Hello community, here is the log from the commit of package perl-YAML for openSUSE:Factory checked in at 2019-05-06 21:13:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/perl-YAML (Old) and /work/SRC/openSUSE:Factory/.perl-YAML.new.5148 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "perl-YAML" Mon May 6 21:13:24 2019 rev:43 rq:700726 version:1.28 Changes: -------- --- /work/SRC/openSUSE:Factory/perl-YAML/perl-YAML.changes 2018-11-13 16:28:28.890396753 +0100 +++ /work/SRC/openSUSE:Factory/.perl-YAML.new.5148/perl-YAML.changes 2019-05-06 21:13:25.840454017 +0200 @@ -1,0 +2,10 @@ +Mon Apr 29 05:43:52 UTC 2019 - Stephan Kulow <[email protected]> + +- updated to 1.28 + see /usr/share/doc/packages/perl-YAML/Changes + + 1.28 Sun 28 Apr 2019 11:46:21 AM CEST + - Security fix: only enable loading globs when $LoadCode is set (PR#213 + TINITA) + +------------------------------------------------------------------- Old: ---- YAML-1.27.tar.gz New: ---- YAML-1.28.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ perl-YAML.spec ++++++ --- /var/tmp/diff_new_pack.dgH4rl/_old 2019-05-06 21:13:26.368455475 +0200 +++ /var/tmp/diff_new_pack.dgH4rl/_new 2019-05-06 21:13:26.372455486 +0200 @@ -1,7 +1,7 @@ # # spec file for package perl-YAML # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: perl-YAML -Version: 1.27 +Version: 1.28 Release: 0 %define cpan_name YAML Summary: YAML Ain't Markup Language™ @@ -50,10 +50,10 @@ %build perl Makefile.PL INSTALLDIRS=vendor -%{__make} %{?_smp_mflags} +make %{?_smp_mflags} %check -%{__make} test +make test %install %perl_make_install ++++++ YAML-1.27.tar.gz -> YAML-1.28.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/CONTRIBUTING new/YAML-1.28/CONTRIBUTING --- old/YAML-1.27/CONTRIBUTING 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/CONTRIBUTING 2019-04-28 11:46:38.000000000 +0200 @@ -57,4 +57,4 @@ -# This file generated by Zilla-Dist-0.0.196 +# This file generated by Zilla-Dist-0.0.203 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/Changes new/YAML-1.28/Changes --- old/YAML-1.27/Changes 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/Changes 2019-04-28 11:46:38.000000000 +0200 @@ -1,3 +1,7 @@ +1.28 Sun 28 Apr 2019 11:46:21 AM CEST + - Security fix: only enable loading globs when $LoadCode is set (PR#213 + TINITA) + 1.27 Sat Nov 3 14:01:26 CET 2018 - Remove a warning about uninitialized value for perl <= 5.10 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/LICENSE new/YAML-1.28/LICENSE --- old/YAML-1.27/LICENSE 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/LICENSE 2019-04-28 11:46:38.000000000 +0200 @@ -1,4 +1,4 @@ -This software is copyright (c) 2018 by Ingy döt Net. +This software is copyright (c) 2019 by Ingy döt Net. This is free software; you can redistribute it and/or modify it under the same terms as the Perl 5 programming language system itself. @@ -12,7 +12,7 @@ --- The GNU General Public License, Version 1, February 1989 --- -This software is Copyright (c) 2018 by Ingy döt Net. +This software is Copyright (c) 2019 by Ingy döt Net. This is free software, licensed under: @@ -272,7 +272,7 @@ --- The Artistic License 1.0 --- -This software is Copyright (c) 2018 by Ingy döt Net. +This software is Copyright (c) 2019 by Ingy döt Net. This is free software, licensed under: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/MANIFEST new/YAML-1.28/MANIFEST --- old/YAML-1.27/MANIFEST 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/MANIFEST 2019-04-28 11:46:38.000000000 +0200 @@ -1,4 +1,4 @@ -# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.010. +# This file was automatically generated by Dist::Zilla::Plugin::Manifest v6.012. CONTRIBUTING Changes LICENSE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/META.json new/YAML-1.28/META.json --- old/YAML-1.27/META.json 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/META.json 2019-04-28 11:46:38.000000000 +0200 @@ -4,7 +4,7 @@ "Ingy d\u00f6t Net <[email protected]>" ], "dynamic_config" : 0, - "generated_by" : "Dist::Zilla version 6.010, CPAN::Meta::Converter version 2.150010", + "generated_by" : "Dist::Zilla version 6.012, CPAN::Meta::Converter version 2.150010", "license" : [ "perl_5" ], @@ -58,7 +58,8 @@ "web" : "https://github.com/ingydotnet/yaml-pm"; } }, - "version" : "1.27", + "version" : "1.28", + "x_generated_by_perl" : "v5.24.1", "x_serialization_backend" : "Cpanel::JSON::XS version 4.02" } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/META.yml new/YAML-1.28/META.yml --- old/YAML-1.27/META.yml 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/META.yml 2019-04-28 11:46:38.000000000 +0200 @@ -10,7 +10,7 @@ configure_requires: ExtUtils::MakeMaker: '0' dynamic_config: 0 -generated_by: 'Dist::Zilla version 6.010, CPAN::Meta::Converter version 2.150010' +generated_by: 'Dist::Zilla version 6.012, CPAN::Meta::Converter version 2.150010' license: perl meta-spec: url: http://module-build.sourceforge.net/META-spec-v1.4.html @@ -28,5 +28,6 @@ bugtracker: https://github.com/ingydotnet/yaml-pm/issues homepage: https://github.com/ingydotnet/yaml-pm repository: https://github.com/ingydotnet/yaml-pm.git -version: '1.27' +version: '1.28' +x_generated_by_perl: v5.24.1 x_serialization_backend: 'YAML::Tiny version 1.73' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/Makefile.PL new/YAML-1.28/Makefile.PL --- old/YAML-1.27/Makefile.PL 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/Makefile.PL 2019-04-28 11:46:38.000000000 +0200 @@ -1,4 +1,4 @@ -# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker v6.010. +# This file was automatically generated by Dist::Zilla::Plugin::MakeMaker v6.012. use strict; use warnings; @@ -23,7 +23,7 @@ "Test::More" => "0.88", "Test::YAML" => "1.05" }, - "VERSION" => "1.27", + "VERSION" => "1.28", "test" => { "TESTS" => "t/*.t" } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/README new/YAML-1.28/README --- old/YAML-1.27/README 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/README 2019-04-28 11:46:38.000000000 +0200 @@ -4,7 +4,7 @@ VERSION - This document describes YAML version 1.27. + This document describes YAML version 1.28. NOTE @@ -394,6 +394,10 @@ eval(). Since this is potentially risky, only use this option if you know where your YAML has been. + LoadCode must be enabled also to use the feature of evaluating + typeglobs (because with the typeglob feature you would be able to set + the variable $YAML::LoadCode from a YAML file). + Preserve When set to true, this option tells the Loader to load hashes into @@ -706,7 +710,7 @@ COPYRIGHT AND LICENSE - Copyright 2001-2018. Ingy döt Net. + Copyright 2001-2019. Ingy döt Net. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/lib/YAML/Any.pm new/YAML-1.28/lib/YAML/Any.pm --- old/YAML-1.27/lib/YAML/Any.pm 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/lib/YAML/Any.pm 2019-04-28 11:46:38.000000000 +0200 @@ -1,6 +1,6 @@ use strict; use warnings; package YAML::Any; -our $VERSION = '1.27'; +our $VERSION = '1.28'; use Exporter (); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/lib/YAML/Types.pm new/YAML-1.28/lib/YAML/Types.pm --- old/YAML-1.27/lib/YAML/Types.pm 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/lib/YAML/Types.pm 2019-04-28 11:46:38.000000000 +0200 @@ -99,7 +99,7 @@ } no strict 'refs'; if (exists $node->{SCALAR}) { - if ($YAML::LoadBlessed) { + if ($YAML::LoadBlessed and $loader->load_code) { *{"${package}::$name"} = \$node->{SCALAR}; } delete $node->{SCALAR}; @@ -111,7 +111,7 @@ delete $node->{IO}; next; } - if ($YAML::LoadBlessed) { + if ($YAML::LoadBlessed and $loader->load_code) { *{"${package}::$name"} = $node->{$elem}; } delete $node->{$elem}; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/lib/YAML.pm new/YAML-1.28/lib/YAML.pm --- old/YAML-1.27/lib/YAML.pm 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/lib/YAML.pm 2019-04-28 11:46:38.000000000 +0200 @@ -1,5 +1,5 @@ package YAML; -our $VERSION = '1.27'; +our $VERSION = '1.28'; use YAML::Mo; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/YAML-1.27/lib/YAML.pod new/YAML-1.28/lib/YAML.pod --- old/YAML-1.27/lib/YAML.pod 2018-11-03 14:01:42.000000000 +0100 +++ new/YAML-1.28/lib/YAML.pod 2019-04-28 11:46:38.000000000 +0200 @@ -12,7 +12,7 @@ =head1 VERSION -This document describes L<YAML> version B<1.27>. +This document describes L<YAML> version B<1.28>. =head1 NOTE @@ -405,6 +405,10 @@ C<eval()>. Since this is potentially risky, only use this option if you know where your YAML has been. +LoadCode must be enabled also to use the feature of evaluating typeglobs +(because with the typeglob feature you would be able to set the variable +C<$YAML::LoadCode> from a YAML file). + =item Preserve When set to true, this option tells the Loader to load hashes into YAML::Node @@ -716,7 +720,7 @@ =head1 COPYRIGHT AND LICENSE -Copyright 2001-2018. Ingy döt Net. +Copyright 2001-2019. Ingy döt Net. This program is free software; you can redistribute it and/or modify it under the same terms as Perl itself.
