diff --git a/.github/workflows/build-world.yaml b/.github/workflows/build-world.yaml index 9e51922eec4..3a2b7a05d02 100644 --- a/.github/workflows/build-world.yaml +++ b/.github/workflows/build-world.yaml @@ -24,7 +24,7 @@ jobs: # permissions: container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 47defed7f33..5a89cc5c0d5 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,7 +29,7 @@ jobs: # permissions: container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined @@ -102,7 +102,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index 88a8623e6a1..d3967ed86d0 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -27,7 +27,7 @@ jobs: run: | # Copy wolfictl out of the wolfictl image and onto PATH TMP=$(mktemp -d) - docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac -c "cp /usr/bin/wolfictl /out" + docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d -c "cp /usr/bin/wolfictl /out" echo "$TMP" >> $GITHUB_PATH # Assuming that we have a list of changed files such as `foo.yaml` and `bar.yaml`, this @@ -58,7 +58,7 @@ jobs: group: wolfi-builder-${{ matrix.arch }} needs: changes container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --security-opt seccomp=unconfined --security-opt apparmor:unconfined outputs: @@ -142,7 +142,7 @@ jobs: name: "Scan packages for CVEs" runs-on: ubuntu-latest container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d needs: build if: needs.build.outputs.packages_were_built == 'true' diff --git a/.github/workflows/lint-world.yaml b/.github/workflows/lint-world.yaml index 2870c72b19b..22138a588a8 100644 --- a/.github/workflows/lint-world.yaml +++ b/.github/workflows/lint-world.yaml @@ -29,7 +29,7 @@ jobs: group: wolfi-os-builder-${{ matrix.arch }} container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/withdraw-packages.yaml b/.github/workflows/withdraw-packages.yaml index 1280a38e8a1..172e5db43c2 100644 --- a/.github/workflows/withdraw-packages.yaml +++ b/.github/workflows/withdraw-packages.yaml @@ -22,7 +22,7 @@ jobs: run: | # Copy wolfictl out of the wolfictl image and onto PATH TMP=$(mktemp -d) - docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac -c "cp /usr/bin/wolfictl /out" + docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d -c "cp /usr/bin/wolfictl /out" echo "$TMP" >> $GITHUB_PATH - name: 'Authenticate to Google Cloud' diff --git a/.github/workflows/wolfictl-check-update.yaml b/.github/workflows/wolfictl-check-update.yaml index e8fe54b610b..2f81b330183 100644 --- a/.github/workflows/wolfictl-check-update.yaml +++ b/.github/workflows/wolfictl-check-update.yaml @@ -29,7 +29,7 @@ jobs: - name: Check id: check if: ${{ steps.files.outputs.all_changed_files != '' }} - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/wolfictl-lint.yaml b/.github/workflows/wolfictl-lint.yaml index d97fb17f81e..c5cbe6a5faf 100644 --- a/.github/workflows/wolfictl-lint.yaml +++ b/.github/workflows/wolfictl-lint.yaml @@ -19,13 +19,13 @@ jobs: - uses: actions/checkout@v4 - name: Lint id: lint - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: lint --skip-rule no-makefile-entry-for-package - name: Enforce YAML formatting id: lint-yaml - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: lint yam diff --git a/.github/workflows/wolfictl-update-gh.yaml b/.github/workflows/wolfictl-update-gh.yaml index 85cb8dd7cf6..d51fe97cfb2 100644 --- a/.github/workflows/wolfictl-update-gh.yaml +++ b/.github/workflows/wolfictl-update-gh.yaml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: update https://github.com/${{github.repository}} --release-monitoring-query=false --github-labels request-version-update --github-labels "automated pr" diff --git a/.github/workflows/wolfictl-update-rm.yaml b/.github/workflows/wolfictl-update-rm.yaml index f7a0ad3d251..3a0186786c5 100644 --- a/.github/workflows/wolfictl-update-rm.yaml +++ b/.github/workflows/wolfictl-update-rm.yaml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: update https://github.com/${{github.repository}} --github-release-query=false --github-labels request-version-update --github-labels "automated pr" diff --git a/Makefile b/Makefile index c623babfe70..77692373890 100644 --- a/Makefile +++ b/Makefile @@ -91,7 +91,7 @@ dev-container: -v "${PWD}:${PWD}" \ -w "${PWD}" \ -e SOURCE_DATE_EPOCH=0 \ - ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d PACKAGES_CONTAINER_FOLDER ?= /work/packages TMP_REPOSITORIES_DIR := $(shell mktemp -d) @@ -156,6 +156,6 @@ dev-container-wolfi: --mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \ --mount type=bind,source="$(TMP_REPOSITORIES_FILE)",destination="/etc/apk/repositories",readonly \ -w "$(PACKAGES_CONTAINER_FOLDER)" \ - ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d @rm "$(TMP_REPOSITORIES_FILE)" @rmdir "$(TMP_REPOSITORIES_DIR)" diff --git a/aws-c-s3.yaml b/aws-c-s3.yaml index 2421b3dcd2b..968eb1adeac 100644 --- a/aws-c-s3.yaml +++ b/aws-c-s3.yaml @@ -1,6 +1,6 @@ package: name: aws-c-s3 - version: 0.3.23 + version: 0.3.24 epoch: 0 description: "AWS C99 library implementation for communicating with the S3 service" copyright: @@ -36,7 +36,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: cede7c1b8b5f2c459f1a6f5cbc2a119f001e7a4c1164e0efb1b22e7b9b5235bf + expected-sha256: 09803db4af98bba0af263434e2de432cdccdb3ab709411abba8e05d34840f815 uri: https://github.com/awslabs/aws-c-s3/archive/refs/tags/v${{package.version}}.tar.gz - runs: | diff --git a/aws-cli.yaml b/aws-cli.yaml index 9f0482d8cf0..4cfc17f727a 100644 --- a/aws-cli.yaml +++ b/aws-cli.yaml @@ -1,7 +1,7 @@ package: name: aws-cli - version: 1.29.84 - epoch: 1 + version: 1.29.85 + epoch: 0 description: "Universal Command Line Interface for Amazon Web Services" copyright: - license: Apache-2.0 @@ -33,7 +33,7 @@ pipeline: - uses: fetch with: uri: https://github.com/aws/aws-cli/archive/${{package.version}}.tar.gz - expected-sha256: adfb94cbf92fa46d343b56245a3955964696f88410aa96ce66ef255f24b736ac + expected-sha256: d8faf32a2bc002b4b85381fd74dbac37f409d8ca0bbe42a49f419921bec61aef - runs: | python3 setup.py build diff --git a/aws-crt-cpp.yaml b/aws-crt-cpp.yaml index 9823fac3cf5..b080fe12c02 100644 --- a/aws-crt-cpp.yaml +++ b/aws-crt-cpp.yaml @@ -1,6 +1,6 @@ package: name: aws-crt-cpp - version: 0.24.5 + version: 0.24.7 epoch: 0 description: "C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/awslabs/aws-crt-cpp tag: v${{package.version}} - expected-commit: a7fc0969ea3508e5aae01289cd17be9cdc98ffad + expected-commit: 1bdd7dc9ca877697265a6b3a4685f6b190b3b811 - runs: | if [ "$CBUILD" != "$CHOST" ]; then diff --git a/aws-for-fluent-bit.yaml b/aws-for-fluent-bit.yaml index 65420707df9..6daf741c93c 100644 --- a/aws-for-fluent-bit.yaml +++ b/aws-for-fluent-bit.yaml @@ -82,6 +82,8 @@ subpackages: - uses: strip update: + ignore-regex-patterns: + - ^\d+\.\d+.\d+\.\d+$ enabled: true github: identifier: aws/aws-for-fluent-bit diff --git a/crane.yaml b/crane.yaml index 83e2ab84996..cc580b22adc 100644 --- a/crane.yaml +++ b/crane.yaml @@ -1,7 +1,7 @@ package: name: crane version: 0.16.1 - epoch: 5 + epoch: 6 description: Tool for interacting with remote images and registries. copyright: - license: Apache-2.0 diff --git a/external-secrets-operator.yaml b/external-secrets-operator.yaml index c89be0d3969..68ca2fde43a 100644 --- a/external-secrets-operator.yaml +++ b/external-secrets-operator.yaml @@ -1,6 +1,6 @@ package: name: external-secrets-operator - version: 0.9.8 + version: 0.9.9 epoch: 0 description: Integrate external secret management systems with Kubernetes copyright: @@ -21,13 +21,9 @@ pipeline: with: repository: https://github.com/external-secrets/external-secrets tag: v${{package.version}} - expected-commit: c5d647bae1d3bbebb2f0d9c1ab1e3e3cbe869875 + expected-commit: 8b0fa87f301abd5ac2d15a45493aa4609e433772 - runs: | - # Mitigate CVE-2023-39325 and CVE-2023-3978 - go get golang.org/x/net@v0.17.0 - go mod tidy - make build-$(go env GOARCH) mkdir -p ${{targets.destdir}}/usr/bin install -m755 -D bin/external-secrets-$(go env GOOS)-$(go env GOARCH) "${{targets.destdir}}"/usr/bin/external-secrets diff --git a/gitlab-exporter.yaml b/gitlab-exporter.yaml index 5c97d0e166f..1d052653d4c 100644 --- a/gitlab-exporter.yaml +++ b/gitlab-exporter.yaml @@ -4,8 +4,8 @@ #nolint:git-checkout-must-use-github-updates package: name: gitlab-exporter - version: 13.4.1 - epoch: 1 + version: 13.5.0 + epoch: 0 description: GitLab Exporter is a Prometheus Web exporter. copyright: - license: MIT @@ -57,7 +57,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/ruby/gems/gitlab-exporter.git tag: v${{package.version}} - expected-commit: 590c4261bd09b341742ee5249225b3aaac421445 + expected-commit: 7d0f9c6e59bf0b8a387edcd2ce636ba5aeda0020 - uses: ruby/unlock-spec diff --git a/gst-plugins-base.yaml b/gst-plugins-base.yaml index de0b79be428..1612e8229ac 100644 --- a/gst-plugins-base.yaml +++ b/gst-plugins-base.yaml @@ -1,6 +1,6 @@ package: name: gst-plugins-base - version: 1.22.6 + version: 1.22.7 epoch: 0 description: GStreamer streaming media framework base plug-ins copyright: @@ -39,7 +39,7 @@ environment: pipeline: - uses: fetch with: - expected-sha512: b03b585c54f1ed2c143495b3d302f73d5fc4c2acd37360a510791d97ca73a895b6154d7205004418504e90b2bfebe51f84c7f55e99caca39b167d2f36dac677a + expected-sha512: a33d332aebf5e209380c2740e0fc6762e49b78a9921822adfc07efdd4780cbe038867d9924a2df334c8a624e8be49b5d46e276538d6d77ff8ac9f002ced052e3 uri: https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-${{package.version}}.tar.xz - runs: | diff --git a/gstreamer.yaml b/gstreamer.yaml index e769c60cf73..30a34581b4a 100644 --- a/gstreamer.yaml +++ b/gstreamer.yaml @@ -1,8 +1,8 @@ # Generated from https://git.alpinelinux.org/aports/plain/main/gstreamer/APKBUILD package: name: gstreamer - version: 1.22.6 - epoch: 1 + version: 1.22.7 + epoch: 0 description: GStreamer streaming media framework copyright: - license: LGPL-2.0-or-later @@ -28,7 +28,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: f500e6cfddff55908f937711fc26a0840de28a1e9ec49621c0b6f1adbd8f818e + expected-sha256: 01e42c6352a06bdfa4456e64b06ab7d98c5c487a25557c761554631cbda64217 uri: https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${{package.version}}.tar.xz - runs: | diff --git a/k8sgpt-operator.yaml b/k8sgpt-operator.yaml index a6bc0852980..30693652ff7 100644 --- a/k8sgpt-operator.yaml +++ b/k8sgpt-operator.yaml @@ -1,6 +1,6 @@ package: name: k8sgpt-operator - version: 0.0.22 + version: 0.0.23 epoch: 0 description: Automatic SRE Superpowers within your Kubernetes cluster copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://github.com/k8sgpt-ai/k8sgpt-operator tag: v${{package.version}} - expected-commit: f0ebd2888357293ec36eb75ec7153223ce4f914f + expected-commit: bb00c901103fd68182f5b13175452f3185c934d5 - uses: go/build with: diff --git a/k8sgpt.yaml b/k8sgpt.yaml index d1ce9399be3..863dff06126 100644 --- a/k8sgpt.yaml +++ b/k8sgpt.yaml @@ -1,6 +1,6 @@ package: name: k8sgpt - version: 0.3.19 + version: 0.3.21 epoch: 0 description: Giving Kubernetes Superpowers to everyone copyright: @@ -23,7 +23,7 @@ pipeline: with: repository: https://github.com/k8sgpt-ai/k8sgpt tag: v${{package.version}} - expected-commit: f4b361aed68e7c0547a08a4990e8e525a159ef86 + expected-commit: c78c4f0cb693f78cc3c0e95e49d832a14500a14e destination: k8sgpt - runs: | diff --git a/kor.yaml b/kor.yaml index 142fe48719b..a7e6d6c6334 100644 --- a/kor.yaml +++ b/kor.yaml @@ -1,6 +1,6 @@ package: name: kor - version: 0.2.7 + version: 0.2.8 epoch: 0 description: A Golang Tool to discover unused Kubernetes Resources copyright: @@ -11,7 +11,7 @@ pipeline: with: repository: https://github.com/yonahd/kor tag: v${{package.version}} - expected-commit: e74ae5709df28493104f9d906cc4dc6db6c983f6 + expected-commit: dec8161f811a3710916c3eb85d6e89272d6de0f7 - uses: go/build with: diff --git a/kube-fluentd-operator.yaml b/kube-fluentd-operator.yaml index eded87a76b2..59baa63fc5d 100644 --- a/kube-fluentd-operator.yaml +++ b/kube-fluentd-operator.yaml @@ -1,7 +1,7 @@ package: name: kube-fluentd-operator - version: 1.17.6 - epoch: 8 + version: 1.18.1 + epoch: 0 description: Auto-configuration of Fluentd daemon-set based on Kubernetes metadata copyright: - license: MIT @@ -35,7 +35,6 @@ environment: - wget - bash - go - # - shadow # https://github.com/javiercri/fluent-plugin-google-cloud/commit/619c813c265d51f4dd0b1cada3a07e615b47cdde vars: @@ -46,12 +45,12 @@ pipeline: with: repository: https://github.com/vmware/kube-fluentd-operator tag: v${{package.version}} - expected-commit: 818fbdd8e007f029bc32433d5ee138f43d653e73 + expected-commit: e568a6b2508153ee721bd22fc560338f6bad283d - runs: | echo 'gem: --no-rdoc --no-ri' >> ~/.gemrc - cd base-image + cd image GEM_DIR=${{targets.destdir}}$(ruby -e 'puts Gem.default_dir') mkdir -p ${GEM_DIR} bundle config set --local path ${GEM_DIR} @@ -84,6 +83,10 @@ pipeline: - uses: strip - runs: | + # makefile has moved to the root of the repo without any changes + # This may break in future versions TODO : Remove this when the makefile works again from root of repo + cp Makefile ./config-reloader + mkdir -p ${{targets.destdir}}/usr/bin cd config-reloader @@ -102,7 +105,7 @@ subpackages: - bash pipeline: - runs: | - cd base-image + cd image mkdir -p ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb cp entrypoint.sh ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb/ chmod +x ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb/entrypoint.sh @@ -111,7 +114,7 @@ subpackages: description: Default configuration for kube-fluentd-operator pipeline: - runs: | - cd base-image + cd image mkdir -p ${{targets.subpkgdir}}/etc/fluent cp failsafe.conf ${{targets.subpkgdir}}/etc/fluent/fluent.conf diff --git a/kubeflow-pipelines.yaml b/kubeflow-pipelines.yaml index 1eb32a70819..9fbcf052f60 100644 --- a/kubeflow-pipelines.yaml +++ b/kubeflow-pipelines.yaml @@ -1,7 +1,7 @@ package: name: kubeflow-pipelines version: 2.0.3 - epoch: 0 + epoch: 1 description: Machine Learning Pipelines for Kubeflow checks: disabled: @@ -155,6 +155,10 @@ subpackages: - name: "kubeflow-pipelines-frontend" description: "Kubeflow Pipelines frontend" + dependencies: + runtime: + - nodejs + - wget pipeline: - runs: | mkdir -p ${{targets.subpkgdir}}/server diff --git a/libpulsar.yaml b/libpulsar.yaml index 8008ce76b6e..b8ee5e65737 100644 --- a/libpulsar.yaml +++ b/libpulsar.yaml @@ -1,6 +1,6 @@ package: name: libpulsar - version: 3.3.0 + version: 3.4.0 epoch: 0 description: Optimizer and compiler/toolchain library for WebAssembly copyright: @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/apache/pulsar-client-cpp tag: v${{package.version}} - expected-commit: 79147b88207d95bcc4eb7fecb0b00946d385ddda + expected-commit: f337eff7caae93730ec1260810655cbb5a345e70 - uses: cmake/configure with: diff --git a/newrelic-infra-operator.yaml b/newrelic-infra-operator.yaml index 5cee5720220..0edffce8b38 100644 --- a/newrelic-infra-operator.yaml +++ b/newrelic-infra-operator.yaml @@ -1,6 +1,6 @@ package: name: newrelic-infra-operator - version: 0.12.0 + version: 0.13.0 epoch: 0 description: Newrelic kubernetes operator of infrastructure copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/newrelic/newrelic-infra-operator tag: v${{package.version}} - expected-commit: bb9ad058535ce20c5fd018b34ad4df68ed1d58c1 + expected-commit: ad0b09d4537a0cd3d766f99702e16e00feda3ea4 - runs: | make build diff --git a/newrelic-prometheus-configurator.yaml b/newrelic-prometheus-configurator.yaml index b370c788be5..86a9c4860ed 100644 --- a/newrelic-prometheus-configurator.yaml +++ b/newrelic-prometheus-configurator.yaml @@ -1,6 +1,6 @@ package: name: newrelic-prometheus-configurator - version: 1.9.0 + version: 1.10.0 epoch: 0 description: New Relic Prometheus Configurator target-architecture: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/newrelic/newrelic-prometheus-configurator tag: v${{package.version}} - expected-commit: e03c2868cd3c733603d6ffaa41d4c5513e1addae + expected-commit: 700e9dcaf71109960e1e78031e03312d140e2e61 - runs: | GOOS=$(go env GOOS) diff --git a/nri-kafka.yaml b/nri-kafka.yaml index c781a6d9ab1..3c74fac7e27 100644 --- a/nri-kafka.yaml +++ b/nri-kafka.yaml @@ -1,7 +1,7 @@ package: name: nri-kafka - version: 3.4.9 - epoch: 1 + version: 3.6.0 + epoch: 0 description: New Relic Infrastructure Kafka Integration copyright: - license: MIT @@ -14,7 +14,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/newrelic/nri-kafka - expected-commit: 943d8fe97699afd751b7b6cdde3be6b1281ec76f + expected-commit: 4d44eac8982e2f55448bd02b3594672e1279fb9c tag: v${{package.version}} - uses: go/build @@ -23,8 +23,6 @@ pipeline: packages: ./src/ output: nri-kafka ldflags: -w - # GHSA-qppj-fm5r-hxr3, GHSA-4374-p667-p6c8 and GHSA-2wrh-6pvc-2jm9 - deps: golang.org/x/net@v0.17.0 - runs: | mkdir -p "${{targets.destdir}}"/etc/newrelic-infra/integrations.d diff --git a/nri-kubernetes.yaml b/nri-kubernetes.yaml index 625821ed6fd..37079a67ee9 100644 --- a/nri-kubernetes.yaml +++ b/nri-kubernetes.yaml @@ -1,6 +1,6 @@ package: name: nri-kubernetes - version: 3.19.0 + version: 3.20.0 epoch: 0 description: New Relic integration for Kubernetes copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/newrelic/nri-kubernetes tag: v${{package.version}} - expected-commit: ecdb45816012a8ff9c2a938150f59ddc9475f3ce + expected-commit: cedfbc074f02a3d5d2f6d27962220ff7160ba071 - runs: | # Our global LDFLAGS conflict with a Makefile parameter diff --git a/nsc.yaml b/nsc.yaml index 6ee54e981e7..8d6818625e0 100644 --- a/nsc.yaml +++ b/nsc.yaml @@ -1,6 +1,6 @@ package: name: nsc - version: 2.8.3 + version: 2.8.4 epoch: 0 description: Tool for creating nkey/jwt based configurations copyright: diff --git a/numpy.yaml b/numpy.yaml index f06f63d53a9..fb7dc06a72d 100644 --- a/numpy.yaml +++ b/numpy.yaml @@ -1,7 +1,7 @@ package: name: numpy - version: 1.26.1 - epoch: 1 + version: 1.26.2 + epoch: 0 description: "The fundamental package for scientific computing with Python." copyright: - license: BSD-3-Clause @@ -31,7 +31,7 @@ pipeline: with: repository: https://github.com/numpy/numpy tag: v${{package.version}} - expected-commit: 411a55b9ec084c3315fe5f199351c31d0eb3c352 + expected-commit: 03b62604eead0f7d279a5a4c094743eb29647368 - runs: | git submodule update --init diff --git a/php-igbinary.yaml b/php-8.1-igbinary.yaml similarity index 54% rename from php-igbinary.yaml rename to php-8.1-igbinary.yaml index e5efc759041..0b4f710596f 100644 --- a/php-igbinary.yaml +++ b/php-8.1-igbinary.yaml @@ -1,5 +1,5 @@ package: - name: php-igbinary + name: php-8.1-igbinary version: 3.2.14 epoch: 0 description: "Igbinary is a drop in replacement for the standard php serializer." @@ -7,16 +7,19 @@ package: - license: BSD-3-Clause dependencies: runtime: - - php + - ${{package.name}}-config + - php-8.1 + provides: + - php-igbinary=${{package.full-version}} environment: contents: packages: - - build-base - autoconf + - build-base - busybox - - php - - php-dev + - php-8.1 + - php-8.1-dev pipeline: - uses: git-checkout @@ -40,6 +43,24 @@ pipeline: set -x INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-igbinary-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + + - name: ${{package.name}}-dev + description: PHP 8.1 igbinary development headers + dependencies: + provides: + - php-igbinary-dev=${{package.full-version}} + pipeline: + - uses: split/dev + update: enabled: true github: diff --git a/php-redis.yaml b/php-8.1-redis.yaml similarity index 51% rename from php-redis.yaml rename to php-8.1-redis.yaml index c497b21999c..5cf3a0c4c9f 100644 --- a/php-redis.yaml +++ b/php-8.1-redis.yaml @@ -1,5 +1,5 @@ package: - name: php-redis + name: php-8.1-redis version: 5.3.7 epoch: 0 description: "A PHP extension for Redis" @@ -7,16 +7,21 @@ package: - license: PHP-3.01 dependencies: runtime: - - php + - ${{package.name}}-config + - php-8.1 + - php-8.1-igbinary + provides: + - php-redis=${{package.full-version}} environment: contents: packages: - - build-base - autoconf + - build-base - busybox - - php - - php-dev + - php-8.1 + - php-8.1-dev + - php-8.1-igbinary-dev - php-igbinary pipeline: @@ -38,6 +43,24 @@ pipeline: runs: | INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-redis-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + + - name: ${{package.name}}-dev + description: PHP 8.1 redis development headers + dependencies: + provides: + - php-redis-dev=${{package.full-version}} + pipeline: + - uses: split/dev + update: enabled: true github: diff --git a/php-8.2-igbinary.yaml b/php-8.2-igbinary.yaml new file mode 100644 index 00000000000..7a7ecd8d105 --- /dev/null +++ b/php-8.2-igbinary.yaml @@ -0,0 +1,67 @@ +package: + name: php-8.2-igbinary + version: 3.2.14 + epoch: 0 + description: "Igbinary is a drop in replacement for the standard php serializer." + copyright: + - license: BSD-3-Clause + dependencies: + runtime: + - ${{package.name}}-config + - php-8.2 + provides: + - php-igbinary=${{package.full-version}} + +environment: + contents: + packages: + - autoconf + - build-base + - busybox + - php-8.2 + - php-8.2-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/igbinary/igbinary + tag: ${{package.version}} + expected-commit: 102ad68159791e76667f8455cbc171e6ec78253c + + - name: Prepare build + runs: phpize + + - name: Configure + runs: | + set -x + ./configure CFLAGS="-O2 -g" --enable-igbinary + + - uses: autoconf/make + + - name: Make install + runs: | + set -x + INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install + +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-igbinary-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + + - name: ${{package.name}}-dev + description: PHP 8.2 igbinary development headers + dependencies: + provides: + - php-igbinary-dev=${{package.full-version}} + pipeline: + - uses: split/dev + +update: + enabled: true + github: + identifier: igbinary/igbinary diff --git a/php-8.2-redis.yaml b/php-8.2-redis.yaml new file mode 100644 index 00000000000..754b69851e9 --- /dev/null +++ b/php-8.2-redis.yaml @@ -0,0 +1,66 @@ +package: + name: php-8.2-redis + version: 5.3.7 + epoch: 0 + description: "A PHP extension for Redis" + copyright: + - license: PHP-3.01 + dependencies: + runtime: + - ${{package.name}}-config + - php-8.2 + - php-8.2-igbinary + provides: + - php-redis=${{package.full-version}} + +environment: + contents: + packages: + - autoconf + - build-base + - busybox + - php-8.2 + - php-8.2-dev + - php-8.2-igbinary-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/phpredis/phpredis + tag: ${{package.version}} + expected-commit: 98d64ba86f37d2d3048500461f50b05f302f36ea + + - name: Prepare build + runs: phpize + + - name: Configure + runs: ./configure --enable-redis-igbinary + + - uses: autoconf/make + + - name: Make install + runs: | + INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install + +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-redis-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + + - name: ${{package.name}}-dev + description: PHP 8.2 redis development headers + dependencies: + provides: + - php-redis-dev=${{package.full-version}} + pipeline: + - uses: split/dev + +update: + enabled: true + github: + identifier: phpredis/phpredis diff --git a/prometheus-node-exporter.yaml b/prometheus-node-exporter.yaml index 5e255e39410..cd8cad8c155 100644 --- a/prometheus-node-exporter.yaml +++ b/prometheus-node-exporter.yaml @@ -1,7 +1,7 @@ package: name: prometheus-node-exporter - version: 1.6.1 - epoch: 6 + version: 1.7.0 + epoch: 0 description: Prometheus Exporter for machine metrics copyright: - license: Apache-2.0 @@ -21,13 +21,9 @@ pipeline: with: repository: https://github.com/prometheus/node_exporter tag: v${{package.version}} - expected-commit: 4a1b77600c1873a8233f3ffb55afcedbb63b8d84 + expected-commit: 7333465abf9efba81876303bb57e6fadb946041b - runs: | - # Handle CVE-2023-39325 and CVE-2023-3978 - go get golang.org/x/net@v0.17.0 - go mod tidy - make build - runs: | diff --git a/pulumi-language-yaml.yaml b/pulumi-language-yaml.yaml index 8eb6907c48e..7e61be5761e 100644 --- a/pulumi-language-yaml.yaml +++ b/pulumi-language-yaml.yaml @@ -1,6 +1,6 @@ package: name: pulumi-language-yaml - version: 1.4.0 + version: 1.4.1 epoch: 0 description: Pulumi Language SDK for YAML copyright: @@ -20,7 +20,7 @@ pipeline: repository: https://github.com/pulumi/pulumi-yaml.git tag: v${{package.version}} destination: ${{package.name}} - expected-commit: 474812dc643a518a1687d627a2c84a22da5337d9 + expected-commit: f2c39510d365ce5f8b7e745c266253ac3a45871a - working-directory: ${{package.name}} pipeline: diff --git a/py3-botocore.yaml b/py3-botocore.yaml index 32b84bb1ed2..8b39a4d4c8e 100644 --- a/py3-botocore.yaml +++ b/py3-botocore.yaml @@ -1,7 +1,7 @@ package: name: py3-botocore - version: 1.31.84 - epoch: 1 + version: 1.31.85 + epoch: 0 description: "The low-level, core functionality of Boto3" copyright: - license: Apache-2.0 @@ -27,7 +27,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz - expected-sha256: 8913bedb96ad0427660dee083aeaa675466eb662bbf1a47781956b5882aadcc5 + expected-sha256: ce58e688222df73ec5691f934be1a2122a52c9d11d3037b586b3fff16ed6d25f - runs: | python3 setup.py build diff --git a/py3-keyring.yaml b/py3-keyring.yaml index 621a44cf247..2425e70c0f1 100644 --- a/py3-keyring.yaml +++ b/py3-keyring.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/keyring/ package: name: py3-keyring - version: 24.2.0 - epoch: 2 + version: 24.3.0 + epoch: 0 description: Store and access your passwords safely. copyright: - license: "MIT" @@ -33,7 +33,7 @@ pipeline: with: repository: https://github.com/jaraco/keyring tag: v${{package.version}} - expected-commit: 9b5c554f47886b0c37d3c8551f8490628883a4a1 + expected-commit: 9056f4ac3c3d20fb1cb3648b02bf9607bb49995d - name: Python Build uses: python/build-wheel diff --git a/py3-openai.yaml b/py3-openai.yaml index 11a6655a6f8..b370910af6c 100644 --- a/py3-openai.yaml +++ b/py3-openai.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/openai/ package: name: py3-openai - version: 1.2.3 - epoch: 1 + version: 1.2.4 + epoch: 0 description: Python client library for the OpenAI API copyright: - license: MIT @@ -36,7 +36,7 @@ pipeline: with: repository: https://github.com/openai/openai-python.git tag: v${{package.version}} - expected-commit: 4948308f37ecd9872708f42dc0f92dc5ab5ab4d8 + expected-commit: 65e29a2efa455a06deb59e243f27796c4ca2254c - name: Python Build uses: python/build-wheel diff --git a/py3-pydantic.yaml b/py3-pydantic.yaml index 31e2461d5a0..f5b6c3590d5 100644 --- a/py3-pydantic.yaml +++ b/py3-pydantic.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/pydantic/ package: name: py3-pydantic - version: 2.4.2 - epoch: 1 + version: 2.5.0 + epoch: 0 description: Data validation using Python type hints copyright: - license: "MIT" @@ -28,7 +28,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: d1634da7d9cce1f91ae6f76bd3379b776b7de6da + expected-commit: d465ec5542a611ffefab45736859f37b0b251eb8 repository: https://github.com/pydantic/pydantic tag: v${{package.version}} diff --git a/py3-trove-classifiers.yaml b/py3-trove-classifiers.yaml index f216551031f..93dd14f132c 100644 --- a/py3-trove-classifiers.yaml +++ b/py3-trove-classifiers.yaml @@ -1,6 +1,6 @@ package: name: py3-trove-classifiers - version: 2023.10.18 + version: 2023.11.9 epoch: 0 description: Canonical source for classifiers on PyPI (pypi.org). copyright: @@ -24,7 +24,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/pypa/trove-classifiers - expected-commit: a7fc27d66af273d34118200539bd01f0aa303b17 + expected-commit: 44d951c034ccd282101e0749dfaa5047e550d9c3 tag: ${{package.version}} - name: Python Build diff --git a/py3-urllib3.yaml b/py3-urllib3.yaml index d48fc9e3b94..0c682d1f506 100644 --- a/py3-urllib3.yaml +++ b/py3-urllib3.yaml @@ -1,6 +1,6 @@ package: name: py3-urllib3 - version: 2.0.7 + version: 2.1.0 epoch: 0 description: "HTTP library with thread-safe connection pooling, file post, and more" copyright: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/urllib3/urllib3.git tag: ${{package.version}} - expected-commit: 56f01e088dc006c03d4ee6ea9da4ab810f1ed700 + expected-commit: 69be2992f8a25a1f27e49f339e4d5b98dec07462 - runs: | # This is needed to work around the error "ValueError: ZIP does not support timestamps before 1980" diff --git a/ruby-3.3.yaml b/ruby-3.3.yaml index 693dde6da8a..e65913fb92e 100644 --- a/ruby-3.3.yaml +++ b/ruby-3.3.yaml @@ -1,6 +1,6 @@ package: name: ruby-3.3 - version: 3.3.0_p2 + version: 3.3.0_p3 epoch: 0 description: "the Ruby programming language" copyright: @@ -35,8 +35,8 @@ vars: pipeline: - uses: fetch with: - uri: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-preview2.tar.gz - expected-sha256: 30ce8b0fe11b37b5ac088f5a5765744b935eac45bb89a9e381731533144f5991 + uri: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-preview3.tar.gz + expected-sha256: 0969141be92e67e0edb84a8fb354acc98f01bd78e602a23a0f136045c82f4809 - name: Configure runs: | diff --git a/ruby3.2-net-imap.yaml b/ruby3.2-net-imap.yaml index 8b5141946a7..aeaa135d4df 100644 --- a/ruby3.2-net-imap.yaml +++ b/ruby3.2-net-imap.yaml @@ -1,6 +1,6 @@ package: name: ruby3.2-net-imap - version: 0.4.4 + version: 0.4.5 epoch: 0 description: Ruby client api for Internet Message Access Protocol copyright: @@ -24,7 +24,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: cf6b92feaacbe44550a0734e3a4e7dbe7d5ccdc00610f6cd33b4f95dbf05d2ee + expected-sha256: 5f3905be64869de0819008b585590b23f45ebe0d2ba13680528d14ef84ffde32 uri: https://github.com/ruby/net-imap/archive/refs/tags/v${{package.version}}.tar.gz - uses: ruby/build diff --git a/shared-mime-info.yaml b/shared-mime-info.yaml index 85cea76a8bb..1a7ea83f6ea 100644 --- a/shared-mime-info.yaml +++ b/shared-mime-info.yaml @@ -1,6 +1,6 @@ package: name: shared-mime-info - version: "2.3" + version: "2.4" epoch: 0 description: Freedesktop.org Shared MIME Info copyright: @@ -25,7 +25,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 78eb7d0d6874e2116649067100d72e0d363eb6a51227797140dad3bd5643e6a9 + expected-sha256: 531291d0387eb94e16e775d7e73788d06d2b2fdd8cd2ac6b6b15287593b6a2de uri: https://gitlab.freedesktop.org/xdg/shared-mime-info/-/archive/${{package.version}}/shared-mime-info-${{package.version}}.tar.gz - uses: meson/configure diff --git a/socat.yaml b/socat.yaml index a263e338205..4689d893c47 100644 --- a/socat.yaml +++ b/socat.yaml @@ -1,6 +1,6 @@ package: name: socat - version: 1.7.4.4 + version: 1.8.0.0 epoch: 0 description: Multipurpose relay for binary protocols copyright: @@ -21,7 +21,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 0f8f4b9d5c60b8c53d17b60d79ababc4a0f51b3bb6d2bd3ae8a6a4b9d68f195e + expected-sha256: 6010f4f311e5ebe0e63c77f78613d264253680006ac8979f52b0711a9a231e82 uri: http://www.dest-unreach.org/socat/download/socat-${{package.version}}.tar.gz - uses: patch diff --git a/spire-server.yaml b/spire-server.yaml index e078efbaed2..0880caf7696 100644 --- a/spire-server.yaml +++ b/spire-server.yaml @@ -1,7 +1,7 @@ package: name: spire-server version: 1.8.4 - epoch: 0 + epoch: 1 description: The SPIFFE Runtime Environment (SPIRE) server copyright: - license: Apache-2.0 @@ -47,6 +47,10 @@ pipeline: echo ${goversion} > .go-version cat .go-version + # Mitigate CVE-2023-46737 + go get github.com/sigstore/cosign/v2@v2.2.1 + go mod tidy + make bin/spire-agent make bin/spire-server make bin/oidc-discovery-provider diff --git a/temporal-ui-server.yaml b/temporal-ui-server.yaml index 40f11f287ee..a25e229fa62 100644 --- a/temporal-ui-server.yaml +++ b/temporal-ui-server.yaml @@ -1,7 +1,7 @@ package: name: temporal-ui-server version: 2.21.3 - epoch: 0 + epoch: 1 description: Golang Server for https://github.com/temporalio/ui copyright: - license: MIT License @@ -45,6 +45,8 @@ subpackages: mkdir -p ${{targets.subpkgdir}}/home/ui-server/config cp docker/config-template.yaml ${{targets.subpkgdir}}/home/ui-server/ + ln -s /usr/bin/ui-server ${{targets.subpkgdir}}/home/ui-server/ui-server + update: enabled: true github: diff --git a/tflint.yaml b/tflint.yaml index 5298a1a0507..aa55a540117 100644 --- a/tflint.yaml +++ b/tflint.yaml @@ -1,7 +1,7 @@ package: name: tflint - version: 0.48.0 - epoch: 3 + version: 0.49.0 + epoch: 0 description: A Pluggable Terraform Linter copyright: - license: MPL 2.0 @@ -19,7 +19,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/terraform-linters/tflint - expected-commit: c88c0175d0fe5b4255450119a69f62a269beff89 + expected-commit: 636f198be18bbf00307f7a1dbc143fb7123f0b5d tag: v${{package.version}} - runs: | diff --git a/tigerbeetle.yaml b/tigerbeetle.yaml index b16b26d20b4..f64cc5d184d 100644 --- a/tigerbeetle.yaml +++ b/tigerbeetle.yaml @@ -1,6 +1,6 @@ package: name: tigerbeetle - version: 0.14.160 + version: 0.14.164 epoch: 0 description: "The distributed financial accounting database designed for mission critical safety and performance." copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/tigerbeetledb/tigerbeetle tag: ${{package.version}} - expected-commit: 47c03651ff08ee547b4baefda1b5b40f7f95e191 + expected-commit: 10c34968e7bb1d8b64f759dfabbcccaedb0a9f28 - runs: | # cpu values from here: https://github.com/tigerbeetle/tigerbeetle/blob/2ab9fd620e53a6d61cb119e48ece4008bedd777d/tools/docker/Dockerfile#L30C79-L30C92 diff --git a/timoni.yaml b/timoni.yaml index 83a3c1fa05a..9d2c1145815 100644 --- a/timoni.yaml +++ b/timoni.yaml @@ -1,6 +1,6 @@ package: name: timoni - version: 0.15.0 + version: 0.16.0 epoch: 0 description: Timoni is a package manager for Kubernetes, powered by CUE and inspired by Helm. copyright: @@ -17,15 +17,13 @@ pipeline: with: repository: https://github.com/stefanprodan/timoni tag: v${{package.version}} - expected-commit: c1caaf566de0cacb3936a7b5764d9c7701a0c3b4 + expected-commit: 98b0744539d52a26d12fdd44b29c2e9fdcd0b0e3 - uses: go/build with: packages: ./cmd/timoni output: timoni ldflags: -s -w -X main.VERSION=${{package.version}} - # Mitigate CVE-2023-39325 and CVE-2023-3978 - deps: golang.org/x/net@v0.17.0 - uses: strip diff --git a/vala.yaml b/vala.yaml index 90b00f8d21b..0a39091cebb 100644 --- a/vala.yaml +++ b/vala.yaml @@ -1,6 +1,6 @@ package: name: vala - version: 0.56.13 + version: 0.56.14 epoch: 0 description: Compiler for the GObject type system copyright: @@ -25,7 +25,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 4988223036c7e1e4874c476d0de8bd9cbe500ee25ef19a76e560dc0b6d56ae07 + expected-sha256: 9382c268ca9bdc02aaedc8152a9818bf3935273041f629c56de410e360a3f557 uri: https://download.gnome.org/sources/vala/0.56/vala-${{package.version}}.tar.xz - uses: autoconf/configure diff --git a/varnish.yaml b/varnish.yaml index 6c6cad623d3..47422c6fe20 100644 --- a/varnish.yaml +++ b/varnish.yaml @@ -1,6 +1,6 @@ package: name: varnish - version: "7.4.1" + version: 7.4.2 epoch: 0 description: "Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy" copyright: @@ -29,7 +29,7 @@ pipeline: with: repository: https://github.com/varnishcache/varnish-cache tag: varnish-${{package.version}} - expected-commit: d5a5aa9cc879320840ca467ddbb7df0f99c9ba0f + expected-commit: cd1d10ab53a6f6115b2b4f3b2a1da94c1f749f80 - runs: autoreconf -vif diff --git a/vim.yaml b/vim.yaml index 26f788dedc4..1cb496f9321 100644 --- a/vim.yaml +++ b/vim.yaml @@ -1,7 +1,7 @@ package: name: vim - version: 9.0.2100 - epoch: 1 + version: 9.0.2103 + epoch: 0 description: "Improved vi-style text editor" copyright: - license: Vim @@ -21,7 +21,7 @@ pipeline: - uses: fetch with: uri: https://github.com/vim/vim/archive/v${{package.version}}.tar.gz - expected-sha256: 01e08b3234a357f6b17e80a695390ed537b50d10b9c95bf5b1ec9182e2c0725c + expected-sha256: 92b420ff634a4c63a959c65ea07fc516ba9844e658648705a48c4c7b911b302e - runs: | # vim seems to manually set FORTIFY_SOURCE=1, and setting both breaks the build diff --git a/withdrawn-packages.txt b/withdrawn-packages.txt index 6397a9f4a2f..4b44638e001 100644 --- a/withdrawn-packages.txt +++ b/withdrawn-packages.txt @@ -216,3 +216,6 @@ aws-c-common-dev-0.9.9-r0.apk py3-awscrt-0.19.12-r0.apk geos-3.12.1-r0.apk geos-dev-3.12.1-r0.apk + +php-igbinary-3.2.14-r0 +php-redis-5.3.7-r0 diff --git a/wolfictl.yaml b/wolfictl.yaml index ccb6ed356ff..d06eea0158e 100644 --- a/wolfictl.yaml +++ b/wolfictl.yaml @@ -1,6 +1,6 @@ package: name: wolfictl - version: 0.8.3 + version: 0.8.5 epoch: 0 description: Helper CLI for managing Wolfi copyright: @@ -15,7 +15,7 @@ pipeline: with: repository: https://github.com/wolfi-dev/wolfictl tag: v${{package.version}} - expected-commit: 41020b97bc7cd23b5157b7d440e783cc40b172f8 + expected-commit: 2e01fe0f64aaf1faf5aa13763f980b74a5a977f9 destination: wolfictl - uses: go/build