{"payload":{"feedbackUrl":"https://github.com/orgs/community/discussions/53140","repo":{"id":37552520,"defaultBranch":"main","name":"csmock","ownerLogin":"csutils","currentUserCanPush":false,"isFork":false,"isEmpty":false,"createdAt":"2015-06-16T19:51:24.000Z","ownerAvatar":"https://avatars.githubusercontent.com/u/88144990?v=4","public":true,"private":false,"isOrgOwned":true},"refInfo":{"name":"","listCacheKey":"v0:1719304610.0","currentOid":""},"activityList":{"items":[{"before":"e9f8060fa39ad0213ca2379605b1f414fa38ed5b","after":"b3a2279468e7440553d0757b0d93c58791e13e93","ref":"refs/heads/main","pushedAt":"2024-07-16T14:10:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"chroot-fixups: prevent %install of llvm from taking ages to complete\n\nThe `brp-llvm-compile-lto-elf` script does not work well in our scanning\nenvironment and causes the %install section of `llvm-16.0.6-4.el9` to\ntake 7 days to complete.\n\nDepends-on: https://github.com/csutils/csmock/pull/179\nCloses: https://github.com/kdudka/csmock/pull/new/chroot-fixup-llvm","shortMessageHtmlLink":"chroot-fixups: prevent %install of llvm from taking ages to complete"}},{"before":"9e6bcde066eec38bee777b3d219d5199f55e00a5","after":"e9f8060fa39ad0213ca2379605b1f414fa38ed5b","ref":"refs/heads/main","pushedAt":"2024-07-16T13:43:44.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"cwe-map.csv: fix a misplaced quote\n\n... that causes a parsing error and prevents GitHub from rendering\nthe page properly.\n\nFixes: commit c4cecc307723f0bf925c88dcd51ae3a311ff784f\nCloses: https://github.com/kdudka/csmock/pull/new/cwe-map-typo","shortMessageHtmlLink":"cwe-map.csv: fix a misplaced quote"}},{"before":"4248148963f8cf2d3a81cd9121b237a73428e1d4","after":"9e6bcde066eec38bee777b3d219d5199f55e00a5","ref":"refs/heads/main","pushedAt":"2024-07-16T13:13:56.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"ci: disable EPEL-7 tests\n\nThey started to fail because EPEL-7 is EOL:\n```\n[08:31:04] [E] [worker_0] [artemis] [597190e3-c5dc-4b67-9ea7-6803ab0302cf] [pre-artifact-installation] Last 30 lines of Ansible stdout:\n---v---v---v---v---v---\n    \"skip_reason\": \"Conditional result was False\"\n}\n\nTASK [Enable Powertools repository (CentOS 8, CentOS Stream 8)] ****************\nskipping: [3.136.112.131] => {\n    \"changed\": false,\n    \"skip_reason\": \"Conditional result was False\"\n}\n\nTASK [include_tasks] ***********************************************************\nincluded: /CONFIG/guest-setup/pre-artifact-installation/install-epel.yaml for 3.136.112.131\n\nTASK [Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9)] ***\nFAILED - RETRYING: [3.136.112.131]: Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9) (5 retries left).\nFAILED - RETRYING: [3.136.112.131]: Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9) (4 retries left).\nFAILED - RETRYING: [3.136.112.131]: Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9) (3 retries left).\nFAILED - RETRYING: [3.136.112.131]: Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9) (2 retries left).\nFAILED - RETRYING: [3.136.112.131]: Install EPEL on CentOS < 9 and CentOS Stream < 9 (except CentOS Stream 9) (1 retries left).\nfatal: [3.136.112.131]: FAILED! => {\n    \"attempts\": 5,\n    \"changed\": false\n}\n\nMSG:\n\nFailure talking to yum: Cannot find a valid baseurl for repo: base/7/x86_64\n\nPLAY RECAP *********************************************************************\n3.136.112.131              : ok=15   changed=2    unreachable=0    failed=1    skipped=22   rescued=0    ignored=3\n\n---^---^---^---^---^---\n[08:31:04] [E] [CentOS-7:x86_64:/plans/ci] guest setup failed: Failure during Ansible playbook execution\n```\n\nCloses: https://github.com/csutils/csmock/pull/179","shortMessageHtmlLink":"ci: disable EPEL-7 tests"}},{"before":"b8a55531e466be52576f8ad68e85be03d486f093","after":"4248148963f8cf2d3a81cd9121b237a73428e1d4","ref":"refs/heads/main","pushedAt":"2024-06-21T16:11:40.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"csmock: use `NOCHECK_RPM_OPTS` also for `%build`\n\n... when execution of tests is not needed for the requested scan.\nThis fixes an unnecessary failure while SAST scanning\n`jss-4.9.4-1.module+el8.7.0+15532+95bac9ee`\n\nResolves: https://issues.redhat.com/browse/OSH-697\nCloses: https://github.com/csutils/csmock/pull/176","shortMessageHtmlLink":"csmock: use <code>NOCHECK_RPM_OPTS</code> also for <code>%build</code>"}},{"before":"69b366f773ab6d1dd5089132ef721bd1b142bf77","after":"b8a55531e466be52576f8ad68e85be03d486f093","ref":"refs/heads/main","pushedAt":"2024-06-20T20:06:58.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"csmock: use `rpmbuild --without test ...`\n\n... when execution of tests is not needed for the requested scan.\nThis fixes an unnecessary failure while SAST scanning\n`jss-4.9.4-1.module+el8.7.0+15532+95bac9ee`\n\nResolves: https://issues.redhat.com/browse/OSH-697\nCloses: https://github.com/csutils/csmock/pull/175","shortMessageHtmlLink":"csmock: use <code>rpmbuild --without test ...</code>"}},{"before":"9f5a0fb81269be6c7346ba8b156f1afb298e0347","after":"69b366f773ab6d1dd5089132ef721bd1b142bf77","ref":"refs/heads/main","pushedAt":"2024-06-19T10:17:36.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: do not fail the scan if clippy fails to install\n\nIf the `clippy` package is not available in the build repos, a warning\nis emitted and `clippy` is not recorded as an enabled tool in the scan\nproperties.  But the scan continues without `clippy` in this case.\n\nThe approach is similar to what `--gcc-analyze` does.  This is needed\nbecause `clippy` is not available for each mock config and we do not\nwant to configure the set of enabled tools separately for each mock\nconfig.\n\nRelated: https://issues.redhat.com/browse/OSH-30\nCloses: https://github.com/csutils/csmock/pull/174","shortMessageHtmlLink":"clippy: do not fail the scan if clippy fails to install"}},{"before":"722830cf872d7bcfb30c5c2e1179550a250fa512","after":"9f5a0fb81269be6c7346ba8b156f1afb298e0347","ref":"refs/heads/main","pushedAt":"2024-06-17T08:19:03.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: always create the capture file for Clippy\n\n... to avoid triggering a non-fatal failure while exporting files\nfrom the chroot in case Clippy is enabled for a non-Rust project:\n```\ntar: /builddir/clippy-output.txt: Cannot stat: No such file or directory\ntar: Exiting with failure status due to previous errors\n```\n\nRelated: https://issues.redhat.com/browse/OSH-30\nCloses: https://github.com/csutils/csmock/pull/173","shortMessageHtmlLink":"clippy: always create the capture file for Clippy"}},{"before":"a059ab9f12a32decb4ed572670aad728de0de31e","after":"722830cf872d7bcfb30c5c2e1179550a250fa512","ref":"refs/heads/main","pushedAt":"2024-06-12T14:54:13.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"lzaoral","name":"Lukáš Zaoral","path":"/lzaoral","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/48823770?s=80&v=4"},"commit":{"message":"csmock: use `Path.name` to get the basename\n\n... and not `Path.stem` which also removes a filename suffix.\n\nFixes: b2c720159d52ac89e10e290237f230dbe41848a8 (\"csmock: use the root mock profile property for lock names\")\nResolves: https://issues.redhat.com/browse/OSH-464","shortMessageHtmlLink":"csmock: use <code>Path.name</code> to get the basename"}},{"before":"b037156500c0517839a0421bc1fdbf417967554e","after":"a059ab9f12a32decb4ed572670aad728de0de31e","ref":"refs/heads/main","pushedAt":"2024-06-03T16:05:34.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: make the cargo wrapper work in bash\n\nIt turned out that the last change was not properly tested.\nThe previously used syntax is not recognized by bash:\n```\n[...]\ncd ./librsvg && \\\nPKG_CONFIG_ALLOW_CROSS=1 \\\nPKG_CONFIG='/usr/bin/pkg-config' \\\nCARGO_TARGET_DIR=/builddir/build/BUILD/librsvg-2.50.7/target \\\ncargo --locked build --verbose  --release \\\n&& cd /builddir/build/BUILD/librsvg-2.50.7 && /bin/sh ./libtool  --tag=CC   --mode=link gcc  -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -Wp,-D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -fstack-protector-strong -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -m64 -march=x86-64-v2 -mtune=generic -fasynchronous-unwind-tables -fstack-clash-protection -fcf-protection  -Wl,-z,relro -Wl,--as-needed  -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1  -o librsvg_c_api.la _rsvg_dummy.lo && mv /builddir/build/BUILD/librsvg-2.50.7/target/release/librsvg_c_api.a .libs/librsvg_c_api.a\n/usr/bin/cargo: line 5: ${@[i]}: bad substitution\n[...]\n```\n\nThis commit fixes it.  Moreover, the invocation of `cargo_original` was\nwrong because the wrapper path was passed as the first command-line arg\nby mistake:\n```\n[...]\ncd ./librsvg &&                     \\\nPKG_CONFIG_ALLOW_CROSS=1                        \\\nPKG_CONFIG='/usr/bin/x86_64-redhat-linux-gnu-pkg-config'                        \\\nCARGO_TARGET_DIR=/builddir/build/BUILD/librsvg-2.50.7/target                    \\\ncargo --locked build --verbose  --release \\\n&& cd /builddir/build/BUILD/librsvg-2.50.7 && /bin/sh ./libtool  --tag=CC   --mode=link gcc  -O2 -flto=auto -ffat-lto-objects -fexceptions -g -grecord-gcc-switches -pipe -Wall -Werror=forma\n+ /usr/bin/cargo_original /usr/bin/cargo --locked clippy --verbose --release --message-format=json\nerror: running `/usr/bin/cargo` requires `-Zscript`\n+ break\n+ exec /usr/bin/cargo_original --locked build --verbose --release\n[...]\n```\n\nRelated: https://issues.redhat.com/browse/OSH-30","shortMessageHtmlLink":"clippy: make the cargo wrapper work in bash"}},{"before":"76a7d657c8311cc4e6313acd072abbeb09effbc4","after":"b037156500c0517839a0421bc1fdbf417967554e","ref":"refs/heads/main","pushedAt":"2024-05-29T12:24:26.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: make the wrapper work if `build` is not the 1st arg\n\n... so that we can successfully scan the Rust code\nin `librsvg2-2.50.7-1.el9_0` where `cargo` is invoked\nlike this:\n```\ncd ./librsvg && \\\n    PKG_CONFIG_ALLOW_CROSS=1 \\\n    PKG_CONFIG='/usr/bin/x86_64-redhat-linux-gnu-pkg-config' \\\n    CARGO_TARGET_DIR=/builddir/build/BUILD/librsvg-2.50.7/target \\\n    cargo --locked build --verbose  --release \\\n    && cd /builddir/build/BUILD/librsvg-2.50.7 && /bin/sh ./libtool [...]\n```\n\nRelated: https://issues.redhat.com/browse/OSH-30\nCloses: https://github.com/csutils/csmock/pull/170","shortMessageHtmlLink":"clippy: make the wrapper work if <code>build</code> is not the 1st arg"}},{"before":"d21690381046f9a176e5fb36672f5f7105e419fc","after":"76a7d657c8311cc4e6313acd072abbeb09effbc4","ref":"refs/heads/main","pushedAt":"2024-05-29T10:42:01.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: do not fail scan of packages without Rust code\n\nWe want to enable `clippy` in the default scanning profile in a way that\nit takes an effect for packages that build Rust code.  For packages that\ndo not build any Rust code, the plug-in should do nothing rather than\nfailing the whole scan:\n```\n% csmock -at clippy -r rhel-7-x86_64 -f units-2.01-5.el7_9.src.rpm\n[...]\n>>> 2024-05-28 12:24:21 \"set -o pipefail; /usr/share/csmock/scripts/convert-clippy.py < /tmp/csmocknsbuwvil/units-2.01-5.el7_9/debug/raw-results/builddir/clippy-output.txt | csgrep --remove-duplicates > /tmp/csmocknsbuwvil/units-2.01-5.el7_9/debug/uni-results/clippy-capture.err\"\n/bin/sh: line 1: /tmp/csmocknsbuwvil/units-2.01-5.el7_9/debug/raw-results/builddir/clippy-output.txt: No such file or directory\n\n!!! 2024-05-28 12:24:21 error: post-process hook failed\n```\n\nFixes: commit d21690381046f9a176e5fb36672f5f7105e419fc\nRelated: https://issues.redhat.com/browse/OSH-30\nCloses: https://github.com/csutils/csmock/pull/169","shortMessageHtmlLink":"clippy: do not fail scan of packages without Rust code"}},{"before":"23493fe1a7298c856cb15373200080b178c28e31","after":"d21690381046f9a176e5fb36672f5f7105e419fc","ref":"refs/heads/main","pushedAt":"2024-05-27T17:12:16.000Z","pushType":"push","commitsCount":5,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"clippy: allow for propagation of conversion error","shortMessageHtmlLink":"clippy: allow for propagation of conversion error"}},{"before":"46ceee0f86ac62a7e29063d72c3ff07bb3de2494","after":"23493fe1a7298c856cb15373200080b178c28e31","ref":"refs/heads/main","pushedAt":"2024-05-21T10:53:20.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"csmock: make kfp work for project-koku-koku-cbe5e5c3355c1e140aa1cca7377aebe09d8d8466\n\nMake the code obtaining package name recognize a full-size SHA1 hash\nencoded in lowercase as the `version` part, too.\n\nReported-by: Tapas Jena\nReported-by: Juan Perez de Algaba Sierra\nCloses: https://github.com/csutils/csmock/pull/168","shortMessageHtmlLink":"csmock: make kfp work for project-koku-koku-cbe5e5c3355c1e140aa1cca73…"}},{"before":"6b088e36d38a32b99b264b056c06e53e2fbe15f5","after":"46ceee0f86ac62a7e29063d72c3ff07bb3de2494","ref":"refs/heads/main","pushedAt":"2024-05-21T07:58:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"chroot-fixups: make our scripts work again in pre-UsrMove chroots\n\nWhen we build csmock for RHEL-9, rpmbuild translates `/bin/bash`\nto `/usr/bin/bash` in our scripts.  When we copy the scripts into\nan old chroot, such as `rhel-6-x86_64`, the translated path does\nnot exist and the script fails with:\n```\n>>> 2024-05-20 12:04:36\t\"/usr/bin/mock\" \"-r\" \"rhel-6-x86_64\" \"--plugin-option=tmpfs:keep_mounted=True\" \"--config-opts=print_main_output=True\" \"--quiet\" \"--chroot\" \"/usr/share/csmock/scripts/run-shellcheck.sh /builddir/build/BUILDROOT > /builddir/shellcheck-capture.err\"\n/bin/sh: /usr/share/csmock/scripts/run-shellcheck.sh: /usr/bin/bash: bad interpreter: No such file or directory\n```\n\nCloses: https://github.com/csutils/csmock/pull/167","shortMessageHtmlLink":"chroot-fixups: make our scripts work again in pre-UsrMove chroots"}},{"before":"c4fd7ec1c28da523be05937c8d5cffc0c96d8ba6","after":null,"ref":"refs/heads/6040736eba6b1","pushedAt":"2024-05-17T14:24:58.000Z","pushType":"branch_deletion","commitsCount":0,"pusher":{"login":"lzaoral","name":"Lukáš Zaoral","path":"/lzaoral","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/48823770?s=80&v=4"}},{"before":"7d47a88a112e15002953649249d7cefe26464c9b","after":"6b088e36d38a32b99b264b056c06e53e2fbe15f5","ref":"refs/heads/main","pushedAt":"2024-05-17T11:14:31.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"lzaoral","name":"Lukáš Zaoral","path":"/lzaoral","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/48823770?s=80&v=4"},"commit":{"message":"snyk: explicitly enable networking for snyk client execution\n\n... in the chroot.  Otherwise, it is going to fail.\n\nRelated: https://issues.redhat.com/browse/OSH-69","shortMessageHtmlLink":"snyk: explicitly enable networking for snyk client execution"}},{"before":"6ef4173ce305537415e75e1034b3e22c117ceb70","after":"7d47a88a112e15002953649249d7cefe26464c9b","ref":"refs/heads/main","pushedAt":"2024-05-17T10:50:06.000Z","pushType":"push","commitsCount":3,"pusher":{"login":"lzaoral","name":"Lukáš Zaoral","path":"/lzaoral","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/48823770?s=80&v=4"},"commit":{"message":"tests: edit csutils repo priority only in Testing Farm","shortMessageHtmlLink":"tests: edit csutils repo priority only in Testing Farm"}},{"before":"ac0af3ec2c25e295a3a80d7d43535876f1d75b63","after":"6ef4173ce305537415e75e1034b3e22c117ceb70","ref":"refs/heads/main","pushedAt":"2024-04-29T08:52:08.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"csmock: fix Permission denied errors on /builddir\n\n... while scaning tarballs instead of SRPMs:\n```\n$ csmock -r fedora-rawhide-x86_64 -t clippy --shell-cmd='cargo build' -f trustification-main.tar.gz\n[...]\n+ cargo build\n+ set -- clippy\n+ /usr/bin/cargo_original clippy --message-format=json\n/usr/bin/cargo: line 9: /builddir/clippy-output.txt: Permission denied\n+ /usr/bin/cargo_original build\n    Updating git repository `https://github.com/ctron/csaf-rs`\nerror: failed to load source for dependency `csaf`\n\nCaused by:\n  Unable to update https://github.com/ctron/csaf-rs?rev=183326beac525d58962f78be8eca973017702753#183326be\n\nCaused by:\n  failed to create directory `/builddir/.cargo/git/db/csaf-rs-27cd9c29798421c8`\n\nCaused by:\n  Permission denied (os error 13)\nFinish: chroot ['/bin/su mockbuild -l -c \"PATH=\\\\$PATH sh -c \\\\\"sh -x \\'/tmp/csmockgr5cszf3/build.sh\\'\\\\\"\"']\nFinish: run\n\n!!! 2024-04-23 16:13:23\terror: %build failed\n```\n\nReported-by: Jonathan Christison\nCloses: https://github.com/csutils/csmock/pull/163","shortMessageHtmlLink":"csmock: fix Permission denied errors on /builddir"}},{"before":"154cf56d4e5a979a4576f0a9b7e3a249ed63b9cf","after":"ac0af3ec2c25e295a3a80d7d43535876f1d75b63","ref":"refs/heads/main","pushedAt":"2024-04-29T08:03:21.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"results: set the \"imp\" flag in the list of important findings\n\n... rather than clearing it.  If scan results are processed later on,\nit is useful to know the original state of the \"imp\" flag, regardless\nof the context (whether we have a list of important findings only,\nor an all-in-one list of findings).  A side effect will be that a red\n`[important]` tag will appear in the HTML output next to each finding,\nwhich is probably harmless.\n\nRelated: https://issues.redhat.com/browse/OSH-343\nRelated: https://issues.redhat.com/browse/OSH-565\nCloses: https://github.com/csutils/csmock/pull/159","shortMessageHtmlLink":"results: set the \"imp\" flag in the list of important findings"}},{"before":"6473cc4bc042085a630d40d76e4701bd1371d64f","after":"154cf56d4e5a979a4576f0a9b7e3a249ed63b9cf","ref":"refs/heads/main","pushedAt":"2024-04-26T11:00:37.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"results: record the RPM package that provided KFP\n\nResolves: https://issues.redhat.com/browse/OSH-624\nCloses: https://github.com/csutils/csmock/pull/161","shortMessageHtmlLink":"results: record the RPM package that provided KFP"}},{"before":"5c4d5de2c968be396b98c103fa8f3ffa1ca0ed72","after":"6473cc4bc042085a630d40d76e4701bd1371d64f","ref":"refs/heads/main","pushedAt":"2024-04-25T15:25:39.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"gcc: eliminate misaligned ASCII art coming from GCC analyzer\n\nNew versions of GCC started to produce ASCII art, which is not properly\nhandled by the plain-text parser in csdiff:\n```\n Error: GCC_ANALYZER_WARNING (CWE-126): [#def1]\n bluez-5.75/emulator/bthost.c: scope_hint: In function ‘queue_command’\n bluez-5.75/emulator/bthost.c:571:52: warning[-Wanalyzer-out-of-bounds]: stack-based buffer over-read\n bluez-5.75/emulator/bthost.c:571:52: note: read of 8 bytes from after the end of ‘iov’\n bluez-5.75/emulator/bthost.c:571:52: note: valid subscripts for ‘iov’ are ‘[0]’ to ‘[2]’\n #                                              └──────────────────────────┘\n #                                                           ^\n #  569|\n #  570|   \tfor (i = 0; i < iovlen; i++) {\n #  571|-> \t\tmemcpy(cmd->data + cmd->len, iov[i].iov_base, iov[i].iov_len);\n #  572|   \t\tcmd->len += iov[i].iov_len;\n #  573|   \t}\n```\n\nIf gcc in the chroot recognizes `-fdiagnostics-text-art-charset=none`,\nuse it to prevent GCC analyzer from producing such output.\n\nReported-by: David Malcolm\nCloses: https://github.com/csutils/csmock/pull/162","shortMessageHtmlLink":"gcc: eliminate misaligned ASCII art coming from GCC analyzer"}},{"before":"245d3467c8a84fb716b2c799a0ae3b440976da7a","after":"5c4d5de2c968be396b98c103fa8f3ffa1ca0ed72","ref":"refs/heads/main","pushedAt":"2024-04-24T10:28:29.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"csmock: make kfp work for quarkus-registry.quarkus.redhat.com\n\nThe code that extracts package name from the name-version-release\nstring did not work as expected if the hash suffix started with a digit.\nConsequently, it did not find the corresponding `exclude-paths.txt` file\nin the known-false-positives while scanning a source code tarball named:\n`quarkus-registry.quarkus.redhat.com-01fec5413626d669361dcb0bf921e297be6afdf7.tar.gz`\n\nRelated: https://issues.redhat.com/browse/OSH-392\nResolves: https://issues.redhat.com/browse/OSH-623\nCloses: https://github.com/csutils/csmock/pull/158","shortMessageHtmlLink":"csmock: make kfp work for quarkus-registry.quarkus.redhat.com"}},{"before":"3d8001adf4397957fd0b1e56584c773212bbd054","after":"245d3467c8a84fb716b2c799a0ae3b440976da7a","ref":"refs/heads/main","pushedAt":"2024-04-24T08:43:02.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"plugin/semgrep: simplify handling of mock_root\n\nThere is no need to write the string to a file in the buildroot, then\ncopy it out to the host and read it again.  The string can be easily\npassed in memory.\n\nRelated: https://issues.redhat.com/browse/OSH-57\nCloses: https://github.com/csutils/csmock/pull/160","shortMessageHtmlLink":"plugin/semgrep: simplify handling of mock_root"}},{"before":"feba72d965a7d0a7b2893cd5e00c231b397f4b86","after":"3d8001adf4397957fd0b1e56584c773212bbd054","ref":"refs/heads/main","pushedAt":"2024-04-09T13:54:21.000Z","pushType":"push","commitsCount":2,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"plugins/clippy: propagate column number in scan results\n\nRelated: https://issues.redhat.com/browse/OSH-30\nCloses: https://github.com/csutils/csmock/pull/157","shortMessageHtmlLink":"plugins/clippy: propagate column number in scan results"}},{"before":"87d976186fefd36278bfa66f68ee0c2f53ba4079","after":"feba72d965a7d0a7b2893cd5e00c231b397f4b86","ref":"refs/heads/main","pushedAt":"2024-04-02T01:47:25.000Z","pushType":"pr_merge","commitsCount":2,"pusher":{"login":"rhyw","name":"Yuguang Wang","path":"/rhyw","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/507591?s=80&v=4"},"commit":{"message":"plugins/semgrep: include/install semgrep plugin in make-srpm.sh","shortMessageHtmlLink":"plugins/semgrep: include/install semgrep plugin in make-srpm.sh"}},{"before":"b3503d48696cb2ec8eb2fb379fb57c141f08e8da","after":"87d976186fefd36278bfa66f68ee0c2f53ba4079","ref":"refs/heads/main","pushedAt":"2024-03-21T12:16:58.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"rhyw","name":"Yuguang Wang","path":"/rhyw","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/507591?s=80&v=4"},"commit":{"message":"util.py: fix a typo in sanitize_opts_arg","shortMessageHtmlLink":"util.py: fix a typo in sanitize_opts_arg"}},{"before":"b90b8e87b7d3a54a29b6b05210cec6d4e8887101","after":"b3503d48696cb2ec8eb2fb379fb57c141f08e8da","ref":"refs/heads/main","pushedAt":"2024-03-20T16:16:42.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"snyk: sanitize options passed to --snyk-code-test-opts\n\n... to avoid shell injection.  Also provide `sanitize_opts_arg()`\nin `csmock.common.util` so that it can be reused by other plug-ins\nthat support passing of custom options to the wrapped tools.\n\nFixes: commit 73eddc138c8e9c97246dd2d12ad30a2a13bea3f4\nResolves: CVE-2024-2243 - command injection vulnerability in csmock-plugin-snyk\nReviewed-by: jperezde <jperezde@redhat.com>","shortMessageHtmlLink":"snyk: sanitize options passed to --snyk-code-test-opts"}},{"before":"802bbf3f719b2c3ed52b8d9175a8cc0120cff609","after":"b90b8e87b7d3a54a29b6b05210cec6d4e8887101","ref":"refs/heads/main","pushedAt":"2024-03-18T12:55:23.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"snyk: skip writing of scan metadata when no supported project\n\nReproducer: csmock -r rhel-9-x86_64 -t snyk -f octavia-amphora-image-vert-fips-x86_64-18.0-20240305.1.el9ost.src.rpm\n\nRelated: https://issues.redhat.com/browse/OSH-583\n\nWhen an snyk-unsupported project is scanned using snyk, no stats are generated.","shortMessageHtmlLink":"snyk: skip writing of scan metadata when no supported project"}},{"before":"b2c720159d52ac89e10e290237f230dbe41848a8","after":"802bbf3f719b2c3ed52b8d9175a8cc0120cff609","ref":"refs/heads/main","pushedAt":"2024-02-28T12:46:26.000Z","pushType":"pr_merge","commitsCount":1,"pusher":{"login":"kdudka","name":"Kamil Dudka","path":"/kdudka","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/227483?s=80&v=4"},"commit":{"message":"snyk: added snyk stats to metadata\n\nRelated: https://issues.redhat.com/browse/OSH-347\nReproducer: csmock -t snyk --force -r rhel-8-x86_64 osbuild-106-1.el10+4.src.rpm\n\nAdded the stats from snyk results (snyk coverage rate, analyzed files and total of files) to the metadata file.","shortMessageHtmlLink":"snyk: added snyk stats to metadata"}},{"before":"af84d2ff0c770b9db40c94ee6db37b5a292b8a5b","after":"b2c720159d52ac89e10e290237f230dbe41848a8","ref":"refs/heads/main","pushedAt":"2024-02-27T14:43:51.000Z","pushType":"push","commitsCount":1,"pusher":{"login":"lzaoral","name":"Lukáš Zaoral","path":"/lzaoral","primaryAvatarUrl":"https://avatars.githubusercontent.com/u/48823770?s=80&v=4"},"commit":{"message":"csmock: use the root mock profile property for lock names\n\nTo fix a crash when two mock profile configuration files have different names\nbut use the same root directory:\n```\n[...]\n>>> 2024-02-19 14:29:12\t\"/usr/bin/mock\" \"-r\" \"/tmp/tmpyfvruenl/mock.cfg\" \"--plugin-option=tmpfs:keep_mounted=True\" \"--config-opts=print_main_output=True\" \"--init\"\nINFO: mock.py version 5.2 starting (python version = 3.9.18, NVR = mock-5.2-1.kdudka.5.el9), args: /usr/libexec/mock/mock -r /tmp/tmpyfvruenl/mock.cfg --plugin-option=tmpfs:keep_mounted=True --config-opts=print_main_output=True --init\nStart(bootstrap): init plugins\nINFO: selinux enabled\nFinish(bootstrap): init plugins\nStart: init plugins\nINFO: selinux enabled\nFinish: init plugins\nINFO: Signal handler active\nStart: run\nStart: clean chroot\nERROR: Build root is locked by another process.\n\n!!! 2024-02-19 14:29:13\twarning: failed to init mock profile (/tmp/tmpyfvruenl/mock.cfg), trying to scrub cache...\n[...]\n```\n\nResolves: https://github.com/openscanhub/openscanhub/pull/228#discussion_r1494645666","shortMessageHtmlLink":"csmock: use the root mock profile property for lock names"}}],"hasNextPage":true,"hasPreviousPage":false,"activityType":"all","actor":null,"timePeriod":"all","sort":"DESC","perPage":30,"cursor":"djE6ks8AAAAEgNueEAA","startCursor":null,"endCursor":null}},"title":"Activity · csutils/csmock"}