
github.com/go-errors/errors v1.0.2 // indirect
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
- github.com/go-git/go-billy/v5 v5.6.2 // indirect
- github.com/go-git/go-git/v5 v5.16.2 // indirect
- github.com/go-jose/go-jose/v4 v4.1.3 // indirect
+ github.com/go-git/go-billy/v5 v5.8.0 // indirect
+ github.com/go-git/go-git/v5 v5.18.0 // indirect
+ github.com/go-jose/go-jose/v4 v4.1.4 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-restruct/restruct v1.2.0-alpha // indirect
- github.com/go-viper/mapstructure/v2 v2.3.0 // indirect
+ github.com/go-viper/mapstructure/v2 v2.4.0 // indirect
github.com/gobwas/glob v0.2.3 // indirect
github.com/gogo/protobuf v1.3.2 // indirect
github.com/golang/glog v1.2.5 // indirect
@@ -136,7 +138,7 @@
github.com/opencontainers/go-digest v1.0.0 // indirect
github.com/opencontainers/image-spec v1.1.1 // indirect
github.com/opencontainers/runtime-spec v1.2.1 // indirect
- github.com/opencontainers/selinux v1.12.0 // indirect
+ github.com/opencontainers/selinux v1.13.0 // indirect
github.com/ossf/osv-schema/bindings/go
v0.0.0-20260129002236-09a17f85b44a // indirect
github.com/pierrec/lz4/v4 v4.1.17 // indirect
github.com/pkg/errors v0.9.1 // indirect
@@ -169,30 +171,30 @@
go.opencensus.io v0.24.0 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/contrib/detectors/gcp v1.39.0 // indirect
-
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.63.0 // indirect
+
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.68.0 // indirect
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0
// indirect
- go.opentelemetry.io/otel v1.40.0 // indirect
- go.opentelemetry.io/otel/metric v1.40.0 // indirect
- go.opentelemetry.io/otel/sdk v1.39.0 // indirect
- go.opentelemetry.io/otel/sdk/metric v1.39.0 // indirect
- go.opentelemetry.io/otel/trace v1.40.0 // indirect
+ go.opentelemetry.io/otel v1.43.0 // indirect
+ go.opentelemetry.io/otel/metric v1.43.0 // indirect
+ go.opentelemetry.io/otel/sdk v1.43.0 // indirect
+ go.opentelemetry.io/otel/sdk/metric v1.43.0 // indirect
+ go.opentelemetry.io/otel/trace v1.43.0 // indirect
go.uber.org/atomic v1.7.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go.uber.org/zap v1.17.0 // indirect
go.yaml.in/yaml/v2 v2.4.2 // indirect
go.yaml.in/yaml/v3 v3.0.4 // indirect
golang.org/x/exp v0.0.0-20250408133849-7e4ce0ab07d0 // indirect
- golang.org/x/mod v0.31.0 // indirect
- golang.org/x/net v0.48.0 // indirect
- golang.org/x/sync v0.19.0 // indirect
- golang.org/x/telemetry v0.0.0-20251203150158-8fff8a5912fc // indirect
- golang.org/x/text v0.33.0 // indirect
+ golang.org/x/mod v0.33.0 // indirect
+ golang.org/x/net v0.52.0 // indirect
+ golang.org/x/sync v0.20.0 // indirect
+ golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4 // indirect
+ golang.org/x/text v0.35.0 // indirect
golang.org/x/time v0.14.0 // indirect
- golang.org/x/tools v0.40.0 // indirect
+ golang.org/x/tools v0.42.0 // indirect
golang.org/x/tools/go/expect v0.1.1-deprecated // indirect
golang.org/x/vuln v1.1.4 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
- google.golang.org/genproto/googleapis/api
v0.0.0-20251222181119-0a764e51fe1b // indirect
+ google.golang.org/genproto/googleapis/api
v0.0.0-20260120221211-b8f7ae30c516 // indirect
gopkg.in/ini.v1 v1.67.0 // indirect
gopkg.in/warnings.v0 v0.1.2 // indirect
gopkg.in/yaml.v3 v3.0.1 // indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20260428.00/go.sum
new/osconfig-20260511.00/go.sum
--- old/osconfig-20260428.00/go.sum 2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/go.sum 2026-05-11 23:09:03.000000000 +0200
@@ -59,6 +59,8 @@
cloud.google.com/go/trace v1.11.7/go.mod
h1:TNn9d5V3fQVf6s4SCveVMIBS2LJUqo73GACmq/Tky0s=
cos.googlesource.com/cos/tools.git v0.0.0-20210329212435-a349a79f950d
h1:qj1jlxRkQblujpwNPW4BOEWmGkrWP+Y5ADIoSKBxO5s=
cos.googlesource.com/cos/tools.git v0.0.0-20210329212435-a349a79f950d/go.mod
h1:1TJafpZtNmYwNzCwoWQRHfBDl59dxO6l/YW88HezBuk=
+cyphar.com/go-pathrs v0.2.1 h1:9nx1vOgwVvX1mNBWDu93+vaceedpbsDqo+XuBGL40b8=
+cyphar.com/go-pathrs v0.2.1/go.mod
h1:y8f1EMG7r+hCuFf/rXsKqMJrJAUoADZGNh5/vZPKcGc=
deps.dev/api/v3 v3.0.0-20250903005441-604c45d5b44b
h1:4f6EeZ4EexJUGBtmyMaxptWMoBw/pAVshOtvzTH6dj8=
deps.dev/api/v3 v3.0.0-20250903005441-604c45d5b44b/go.mod
h1:BWOjjNq4+j4makGArvrtyFhzBi5TXU7AGH2nDnRORk8=
deps.dev/api/v3alpha v0.0.0-20250903005441-604c45d5b44b
h1:iXre7CzhkmdmzAdiOi+u/Yk1iDMI9SYlFEnXgJd5Rnk=
@@ -88,8 +90,8 @@
github.com/GehirnInc/crypt v0.0.0-20230320061759-8cc1b52080c5/go.mod
h1:exZ0C/1emQJAw5tHOaUDyY1ycttqBAPcxuzf7QbY6ec=
github.com/GoogleCloudPlatform/guest-logging-go
v0.0.0-20221216194522-f549ad6a1730
h1:l4Hin8i/7I1R0cvWBP+z6JdRxU4yJWFbcXvJ8mKKC70=
github.com/GoogleCloudPlatform/guest-logging-go
v0.0.0-20221216194522-f549ad6a1730/go.mod
h1:3F/urXs15KEI7RBGoOsK9/jCCJPBKHxyZH/Nzc7uldo=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.30.0 h1:sBEjpZlNHzK1voKq9695PJSX2o5NEXl7/OL3coiIY0c=
-github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.30.0/go.mod h1:P4WPRUkOhJC13W//jWpyfJNDAIpvRbAUIYLX/4jtlE0=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.31.0 h1:DHa2U07rk8syqvCge0QIGMCE1WxGj9njT44GH7zNJLQ=
+github.com/GoogleCloudPlatform/opentelemetry-operations-go/detectors/gcp
v1.31.0/go.mod h1:P4WPRUkOhJC13W//jWpyfJNDAIpvRbAUIYLX/4jtlE0=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.54.0 h1:lhhYARPUu3LmHysQ/igznQphfzynnqI3D75oUyw1HXk=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/metric
v0.54.0/go.mod h1:l9rva3ApbBpEJxSNYnwT9N4CDLrWgtq3u8736C5hyJw=
github.com/GoogleCloudPlatform/opentelemetry-operations-go/internal/cloudmock
v0.54.0 h1:xfK3bbi6F2RDtaZFtUdKO3osOBIhNb+xTs8lFW6yx9o=
@@ -102,6 +104,8 @@
github.com/Microsoft/hcsshim v0.13.0/go.mod
h1:9KWJ/8DgU+QzYGupX4tzMhRQE8h6w90lH6HAaclpEok=
github.com/StackExchange/wmi v1.2.1
h1:VIkavFPXSjcnS+O8yTq7NI32k0R5Aj+v39y29VYDOSA=
github.com/StackExchange/wmi v1.2.1/go.mod
h1:rcmrprowKIVzvc+NUiLncP2uuArMWLCbu9SBzvHz7e8=
+github.com/aead/serpent v0.0.0-20160714141033-fba169763ea6
h1:5L8Mj9Co9sJVgW3TpYk2gxGJnDjsYuboNTcRmbtGKGs=
+github.com/aead/serpent v0.0.0-20160714141033-fba169763ea6/go.mod
h1:3HgLJ9d18kXMLQlJvIY3+FszZYMxCz8WfE2MQ7hDY0w=
github.com/agext/levenshtein v1.2.3
h1:YB2fHEn0UJagG8T1rrWknE3ZQzWM06O8AMAatNn7lmo=
github.com/agext/levenshtein v1.2.3/go.mod
h1:JEDfjyjHDjOF/1e4FlBE/PkbqA9OfWu2ki2W0IB5558=
github.com/alecthomas/assert v1.0.0
h1:3XmGh/PSuLzDbK3W2gUbRXwgW5lqPkuqvRgeQ30FI5o=
@@ -115,6 +119,8 @@
github.com/anchore/go-struct-converter v0.1.0
h1:2rDRssAl6mgKBSLNiVCMADgZRhoqtw9dedlWa0OhD30=
github.com/anchore/go-struct-converter v0.1.0/go.mod
h1:rYqSE9HbjzpHTI74vwPvae4ZVYZd1lue2ta6xHPdblA=
github.com/andygrunwald/go-gerrit v0.0.0-20201231163137-46815e48bfe0/go.mod
h1:soxaYLbAFToS0OelBriItCts/mtUZOuLBkCk1Xv4ZSo=
+github.com/bazelbuild/buildtools v0.0.0-20250826111327-4006b543a694
h1:LiKs9FsSfMx3NomNclXYkv9enY77oft5Mc/vX/AKHgI=
+github.com/bazelbuild/buildtools v0.0.0-20250826111327-4006b543a694/go.mod
h1:PLNUetjLa77TCCziPsz0EI8a6CUxgC+1jgmWv0H25tg=
github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
github.com/beevik/etree v1.1.0/go.mod
h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
github.com/bradleyjkemp/cupaloy/v2 v2.8.0
h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M=
@@ -159,6 +165,8 @@
github.com/containerd/typeurl/v2 v2.2.3/go.mod
h1:95ljDnPfD3bAbDJRugOiShd/DlAAsxGtUBhJxIn7SCk=
github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod
h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
github.com/creack/pty v1.1.9/go.mod
h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
+github.com/cyphar/filepath-securejoin v0.6.0
h1:BtGB77njd6SVO6VztOHfPxKitJvd/VPT+OFBFMOi1Is=
+github.com/cyphar/filepath-securejoin v0.6.0/go.mod
h1:A8hd4EnAeyujCJRrICiOWqjS1AX0a9kM5XL+NwKoYSc=
github.com/davecgh/go-spew v1.1.0/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.1/go.mod
h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc
h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -173,8 +181,8 @@
github.com/djherbis/times v1.6.0/go.mod
h1:gOHeRAz2h+VJNZ5Gmc/o7iD9k4wW7NMVqieYCY99oc0=
github.com/dlclark/regexp2 v1.11.0
h1:G/nrcoOa7ZXlpoa/91N3X7mM3r8eIlMBBJZvsz/mxKI=
github.com/dlclark/regexp2 v1.11.0/go.mod
h1:DHkYz0B9wPfa6wondMfaivmHpzrQ3v9q8cnmRbL6yW8=
-github.com/docker/cli v28.2.2+incompatible
h1:qzx5BNUDFqlvyq4AHzdNB7gSyVTmU4cgsyN9SdInc1A=
-github.com/docker/cli v28.2.2+incompatible/go.mod
h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
+github.com/docker/cli v29.2.0+incompatible
h1:9oBd9+YM7rxjZLfyMGxjraKBKE4/nVyvVfN4qNl9XRM=
+github.com/docker/cli v29.2.0+incompatible/go.mod
h1:JLrzqnKDaYBop7H2jaqPtU4hHvMKP+vjCwu2uszcLI8=
github.com/docker/distribution v2.8.3+incompatible
h1:AtKxIZ36LoNK51+Z6RpzLpddBirtxJnzDrHLEKxTAYk=
github.com/docker/distribution v2.8.3+incompatible/go.mod
h1:J2gT2udsDAN96Uj4KfcMRqY0/ypR+oyYUYmja8H+y+w=
github.com/docker/docker v28.2.2+incompatible
h1:CjwRSksz8Yo4+RmQ339Dp/D2tGO5JxwYeqtMOEe0LDw=
@@ -222,15 +230,15 @@
github.com/go-errors/errors v1.0.2/go.mod
h1:psDX2osz5VnTOnFWbDeWwS7yejl+uV3FEWEp4lssFEs=
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376
h1:+zs/tPmkDkHx3U66DAb0lQFJrpS6731Oaa12ikc+DiI=
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376/go.mod
h1:an3vInlBmSxCcxctByoQdvwPiA7DTK7jaaFDBTtu0ic=
-github.com/go-git/go-billy/v5 v5.6.2
h1:6Q86EsPXMa7c3YZ3aLAQsMA0VlWmy43r6FHqa/UNbRM=
-github.com/go-git/go-billy/v5 v5.6.2/go.mod
h1:rcFC2rAsp/erv7CMz9GczHcuD0D32fWzH+MJAU+jaUU=
-github.com/go-git/go-git/v5 v5.16.2
h1:fT6ZIOjE5iEnkzKyxTHK1W4HGAsPhqEqiSAssSO77hM=
-github.com/go-git/go-git/v5 v5.16.2/go.mod
h1:4Ge4alE/5gPs30F2H1esi2gPd69R0C39lolkucHBOp8=
+github.com/go-git/go-billy/v5 v5.8.0
h1:I8hjc3LbBlXTtVuFNJuwYuMiHvQJDq1AT6u4DwDzZG0=
+github.com/go-git/go-billy/v5 v5.8.0/go.mod
h1:RpvI/rw4Vr5QA+Z60c6d6LXH0rYJo0uD5SqfmrrheCY=
+github.com/go-git/go-git/v5 v5.18.0
h1:O831KI+0PR51hM2kep6T8k+w0/LIAD490gvqMCvL5hM=
+github.com/go-git/go-git/v5 v5.18.0/go.mod
h1:pW/VmeqkanRFqR6AljLcs7EA7FbZaN5MQqO7oZADXpo=
github.com/go-gl/glfw v0.0.0-20190409004039-e6da0acd62b1/go.mod
h1:vR7hzQXu2zJy9AVAgeJqvqgH9Q5CA+iKCZ2gyEVpxRU=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20191125211704-12ad95a8df72/go.mod
h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
github.com/go-gl/glfw/v3.3/glfw v0.0.0-20200222043503-6f7a984d4dc4/go.mod
h1:tQ2UAYgL5IevRw8kRxooKSPJfGvJ9fJQFa0TUsXzTg8=
-github.com/go-jose/go-jose/v4 v4.1.3
h1:CVLmWDhDVRa6Mi/IgCgaopNosCaHz7zrMeF9MlZRkrs=
-github.com/go-jose/go-jose/v4 v4.1.3/go.mod
h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
+github.com/go-jose/go-jose/v4 v4.1.4
h1:moDMcTHmvE6Groj34emNPLs/qtYXRVcd6S7NHbHz3kA=
+github.com/go-jose/go-jose/v4 v4.1.4/go.mod
h1:x4oUasVrzR7071A4TnHLGSPpNOm2a21K9Kf04k1rs08=
github.com/go-logr/logr v1.2.2/go.mod
h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
github.com/go-logr/logr v1.4.3 h1:CjnDlHq8ikf6E492q6eKboGOC0T8CDaOvkHCIg8idEI=
github.com/go-logr/logr v1.4.3/go.mod
h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY=
@@ -245,8 +253,8 @@
github.com/go-restruct/restruct v1.2.0-alpha/go.mod
h1:KqrpKpn4M8OLznErihXTGLlsXFGeLxHUrLRRI/1YjGk=
github.com/go-test/deep v1.0.8 h1:TDsG77qcSprGbC6vTN8OuXp5g+J+b5Pcguhf7Zt61VM=
github.com/go-test/deep v1.0.8/go.mod
h1:5C2ZWiW0ErCdrYzpqxLbTX7MG14M9iiw8DgHncVwcsE=
-github.com/go-viper/mapstructure/v2 v2.3.0
h1:27XbWsHIqhbdR5TIC911OfYvgSaW93HM+dX7970Q7jk=
-github.com/go-viper/mapstructure/v2 v2.3.0/go.mod
h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
+github.com/go-viper/mapstructure/v2 v2.4.0
h1:EBsztssimR/CONLSZZ04E8qAkxNYq4Qp9LvH92wZUgs=
+github.com/go-viper/mapstructure/v2 v2.4.0/go.mod
h1:oJDH3BJKyqBA2TXFhDsKDGDTlndYOZ6rGS0BRZIxGhM=
github.com/gobwas/glob v0.2.3 h1:A4xDbljILXROh+kObIiy5kIaPYD8e96x1tgBhUI5J+Y=
github.com/gobwas/glob v0.2.3/go.mod
h1:d3Ez4x06l9bZtSvzIay5+Yzi0fmZzPgnTbPcKjJAkT8=
github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q=
@@ -307,8 +315,8 @@
github.com/google/martian v2.1.0+incompatible/go.mod
h1:9I4somxYTbIHy5NJKHRl3wXiIaQGbYVAs8BPL6v8lEs=
github.com/google/martian/v3 v3.3.3
h1:DIhPTQrbPkgs2yJYdXU/eNACCG5DVQjySNRNlflZ9Fc=
github.com/google/martian/v3 v3.3.3/go.mod
h1:iEPrYcgCF7jA9OtScMFQyAlZZ4YXTKEtJ1E6RWzmBA0=
-github.com/google/osv-scalibr v0.4.3
h1:s4WxDumtvkdI63/QxUBlbQSGNW8otbZmywCf4RRHwgY=
-github.com/google/osv-scalibr v0.4.3/go.mod
h1:+4bTgeaPiKtZrJqYEnVB//YJw95dUXMjeqW+HKEWEkM=
+github.com/google/osv-scalibr v0.4.5
h1:fiJWZg0jXKzFmJiYKs/BhIzUMYUGs0HT2oUZOoKSL+Q=
+github.com/google/osv-scalibr v0.4.5/go.mod
h1:cNGl//rZ1OcOiFkLXY5DNrhFN7JKMGf4ieQrENUfEZw=
github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57/go.mod
h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20190515194954-54271f7e092f/go.mod
h1:zfwlbNMJ+OItoe0UupaVj+oy1omPYYDuagoSzA8v9mc=
github.com/google/pprof v0.0.0-20191218002539-d4f498aebedc/go.mod
h1:ZgVRPoUq/hfqzAqh7sHMqb3I9Rq5C59dIz2SbBwJ4eM=
@@ -409,8 +417,8 @@
github.com/opencontainers/image-spec v1.1.1/go.mod
h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
github.com/opencontainers/runtime-spec v1.2.1
h1:S4k4ryNgEpxW1dzyqffOmhI1BHYcjzU8lpJfSlR0xww=
github.com/opencontainers/runtime-spec v1.2.1/go.mod
h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
-github.com/opencontainers/selinux v1.12.0
h1:6n5JV4Cf+4y0KNXW48TLj5DwfXpvWlxXplUkdTrmPb8=
-github.com/opencontainers/selinux v1.12.0/go.mod
h1:BTPX+bjVbWGXw7ZZWUbdENt8w0htPSrlgOOysQaU62U=
+github.com/opencontainers/selinux v1.13.0
h1:Zza88GWezyT7RLql12URvoxsbLfjFx988+LGaWfbL84=
+github.com/opencontainers/selinux v1.13.0/go.mod
h1:XxWTed+A/s5NNq4GmYScVy+9jzXhGBVEOAyucdRUY8s=
github.com/ossf/osv-schema/bindings/go v0.0.0-20260129002236-09a17f85b44a
h1:XHKiGf7vsACh43gFCBb5lOxDjnY6CQYNoQXsO/SlI6k=
github.com/ossf/osv-schema/bindings/go
v0.0.0-20260129002236-09a17f85b44a/go.mod
h1:Eo7R19vlnflsCRdHW1ynyNUyoRwxdaTmTWD9MtKnJTc=
github.com/package-url/packageurl-go v0.1.3
h1:4juMED3hHiz0set3Vq3KeQ75KD1avthoXLtmE3I0PLs=
@@ -536,26 +544,26 @@
go.opentelemetry.io/auto/sdk v1.2.1/go.mod
h1:KRTj+aOaElaLi+wW1kO/DZRXwkF4C5xPbEe3ZiIhN7Y=
go.opentelemetry.io/contrib/detectors/gcp v1.39.0
h1:kWRNZMsfBHZ+uHjiH4y7Etn2FK26LAGkNFw7RHv1DhE=
go.opentelemetry.io/contrib/detectors/gcp v1.39.0/go.mod
h1:t/OGqzHBa5v6RHZwrDBJ2OirWc+4q/w2fTbLZwAKjTk=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.63.0 h1:YH4g8lQroajqUwWbq/tr2QX1JFmEXaDLgG+ew9bLMWo=
-go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.63.0/go.mod h1:fvPi2qXDqFs8M4B4fmJhE92TyQs9Ydjlg3RvfUp+NbQ=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.68.0 h1:0Qx7VGBacMm9ZENQ7TnNObTYI4ShC+lHI16seduaxZo=
+go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
v0.68.0/go.mod h1:Sje3i3MjSPKTSPvVWCaL8ugBzJwik3u4smCjUeuupqg=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0
h1:F7Jx+6hwnZ41NSFTO5q4LYDtJRXBf2PD0rNBkeB/lus=
go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp v0.61.0/go.mod
h1:UHB22Z8QsdRDrnAtX4PntOl36ajSxcdUMt1sF7Y6E7Q=
-go.opentelemetry.io/otel v1.40.0
h1:oA5YeOcpRTXq6NN7frwmwFR0Cn3RhTVZvXsP4duvCms=
-go.opentelemetry.io/otel v1.40.0/go.mod
h1:IMb+uXZUKkMXdPddhwAHm6UfOwJyh4ct1ybIlV14J0g=
+go.opentelemetry.io/otel v1.43.0
h1:mYIM03dnh5zfN7HautFE4ieIig9amkNANT+xcVxAj9I=
+go.opentelemetry.io/otel v1.43.0/go.mod
h1:JuG+u74mvjvcm8vj8pI5XiHy1zDeoCS2LB1spIq7Ay0=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0
h1:1fTNlAIJZGWLP5FVu0fikVry1IsiUnXjf7QFvoNN3Xw=
go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.35.0/go.mod
h1:zjPK58DtkqQFn+YUMbx0M2XV3QgKU0gS9LeGohREyK4=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0
h1:xJ2qHD0C1BeYVTLLR9sX12+Qb95kfeD/byKj6Ky1pXg=
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.35.0/go.mod
h1:u5BF1xyjstDowA1R5QAO9JHzqK+ublenEW/dyqTjBVk=
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.38.0
h1:wm/Q0GAAykXv83wzcKzGGqAnnfLFyFe7RslekZuv+VI=
go.opentelemetry.io/otel/exporters/stdout/stdoutmetric v1.38.0/go.mod
h1:ra3Pa40+oKjvYh+ZD3EdxFZZB0xdMfuileHAm4nNN7w=
-go.opentelemetry.io/otel/metric v1.40.0
h1:rcZe317KPftE2rstWIBitCdVp89A2HqjkxR3c11+p9g=
-go.opentelemetry.io/otel/metric v1.40.0/go.mod
h1:ib/crwQH7N3r5kfiBZQbwrTge743UDc7DTFVZrrXnqc=
-go.opentelemetry.io/otel/sdk v1.39.0
h1:nMLYcjVsvdui1B/4FRkwjzoRVsMK8uL/cj0OyhKzt18=
-go.opentelemetry.io/otel/sdk v1.39.0/go.mod
h1:vDojkC4/jsTJsE+kh+LXYQlbL8CgrEcwmt1ENZszdJE=
-go.opentelemetry.io/otel/sdk/metric v1.39.0
h1:cXMVVFVgsIf2YL6QkRF4Urbr/aMInf+2WKg+sEJTtB8=
-go.opentelemetry.io/otel/sdk/metric v1.39.0/go.mod
h1:xq9HEVH7qeX69/JnwEfp6fVq5wosJsY1mt4lLfYdVew=
-go.opentelemetry.io/otel/trace v1.40.0
h1:WA4etStDttCSYuhwvEa8OP8I5EWu24lkOzp+ZYblVjw=
-go.opentelemetry.io/otel/trace v1.40.0/go.mod
h1:zeAhriXecNGP/s2SEG3+Y8X9ujcJOTqQ5RgdEJcawiA=
+go.opentelemetry.io/otel/metric v1.43.0
h1:d7638QeInOnuwOONPp4JAOGfbCEpYb+K6DVWvdxGzgM=
+go.opentelemetry.io/otel/metric v1.43.0/go.mod
h1:RDnPtIxvqlgO8GRW18W6Z/4P462ldprJtfxHxyKd2PY=
+go.opentelemetry.io/otel/sdk v1.43.0
h1:pi5mE86i5rTeLXqoF/hhiBtUNcrAGHLKQdhg4h4V9Dg=
+go.opentelemetry.io/otel/sdk v1.43.0/go.mod
h1:P+IkVU3iWukmiit/Yf9AWvpyRDlUeBaRg6Y+C58QHzg=
+go.opentelemetry.io/otel/sdk/metric v1.43.0
h1:S88dyqXjJkuBNLeMcVPRFXpRw2fuwdvfCGLEo89fDkw=
+go.opentelemetry.io/otel/sdk/metric v1.43.0/go.mod
h1:C/RJtwSEJ5hzTiUz5pXF1kILHStzb9zFlIEe85bhj6A=
+go.opentelemetry.io/otel/trace v1.43.0
h1:BkNrHpup+4k4w+ZZ86CZoHHEkohws8AY+WTX09nk+3A=
+go.opentelemetry.io/otel/trace v1.43.0/go.mod
h1:/QJhyVBUUswCphDVxq+8mld+AvhXZLhe+8WVFxiFff0=
go.opentelemetry.io/proto/otlp v1.7.1
h1:gTOMpGDb0WTBOP8JaO72iL3auEZhVmAQg4ipjOVAtj4=
go.opentelemetry.io/proto/otlp v1.7.1/go.mod
h1:b2rVh6rfI/s2pHWNlB7ILJcRALpcNDzKhACevjI+ZnE=
go.uber.org/atomic v1.7.0 h1:ADUqmZGgLDDfbSL9ZmPxKTybcoEYHgpYfELNoN+7hsw=
@@ -575,8 +583,8 @@
golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod
h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod
h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod
h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
-golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
-golang.org/x/crypto v0.47.0/go.mod
h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=
+golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
+golang.org/x/crypto v0.49.0/go.mod
h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod
h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8=
@@ -614,8 +622,8 @@
golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod
h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
-golang.org/x/mod v0.31.0 h1:HaW9xtz0+kOcWKwli0ZXy79Ix+UW/vOfmWI5QVd2tgI=
-golang.org/x/mod v0.31.0/go.mod h1:43JraMp9cGx1Rx3AqioxrbrhNsLl2l/iNAvuBkrezpg=
+golang.org/x/mod v0.33.0 h1:tHFzIWbBifEmbwtGz65eaWyGiGZatSrT9prnU8DbVL8=
+golang.org/x/mod v0.33.0/go.mod h1:swjeQEj+6r7fODbD2cqrnje9PnziFuw4bmLbBZFrQ5w=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -645,8 +653,8 @@
golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod
h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod
h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod
h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
-golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU=
-golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY=
+golang.org/x/net v0.52.0 h1:He/TN1l0e4mmR3QqHMT2Xab3Aj3L9qjbhRm78/6jrW0=
+golang.org/x/net v0.52.0/go.mod h1:R1MAz7uMZxVMualyPXb+VaqGSa3LIaUqk0eEt3w36Sw=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod
h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod
h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod
h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -664,8 +672,8 @@
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod
h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.19.0 h1:vV+1eWNmZ5geRlYjzm2adRgW2/mcpevXNg50YZtPCE4=
-golang.org/x/sync v0.19.0/go.mod
h1:9KTHXmSnoGruLpwFjVSX0lNNA75CykiMECbovNTZqGI=
+golang.org/x/sync v0.20.0 h1:e0PTpb7pjO8GAtTs2dQ6jYa5BWYlMuX047Dco/pItO4=
+golang.org/x/sync v0.20.0/go.mod
h1:9xrNwdLfx4jkKbNva9FpL6vEN7evnE43NNNJQ2LF3+0=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod
h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod
h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20190312061237-fead79001313/go.mod
h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
@@ -706,14 +714,14 @@
golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod
h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ=
-golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks=
-golang.org/x/telemetry v0.0.0-20251203150158-8fff8a5912fc
h1:bH6xUXay0AIFMElXG2rQ4uiE+7ncwtiOdPfYK1NK2XA=
-golang.org/x/telemetry v0.0.0-20251203150158-8fff8a5912fc/go.mod
h1:hKdjCMrbv9skySur+Nek8Hd0uJ0GuxJIoIX2payrIdQ=
+golang.org/x/sys v0.42.0 h1:omrd2nAlyT5ESRdCLYdm3+fMfNFE/+Rf4bDIQImRJeo=
+golang.org/x/sys v0.42.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw=
+golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4
h1:bTLqdHv7xrGlFbvf5/TXNxy/iUwwdkjhqQTJDjW7aj0=
+golang.org/x/telemetry v0.0.0-20260209163413-e7419c687ee4/go.mod
h1:g5NllXBEermZrmR51cJDQxmJUHUOfRAaNyWBM+R+548=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod
h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod
h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
-golang.org/x/term v0.39.0 h1:RclSuaJf32jOqZz74CkPA9qFuVTX7vhLlpfj/IGWlqY=
-golang.org/x/term v0.39.0/go.mod
h1:yxzUCTP/U+FzoxfdKmLaA0RV1WgE0VY7hXBwKtY/4ww=
+golang.org/x/term v0.41.0 h1:QCgPso/Q3RTJx2Th4bDLqML4W6iJiaXFq2/ftQF13YU=
+golang.org/x/term v0.41.0/go.mod
h1:3pfBgksrReYfZ5lvYM0kSO0LIkAl4Yl2bXOkKP7Ec2A=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod
h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod
h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -721,8 +729,8 @@
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
-golang.org/x/text v0.33.0 h1:B3njUFyqtHDUI5jMn1YIr5B0IE2U0qck04r6d4KPAxE=
-golang.org/x/text v0.33.0/go.mod
h1:LuMebE6+rBincTi9+xWTY8TztLzKHc/9C1uBCG27+q8=
+golang.org/x/text v0.35.0 h1:JOVx6vVDFokkpaq1AEptVzLTpDe9KGpj5tR4/X+ybL8=
+golang.org/x/text v0.35.0/go.mod
h1:khi/HExzZJ2pGnjenulevKNX1W67CUy0AsXcNubPGCA=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -774,8 +782,8 @@
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod
h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.1/go.mod
h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.12/go.mod
h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
-golang.org/x/tools v0.40.0 h1:yLkxfA+Qnul4cs9QA3KnlFu0lVmd8JJfoq+E41uSutA=
-golang.org/x/tools v0.40.0/go.mod
h1:Ik/tzLRlbscWpqqMRjyWYDisX8bG13FrdXp3o4Sr9lc=
+golang.org/x/tools v0.42.0 h1:uNgphsn75Tdz5Ji2q36v/nsFSfR/9BRFvqhGBaJGd5k=
+golang.org/x/tools v0.42.0/go.mod
h1:Ma6lCIwGZvHK6XtgbswSoWroEkhugApmsXyrUmBhfr0=
golang.org/x/tools/go/expect v0.1.1-deprecated
h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnpsEAGHaNy0n/rJM=
golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod
h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY=
golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated
h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM=
@@ -788,8 +796,8 @@
golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028
h1:+cNy6SZtPcJQH3LJVLOSmiC7MMxXNOb3PU/VUEz+EhU=
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028/go.mod
h1:NDW/Ps6MPRej6fsCIbMTohpP40sJ/P/vI1MoTEGwX90=
-gonum.org/v1/gonum v0.16.0 h1:5+ul4Swaf3ESvrOnidPp4GZbzf0mxVQpDCYUQE7OJfk=
-gonum.org/v1/gonum v0.16.0/go.mod
h1:fef3am4MQ93R2HHpKnLk4/Tbh/s0+wqD5nfa6Pnwy4E=
+gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4=
+gonum.org/v1/gonum v0.17.0/go.mod
h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E=
google.golang.org/api v0.4.0/go.mod
h1:8k5glujaEP+g9n7WNsDg8QP6cUVNI86fCNMcbazEtwE=
google.golang.org/api v0.7.0/go.mod
h1:WtwebWUNSVBH/HAw79HIFXZNqEvBhG+Ra+ax0hx3E3M=
google.golang.org/api v0.8.0/go.mod
h1:o4eAsZoiT+ibD93RtjEohWalFOjRDx6CVaqeizhEnKg=
@@ -844,10 +852,10 @@
google.golang.org/genproto v0.0.0-20200618031413-b414f8b61790/go.mod
h1:jDfRM7FcilCzHH/e9qn6dsT145K34l5v+OpcnNgKAAA=
google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217
h1:GvESR9BIyHUahIb0NcTum6itIWtdoglGX+rnGxm2934=
google.golang.org/genproto v0.0.0-20251202230838-ff82c1b0f217/go.mod
h1:yJ2HH4EHEDTd3JiLmhds6NkJ17ITVYOdV3m3VKOnws0=
-google.golang.org/genproto/googleapis/api v0.0.0-20251222181119-0a764e51fe1b
h1:uA40e2M6fYRBf0+8uN5mLlqUtV192iiksiICIBkYJ1E=
-google.golang.org/genproto/googleapis/api
v0.0.0-20251222181119-0a764e51fe1b/go.mod
h1:Xa7le7qx2vmqB/SzWUBa7KdMjpdpAHlh5QCSnjessQk=
-google.golang.org/genproto/googleapis/rpc v0.0.0-20251222181119-0a764e51fe1b
h1:Mv8VFug0MP9e5vUxfBcE3vUkV6CImK3cMNMIDFjmzxU=
-google.golang.org/genproto/googleapis/rpc
v0.0.0-20251222181119-0a764e51fe1b/go.mod
h1:j9x/tPzZkyxcgEFkiKEEGxfvyumM01BEtsW8xzOahRQ=
+google.golang.org/genproto/googleapis/api v0.0.0-20260120221211-b8f7ae30c516
h1:vmC/ws+pLzWjj/gzApyoZuSVrDtF1aod4u/+bbj8hgM=
+google.golang.org/genproto/googleapis/api
v0.0.0-20260120221211-b8f7ae30c516/go.mod
h1:p3MLuOwURrGBRoEyFHBT3GjUwaCQVKeNqqWxlcISGdw=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20260406210006-6f92a3bedf2d
h1:wT2n40TBqFY6wiwazVK9/iTWbsQrgk5ZfCSVFLO9LQA=
+google.golang.org/genproto/googleapis/rpc
v0.0.0-20260406210006-6f92a3bedf2d/go.mod
h1:4Hqkh8ycfw05ld/3BWL7rJOSfebL2Q+DVDeRgYgxUU8=
google.golang.org/grpc v1.19.0/go.mod
h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.1/go.mod
h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
google.golang.org/grpc v1.21.1/go.mod
h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -860,8 +868,8 @@
google.golang.org/grpc v1.28.0/go.mod
h1:rpkK4SK4GF4Ach/+MFLZUBavHOvF2JJB5uozKKal+60=
google.golang.org/grpc v1.29.1/go.mod
h1:itym6AZVZYACWQqET3MqgPpjcuV5QH3BxFS3IjizoKk=
google.golang.org/grpc v1.33.2/go.mod
h1:JMHMWHQWaTccqQQlmk3MJZS+GWXOdAesneDmEnv2fbc=
-google.golang.org/grpc v1.79.3 h1:sybAEdRIEtvcD68Gx7dmnwjZKlyfuc61Dyo9pGXXkKE=
-google.golang.org/grpc v1.79.3/go.mod
h1:KmT0Kjez+0dde/v2j9vzwoAScgEPx/Bw1CYChhHLrHQ=
+google.golang.org/grpc v1.80.0 h1:Xr6m2WmWZLETvUNvIUmeD5OAagMw3FiKmMlTdViWsHM=
+google.golang.org/grpc v1.80.0/go.mod
h1:ho/dLnxwi3EDJA4Zghp7k2Ec1+c2jqup0bFkw07bwF4=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod
h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod
h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod
h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20260428.00/ospatch/system_linux.go
new/osconfig-20260511.00/ospatch/system_linux.go
--- old/osconfig-20260428.00/ospatch/system_linux.go 2026-04-28
17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/ospatch/system_linux.go 1970-01-01
01:00:00.000000000 +0100
@@ -1,105 +0,0 @@
-// Copyright 2019 Google Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build !test
-// +build !test
-
-package ospatch
-
-import (
- "bytes"
- "context"
- "os"
- "os/exec"
-
- "github.com/GoogleCloudPlatform/osconfig/clog"
- "github.com/GoogleCloudPlatform/osconfig/packages"
-)
-
-const (
- systemctl = "/bin/systemctl"
-)
-
-// DisableAutoUpdates disables system auto updates.
-func DisableAutoUpdates(ctx context.Context) {
- // yum-cron on el systems
- if _, err := os.Stat("/usr/lib/systemd/system/yum-cron.service"); err
== nil {
- out, err := exec.Command(systemctl, "is-enabled",
"yum-cron.service").CombinedOutput()
- if err != nil {
- if eerr, ok := err.(*exec.ExitError); ok {
- // Error code of 1 indicates disabled.
- if eerr.ExitCode() == 1 {
- return
- }
- }
- clog.Errorf(ctx, "Error checking status of yum-cron,
error: %v, out: %s", err, out)
- }
-
- clog.Debugf(ctx, "Disabling yum-cron")
- out, err = exec.Command(systemctl, "stop",
"yum-cron.service").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error stopping yum-cron, error: %v,
out: %s", err, out)
- }
- out, err = exec.Command(systemctl, "disable",
"yum-cron.service").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error disabling yum-cron, error: %v,
out: %s", err, out)
- }
- } else if _, err := os.Stat("/usr/sbin/yum-cron"); err == nil {
- out, err := exec.Command("/sbin/chkconfig",
"yum-cron").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error checking status of yum-cron,
error: %v, out: %s", err, out)
- }
- if bytes.Contains(out, []byte("disabled")) {
- return
- }
-
- clog.Debugf(ctx, "Disabling yum-cron")
- out, err = exec.Command("/sbin/chkconfig", "yum-cron",
"off").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error disabling yum-cron, error: %v,
out: %s", err, out)
- }
- }
-
- // dnf-automatic on el8 systems
- if _, err := os.Stat("/usr/lib/systemd/system/dnf-automatic.timer");
err == nil {
- out, err := exec.Command(systemctl, "list-timers",
"dnf-automatic.timer").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error checking status of
dnf-automatic, error: %v, out: %s", err, out)
- }
- if bytes.Contains(out, []byte("0 timers listed")) {
- return
- }
-
- clog.Debugf(ctx, "Disabling dnf-automatic")
- out, err = exec.Command(systemctl, "stop",
"dnf-automatic.timer").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error stopping dnf-automatic, error:
%v, out: %s", err, out)
- }
- out, err = exec.Command(systemctl, "disable",
"dnf-automatic.timer").CombinedOutput()
- if err != nil {
- clog.Errorf(ctx, "Error disabling dnf-automatic, error:
%v, out: %s", err, out)
- }
- }
-
- // apt unattended-upgrades
- // TODO: Removing the package is a bit overkill, look into just managing
- // the configs, this is probably best done by looking through
- // /etc/apt/apt.conf.d/ and setting APT::Periodic::Unattended-Upgrade
to 0.
- if _, err := os.Stat("/usr/bin/unattended-upgrades"); err == nil {
- clog.Debugf(ctx, "Removing unattended-upgrades package")
- if err := packages.RemoveAptPackages(ctx,
[]string{"unattended-upgrades"}); err != nil {
- clog.Errorf(ctx, "%v", err.Error())
- }
- }
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20260428.00/ospatch/system_windows.go
new/osconfig-20260511.00/ospatch/system_windows.go
--- old/osconfig-20260428.00/ospatch/system_windows.go 2026-04-28
17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/ospatch/system_windows.go 1970-01-01
01:00:00.000000000 +0100
@@ -1,55 +0,0 @@
-// Copyright 2019 Google Inc. All Rights Reserved.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-// http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//go:build !test
-// +build !test
-
-package ospatch
-
-import (
- "context"
- "os"
-
- "github.com/GoogleCloudPlatform/osconfig/clog"
- "github.com/GoogleCloudPlatform/osconfig/packages"
- "golang.org/x/sys/windows/registry"
-)
-
-// DisableAutoUpdates disables system auto updates.
-func DisableAutoUpdates(ctx context.Context) {
- k, openedExisting, err := registry.CreateKey(registry.LOCAL_MACHINE,
`SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU`, registry.ALL_ACCESS)
- if err != nil {
- clog.Errorf(ctx, "Error disabling Windows auto updates, error:
%v", err)
- }
- defer k.Close()
-
- if openedExisting {
- val, _, err := k.GetIntegerValue("NoAutoUpdate")
- if err == nil && val == 1 {
- return
- }
- }
- clog.Debugf(ctx, "Disabling Windows Auto Updates")
-
- if err := k.SetDWordValue("NoAutoUpdate", 1); err != nil {
- clog.Errorf(ctx, "Error disabling Windows auto updates, error:
%v", err)
- }
-
- if _, err := os.Stat(`C:\Program Files\Google\Compute
Engine\tools\auto_updater.ps1`); err == nil {
- clog.Debugf(ctx, "Removing google-compute-engine-auto-updater
package")
- if err := packages.RemoveGooGetPackages(ctx,
[]string{"google-compute-engine-auto-updater"}); err != nil {
- clog.Errorf(ctx, "%s", err.Error())
- }
- }
-}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/osconfig-20260428.00/ospatch/zypper_patch_test.go
new/osconfig-20260511.00/ospatch/zypper_patch_test.go
--- old/osconfig-20260428.00/ospatch/zypper_patch_test.go 2026-04-28
17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/ospatch/zypper_patch_test.go 2026-05-11
23:09:03.000000000 +0200
@@ -1,10 +1,17 @@
package ospatch
import (
+ "context"
+ "errors"
+ "fmt"
+ "os/exec"
"strings"
"testing"
"github.com/GoogleCloudPlatform/osconfig/packages"
+ utilmocks "github.com/GoogleCloudPlatform/osconfig/util/mocks"
+ utiltest "github.com/GoogleCloudPlatform/osconfig/util/utiltest"
+ "github.com/golang/mock/gomock"
)
func TestRunFilter(t *testing.T) {
@@ -78,6 +85,195 @@
}
}
+func TestRunZypperPatch(t *testing.T) {
+ const zypperBin = "/usr/bin/zypper"
+ someErr := errors.New("some error")
+ patch2 := "patch-2"
+
+ listPatchesBaseArgs := []string{"--gpg-auto-import-keys", "-q",
"list-patches"}
+ listPatchesAllArgs := append(listPatchesBaseArgs, "--all")
+ listUpdatesArgs := []string{"--gpg-auto-import-keys", "-q",
"list-updates"}
+ installArgs := []string{"--gpg-auto-import-keys", "--non-interactive",
"install", "--auto-agree-with-licenses"}
+
+ onePatchOutput := []byte(`SLE-Module | patch-1 | security | important |
--- | needed | Security patch`)
+ twoPatchesOutput := []byte("SLE-Module | patch-1 | security | important
| --- | needed | Security patch\n" +
+ "SLE-Module | patch-2 | recommended | moderate | --- | needed |
Recommended patch")
+ oneUpdateOutput := []byte(`v | SLES12-SP3-Updates | pkg1 | 1.0.0 |
2.0.0 | x86_64`)
+
+ mockCtrl := gomock.NewController(t)
+ t.Cleanup(func() { mockCtrl.Finish() })
+ mockCommandRunner := utilmocks.NewMockCommandRunner(mockCtrl)
+ packages.SetCommandRunner(mockCommandRunner)
+
+ tests := []struct {
+ name string
+ opts []ZypperPatchOption
+ setupMock func(ctx context.Context, mock
*utilmocks.MockCommandRunner)
+ wantErr error
+ }{
+ {
+ name: "When listing available patches fails,
RunZypperPatch should surface the wrapped command error and not attempt to
install anything.",
+ opts: nil,
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(nil, nil, someErr).Times(1)
+ },
+ wantErr: wrapRunErr(zypperBin, listPatchesAllArgs,
someErr),
+ },
+ {
+ name: "When zypper reports no needed patches and
--with-update is not set, RunZypperPatch should return without running any
install commands.",
+ opts: nil,
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return([]byte(""), nil, nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "In dry-run mode, RunZypperPatch should list
available patches but skip the install step even when patches are needed.",
+ opts: []ZypperPatchOption{ZypperUpdateDryrun(true)},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(onePatchOutput, nil,
nil).Times(1)
+ // No install call expected.
+ },
+ wantErr: nil,
+ },
+ {
+ name: "With one needed patch reported by zypper,
RunZypperPatch should invoke zypper install with the patch:<name> argument.",
+ opts: nil,
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ listCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(onePatchOutput, nil,
nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, append(installArgs,
"patch:patch-1")...))).
+ After(listCall).Return(nil, nil,
nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "When the install step fails, RunZypperPatch
should return the wrapped command error from the install invocation.",
+ opts: nil,
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ listCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(onePatchOutput, nil,
nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, append(installArgs,
"patch:patch-1")...))).
+ After(listCall).Return(nil, nil,
someErr).Times(1)
+ },
+ wantErr: wrapRunErr(zypperBin, append(installArgs,
"patch:patch-1"), someErr),
+ },
+ {
+ name: "With --with-update enabled and no patches to
install, a failure of `zypper list-updates` should be surfaced as the wrapped
command error.",
+ opts: []ZypperPatchOption{ZypperUpdateWithUpdate(true)},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ // Empty patches list so ZypperPackagesInPatch
short-circuits.
+ listCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return([]byte(""), nil, nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listUpdatesArgs...))).
+ After(listCall).Return(nil, nil,
someErr).Times(1)
+ },
+ wantErr: wrapRunErr(zypperBin, listUpdatesArgs,
someErr),
+ },
+ {
+ name: "With --with-update enabled and no needed
patches, non-patch packages reported by `zypper list-updates` should be
installed using the package:<name> form.",
+ opts: []ZypperPatchOption{ZypperUpdateWithUpdate(true)},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ // Empty patches list so ZypperPackagesInPatch
short-circuits (returns empty map, nil).
+ listPatchesCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return([]byte(""), nil, nil).Times(1)
+ listUpdatesCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listUpdatesArgs...))).
+
After(listPatchesCall).Return(oneUpdateOutput, nil, nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, append(installArgs,
"package:pkg1")...))).
+ After(listUpdatesCall).Return(nil, nil,
nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "When a category filter is provided, list-patches
should be invoked with --category=<value> and without --all.",
+ opts:
[]ZypperPatchOption{ZypperPatchCategories([]string{"security"})},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ // With a category filter, --all is NOT
appended.
+ args := append(listPatchesBaseArgs,
"--category=security")
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, args...))).
+ Return([]byte(""), nil, nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "When a severity filter is provided, list-patches
should be invoked with --severity=<value> and without --all.",
+ opts:
[]ZypperPatchOption{ZypperPatchSeverities([]string{"critical"})},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ // With a severity filter, --all is NOT
appended.
+ args := append(listPatchesBaseArgs,
"--severity=critical")
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, args...))).
+ Return([]byte(""), nil, nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "When --with-optional is enabled, list-patches
should be invoked with --with-optional alongside --all.",
+ opts:
[]ZypperPatchOption{ZypperUpdateWithOptional(true)},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ args := append(listPatchesBaseArgs,
"--with-optional", "--all")
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, args...))).
+ Return([]byte(""), nil, nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "With an exclusive-patches list, only the patches
named in that list should be passed to the install invocation, even if zypper
reports additional needed patches.",
+ opts:
[]ZypperPatchOption{ZypperUpdateWithExclusivePatches([]string{"patch-1"})},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ listCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(twoPatchesOutput, nil,
nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, append(installArgs,
"patch:patch-1")...))).
+ After(listCall).Return(nil, nil,
nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ {
+ name: "With an excludes list, the excluded patches
should not be passed to the install invocation.",
+ opts:
[]ZypperPatchOption{ZypperUpdateWithExcludes([]*Exclude{CreateStringExclude(&patch2)})},
+ setupMock: func(ctx context.Context, mock
*utilmocks.MockCommandRunner) {
+ listCall := mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, listPatchesAllArgs...))).
+ Return(twoPatchesOutput, nil,
nil).Times(1)
+ mock.EXPECT().
+ Run(ctx,
utilmocks.EqCmd(exec.Command(zypperBin, append(installArgs,
"patch:patch-1")...))).
+ After(listCall).Return(nil, nil,
nil).Times(1)
+ },
+ wantErr: nil,
+ },
+ }
+
+ for _, tc := range tests {
+ t.Run(tc.name, func(t *testing.T) {
+ ctx := context.Background()
+
+ tc.setupMock(ctx, mockCommandRunner)
+
+ err := RunZypperPatch(ctx, tc.opts...)
+ utiltest.AssertErrorMatch(t, err, tc.wantErr)
+ })
+ }
+}
+
func isIn(needle string, haystack []string) bool {
for _, hay := range haystack {
if strings.Compare(hay, needle) == 0 {
@@ -153,3 +349,9 @@
return patches, pkgUpdates, pkgToPatchesMap
}
+
+// wrapRunErr mirrors the formatting used by packages.run to wrap the
+// underlying command error, so tests can express the exact expected error.
+func wrapRunErr(cmd string, args []string, err error) error {
+ return fmt.Errorf("error running %s with args %q: %v, stdout: %q,
stderr: %q", cmd, args, err, []byte(""), []byte(""))
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20260428.00/packagebuild/workflows/build_deb12_arm64.wf.json
new/osconfig-20260511.00/packagebuild/workflows/build_deb12_arm64.wf.json
--- old/osconfig-20260428.00/packagebuild/workflows/build_deb12_arm64.wf.json
2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/packagebuild/workflows/build_deb12_arm64.wf.json
2026-05-11 23:09:03.000000000 +0200
@@ -34,8 +34,7 @@
"repo_name": "${repo_name}",
"git_ref": "${git_ref}",
"build_dir": "${build_dir}",
- "machine_type": "c4a-standard-2",
- "disk_type": "hyperdisk-balanced",
+ "machine_type": "t2a-standard-2",
"zone": "us-central1-a",
"version": "${version}"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20260428.00/packagebuild/workflows/build_deb13_arm64.wf.json
new/osconfig-20260511.00/packagebuild/workflows/build_deb13_arm64.wf.json
--- old/osconfig-20260428.00/packagebuild/workflows/build_deb13_arm64.wf.json
2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/packagebuild/workflows/build_deb13_arm64.wf.json
2026-05-11 23:09:03.000000000 +0200
@@ -34,8 +34,7 @@
"repo_name": "${repo_name}",
"git_ref": "${git_ref}",
"build_dir": "${build_dir}",
- "machine_type": "c4a-standard-2",
- "disk_type": "hyperdisk-balanced",
+ "machine_type": "t2a-standard-2",
"zone": "us-central1-a",
"version": "${version}"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20260428.00/packagebuild/workflows/build_el10_arm64.wf.json
new/osconfig-20260511.00/packagebuild/workflows/build_el10_arm64.wf.json
--- old/osconfig-20260428.00/packagebuild/workflows/build_el10_arm64.wf.json
2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/packagebuild/workflows/build_el10_arm64.wf.json
2026-05-11 23:09:03.000000000 +0200
@@ -34,8 +34,7 @@
"repo_name": "${repo_name}",
"git_ref": "${git_ref}",
"build_dir": "${build_dir}",
- "machine_type": "c4a-standard-2",
- "disk_type": "hyperdisk-balanced",
+ "machine_type": "t2a-standard-2",
"zone": "us-central1-a",
"version": "${version}"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20260428.00/packagebuild/workflows/build_el8_arm64.wf.json
new/osconfig-20260511.00/packagebuild/workflows/build_el8_arm64.wf.json
--- old/osconfig-20260428.00/packagebuild/workflows/build_el8_arm64.wf.json
2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/packagebuild/workflows/build_el8_arm64.wf.json
2026-05-11 23:09:03.000000000 +0200
@@ -34,8 +34,7 @@
"repo_name": "${repo_name}",
"git_ref": "${git_ref}",
"build_dir": "${build_dir}",
- "machine_type": "c4a-standard-2",
- "disk_type": "hyperdisk-balanced",
+ "machine_type": "t2a-standard-2",
"zone": "us-central1-a",
"version": "${version}"
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/osconfig-20260428.00/packagebuild/workflows/build_el9_arm64.wf.json
new/osconfig-20260511.00/packagebuild/workflows/build_el9_arm64.wf.json
--- old/osconfig-20260428.00/packagebuild/workflows/build_el9_arm64.wf.json
2026-04-28 17:05:03.000000000 +0200
+++ new/osconfig-20260511.00/packagebuild/workflows/build_el9_arm64.wf.json
2026-05-11 23:09:03.000000000 +0200
@@ -34,8 +34,7 @@
"repo_name": "${repo_name}",
"git_ref": "${git_ref}",
"build_dir": "${build_dir}",
- "machine_type": "c4a-standard-2",
- "disk_type": "hyperdisk-balanced",
+ "machine_type": "t2a-standard-2",
"zone": "us-central1-a",
"version": "${version}"
}
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/google-osconfig-agent/vendor.tar.gz
/work/SRC/openSUSE:Factory/.google-osconfig-agent.new.1966/vendor.tar.gz
differ: char 13, line 1
