Skip to content

Commit

Permalink
apache-tika version stream and cve fix (#38207)
Browse files Browse the repository at this point in the history
<!---
Provide a short summary in the Title above. Examples of good PR titles:
* "ruby-3.1: new package"
* "haproxy: fix CVE-2014-123456"
-->

<!--
Please include references to any related issues or delete this section
otherwise.
 -->

Fixes:

Related:

### Pre-review Checklist

<!--
This checklist is mostly useful as a reminder of small things that can
easily be
forgotten – it is meant as a helpful tool rather than hoops to jump
through.

At the moment of this PR you have the most information on what all the
change
will affect, so please take the time to jot it down.

Put an `x` in all the items that apply, make notes next to any that
haven't been
addressed, and remove any items that are not relevant to this PR.

-->

#### For new package PRs only
<!-- remove if unrelated -->
- [ ] This PR is marked as fixing a pre-existing package request bug
- [ ] Alternatively, the PR is marked as related to a pre-existing
package request bug, such as a dependency
- [x] REQUIRED - The package is available under an OSI-approved or
FSF-approved license
- [x] REQUIRED - The version of the package is still receiving security
updates
- [ ] This PR links to the upstream project's support policy (e.g.
`endoflife.date`)

#### For new version streams
<!-- remove if unrelated -->
- [x] The upstream project actually supports multiple concurrent
versions.
- [ ] Any subpackages include the version string in their package name
(e.g. `name: ${{package.name}}-compat`)
- [ ] The package (and subpackages) `provides:` logical unversioned
forms of the package (e.g. `nodejs`, `nodejs-lts`)
- [ ] If non-streamed package names no longer built, open PR to withdraw
them (see [WITHDRAWING
PACKAGES](https://github.com/wolfi-dev/os/blob/main/WITHDRAWING_PACKAGES.md))

Signed-off-by: Batuhan Apaydin <[email protected]>
  • Loading branch information
developer-guy authored Dec 22, 2024
1 parent a52e0e7 commit 7bc59dd
Show file tree
Hide file tree
Showing 2 changed files with 12 additions and 1 deletion.
8 changes: 7 additions & 1 deletion apache-tika.yaml → apache-tika-3.0.yaml
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
package:
name: apache-tika
name: apache-tika-3.0
version: 3.0.0
epoch: 0
description: The Apache Tika toolkit detects and extracts metadata and text from over a thousand different file types (such as PPT, XLS, and PDF).
Expand Down Expand Up @@ -31,6 +31,11 @@ pipeline:
tag: ${{package.version}}
expected-commit: 9bcb38d6734ed9d5dcff617f316c535e844c68d1

- uses: maven/pombump
with:
patch-file: patches.yaml
pom: tika-parent/pom.xml

- runs: |
mvn clean install -am -DskipTests -Dossindex.skip
mkdir -p "${{targets.contextdir}}"/usr/share/java/
Expand All @@ -49,6 +54,7 @@ update:
github:
identifier: apache/tika
use-tag: true
tag-filter: v3.0.

test:
environment:
Expand Down
5 changes: 5 additions & 0 deletions apache-tika-3.0/patches.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
patches:
# CVE-2024-6763
- groupId: org.eclipse.jetty
artifactId: jetty-http
version: 12.0.12

0 comments on commit 7bc59dd

Please sign in to comment.