SUSE-RU-2024:4158-1: moderate: Recommended update for obs-service-source_validator

Tue Dec 3 16:30:12 UTC 2024

# Recommended update for obs-service-source_validator

Announcement ID: SUSE-RU-2024:4158-1  
Release Date: 2024-12-03T15:06:17Z  
Rating: moderate  
References:

  * bsc#1202132
  * bsc#679980
  * bsc#724609
  * bsc#796918
  * bsc#891829

Affected Products:

  * openSUSE Leap 15.4
  * openSUSE Leap 15.5
  * openSUSE Leap 15.6

An update that has five fixes can now be installed.

## Description:

This update for obs-service-source_validator fixes the following issues:

  * Update to version 0.39:

  * Handle package git repositories for tracking (fixes #143)

  * helpers/check_patches_applied: Also check whether patch 0 is applied
  * helpers/check_patches_applied: Match #%%patch* as well (#136)
  * helpers/check_patches_applied: Recognize " # %patch" as comment

  * Update to version 0.38:

  * Fix 20-files-present-and-referenced against osc 1.9.0 (osclib_version 2.0)

  * Fix runtime requires: the source validator needs cmp -> Requires for
    diffutils

  * update to 0.37:

  * Fix unzip test in 20-files-present-and-referenced (same like previous
    update)

  * explicitly require unzip as busybox-unzip is not sufficient

  * Update to version 0.36+2:

  * Fix unzip test in 20-files-present-and-referenced

  * Require unzip, needed for 0.36

  * Update to version 0.36:

  * Forbid encrypted zip files

  * Use bz2 compression to enable builds with debhelper

  * Debian/Ubuntu builds now work fine.

  * Allows rebuild packages with osc in ubuntu image on github

  * Require cpio, needed for .obscpio support

  * Update to version 0.35:

  * Modifications in line with latest cargo vendor tool

  * Update to version 0.34:

  * helpers/functions: Always treat all *.spec files as recipes

  * Update to version 0.33:

  * 20-files-present-and-referenced: Check for files in *.obscpio

  * 20-files-present-and-referenced: Use correct variable

  * Update to version 0.32:

  * Add autonumbering patch/source lines

  * Fix handling of packages with neither *.spec nor _multibuild

  * Update to version 0.31:

  * Also ignore .gitattributes file

  * Exempt obs services from the cargo audit requirement
  * helpers/spec_query: Handle %include
  * Unify _multibuild handling and do it like OBS

  * Update to version 0.30:

  * skip debian.lintian-overrides as well

  * Update to version 0.29:

  * Do not check for all _multibuild flavors if spec does not conditionalize on
    BUILD_FLAVOR

  * Add GitHub Actions

  * Update to version 0.28:

  * Add ignore list

  * Update to version 0.28:

  * also avoid expansion on grep

  * add quotes around BASE to avoid shell expansion

  * Update to version 0.27:

  * Fix detection of rust-packaging

  * Update to version 0.27:

  * use current directory when not given to avoid crashes

  * Update to version 0.27:

  * Fix python3 line

  * Apply feedback
  * Add new validator to check rust audit is enforced

  * Update to version 0.27:

  * Do not use temporary file for GPG validation

  * Update to version 0.27:

  * Convert all egrep/fgrep calls to grep -E/-F, respectively.

  * Update to version 0.26:

  * Skip non-existing files from the invalid-patches check

  * Treat to-be-deleted patches as nonexisting for the source-tracked check
  * Update README with a clearer mission/scope
  * cleanup: make variable name a valid english word

  * require patch for patch-format checking

  * Update to version 0.25 (bsc#1202132)

  * more work on dealing with util-linux
  * hack for util-linux specfiles (bsc#891829)
  * allow PKGBUILD build description file for archlinux
  * check_patches_applied: allow #patches as comment
  * exit if tmpdir creation fails (bsc#796918)
  * also ignore Requires(.*) lines (bsc#724609)
  * use --nodeps with rpmbuild in 20-files-present-and-referenced
  * fix requires for factory
  * fix bug with "Patch" in comments
  * try to fix bsc#679980 in check_patches_applied errors out if errors found
  * 50-spec-version: show warning only once per specfile to execute it as a
    checkscript)
  * make the files executable

## Patch Instructions:

To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".  
Alternatively you can run the command listed for your product:

  * openSUSE Leap 15.4  
    zypper in -t patch SUSE-2024-4158=1

  * openSUSE Leap 15.5  
    zypper in -t patch openSUSE-SLE-15.5-2024-4158=1

  * openSUSE Leap 15.6  
    zypper in -t patch openSUSE-SLE-15.6-2024-4158=1

## Package List:

  * openSUSE Leap 15.4 (noarch)
    * obs-service-source_validator-0.38-150400.12.3.1
  * openSUSE Leap 15.5 (noarch)
    * obs-service-source_validator-0.39-150000.3.8.1
  * openSUSE Leap 15.6 (noarch)
    * obs-service-source_validator-0.39-150000.3.8.1

## References:

  * https://bugzilla.suse.com/show_bug.cgi?id=1202132
  * https://bugzilla.suse.com/show_bug.cgi?id=679980
  * https://bugzilla.suse.com/show_bug.cgi?id=724609
  * https://bugzilla.suse.com/show_bug.cgi?id=796918
  * https://bugzilla.suse.com/show_bug.cgi?id=891829

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20241203/b24911a6/attachment.htm>