diff --git a/aws-c-common.yaml b/aws-c-common.yaml index 9742f0c19c0..7e6445be998 100644 --- a/aws-c-common.yaml +++ b/aws-c-common.yaml @@ -1,6 +1,6 @@ package: name: aws-c-common - version: 0.10.3 + version: 0.10.4 epoch: 0 description: Core c99 package for AWS SDK for C including cross-platform primitives, configuration, data structures, and error handling copyright: @@ -20,7 +20,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 63187b976a482309e23296c5f967fc19c4131746 + expected-commit: be8ed873a5baf0239bf4941df75904c3053cd509 repository: https://github.com/awslabs/aws-c-common tag: v${{package.version}} diff --git a/aws-eks-pod-identity-agent.yaml b/aws-eks-pod-identity-agent.yaml index 68fe0a140e7..fab66b4cfd9 100644 --- a/aws-eks-pod-identity-agent.yaml +++ b/aws-eks-pod-identity-agent.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: aws-eks-pod-identity-agent - version: 0_git20241126 + version: 0_git20241128 epoch: 0 description: EKS Pod Identity is a feature of Amazon EKS that simplifies the process for cluster administrators to configure Kubernetes applications with AWS IAM permissions copyright: @@ -10,7 +10,7 @@ package: pipeline: - uses: git-checkout with: - expected-commit: 9e7ec777d96d27c627fd1b15effaf10e2cf4699e + expected-commit: 15b7d58b3975d03f7ab6f17b09ec955fb7d66028 repository: https://github.com/aws/eks-pod-identity-agent branch: main diff --git a/bats.yaml b/bats.yaml index 2aff175ab1f..4651daee363 100644 --- a/bats.yaml +++ b/bats.yaml @@ -1,14 +1,14 @@ package: name: bats version: 1.11.0 - epoch: 1 + epoch: 2 description: Bash Automated Testing System copyright: - license: MIT dependencies: runtime: - bash - - coreutils + - busybox - ncurses - parallel @@ -16,9 +16,7 @@ environment: contents: packages: - bash - - build-base - - busybox - - ca-certificates-bundle + - wget pipeline: - uses: git-checkout @@ -28,9 +26,29 @@ pipeline: expected-commit: 5da66876b8b619235aee1eb3e54954eaca88059b - runs: | - ./install.sh "${{targets.contextdir}}/usr" + ./install.sh "${{targets.contextdir}}/usr" + mkdir -p "${{targets.contextdir}}/tmp/" + cp -r ./docker "${{targets.contextdir}}/tmp/docker" + "${{targets.contextdir}}/tmp/docker/install_libs.sh" support 0.3.0 + "${{targets.contextdir}}/tmp/docker/install_libs.sh" file 0.4.0 + "${{targets.contextdir}}/tmp/docker/install_libs.sh" assert 2.1.0 + "${{targets.contextdir}}/tmp/docker/install_libs.sh" detik 1.3.1 + find "${{targets.contextdir}}" -type f -perm /2000 -exec chmod g-s {} \; + rm -rf "${{targets.contextdir}}/tmp/" subpackages: + - name: bats-compat + pipeline: + - runs: | + mkdir -p "${{targets.contextdir}}/opt/bats/" + find . -maxdepth 1 \ + -not -name '.*' \ + -not -name 'melange-out' \ + -exec mv {} "${{targets.contextdir}}/opt/bats/" \; + mkdir -p "${{targets.contextdir}}/usr/local/bin" + ln -s /opt/bats/bin/bats "${{targets.contextdir}}/usr/local/bin/bats" + description: bats compatibility package + - name: bats-doc pipeline: - uses: split/manpages @@ -44,6 +62,87 @@ update: test: pipeline: - # AUTOGENERATED - runs: | bats --version + + # Create the example.sh script using heredocs + cat << 'EOF' > /tmp/example.sh + add_numbers() { + echo $(( $1 + $2 )) + } + + file_exists() { + if [[ -f "$1" ]]; then + echo "true" + else + echo "false" + fi + } + + string_contains() { + if [[ "$1" == *"$2"* ]]; then + echo "true" + else + echo "false" + fi + } + EOF + + # Create the inline_test.bats script using heredocs + cat << 'EOF' > /tmp/inline_test.bats + #!/usr/bin/env bats + + load_file() { + source "/tmp/example.sh" + } + + setup() { + load_file + } + + teardown() { + rm -f testfile.txt + } + + @test "add_numbers should correctly add two numbers" { + run add_numbers 3 5 + [ "$status" -eq 0 ] + [ "$output" -eq 8 ] + } + + @test "file_exists should return true for existing file" { + touch testfile.txt + run file_exists testfile.txt + [ "$status" -eq 0 ] + [ "$output" = "true" ] + } + + @test "file_exists should return false for non-existing file" { + run file_exists non_existing_file.txt + [ "$status" -eq 0 ] + [ "$output" = "false" ] + } + + @test "string_contains should return true if substring is found" { + run string_contains "hello world" "hello" + [ "$status" -eq 0 ] + [ "$output" = "true" ] + } + + @test "string_contains should return false if substring is not found" { + run string_contains "hello world" "bye" + [ "$status" -eq 0 ] + [ "$output" = "false" ] + } + EOF + + # Make the scripts executable + chmod +x /tmp/example.sh + chmod +x /tmp/inline_test.bats + + # Run the bats tests + bats /tmp/inline_test.bats + + # Clean up + rm -f /tmp/example.sh + rm -f /tmp/inline_test.bats diff --git a/benchmark.yaml b/benchmark.yaml index d6736a19e4c..107e48397c4 100644 --- a/benchmark.yaml +++ b/benchmark.yaml @@ -1,7 +1,7 @@ package: name: benchmark - version: 1.9.0 - epoch: 1 + version: 1.9.1 + epoch: 0 description: "microbenchmark support library" copyright: - license: Apache-2.0 @@ -21,7 +21,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 12235e24652fc7f809373e7c11a5f73c5763fc4c + expected-commit: c58e6d0710581e3a08d65c349664128a8d9a2461 repository: https://github.com/google/benchmark tag: v${{package.version}} diff --git a/bmake.yaml b/bmake.yaml index 649cfae3bfd..118af723cab 100644 --- a/bmake.yaml +++ b/bmake.yaml @@ -1,7 +1,7 @@ package: name: bmake - version: "20240921" - epoch: 1 + version: "20241124" + epoch: 0 description: Portable version of the NetBSD make build tool copyright: - license: BSD-2-Clause @@ -18,7 +18,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: b346579e82d296d1a4da29dea8594e3ee596130b20786dec0f3899a3e11275c2 + expected-sha256: 4f66406091c2f85ea964b238d69eb8f71ab4baac9dca4687a71883ba6de4ddb2 uri: https://www.crufty.net/ftp/pub/sjg/bmake-${{package.version}}.tar.gz strip-components: 0 diff --git a/cargo-c.yaml b/cargo-c.yaml index b1cd8d3566d..e9e2b0ddaed 100644 --- a/cargo-c.yaml +++ b/cargo-c.yaml @@ -1,7 +1,7 @@ package: name: cargo-c - version: 0.10.5 - epoch: 1 + version: 0.10.6 + epoch: 0 description: build and install C-compatible libraries copyright: - license: MIT @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/lu-zero/cargo-c tag: v${{package.version}} - expected-commit: b6081a47813aab0175645e332b14282c651c893d + expected-commit: c027fcf597e10154a8bc55c46182a4c2480d8d25 - runs: | cargo auditable build --release diff --git a/clickhouse-24.9.yaml b/clickhouse-24.9.yaml deleted file mode 100644 index 38e0fa8e984..00000000000 --- a/clickhouse-24.9.yaml +++ /dev/null @@ -1,203 +0,0 @@ -package: - name: clickhouse-24.9 - version: 24.9.3.128 - epoch: 0 - description: ClickHouse is the fastest and most resource efficient open-source database for real-time apps and analytics. - copyright: - - license: Apache-2.0 - resources: - cpu: 65 - memory: 32Gi - dependencies: - provides: - - clickhouse=${{package.full-version}} - -environment: - contents: - packages: - - bash - - build-base - - busybox - - ca-certificates-bundle - - clang-17 - - clang-17-dev - - cmake - - coreutils - - findutils - - git - - grep - - llvm-libcxx-17 - - llvm-libcxx-17-dev - - llvm-lld-17 - - llvm-lld-17-dev - - nasm - - ninja - - openssf-compiler-options - - perl - - python3 - - yasm - -pipeline: - - uses: git-checkout - with: - repository: https://github.com/ClickHouse/ClickHouse - tag: v${{package.version}}-stable - expected-commit: 9a816c73dd4eb5f2ff994b1d9a57c5829f3e4811 - - # The default build script is defensive and tries to protect against defining cflags. - - uses: patch - with: - patches: allow_cflags.patch - - - runs: | - git submodule update --init - mkdir build - cd build - cmake \ - -DCOMPILER_CACHE=disabled \ - -DCMAKE_INSTALL_PREFIX=/usr \ - -DCMAKE_BUILD_TYPE=Release \ - -DNO_ARMV81_OR_HIGHER=1 \ - -DCMAKE_INSTALL_LIBDIR=lib \ - .. - - - runs: | - cd build - ninja -j $(nproc) - mkdir -p ${{targets.destdir}}/var/lib/clickhouse - mkdir -p ${{targets.destdir}}/var/log/clickhouse-server - DESTDIR=${{targets.destdir}} ninja install - rm -rf ${{targets.destdir}}/usr/lib/debug - - - uses: strip - -subpackages: - - name: "${{package.name}}-dev" - description: "headers for clickhouse" - pipeline: - - uses: split/dev - - - name: "${{package.name}}-bash-completion" - description: "bash completion for clickhouse" - pipeline: - - runs: | - mkdir -p ${{targets.subpkgdir}}/usr/share/bash-completion/completions - mv ${{targets.destdir}}/usr/share/bash-completion/completions/clickhouse ${{targets.subpkgdir}}/usr/share/bash-completion/completions - - - name: "${{package.name}}-compat" - description: "docker compat for clickhouse" - pipeline: - - runs: | - cd build - install -Dm755 ../docker/server/entrypoint.sh ${{targets.subpkgdir}}/entrypoint.sh - mkdir -p ${{targets.subpkgdir}}/etc/clickhouse-server/config.d/ - cp ../docker/server/docker_related_config.xml ${{targets.subpkgdir}}/etc/clickhouse-server/config.d/docker_related_config.xml - -update: - enabled: true - ignore-regex-patterns: - - '-stable$' - github: - identifier: ClickHouse/ClickHouse - tag-filter-prefix: v24.9. - strip-prefix: v - strip-suffix: -stable - -test: - environment: - contents: - packages: - - bash - - coreutils - - findutils - - procps # for checking server process - - curl # for HTTP interface testing - pipeline: - # AUTOGENERATED - - runs: | - ch --version - chc --version - chl --version - clickhouse --version - clickhouse-benchmark --help - clickhouse-client --version - clickhouse-compressor --help - clickhouse-disks --version - clickhouse-format version - clickhouse-git-import version - clickhouse-keeper --version - clickhouse-keeper-client --help - clickhouse-keeper-converter --help - clickhouse-library-bridge --help - clickhouse-local --version - clickhouse-obfuscator --help - clickhouse-odbc-bridge --help - clickhouse-server --version - clickhouse-static-files-disk-uploader --help - clickhouse-su --version - ch --help - chc --help - chl --help - clickhouse --help - clickhouse-client --help - clickhouse-disks --help - clickhouse-format help - clickhouse-git-import help - clickhouse-keeper --help - clickhouse-local --help - clickhouse-obfuscator version - clickhouse-server --help - clickhouse-static-files-disk-uploader version - clickhouse-su --help - - name: "Test server startup and basic operation" - runs: | - # Start server in background - clickhouse-server --daemon - sleep 5 - # Verify server is running - pgrep -f clickhouse-server - - name: "Test basic SQL queries via client" - runs: | - # Test CREATE DATABASE - clickhouse-client --query "CREATE DATABASE IF NOT EXISTS test" - # Test CREATE TABLE - clickhouse-client --query "CREATE TABLE test.sample (id UInt32, name String) ENGINE = MergeTree() ORDER BY id" - # Test INSERT - clickhouse-client --query "INSERT INTO test.sample VALUES (1, 'test')" - # Test SELECT - clickhouse-client --query "SELECT * FROM test.sample" | grep -q "test" - - name: "Test local mode operations" - runs: | - # Test query processing in local mode - echo "1,test" | clickhouse-local --structure "id UInt32, name String" --query "SELECT * FROM table" --input-format CSV | grep -q "test" - - name: "Test HTTP interface" - runs: | - # Test basic HTTP query - curl -s "http://localhost:8123/?query=SELECT%201" | grep -q "1" - # Test database creation via HTTP - curl -s -X POST "http://localhost:8123/?query=CREATE%20DATABASE%20IF%20NOT%20EXISTS%20http_test" - - name: "Test system tables access" - runs: | - # Check access to system tables - clickhouse-client --query "SELECT * FROM system.databases WHERE name = 'system'" | grep -q "system" - clickhouse-client --query "SELECT * FROM system.tables WHERE database = 'system' LIMIT 1" - - name: "Test data types handling" - runs: | - clickhouse-client --query " - CREATE TABLE IF NOT EXISTS test.types ( - int8_col Int8, - uint64_col UInt64, - float_col Float64, - string_col String, - date_col Date - ) ENGINE = MergeTree() ORDER BY int8_col" - clickhouse-client --query " - INSERT INTO test.types VALUES - (1, 18446744073709551615, 3.14159, 'test string', '2024-01-01')" - clickhouse-client --query "SELECT * FROM test.types" | grep -q "test string" - - name: "Test benchmark utility" - runs: | - # Simple benchmark test with default options - clickhouse-benchmark --query "SELECT 1" --iterations 10 - # Test with concurrency - clickhouse-benchmark --concurrency 2 --query "SELECT number FROM system.numbers LIMIT 10" --iterations 3 diff --git a/clickhouse-24.9/allow_cflags.patch b/clickhouse-24.9/allow_cflags.patch deleted file mode 100644 index caca7b65a20..00000000000 --- a/clickhouse-24.9/allow_cflags.patch +++ /dev/null @@ -1,44 +0,0 @@ ---- a/PreLoad.cmake -+++ b/PreLoad.cmake -@@ -15,41 +15,6 @@ if (NOT DEFINED ENV{XCODE_IDE}) - endif () - endif() - --# Check if environment is polluted. --if (NOT "$ENV{CFLAGS}" STREQUAL "" -- OR NOT "$ENV{CXXFLAGS}" STREQUAL "" -- OR NOT "$ENV{LDFLAGS}" STREQUAL "" -- OR CMAKE_C_FLAGS OR CMAKE_CXX_FLAGS OR CMAKE_EXE_LINKER_FLAGS OR CMAKE_MODULE_LINKER_FLAGS -- OR CMAKE_C_FLAGS_INIT OR CMAKE_CXX_FLAGS_INIT OR CMAKE_EXE_LINKER_FLAGS_INIT OR CMAKE_MODULE_LINKER_FLAGS_INIT) -- -- # if $ENV -- message("CFLAGS: $ENV{CFLAGS}") -- message("CXXFLAGS: $ENV{CXXFLAGS}") -- message("LDFLAGS: $ENV{LDFLAGS}") -- # if *_FLAGS -- message("CMAKE_C_FLAGS: ${CMAKE_C_FLAGS}") -- message("CMAKE_CXX_FLAGS: ${CMAKE_CXX_FLAGS}") -- message("CMAKE_EXE_LINKER_FLAGS: ${CMAKE_EXE_LINKER_FLAGS}") -- message("CMAKE_SHARED_LINKER_FLAGS: ${CMAKE_SHARED_LINKER_FLAGS}") -- message("CMAKE_MODULE_LINKER_FLAGS: ${CMAKE_MODULE_LINKER_FLAGS}") -- # if *_FLAGS_INIT -- message("CMAKE_C_FLAGS_INIT: ${CMAKE_C_FLAGS_INIT}") -- message("CMAKE_CXX_FLAGS_INIT: ${CMAKE_CXX_FLAGS_INIT}") -- message("CMAKE_EXE_LINKER_FLAGS_INIT: ${CMAKE_EXE_LINKER_FLAGS_INIT}") -- message("CMAKE_MODULE_LINKER_FLAGS_INIT: ${CMAKE_MODULE_LINKER_FLAGS_INIT}") -- -- message(FATAL_ERROR " -- Some of the variables like CFLAGS, CXXFLAGS, LDFLAGS are not empty. -- It is not possible to build ClickHouse with custom flags. -- These variables can be set up by previous invocation of some other build tools. -- You should cleanup these variables and start over again. -- -- Run the `env` command to check the details. -- You will also need to remove the contents of the build directory. -- -- Note: if you don't like this behavior, you can manually edit the cmake files, but please don't complain to developers.") --endif() -- - # Default toolchain - this is needed to avoid dependency on OS files. - execute_process(COMMAND uname -s OUTPUT_VARIABLE OS) - execute_process(COMMAND uname -m OUTPUT_VARIABLE ARCH) diff --git a/conda-build.yaml b/conda-build.yaml index 959d9fecec0..4bac32e2213 100644 --- a/conda-build.yaml +++ b/conda-build.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/conda-build/ package: name: conda-build - version: 24.11.1 + version: 24.11.2 epoch: 0 description: tools for building conda packages copyright: @@ -35,7 +35,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 1d4235a8a8ced33c7b76ab31aff18a2fa0c7ec2b + expected-commit: 07a10e20fa71240bf828dda81bbee72912fe70d1 repository: https://github.com/conda/conda-build tag: ${{package.version}} diff --git a/confluent-kafka.yaml b/confluent-kafka.yaml index 44a6809289f..8861914aa66 100644 --- a/confluent-kafka.yaml +++ b/confluent-kafka.yaml @@ -8,7 +8,7 @@ package: # with the `version:` field. # 2. Created a new variable `mangled-package-version` to append `-ccs` to the # version. - version: 8.0.0.153 + version: 8.0.0.200 epoch: 0 description: Community edition of Confluent Kafka. copyright: @@ -46,14 +46,10 @@ var-transforms: pipeline: - uses: git-checkout with: - expected-commit: 0d74eeb7e82cedcbbfd46481d9ff54ba035d365b + expected-commit: e0c917e0d52c5d1082916a3ebf3d859c96987dc9 repository: https://github.com/confluentinc/kafka tag: v${{vars.mangled-package-version}} - - uses: patch - with: - patches: upgrade-netty-version-to-fix-CVE.patch - - runs: | export JAVA_TOOL_OPTIONS=-Dfile.encoding=UTF8 diff --git a/confluent-kafka/upgrade-netty-version-to-fix-CVE.patch b/confluent-kafka/upgrade-netty-version-to-fix-CVE.patch deleted file mode 100644 index d4259ad7042..00000000000 --- a/confluent-kafka/upgrade-netty-version-to-fix-CVE.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 9eb52f8de4cf58a25a441a594a0dcf8e2bc01cc8 Mon Sep 17 00:00:00 2001 -From: Batuhan Apaydin -Date: Sun, 17 Nov 2024 21:17:01 +0300 -Subject: [PATCH] upgrade netty version to fix CVE - -Signed-off-by: Batuhan Apaydin ---- - gradle/dependencies.gradle | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/gradle/dependencies.gradle b/gradle/dependencies.gradle -index 2b0f617..0c37c65 100644 ---- a/gradle/dependencies.gradle -+++ b/gradle/dependencies.gradle -@@ -113,7 +113,7 @@ versions += [ - mavenArtifact: "3.9.6", - metrics: "2.2.0", - mockito: "5.14.2", -- netty: "4.1.111.Final", -+ netty: "4.1.115.Final", - opentelemetryProto: "1.0.0-alpha", - protobuf: "3.25.5", // a dependency of opentelemetryProto - pcollections: "4.0.1", --- -2.39.3 (Apple Git-146) - diff --git a/croc.yaml b/croc.yaml index 09756747527..6a541c6c2ac 100644 --- a/croc.yaml +++ b/croc.yaml @@ -1,6 +1,6 @@ package: name: croc - version: 10.1.0 + version: 10.1.1 epoch: 0 description: Easily and securely send things from one computer to another copyright: @@ -21,7 +21,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/schollz/croc - expected-commit: 53323cb8c43c05090543e5437fef8b1fa269aeea + expected-commit: f6012939f37cf64c45846d08a51be7eb8fb6249c tag: v${{package.version}} - uses: go/build diff --git a/crossplane.yaml b/crossplane.yaml index 89048a42f15..6576cb16c22 100644 --- a/crossplane.yaml +++ b/crossplane.yaml @@ -1,6 +1,6 @@ package: name: crossplane - version: 1.18.0 + version: 1.18.1 epoch: 0 description: Cloud Native Control Planes copyright: @@ -13,7 +13,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: e663a43ece850e93fe5cdebb2e478e2fb9762ad1 + expected-commit: 0ca82e4f152067f69af11d907ab7b4a0a21fed37 repository: https://github.com/crossplane/crossplane tag: v${{package.version}} diff --git a/datadog-security-agent-policies.yaml b/datadog-security-agent-policies.yaml index e9ec66dddc7..595e5849869 100644 --- a/datadog-security-agent-policies.yaml +++ b/datadog-security-agent-policies.yaml @@ -1,6 +1,6 @@ package: name: datadog-security-agent-policies - version: 0.60.0 + version: 0.61.0 epoch: 0 description: "Policies for Security Agent - compliance and runtime checks" copyright: @@ -16,7 +16,7 @@ pipeline: with: repository: https://github.com/DataDog/security-agent-policies tag: v${{package.version}} - expected-commit: 190c4e2f71e5165c6bd53cf7de0b152f2988a890 + expected-commit: 30a6bff39e8afc84015b8e54eb48ab95c74b073d - runs: | mkdir -p ${{targets.destdir}}/etc/datadog-agent/compliance.d diff --git a/ddp-tool.yaml b/ddp-tool.yaml index c2fee13774d..844a9a92383 100644 --- a/ddp-tool.yaml +++ b/ddp-tool.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-commit,valid-pipeline-git-checkout-tag package: name: ddp-tool - version: 1.0.34.0_git20241126 + version: 1.0.34.0_git20241128 epoch: 0 description: Intel Dynamic Device Personalization Tool copyright: diff --git a/debezium-connect-entrypoint-3.0.yaml b/debezium-connect-entrypoint-3.0.yaml index c4736e737a0..a790e896e2d 100644 --- a/debezium-connect-entrypoint-3.0.yaml +++ b/debezium-connect-entrypoint-3.0.yaml @@ -1,6 +1,6 @@ package: name: debezium-connect-entrypoint-3.0 - version: 3.0.3 + version: 3.0.4 epoch: 0 description: Helper package to provide necessary files for the Debezium images copyright: @@ -39,7 +39,7 @@ pipeline: with: repository: https://github.com/debezium/container-images tag: v${{package.version}}.Final - expected-commit: 29cf76542c7d65a4e71ac12e85ab2c2ea33141d7 + expected-commit: dcb700d1c7db0dbd1532850c1d5b5d4bbc3e0bba - uses: patch with: diff --git a/debezium-connector-db2-3.0.yaml b/debezium-connector-db2-3.0.yaml index dc4459ac1b3..dddd4e47944 100644 --- a/debezium-connector-db2-3.0.yaml +++ b/debezium-connector-db2-3.0.yaml @@ -1,7 +1,7 @@ package: name: debezium-connector-db2-3.0 - version: 3.0.2 - epoch: 1 + version: 3.0.3 + epoch: 0 description: An incubating Debezium connector for Db2 copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/debezium/debezium-connector-db2 tag: v${{package.version}}.Final - expected-commit: 9d1b616700bef57b035eb4392f447c4cd7a914b6 + expected-commit: d6a5d0c0addcda697ae07d97be06eb352a008bcb - name: Build runs: | diff --git a/debezium-connector-ibmi-3.0.yaml b/debezium-connector-ibmi-3.0.yaml index 8e12fe7f709..bb483d959f4 100644 --- a/debezium-connector-ibmi-3.0.yaml +++ b/debezium-connector-ibmi-3.0.yaml @@ -1,7 +1,7 @@ package: name: debezium-connector-ibmi-3.0 - version: 3.0.2 - epoch: 1 + version: 3.0.3 + epoch: 0 description: Debezium Connector for IBM i (AS/400) copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/debezium/debezium-connector-ibmi tag: v${{package.version}}.Final - expected-commit: ce4fd7fd48778da1c901a338157cc1a38694c2b6 + expected-commit: d29d53735364582791481300ac629b4177d7c064 - name: Build runs: | diff --git a/debezium-connector-informix-3.0.yaml b/debezium-connector-informix-3.0.yaml index 917d2590f17..eee6f9a3c24 100644 --- a/debezium-connector-informix-3.0.yaml +++ b/debezium-connector-informix-3.0.yaml @@ -1,7 +1,7 @@ package: name: debezium-connector-informix-3.0 - version: 3.0.2 - epoch: 1 + version: 3.0.3 + epoch: 0 description: An incubating Debezium CDC connector for IBM Informix database copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/debezium/debezium-connector-informix tag: v${{package.version}}.Final - expected-commit: 1abb9e1c4df5f00c6c05e1cfbdabd13c1d9e9c8f + expected-commit: 5eb88bd6c5fea761592e1e20b23fe08596593bd1 - name: Build runs: | diff --git a/debezium-connector-spanner-3.0.yaml b/debezium-connector-spanner-3.0.yaml index 810dff89722..cc9c7e55c44 100644 --- a/debezium-connector-spanner-3.0.yaml +++ b/debezium-connector-spanner-3.0.yaml @@ -1,7 +1,7 @@ package: name: debezium-connector-spanner-3.0 - version: 3.0.2 - epoch: 1 + version: 3.0.3 + epoch: 0 description: An incubating Debezium CDC connector for Google Spanner copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/debezium/debezium-connector-spanner tag: v${{package.version}}.Final - expected-commit: 4e0f93021b2b653d0f7e36f18d8bacb092f5dc1f + expected-commit: ab66d031220eb7321a0424ac032bb7e98feae9d1 - uses: maven/pombump diff --git a/debezium-connector-vitess-3.0.yaml b/debezium-connector-vitess-3.0.yaml index 096cade0703..a1ffbb1c3f3 100644 --- a/debezium-connector-vitess-3.0.yaml +++ b/debezium-connector-vitess-3.0.yaml @@ -1,7 +1,7 @@ package: name: debezium-connector-vitess-3.0 - version: 3.0.2 - epoch: 1 + version: 3.0.3 + epoch: 0 description: An incubating Debezium CDC connector for Vitess copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/debezium/debezium-connector-vitess tag: v${{package.version}}.Final - expected-commit: f1afd23b8e05d692755996d2a1d1e3aa7d9371ac + expected-commit: 28afab8314764989a33069fa2c2a05d4ec500561 - uses: maven/pombump diff --git a/deno.yaml b/deno.yaml index 5f3053d07a9..e3a6e0cdb5f 100644 --- a/deno.yaml +++ b/deno.yaml @@ -1,6 +1,6 @@ package: name: deno - version: 2.1.1 + version: 2.1.2 epoch: 0 description: "A modern runtime for JavaScript and TypeScript." copyright: @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/denoland/deno tag: v${{package.version}} - expected-commit: 5d71b461530f7c374c08701cef5678a5a4ac5484 + expected-commit: 2039abe8d2bc82fa800f4118707a48ac6f5e02ae - name: Configure and build runs: | diff --git a/docker-cli-buildx.yaml b/docker-cli-buildx.yaml index 265cbb30c52..f9d23e7f6af 100644 --- a/docker-cli-buildx.yaml +++ b/docker-cli-buildx.yaml @@ -1,6 +1,6 @@ package: name: docker-cli-buildx - version: 0.18.0 + version: 0.19.1 epoch: 0 description: buildx is a Docker CLI plugin for extended build capabilities with BuildKit. copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/docker/buildx tag: v${{package.version}} - expected-commit: fa4461b9a1ec45c23d1b9e32dee0d0a8ed29900b + expected-commit: 5113f9ea89afd597302961caf99cecd142c7ba05 - runs: | mkdir -p ${{targets.destdir}}/usr/libexec/docker/cli-plugins/ @@ -27,6 +27,11 @@ pipeline: chmod +x bin/build/docker-buildx cp bin/build/docker-buildx ${{targets.destdir}}/usr/libexec/docker/cli-plugins/ +test: + pipeline: + - runs: | + /usr/libexec/docker/cli-plugins/docker-buildx version | grep ${{package.version}} + update: enabled: true github: diff --git a/docker-compose.yaml b/docker-compose.yaml index 46d39d593ea..2c4d1fd6e5e 100644 --- a/docker-compose.yaml +++ b/docker-compose.yaml @@ -1,6 +1,6 @@ package: name: docker-compose - version: 2.30.3 + version: 2.31.0 epoch: 0 description: Define and run multi-container applications with Docker copyright: @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/docker/compose tag: v${{package.version}} - expected-commit: a8bfbc147a8b77bb0c0f9553365babb643b0a4f7 + expected-commit: a8469db83f514a5abe4681c7fee773061f1941c6 - runs: | mkdir -p ${{targets.destdir}}/usr/bin diff --git a/docker-selenium.yaml b/docker-selenium.yaml index e930cf1087d..107a91a2514 100644 --- a/docker-selenium.yaml +++ b/docker-selenium.yaml @@ -4,7 +4,7 @@ package: # But the '-' is not a valid character according to APK versioning spec; and resulting # 'package format error' when trying to install the package. The workaround is # to replace '-' with '.', then mangling the version to replace back. - version: 4.26.0.20241101 + version: 4.27.0.20241127 epoch: 0 description: Provides a simple way to run Selenium Grid with Chrome, Firefox, and Edge using Docker, making it easier to perform browser automation copyright: @@ -57,7 +57,7 @@ pipeline: with: repository: https://github.com/SeleniumHQ/docker-selenium tag: ${{vars.mangled-package-version}} - expected-commit: 6ce652ba6ec1108d7ce05b4af5ea140d73873b59 + expected-commit: c5e10a7c7f8e6538f5bee7079a7d6f7e0587368b - uses: patch with: diff --git a/dynamic-localpv-provisioner.yaml b/dynamic-localpv-provisioner.yaml index f2c96a3b6c1..adb36db7a85 100644 --- a/dynamic-localpv-provisioner.yaml +++ b/dynamic-localpv-provisioner.yaml @@ -1,7 +1,7 @@ package: name: dynamic-localpv-provisioner - version: 4.1.1 - epoch: 1 + version: 4.1.2 + epoch: 0 description: Dynamic Local Volumes for Kubernetes Stateful workloads. copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ pipeline: with: repository: https://github.com/openebs/dynamic-localpv-provisioner tag: v${{package.version}} - expected-commit: 689f5cd6b655adb84a3f94d83bb705259d31c762 + expected-commit: 86db732d589cbdebb2d53f2a19f8e44430cb345b - uses: go/bump with: diff --git a/envoy-gateway.yaml b/envoy-gateway.yaml index 2d919e509d5..dead8c65789 100644 --- a/envoy-gateway.yaml +++ b/envoy-gateway.yaml @@ -1,6 +1,6 @@ package: name: envoy-gateway - version: 1.2.1 + version: 1.2.2 epoch: 0 description: Manages Envoy Proxy as a Standalone or Kubernetes-based Application Gateway copyright: @@ -14,7 +14,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 1e7263bc05566559a67ed028b633fb3580f61682 + expected-commit: 4901ba0a3002cca8551f8a3c84b397b7286573d5 repository: https://github.com/envoyproxy/gateway tag: v${{package.version}} diff --git a/eza.yaml b/eza.yaml index 3333eac6b3c..c8f12a0d106 100644 --- a/eza.yaml +++ b/eza.yaml @@ -1,7 +1,7 @@ package: name: eza - version: 0.20.9 - epoch: 1 + version: 0.20.10 + epoch: 0 description: "A modern, maintained replacement for ls" copyright: - license: EUPL-1.2 @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/eza-community/eza tag: v${{package.version}} - expected-commit: 83ca7b3bde7e7d0000953c6e342325de9558ead4 + expected-commit: 0862493ebded918454f97e7291537ce4e2643711 - runs: | cargo fetch diff --git a/falcosidekick.yaml b/falcosidekick.yaml index 6f2a7b60a36..0d51f942e05 100644 --- a/falcosidekick.yaml +++ b/falcosidekick.yaml @@ -1,7 +1,7 @@ package: name: falcosidekick - version: 2.29.0 - epoch: 4 + version: 2.30.0 + epoch: 0 description: Connect Falco to your ecosystem copyright: - license: MIT @@ -18,14 +18,10 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 795594066d60f39e4188f23a10d5620557d99979 + expected-commit: d4483901926f3ac55d0546fde2b51f1da9dc1aaa repository: https://github.com/falcosecurity/falcosidekick tag: ${{package.version}} - - uses: go/bump - with: - deps: google.golang.org/grpc@v1.64.1 - - runs: | make falcosidekick RELEASE=${{package.version}} mkdir -p ${{targets.destdir}}/usr/bin diff --git a/fluent-bit-3.2.yaml b/fluent-bit-3.2.yaml index 28521b44237..1b54138f70a 100644 --- a/fluent-bit-3.2.yaml +++ b/fluent-bit-3.2.yaml @@ -1,6 +1,6 @@ package: name: fluent-bit-3.2 - version: 3.2.1 + version: 3.2.2 epoch: 0 description: Fast and Lightweight Log processor and forwarder copyright: @@ -35,7 +35,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/fluent/fluent-bit - expected-commit: 600b5a955b5ef7b9d025e0c128432260d0c6a5f1 + expected-commit: a59c8679248b26bec81ed653306996d93b6e711c tag: v${{package.version}} - runs: | diff --git a/fluent-plugin-tag-normaliser.yaml b/fluent-plugin-tag-normaliser.yaml index bcaed8ccd4b..d87fc6e3624 100644 --- a/fluent-plugin-tag-normaliser.yaml +++ b/fluent-plugin-tag-normaliser.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-tag package: name: fluent-plugin-tag-normaliser - version: 0_git20241124 + version: 0_git20241128 epoch: 0 description: Tag-normaliser is a `fluentd` plugin to help re-tag logs with Kubernetes metadata. It uses special placeholders to change tag. copyright: diff --git a/font-padauk.yaml b/font-padauk.yaml index 8a28a6ae1c2..97025a4d58f 100644 --- a/font-padauk.yaml +++ b/font-padauk.yaml @@ -1,6 +1,6 @@ package: name: font-padauk - version: 5.001 + version: "5.100" epoch: 0 description: Padauk pan Myanmar font copyright: @@ -25,7 +25,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/silnrsi/font-padauk - expected-commit: 278b8efb03c0ca0d7f29fb3edc1f52489ebb384f + expected-commit: a84fd3c83bc6e6ec120ca0a24b726c6e19e26bb1 tag: v${{package.version}} - runs: | diff --git a/gh.yaml b/gh.yaml index b096be0ae03..3733bbe7d0f 100644 --- a/gh.yaml +++ b/gh.yaml @@ -1,6 +1,6 @@ package: name: gh - version: 2.62.0 + version: 2.63.0 epoch: 0 description: GitHub's official command line tool copyright: @@ -18,7 +18,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: cd3f2ad064fbeca17d330e321fef0591eaa0fea5 + expected-commit: 1fe14c956d057e6abda50a76d8820a6e668ba70a repository: https://github.com/cli/cli tag: v${{package.version}} diff --git a/git-lfs.yaml b/git-lfs.yaml index 9ddaae37778..5a55d111cd1 100644 --- a/git-lfs.yaml +++ b/git-lfs.yaml @@ -1,13 +1,20 @@ package: name: git-lfs version: 3.6.0 - epoch: 0 + epoch: 2 description: "large file support for git" copyright: - license: MIT dependencies: runtime: - git + scriptlets: + post-install: | + #!/bin/sh + git-lfs install --skip-repo --system + pre-deinstall: | + #!/bin/sh + git lfs uninstall --skip-repo --system pipeline: - uses: git-checkout @@ -22,6 +29,18 @@ pipeline: packages: . output: git-lfs +subpackages: + - name: git-lfs-config + description: system wide git-lfs config + dependencies: + runtime: + - git-lfs + pipeline: + - runs: | + ${{targets.destdir}}/usr/bin/git-lfs install --skip-repo --system + mkdir -p ${{targets.subpkgdir}}/etc/ + cp /etc/gitconfig ${{targets.subpkgdir}}/etc/gitconfig + update: enabled: true github: diff --git a/gitaly-17.5.yaml b/gitaly-17.6.yaml similarity index 96% rename from gitaly-17.5.yaml rename to gitaly-17.6.yaml index aaac6fdb720..391edab5828 100644 --- a/gitaly-17.5.yaml +++ b/gitaly-17.6.yaml @@ -1,6 +1,6 @@ package: - name: gitaly-17.5 - version: 17.5.3 + name: gitaly-17.6 + version: 17.6.1 epoch: 0 description: copyright: @@ -36,7 +36,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/gitaly.git tag: v${{package.version}} - expected-commit: 57d16586a4030ed1bddc4ce958f475ddf07954d0 + expected-commit: 8ff903b7156a5402d72f354dfa37696d00ef5ed6 - runs: | make install DESTDIR="${{targets.destdir}}" PREFIX=/usr @@ -105,7 +105,7 @@ update: enabled: true git: strip-prefix: v - tag-filter-prefix: v17.5 + tag-filter-prefix: v17.6 test: pipeline: diff --git a/glab.yaml b/glab.yaml index 06915c0b95e..1bc7045fb5c 100644 --- a/glab.yaml +++ b/glab.yaml @@ -4,7 +4,7 @@ #nolint:git-checkout-must-use-github-updates package: name: glab - version: 1.49.0 + version: 1.50.0 epoch: 0 description: A GitLab CLI tool bringing GitLab to your command line copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/cli tag: v${{package.version}} - expected-commit: 3e70664b62c2a06c5b1fced624612a99fc58a2ed + expected-commit: 2f23daa519be7cdd2562255235f6b1ad0da1931d - uses: go/build with: diff --git a/go-discover.yaml b/go-discover.yaml index fddabdd0065..4098a6bd4d1 100644 --- a/go-discover.yaml +++ b/go-discover.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-tag package: name: go-discover - version: 0_git20241124 + version: 0_git20241128 epoch: 0 description: go-discover is a Go (golang) library and command line tool to discover ip addresses of nodes in cloud environments based on meta information like tags provided by the environment. copyright: diff --git a/grafana-rollout-operator.yaml b/grafana-rollout-operator.yaml index 1d31bcb8656..5529e1f3117 100644 --- a/grafana-rollout-operator.yaml +++ b/grafana-rollout-operator.yaml @@ -1,7 +1,7 @@ package: name: grafana-rollout-operator - version: 0.20.1 - epoch: 1 + version: 0.21.0 + epoch: 0 description: Kubernetes Rollout Operator copyright: - license: Apache-2.0 @@ -11,7 +11,7 @@ pipeline: with: repository: https://github.com/grafana/rollout-operator tag: v${{package.version}} - expected-commit: e74c10fade60ae17d522dbaf7d152f5c894d1849 + expected-commit: b1e8ac46d861e1759d321c91404e593a1db8ea39 - uses: go/build with: diff --git a/grpc-1.68.yaml b/grpc-1.68.yaml index 68bf8f8e350..5590cd1bf61 100644 --- a/grpc-1.68.yaml +++ b/grpc-1.68.yaml @@ -1,6 +1,6 @@ package: name: grpc-1.68 - version: 1.68.0 + version: 1.68.1 epoch: 0 description: The C based gRPC copyright: @@ -72,7 +72,7 @@ pipeline: with: repository: https://github.com/grpc/grpc tag: v${{package.version}} - expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e + expected-commit: 796e87f16136533977b8647b50a020519fd7a137 - runs: | cd third_party diff --git a/grpcurl.yaml b/grpcurl.yaml index b98ca6ee10f..97ee5582724 100644 --- a/grpcurl.yaml +++ b/grpcurl.yaml @@ -1,7 +1,7 @@ package: name: grpcurl - version: 1.9.1 - epoch: 6 + version: 1.9.2 + epoch: 0 description: CLI tool to interact with gRPC servers copyright: - license: MIT @@ -22,14 +22,10 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 400fa5f2d354f662c2e39c8b1f8ef71f50498075 + expected-commit: b9a11e9fea796d968e2dd83573312ead4b6fd831 repository: https://github.com/fullstorydev/grpcurl tag: v${{package.version}} - - uses: go/bump - with: - deps: golang.org/x/net@v0.23.0 google.golang.org/grpc@v1.61.0 google.golang.org/protobuf@v1.33.1-0.20240408130810-98873a205002 - - uses: go/build with: packages: ./cmd/grpcurl diff --git a/hardening-check.yaml b/hardening-check.yaml index 87e2ce99359..1e7029e6458 100644 --- a/hardening-check.yaml +++ b/hardening-check.yaml @@ -1,6 +1,6 @@ package: name: hardening-check - version: 2.24.4 + version: 2.24.5 epoch: 0 description: "Debian devscripts hardening-check" copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://salsa.debian.org/debian/devscripts.git tag: v${{package.version}} - expected-commit: 25ee5fe3ef007e4dadd7de854da0d1e38584b799 + expected-commit: 002f25d4097b1e18c4dc46ae101d4b410bb757a2 - runs: | mkdir -p "${{targets.destdir}}"/usr/bin diff --git a/jenkins.yaml b/jenkins.yaml index 0c4fd477bda..d70b827cd12 100644 --- a/jenkins.yaml +++ b/jenkins.yaml @@ -1,6 +1,6 @@ package: name: jenkins - version: "2.485" + version: "2.487" epoch: 0 description: Open-source CI/CD application. copyright: @@ -44,7 +44,7 @@ pipeline: with: repository: https://github.com/jenkinsci/jenkins tag: jenkins-${{package.version}} - expected-commit: a30309847a598d7d444f10bef744ee4d5c755e12 + expected-commit: 37069bd17d167e292915e2308ea6cf39c8e16c00 - uses: patch with: diff --git a/k3s.yaml b/k3s.yaml index 6a8246048ba..f9ab85e1b2b 100644 --- a/k3s.yaml +++ b/k3s.yaml @@ -1,7 +1,7 @@ package: name: k3s version: 1.31.2.1 - epoch: 3 + epoch: 4 description: copyright: - license: Apache-2.0 @@ -9,7 +9,12 @@ package: runtime: - busybox - conntrack-tools - - containerd-shim-runc-v2 + # containerd-shim-runc-v2 is now pulling in versions > 2.0.0 by default. (https://github.com/containerd/containerd/issues/10984) + # pinning is required because any version >2.0.0 is not compatible with daemon < 2.0.0 + # daemon in this case is coming from k3s itself and they've not migrated yet to version > 2.0.0 + # there's is an issue tracking k3s update to containerd > 2.0.0 (https://github.com/k3s-io/k3s/issues/11375) + # remove pin once upstream migrates to containerd > 2.0.0 + - containerd-shim-runc-v2=~1 - ip6tables # this pulls in iptables as well - kmod - libseccomp @@ -65,10 +70,8 @@ pipeline: ./scripts/download - uses: go/bump with: - deps: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.54.0 google.golang.org/grpc@v1.67.0 github.com/golang-jwt/jwt/v4@v4.5.1 + deps: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.54.0 google.golang.org/grpc@v1.67.0 github.com/golang-jwt/jwt/v4@v4.5.1 github.com/opencontainers/runc@v1.1.14 - runs: | - sed -i '/VERSION_RUNC=$(get-module-version github.com\/opencontainers\/runc)/a VERSION_RUNC="v1.1.14"' ./scripts/version.sh - # Override the go version check at runtime to always match the go version at build time # Ref: https://github.com/k3s-io/k3s/pull/9054 GOVERSION=$(go env GOVERSION) @@ -224,55 +227,6 @@ subpackages: portmap --version portmap --help - - name: k3s-images - description: "pre-packaged k3s core runtime images" - pipeline: - - runs: | - set -e -u -x - - _arch=$(go env GOARCH) - - images="" - while read -r line - do - repo=$(echo $line | cut -d ':' -f 1) - tag=$(echo $line | cut -d ':' -f 2) - - # Replace upstream images with cgr.dev equivalents only if they exist - case $repo in - docker.io/rancher/klipper-helm|docker.io/rancher/klipper-lb|docker.io/rancher/local-path-provisioner|docker.io/rancher/mirrored-pause) - # TODO: Replace these known gaps with cgr variants - image="$repo:$tag@$(crane digest $repo:$tag)" - ;; - docker.io/rancher/mirrored-metrics-server) - image=$(crane digest --full-ref cgr.dev/chainguard/metrics-server:latest) - ;; - docker.io/rancher/mirrored-coredns-coredns) - image=$(crane digest --full-ref cgr.dev/chainguard/coredns:latest) - ;; - docker.io/rancher/mirrored-library-busybox) - image=$(crane digest --full-ref cgr.dev/chainguard/busybox:latest) - ;; - docker.io/rancher/mirrored-library-traefik) - image=$(crane digest --full-ref cgr.dev/chainguard/traefik:latest) - ;; - *) - echo "unaccounted for image: $repo:$tag" - exit 1 - ;; - esac - - images="$images $image" - done < ./scripts/airgap/image-list.txt - - echo "Pulling images locally..." - echo $images - - _images_path="${{targets.subpkgdir}}"/var/lib/rancher/k3s/agent/images - mkdir -p $_images_path - - crane pull $images $_images_path/k3s-airgap-images-$_arch.tar - update: enabled: true # Ignore any release-candidate tags diff --git a/kapp-controller.yaml b/kapp-controller.yaml index f060f66be69..3fee5cc2aa2 100644 --- a/kapp-controller.yaml +++ b/kapp-controller.yaml @@ -1,6 +1,6 @@ package: name: kapp-controller - version: 0.53.1 + version: 0.54.0 epoch: 0 description: Continuous delivery and package management for Kubernetes copyright: @@ -22,7 +22,7 @@ package: pipeline: - uses: git-checkout with: - expected-commit: 00aa728d6823620c03e3f4917cd565119b17c7d2 + expected-commit: 36280985b86416dd023682b7bb02e0ffe1c6171c repository: https://github.com/carvel-dev/kapp-controller tag: v${{package.version}} diff --git a/kots.yaml b/kots.yaml index 191b0ec94a3..2c045afd1c8 100644 --- a/kots.yaml +++ b/kots.yaml @@ -1,6 +1,6 @@ package: name: kots - version: 1.121.1 + version: 1.121.2 epoch: 0 description: Kubernetes Off-The-Shelf (KOTS) Software copyright: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/replicatedhq/kots tag: v${{package.version}} - expected-commit: e87a6570e4e730d9db6744830a891199c43461ec + expected-commit: 2417b58d3166126d8d2927af7bb760d4939c7ee3 - runs: | set -x diff --git a/kubeflow-centraldashboard.yaml b/kubeflow-centraldashboard.yaml index a163548a973..7e9ef162d69 100644 --- a/kubeflow-centraldashboard.yaml +++ b/kubeflow-centraldashboard.yaml @@ -1,7 +1,7 @@ package: name: kubeflow-centraldashboard version: 1.9.2 - epoch: 1 + epoch: 2 description: Landing page and central dashboard for Kubeflow deployments copyright: - license: MIT @@ -20,6 +20,7 @@ environment: - nodejs-18 - npm - openssl + - openssl-provider-legacy - wolfi-base pipeline: diff --git a/kubeflow-jupyter-web-app.yaml b/kubeflow-jupyter-web-app.yaml index 1059d576d6f..7aa71291916 100644 --- a/kubeflow-jupyter-web-app.yaml +++ b/kubeflow-jupyter-web-app.yaml @@ -1,7 +1,7 @@ package: name: kubeflow-jupyter-web-app version: 1.9.2 - epoch: 1 + epoch: 2 description: Kubeflow jupyter web app component copyright: - license: Apache-2.0 @@ -22,6 +22,7 @@ environment: - npm - openssf-compiler-options - openssl + - openssl-provider-legacy - py3-pip - py3-setuptools - py3-urllib3 diff --git a/kubeflow-volumes-web-app.yaml b/kubeflow-volumes-web-app.yaml index 941edfffed4..646bad88fdb 100644 --- a/kubeflow-volumes-web-app.yaml +++ b/kubeflow-volumes-web-app.yaml @@ -1,7 +1,7 @@ package: name: kubeflow-volumes-web-app version: 1.9.2 - epoch: 1 + epoch: 2 description: Kubeflow volumes web app component copyright: - license: Apache-2.0 @@ -22,6 +22,7 @@ environment: - npm - openssf-compiler-options - openssl + - openssl-provider-legacy - py3-pip - py3-setuptools - py3-wheel diff --git a/kyverno-policy-reporter-ui.yaml b/kyverno-policy-reporter-ui.yaml index a3b373e0f7a..0079c530676 100644 --- a/kyverno-policy-reporter-ui.yaml +++ b/kyverno-policy-reporter-ui.yaml @@ -1,7 +1,7 @@ package: name: kyverno-policy-reporter-ui version: 1.9.2 - epoch: 9 + epoch: 10 description: Policy Reporter UI copyright: - license: Apache-2.0 @@ -20,6 +20,7 @@ environment: - nodejs-18 - npm - openssl + - openssl-provider-legacy - python-3.11 - wolfi-baselayout diff --git a/lazydocker.yaml b/lazydocker.yaml new file mode 100644 index 00000000000..79138dc8a1a --- /dev/null +++ b/lazydocker.yaml @@ -0,0 +1,36 @@ +package: + name: lazydocker + version: 0.24.1 + epoch: 0 + description: The lazier way to manage everything docker + copyright: + - license: MIT + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/jesseduffield/lazydocker + tag: v${{package.version}} + expected-commit: be051153525b018a46f71a2b2ed42cde39a1110c + + - uses: go/build + with: + packages: . + ldflags: | + -X main.version=${{package.version}} + -X main.commit=$(git rev-parse HEAD) + -X main.date=$(date -u +"%Y-%m-%dT%H:%M:%SZ") + -X main.buildSource=wolfiRelease + output: lazydocker + +update: + enabled: true + github: + identifier: jesseduffield/lazydocker + strip-prefix: v + +test: + pipeline: + - runs: | + lazydocker --version + lazydocker --help diff --git a/lerna.yaml b/lerna.yaml index a5b6d2d6d14..bcd5f62d4a7 100644 --- a/lerna.yaml +++ b/lerna.yaml @@ -1,7 +1,7 @@ package: name: lerna version: 8.1.9 - epoch: 0 + epoch: 1 description: "Lerna is a fast, modern build system for managing and publishing multiple JavaScript/TypeScript packages from the same repository." copyright: - license: MIT @@ -30,6 +30,9 @@ pipeline: # CVE GHSA-8hc4-vh64-cxmj npm install axios@1.7.4 -prefix ${{targets.destdir}}/usr/local/lib/node_modules/lerna/ + # CVE GHSA-3xgq-45jj-v275 + npm install cross-spawn@7.0.5 -prefix ${{targets.destdir}}/usr/local/lib/node_modules/lerna/ + # https://github.com/browserify/resolve/issues/288 sed -i 's/monorepo-symlink-test/false-positive/g' ${{targets.destdir}}/usr/local/lib/node_modules/lerna/node_modules/resolve/test/resolver/multirepo/package.json diff --git a/libreoffice-24.8.yaml b/libreoffice-24.8.yaml index 8e40893c2ec..df4583cc69e 100644 --- a/libreoffice-24.8.yaml +++ b/libreoffice-24.8.yaml @@ -1,6 +1,6 @@ package: name: libreoffice-24.8 - version: 24.8.3.2 + version: 24.8.4.1 epoch: 0 description: # https://www.libreoffice.org/about-us/licenses @@ -101,7 +101,7 @@ pipeline: with: repository: https://github.com/LibreOffice/core tag: libreoffice-${{package.version}} - expected-commit: 48a6bac9e7e268aeb4c3483fcf825c94556d9f92 + expected-commit: 1be9007f5d86a3741c366527d13e2970cbeef057 # patch rather than cherry-pick. The git fetch of main takes multiple minutes. - uses: patch diff --git a/mariadb-11.5.yaml b/mariadb-11.5.yaml deleted file mode 100644 index 18f824c7573..00000000000 --- a/mariadb-11.5.yaml +++ /dev/null @@ -1,343 +0,0 @@ -package: - name: mariadb-11.5 - version: 11.5.2 - epoch: 4 - description: "The MariaDB open source relational database" - copyright: - - license: GPL-3.0-or-later - resources: - cpu: 33 - memory: 32Gi - dependencies: - runtime: - - pwgen - provides: - - mariadb=${{package.full-version}} - -environment: - contents: - packages: - - bison - - build-base - - busybox - - ca-certificates-bundle - - cmake - - libaio-dev - - libevent-dev - - linux-pam-dev - - ncurses-dev - - openssf-compiler-options - - openssl-dev - - pcre2-dev - - readline-dev - - samurai - - wolfi-baselayout - - xz-dev - -pipeline: - - uses: git-checkout - with: - repository: https://github.com/MariaDB/server.git - tag: mariadb-${{package.version}} - expected-commit: ea75a0b6009b0251e83193cd38c3974e36b65e06 - - - name: "Cmake" - runs: | - cmake . -G Ninja \ - -DBUILD_CONFIG=mysql_release \ - -DCMAKE_BUILD_TYPE=MinSizeRel \ - -DCMAKE_INSTALL_PREFIX=/usr \ - -DSYSCONFDIR=/etc \ - -DSYSCONF2DIR=/etc/my.cnf.d \ - -DMYSQL_DATADIR=/var/lib/mysql \ - -DMYSQL_UNIX_ADDR=/run/mysqld/mysqld.sock \ - -DDEFAULT_CHARSET=utf8mb4 \ - -DDEFAULT_COLLATION=utf8mb4_general_ci \ - -DENABLED_LOCAL_INFILE=ON \ - -DINSTALL_INFODIR=share/info \ - -DINSTALL_MANDIR=share/man \ - -DINSTALL_PLUGINDIR=lib/${{package.name}}/plugin \ - -DINSTALL_SCRIPTDIR=bin \ - -DINSTALL_INCLUDEDIR=include/mysql \ - -DINSTALL_DOCREADMEDIR=share/doc/${{package.name}} \ - -DINSTALL_SUPPORTFILESDIR=share/${{package.name}} \ - -DINSTALL_MYSQLSHAREDIR=share/${{package.name}} \ - -DINSTALL_DOCDIR=share/doc/${{package.name}} \ - -DTMPDIR=/var/tmp \ - -DCONNECT_WITH_MYSQL=ON \ - -DCONNECT_WITH_LIBXML2=system \ - -DCONNECT_WITH_ODBC=NO \ - -DCONNECT_WITH_JDBC=NO \ - -DPLUGIN_ARCHIVE=YES \ - -DPLUGIN_ARIA=YES \ - -DPLUGIN_BLACKHOLE=YES \ - -DPLUGIN_CASSANDRA=NO \ - -DPLUGIN_CSV=YES \ - -DPLUGIN_MYISAM=YES \ - -DPLUGIN_MROONGA=NO \ - -DPLUGIN_OQGRAPH=NO \ - -DPLUGIN_PARTITION=YES \ - -DPLUGIN_ROCKSDB=NO \ - -DPLUGIN_SPHINX=NO \ - -DPLUGIN_TOKUDB=NO \ - -DPLUGIN_AUTH_GSSAPI=NO \ - -DPLUGIN_AUTH_GSSAPI_CLIENT=OFF \ - -DPLUGIN_CRACKLIB_PASSWORD_CHECK=NO \ - -DWITH_ASAN=OFF \ - -DWITH_EMBEDDED_SERVER=ON \ - -DWITH_EXTRA_CHARSETS=complex \ - -DWITH_INNODB_BZIP2=OFF \ - -DWITH_INNODB_LZ4=OFF \ - -DWITH_INNODB_LZMA=ON \ - -DWITH_INNODB_LZO=OFF \ - -DWITH_INNODB_SNAPPY=OFF \ - -DWITH_ROCKSDB_BZIP2=OFF \ - -DWITH_ROCKSDB_JEMALLOC=OFF \ - -DWITH_ROCKSDB_LZ4=OFF \ - -DWITH_ROCKSDB_ZSTD=OFF \ - -DWITH_ROCKSDB_SNAPPY=OFF \ - -DWITH_JEMALLOC=NO \ - -DWITH_LIBARCHIVE=system \ - -DWITH_LIBNUMA=NO \ - -DWITH_LIBWRAP=OFF \ - -DWITH_LIBWSEP=OFF \ - -DWITH_MARIABACKUP=ON \ - -DWITH_PCRE=system \ - -DWITH_PIC=ON \ - -DWITH_READLINE=ON \ - -DWITH_SYSTEMD=no \ - -DWITH_SSL=system \ - -DWITH_VALGRIND=OFF \ - -DWITH_ZLIB=system \ - -DSKIP_TESTS=ON - - - name: "Install" - runs: | - DESTDIR="${{targets.destdir}}" ninja install - - - name: "Remove extras" - runs: | - rm -rf "${{targets.destdir}}"/usr/local/mysql/sql-bench/ - rm -rf "${{targets.destdir}}"/usr/local/mysql/mysql-test/ - - rm -rf "${{targets.destdir}}"/usr/bin/mariadb_config - rm -rf "${{targets.destdir}}"/usr/bin/mysql_config - rm -rf "${{targets.destdir}}"/usr/include/mysql/errmsg.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/ma_list.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/ma_pvio.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/ma_tls.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb/ma_io.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb_com.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb_ctype.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb_dyncol.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb_stmt.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mariadb_version.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysql.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysql/client_plugin.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysql/plugin_auth.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysql/plugin_auth_common.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysql_version.h - rm -rf "${{targets.destdir}}"/usr/include/mysql/mysqld_error.h - rm -rf "${{targets.destdir}}"/usr/lib/${{package.name}}/plugin/dialog.so - rm -rf "${{targets.destdir}}"/usr/lib/${{package.name}}/plugin/mysql_clear_password.so - rm -rf "${{targets.destdir}}"/usr/lib/${{package.name}}/plugin/sha256_password.so - rm -rf "${{targets.destdir}}"/usr/lib/${{package.name}}/plugin/caching_sha2_password.so - rm -rf "${{targets.destdir}}"/usr/lib/${{package.name}}/plugin/client_ed25519.so - rm -rf "${{targets.destdir}}"/usr/lib/libmysqlclient.so - rm -rf "${{targets.destdir}}"/usr/lib/libmysqlclient_r.so - rm -rf "${{targets.destdir}}"/usr/lib/libmariadb.so* - rm -rf "${{targets.destdir}}"/usr/lib/pkgconfig/libmariadb.pc - - - name: "make mysql data dir " - runs: | - mkdir -p "${{targets.destdir}}"/var/lib/mysql - -subpackages: - - name: "${{package.name}}-dev" - description: "headers for mariadb" - dependencies: - provides: - - mariadb-dev=${{package.full-version}} - pipeline: - - uses: split/dev - - - name: "${{package.name}}-doc" - dependencies: - provides: - - mariadb-doc=${{package.full-version}} - pipeline: - - uses: split/manpages - - - name: "${{package.name}}-bench" - dependencies: - provides: - - mariadb-bench=${{package.full-version}} - pipeline: - - runs: | - mkdir -p "${{targets.subpkgdir}}"/usr/share/ - mv "${{targets.destdir}}"/usr/sql-bench "${{targets.subpkgdir}}"/usr/share - - - name: "${{package.name}}-backup" - dependencies: - provides: - - mariadb-backup=${{package.full-version}} - pipeline: - - runs: | - mkdir -p "${{targets.subpkgdir}}"/usr/bin - mv "${{targets.destdir}}"/usr/bin/mariabackup \ - "${{targets.destdir}}"/usr/bin/mariadb-backup \ - "${{targets.destdir}}"/usr/bin/mbstream \ - "${{targets.subpkgdir}}"/usr/bin/ - - - name: "${{package.name}}-client" - dependencies: - provides: - - mariadb-client=${{package.full-version}} - pipeline: - - runs: | - mkdir -p "${{targets.subpkgdir}}"/usr/bin - mv "${{targets.destdir}}"/usr/bin/mariadb "${{targets.subpkgdir}}"/usr/bin/ - - - name: "${{package.name}}-oci-entrypoint" - description: Entrypoint for using HAProxy in OCI containers - dependencies: - provides: - - mariadb-oci-entrypoint=${{package.full-version}} - runtime: - - bash - - busybox - pipeline: - - runs: | - mkdir -p ${{targets.subpkgdir}}/usr/local/bin/ - cp docker-entrypoint.sh ${{targets.subpkgdir}}/usr/local/bin/ - chmod +x ${{targets.subpkgdir}}/usr/local/bin/docker-entrypoint.sh - - - name: "${{package.name}}-embedded" - description: Emedded library for mariadb - dependencies: - provides: - - mariadb-embedded=${{package.full-version}} - pipeline: - - runs: | - mkdir -p ${{targets.subpkgdir}}/usr/bin/ - mv "${{targets.destdir}}"/usr/bin/mariadb-embedded "${{targets.subpkgdir}}"/usr/bin - - - name: "${{package.name}}-test" - dependencies: - provides: - - mariadb-test=${{package.full-version}} - pipeline: - - runs: | - mkdir -p "${{targets.subpkgdir}}"/usr - mv "${{targets.destdir}}"/usr/mariadb-test "${{targets.subpkgdir}}"/usr/ - -update: - enabled: true - github: - identifier: MariaDB/server - strip-prefix: mariadb- - use-tag: true - tag-filter: mariadb-11.5. - -test: - pipeline: - # AUTOGENERATED - - runs: | - aria_chk --version - aria_dump_log --version - aria_pack --version - aria_read_log --version - innochecksum --version - mariadb-access --version - mariadb-admin --version - mariadb-binlog --version - mariadb-check --version - mariadb-client-test --help - mariadb-client-test-embedded --help - mariadb-dump --version - mariadb-dumpslow --help - mariadb-find-rows --version - mariadb-import --version - mariadb-install-db --version - mariadb-plugin --version - mariadb-show --version - mariadb-slap --version - mariadb-test --version - mariadb-test-embedded --version - mariadb-tzinfo-to-sql --version - mariadb-waitpid --version - mariadbd --version - mariadbd-multi --version - my_print_defaults --version - myisamchk --version - myisamlog -? - myisampack --version - mysql_client_test --help - mysql_client_test_embedded --help - mysql_find_rows --version - mysql_install_db --version - mysql_plugin --version - mysql_tzinfo_to_sql --version - mysql_waitpid --version - mysqlaccess --version - mysqladmin --version - mysqlbinlog --version - mysqlcheck --version - mysqld --version - mysqld_multi --version - mysqldump --version - mysqldumpslow --help - mysqlimport --version - mysqlshow --version - mysqlslap --version - mysqltest --version - mysqltest_embedded --version - perror --version - replace -v - resolve_stack_dump --version - resolveip --version - aria_chk --help - aria_dump_log --help - aria_pack --help - aria_read_log --help - innochecksum --help - mariadb-access --help - mariadb-admin --help - mariadb-binlog --help - mariadb-check --help - mariadb-dump --help - mariadb-dumpslow version - mariadb-find-rows --help - mariadb-import --help - mariadb-plugin --help - mariadb-show --help - mariadb-slap --help - mariadb-test --help - mariadb-test-embedded --help - mariadb-tzinfo-to-sql --help - mariadb-waitpid --help - mariadbd --help - mariadbd-multi --help - my_print_defaults --help - myisamchk --help - myisampack --help - mysql_find_rows --help - mysql_plugin --help - mysql_tzinfo_to_sql --help - mysql_waitpid --help - mysqlaccess --help - mysqladmin --help - mysqlbinlog --help - mysqlcheck --help - mysqld --help - mysqld_multi --help - mysqldump --help - mysqldumpslow version - mysqlimport --help - mysqlshow --help - mysqlslap --help - mysqltest --help - mysqltest_embedded --help - perror --help - replace -h - resolveip --help diff --git a/mariadb-11.5/docker-entrypoint.sh b/mariadb-11.5/docker-entrypoint.sh deleted file mode 100644 index aa6e9f27b42..00000000000 --- a/mariadb-11.5/docker-entrypoint.sh +++ /dev/null @@ -1,725 +0,0 @@ -#!/bin/bash - -# This script came from https://github.com/MariaDB/mariadb-docker/blob/master/11.5/docker-entrypoint.sh -# The only change is to tweak the logging function and remove the --rfc flag since it's not supported in our date impl -set -eo pipefail -shopt -s nullglob - -# logging functions -mysql_log() { - local type="$1"; shift - printf '%s [%s] [Entrypoint]: %s\n' "$(date)" "$type" "$*" -} -mysql_note() { - mysql_log Note "$@" -} -mysql_warn() { - mysql_log Warn "$@" >&2 -} -mysql_error() { - mysql_log ERROR "$@" >&2 - exit 1 -} - -# usage: file_env VAR [DEFAULT] -# ie: file_env 'XYZ_DB_PASSWORD' 'example' -# (will allow for "$XYZ_DB_PASSWORD_FILE" to fill in the value of -# "$XYZ_DB_PASSWORD" from a file, especially for Docker's secrets feature) -file_env() { - local var="$1" - local fileVar="${var}_FILE" - local def="${2:-}" - if [ "${!var:-}" ] && [ "${!fileVar:-}" ]; then - mysql_error "Both $var and $fileVar are set (but are exclusive)" - fi - local val="$def" - if [ "${!var:-}" ]; then - val="${!var}" - elif [ "${!fileVar:-}" ]; then - val="$(< "${!fileVar}")" - fi - export "$var"="$val" - unset "$fileVar" -} - -# set MARIADB_xyz from MYSQL_xyz when MARIADB_xyz is unset -# and make them the same value (so user scripts can use either) -_mariadb_file_env() { - local var="$1"; shift - local maria="MARIADB_${var#MYSQL_}" - file_env "$var" "$@" - file_env "$maria" "${!var}" - if [ "${!maria:-}" ]; then - export "$var"="${!maria}" - fi -} - -# check to see if this file is being run or sourced from another script -_is_sourced() { - # https://unix.stackexchange.com/a/215279 - [ "${#FUNCNAME[@]}" -ge 2 ] \ - && [ "${FUNCNAME[0]}" = '_is_sourced' ] \ - && [ "${FUNCNAME[1]}" = 'source' ] -} - -# usage: docker_process_init_files [file [file [...]]] -# ie: docker_process_init_files /always-initdb.d/* -# process initializer files, based on file extensions -docker_process_init_files() { - # mysql here for backwards compatibility "${mysql[@]}" - # ShellCheck: mysql appears unused. Verify use (or export if used externally) - # shellcheck disable=SC2034 - mysql=( docker_process_sql ) - - echo - local f - for f; do - case "$f" in - *.sh) - # https://github.com/docker-library/postgres/issues/450#issuecomment-393167936 - # https://github.com/docker-library/postgres/pull/452 - if [ -x "$f" ]; then - mysql_note "$0: running $f" - "$f" - else - mysql_note "$0: sourcing $f" - # ShellCheck can't follow non-constant source. Use a directive to specify location. - # shellcheck disable=SC1090 - . "$f" - fi - ;; - *.sql) mysql_note "$0: running $f"; docker_process_sql < "$f"; echo ;; - *.sql.gz) mysql_note "$0: running $f"; gunzip -c "$f" | docker_process_sql; echo ;; - *.sql.xz) mysql_note "$0: running $f"; xzcat "$f" | docker_process_sql; echo ;; - *.sql.zst) mysql_note "$0: running $f"; zstd -dc "$f" | docker_process_sql; echo ;; - *) mysql_warn "$0: ignoring $f" ;; - esac - echo - done -} - -# arguments necessary to run "mariadbd --verbose --help" successfully (used for testing configuration validity and for extracting default/configured values) -_verboseHelpArgs=( - --verbose --help -) - -mysql_check_config() { - local toRun=( "$@" "${_verboseHelpArgs[@]}" ) errors - if ! errors="$("${toRun[@]}" 2>&1 >/dev/null)"; then - mysql_error $'mariadbd failed while attempting to check config\n\tcommand was: '"${toRun[*]}"$'\n\t'"$errors" - fi -} - -# Fetch value from server config -# We use mariadbd --verbose --help instead of my_print_defaults because the -# latter only show values present in config files, and not server defaults -mysql_get_config() { - local conf="$1"; shift - "$@" "${_verboseHelpArgs[@]}" 2>/dev/null \ - | awk -v conf="$conf" '$1 == conf && /^[^ \t]/ { sub(/^[^ \t]+[ \t]+/, ""); print; exit }' - # match "datadir /some/path with/spaces in/it here" but not "--xyz=abc\n datadir (xyz)" -} - -# Do a temporary startup of the MariaDB server, for init purposes -docker_temp_server_start() { - "$@" --skip-networking --default-time-zone=SYSTEM --socket="${SOCKET}" --wsrep_on=OFF \ - --expire-logs-days=0 \ - --loose-innodb_buffer_pool_load_at_startup=0 \ - --skip-ssl --ssl-cert='' --ssl-key='' --ssl-ca='' \ - & - declare -g MARIADB_PID - MARIADB_PID=$! - mysql_note "Waiting for server startup" - # only use the root password if the database has already been initialized - # so that it won't try to fill in a password file when it hasn't been set yet - extraArgs=() - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - extraArgs+=( '--dont-use-mysql-root-password' ) - fi - local i - for i in {30..0}; do - if docker_process_sql "${extraArgs[@]}" --database=mysql \ - --skip-ssl --skip-ssl-verify-server-cert \ - <<<'SELECT 1' &> /dev/null; then - break - fi - sleep 1 - done - if [ "$i" = 0 ]; then - mysql_error "Unable to start server." - fi -} - -# Stop the server. When using a local socket file mariadb-admin will block until -# the shutdown is complete. -docker_temp_server_stop() { - kill "$MARIADB_PID" - wait "$MARIADB_PID" -} - -# Verify that the minimally required password settings are set for new databases. -docker_verify_minimum_env() { - # Restoring from backup requires no environment variables - declare -g DATABASE_INIT_FROM_BACKUP - for file in /docker-entrypoint-initdb.d/*.tar{.gz,.xz,.zst}; do - if [ -f "${file}" ]; then - DATABASE_INIT_FROM_BACKUP='true' - return - fi - done - if [ -z "$MARIADB_ROOT_PASSWORD" ] && [ -z "$MARIADB_ROOT_PASSWORD_HASH" ] && [ -z "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] && [ -z "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then - mysql_error $'Database is uninitialized and password option is not specified\n\tYou need to specify one of MARIADB_ROOT_PASSWORD, MARIADB_ROOT_PASSWORD_HASH, MARIADB_ALLOW_EMPTY_ROOT_PASSWORD and MARIADB_RANDOM_ROOT_PASSWORD' - fi - # More preemptive exclusions of combinations should have been made before *PASSWORD_HASH was added, but for now we don't enforce due to compatibility. - if [ -n "$MARIADB_ROOT_PASSWORD" ] || [ -n "$MARIADB_ALLOW_EMPTY_ROOT_PASSWORD" ] || [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ] && [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then - mysql_error "Cannot specify MARIADB_ROOT_PASSWORD_HASH and another MARIADB_ROOT_PASSWORD* option." - fi - if [ -n "$MARIADB_PASSWORD" ] && [ -n "$MARIADB_PASSWORD_HASH" ]; then - mysql_error "Cannot specify MARIADB_PASSWORD_HASH and MARIADB_PASSWORD option." - fi - if [ -n "$MARIADB_REPLICATION_USER" ]; then - if [ -z "$MARIADB_MASTER_HOST" ]; then - # its a master, we're creating a user - if [ -z "$MARIADB_REPLICATION_PASSWORD" ] && [ -z "$MARIADB_REPLICATION_PASSWORD_HASH" ]; then - mysql_error "MARIADB_REPLICATION_PASSWORD or MARIADB_REPLICATION_PASSWORD_HASH not found to create replication user for master" - fi - else - # its a replica - if [ -z "$MARIADB_REPLICATION_PASSWORD" ] ; then - mysql_error "MARIADB_REPLICATION_PASSWORD is mandatory to specify the replication on the replica image." - fi - if [ -n "$MARIADB_REPLICATION_PASSWORD_HASH" ] ; then - mysql_warn "MARIADB_REPLICATION_PASSWORD_HASH cannot be specified on a replica" - fi - fi - fi - if [ -n "$MARIADB_MASTER_HOST" ] && { [ -z "$MARIADB_REPLICATION_USER" ] || [ -z "$MARIADB_REPLICATION_PASSWORD" ] ; }; then - mysql_error "For a replica, MARIADB_REPLICATION_USER and MARIADB_REPLICATION is mandatory." - fi -} - -# creates folders for the database -# also ensures permission for user mysql of run as root -docker_create_db_directories() { - local user; user="$(id -u)" - - # TODO other directories that are used by default? like /var/lib/mysql-files - # see https://github.com/docker-library/mysql/issues/562 - mkdir -p "$DATADIR" - - if [ "$user" = "0" ]; then - # this will cause less disk access than `chown -R` - find "$DATADIR" \! -user mysql \( -exec chown mysql: '{}' + -o -true \) - # See https://github.com/MariaDB/mariadb-docker/issues/363 - if [ "${SOCKET:0:1}" != '@' ]; then # not abstract sockets - find "${SOCKET%/*}" -maxdepth 0 \! -user mysql \( -exec chown mysql: '{}' \; -o -true \) - fi - - # memory.pressure - local cgroup; cgroup=$( "$DATADIR"/.my-healthcheck.cnf - $maskPreserve -} - -# Initializes database with timezone info and root password, plus optional extra db/user -docker_setup_db() { - # Load timezone info into database - if [ -z "$MARIADB_INITDB_SKIP_TZINFO" ]; then - # --skip-write-binlog usefully disables binary logging - # but also outputs LOCK TABLES to improve the IO of - # Aria (MDEV-23326) for 10.4+. - mariadb-tzinfo-to-sql --skip-write-binlog /usr/share/zoneinfo \ - | docker_process_sql --dont-use-mysql-root-password --database=mysql - # tell docker_process_sql to not use MYSQL_ROOT_PASSWORD since it is not set yet - fi - # Generate random root password - if [ -n "$MARIADB_RANDOM_ROOT_PASSWORD" ]; then - MARIADB_ROOT_PASSWORD="$(pwgen --numerals --capitalize --symbols --remove-chars="'\\" -1 32)" - export MARIADB_ROOT_PASSWORD MYSQL_ROOT_PASSWORD=$MARIADB_ROOT_PASSWORD - mysql_note "GENERATED ROOT PASSWORD: $MARIADB_ROOT_PASSWORD" - fi - - # Creates root users for non-localhost hosts - local rootCreate= - local rootPasswordEscaped= - if [ -n "$MARIADB_ROOT_PASSWORD" ]; then - # Sets root password and creates root users for non-localhost hosts - rootPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_ROOT_PASSWORD}") - fi - - # default root to listen for connections from anywhere - if [ -n "$MARIADB_ROOT_HOST" ] && [ "$MARIADB_ROOT_HOST" != 'localhost' ]; then - # ref "read -d ''", no, we don't care if read finds a terminating character in this heredoc - # https://unix.stackexchange.com/questions/265149/why-is-set-o-errexit-breaking-this-read-heredoc-expression/265151#265151 - if [ -n "$MARIADB_ROOT_PASSWORD_HASH" ]; then - read -r -d '' rootCreate <<-EOSQL || true - CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY PASSWORD '${MARIADB_ROOT_PASSWORD_HASH}' ; - GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ; - GRANT PROXY ON ''@'%' TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION; - EOSQL - else - read -r -d '' rootCreate <<-EOSQL || true - CREATE USER 'root'@'${MARIADB_ROOT_HOST}' IDENTIFIED BY '${rootPasswordEscaped}' ; - GRANT ALL ON *.* TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION ; - GRANT PROXY ON ''@'%' TO 'root'@'${MARIADB_ROOT_HOST}' WITH GRANT OPTION; - EOSQL - fi - fi - - local mysqlAtLocalhost= - local mysqlAtLocalhostGrants= - # Install mysql@localhost user - if [ -n "$MARIADB_MYSQL_LOCALHOST_USER" ]; then - read -r -d '' mysqlAtLocalhost <<-EOSQL || true - CREATE USER mysql@localhost IDENTIFIED VIA unix_socket; - EOSQL - if [ -n "$MARIADB_MYSQL_LOCALHOST_GRANTS" ]; then - if [ "$MARIADB_MYSQL_LOCALHOST_GRANTS" != USAGE ]; then - mysql_warn "Excessive privileges ON *.* TO mysql@localhost facilitates risks to the confidentiality, integrity and availability of data stored" - fi - mysqlAtLocalhostGrants="GRANT ${MARIADB_MYSQL_LOCALHOST_GRANTS} ON *.* TO mysql@localhost;"; - fi - fi - - local createHealthCheckUsers - createHealthCheckUsers=$(create_healthcheck_users) - - local rootLocalhostPass= - if [ -z "$MARIADB_ROOT_PASSWORD_HASH" ]; then - # handle MARIADB_ROOT_PASSWORD_HASH for root@localhost after /docker-entrypoint-initdb.d - rootLocalhostPass="SET PASSWORD FOR 'root'@'localhost'= PASSWORD('${rootPasswordEscaped}');" - fi - - local createDatabase= - # Creates a custom database and user if specified - if [ -n "$MARIADB_DATABASE" ]; then - mysql_note "Creating database ${MARIADB_DATABASE}" - createDatabase="CREATE DATABASE IF NOT EXISTS \`$MARIADB_DATABASE\`;" - fi - - local createUser= - local userGrants= - if [ -n "$MARIADB_PASSWORD" ] || [ -n "$MARIADB_PASSWORD_HASH" ] && [ -n "$MARIADB_USER" ]; then - mysql_note "Creating user ${MARIADB_USER}" - if [ -n "$MARIADB_PASSWORD_HASH" ]; then - createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY PASSWORD '$MARIADB_PASSWORD_HASH';" - else - # SQL escape the user password, \ followed by ' - local userPasswordEscaped - userPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_PASSWORD}") - createUser="CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY '$userPasswordEscaped';" - fi - - if [ -n "$MARIADB_DATABASE" ]; then - mysql_note "Giving user ${MARIADB_USER} access to schema ${MARIADB_DATABASE}" - userGrants="GRANT ALL ON \`${MARIADB_DATABASE//_/\\_}\`.* TO '$MARIADB_USER'@'%';" - fi - fi - - # To create replica user - local createReplicaUser= - local changeMasterTo= - local startReplica= - if [ -n "$MARIADB_REPLICATION_USER" ] ; then - if [ -z "$MARIADB_MASTER_HOST" ]; then - # on master - mysql_note "Creating user ${MARIADB_REPLICATION_USER}" - createReplicaUser=$(create_replica_user) - else - # on replica - local rplPasswordEscaped - rplPasswordEscaped=$(docker_sql_escape_string_literal "${MARIADB_REPLICATION_PASSWORD}") - # SC cannot follow how MARIADB_MASTER_PORT is assigned a default value. - # shellcheck disable=SC2153 - changeMasterTo="CHANGE MASTER TO MASTER_HOST='$MARIADB_MASTER_HOST', MASTER_USER='$MARIADB_REPLICATION_USER', MASTER_PASSWORD='$rplPasswordEscaped', MASTER_PORT=$MARIADB_MASTER_PORT, MASTER_CONNECT_RETRY=10;" - startReplica="START REPLICA;" - fi - fi - - mysql_note "Securing system users (equivalent to running mysql_secure_installation)" - # tell docker_process_sql to not use MARIADB_ROOT_PASSWORD since it is just now being set - # --binary-mode to save us from the semi-mad users go out of their way to confuse the encoding. - docker_process_sql --dont-use-mysql-root-password --database=mysql --binary-mode <<-EOSQL - -- Securing system users shouldn't be replicated - SET @orig_sql_log_bin= @@SESSION.SQL_LOG_BIN; - SET @@SESSION.SQL_LOG_BIN=0; - -- we need the SQL_MODE NO_BACKSLASH_ESCAPES mode to be clear for the password to be set - SET @@SESSION.SQL_MODE=REPLACE(@@SESSION.SQL_MODE, 'NO_BACKSLASH_ESCAPES', ''); - - DROP USER IF EXISTS root@'127.0.0.1', root@'::1'; - EXECUTE IMMEDIATE CONCAT('DROP USER IF EXISTS root@\'', @@hostname,'\''); - - ${rootLocalhostPass} - ${rootCreate} - ${mysqlAtLocalhost} - ${mysqlAtLocalhostGrants} - ${createHealthCheckUsers} - -- end of securing system users, rest of init now... - SET @@SESSION.SQL_LOG_BIN=@orig_sql_log_bin; - -- create users/databases - ${createDatabase} - ${createUser} - ${createReplicaUser} - ${userGrants} - - ${changeMasterTo} - ${startReplica} - EOSQL -} - -# create a new installation -docker_mariadb_init() -{ - - # check dir permissions to reduce likelihood of half-initialized database - ls /docker-entrypoint-initdb.d/ > /dev/null - - if [ -n "$DATABASE_INIT_FROM_BACKUP" ]; then - shopt -s dotglob - for file in /docker-entrypoint-initdb.d/*.tar{.gz,.xz,.zst}; do - mkdir -p "$DATADIR"/.init - tar --auto-compress --extract --file "$file" --directory="$DATADIR"/.init - mariadb-backup --target-dir="$DATADIR"/.init --datadir="$DATADIR"/.restore --move-back - - mv "$DATADIR"/.restore/** "$DATADIR"/ - if [ -f "$DATADIR/.init/backup-my.cnf" ]; then - mv "$DATADIR/.init/backup-my.cnf" "$DATADIR/.my.cnf" - mysql_note "Adding startup configuration:" - my_print_defaults --defaults-file="$DATADIR/.my.cnf" --mariadbd - fi - rm -rf "$DATADIR"/.init "$DATADIR"/.restore - if [ "$(id -u)" = "0" ]; then - # this will cause less disk access than `chown -R` - find "$DATADIR" \! -user mysql \( -exec chown mysql: '{}' + -o -true \) - fi - done - if _check_if_upgrade_is_needed; then - docker_mariadb_upgrade "$@" - fi - return - fi - docker_init_database_dir "$@" - - mysql_note "Starting temporary server" - docker_temp_server_start "$@" - mysql_note "Temporary server started." - - docker_setup_db - docker_process_init_files /docker-entrypoint-initdb.d/* - # Wait until after /docker-entrypoint-initdb.d is performed before setting - # root@localhost password to a hash we don't know the password for. - if [ -n "${MARIADB_ROOT_PASSWORD_HASH}" ]; then - mysql_note "Setting root@localhost password hash" - docker_process_sql --dont-use-mysql-root-password --binary-mode <<-EOSQL - SET @@SESSION.SQL_LOG_BIN=0; - SET PASSWORD FOR 'root'@'localhost'= '${MARIADB_ROOT_PASSWORD_HASH}'; - EOSQL - fi - - mysql_note "Stopping temporary server" - docker_temp_server_stop - mysql_note "Temporary server stopped" - - echo - mysql_note "MariaDB init process done. Ready for start up." - echo -} - -# backup the mysql database -docker_mariadb_backup_system() -{ - if [ -n "$MARIADB_DISABLE_UPGRADE_BACKUP" ] \ - && [ "$MARIADB_DISABLE_UPGRADE_BACKUP" = 1 ]; then - mysql_note "MariaDB upgrade backup disabled due to \$MARIADB_DISABLE_UPGRADE_BACKUP=1 setting" - return - fi - local backup_db="system_mysql_backup_unknown_version.sql.zst" - local oldfullversion="unknown_version" - if [ -r "$DATADIR"/mariadb_upgrade_info ]; then - read -r -d '' oldfullversion < "$DATADIR"/mariadb_upgrade_info || true - if [ -n "$oldfullversion" ]; then - backup_db="system_mysql_backup_${oldfullversion}.sql.zst" - fi - fi - - mysql_note "Backing up system database to $backup_db" - if ! mariadb-dump --skip-lock-tables --replace --databases mysql --socket="${SOCKET}" | zstd > "${DATADIR}/${backup_db}"; then - mysql_error "Unable backup system database for upgrade from $oldfullversion." - fi - mysql_note "Backing up complete" -} - -# perform mariadb-upgrade -# backup the mysql database if this is a major upgrade -docker_mariadb_upgrade() { - if [ -z "$MARIADB_AUTO_UPGRADE" ] \ - || [ "$MARIADB_AUTO_UPGRADE" = 0 ]; then - mysql_note "MariaDB upgrade (mariadb-upgrade or creating healthcheck users) required, but skipped due to \$MARIADB_AUTO_UPGRADE setting" - return - fi - mysql_note "Starting temporary server" - docker_temp_server_start "$@" --skip-grant-tables \ - --loose-innodb_buffer_pool_dump_at_shutdown=0 \ - --skip-slave-start - mysql_note "Temporary server started." - - docker_mariadb_backup_system - - if [ ! -f "$DATADIR"/.my-healthcheck.cnf ]; then - mysql_note "Creating healthcheck users" - local createHealthCheckUsers - createHealthCheckUsers=$(create_healthcheck_users) - docker_process_sql --dont-use-mysql-root-password --binary-mode <<-EOSQL - -- Healthcheck users shouldn't be replicated - SET @@SESSION.SQL_LOG_BIN=0; - -- we need the SQL_MODE NO_BACKSLASH_ESCAPES mode to be clear for the password to be set - SET @@SESSION.SQL_MODE=REPLACE(@@SESSION.SQL_MODE, 'NO_BACKSLASH_ESCAPES', ''); - FLUSH PRIVILEGES; - $createHealthCheckUsers -EOSQL - mysql_note "Stopping temporary server" - docker_temp_server_stop - mysql_note "Temporary server stopped" - - if _check_if_upgrade_is_needed; then - # need a restart as FLUSH PRIVILEGES isn't reversable - mysql_note "Restarting temporary server for upgrade" - docker_temp_server_start "$@" --skip-grant-tables \ - --loose-innodb_buffer_pool_dump_at_shutdown=0 \ - --skip-slave-start - else - return 0 - fi - fi - - mysql_note "Starting mariadb-upgrade" - mariadb-upgrade --upgrade-system-tables - mysql_note "Finished mariadb-upgrade" - - mysql_note "Stopping temporary server" - docker_temp_server_stop - mysql_note "Temporary server stopped" -} - - -_check_if_upgrade_is_needed() { - if [ ! -f "$DATADIR"/mariadb_upgrade_info ]; then - mysql_note "MariaDB upgrade information missing, assuming required" - return 0 - fi - local mariadbVersion - mariadbVersion="$(_mariadb_version)" - IFS='.-' read -ra newversion <<<"$mariadbVersion" - IFS='.-' read -ra oldversion < "$DATADIR"/mariadb_upgrade_info || true - - if [[ ${#newversion[@]} -lt 2 ]] || [[ ${#oldversion[@]} -lt 2 ]] \ - || [[ ${oldversion[0]} -lt ${newversion[0]} ]] \ - || [[ ${oldversion[0]} -eq ${newversion[0]} && ${oldversion[1]} -lt ${newversion[1]} ]]; then - return 0 - fi - if [ ! -f "$DATADIR"/.my-healthcheck.cnf ]; then - mysql_note "MariaDB heathcheck configation file missing, assuming desirable" - return 0 - fi - mysql_note "MariaDB upgrade not required" - return 1 -} - -# check arguments for an option that would cause mariadbd to stop -# return true if there is one -_mysql_want_help() { - local arg - for arg; do - case "$arg" in - -'?'|--help|--print-defaults|-V|--version) - return 0 - ;; - esac - done - return 1 -} - -_main() { - # if command starts with an option, prepend mariadbd - if [ "${1:0:1}" = '-' ]; then - set -- mariadbd "$@" - fi - - #ENDOFSUBSTITUTIONS - # skip setup if they aren't running mysqld or want an option that stops mysqld - if [ "$1" = 'mariadbd' ] || [ "$1" = 'mysqld' ] && ! _mysql_want_help "$@"; then - mysql_note "Entrypoint script for MariaDB Server ${MARIADB_VERSION} started." - - mysql_check_config "$@" - # Load various environment variables - docker_setup_env "$@" - docker_create_db_directories - - # If container is started as root user, restart as dedicated mysql user - if [ "$(id -u)" = "0" ]; then - mysql_note "Switching to dedicated user 'mysql'" - exec gosu mysql "${BASH_SOURCE[0]}" "$@" - fi - - # there's no database, so it needs to be initialized - if [ -z "$DATABASE_ALREADY_EXISTS" ]; then - docker_verify_minimum_env - - docker_mariadb_init "$@" - # MDEV-27636 mariadb_upgrade --check-if-upgrade-is-needed cannot be run offline - #elif mariadb-upgrade --check-if-upgrade-is-needed; then - elif _check_if_upgrade_is_needed; then - docker_mariadb_upgrade "$@" - fi - fi - exec "$@" -} - -# If we are sourced from elsewhere, don't perform any further actions -if ! _is_sourced; then - _main "$@" -fi diff --git a/melange.yaml b/melange.yaml index ceea36e78bb..dff3f4bd6b3 100644 --- a/melange.yaml +++ b/melange.yaml @@ -1,6 +1,6 @@ package: name: melange - version: 0.16.0 + version: 0.17.0 epoch: 0 description: build APKs from source code copyright: @@ -20,7 +20,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 736a91d6da83ca7962f4277b51c7147eddae42fc + expected-commit: a7083d9c5a8e6bcbfac755e650669ed8494cec3a repository: https://github.com/chainguard-dev/melange tag: v${{package.version}} diff --git a/neon.yaml b/neon.yaml index 39bd34a5830..d21c5f35ef2 100644 --- a/neon.yaml +++ b/neon.yaml @@ -1,7 +1,7 @@ package: name: neon - version: "7145" - epoch: 1 + version: "7245" + epoch: 0 description: "Serverless Postgres. We separated storage and compute to offer autoscaling, branching, and bottomless storage." copyright: - license: Apache-2.0 @@ -47,7 +47,7 @@ pipeline: with: repository: https://github.com/neondatabase/neon tag: release-${{package.version}} - expected-commit: 1388bbae73cc714ed65d82240f6e0935eef805c6 + expected-commit: 1ca9b56faf0fad00a45493d545575c7942279d2f recurse-submodules: true - runs: | diff --git a/ntpd-rs.yaml b/ntpd-rs.yaml index 2e39862b960..e476923dc33 100644 --- a/ntpd-rs.yaml +++ b/ntpd-rs.yaml @@ -1,7 +1,7 @@ package: name: ntpd-rs - version: 1.3.0 - epoch: 2 + version: 1.3.1 + epoch: 0 description: "An NTP implementation in Rust." copyright: - license: MIT @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/pendulum-project/ntpd-rs tag: v${{package.version}} - expected-commit: e8869f4378971ca470131e54fea6e72655a774c3 + expected-commit: 6d72d3e724217e0740ae616dff8cccaf639d6f76 - uses: rust/cargobump diff --git a/ollama.yaml b/ollama.yaml index 8f8b4702ccb..e58d580da14 100644 --- a/ollama.yaml +++ b/ollama.yaml @@ -1,6 +1,6 @@ package: name: ollama - version: 0.4.5 + version: 0.4.6 epoch: 0 description: Get up and running with Llama 2 and other large language models locally copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://github.com/ollama/ollama tag: v${{package.version}} - expected-commit: 2b7ed61ca22743598db2b407a94b8865042f1078 + expected-commit: ce7455a8e1045ae12c5eaa9dc5bb5bdc84a098dc - runs: | go generate ./... diff --git a/openssl.yaml b/openssl.yaml index 21757ba4c75..50fbb038442 100644 --- a/openssl.yaml +++ b/openssl.yaml @@ -2,19 +2,13 @@ package: name: openssl version: 3.4.0 - epoch: 2 + epoch: 3 description: "the OpenSSL cryptography suite" copyright: - license: Apache-2.0 resources: cpu: 16 memory: 16Gi - # For now, continue to install the legacy openssl provider if the parent openssl - # package is installed. This is done because users may be installing the openssl - # package to gain that provider. - dependencies: - runtime: - - openssl-provider-legacy environment: contents: diff --git a/opentelemetry-cpp.yaml b/opentelemetry-cpp.yaml index 0181e8f4c3c..1fc2ad75602 100644 --- a/opentelemetry-cpp.yaml +++ b/opentelemetry-cpp.yaml @@ -1,7 +1,7 @@ package: name: opentelemetry-cpp - version: 1.17.0 - epoch: 2 + version: 1.18.0 + epoch: 0 description: The OpenTelemetry C++ Client copyright: - license: Apache-2.0 @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/open-telemetry/opentelemetry-cpp tag: v${{package.version}} - expected-commit: fa0a5200ddbe9ae6f487a228e658aedc102dab56 + expected-commit: 955a807c0461544560429c2414b8967f6023e590 - uses: cmake/configure with: diff --git a/opentelemetry-java-contrib.yaml b/opentelemetry-java-contrib.yaml new file mode 100644 index 00000000000..ed94e3e677f --- /dev/null +++ b/opentelemetry-java-contrib.yaml @@ -0,0 +1,75 @@ +package: + name: opentelemetry-java-contrib + version: 1.41.0 + epoch: 0 + description: Helpful libraries and standalone OpenTelemetry-based utilities for opentelemetry java and java instrumentation + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - bash + - busybox + - ca-certificates-bundle + - openjdk-17-default-jdk + environment: + JAVA_HOME: /usr/lib/jvm/java-17-openjdk + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/open-telemetry/opentelemetry-java-contrib.git + tag: v${{package.version}} + expected-commit: e0775a738750d875462ca2170a3083a52fdfea7f + recurse-submodules: true + +data: + - name: contrib-components + items: + all: "." + aws-resources: "." + aws-xray: "." + aws-xray-propagator: "." + baggage-processor: "." + consistent-sampling: "." + disk-buffering: "." + gcp-resources: "." + inferred-spans: "." + jfr-connection: "." + jfr-events: "." + jmx-metrics: "." + kafka-exporter: "." + maven-extension: "." + micrometer-meter-provider: "." + noop-api: "." + opamp-client: "." + processors: "." + prometheus-client-bridge: "." + resource-providers: "." + samplers: "." + span-stacktrace: "." + static-instrumenter: "." + +subpackages: + - range: contrib-components + name: ${{package.name}}-${{range.key}} + pipeline: + - runs: | + ./gradlew :${{range.key}}:build -Potel.stable=true -x test + - runs: | + mkdir -p ${{targets.contextdir}}/usr/share/java/${{range.key}} + mv /home/build/${{range.key}}/build/libs/opentelemetry-${{range.key}}-${{package.version}}.jar ${{targets.contextdir}}/usr/share/java/${{range.key}} + + - range: contrib-components + name: ${{package.name}}-${{range.key}}-compat + pipeline: + - runs: | + mkdir -p ${{targets.contextdir}}/opt + ln -sf /usr/share/java/${{range.key}}/opentelemetry-${{range.key}}-${{package.version}}.jar ${{targets.contextdir}}/opt/opentelemetry-${{range.key}}-${{package.version}}.jar + +update: + enabled: true + github: + identifier: open-telemetry/opentelemetry-java-contrib + strip-prefix: v diff --git a/parallel.yaml b/parallel.yaml index 53db19d0d32..bdfba7cb2e1 100644 --- a/parallel.yaml +++ b/parallel.yaml @@ -1,10 +1,16 @@ package: name: parallel version: "20241122" - epoch: 0 + epoch: 1 description: "GNU parallel is a shell tool for executing jobs in parallel using one or more computers" copyright: - license: GPL-3.0-or-later + options: + # to avoid depending on shells that's being added as dependency to this package. + no-depends: true + dependencies: + runtime: + - perl environment: contents: @@ -37,6 +43,15 @@ pipeline: ${{targets.contextdir}}/usr/bin/env_parallel.pdksh \ ${{targets.contextdir}}/usr/bin/env_parallel.tcsh +subpackages: + - name: parallel-doc + description: parallel documentation + pipeline: + - uses: split/manpages + - runs: | + mkdir -p "${{targets.subpkgdir}}"/usr/share + mv "${{targets.destdir}}"/usr/share/doc "${{targets.subpkgdir}}"/usr/share/ + update: enabled: true release-monitor: diff --git a/pgpool2-4.5.yaml b/pgpool2-4.5.yaml new file mode 100644 index 00000000000..24fe54775cc --- /dev/null +++ b/pgpool2-4.5.yaml @@ -0,0 +1,179 @@ +package: + name: pgpool2-4.5 + version: 4.5.5 + epoch: 1 + description: Middleware that works between PostgreSQL servers and a PostgreSQL database client. + copyright: + - license: BSD-3-Clause AND MIT + dependencies: + provides: + - pgpool2=${{package.full-version}} + +environment: + contents: + packages: + - autoconf + - automake + - bison + - build-base + - busybox + - flex + - libtool + - openssl-dev + - postgresql-dev + +var-transforms: + - from: ${{package.version}} + match: \. + replace: _ + to: mangled-package-version + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/pgpool/pgpool2 + tag: V${{vars.mangled-package-version}} + expected-commit: 8010cde32d4277b06f84216fd5e0d4b735e95b71 + + - uses: autoconf/configure + with: + opts: | + --sysconfdir=/etc/pgpool2 --with-openssl + + # build src/parser explicitly to avoid build failures due to missing parser files with -j flag + - runs: | + make -C src/parser V=1 + + - uses: autoconf/make + + - uses: autoconf/make-install + + - uses: strip + + - runs: | + mkdir -p "${{targets.contextdir}}/var/run/pgpool" + +subpackages: + - name: ${{package.name}}-dev + pipeline: + - uses: split/dev + dependencies: + provides: + - pgpool2-dev=${{package.full-version}} + runtime: + - ${{package.name}} + + - name: ${{package.name}}-bitnami-compat + dependencies: + provides: + - pgpool2-bitnami-compat=${{package.full-version}} + runtime: + - busybox + - openldap + - postgresql-client + pipeline: + - uses: bitnami/compat + with: + image: pgpool + version-path: 4/debian-12 + # copy the patch file to patch the output form bitnami/compat and apply it + - runs: | + cp bitnami-compat-remove-os-flavour.patch "${{targets.contextdir}}/" + - uses: patch + working-directory: "${{targets.contextdir}}" + with: + patches: bitnami-compat-remove-os-flavour.patch + # remove patch file to prevent it from being packaged + - runs: | + rm "${{targets.contextdir}}/bitnami-compat-remove-os-flavour.patch" + - runs: | + mkdir -p "${{targets.contextdir}}/opt/bitnami/pgpool/bin" + # symlink all binaries to /opt/bitnami/pgpool/bin + for bin in \ + pcp_attach_node pcp_detach_node pcp_health_check_stats pcp_node_count \ + pcp_node_info pcp_pool_status pcp_proc_count pcp_proc_info pcp_promote_node \ + pcp_recovery_node pcp_stop_pgpool pcp_watchdog_info \ + pg_enc pg_md5 pgpool pgpool_setup pgproto watchdog_setup wd_cli \ + ; do + ln -s "/usr/bin/${bin}" "${{targets.contextdir}}/opt/bitnami/pgpool/bin/${bin}" + done + + # link postgres binaries to /opt/bitnami/postgresql/bin + mkdir -p "${{targets.contextdir}}/opt/bitnami/postgresql/bin" + for bin in \ + pg_dump pg_dumpall pg_restore psql \ + ; do + ln -s "/usr/bin/${bin}" "${{targets.contextdir}}/opt/bitnami/postgresql/bin/${bin}" + done + + # symlink /etc/pgpool2 as /opt/bitnami/pgpool/etc + ln -s /etc/pgpool2 "${{targets.contextdir}}/opt/bitnami/pgpool/etc" + test: + environment: + contents: + packages: + - ${{package.name}} + pipeline: + - runs: | + test -f /opt/bitnami/pgpool/bin/pgpool + test -f /opt/bitnami/postgresql/bin/psql + +update: + enabled: false + manual: true + exclude-reason: Versions using underscore + github: + identifier: pgpool/pgpool2 + strip-prefix: V + +test: + environment: + contents: + packages: + - postgresql + - postgresql-client + - shadow + - sudo-rs + environment: + PGDATA: /tmp/test_db + PGUSER: wolfi + PGPASSWORD: custompassword + pipeline: + - name: "Test binaries" + runs: | + pgpool --version + pgpool --help + - name: "Configure postgresql" + runs: | + useradd $PGUSER + sudo -u $PGUSER initdb -D /tmp/test_db + sudo -u $PGUSER pg_ctl -D /tmp/test_db -l /tmp/logfile start + - name: "Create database and table" + runs: | + createdb customdatabase + psql customdatabase -c "CREATE TABLE IF NOT EXISTS test_table (id INTEGER, str TEXT); INSERT INTO test_table VALUES(1, 'Test value');" + - name: "Configure and start pgpool" + runs: | + # 28b48ce7ae1f2db6539f7ed94728d992 = custompassword + echo "wolfi:28b48ce7ae1f2db6539f7ed94728d992" >/etc/pgpool2/pcp.conf + cp /etc/pgpool2/pool_hba.conf.sample /etc/pgpool2/pool_hba.conf + cat >/etc/pgpool2/pgpool.conf <" > test.php + php test.php + if [ $? -ne 0 ]; then + echo "Test failed: Unable to use mongodb extension." + exit 1 + else + echo "Test passed: mongodb extension is functional." + fi + update: enabled: true release-monitor: diff --git a/php-8.1-protobuf.yaml b/php-8.1-protobuf.yaml index 93417869c55..a653a779f70 100644 --- a/php-8.1-protobuf.yaml +++ b/php-8.1-protobuf.yaml @@ -1,7 +1,7 @@ package: name: php-8.1-protobuf - version: 4.28.3 - epoch: 1 + version: 4.29.0 + epoch: 0 description: "Protocol Buffers - Google's data interchange format" copyright: - license: BSD-3-Clause @@ -30,7 +30,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/protobuf-${{package.version}}.tgz - expected-sha512: 9c784c5e0e32fa795f86ab961664f93cb4b137ee5990e93383794c94252baceae4547ee5e1298f53bc8c22f80220987eb9a3fd7f21943d4a58e0fc04b4395289 + expected-sha512: e7c4bca38af0a1122e530ebf6353cdd57a3c8cb71c31de818d0b187a0663589dbc0cdfd7124af8309cfb840de1b31928f6dab9d611b992a2783a7f87904eee81 - name: Prepare build runs: phpize diff --git a/php-8.1-swoole.yaml b/php-8.1-swoole.yaml index 2aac130f610..1b2a774e9e5 100644 --- a/php-8.1-swoole.yaml +++ b/php-8.1-swoole.yaml @@ -1,7 +1,7 @@ package: name: php-8.1-swoole - version: 5.1.5 - epoch: 1 + version: 5.1.6 + epoch: 0 description: "Coroutine-based concurrency library for PHP" copyright: - license: Apache-2.0 @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/swoole/swoole-src tag: "v${{package.version}}" - expected-commit: c713f73211c9f896e86e6f1744bff7f9fed9ee6f + expected-commit: df1f708b22440110aff8c125244d3de56569ed8c - name: Prepare build runs: phpize diff --git a/php-8.1-xdebug.yaml b/php-8.1-xdebug.yaml index 32ef3196f35..ef2c59ad208 100644 --- a/php-8.1-xdebug.yaml +++ b/php-8.1-xdebug.yaml @@ -1,7 +1,7 @@ package: name: php-8.1-xdebug - version: 3.3.2 - epoch: 1 + version: 3.4.0 + epoch: 0 description: "Step Debugger for PHP" copyright: - license: PHP-3.01 @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/xdebug/xdebug tag: "${{package.version}}" - expected-commit: e978d755861a3a8d9dcef615bb6649b85f266658 + expected-commit: 4284879cc0e3d749f872c2b7eec49521ca4b9ad0 - name: Prepare build runs: phpize diff --git a/php-8.2-grpc.yaml b/php-8.2-grpc.yaml index 7b3b92c8a10..343b2a79f4c 100644 --- a/php-8.2-grpc.yaml +++ b/php-8.2-grpc.yaml @@ -1,6 +1,6 @@ package: name: php-8.2-grpc - version: 1.68.0 + version: 1.68.1 epoch: 0 description: "A PHP extension for gRPC" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/grpc/grpc tag: "v${{package.version}}" - expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e + expected-commit: 796e87f16136533977b8647b50a020519fd7a137 - name: Prepare build runs: cd src/php/ext/grpc && phpize diff --git a/php-8.2-pecl-mongodb.yaml b/php-8.2-pecl-mongodb.yaml index ef934987906..f8a17c486fe 100644 --- a/php-8.2-pecl-mongodb.yaml +++ b/php-8.2-pecl-mongodb.yaml @@ -1,7 +1,7 @@ package: name: php-8.2-pecl-mongodb - version: 1.20.0 - epoch: 3 + version: 1.20.1 + epoch: 0 description: "PHP ${{vars.phpMM}} MongoDB driver - PECL" copyright: - license: PHP-3.01 @@ -39,7 +39,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/mongodb-${{package.version}}.tgz - expected-sha512: 715b40616c9c61294dc2947ddbc1b2bf2ecac02654fcbcdec5394acf1e44365f1a96f15d3459b57e50fa2f125f44d406d7bdb6306c13b9ffa892686c4cdc3cee + expected-sha512: bb1914d6adcdbf8a3b3c513cb59119b09379d00c5736bff4622d578e616d5f85c79f2a54be7bb03fd6feb3f7c491ad34bdcfc66d929ee4bb4fcb26cf77668df4 - name: phpize and configure runs: | @@ -56,6 +56,27 @@ pipeline: - uses: strip +test: + environment: + contents: + packages: + - php-${{vars.phpMM}} + pipeline: + - name: Verify Extension is Loaded + runs: | + echo "" > test.php + php test.php + if [ $? -ne 0 ]; then + echo "Test failed: Unable to use mongodb extension." + exit 1 + else + echo "Test passed: mongodb extension is functional." + fi + update: enabled: true release-monitor: diff --git a/php-8.2-protobuf.yaml b/php-8.2-protobuf.yaml index 37f73299c04..de4f241f83e 100644 --- a/php-8.2-protobuf.yaml +++ b/php-8.2-protobuf.yaml @@ -1,7 +1,7 @@ package: name: php-8.2-protobuf - version: 4.28.3 - epoch: 1 + version: 4.29.0 + epoch: 0 description: "Protocol Buffers - Google's data interchange format" copyright: - license: BSD-3-Clause @@ -30,7 +30,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/protobuf-${{package.version}}.tgz - expected-sha512: 9c784c5e0e32fa795f86ab961664f93cb4b137ee5990e93383794c94252baceae4547ee5e1298f53bc8c22f80220987eb9a3fd7f21943d4a58e0fc04b4395289 + expected-sha512: e7c4bca38af0a1122e530ebf6353cdd57a3c8cb71c31de818d0b187a0663589dbc0cdfd7124af8309cfb840de1b31928f6dab9d611b992a2783a7f87904eee81 - name: Prepare build runs: phpize diff --git a/php-8.2-swoole.yaml b/php-8.2-swoole.yaml index 380f15c92cf..7c0cb491d3d 100644 --- a/php-8.2-swoole.yaml +++ b/php-8.2-swoole.yaml @@ -1,7 +1,7 @@ package: name: php-8.2-swoole - version: 5.1.5 - epoch: 1 + version: 5.1.6 + epoch: 0 description: "Coroutine-based concurrency library for PHP" copyright: - license: Apache-2.0 @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/swoole/swoole-src tag: "v${{package.version}}" - expected-commit: c713f73211c9f896e86e6f1744bff7f9fed9ee6f + expected-commit: df1f708b22440110aff8c125244d3de56569ed8c - name: Prepare build runs: phpize diff --git a/php-8.2-xdebug.yaml b/php-8.2-xdebug.yaml index b459362c7e6..11fbf4100cc 100644 --- a/php-8.2-xdebug.yaml +++ b/php-8.2-xdebug.yaml @@ -1,7 +1,7 @@ package: name: php-8.2-xdebug - version: 3.3.2 - epoch: 1 + version: 3.4.0 + epoch: 0 description: "Step Debugger for PHP" copyright: - license: PHP-3.01 @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/xdebug/xdebug tag: "${{package.version}}" - expected-commit: e978d755861a3a8d9dcef615bb6649b85f266658 + expected-commit: 4284879cc0e3d749f872c2b7eec49521ca4b9ad0 - name: Prepare build runs: phpize diff --git a/php-8.3-grpc.yaml b/php-8.3-grpc.yaml index 6a8af115606..d3d79d809f7 100644 --- a/php-8.3-grpc.yaml +++ b/php-8.3-grpc.yaml @@ -1,7 +1,7 @@ package: name: php-8.3-grpc - version: 1.68.0 - epoch: 1 + version: 1.68.1 + epoch: 0 description: "A PHP extension for gRPC" copyright: - license: Apache-2.0 @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/grpc/grpc tag: "v${{package.version}}" - expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e + expected-commit: 796e87f16136533977b8647b50a020519fd7a137 - name: Prepare build runs: cd src/php/ext/grpc && phpize diff --git a/php-8.3-pecl-mongodb.yaml b/php-8.3-pecl-mongodb.yaml index fb1949e18d1..a710102cb4e 100644 --- a/php-8.3-pecl-mongodb.yaml +++ b/php-8.3-pecl-mongodb.yaml @@ -1,7 +1,7 @@ package: name: php-8.3-pecl-mongodb - version: 1.20.0 - epoch: 3 + version: 1.20.1 + epoch: 0 description: "PHP ${{vars.phpMM}} MongoDB driver - PECL" copyright: - license: PHP-3.01 @@ -39,7 +39,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/mongodb-${{package.version}}.tgz - expected-sha512: 715b40616c9c61294dc2947ddbc1b2bf2ecac02654fcbcdec5394acf1e44365f1a96f15d3459b57e50fa2f125f44d406d7bdb6306c13b9ffa892686c4cdc3cee + expected-sha512: bb1914d6adcdbf8a3b3c513cb59119b09379d00c5736bff4622d578e616d5f85c79f2a54be7bb03fd6feb3f7c491ad34bdcfc66d929ee4bb4fcb26cf77668df4 - name: phpize and configure runs: | @@ -56,6 +56,27 @@ pipeline: - uses: strip +test: + environment: + contents: + packages: + - php-${{vars.phpMM}} + pipeline: + - name: Verify Extension is Loaded + runs: | + echo "" > test.php + php test.php + if [ $? -ne 0 ]; then + echo "Test failed: Unable to use mongodb extension." + exit 1 + else + echo "Test passed: mongodb extension is functional." + fi + update: enabled: true release-monitor: diff --git a/php-8.3-protobuf.yaml b/php-8.3-protobuf.yaml index d396a66836d..74b710f1434 100644 --- a/php-8.3-protobuf.yaml +++ b/php-8.3-protobuf.yaml @@ -1,7 +1,7 @@ package: name: php-8.3-protobuf - version: 4.28.3 - epoch: 1 + version: 4.29.0 + epoch: 0 description: "Protocol Buffers - Google's data interchange format" copyright: - license: BSD-3-Clause @@ -30,7 +30,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/protobuf-${{package.version}}.tgz - expected-sha512: 9c784c5e0e32fa795f86ab961664f93cb4b137ee5990e93383794c94252baceae4547ee5e1298f53bc8c22f80220987eb9a3fd7f21943d4a58e0fc04b4395289 + expected-sha512: e7c4bca38af0a1122e530ebf6353cdd57a3c8cb71c31de818d0b187a0663589dbc0cdfd7124af8309cfb840de1b31928f6dab9d611b992a2783a7f87904eee81 - name: Prepare build runs: phpize diff --git a/php-8.3-swoole.yaml b/php-8.3-swoole.yaml index 54500daff43..0c1a4d32c5b 100644 --- a/php-8.3-swoole.yaml +++ b/php-8.3-swoole.yaml @@ -1,7 +1,7 @@ package: name: php-8.3-swoole - version: 5.1.5 - epoch: 2 + version: 5.1.6 + epoch: 0 description: "Coroutine-based concurrency library for PHP" copyright: - license: Apache-2.0 @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/swoole/swoole-src tag: "v${{package.version}}" - expected-commit: c713f73211c9f896e86e6f1744bff7f9fed9ee6f + expected-commit: df1f708b22440110aff8c125244d3de56569ed8c - name: Prepare build runs: phpize diff --git a/php-8.3-xdebug.yaml b/php-8.3-xdebug.yaml index 07f456433c8..65024f53868 100644 --- a/php-8.3-xdebug.yaml +++ b/php-8.3-xdebug.yaml @@ -1,7 +1,7 @@ package: name: php-8.3-xdebug - version: 3.3.2 - epoch: 1 + version: 3.4.0 + epoch: 0 description: "Step Debugger for PHP" copyright: - license: PHP-3.01 @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/xdebug/xdebug tag: "${{package.version}}" - expected-commit: e978d755861a3a8d9dcef615bb6649b85f266658 + expected-commit: 4284879cc0e3d749f872c2b7eec49521ca4b9ad0 - name: Prepare build runs: phpize diff --git a/php-8.4-grpc.yaml b/php-8.4-grpc.yaml index 1f17b212414..7af58e514ba 100644 --- a/php-8.4-grpc.yaml +++ b/php-8.4-grpc.yaml @@ -1,6 +1,6 @@ package: name: php-8.4-grpc - version: 1.68.0 + version: 1.68.1 epoch: 0 description: "A PHP extension for gRPC" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/grpc/grpc tag: "v${{package.version}}" - expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e + expected-commit: 796e87f16136533977b8647b50a020519fd7a137 - name: Prepare build runs: cd src/php/ext/grpc && phpize diff --git a/php-8.4-pecl-mongodb.yaml b/php-8.4-pecl-mongodb.yaml index 95f0f1ee7af..1f86abc7cdc 100644 --- a/php-8.4-pecl-mongodb.yaml +++ b/php-8.4-pecl-mongodb.yaml @@ -1,6 +1,6 @@ package: name: php-8.4-pecl-mongodb - version: 1.20.0 + version: 1.20.1 epoch: 0 description: "PHP ${{vars.phpMM}} MongoDB driver - PECL" copyright: @@ -39,7 +39,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/mongodb-${{package.version}}.tgz - expected-sha512: 715b40616c9c61294dc2947ddbc1b2bf2ecac02654fcbcdec5394acf1e44365f1a96f15d3459b57e50fa2f125f44d406d7bdb6306c13b9ffa892686c4cdc3cee + expected-sha512: bb1914d6adcdbf8a3b3c513cb59119b09379d00c5736bff4622d578e616d5f85c79f2a54be7bb03fd6feb3f7c491ad34bdcfc66d929ee4bb4fcb26cf77668df4 - name: phpize and configure runs: | @@ -56,6 +56,27 @@ pipeline: - uses: strip +test: + environment: + contents: + packages: + - php-${{vars.phpMM}} + pipeline: + - name: Verify Extension is Loaded + runs: | + echo "" > test.php + php test.php + if [ $? -ne 0 ]; then + echo "Test failed: Unable to use mongodb extension." + exit 1 + else + echo "Test passed: mongodb extension is functional." + fi + update: enabled: true release-monitor: diff --git a/php-8.4-protobuf.yaml b/php-8.4-protobuf.yaml index 58328a86f7c..a8e8c72c1ab 100644 --- a/php-8.4-protobuf.yaml +++ b/php-8.4-protobuf.yaml @@ -1,6 +1,6 @@ package: name: php-8.4-protobuf - version: 4.28.3 + version: 4.29.0 epoch: 0 description: "Protocol Buffers - Google's data interchange format" copyright: @@ -30,7 +30,7 @@ pipeline: - uses: fetch with: uri: https://pecl.php.net/get/protobuf-${{package.version}}.tgz - expected-sha512: 9c784c5e0e32fa795f86ab961664f93cb4b137ee5990e93383794c94252baceae4547ee5e1298f53bc8c22f80220987eb9a3fd7f21943d4a58e0fc04b4395289 + expected-sha512: e7c4bca38af0a1122e530ebf6353cdd57a3c8cb71c31de818d0b187a0663589dbc0cdfd7124af8309cfb840de1b31928f6dab9d611b992a2783a7f87904eee81 - name: Prepare build runs: phpize diff --git a/prometheus-2.55.yaml b/prometheus-3.0.yaml similarity index 88% rename from prometheus-2.55.yaml rename to prometheus-3.0.yaml index a0318ebf47e..ef80b9e0bdf 100644 --- a/prometheus-2.55.yaml +++ b/prometheus-3.0.yaml @@ -1,6 +1,6 @@ package: - name: prometheus-2.55 - version: 2.55.1 + name: prometheus-3.0 + version: 3.0.1 epoch: 0 description: The Prometheus monitoring system and time series database. copyright: @@ -22,7 +22,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 6d7569113f1ca814f1e149f74176656540043b8d + expected-commit: 1f56e8492c31a558ccea833027db4bd7f8b6d0e9 repository: https://github.com/prometheus/prometheus tag: v${{package.version}} @@ -70,18 +70,6 @@ pipeline: install -Dm644 -t "${{targets.destdir}}"/etc/prometheus \ documentation/examples/prometheus.yml - mkdir -p "${{targets.destdir}}"/etc/prometheus/console_libraries - for file in console_libraries/* - do - install -Dm644 -t "${{targets.destdir}}"/etc/prometheus/console_libraries/ "$file" - done - - mkdir -p "${{targets.destdir}}"/etc/prometheus/consoles - for file in consoles/* - do - install -Dm644 -t "${{targets.destdir}}"/etc/prometheus/consoles/ "$file" - done - - uses: strip subpackages: @@ -113,7 +101,7 @@ update: github: identifier: prometheus/prometheus strip-prefix: v - tag-filter-prefix: v2.55 + tag-filter-prefix: v3.0 test: environment: diff --git a/prometheus-2.55/disable-pprof.patch b/prometheus-3.0/disable-pprof.patch similarity index 81% rename from prometheus-2.55/disable-pprof.patch rename to prometheus-3.0/disable-pprof.patch index 11097d5f1e4..199d1c03509 100644 --- a/prometheus-2.55/disable-pprof.patch +++ b/prometheus-3.0/disable-pprof.patch @@ -1,15 +1,3 @@ -diff --git a/cmd/prometheus/main.go b/cmd/prometheus/main.go -index 1d844ddba..efcdacf1f 100644 ---- a/cmd/prometheus/main.go -+++ b/cmd/prometheus/main.go -@@ -22,7 +22,6 @@ import ( - "math/bits" - "net" - "net/http" -- _ "net/http/pprof" // Comment this line to disable pprof endpoint. - "net/url" - "os" - "os/signal" diff --git a/web/web.go b/web/web.go index 9426ed935..afedb193b 100644 --- a/web/web.go diff --git a/prometheus-2.55/prometheus.confd b/prometheus-3.0/prometheus.confd similarity index 100% rename from prometheus-2.55/prometheus.confd rename to prometheus-3.0/prometheus.confd diff --git a/pulumi-language-dotnet.yaml b/pulumi-language-dotnet.yaml index bab0d6ea57a..fe4870fd346 100644 --- a/pulumi-language-dotnet.yaml +++ b/pulumi-language-dotnet.yaml @@ -1,6 +1,6 @@ package: name: pulumi-language-dotnet - version: 3.69.0 + version: 3.70.0 epoch: 0 description: Pulumi Language SDK for Dotnet copyright: @@ -17,7 +17,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: b37eee0097a7626f8a852b649ba3e725c461c021 + expected-commit: 6435544caabf255387d39f3df64530bedfbf66a2 repository: https://github.com/pulumi/pulumi-dotnet.git tag: v${{package.version}} diff --git a/py3-boto3.yaml b/py3-boto3.yaml index 3df9cd35319..2ec944af197 100644 --- a/py3-boto3.yaml +++ b/py3-boto3.yaml @@ -1,6 +1,6 @@ package: name: py3-boto3 - version: 1.35.70 + version: 1.35.71 epoch: 0 description: The AWS SDK for Python copyright: @@ -28,7 +28,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 121dce8c7102eea6a6047d46bcd74e8a24dac793a4a3857de4f4bad9c12566fd + expected-sha256: 3ed7172b3d4fceb6218bb0ec3668c4d40c03690939c2fca4f22bb875d741a07f uri: https://files.pythonhosted.org/packages/source/b/boto3/boto3-${{package.version}}.tar.gz subpackages: diff --git a/py3-botocore.yaml b/py3-botocore.yaml index bd95a5ae379..7fea9bc809d 100644 --- a/py3-botocore.yaml +++ b/py3-botocore.yaml @@ -1,6 +1,6 @@ package: name: py3-botocore - version: 1.35.70 + version: 1.35.71 epoch: 0 description: The low-level, core functionality of Boto3 copyright: @@ -29,7 +29,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz - expected-sha256: 18d1bb505722d9efd50c50719ed8de7284bfe6d3908a9e08756a7646e549da21 + expected-sha256: f9fa058e0393660c3fe53c1e044751beb64b586def0bd2212448a7c328b0cbba subpackages: - range: py-versions diff --git a/py3-cryptography.yaml b/py3-cryptography.yaml index 70312d7c247..b3a738d0437 100644 --- a/py3-cryptography.yaml +++ b/py3-cryptography.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/cryptography/ package: name: py3-cryptography - version: 43.0.3 + version: 44.0.0 epoch: 1 description: cryptography is a package which provides cryptographic recipes and primitives to Python developers. copyright: @@ -29,6 +29,7 @@ environment: - maturin - openssf-compiler-options - openssl-dev + - openssl-provider-legacy - py3-supported-cffi - py3-supported-maturin - py3-supported-pip @@ -42,7 +43,7 @@ pipeline: with: repository: https://github.com/pyca/cryptography/ tag: ${{package.version}} - expected-commit: c2afb4ffd2d65cc2e1a28c0af3fb52efb6cc688b + expected-commit: f299a48153650f2dd87716343f2daa7cd39a1f59 subpackages: - range: py-versions @@ -54,6 +55,7 @@ subpackages: - py3-${{vars.pypi-package}} runtime: - py${{range.key}}-cffi + - openssl-provider-legacy pipeline: - uses: py/pip-build-install with: diff --git a/py3-fastjsonschema.yaml b/py3-fastjsonschema.yaml index 59315454747..3caed3c90f5 100644 --- a/py3-fastjsonschema.yaml +++ b/py3-fastjsonschema.yaml @@ -1,7 +1,7 @@ package: name: py3-fastjsonschema - version: 2.20.0 - epoch: 2 + version: 2.21.0 + epoch: 0 description: Fastest Python implementation of JSON schema copyright: - license: BSD-3-Clause @@ -28,7 +28,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: d2fbc8ffb6579ca4e3d6f206965570b7c3906784 + expected-commit: acf076e3db8c081fd7c7636a6b8829dc6da1dea8 repository: https://github.com/horejsek/python-fastjsonschema tag: v${{package.version}} diff --git a/py3-grpcio-tools.yaml b/py3-grpcio-tools.yaml index 1476186955a..b0a056e52dc 100644 --- a/py3-grpcio-tools.yaml +++ b/py3-grpcio-tools.yaml @@ -1,6 +1,6 @@ package: name: py3-grpcio-tools - version: 1.68.0 + version: 1.68.1 epoch: 0 description: Protobuf code generator for gRPC copyright: @@ -44,7 +44,7 @@ pipeline: with: repository: https://github.com/grpc/grpc tag: v${{package.version}} - expected-commit: 6b49ae626bc9cd7033e062f89dbe0e0576b1110e + expected-commit: 796e87f16136533977b8647b50a020519fd7a137 - runs: | git submodule update --init diff --git a/py3-httpx.yaml b/py3-httpx.yaml index 79816c190d4..b2b2108275e 100644 --- a/py3-httpx.yaml +++ b/py3-httpx.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/httpx/ package: name: py3-httpx - version: 0.27.2 - epoch: 1 + version: 0.28.0 + epoch: 0 description: The next generation HTTP client. copyright: - license: BSD-3-Clause @@ -41,7 +41,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 609df7ecc0f7cb10a1c998aa9c269bba77337c5f + expected-commit: 80960fa31918d7663c3f4c3ad61661cf0e80628f repository: https://github.com/encode/httpx tag: ${{package.version}} diff --git a/py3-huggingface-hub.yaml b/py3-huggingface-hub.yaml index 64112ba7894..a5e43e6b902 100644 --- a/py3-huggingface-hub.yaml +++ b/py3-huggingface-hub.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/huggingface-hub/ package: name: py3-huggingface-hub - version: 0.26.2 + version: 0.26.3 epoch: 0 description: Client library to download and publish models, datasets and other repos on the huggingface.co hub copyright: @@ -34,7 +34,7 @@ data: pipeline: - uses: git-checkout with: - expected-commit: ee4c1634ceacff86d95d933a1718ce4c2fcaf88e + expected-commit: d7bead5d64afbcaa6f03b37dcec31f9213d92d19 repository: https://github.com/huggingface/huggingface_hub tag: v${{package.version}} diff --git a/py3-influxdb-client.yaml b/py3-influxdb-client.yaml index 89013ba6f27..97daf6f0432 100644 --- a/py3-influxdb-client.yaml +++ b/py3-influxdb-client.yaml @@ -1,7 +1,7 @@ package: name: py3-influxdb-client - version: 1.47.0 - epoch: 1 + version: 1.48.0 + epoch: 0 description: InfluxDB 2.0 python client copyright: - license: MIT @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/influxdata/influxdb-client-python.git tag: v${{package.version}} - expected-commit: 06b71146b20d2f3e7d40eac4fe5d2d81e4b02c62 + expected-commit: c8d806f1bb3357dec5bf62b0fe2eb84e1789b485 subpackages: - range: py-versions diff --git a/py3-keras.yaml b/py3-keras.yaml index 1a7d06759bf..2c2c9a7bae0 100644 --- a/py3-keras.yaml +++ b/py3-keras.yaml @@ -1,7 +1,7 @@ package: name: py3-keras - version: 3.6.0 - epoch: 1 + version: 3.7.0 + epoch: 0 description: Deep learning for humans. copyright: - license: Apache-2.0 @@ -33,7 +33,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 7004f526cfd0933f407f1b4f530b865079aa9bef + expected-commit: 4ca4345afa17543e2979f2bcef9e6847f4402123 repository: https://github.com/keras-team/keras tag: v${{package.version}} diff --git a/py3-maturin.yaml b/py3-maturin.yaml index 5de5eb0a1de..b4b09f42401 100644 --- a/py3-maturin.yaml +++ b/py3-maturin.yaml @@ -1,7 +1,7 @@ package: name: py3-maturin - version: 1.7.4 - epoch: 2 + version: 1.7.6 + epoch: 0 description: Build and publish crates with pyo3, rust-cpython and cffi bindings as well as rust binaries as python packages copyright: - license: MIT OR Apache-2.0 @@ -38,7 +38,7 @@ data: pipeline: - uses: git-checkout with: - expected-commit: aebadedec43a92a1ba0fe94980c84f37122aa5b3 + expected-commit: d896c62f31ded33adca2f58819913e29b7950299 repository: https://github.com/pyo3/maturin tag: v${{package.version}} diff --git a/py3-nbclient.yaml b/py3-nbclient.yaml index bbdfdca0785..c10c6b408bf 100644 --- a/py3-nbclient.yaml +++ b/py3-nbclient.yaml @@ -1,7 +1,7 @@ package: name: py3-nbclient - version: 0.10.0 - epoch: 1 + version: 0.10.1 + epoch: 0 description: A client library for executing notebooks. Formerly nbconvert's ExecutePreprocessor. copyright: - license: BSD-3-Clause @@ -29,7 +29,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: a72fb94bb225f1bc2ec31ba3f5e95a3362d85fa4 + expected-commit: 62d45a1417bed27ab81ac24b27fdafbf4e4edd26 repository: https://github.com/jupyter/nbclient tag: v${{package.version}} diff --git a/py3-nh3.yaml b/py3-nh3.yaml index 4c26dd5a17b..159dd5a5d6f 100644 --- a/py3-nh3.yaml +++ b/py3-nh3.yaml @@ -1,6 +1,6 @@ package: name: py3-nh3 - version: 0.2.18 + version: 0.2.19 epoch: 0 description: Python binding to Ammonia HTML sanitizer Rust crate copyright: @@ -36,7 +36,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: ba2b2748e472c18f5595200438be55ed1f943f45 + expected-commit: c71460cac4a0788dd7f28ca0a92a0aa67e81de1b repository: https://github.com/messense/nh3 tag: v${{package.version}} diff --git a/py3-openai.yaml b/py3-openai.yaml index 3442311b8c8..a681d27408a 100644 --- a/py3-openai.yaml +++ b/py3-openai.yaml @@ -1,7 +1,7 @@ # Generated from https://pypi.org/project/openai/ package: name: py3-openai - version: 1.55.0 + version: 1.55.3 epoch: 0 description: Python client library for the OpenAI API copyright: @@ -39,7 +39,7 @@ pipeline: with: repository: https://github.com/openai/openai-python.git tag: v${{package.version}} - expected-commit: 83091e96cf43f344d22799c22eea301aeae36d51 + expected-commit: 6974a981aec1814b5abba429a8ea21be9ac58538 subpackages: - range: py-versions diff --git a/py3-pgspecial.yaml b/py3-pgspecial.yaml index f29ff8ec51c..79854b0607f 100644 --- a/py3-pgspecial.yaml +++ b/py3-pgspecial.yaml @@ -1,6 +1,6 @@ package: name: py3-pgspecial - version: 2.1.2 + version: 2.1.3 epoch: 0 description: Meta-commands handler for Postgres Database. copyright: @@ -27,7 +27,7 @@ pipeline: with: repository: https://github.com/dbcli/pgspecial tag: v${{package.version}} - expected-commit: 2be16abcaa88cccaf99ce3062cca6ecfc632eb67 + expected-commit: 61b78f13b09551e43fc4b0ffbe6d0311f6551983 - name: Python Build runs: python setup.py build diff --git a/py3-pyjwt.yaml b/py3-pyjwt.yaml index 49c86811681..7f50339835d 100644 --- a/py3-pyjwt.yaml +++ b/py3-pyjwt.yaml @@ -1,6 +1,6 @@ package: name: py3-pyjwt - version: 2.10.0 + version: 2.10.1 epoch: 0 description: JSON Web Token implementation in Python copyright: @@ -37,7 +37,7 @@ pipeline: with: repository: https://github.com/jpadilla/pyjwt tag: ${{package.version}} - expected-commit: 783f324e5d2155462515ced45718fc164dd04db2 + expected-commit: 3ebbb22f30f2b1b41727b269a08b427e9a85d6bb subpackages: - range: py-versions diff --git a/py3-pyopenssl.yaml b/py3-pyopenssl.yaml index 82d5b77b02e..ae76d559201 100644 --- a/py3-pyopenssl.yaml +++ b/py3-pyopenssl.yaml @@ -1,7 +1,7 @@ package: name: py3-pyopenssl - version: 24.2.1 - epoch: 1 + version: 24.3.0 + epoch: 0 description: Python wrapper module around the OpenSSL library copyright: - license: Apache-2.0 @@ -28,7 +28,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 8dd94578656d47f854c087783b72431aaeb73d8e + expected-commit: 9f82d9715c6221c7e702a07d34c70ebb42240008 repository: https://github.com/pyca/pyopenssl tag: ${{package.version}} diff --git a/py3-python-gitlab.yaml b/py3-python-gitlab.yaml index b148f780345..1a746042905 100644 --- a/py3-python-gitlab.yaml +++ b/py3-python-gitlab.yaml @@ -1,7 +1,7 @@ package: name: py3-python-gitlab - version: 5.0.0 - epoch: 1 + version: 5.1.0 + epoch: 0 description: A python wrapper for the GitLab API url: https://python-gitlab.readthedocs.io copyright: @@ -29,7 +29,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 90c72d815a653e48c2ac01ee69889f8a918481fa + expected-commit: 9877520fc2f1d30f009344416c884d44a0edcae9 repository: https://github.com/python-gitlab/python-gitlab tag: v${{package.version}} diff --git a/py3-sqlglot.yaml b/py3-sqlglot.yaml index 2a121be4d9b..6a52a6f0cb4 100644 --- a/py3-sqlglot.yaml +++ b/py3-sqlglot.yaml @@ -1,6 +1,6 @@ package: name: py3-sqlglot - version: 25.32.0 + version: 25.32.1 epoch: 0 description: An easily customizable SQL parser and transpiler copyright: @@ -31,7 +31,7 @@ pipeline: with: repository: https://github.com/tobymao/sqlglot tag: v${{package.version}} - expected-commit: fddcd3dfc264a645909686c201d2288c0adf9047 + expected-commit: 73afd0f435b7e7ccde831ee311c9a76c14797fdc subpackages: - range: py-versions diff --git a/py3-tensorflow-model-analysis.yaml b/py3-tensorflow-model-analysis.yaml index b67fbb3e4fe..9792fb9b306 100644 --- a/py3-tensorflow-model-analysis.yaml +++ b/py3-tensorflow-model-analysis.yaml @@ -1,6 +1,6 @@ package: name: py3-tensorflow-model-analysis - version: 0.47.0 + version: 0.47.1 epoch: 0 description: Model analysis tools for TensorFlow copyright: @@ -50,7 +50,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 0497e049e70eef781f531e26ca50b94d438e4999 + expected-commit: f2135cc32f7b4bacf5d07ae9a2ce0a0342f127f1 repository: https://github.com/tensorflow/model-analysis tag: v${{package.version}} @@ -62,6 +62,12 @@ pipeline: - uses: strip +test: + pipeline: + - uses: python/import + with: + imports: import tensorflow_model_analysis + update: enabled: true manual: false diff --git a/py3-tomli.yaml b/py3-tomli.yaml index 070727c0b45..11a6655126e 100644 --- a/py3-tomli.yaml +++ b/py3-tomli.yaml @@ -1,6 +1,6 @@ package: name: py3-tomli - version: 2.1.0 + version: 2.2.1 epoch: 0 description: TOML parser copyright: @@ -31,7 +31,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/py3/t/tomli/tomli-${{package.version}}-py3-none-any.whl - expected-sha256: a5c57c3d1c56f5ccdf89f6523458f60ef716e210fc47c4cfb188c5ba473e0391 + expected-sha256: cb55c73c5f4408779d0cf3eef9f762b9c9f147a77de7b258bef0a5628adc85cc extract: false subpackages: diff --git a/py3-zope.interface.yaml b/py3-zope.interface.yaml index 412ddfaa340..6421f0db5bf 100644 --- a/py3-zope.interface.yaml +++ b/py3-zope.interface.yaml @@ -1,6 +1,6 @@ package: name: py3-zope.interface - version: 7.1.1 + version: "7.2" epoch: 0 description: Interfaces for Python copyright: @@ -28,7 +28,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: 98296bdbc1173dc83a8ad89764f2dc37c6f2463c + expected-commit: d860f651c966bbc600faea9c9fb3885b1a183bc4 repository: https://github.com/zopefoundation/zope.interface tag: ${{package.version}} diff --git a/rancher-agent-2.9.yaml b/rancher-agent-2.10.yaml similarity index 85% rename from rancher-agent-2.9.yaml rename to rancher-agent-2.10.yaml index 929ed05ff7e..c4e680596a4 100644 --- a/rancher-agent-2.9.yaml +++ b/rancher-agent-2.10.yaml @@ -1,6 +1,6 @@ package: - name: rancher-agent-2.9 - version: 2.9.4 + name: rancher-agent-2.10 + version: 2.10.0 epoch: 0 description: Complete container management platform - agent copyright: @@ -49,11 +49,7 @@ pipeline: with: repository: https://github.com/rancher/rancher tag: v${{package.version}} - expected-commit: 4ec728e8aae3e51c86cf599d1618c555fd806ce8 - - - uses: go/bump - with: - deps: github.com/go-jose/go-jose/v3@v3.0.3 k8s.io/kubernetes@v1.30.3 k8s.io/apiserver@v0.30.3 github.com/golang-jwt/jwt/v4@v4.5.1 + expected-commit: df45e368c82d4027410fa4700371982b9236b7c8 - uses: go/build with: @@ -80,4 +76,4 @@ update: identifier: rancher/rancher strip-prefix: v use-tag: true - tag-filter: v2.9. + tag-filter: v2.10. diff --git a/rancher-charts-2.10.yaml b/rancher-charts-2.10.yaml index 3a36387cc11..8b65de370ff 100644 --- a/rancher-charts-2.10.yaml +++ b/rancher-charts-2.10.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-charts-2.10 - version: 0_git20241126 + version: 0_git20241128 epoch: 0 description: Complete container management platform - charts copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/rancher/charts branch: release-v2.10 - expected-commit: f95f7170323d6f410633ef5369c927cd835d4722 + expected-commit: 7bbab1c71dfbc7e5eb2f5fc7ea195cf1732d98fa destination: ./charts depth: -1 diff --git a/rancher-charts-2.9.yaml b/rancher-charts-2.9.yaml deleted file mode 100644 index 1aa2ac29a35..00000000000 --- a/rancher-charts-2.9.yaml +++ /dev/null @@ -1,56 +0,0 @@ -#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag -package: - name: rancher-charts-2.9 - version: 0_git20241126 - epoch: 0 - description: Complete container management platform - charts - copyright: - - license: Apache-2.0 - dependencies: - provides: - - rancher-charts=${{package.full-version}} - -environment: - contents: - packages: - - busybox - - perl-utils - -pipeline: - - uses: git-checkout - with: - repository: https://github.com/rancher/charts - branch: release-v2.9 - expected-commit: b6884ede7840ae90dcacf7a4201e964a4fabe023 - destination: ./charts - depth: -1 - - - working-directory: ./charts - runs: | - shasum256=$(echo -n "https://git.rancher.io/charts" |shasum -a 256 | awk '{ print $1 }') - mkdir -p ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/v2/rancher-charts/$shasum256 - cp -r ./* ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/v2/rancher-charts/$shasum256 - - git checkout master - mkdir -p ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/library - cp -r ./* ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/library - -test: - environment: - contents: - packages: - - perl-utils - pipeline: - - runs: | - shasum256=$(echo -n "https://git.rancher.io/charts" |shasum -a 256 | awk '{ print $1 }') - # check the expected files are available at the expected location at `/var/lib/rancher-data/local-catalogs/v2/rancher-charts/$shasum256/` - test -f /var/lib/rancher-data/local-catalogs/v2/rancher-charts/$shasum256/README.md - # check the expected files are available at the expected location at `/var/lib/rancher-data/local-catalogs/library/` - test -f /var/lib/rancher-data/local-catalogs/library/README.md - -update: - enabled: true - git: {} - schedule: - period: daily - reason: Commit at head of branch moves frequently diff --git a/rancher-helm3-charts.yaml b/rancher-helm3-charts.yaml index 78bc102ab4e..707dde2cba5 100644 --- a/rancher-helm3-charts.yaml +++ b/rancher-helm3-charts.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-helm3-charts - version: 0_git20241126 + version: 0_git20241128 epoch: 0 description: Complete container management platform - helm3 charts copyright: diff --git a/rancher-kontainer-driver-metadata-2.9.yaml b/rancher-kontainer-driver-metadata-2.10.yaml similarity index 87% rename from rancher-kontainer-driver-metadata-2.9.yaml rename to rancher-kontainer-driver-metadata-2.10.yaml index 256b5d4f530..6bc4146bfd5 100644 --- a/rancher-kontainer-driver-metadata-2.9.yaml +++ b/rancher-kontainer-driver-metadata-2.10.yaml @@ -1,6 +1,6 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: - name: rancher-kontainer-driver-metadata-2.9 + name: rancher-kontainer-driver-metadata-2.10 version: 0_git20241126 epoch: 0 description: Complete container management platform - kontainer driver metadata @@ -19,8 +19,8 @@ pipeline: - uses: git-checkout with: repository: https://github.com/rancher/kontainer-driver-metadata/ - branch: release-v2.9 - expected-commit: 81bdce159b2986c89152a2ca28a9b8a3181ea3ab + branch: release-v2.10 + expected-commit: ff8d9bff7cdde065395f6bb67d4677d883b68bec - runs: | mkdir -p ${{targets.contextdir}}/var/lib/rancher-data/driver-metadata @@ -34,7 +34,7 @@ test: update: enabled: true - git: {} + git: schedule: period: daily reason: Commit at head of branch moves frequently diff --git a/rancher-partner-charts.yaml b/rancher-partner-charts.yaml index 6e0c9d49880..0739b249ff2 100644 --- a/rancher-partner-charts.yaml +++ b/rancher-partner-charts.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-partner-charts - version: 0_git20241126 + version: 0_git20241128 epoch: 0 description: Complete container management platform - partner charts copyright: @@ -19,7 +19,7 @@ pipeline: repository: https://github.com/rancher/partner-charts branch: main destination: ./charts - expected-commit: b6ae147976b22452f5597570056b69bacf4d1b22 + expected-commit: 8397fdb4c79258a955fe9776c58dab5e2f6d5dc4 - working-directory: ./charts runs: | diff --git a/rancher-rke2-charts.yaml b/rancher-rke2-charts.yaml index 871ed21d9db..610d27f9772 100644 --- a/rancher-rke2-charts.yaml +++ b/rancher-rke2-charts.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-rke2-charts - version: 0_git20241124 + version: 0_git20241128 epoch: 0 description: Complete container management platform - rke2 charts copyright: @@ -19,7 +19,7 @@ pipeline: repository: https://github.com/rancher/rke2-charts branch: main destination: ./charts - expected-commit: ea4da1db74e8c486172a417a766e40eb9d7bcef9 + expected-commit: d63cb45fa5eb804a9b649fa69f6f664607c43a16 - working-directory: ./charts runs: | diff --git a/rancher-system-charts-2.10.yaml b/rancher-system-charts-2.10.yaml index 2d1f538dd74..84b190ab500 100644 --- a/rancher-system-charts-2.10.yaml +++ b/rancher-system-charts-2.10.yaml @@ -1,7 +1,7 @@ #nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag package: name: rancher-system-charts-2.10 - version: 0_git20241126 + version: 0_git20241128 epoch: 0 description: Complete container management platform - system charts copyright: diff --git a/rancher-system-charts-2.9.yaml b/rancher-system-charts-2.9.yaml deleted file mode 100644 index f5f52546684..00000000000 --- a/rancher-system-charts-2.9.yaml +++ /dev/null @@ -1,39 +0,0 @@ -#nolint:git-checkout-must-use-github-updates,valid-pipeline-git-checkout-tag -package: - name: rancher-system-charts-2.9 - version: 0_git20241126 - epoch: 0 - description: Complete container management platform - system charts - copyright: - - license: Apache-2.0 - dependencies: - provides: - - rancher-system-charts=${{package.full-version}} - -environment: - contents: - packages: - - busybox - -pipeline: - - uses: git-checkout - with: - repository: https://github.com/rancher/system-charts - branch: release-v2.9 - destination: ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/system-library - expected-commit: 653a0337600f04df3a975106468a17bd64d6e1f9 - - - runs: rm -rf ${{targets.contextdir}}/var/lib/rancher-data/local-catalogs/system-library/.git - -test: - pipeline: - - runs: | - # check the expected files are available at the expected location at `/var/lib/rancher-data/local-catalogs/system-library/` - test -f /var/lib/rancher-data/local-catalogs/system-library/README.md - -update: - enabled: true - git: {} - schedule: - period: daily - reason: Commit at head of branch moves frequently diff --git a/renovate.yaml b/renovate.yaml index 405a1b83f3e..e2451f018bb 100644 --- a/renovate.yaml +++ b/renovate.yaml @@ -1,6 +1,6 @@ package: name: renovate - version: 39.31.3 + version: 39.36.0 epoch: 0 description: "Automated dependency updates. Multi-platform and multi-language." copyright: diff --git a/repmgr.yaml b/repmgr.yaml index b042aa6e5ee..cb7f3734864 100644 --- a/repmgr.yaml +++ b/repmgr.yaml @@ -1,7 +1,7 @@ package: name: repmgr version: 5.5.0 - epoch: 0 + epoch: 1 description: "A lightweight replication manager for PostgreSQL" copyright: - license: GPL-3.0-only @@ -70,6 +70,9 @@ subpackages: description: "compat package with bitnami/repmgr image" dependencies: runtime: + - busybox + - posix-libc-utils + - glibc-locale-en - curl - coreutils - bash diff --git a/rqlite.yaml b/rqlite.yaml index f62758f9c54..c9ca4e15dbb 100644 --- a/rqlite.yaml +++ b/rqlite.yaml @@ -1,6 +1,6 @@ package: name: rqlite - version: 8.34.2 + version: 8.34.3 epoch: 0 description: The lightweight, distributed relational database built on SQLite copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/rqlite/rqlite tag: v${{package.version}} - expected-commit: 2fd4158ec100c464ae8b02562eb440e5720a359d + expected-commit: 5f587c5724fff9da49d74aad19516bac0c37abb1 - runs: | # docker-entrypoint.sh: update hardcoded docker entrypoint diff --git a/rtmpdump.yaml b/rtmpdump.yaml index cdf017a3677..e2bf1626165 100644 --- a/rtmpdump.yaml +++ b/rtmpdump.yaml @@ -1,7 +1,7 @@ #nolint:valid-pipeline-git-checkout-tag package: name: rtmpdump - version: 2.6_git20241126 + version: 2.6_git20241128 epoch: 0 description: rtmpdump is a toolkit for RTMP streams copyright: diff --git a/ruby3.2-excon.yaml b/ruby3.2-excon.yaml index c2f4fda3611..12d91198dd5 100644 --- a/ruby3.2-excon.yaml +++ b/ruby3.2-excon.yaml @@ -1,7 +1,7 @@ # Generated from https://github.com/excon/excon package: name: ruby3.2-excon - version: 1.2.1 + version: 1.2.2 epoch: 0 description: EXtended http(s) CONnections copyright: @@ -21,7 +21,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/excon/excon - expected-commit: 239111877ffa6f56ccc6d8f43d0fae2dec17e164 + expected-commit: 0403dc0ffc589884b3ecd6aeed3cf7589fa68086 tag: v${{package.version}} - uses: ruby/build diff --git a/ruby3.2-faraday-net_http.yaml b/ruby3.2-faraday-net_http.yaml index 2a8a3e457e8..8e597cb7d6a 100644 --- a/ruby3.2-faraday-net_http.yaml +++ b/ruby3.2-faraday-net_http.yaml @@ -1,10 +1,13 @@ package: name: ruby3.2-faraday-net_http version: 3.4.0 - epoch: 0 + epoch: 1 description: Faraday adapter for Net::HTTP copyright: - license: MIT + dependencies: + runtime: + - ruby3.2-net-http environment: contents: @@ -42,7 +45,6 @@ test: contents: packages: - ruby3.2-faraday - - ruby3.2-net-http pipeline: # Users do not import this package directly, see the following for a deeper # explanation: https://github.com/lostisland/faraday-net_http/issues/25 diff --git a/ruby3.2-protocol-http.yaml b/ruby3.2-protocol-http.yaml index 7551014b364..607f9ba6ce4 100644 --- a/ruby3.2-protocol-http.yaml +++ b/ruby3.2-protocol-http.yaml @@ -1,6 +1,6 @@ package: name: ruby3.2-protocol-http - version: 0.45.0 + version: 0.47.0 epoch: 0 description: Provides abstractions to handle HTTP protocols. copyright: @@ -25,7 +25,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc + expected-commit: 9c8431041ee28d782e5d3ee70685bfcd15a38191 repository: https://github.com/socketry/protocol-http tag: v${{package.version}} diff --git a/ruby3.2-protocol-http2.yaml b/ruby3.2-protocol-http2.yaml index e8f1cd9c23d..a468c2303dc 100644 --- a/ruby3.2-protocol-http2.yaml +++ b/ruby3.2-protocol-http2.yaml @@ -1,6 +1,6 @@ package: name: ruby3.2-protocol-http2 - version: 0.20.0 + version: 0.21.0 epoch: 0 description: A low level implementation of the HTTP/2 protocol. copyright: @@ -27,7 +27,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: 76a6cda55ac572af57ae7d87e12dc297930c9d42 + expected-commit: 04362a916b5d6bd65c2a8982f2ed0583f1e02328 repository: https://github.com/socketry/protocol-http2 tag: v${{package.version}} diff --git a/ruby3.2-reline.yaml b/ruby3.2-reline.yaml index ca8660be54d..4e9612e45b1 100644 --- a/ruby3.2-reline.yaml +++ b/ruby3.2-reline.yaml @@ -1,7 +1,7 @@ # Generated from https://github.com/ruby/reline package: name: ruby3.2-reline - version: 0.5.11 + version: 0.5.12 epoch: 0 description: Alternative GNU Readline or Editline implementation by pure Ruby. copyright: @@ -26,7 +26,7 @@ pipeline: with: repository: https://github.com/ruby/reline.git tag: v${{package.version}} - expected-commit: 4d90743409fbfbe79ea5b70c862a03d66e202e52 + expected-commit: d4f6741e7eb942b5bf71b9c318492a4a79625c74 - uses: ruby/build with: diff --git a/ruby3.3-excon.yaml b/ruby3.3-excon.yaml index 0643ec8163e..6a5b7894a07 100644 --- a/ruby3.3-excon.yaml +++ b/ruby3.3-excon.yaml @@ -1,7 +1,7 @@ # Generated from https://github.com/excon/excon package: name: ruby3.3-excon - version: 1.2.1 + version: 1.2.2 epoch: 0 description: EXtended http(s) CONnections copyright: @@ -21,7 +21,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/excon/excon - expected-commit: 239111877ffa6f56ccc6d8f43d0fae2dec17e164 + expected-commit: 0403dc0ffc589884b3ecd6aeed3cf7589fa68086 tag: v${{package.version}} - uses: ruby/build diff --git a/ruby3.3-faraday-net_http.yaml b/ruby3.3-faraday-net_http.yaml index be0b7f3d665..06c67d7d15b 100644 --- a/ruby3.3-faraday-net_http.yaml +++ b/ruby3.3-faraday-net_http.yaml @@ -1,10 +1,13 @@ package: name: ruby3.3-faraday-net_http version: 3.4.0 - epoch: 0 + epoch: 1 description: Faraday adapter for Net::HTTP copyright: - license: MIT + dependencies: + runtime: + - ruby3.3-net-http environment: contents: @@ -42,7 +45,6 @@ test: contents: packages: - ruby3.3-faraday - - ruby3.3-net-http pipeline: # Users do not import this package directly, see the following for a deeper # explanation: https://github.com/lostisland/faraday-net_http/issues/25 diff --git a/ruby3.3-protocol-http.yaml b/ruby3.3-protocol-http.yaml index 27577847216..b29da6741c3 100644 --- a/ruby3.3-protocol-http.yaml +++ b/ruby3.3-protocol-http.yaml @@ -1,6 +1,6 @@ package: name: ruby3.3-protocol-http - version: 0.45.0 + version: 0.47.0 epoch: 0 description: Provides abstractions to handle HTTP protocols. copyright: @@ -25,7 +25,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: f0a9782fbe60eac3d8e057de33b585cc066774fc + expected-commit: 9c8431041ee28d782e5d3ee70685bfcd15a38191 repository: https://github.com/socketry/protocol-http tag: v${{package.version}} diff --git a/ruby3.3-protocol-http2.yaml b/ruby3.3-protocol-http2.yaml index 9a38be1fdaf..2d20d1ccf32 100644 --- a/ruby3.3-protocol-http2.yaml +++ b/ruby3.3-protocol-http2.yaml @@ -1,6 +1,6 @@ package: name: ruby3.3-protocol-http2 - version: 0.20.0 + version: 0.21.0 epoch: 0 description: A low level implementation of the HTTP/2 protocol. copyright: @@ -27,7 +27,7 @@ vars: pipeline: - uses: git-checkout with: - expected-commit: 76a6cda55ac572af57ae7d87e12dc297930c9d42 + expected-commit: 04362a916b5d6bd65c2a8982f2ed0583f1e02328 repository: https://github.com/socketry/protocol-http2 tag: v${{package.version}} diff --git a/ruby3.3-reline.yaml b/ruby3.3-reline.yaml index 2fa1283df54..1ee3e57e188 100644 --- a/ruby3.3-reline.yaml +++ b/ruby3.3-reline.yaml @@ -1,7 +1,7 @@ # Generated from https://github.com/ruby/reline package: name: ruby3.3-reline - version: 0.5.11 + version: 0.5.12 epoch: 0 description: Alternative GNU Readline or Editline implementation by pure Ruby. copyright: @@ -26,7 +26,7 @@ pipeline: with: repository: https://github.com/ruby/reline.git tag: v${{package.version}} - expected-commit: 4d90743409fbfbe79ea5b70c862a03d66e202e52 + expected-commit: d4f6741e7eb942b5bf71b9c318492a4a79625c74 - uses: ruby/build with: diff --git a/ruff.yaml b/ruff.yaml index bba5e215e3d..b31585391ac 100644 --- a/ruff.yaml +++ b/ruff.yaml @@ -1,6 +1,6 @@ package: name: ruff - version: 0.8.0 + version: 0.8.1 epoch: 0 description: An extremely fast Python linter, written in Rust. copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/astral-sh/ruff tag: ${{package.version}} - expected-commit: a90e404c3f010446ab8c18b4793c78834eeb65b7 + expected-commit: b3b2c982cdfb487bec7c38ca4e04cebbe0f1964e - runs: | cargo auditable build --release diff --git a/sftpgo.yaml b/sftpgo.yaml index daca6ae73e9..2fe7540e06e 100644 --- a/sftpgo.yaml +++ b/sftpgo.yaml @@ -1,6 +1,6 @@ package: name: sftpgo - version: 2.6.3 + version: 2.6.4 epoch: 0 description: "Full-featured and highly configurable SFTP, HTTP/S, FTP/S and WebDAV server - S3, Google Cloud Storage, Azure Blob" copyright: @@ -11,7 +11,7 @@ pipeline: with: repository: https://github.com/drakkan/sftpgo tag: v${{package.version}} - expected-commit: cf3e1d3ec0c3061a6ad629f0d6d5a48a2456b7c3 + expected-commit: 386448e6cbe47de3fad572fb3776aeda4b35d6ed - runs: | # Modify the default configuration file diff --git a/spark-3.5.yaml b/spark-3.5.yaml index 84f28d00251..c8a90c1ec03 100644 --- a/spark-3.5.yaml +++ b/spark-3.5.yaml @@ -1,7 +1,7 @@ package: name: spark-3.5 version: 3.5.3 - epoch: 4 + epoch: 5 description: Unified engine for large-scale data analytics copyright: - license: Apache-2.0 @@ -198,6 +198,9 @@ subpackages: - name: ${{package.name}}-bitnami-compat description: Bitnami compat for spark 3.5 + dependencies: + runtime: + - coreutils # needed for cp -nr command pipeline: - uses: bitnami/compat with: diff --git a/spiffe-helper.yaml b/spiffe-helper.yaml new file mode 100644 index 00000000000..d60550e443a --- /dev/null +++ b/spiffe-helper.yaml @@ -0,0 +1,42 @@ +package: + name: spiffe-helper + version: 0.9.0 + epoch: 0 + description: A helper utility for SPIFFE (Secure Production Identity Framework For Everyone) operations. + copyright: + - license: Apache-2.0 + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/spiffe/spiffe-helper.git + expected-commit: 71c089743733add8c6d36a3a15c12f1b16b9b21a + tag: v${{package.version}} + + - uses: go/build + with: + packages: "./cmd/spiffe-helper" + output: spiffe-helper + +subpackages: + - name: ${{package.name}}-compat + description: Compatibility package for spiffe-helper + pipeline: + - runs: | + mkdir -p ${{targets.subpkgdir}}/ + ln -sf /usr/bin/spiffe-helper "${{targets.subpkgdir}}"/spiffe-helper + test: + pipeline: + - name: stat on symlink + runs: stat /spiffe-helper + +update: + enabled: true + github: + identifier: spiffe/spiffe-helper + strip-prefix: v + +test: + pipeline: + - runs: | + spiffe-helper --help diff --git a/splunk-otel-collector.yaml b/splunk-otel-collector.yaml new file mode 100644 index 00000000000..f843000de49 --- /dev/null +++ b/splunk-otel-collector.yaml @@ -0,0 +1,59 @@ +package: + name: splunk-otel-collector + version: 0.113.0 + epoch: 0 + description: Splunk OpenTelemetry Collector is a distribution of the OpenTelemetry Collector. It provides a unified way to receive, process, and export metric, trace, and log data for Splunk Observability Cloud + copyright: + - license: Apache-2.0 + +environment: + contents: + packages: + - go + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/signalfx/splunk-otel-collector + tag: v${{package.version}} + expected-commit: afd65d06be2164c95fb50a9d6ab2f42af9e86383 + + - runs: go generate ./... + + - uses: go/build + with: + modroot: cmd/otelcol + packages: . + ldflags: -X github.com/signalfx/splunk-otel-collector/internal/version.Version=v${{package.version}} -X go.opentelemetry.io/collector/internal/version.Version=${{package.version}} + output: otelcol + +subpackages: + - name: ${{package.name}}-doc + description: Documentation for Splunk OTel Collector + pipeline: + - name: install-docs + runs: mkdir -p ${{targets.contextdir}}/usr/share mv docs "${{targets.contextdir}}/usr/share" + + - name: ${{package.name}}-migratecheckpoint + description: migrate checkpoint package + pipeline: + - uses: go/build + with: + modroot: cmd/migratecheckpoint + packages: . + ldflags: -X github.com/signalfx/splunk-otel-collector/internal/version.Version=v${{package.version}} -X go.opentelemetry.io/collector/internal/version.Version=${{package.version}} + output: migratecheckpoint + test: + pipeline: + - runs: migratecheckpoint --help + +update: + enabled: true + github: + identifier: signalfx/splunk-otel-collector + strip-prefix: v + +test: + pipeline: + - runs: otelcol --help + - runs: otelcol --version | grep ${{package.version}} diff --git a/sqlpad.yaml b/sqlpad.yaml index 46e6003c1b7..c25b3af4fcb 100644 --- a/sqlpad.yaml +++ b/sqlpad.yaml @@ -1,7 +1,7 @@ package: name: sqlpad version: 7.5.1 # when updating check the patch below as it contains dependency version updates which may downgrade if upstream upgrades them - epoch: 0 + epoch: 1 description: Web-based SQL editor. Legacy project in maintenance mode. copyright: - license: MIT @@ -27,6 +27,10 @@ pipeline: expected-commit: fe788bf1cd50072148e5a7e9db729bd62ee97dc2 tag: v${{package.version}} + - uses: patch + with: + patches: GHSA-3xgq-45jj-v275-fix-cross-spawn.patch + - working-directory: /home/build/server runs: | # Create "resolutions" section of package.json diff --git a/sqlpad/GHSA-3xgq-45jj-v275-fix-cross-spawn.patch b/sqlpad/GHSA-3xgq-45jj-v275-fix-cross-spawn.patch new file mode 100644 index 00000000000..b2c66c7132c --- /dev/null +++ b/sqlpad/GHSA-3xgq-45jj-v275-fix-cross-spawn.patch @@ -0,0 +1,51 @@ +diff --git a/client/yarn.lock b/client/yarn.lock +index 5ac7fb27d..1b73bdcc4 100644 +--- a/client/yarn.lock ++++ b/client/yarn.lock +@@ -910,9 +910,9 @@ convert-source-map@^2.0.0: + integrity sha512-Kvp459HrV2FEJ1CAsi1Ku+MY3kasH19TFykTz2xWmMeq6bk2NU3XXvfJ+Q61m0xktWwt+1HSYf3JZsTms3aRJg== + + cross-spawn@^7.0.2: +- version "7.0.3" +- resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" +- integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== ++ version "7.0.6" ++ resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" ++ integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== + dependencies: + path-key "^3.1.0" + shebang-command "^2.0.0" +diff --git a/server/yarn.lock b/server/yarn.lock +index 2f8350496..2189dacf1 100644 +--- a/server/yarn.lock ++++ b/server/yarn.lock +@@ -1345,9 +1345,9 @@ core-util-is@~1.0.0: + integrity sha512-ZQBvi1DcpJ4GDqanjucZ2Hj3wEO5pZDS89BWbkcrvdxksJorwUDDZamX9ldFkp9aw2lmBDLgkObEA4DWNJ9FYQ== + + cross-spawn@^7.0.0, cross-spawn@^7.0.2: +- version "7.0.3" +- resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" +- integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== ++ version "7.0.6" ++ resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" ++ integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== + dependencies: + path-key "^3.1.0" + shebang-command "^2.0.0" +diff --git a/yarn.lock b/yarn.lock +index 84ea979f1..7c4ac1e55 100644 +--- a/yarn.lock ++++ b/yarn.lock +@@ -57,9 +57,9 @@ commander@~12.1.0: + integrity sha512-Vw8qHK3bZM9y/P10u3Vib8o/DdkvA2OtPtZvD871QKjy74Wj1WSKFILMPRPSdUSx5RFK1arlJzEtA4PkFgnbuA== + + cross-spawn@^7.0.3: +- version "7.0.3" +- resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.3.tgz#f73a85b9d5d41d045551c177e2882d4ac85728a6" +- integrity sha512-iRDPJKUPVEND7dHPO8rkbOnPpyDygcDFtWjpeWNCgy8WP2rXcxXL8TskReQl6OrB2G7+UJrags1q15Fudc7G6w== ++ version "7.0.6" ++ resolved "https://registry.yarnpkg.com/cross-spawn/-/cross-spawn-7.0.6.tgz#8a58fe78f00dcd70c370451759dfbfaf03e8ee9f" ++ integrity sha512-uV2QOWP2nWzsy2aMp8aRibhi9dlzF5Hgh5SHaB9OiTGEyDTiJJyx0uy51QXdyWbtAHNua4XJzUKca3OzKUd3vA== + dependencies: + path-key "^3.1.0" + shebang-command "^2.0.0" diff --git a/terraform-provider-azurerm.yaml b/terraform-provider-azurerm.yaml index 7335e34891d..7cd75bc2031 100644 --- a/terraform-provider-azurerm.yaml +++ b/terraform-provider-azurerm.yaml @@ -1,6 +1,6 @@ package: name: terraform-provider-azurerm - version: 4.11.0 + version: 4.12.0 epoch: 0 description: Terraform provider for Azure Resource Manager copyright: @@ -14,7 +14,7 @@ package: pipeline: - uses: git-checkout with: - expected-commit: 391b16585e8d190054563615f7e96a01e03bb18e + expected-commit: 764d84dcbb987458e3a3c0f36dcb48d3d8936af9 repository: https://github.com/hashicorp/terraform-provider-azurerm tag: v${{package.version}} diff --git a/terragrunt.yaml b/terragrunt.yaml index aa51594ff07..146effd3228 100644 --- a/terragrunt.yaml +++ b/terragrunt.yaml @@ -1,6 +1,6 @@ package: name: terragrunt - version: 0.69.1 + version: 0.69.3 epoch: 0 description: Thin wrapper for Terraform providing extra tools copyright: @@ -21,7 +21,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: f3210dd7b2e5f3de19d8af8a1abe08a8c1f26b01 + expected-commit: d8313f9099d92500a008b1677c663253e82fcbd9 repository: https://github.com/gruntwork-io/terragrunt tag: v${{package.version}} diff --git a/tileserver-gl.yaml b/tileserver-gl.yaml index 5ffbc67c5f1..640e417dc42 100644 --- a/tileserver-gl.yaml +++ b/tileserver-gl.yaml @@ -1,7 +1,7 @@ package: name: tileserver-gl version: 5.0.0 - epoch: 3 + epoch: 4 description: Vector and raster maps with GL styles. Server side rendering by MapLibre GL Native. Map tile server for MapLibre GL JS, Android, iOS, Leaflet, OpenLayers, GIS via WMTS, etc. copyright: - license: BSD-2-Clause @@ -54,6 +54,8 @@ pipeline: tag: v${{package.version}} expected-commit: 6cda7a0b384940b781838be7415b2ae448edcd29 destination: app + cherry-picks: | + master/93f72c1fe7671429f234c853e81f202e635522e9: GHSA-3xgq-45jj-v275 fix. Bumps cross-spawn to fix version. # patch and install npm dependencies - uses: patch diff --git a/uv.yaml b/uv.yaml index cf38f010ddb..49a58d4a1b4 100644 --- a/uv.yaml +++ b/uv.yaml @@ -1,7 +1,7 @@ package: name: uv - version: 0.5.4 - epoch: 1 + version: 0.5.5 + epoch: 0 description: An extremely fast Python package installer and resolver, written in Rust. copyright: - license: MIT @@ -24,7 +24,7 @@ pipeline: with: repository: https://github.com/astral-sh/uv tag: ${{package.version}} - expected-commit: c62c83c37ada63eae4efb77551e2ec7a0f0113d8 + expected-commit: 95cd8b8b3fa299e652520e50322ad3f578544755 - uses: rust/cargobump diff --git a/wasm-tools.yaml b/wasm-tools.yaml index a70b8401d74..001910cfbee 100644 --- a/wasm-tools.yaml +++ b/wasm-tools.yaml @@ -1,6 +1,6 @@ package: name: wasm-tools - version: 1.220.0 + version: 1.221.0 epoch: 0 description: "Low level tooling for WebAssembly in Rust" copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/bytecodealliance/wasm-tools tag: v${{package.version}} - expected-commit: aab1ac81bb31762509b5ea4b39973070725b5d73 + expected-commit: 25787121be440eda96aa1b75fd36608333a316c0 - name: Configure and build runs: | diff --git a/wit-bindgen.yaml b/wit-bindgen.yaml index b9da47c6006..f8c32b64ee4 100644 --- a/wit-bindgen.yaml +++ b/wit-bindgen.yaml @@ -1,6 +1,6 @@ package: name: wit-bindgen - version: 0.35.0 + version: 0.36.0 epoch: 0 description: "A language binding generator for WebAssembly interface types" copyright: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/bytecodealliance/wit-bindgen tag: v${{package.version}} - expected-commit: af2d6e8d9086efbe00258bbdac4767a46ae9ee53 + expected-commit: d1387cc70f67c53e31e2668a30a1e4fc8bdcb95a - name: Configure and build runs: | diff --git a/wolfictl.yaml b/wolfictl.yaml index 8ba2cff5e5b..75127428d39 100644 --- a/wolfictl.yaml +++ b/wolfictl.yaml @@ -1,7 +1,7 @@ package: name: wolfictl version: 0.26.0 - epoch: 0 + epoch: 1 description: Helper CLI for managing Wolfi copyright: - license: Apache-2.0 @@ -13,6 +13,10 @@ pipeline: tag: v${{package.version}} expected-commit: f64935c37fb39fa2df31e6fe9838af2b00390eae + - uses: go/bump + with: + deps: github.com/cli/go-gh/v2@v2.11.1 + - uses: go/build with: packages: .