Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package helm for openSUSE:Factory checked in at 2022-12-15 19:25:06 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/helm (Old) and /work/SRC/openSUSE:Factory/.helm.new.1835 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "helm" Thu Dec 15 19:25:06 2022 rev:45 rq:1042954 version:3.10.3 Changes: -------- --- /work/SRC/openSUSE:Factory/helm/helm.changes 2022-11-11 14:36:38.714339999 +0100 +++ /work/SRC/openSUSE:Factory/.helm.new.1835/helm.changes 2022-12-15 19:25:26.816138828 +0100 @@ -1,0 +2,9 @@ +Wed Dec 14 15:50:30 UTC 2022 - dmuel...@suse.com + +- Update to version 3.10.3: + * Fix backwards compatibility + * Update string handling + * Update repo handling + * Update schema validation handling + +------------------------------------------------------------------- Old: ---- helm-3.10.2.tar.gz New: ---- helm-3.10.3.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ helm.spec ++++++ --- /var/tmp/diff_new_pack.dkYIXZ/_old 2022-12-15 19:25:28.480148295 +0100 +++ /var/tmp/diff_new_pack.dkYIXZ/_new 2022-12-15 19:25:28.488148341 +0100 @@ -20,7 +20,7 @@ %define git_commit d506314abfb5d21419df8c7e7e68012379db2354 %define git_dirty clean Name: helm -Version: 3.10.2 +Version: 3.10.3 Release: 0 Summary: The Kubernetes Package Manager License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.dkYIXZ/_old 2022-12-15 19:25:28.524148546 +0100 +++ /var/tmp/diff_new_pack.dkYIXZ/_new 2022-12-15 19:25:28.524148546 +0100 @@ -5,7 +5,7 @@ <param name="exclude">.git</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> - <param name="revision">v3.10.2</param> + <param name="revision">v3.10.3</param> <param name="changesgenerate">enable</param> </service> <service name="recompress" mode="disabled"> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.dkYIXZ/_old 2022-12-15 19:25:28.544148660 +0100 +++ /var/tmp/diff_new_pack.dkYIXZ/_new 2022-12-15 19:25:28.548148682 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/helm/helm.git</param> - <param name="changesrevision">50f003e5ee8704ec937a756c646870227d7c8b58</param></service></servicedata> + <param name="changesrevision">835b7334cfe2e5e27870ab3ed4135f136eecc704</param></service></servicedata> (No newline at EOF) ++++++ helm-3.10.2.tar.gz -> helm-3.10.3.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/chartutil/jsonschema.go new/helm-3.10.3/pkg/chartutil/jsonschema.go --- old/helm-3.10.2/pkg/chartutil/jsonschema.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/chartutil/jsonschema.go 2022-12-14 15:38:59.000000000 +0100 @@ -55,7 +55,13 @@ } // ValidateAgainstSingleSchema checks that values does not violate the structure laid out in this schema -func ValidateAgainstSingleSchema(values Values, schemaJSON []byte) error { +func ValidateAgainstSingleSchema(values Values, schemaJSON []byte) (reterr error) { + defer func() { + if r := recover(); r != nil { + reterr = fmt.Errorf("unable to validate schema: %s", r) + } + }() + valuesData, err := yaml.Marshal(values) if err != nil { return err diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/chartutil/jsonschema_test.go new/helm-3.10.3/pkg/chartutil/jsonschema_test.go --- old/helm-3.10.2/pkg/chartutil/jsonschema_test.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/chartutil/jsonschema_test.go 2022-12-14 15:38:59.000000000 +0100 @@ -38,6 +38,30 @@ } } +func TestValidateAgainstInvalidSingleSchema(t *testing.T) { + values, err := ReadValuesFile("./testdata/test-values.yaml") + if err != nil { + t.Fatalf("Error reading YAML file: %s", err) + } + schema, err := ioutil.ReadFile("./testdata/test-values-invalid.schema.json") + if err != nil { + t.Fatalf("Error reading YAML file: %s", err) + } + + var errString string + if err := ValidateAgainstSingleSchema(values, schema); err == nil { + t.Fatalf("Expected an error, but got nil") + } else { + errString = err.Error() + } + + expectedErrString := "unable to validate schema: runtime error: invalid " + + "memory address or nil pointer dereference" + if errString != expectedErrString { + t.Errorf("Error string :\n`%s`\ndoes not match expected\n`%s`", errString, expectedErrString) + } +} + func TestValidateAgainstSingleSchemaNegative(t *testing.T) { values, err := ReadValuesFile("./testdata/test-values-negative.yaml") if err != nil { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/chartutil/testdata/test-values-invalid.schema.json new/helm-3.10.3/pkg/chartutil/testdata/test-values-invalid.schema.json --- old/helm-3.10.2/pkg/chartutil/testdata/test-values-invalid.schema.json 1970-01-01 01:00:00.000000000 +0100 +++ new/helm-3.10.3/pkg/chartutil/testdata/test-values-invalid.schema.json 2022-12-14 15:38:59.000000000 +0100 @@ -0,0 +1 @@ + 1E1111111 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/repo/index.go new/helm-3.10.3/pkg/repo/index.go --- old/helm-3.10.2/pkg/repo/index.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/repo/index.go 2022-12-14 15:38:59.000000000 +0100 @@ -118,6 +118,10 @@ // MustAdd adds a file to the index // This can leave the index in an unsorted state func (i IndexFile) MustAdd(md *chart.Metadata, filename, baseURL, digest string) error { + if i.Entries == nil { + return errors.New("entries not initialized") + } + if md.APIVersion == "" { md.APIVersion = chart.APIVersionV1 } @@ -339,6 +343,10 @@ for name, cvs := range i.Entries { for idx := len(cvs) - 1; idx >= 0; idx-- { + if cvs[idx] == nil { + log.Printf("skipping loading invalid entry for chart %q from %s: empty entry", name, source) + continue + } if cvs[idx].APIVersion == "" { cvs[idx].APIVersion = chart.APIVersionV1 } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/repo/index_test.go new/helm-3.10.3/pkg/repo/index_test.go --- old/helm-3.10.2/pkg/repo/index_test.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/repo/index_test.go 2022-12-14 15:38:59.000000000 +0100 @@ -60,6 +60,15 @@ home: https://github.com/something digest: "sha256:1234567890abcdef" ` + indexWithEmptyEntry = ` +apiVersion: v1 +entries: + grafana: + - apiVersion: v2 + name: grafana + foo: + - +` ) func TestIndexFile(t *testing.T) { @@ -152,6 +161,12 @@ } } +func TestLoadIndex_EmptyEntry(t *testing.T) { + if _, err := loadIndex([]byte(indexWithEmptyEntry), "indexWithEmptyEntry"); err != nil { + t.Errorf("unexpected error: %s", err) + } +} + func TestLoadIndex_Empty(t *testing.T) { if _, err := loadIndex([]byte(""), "indexWithEmpty"); err == nil { t.Errorf("Expected an error when index.yaml is empty.") @@ -526,3 +541,21 @@ t.Fatal("Index files doesn't contain expected content") } } + +func TestAddFileIndexEntriesNil(t *testing.T) { + i := NewIndexFile() + i.APIVersion = chart.APIVersionV1 + i.Entries = nil + for _, x := range []struct { + md *chart.Metadata + filename string + baseURL string + digest string + }{ + {&chart.Metadata{APIVersion: "v2", Name: " ", Version: "8033-5.apinie+s.r"}, "setter-0.1.9+beta.tgz", "http://example.com/charts", "sha256:1234567890abc"}, + } { + if err := i.MustAdd(x.md, x.filename, x.baseURL, x.digest); err == nil { + t.Errorf("expected err to be non-nil when entries not initialized") + } + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/repo/repo.go new/helm-3.10.3/pkg/repo/repo.go --- old/helm-3.10.2/pkg/repo/repo.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/repo/repo.go 2022-12-14 15:38:59.000000000 +0100 @@ -100,6 +100,9 @@ cp := []*Entry{} found := false for _, rf := range r.Repositories { + if rf == nil { + continue + } if rf.Name == name { found = true continue diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/repo/repo_test.go new/helm-3.10.3/pkg/repo/repo_test.go --- old/helm-3.10.2/pkg/repo/repo_test.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/repo/repo_test.go 2022-12-14 15:38:59.000000000 +0100 @@ -225,3 +225,34 @@ t.Errorf("expected prompt `couldn't load repositories file`") } } + +func TestRemoveRepositoryInvalidEntries(t *testing.T) { + sampleRepository := NewFile() + sampleRepository.Add( + &Entry{ + Name: "stable", + URL: "https://example.com/stable/charts", + }, + &Entry{ + Name: "incubator", + URL: "https://example.com/incubator", + }, + &Entry{}, + nil, + &Entry{ + Name: "test", + URL: "https://example.com/test", + }, + ) + + removeRepository := "stable" + found := sampleRepository.Remove(removeRepository) + if !found { + t.Errorf("expected repository %s not found", removeRepository) + } + + found = sampleRepository.Has(removeRepository) + if found { + t.Errorf("repository %s not deleted", removeRepository) + } +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/strvals/parser.go new/helm-3.10.3/pkg/strvals/parser.go --- old/helm-3.10.2/pkg/strvals/parser.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/strvals/parser.go 2022-12-14 15:38:59.000000000 +0100 @@ -36,6 +36,10 @@ // The default value 65536 = 1024 * 64 var MaxIndex = 65536 +// MaxNestedNameLevel is the maximum level of nesting for a value name that +// will be allowed. +var MaxNestedNameLevel = 30 + // ToYAML takes a string of arguments and converts to a YAML document. func ToYAML(s string) (string, error) { m, err := Parse(s) @@ -155,7 +159,7 @@ func (t *parser) parse() error { for { - err := t.key(t.data) + err := t.key(t.data, 0) if err == nil { continue } @@ -174,7 +178,7 @@ return s } -func (t *parser) key(data map[string]interface{}) (reterr error) { +func (t *parser) key(data map[string]interface{}, nestedNameLevel int) (reterr error) { defer func() { if r := recover(); r != nil { reterr = fmt.Errorf("unable to parse key: %s", r) @@ -204,7 +208,7 @@ } // Now we need to get the value after the ]. - list, err = t.listItem(list, i) + list, err = t.listItem(list, i, nestedNameLevel) set(data, kk, list) return err case last == '=': @@ -261,6 +265,12 @@ set(data, string(k), "") return errors.Errorf("key %q has no value (cannot end with ,)", string(k)) case last == '.': + // Check value name is within the maximum nested name level + nestedNameLevel++ + if nestedNameLevel > MaxNestedNameLevel { + return fmt.Errorf("value name nested level is greater than maximum supported nested level of %d", MaxNestedNameLevel) + } + // First, create or find the target map. inner := map[string]interface{}{} if _, ok := data[string(k)]; ok { @@ -268,11 +278,13 @@ } // Recurse - e := t.key(inner) - if len(inner) == 0 { + e := t.key(inner, nestedNameLevel) + if e == nil && len(inner) == 0 { return errors.Errorf("key map %q has no value", string(k)) } - set(data, string(k), inner) + if len(inner) != 0 { + set(data, string(k), inner) + } return e } } @@ -322,7 +334,7 @@ return strconv.Atoi(string(v)) } -func (t *parser) listItem(list []interface{}, i int) ([]interface{}, error) { +func (t *parser) listItem(list []interface{}, i, nestedNameLevel int) ([]interface{}, error) { if i < 0 { return list, fmt.Errorf("negative %d index not allowed", i) } @@ -395,7 +407,7 @@ } } // Now we need to get the value after the ]. - list2, err := t.listItem(crtList, nextI) + list2, err := t.listItem(crtList, nextI, nestedNameLevel) if err != nil { return list, err } @@ -414,7 +426,7 @@ } // Recurse - e := t.key(inner) + e := t.key(inner, nestedNameLevel) if e != nil { return list, e } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/helm-3.10.2/pkg/strvals/parser_test.go new/helm-3.10.3/pkg/strvals/parser_test.go --- old/helm-3.10.2/pkg/strvals/parser_test.go 2022-11-10 15:34:48.000000000 +0100 +++ new/helm-3.10.3/pkg/strvals/parser_test.go 2022-12-14 15:38:59.000000000 +0100 @@ -16,6 +16,7 @@ package strvals import ( + "fmt" "testing" "sigs.k8s.io/yaml" @@ -754,3 +755,64 @@ t.Errorf("Expected %q, got %q", expect, o) } } + +func TestParseSetNestedLevels(t *testing.T) { + var keyMultipleNestedLevels string + for i := 1; i <= MaxNestedNameLevel+2; i++ { + tmpStr := fmt.Sprintf("name%d", i) + if i <= MaxNestedNameLevel+1 { + tmpStr = tmpStr + "." + } + keyMultipleNestedLevels += tmpStr + } + tests := []struct { + str string + expect map[string]interface{} + err bool + errStr string + }{ + { + "outer.middle.inner=value", + map[string]interface{}{"outer": map[string]interface{}{"middle": map[string]interface{}{"inner": "value"}}}, + false, + "", + }, + { + str: keyMultipleNestedLevels + "=value", + err: true, + errStr: fmt.Sprintf("value name nested level is greater than maximum supported nested level of %d", + MaxNestedNameLevel), + }, + } + + for _, tt := range tests { + got, err := Parse(tt.str) + if err != nil { + if tt.err { + if tt.errStr != "" { + if err.Error() != tt.errStr { + t.Errorf("Expected error: %s. Got error: %s", tt.errStr, err.Error()) + } + } + continue + } + t.Fatalf("%s: %s", tt.str, err) + } + if tt.err { + t.Errorf("%s: Expected error. Got nil", tt.str) + } + + y1, err := yaml.Marshal(tt.expect) + if err != nil { + t.Fatal(err) + } + y2, err := yaml.Marshal(got) + if err != nil { + t.Fatalf("Error serializing parsed value: %s", err) + } + + if string(y1) != string(y2) { + t.Errorf("%s: Expected:\n%s\nGot:\n%s", tt.str, y1, y2) + } + } +} ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/helm/vendor.tar.gz /work/SRC/openSUSE:Factory/.helm.new.1835/vendor.tar.gz differ: char 5, line 1