From e8f2d9c8c76e55dcb4d203d94c8a9cfde88baa0f Mon Sep 17 00:00:00 2001 From: debasishbsws Date: Sat, 11 Nov 2023 13:55:06 +0530 Subject: [PATCH 01/54] Package update to 1.18.1 Signed-off-by: debasishbsws --- kube-fluentd-operator.yaml | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/kube-fluentd-operator.yaml b/kube-fluentd-operator.yaml index eded87a76b2..59baa63fc5d 100644 --- a/kube-fluentd-operator.yaml +++ b/kube-fluentd-operator.yaml @@ -1,7 +1,7 @@ package: name: kube-fluentd-operator - version: 1.17.6 - epoch: 8 + version: 1.18.1 + epoch: 0 description: Auto-configuration of Fluentd daemon-set based on Kubernetes metadata copyright: - license: MIT @@ -35,7 +35,6 @@ environment: - wget - bash - go - # - shadow # https://github.com/javiercri/fluent-plugin-google-cloud/commit/619c813c265d51f4dd0b1cada3a07e615b47cdde vars: @@ -46,12 +45,12 @@ pipeline: with: repository: https://github.com/vmware/kube-fluentd-operator tag: v${{package.version}} - expected-commit: 818fbdd8e007f029bc32433d5ee138f43d653e73 + expected-commit: e568a6b2508153ee721bd22fc560338f6bad283d - runs: | echo 'gem: --no-rdoc --no-ri' >> ~/.gemrc - cd base-image + cd image GEM_DIR=${{targets.destdir}}$(ruby -e 'puts Gem.default_dir') mkdir -p ${GEM_DIR} bundle config set --local path ${GEM_DIR} @@ -84,6 +83,10 @@ pipeline: - uses: strip - runs: | + # makefile has moved to the root of the repo without any changes + # This may break in future versions TODO : Remove this when the makefile works again from root of repo + cp Makefile ./config-reloader + mkdir -p ${{targets.destdir}}/usr/bin cd config-reloader @@ -102,7 +105,7 @@ subpackages: - bash pipeline: - runs: | - cd base-image + cd image mkdir -p ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb cp entrypoint.sh ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb/ chmod +x ${{targets.subpkgdir}}/var/lib/kube-fluentd-operator/initdb/entrypoint.sh @@ -111,7 +114,7 @@ subpackages: description: Default configuration for kube-fluentd-operator pipeline: - runs: | - cd base-image + cd image mkdir -p ${{targets.subpkgdir}}/etc/fluent cp failsafe.conf ${{targets.subpkgdir}}/etc/fluent/fluent.conf From 68bc6857121ebdccb39004ff58ef7522d2c2726d Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 10:07:31 +0000 Subject: [PATCH 02/54] shared-mime-info/2.4 package update --- shared-mime-info.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/shared-mime-info.yaml b/shared-mime-info.yaml index 85cea76a8bb..1a7ea83f6ea 100644 --- a/shared-mime-info.yaml +++ b/shared-mime-info.yaml @@ -1,6 +1,6 @@ package: name: shared-mime-info - version: "2.3" + version: "2.4" epoch: 0 description: Freedesktop.org Shared MIME Info copyright: @@ -25,7 +25,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 78eb7d0d6874e2116649067100d72e0d363eb6a51227797140dad3bd5643e6a9 + expected-sha256: 531291d0387eb94e16e775d7e73788d06d2b2fdd8cd2ac6b6b15287593b6a2de uri: https://gitlab.freedesktop.org/xdg/shared-mime-info/-/archive/${{package.version}}/shared-mime-info-${{package.version}}.tar.gz - uses: meson/configure From 28d83056a0c219b055d6e2edef0d754f6655a2b9 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 13:11:46 +0000 Subject: [PATCH 03/54] k8sgpt-operator/0.0.23 package update --- k8sgpt-operator.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/k8sgpt-operator.yaml b/k8sgpt-operator.yaml index a6bc0852980..30693652ff7 100644 --- a/k8sgpt-operator.yaml +++ b/k8sgpt-operator.yaml @@ -1,6 +1,6 @@ package: name: k8sgpt-operator - version: 0.0.22 + version: 0.0.23 epoch: 0 description: Automatic SRE Superpowers within your Kubernetes cluster copyright: @@ -20,7 +20,7 @@ pipeline: with: repository: https://github.com/k8sgpt-ai/k8sgpt-operator tag: v${{package.version}} - expected-commit: f0ebd2888357293ec36eb75ec7153223ce4f914f + expected-commit: bb00c901103fd68182f5b13175452f3185c934d5 - uses: go/build with: From 1c2707b08e1ab969fdbbb1a5d403132fe88b3681 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:11:22 +0000 Subject: [PATCH 04/54] tflint/0.49.0 package update --- tflint.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tflint.yaml b/tflint.yaml index 5298a1a0507..aa55a540117 100644 --- a/tflint.yaml +++ b/tflint.yaml @@ -1,7 +1,7 @@ package: name: tflint - version: 0.48.0 - epoch: 3 + version: 0.49.0 + epoch: 0 description: A Pluggable Terraform Linter copyright: - license: MPL 2.0 @@ -19,7 +19,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/terraform-linters/tflint - expected-commit: c88c0175d0fe5b4255450119a69f62a269beff89 + expected-commit: 636f198be18bbf00307f7a1dbc143fb7123f0b5d tag: v${{package.version}} - runs: | From a769cb35c66627c77faeaf4ba981e92f8d944d1b Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 16:11:29 +0000 Subject: [PATCH 05/54] vim/9.0.2103 package update --- vim.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/vim.yaml b/vim.yaml index 26f788dedc4..1cb496f9321 100644 --- a/vim.yaml +++ b/vim.yaml @@ -1,7 +1,7 @@ package: name: vim - version: 9.0.2100 - epoch: 1 + version: 9.0.2103 + epoch: 0 description: "Improved vi-style text editor" copyright: - license: Vim @@ -21,7 +21,7 @@ pipeline: - uses: fetch with: uri: https://github.com/vim/vim/archive/v${{package.version}}.tar.gz - expected-sha256: 01e08b3234a357f6b17e80a695390ed537b50d10b9c95bf5b1ec9182e2c0725c + expected-sha256: 92b420ff634a4c63a959c65ea07fc516ba9844e658648705a48c4c7b911b302e - runs: | # vim seems to manually set FORTIFY_SOURCE=1, and setting both breaks the build From 5d174604fde5e2e8386076664a8e926ac4ec7ad9 Mon Sep 17 00:00:00 2001 From: ajayk Date: Sun, 12 Nov 2023 08:12:13 -0800 Subject: [PATCH 06/54] ruby3.3 preview 3 --- ruby-3.3.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/ruby-3.3.yaml b/ruby-3.3.yaml index 693dde6da8a..e65913fb92e 100644 --- a/ruby-3.3.yaml +++ b/ruby-3.3.yaml @@ -1,6 +1,6 @@ package: name: ruby-3.3 - version: 3.3.0_p2 + version: 3.3.0_p3 epoch: 0 description: "the Ruby programming language" copyright: @@ -35,8 +35,8 @@ vars: pipeline: - uses: fetch with: - uri: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-preview2.tar.gz - expected-sha256: 30ce8b0fe11b37b5ac088f5a5765744b935eac45bb89a9e381731533144f5991 + uri: https://cache.ruby-lang.org/pub/ruby/3.3/ruby-3.3.0-preview3.tar.gz + expected-sha256: 0969141be92e67e0edb84a8fb354acc98f01bd78e602a23a0f136045c82f4809 - name: Configure runs: | From ad99ff8fba9d85b38008155f7c23d34ae046218a Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 17:07:29 +0000 Subject: [PATCH 07/54] gitlab-exporter/13.5.0 package update --- gitlab-exporter.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gitlab-exporter.yaml b/gitlab-exporter.yaml index 5c97d0e166f..eff1ffbb045 100644 --- a/gitlab-exporter.yaml +++ b/gitlab-exporter.yaml @@ -4,8 +4,8 @@ #nolint:git-checkout-must-use-github-updates package: name: gitlab-exporter - version: 13.4.1 - epoch: 1 + version: 13.5.0 + epoch: 0 description: GitLab Exporter is a Prometheus Web exporter. copyright: - license: MIT From 8abf0a945a4697e4e1cb95719b499a3653113332 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 18:11:31 +0000 Subject: [PATCH 08/54] aws-crt-cpp/0.24.6 package update --- aws-crt-cpp.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws-crt-cpp.yaml b/aws-crt-cpp.yaml index 9823fac3cf5..7843d698f81 100644 --- a/aws-crt-cpp.yaml +++ b/aws-crt-cpp.yaml @@ -1,6 +1,6 @@ package: name: aws-crt-cpp - version: 0.24.5 + version: 0.24.6 epoch: 0 description: "C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/awslabs/aws-crt-cpp tag: v${{package.version}} - expected-commit: a7fc0969ea3508e5aae01289cd17be9cdc98ffad + expected-commit: c84834d3aca192b862a6bb18e678f5d80323e735 - runs: | if [ "$CBUILD" != "$CHOST" ]; then From de7648fd65737ef3d3059ce74da364e5345049c4 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 18:11:36 +0000 Subject: [PATCH 09/54] kor/0.2.8 package update --- kor.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/kor.yaml b/kor.yaml index 142fe48719b..a7e6d6c6334 100644 --- a/kor.yaml +++ b/kor.yaml @@ -1,6 +1,6 @@ package: name: kor - version: 0.2.7 + version: 0.2.8 epoch: 0 description: A Golang Tool to discover unused Kubernetes Resources copyright: @@ -11,7 +11,7 @@ pipeline: with: repository: https://github.com/yonahd/kor tag: v${{package.version}} - expected-commit: e74ae5709df28493104f9d906cc4dc6db6c983f6 + expected-commit: dec8161f811a3710916c3eb85d6e89272d6de0f7 - uses: go/build with: From 3bfa0ebfccecdaedd7edb32102c88ab3df125c3d Mon Sep 17 00:00:00 2001 From: Hector Fernandez Date: Sun, 12 Nov 2023 18:39:56 +0100 Subject: [PATCH 10/54] spire: fix GHSA-vfp6-jrw2-99g9 Signed-off-by: Hector Fernandez --- spire-server.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/spire-server.yaml b/spire-server.yaml index e078efbaed2..c7a1278c936 100644 --- a/spire-server.yaml +++ b/spire-server.yaml @@ -1,7 +1,7 @@ package: name: spire-server version: 1.8.4 - epoch: 0 + epoch: 1 description: The SPIFFE Runtime Environment (SPIRE) server copyright: - license: Apache-2.0 @@ -47,6 +47,9 @@ pipeline: echo ${goversion} > .go-version cat .go-version + go get github.com/sigstore/cosign/v2@v2.2.1 + go mod tidy + make bin/spire-agent make bin/spire-server make bin/oidc-discovery-provider From 272353abd422ce697af0d247ca6e24658f393abb Mon Sep 17 00:00:00 2001 From: Hector Fernandez Date: Sun, 12 Nov 2023 22:07:16 +0100 Subject: [PATCH 11/54] spire: add comment with the CVE-ID Signed-off-by: Hector Fernandez --- spire-server.yaml | 1 + 1 file changed, 1 insertion(+) diff --git a/spire-server.yaml b/spire-server.yaml index c7a1278c936..0880caf7696 100644 --- a/spire-server.yaml +++ b/spire-server.yaml @@ -47,6 +47,7 @@ pipeline: echo ${goversion} > .go-version cat .go-version + # Mitigate CVE-2023-46737 go get github.com/sigstore/cosign/v2@v2.2.1 go mod tidy From fd24702d49004d29e18b0ffc75d8d8709b61e788 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 22:11:16 +0000 Subject: [PATCH 12/54] k8sgpt/0.3.21 package update --- k8sgpt.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/k8sgpt.yaml b/k8sgpt.yaml index d1ce9399be3..863dff06126 100644 --- a/k8sgpt.yaml +++ b/k8sgpt.yaml @@ -1,6 +1,6 @@ package: name: k8sgpt - version: 0.3.19 + version: 0.3.21 epoch: 0 description: Giving Kubernetes Superpowers to everyone copyright: @@ -23,7 +23,7 @@ pipeline: with: repository: https://github.com/k8sgpt-ai/k8sgpt tag: v${{package.version}} - expected-commit: f4b361aed68e7c0547a08a4990e8e525a159ef86 + expected-commit: c78c4f0cb693f78cc3c0e95e49d832a14500a14e destination: k8sgpt - runs: | From 15b6df300e1de643f2f8a143f2934b3bafd12712 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Sun, 12 Nov 2023 23:11:19 +0000 Subject: [PATCH 13/54] py3-keyring/24.3.0 package update --- py3-keyring.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/py3-keyring.yaml b/py3-keyring.yaml index 621a44cf247..2425e70c0f1 100644 --- a/py3-keyring.yaml +++ b/py3-keyring.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/keyring/ package: name: py3-keyring - version: 24.2.0 - epoch: 2 + version: 24.3.0 + epoch: 0 description: Store and access your passwords safely. copyright: - license: "MIT" @@ -33,7 +33,7 @@ pipeline: with: repository: https://github.com/jaraco/keyring tag: v${{package.version}} - expected-commit: 9b5c554f47886b0c37d3c8551f8490628883a4a1 + expected-commit: 9056f4ac3c3d20fb1cb3648b02bf9607bb49995d - name: Python Build uses: python/build-wheel From 079f4e1d983c6cda51ac56543609107a10c98bf6 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 00:16:57 +0000 Subject: [PATCH 14/54] timoni/0.16.0 package update --- timoni.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/timoni.yaml b/timoni.yaml index 83a3c1fa05a..67508d7e919 100644 --- a/timoni.yaml +++ b/timoni.yaml @@ -1,6 +1,6 @@ package: name: timoni - version: 0.15.0 + version: 0.16.0 epoch: 0 description: Timoni is a package manager for Kubernetes, powered by CUE and inspired by Helm. copyright: @@ -17,7 +17,7 @@ pipeline: with: repository: https://github.com/stefanprodan/timoni tag: v${{package.version}} - expected-commit: c1caaf566de0cacb3936a7b5764d9c7701a0c3b4 + expected-commit: 98b0744539d52a26d12fdd44b29c2e9fdcd0b0e3 - uses: go/build with: From 8ea5d7c07be172a7361b80dc06a3cda7073ee75a Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 01:34:52 +0000 Subject: [PATCH 15/54] prometheus-node-exporter/1.7.0 package update --- prometheus-node-exporter.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/prometheus-node-exporter.yaml b/prometheus-node-exporter.yaml index 5e255e39410..14a70bc95f8 100644 --- a/prometheus-node-exporter.yaml +++ b/prometheus-node-exporter.yaml @@ -1,7 +1,7 @@ package: name: prometheus-node-exporter - version: 1.6.1 - epoch: 6 + version: 1.7.0 + epoch: 0 description: Prometheus Exporter for machine metrics copyright: - license: Apache-2.0 @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/prometheus/node_exporter tag: v${{package.version}} - expected-commit: 4a1b77600c1873a8233f3ffb55afcedbb63b8d84 + expected-commit: 7333465abf9efba81876303bb57e6fadb946041b - runs: | # Handle CVE-2023-39325 and CVE-2023-3978 From d5b340fe758686ce130b84d5e6c79f6db7ce945e Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 01:34:57 +0000 Subject: [PATCH 16/54] numpy/1.26.2 package update --- numpy.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/numpy.yaml b/numpy.yaml index f06f63d53a9..fb7dc06a72d 100644 --- a/numpy.yaml +++ b/numpy.yaml @@ -1,7 +1,7 @@ package: name: numpy - version: 1.26.1 - epoch: 1 + version: 1.26.2 + epoch: 0 description: "The fundamental package for scientific computing with Python." copyright: - license: BSD-3-Clause @@ -31,7 +31,7 @@ pipeline: with: repository: https://github.com/numpy/numpy tag: v${{package.version}} - expected-commit: 411a55b9ec084c3315fe5f199351c31d0eb3c352 + expected-commit: 03b62604eead0f7d279a5a4c094743eb29647368 - runs: | git submodule update --init From 13369c53d9c6bc3a782448c078f3fe0d7439390d Mon Sep 17 00:00:00 2001 From: Ajay Kemparaj Date: Sun, 12 Nov 2023 18:06:50 -0800 Subject: [PATCH 17/54] Update prometheus-node-exporter.yaml Signed-off-by: Ajay Kemparaj --- prometheus-node-exporter.yaml | 4 ---- 1 file changed, 4 deletions(-) diff --git a/prometheus-node-exporter.yaml b/prometheus-node-exporter.yaml index 14a70bc95f8..cd8cad8c155 100644 --- a/prometheus-node-exporter.yaml +++ b/prometheus-node-exporter.yaml @@ -24,10 +24,6 @@ pipeline: expected-commit: 7333465abf9efba81876303bb57e6fadb946041b - runs: | - # Handle CVE-2023-39325 and CVE-2023-3978 - go get golang.org/x/net@v0.17.0 - go mod tidy - make build - runs: | From b7a516d39722c76972bec591404ba7d7600dca48 Mon Sep 17 00:00:00 2001 From: Ajay Kemparaj Date: Sun, 12 Nov 2023 18:08:04 -0800 Subject: [PATCH 18/54] Update timoni.yaml remove cve mitigation Signed-off-by: Ajay Kemparaj --- timoni.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/timoni.yaml b/timoni.yaml index 67508d7e919..9d2c1145815 100644 --- a/timoni.yaml +++ b/timoni.yaml @@ -24,8 +24,6 @@ pipeline: packages: ./cmd/timoni output: timoni ldflags: -s -w -X main.VERSION=${{package.version}} - # Mitigate CVE-2023-39325 and CVE-2023-3978 - deps: golang.org/x/net@v0.17.0 - uses: strip From 0942de1f5aa9265d44c4d6a9ce64ee4f7d57bfb1 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 04:11:37 +0000 Subject: [PATCH 19/54] libpulsar/3.4.0 package update --- libpulsar.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libpulsar.yaml b/libpulsar.yaml index 8008ce76b6e..b8ee5e65737 100644 --- a/libpulsar.yaml +++ b/libpulsar.yaml @@ -1,6 +1,6 @@ package: name: libpulsar - version: 3.3.0 + version: 3.4.0 epoch: 0 description: Optimizer and compiler/toolchain library for WebAssembly copyright: @@ -30,7 +30,7 @@ pipeline: with: repository: https://github.com/apache/pulsar-client-cpp tag: v${{package.version}} - expected-commit: 79147b88207d95bcc4eb7fecb0b00946d385ddda + expected-commit: f337eff7caae93730ec1260810655cbb5a345e70 - uses: cmake/configure with: From 3d5b25d50251e23326749d2238fda3bae0ef5b33 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 09:11:26 +0000 Subject: [PATCH 20/54] pulumi-language-yaml/1.4.1 package update --- pulumi-language-yaml.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pulumi-language-yaml.yaml b/pulumi-language-yaml.yaml index 8eb6907c48e..7e61be5761e 100644 --- a/pulumi-language-yaml.yaml +++ b/pulumi-language-yaml.yaml @@ -1,6 +1,6 @@ package: name: pulumi-language-yaml - version: 1.4.0 + version: 1.4.1 epoch: 0 description: Pulumi Language SDK for YAML copyright: @@ -20,7 +20,7 @@ pipeline: repository: https://github.com/pulumi/pulumi-yaml.git tag: v${{package.version}} destination: ${{package.name}} - expected-commit: 474812dc643a518a1687d627a2c84a22da5337d9 + expected-commit: f2c39510d365ce5f8b7e745c266253ac3a45871a - working-directory: ${{package.name}} pipeline: From ebe5f4a3e8ebadad7f76e90a8474a33609981228 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 10:07:47 +0000 Subject: [PATCH 21/54] vala/0.56.14 package update --- vala.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vala.yaml b/vala.yaml index 90b00f8d21b..0a39091cebb 100644 --- a/vala.yaml +++ b/vala.yaml @@ -1,6 +1,6 @@ package: name: vala - version: 0.56.13 + version: 0.56.14 epoch: 0 description: Compiler for the GObject type system copyright: @@ -25,7 +25,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 4988223036c7e1e4874c476d0de8bd9cbe500ee25ef19a76e560dc0b6d56ae07 + expected-sha256: 9382c268ca9bdc02aaedc8152a9818bf3935273041f629c56de410e360a3f557 uri: https://download.gnome.org/sources/vala/0.56/vala-${{package.version}}.tar.xz - uses: autoconf/configure From c43d931c21c601fcd85febed99aff12387b7730e Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 10:11:28 +0000 Subject: [PATCH 22/54] varnish/7.4.2 package update --- varnish.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/varnish.yaml b/varnish.yaml index 6c6cad623d3..47422c6fe20 100644 --- a/varnish.yaml +++ b/varnish.yaml @@ -1,6 +1,6 @@ package: name: varnish - version: "7.4.1" + version: 7.4.2 epoch: 0 description: "Varnish Cache is a web application accelerator also known as a caching HTTP reverse proxy" copyright: @@ -29,7 +29,7 @@ pipeline: with: repository: https://github.com/varnishcache/varnish-cache tag: varnish-${{package.version}} - expected-commit: d5a5aa9cc879320840ca467ddbb7df0f99c9ba0f + expected-commit: cd1d10ab53a6f6115b2b4f3b2a1da94c1f749f80 - runs: autoreconf -vif From 0924e3c724618b11bc4a8cf7137ba70451d11cd3 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 12:12:26 +0000 Subject: [PATCH 23/54] nri-kubernetes/3.20.0 package update --- nri-kubernetes.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nri-kubernetes.yaml b/nri-kubernetes.yaml index 625821ed6fd..37079a67ee9 100644 --- a/nri-kubernetes.yaml +++ b/nri-kubernetes.yaml @@ -1,6 +1,6 @@ package: name: nri-kubernetes - version: 3.19.0 + version: 3.20.0 epoch: 0 description: New Relic integration for Kubernetes copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/newrelic/nri-kubernetes tag: v${{package.version}} - expected-commit: ecdb45816012a8ff9c2a938150f59ddc9475f3ce + expected-commit: cedfbc074f02a3d5d2f6d27962220ff7160ba071 - runs: | # Our global LDFLAGS conflict with a Makefile parameter From 95476f3c63af3b02659d2155de38283b4c8ad855 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 12:12:32 +0000 Subject: [PATCH 24/54] newrelic-infra-operator/0.13.0 package update --- newrelic-infra-operator.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/newrelic-infra-operator.yaml b/newrelic-infra-operator.yaml index 5cee5720220..0edffce8b38 100644 --- a/newrelic-infra-operator.yaml +++ b/newrelic-infra-operator.yaml @@ -1,6 +1,6 @@ package: name: newrelic-infra-operator - version: 0.12.0 + version: 0.13.0 epoch: 0 description: Newrelic kubernetes operator of infrastructure copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/newrelic/newrelic-infra-operator tag: v${{package.version}} - expected-commit: bb9ad058535ce20c5fd018b34ad4df68ed1d58c1 + expected-commit: ad0b09d4537a0cd3d766f99702e16e00feda3ea4 - runs: | make build From 58d924ee3109acc71167c458378db8a6187e881c Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 13:12:57 +0000 Subject: [PATCH 25/54] py3-urllib3/2.1.0 package update --- py3-urllib3.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/py3-urllib3.yaml b/py3-urllib3.yaml index d48fc9e3b94..0c682d1f506 100644 --- a/py3-urllib3.yaml +++ b/py3-urllib3.yaml @@ -1,6 +1,6 @@ package: name: py3-urllib3 - version: 2.0.7 + version: 2.1.0 epoch: 0 description: "HTTP library with thread-safe connection pooling, file post, and more" copyright: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/urllib3/urllib3.git tag: ${{package.version}} - expected-commit: 56f01e088dc006c03d4ee6ea9da4ab810f1ed700 + expected-commit: 69be2992f8a25a1f27e49f339e4d5b98dec07462 - runs: | # This is needed to work around the error "ValueError: ZIP does not support timestamps before 1980" From 7da85f8a1fcf4cc8189b38d1dcdd90dab0a7ea2a Mon Sep 17 00:00:00 2001 From: James Rawlings Date: Mon, 13 Nov 2023 14:00:20 +0000 Subject: [PATCH 26/54] gitlab-exporter: use correct expected commit sha Signed-off-by: James Rawlings --- gitlab-exporter.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/gitlab-exporter.yaml b/gitlab-exporter.yaml index eff1ffbb045..1d052653d4c 100644 --- a/gitlab-exporter.yaml +++ b/gitlab-exporter.yaml @@ -57,7 +57,7 @@ pipeline: with: repository: https://gitlab.com/gitlab-org/ruby/gems/gitlab-exporter.git tag: v${{package.version}} - expected-commit: 590c4261bd09b341742ee5249225b3aaac421445 + expected-commit: 7d0f9c6e59bf0b8a387edcd2ce636ba5aeda0020 - uses: ruby/unlock-spec From ca05bb412f02afc71fc5fec58c33c9d01eb4902c Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 14:11:42 +0000 Subject: [PATCH 27/54] wolfictl/0.8.5 package update --- wolfictl.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/wolfictl.yaml b/wolfictl.yaml index ccb6ed356ff..d06eea0158e 100644 --- a/wolfictl.yaml +++ b/wolfictl.yaml @@ -1,6 +1,6 @@ package: name: wolfictl - version: 0.8.3 + version: 0.8.5 epoch: 0 description: Helper CLI for managing Wolfi copyright: @@ -15,7 +15,7 @@ pipeline: with: repository: https://github.com/wolfi-dev/wolfictl tag: v${{package.version}} - expected-commit: 41020b97bc7cd23b5157b7d440e783cc40b172f8 + expected-commit: 2e01fe0f64aaf1faf5aa13763f980b74a5a977f9 destination: wolfictl - uses: go/build From 748a0f2f8f3d217e6761bbeaf8297dcd6e2863cb Mon Sep 17 00:00:00 2001 From: Jamon Camisso Date: Mon, 13 Nov 2023 09:14:34 -0500 Subject: [PATCH 28/54] Add missing wget and node deps for kubeflow-pipelines frontend Signed-off-by: Jamon Camisso --- kubeflow-pipelines.yaml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/kubeflow-pipelines.yaml b/kubeflow-pipelines.yaml index 1eb32a70819..9fbcf052f60 100644 --- a/kubeflow-pipelines.yaml +++ b/kubeflow-pipelines.yaml @@ -1,7 +1,7 @@ package: name: kubeflow-pipelines version: 2.0.3 - epoch: 0 + epoch: 1 description: Machine Learning Pipelines for Kubeflow checks: disabled: @@ -155,6 +155,10 @@ subpackages: - name: "kubeflow-pipelines-frontend" description: "Kubeflow Pipelines frontend" + dependencies: + runtime: + - nodejs + - wget pipeline: - runs: | mkdir -p ${{targets.subpkgdir}}/server From 4f72077abe3893cf060e51181d6421a4e8405ee4 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 15:07:53 +0000 Subject: [PATCH 29/54] gst-plugins-base/1.22.7 package update --- gst-plugins-base.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/gst-plugins-base.yaml b/gst-plugins-base.yaml index de0b79be428..1612e8229ac 100644 --- a/gst-plugins-base.yaml +++ b/gst-plugins-base.yaml @@ -1,6 +1,6 @@ package: name: gst-plugins-base - version: 1.22.6 + version: 1.22.7 epoch: 0 description: GStreamer streaming media framework base plug-ins copyright: @@ -39,7 +39,7 @@ environment: pipeline: - uses: fetch with: - expected-sha512: b03b585c54f1ed2c143495b3d302f73d5fc4c2acd37360a510791d97ca73a895b6154d7205004418504e90b2bfebe51f84c7f55e99caca39b167d2f36dac677a + expected-sha512: a33d332aebf5e209380c2740e0fc6762e49b78a9921822adfc07efdd4780cbe038867d9924a2df334c8a624e8be49b5d46e276538d6d77ff8ac9f002ced052e3 uri: https://gstreamer.freedesktop.org/src/gst-plugins-base/gst-plugins-base-${{package.version}}.tar.xz - runs: | From 1320817e2e7779e0343726ce3b5151aa3d475196 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 15:11:35 +0000 Subject: [PATCH 30/54] nri-kafka/3.6.0 package update --- nri-kafka.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nri-kafka.yaml b/nri-kafka.yaml index c781a6d9ab1..aefb6765fba 100644 --- a/nri-kafka.yaml +++ b/nri-kafka.yaml @@ -1,7 +1,7 @@ package: name: nri-kafka - version: 3.4.9 - epoch: 1 + version: 3.6.0 + epoch: 0 description: New Relic Infrastructure Kafka Integration copyright: - license: MIT @@ -14,7 +14,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/newrelic/nri-kafka - expected-commit: 943d8fe97699afd751b7b6cdde3be6b1281ec76f + expected-commit: 4d44eac8982e2f55448bd02b3594672e1279fb9c tag: v${{package.version}} - uses: go/build From 80e29f7c096e740930e0d0e814c60d1d2b5f5d33 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 16:11:39 +0000 Subject: [PATCH 31/54] newrelic-prometheus-configurator/1.10.0 package update --- newrelic-prometheus-configurator.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/newrelic-prometheus-configurator.yaml b/newrelic-prometheus-configurator.yaml index b370c788be5..86a9c4860ed 100644 --- a/newrelic-prometheus-configurator.yaml +++ b/newrelic-prometheus-configurator.yaml @@ -1,6 +1,6 @@ package: name: newrelic-prometheus-configurator - version: 1.9.0 + version: 1.10.0 epoch: 0 description: New Relic Prometheus Configurator target-architecture: @@ -22,7 +22,7 @@ pipeline: with: repository: https://github.com/newrelic/newrelic-prometheus-configurator tag: v${{package.version}} - expected-commit: e03c2868cd3c733603d6ffaa41d4c5513e1addae + expected-commit: 700e9dcaf71109960e1e78031e03312d140e2e61 - runs: | GOOS=$(go env GOOS) From 4f71552e2d4c9e0d2a19e559a6ddbd3177ab42cc Mon Sep 17 00:00:00 2001 From: Ajay Kemparaj Date: Mon, 13 Nov 2023 08:58:00 -0800 Subject: [PATCH 32/54] Update nri-kafka.yaml remove cve mitigations Signed-off-by: Ajay Kemparaj --- nri-kafka.yaml | 2 -- 1 file changed, 2 deletions(-) diff --git a/nri-kafka.yaml b/nri-kafka.yaml index aefb6765fba..3c74fac7e27 100644 --- a/nri-kafka.yaml +++ b/nri-kafka.yaml @@ -23,8 +23,6 @@ pipeline: packages: ./src/ output: nri-kafka ldflags: -w - # GHSA-qppj-fm5r-hxr3, GHSA-4374-p667-p6c8 and GHSA-2wrh-6pvc-2jm9 - deps: golang.org/x/net@v0.17.0 - runs: | mkdir -p "${{targets.destdir}}"/etc/newrelic-infra/integrations.d From 02445c722f2d2d48b9f04a4eaa3ca3cdee924e35 Mon Sep 17 00:00:00 2001 From: Ville Aikas Date: Mon, 13 Nov 2023 19:48:14 +0200 Subject: [PATCH 33/54] Fix the redis/igbinary packages. They were missing the php version dependency, so these would not work with anything than what they were built with. This also makes them serviceable (adds -config subpackage), so you can customize with your own -config package. Create -dev subpackage that only has the headers. Add dependency from redis -> igbinary, which was also missing. Signed-off-by: Ville Aikas --- php-igbinary.yaml => php-8.1-igbinary.yaml | 31 ++++++++-- php-redis.yaml => php-8.1-redis.yaml | 32 +++++++++-- php-8.2-igbinary.yaml | 67 ++++++++++++++++++++++ php-8.2-redis.yaml | 65 +++++++++++++++++++++ 4 files changed, 185 insertions(+), 10 deletions(-) rename php-igbinary.yaml => php-8.1-igbinary.yaml (54%) rename php-redis.yaml => php-8.1-redis.yaml (51%) create mode 100644 php-8.2-igbinary.yaml create mode 100644 php-8.2-redis.yaml diff --git a/php-igbinary.yaml b/php-8.1-igbinary.yaml similarity index 54% rename from php-igbinary.yaml rename to php-8.1-igbinary.yaml index e5efc759041..ec49725c78d 100644 --- a/php-igbinary.yaml +++ b/php-8.1-igbinary.yaml @@ -1,5 +1,5 @@ package: - name: php-igbinary + name: php-8.1-igbinary version: 3.2.14 epoch: 0 description: "Igbinary is a drop in replacement for the standard php serializer." @@ -7,16 +7,19 @@ package: - license: BSD-3-Clause dependencies: runtime: - - php + - php-8.1 + - ${{package.name}}-config + provides: + - php-igbinary=${{package.full-version}} environment: contents: packages: - - build-base - autoconf + - build-base - busybox - - php - - php-dev + - php-8.1 + - php-8.1-dev pipeline: - uses: git-checkout @@ -40,6 +43,24 @@ pipeline: set -x INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-igbinary-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + - name: ${{package.name}}-dev + description: PHP 8.1 igbinary development headers + dependencies: + provides: + - php-igbinary-dev=${{package.full-version}} + pipeline: + - uses: split/dev + + update: enabled: true github: diff --git a/php-redis.yaml b/php-8.1-redis.yaml similarity index 51% rename from php-redis.yaml rename to php-8.1-redis.yaml index c497b21999c..0dbfcd5bd32 100644 --- a/php-redis.yaml +++ b/php-8.1-redis.yaml @@ -1,5 +1,5 @@ package: - name: php-redis + name: php-8.1-redis version: 5.3.7 epoch: 0 description: "A PHP extension for Redis" @@ -7,16 +7,21 @@ package: - license: PHP-3.01 dependencies: runtime: - - php + - php-8.1 + - php-8.1-igbinary + - ${{package.name}}-config + provides: + - php-redis=${{package.full-version}} environment: contents: packages: - - build-base - autoconf + - build-base - busybox - - php - - php-dev + - php-8.1 + - php-8.1-dev + - php-8.1-igbinary-dev - php-igbinary pipeline: @@ -38,6 +43,23 @@ pipeline: runs: | INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-redis-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + - name: ${{package.name}}-dev + description: PHP 8.1 redis development headers + dependencies: + provides: + - php-redis-dev=${{package.full-version}} + pipeline: + - uses: split/dev + update: enabled: true github: diff --git a/php-8.2-igbinary.yaml b/php-8.2-igbinary.yaml new file mode 100644 index 00000000000..71e313b4fc5 --- /dev/null +++ b/php-8.2-igbinary.yaml @@ -0,0 +1,67 @@ +package: + name: php-8.2-igbinary + version: 3.2.14 + epoch: 0 + description: "Igbinary is a drop in replacement for the standard php serializer." + copyright: + - license: BSD-3-Clause + dependencies: + runtime: + - php-8.2 + - ${{package.name}}-config + provides: + - php-igbinary=${{package.full-version}} + +environment: + contents: + packages: + - build-base + - autoconf + - busybox + - php-8.2 + - php-8.2-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/igbinary/igbinary + tag: ${{package.version}} + expected-commit: 102ad68159791e76667f8455cbc171e6ec78253c + + - name: Prepare build + runs: phpize + + - name: Configure + runs: | + set -x + ./configure CFLAGS="-O2 -g" --enable-igbinary + + - uses: autoconf/make + + - name: Make install + runs: | + set -x + INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install + +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-igbinary-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + - name: ${{package.name}}-dev + description: PHP 8.2 igbinary development headers + dependencies: + provides: + - php-igbinary-dev=${{package.full-version}} + pipeline: + - uses: split/dev + + +update: + enabled: true + github: + identifier: igbinary/igbinary diff --git a/php-8.2-redis.yaml b/php-8.2-redis.yaml new file mode 100644 index 00000000000..110a555ea92 --- /dev/null +++ b/php-8.2-redis.yaml @@ -0,0 +1,65 @@ +package: + name: php-8.2-redis + version: 5.3.7 + epoch: 0 + description: "A PHP extension for Redis" + copyright: + - license: PHP-3.01 + dependencies: + runtime: + - php-8.2 + - php-8.2-igbinary + - ${{package.name}}-config + provides: + - php-redis=${{package.full-version}} + +environment: + contents: + packages: + - autoconf + - build-base + - busybox + - php-8.2 + - php-8.2-dev + - php-8.2-igbinary-dev + +pipeline: + - uses: git-checkout + with: + repository: https://github.com/phpredis/phpredis + tag: ${{package.version}} + expected-commit: 98d64ba86f37d2d3048500461f50b05f302f36ea + + - name: Prepare build + runs: phpize + + - name: Configure + runs: ./configure --enable-redis-igbinary + + - uses: autoconf/make + + - name: Make install + runs: | + INSTALL_ROOT="${{targets.destdir}}" DESTDIR="${{targets.destdir}}" make install + +subpackages: + - name: ${{package.name}}-config + dependencies: + provides: + - php-redis-config=${{package.full-version}} + pipeline: + - runs: | + mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" + echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + - name: ${{package.name}}-dev + description: PHP 8.2 redis development headers + dependencies: + provides: + - php-redis-dev=${{package.full-version}} + pipeline: + - uses: split/dev + +update: + enabled: true + github: + identifier: phpredis/phpredis From 27ae72c5377fdec6236275e1ce8a6fc2db087284 Mon Sep 17 00:00:00 2001 From: Ville Aikas Date: Mon, 13 Nov 2023 20:06:21 +0200 Subject: [PATCH 34/54] fix lints. Signed-off-by: Ville Aikas --- php-8.1-igbinary.yaml | 4 ++-- php-8.1-redis.yaml | 3 ++- php-8.2-igbinary.yaml | 6 +++--- php-8.2-redis.yaml | 3 ++- 4 files changed, 9 insertions(+), 7 deletions(-) diff --git a/php-8.1-igbinary.yaml b/php-8.1-igbinary.yaml index ec49725c78d..0b4f710596f 100644 --- a/php-8.1-igbinary.yaml +++ b/php-8.1-igbinary.yaml @@ -7,8 +7,8 @@ package: - license: BSD-3-Clause dependencies: runtime: - - php-8.1 - ${{package.name}}-config + - php-8.1 provides: - php-igbinary=${{package.full-version}} @@ -52,6 +52,7 @@ subpackages: - runs: | mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + - name: ${{package.name}}-dev description: PHP 8.1 igbinary development headers dependencies: @@ -60,7 +61,6 @@ subpackages: pipeline: - uses: split/dev - update: enabled: true github: diff --git a/php-8.1-redis.yaml b/php-8.1-redis.yaml index 0dbfcd5bd32..5cf3a0c4c9f 100644 --- a/php-8.1-redis.yaml +++ b/php-8.1-redis.yaml @@ -7,9 +7,9 @@ package: - license: PHP-3.01 dependencies: runtime: + - ${{package.name}}-config - php-8.1 - php-8.1-igbinary - - ${{package.name}}-config provides: - php-redis=${{package.full-version}} @@ -52,6 +52,7 @@ subpackages: - runs: | mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + - name: ${{package.name}}-dev description: PHP 8.1 redis development headers dependencies: diff --git a/php-8.2-igbinary.yaml b/php-8.2-igbinary.yaml index 71e313b4fc5..7a7ecd8d105 100644 --- a/php-8.2-igbinary.yaml +++ b/php-8.2-igbinary.yaml @@ -7,16 +7,16 @@ package: - license: BSD-3-Clause dependencies: runtime: - - php-8.2 - ${{package.name}}-config + - php-8.2 provides: - php-igbinary=${{package.full-version}} environment: contents: packages: - - build-base - autoconf + - build-base - busybox - php-8.2 - php-8.2-dev @@ -52,6 +52,7 @@ subpackages: - runs: | mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" echo "extension=igbinary.so" > "${{targets.subpkgdir}}/etc/php/conf.d/igbinary.ini" + - name: ${{package.name}}-dev description: PHP 8.2 igbinary development headers dependencies: @@ -60,7 +61,6 @@ subpackages: pipeline: - uses: split/dev - update: enabled: true github: diff --git a/php-8.2-redis.yaml b/php-8.2-redis.yaml index 110a555ea92..754b69851e9 100644 --- a/php-8.2-redis.yaml +++ b/php-8.2-redis.yaml @@ -7,9 +7,9 @@ package: - license: PHP-3.01 dependencies: runtime: + - ${{package.name}}-config - php-8.2 - php-8.2-igbinary - - ${{package.name}}-config provides: - php-redis=${{package.full-version}} @@ -51,6 +51,7 @@ subpackages: - runs: | mkdir -p "${{targets.subpkgdir}}/etc/php/conf.d" echo "extension=redis.so" > "${{targets.subpkgdir}}/etc/php/conf.d/redis.ini" + - name: ${{package.name}}-dev description: PHP 8.2 redis development headers dependencies: From 7449c42c10509e5f95adee3860ed6b945e706350 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:07:54 +0000 Subject: [PATCH 35/54] gstreamer/1.22.7 package update --- gstreamer.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/gstreamer.yaml b/gstreamer.yaml index e769c60cf73..30a34581b4a 100644 --- a/gstreamer.yaml +++ b/gstreamer.yaml @@ -1,8 +1,8 @@ # Generated from https://git.alpinelinux.org/aports/plain/main/gstreamer/APKBUILD package: name: gstreamer - version: 1.22.6 - epoch: 1 + version: 1.22.7 + epoch: 0 description: GStreamer streaming media framework copyright: - license: LGPL-2.0-or-later @@ -28,7 +28,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: f500e6cfddff55908f937711fc26a0840de28a1e9ec49621c0b6f1adbd8f818e + expected-sha256: 01e42c6352a06bdfa4456e64b06ab7d98c5c487a25557c761554631cbda64217 uri: https://gstreamer.freedesktop.org/src/gstreamer/gstreamer-${{package.version}}.tar.xz - runs: | From 52685454c4eb2b711c24170ba1a6bdaf155e3240 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:11:39 +0000 Subject: [PATCH 36/54] nsc/2.8.4 package update --- nsc.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nsc.yaml b/nsc.yaml index 6ee54e981e7..8d6818625e0 100644 --- a/nsc.yaml +++ b/nsc.yaml @@ -1,6 +1,6 @@ package: name: nsc - version: 2.8.3 + version: 2.8.4 epoch: 0 description: Tool for creating nkey/jwt based configurations copyright: From b058f1c93e2a8afd8ee226e930e9b1133bca84be Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:11:45 +0000 Subject: [PATCH 37/54] ruby3.2-net-imap/0.4.5 package update --- ruby3.2-net-imap.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/ruby3.2-net-imap.yaml b/ruby3.2-net-imap.yaml index 8b5141946a7..aeaa135d4df 100644 --- a/ruby3.2-net-imap.yaml +++ b/ruby3.2-net-imap.yaml @@ -1,6 +1,6 @@ package: name: ruby3.2-net-imap - version: 0.4.4 + version: 0.4.5 epoch: 0 description: Ruby client api for Internet Message Access Protocol copyright: @@ -24,7 +24,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: cf6b92feaacbe44550a0734e3a4e7dbe7d5ccdc00610f6cd33b4f95dbf05d2ee + expected-sha256: 5f3905be64869de0819008b585590b23f45ebe0d2ba13680528d14ef84ffde32 uri: https://github.com/ruby/net-imap/archive/refs/tags/v${{package.version}}.tar.gz - uses: ruby/build From b5a11df79a7562e63f8d1f4b2f2dadd21762ea05 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:11:52 +0000 Subject: [PATCH 38/54] tigerbeetle/0.14.164 package update --- tigerbeetle.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tigerbeetle.yaml b/tigerbeetle.yaml index b16b26d20b4..f64cc5d184d 100644 --- a/tigerbeetle.yaml +++ b/tigerbeetle.yaml @@ -1,6 +1,6 @@ package: name: tigerbeetle - version: 0.14.160 + version: 0.14.164 epoch: 0 description: "The distributed financial accounting database designed for mission critical safety and performance." copyright: @@ -19,7 +19,7 @@ pipeline: with: repository: https://github.com/tigerbeetledb/tigerbeetle tag: ${{package.version}} - expected-commit: 47c03651ff08ee547b4baefda1b5b40f7f95e191 + expected-commit: 10c34968e7bb1d8b64f759dfabbcccaedb0a9f28 - runs: | # cpu values from here: https://github.com/tigerbeetle/tigerbeetle/blob/2ab9fd620e53a6d61cb119e48ece4008bedd777d/tools/docker/Dockerfile#L30C79-L30C92 From 9e91b91bd27c2f6d529c6595a2b01ab612edcae6 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:11:57 +0000 Subject: [PATCH 39/54] py3-trove-classifiers/2023.11.9 package update --- py3-trove-classifiers.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/py3-trove-classifiers.yaml b/py3-trove-classifiers.yaml index f216551031f..93dd14f132c 100644 --- a/py3-trove-classifiers.yaml +++ b/py3-trove-classifiers.yaml @@ -1,6 +1,6 @@ package: name: py3-trove-classifiers - version: 2023.10.18 + version: 2023.11.9 epoch: 0 description: Canonical source for classifiers on PyPI (pypi.org). copyright: @@ -24,7 +24,7 @@ pipeline: - uses: git-checkout with: repository: https://github.com/pypa/trove-classifiers - expected-commit: a7fc27d66af273d34118200539bd01f0aa303b17 + expected-commit: 44d951c034ccd282101e0749dfaa5047e550d9c3 tag: ${{package.version}} - name: Python Build From 0f3e308a92659467a2c758bc938c20ec0234ba74 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:12:03 +0000 Subject: [PATCH 40/54] py3-pydantic/2.5.0 package update --- py3-pydantic.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/py3-pydantic.yaml b/py3-pydantic.yaml index 31e2461d5a0..f5b6c3590d5 100644 --- a/py3-pydantic.yaml +++ b/py3-pydantic.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/pydantic/ package: name: py3-pydantic - version: 2.4.2 - epoch: 1 + version: 2.5.0 + epoch: 0 description: Data validation using Python type hints copyright: - license: "MIT" @@ -28,7 +28,7 @@ environment: pipeline: - uses: git-checkout with: - expected-commit: d1634da7d9cce1f91ae6f76bd3379b776b7de6da + expected-commit: d465ec5542a611ffefab45736859f37b0b251eb8 repository: https://github.com/pydantic/pydantic tag: v${{package.version}} From b264dafc34d8bb2cf626231636275c2055122bb8 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 18:12:08 +0000 Subject: [PATCH 41/54] external-secrets-operator/0.9.9 package update --- external-secrets-operator.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/external-secrets-operator.yaml b/external-secrets-operator.yaml index c89be0d3969..97af35b73eb 100644 --- a/external-secrets-operator.yaml +++ b/external-secrets-operator.yaml @@ -1,6 +1,6 @@ package: name: external-secrets-operator - version: 0.9.8 + version: 0.9.9 epoch: 0 description: Integrate external secret management systems with Kubernetes copyright: @@ -21,7 +21,7 @@ pipeline: with: repository: https://github.com/external-secrets/external-secrets tag: v${{package.version}} - expected-commit: c5d647bae1d3bbebb2f0d9c1ab1e3e3cbe869875 + expected-commit: 8b0fa87f301abd5ac2d15a45493aa4609e433772 - runs: | # Mitigate CVE-2023-39325 and CVE-2023-3978 From 101a47e7eeb52f45c22cd1ac6c8d44c0de4515e8 Mon Sep 17 00:00:00 2001 From: Ajay Kemparaj Date: Mon, 13 Nov 2023 10:13:48 -0800 Subject: [PATCH 42/54] Update external-secrets-operator.yaml remove cve mitigations Signed-off-by: Ajay Kemparaj --- external-secrets-operator.yaml | 3 --- 1 file changed, 3 deletions(-) diff --git a/external-secrets-operator.yaml b/external-secrets-operator.yaml index 97af35b73eb..5576176ecb4 100644 --- a/external-secrets-operator.yaml +++ b/external-secrets-operator.yaml @@ -24,9 +24,6 @@ pipeline: expected-commit: 8b0fa87f301abd5ac2d15a45493aa4609e433772 - runs: | - # Mitigate CVE-2023-39325 and CVE-2023-3978 - go get golang.org/x/net@v0.17.0 - go mod tidy make build-$(go env GOARCH) mkdir -p ${{targets.destdir}}/usr/bin From ed70914570f42f41758ee5c9e09622bf62785ef9 Mon Sep 17 00:00:00 2001 From: Ajay Kemparaj Date: Mon, 13 Nov 2023 10:15:31 -0800 Subject: [PATCH 43/54] Update external-secrets-operator.yaml yam fmt Signed-off-by: Ajay Kemparaj --- external-secrets-operator.yaml | 1 - 1 file changed, 1 deletion(-) diff --git a/external-secrets-operator.yaml b/external-secrets-operator.yaml index 5576176ecb4..68ca2fde43a 100644 --- a/external-secrets-operator.yaml +++ b/external-secrets-operator.yaml @@ -24,7 +24,6 @@ pipeline: expected-commit: 8b0fa87f301abd5ac2d15a45493aa4609e433772 - runs: | - make build-$(go env GOARCH) mkdir -p ${{targets.destdir}}/usr/bin install -m755 -D bin/external-secrets-$(go env GOOS)-$(go env GOARCH) "${{targets.destdir}}"/usr/bin/external-secrets From d8dc8a6a73c655343ff7817e6118088d73ff448e Mon Sep 17 00:00:00 2001 From: Ville Aikas Date: Mon, 13 Nov 2023 20:41:50 +0200 Subject: [PATCH 44/54] withdraw broken php-redis, php-igbinary. Signed-off-by: Ville Aikas --- withdrawn-packages.txt | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/withdrawn-packages.txt b/withdrawn-packages.txt index bed2d46a9e3..0a5909a54f3 100644 --- a/withdrawn-packages.txt +++ b/withdrawn-packages.txt @@ -114,5 +114,5 @@ kubeflow-pipelines-viewer-crd-controller-2.1.3-r5.apk kubeflow-pipelines-viewer-crd-controller-2.1.3-r6.apk kubeflow-pipelines-viewer-crd-controller-2.1.3-r7.apk kubeflow-pipelines-viewer-crd-controller-2.3.0-r0.apk - - +php-igbinary-3.2.14-r0 +php-redis-5.3.7-r0 From ff595ab1dfc74b17ba695ba69aff46f654b00f18 Mon Sep 17 00:00:00 2001 From: Jon Johnson Date: Mon, 13 Nov 2023 10:55:40 -0800 Subject: [PATCH 45/54] temporal-ui-server Fix oci entrypoint This was missing a symlink to the main binary. Signed-off-by: Jon Johnson --- temporal-ui-server.yaml | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/temporal-ui-server.yaml b/temporal-ui-server.yaml index 40f11f287ee..a25e229fa62 100644 --- a/temporal-ui-server.yaml +++ b/temporal-ui-server.yaml @@ -1,7 +1,7 @@ package: name: temporal-ui-server version: 2.21.3 - epoch: 0 + epoch: 1 description: Golang Server for https://github.com/temporalio/ui copyright: - license: MIT License @@ -45,6 +45,8 @@ subpackages: mkdir -p ${{targets.subpkgdir}}/home/ui-server/config cp docker/config-template.yaml ${{targets.subpkgdir}}/home/ui-server/ + ln -s /usr/bin/ui-server ${{targets.subpkgdir}}/home/ui-server/ui-server + update: enabled: true github: From 0b34737dd9b0a40a0473d7c4e03aa0cc1e7c7b21 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 19:11:32 +0000 Subject: [PATCH 46/54] py3-openai/1.2.4 package update --- py3-openai.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/py3-openai.yaml b/py3-openai.yaml index 11a6655a6f8..b370910af6c 100644 --- a/py3-openai.yaml +++ b/py3-openai.yaml @@ -1,8 +1,8 @@ # Generated from https://pypi.org/project/openai/ package: name: py3-openai - version: 1.2.3 - epoch: 1 + version: 1.2.4 + epoch: 0 description: Python client library for the OpenAI API copyright: - license: MIT @@ -36,7 +36,7 @@ pipeline: with: repository: https://github.com/openai/openai-python.git tag: v${{package.version}} - expected-commit: 4948308f37ecd9872708f42dc0f92dc5ab5ab4d8 + expected-commit: 65e29a2efa455a06deb59e243f27796c4ca2254c - name: Python Build uses: python/build-wheel From 6098dc8f34b02a944a8385b01b398d6117008a98 Mon Sep 17 00:00:00 2001 From: imjasonh Date: Mon, 13 Nov 2023 19:53:10 +0000 Subject: [PATCH 47/54] Update images digests --- .github/workflows/build-world.yaml | 2 +- .github/workflows/build.yaml | 4 ++-- .github/workflows/ci-build.yaml | 6 +++--- .github/workflows/lint-world.yaml | 2 +- .github/workflows/withdraw-packages.yaml | 2 +- .github/workflows/wolfictl-check-update.yaml | 2 +- .github/workflows/wolfictl-lint.yaml | 4 ++-- .github/workflows/wolfictl-update-gh.yaml | 2 +- .github/workflows/wolfictl-update-rm.yaml | 2 +- Makefile | 4 ++-- 10 files changed, 15 insertions(+), 15 deletions(-) diff --git a/.github/workflows/build-world.yaml b/.github/workflows/build-world.yaml index 9e51922eec4..3a2b7a05d02 100644 --- a/.github/workflows/build-world.yaml +++ b/.github/workflows/build-world.yaml @@ -24,7 +24,7 @@ jobs: # permissions: container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 47defed7f33..5a89cc5c0d5 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -29,7 +29,7 @@ jobs: # permissions: container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d # TODO: Deprivilege options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --device /dev/fuse --security-opt seccomp=unconfined --security-opt apparmor:unconfined @@ -102,7 +102,7 @@ jobs: container: # NOTE: This step only signs and uploads, so it doesn't need any privileges - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/ci-build.yaml b/.github/workflows/ci-build.yaml index 88a8623e6a1..d3967ed86d0 100644 --- a/.github/workflows/ci-build.yaml +++ b/.github/workflows/ci-build.yaml @@ -27,7 +27,7 @@ jobs: run: | # Copy wolfictl out of the wolfictl image and onto PATH TMP=$(mktemp -d) - docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac -c "cp /usr/bin/wolfictl /out" + docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d -c "cp /usr/bin/wolfictl /out" echo "$TMP" >> $GITHUB_PATH # Assuming that we have a list of changed files such as `foo.yaml` and `bar.yaml`, this @@ -58,7 +58,7 @@ jobs: group: wolfi-builder-${{ matrix.arch }} needs: changes container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d options: | --cap-add NET_ADMIN --cap-add SYS_ADMIN --security-opt seccomp=unconfined --security-opt apparmor:unconfined outputs: @@ -142,7 +142,7 @@ jobs: name: "Scan packages for CVEs" runs-on: ubuntu-latest container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d needs: build if: needs.build.outputs.packages_were_built == 'true' diff --git a/.github/workflows/lint-world.yaml b/.github/workflows/lint-world.yaml index 2870c72b19b..22138a588a8 100644 --- a/.github/workflows/lint-world.yaml +++ b/.github/workflows/lint-world.yaml @@ -29,7 +29,7 @@ jobs: group: wolfi-os-builder-${{ matrix.arch }} container: - image: ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + image: ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d steps: - uses: actions/checkout@v4 diff --git a/.github/workflows/withdraw-packages.yaml b/.github/workflows/withdraw-packages.yaml index 1280a38e8a1..172e5db43c2 100644 --- a/.github/workflows/withdraw-packages.yaml +++ b/.github/workflows/withdraw-packages.yaml @@ -22,7 +22,7 @@ jobs: run: | # Copy wolfictl out of the wolfictl image and onto PATH TMP=$(mktemp -d) - docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac -c "cp /usr/bin/wolfictl /out" + docker run --rm -i -v $TMP:/out --entrypoint /bin/sh ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d -c "cp /usr/bin/wolfictl /out" echo "$TMP" >> $GITHUB_PATH - name: 'Authenticate to Google Cloud' diff --git a/.github/workflows/wolfictl-check-update.yaml b/.github/workflows/wolfictl-check-update.yaml index e8fe54b610b..2f81b330183 100644 --- a/.github/workflows/wolfictl-check-update.yaml +++ b/.github/workflows/wolfictl-check-update.yaml @@ -29,7 +29,7 @@ jobs: - name: Check id: check if: ${{ steps.files.outputs.all_changed_files != '' }} - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} with: diff --git a/.github/workflows/wolfictl-lint.yaml b/.github/workflows/wolfictl-lint.yaml index d97fb17f81e..c5cbe6a5faf 100644 --- a/.github/workflows/wolfictl-lint.yaml +++ b/.github/workflows/wolfictl-lint.yaml @@ -19,13 +19,13 @@ jobs: - uses: actions/checkout@v4 - name: Lint id: lint - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: lint --skip-rule no-makefile-entry-for-package - name: Enforce YAML formatting id: lint-yaml - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: lint yam diff --git a/.github/workflows/wolfictl-update-gh.yaml b/.github/workflows/wolfictl-update-gh.yaml index 85cb8dd7cf6..d51fe97cfb2 100644 --- a/.github/workflows/wolfictl-update-gh.yaml +++ b/.github/workflows/wolfictl-update-gh.yaml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: update https://github.com/${{github.repository}} --release-monitoring-query=false --github-labels request-version-update --github-labels "automated pr" diff --git a/.github/workflows/wolfictl-update-rm.yaml b/.github/workflows/wolfictl-update-rm.yaml index f7a0ad3d251..3a0186786c5 100644 --- a/.github/workflows/wolfictl-update-rm.yaml +++ b/.github/workflows/wolfictl-update-rm.yaml @@ -23,7 +23,7 @@ jobs: steps: - uses: actions/checkout@v4 - - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:7c137cd6a8e88f750a593b12d8a8a3b9064207fea2200bef60c8c862910d7694 + - uses: docker://ghcr.io/wolfi-dev/wolfictl:latest@sha256:2896ee68bc353a0601cbd9b3ae9e0a8e866fe99006fe4f05404271e2b98f1038 with: entrypoint: wolfictl args: update https://github.com/${{github.repository}} --github-release-query=false --github-labels request-version-update --github-labels "automated pr" diff --git a/Makefile b/Makefile index c623babfe70..77692373890 100644 --- a/Makefile +++ b/Makefile @@ -91,7 +91,7 @@ dev-container: -v "${PWD}:${PWD}" \ -w "${PWD}" \ -e SOURCE_DATE_EPOCH=0 \ - ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d PACKAGES_CONTAINER_FOLDER ?= /work/packages TMP_REPOSITORIES_DIR := $(shell mktemp -d) @@ -156,6 +156,6 @@ dev-container-wolfi: --mount type=bind,source="${PWD}/local-melange.rsa.pub",destination="/etc/apk/keys/local-melange.rsa.pub",readonly \ --mount type=bind,source="$(TMP_REPOSITORIES_FILE)",destination="/etc/apk/repositories",readonly \ -w "$(PACKAGES_CONTAINER_FOLDER)" \ - ghcr.io/wolfi-dev/sdk:latest@sha256:fe85df7dc646f29552dab0ebd7e6e6e1cc6f4a5ce83e724693cf0fece5b8f8ac + ghcr.io/wolfi-dev/sdk:latest@sha256:bb5769922852c5a389e7ef2dfaab1d07312dd2cbad66552df77dfefe4c1d022d @rm "$(TMP_REPOSITORIES_FILE)" @rmdir "$(TMP_REPOSITORIES_DIR)" From 922d5582b4a3819e2521a8d7988efac2a3cc7d24 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 20:11:27 +0000 Subject: [PATCH 48/54] aws-c-s3/0.3.24 package update --- aws-c-s3.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws-c-s3.yaml b/aws-c-s3.yaml index 2421b3dcd2b..968eb1adeac 100644 --- a/aws-c-s3.yaml +++ b/aws-c-s3.yaml @@ -1,6 +1,6 @@ package: name: aws-c-s3 - version: 0.3.23 + version: 0.3.24 epoch: 0 description: "AWS C99 library implementation for communicating with the S3 service" copyright: @@ -36,7 +36,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: cede7c1b8b5f2c459f1a6f5cbc2a119f001e7a4c1164e0efb1b22e7b9b5235bf + expected-sha256: 09803db4af98bba0af263434e2de432cdccdb3ab709411abba8e05d34840f815 uri: https://github.com/awslabs/aws-c-s3/archive/refs/tags/v${{package.version}}.tar.gz - runs: | From 1a48697c7aab30ee19a81c779932f622ac03d7cd Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 20:11:36 +0000 Subject: [PATCH 49/54] aws-crt-cpp/0.24.7 package update --- aws-crt-cpp.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws-crt-cpp.yaml b/aws-crt-cpp.yaml index 7843d698f81..b080fe12c02 100644 --- a/aws-crt-cpp.yaml +++ b/aws-crt-cpp.yaml @@ -1,6 +1,6 @@ package: name: aws-crt-cpp - version: 0.24.6 + version: 0.24.7 epoch: 0 description: "C++ wrapper around the aws-c-* libraries. Provides Cross-Platform Transport Protocols and SSL/TLS implementations for C++" copyright: @@ -32,7 +32,7 @@ pipeline: with: repository: https://github.com/awslabs/aws-crt-cpp tag: v${{package.version}} - expected-commit: c84834d3aca192b862a6bb18e678f5d80323e735 + expected-commit: 1bdd7dc9ca877697265a6b3a4685f6b190b3b811 - runs: | if [ "$CBUILD" != "$CHOST" ]; then From f11fff7592f8622c71e2173201f76bc9ed75650f Mon Sep 17 00:00:00 2001 From: ajayk Date: Mon, 13 Nov 2023 12:26:56 -0800 Subject: [PATCH 50/54] fix: ignore ami rebuild tags --- aws-for-fluent-bit.yaml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/aws-for-fluent-bit.yaml b/aws-for-fluent-bit.yaml index 65420707df9..6daf741c93c 100644 --- a/aws-for-fluent-bit.yaml +++ b/aws-for-fluent-bit.yaml @@ -82,6 +82,8 @@ subpackages: - uses: strip update: + ignore-regex-patterns: + - ^\d+\.\d+.\d+\.\d+$ enabled: true github: identifier: aws/aws-for-fluent-bit From 48a73d8409fdaee42956d6f1cb85234de585473a Mon Sep 17 00:00:00 2001 From: Jason Hall Date: Mon, 13 Nov 2023 15:29:28 -0500 Subject: [PATCH 51/54] Update crane.yaml bump epoch to rebuild with apkindex fix Signed-off-by: Jason Hall --- crane.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crane.yaml b/crane.yaml index 83e2ab84996..cc580b22adc 100644 --- a/crane.yaml +++ b/crane.yaml @@ -1,7 +1,7 @@ package: name: crane version: 0.16.1 - epoch: 5 + epoch: 6 description: Tool for interacting with remote images and registries. copyright: - license: Apache-2.0 From 2847f272a93906f16066f76a0f697922d1b85e71 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 21:07:40 +0000 Subject: [PATCH 52/54] socat/1.8.0.0 package update --- socat.yaml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/socat.yaml b/socat.yaml index a263e338205..4689d893c47 100644 --- a/socat.yaml +++ b/socat.yaml @@ -1,6 +1,6 @@ package: name: socat - version: 1.7.4.4 + version: 1.8.0.0 epoch: 0 description: Multipurpose relay for binary protocols copyright: @@ -21,7 +21,7 @@ environment: pipeline: - uses: fetch with: - expected-sha256: 0f8f4b9d5c60b8c53d17b60d79ababc4a0f51b3bb6d2bd3ae8a6a4b9d68f195e + expected-sha256: 6010f4f311e5ebe0e63c77f78613d264253680006ac8979f52b0711a9a231e82 uri: http://www.dest-unreach.org/socat/download/socat-${{package.version}}.tar.gz - uses: patch From 72bda619fef763a47f8edeaa02fb1e245106ee82 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 21:07:46 +0000 Subject: [PATCH 53/54] py3-botocore/1.31.85 package update --- py3-botocore.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/py3-botocore.yaml b/py3-botocore.yaml index 32b84bb1ed2..8b39a4d4c8e 100644 --- a/py3-botocore.yaml +++ b/py3-botocore.yaml @@ -1,7 +1,7 @@ package: name: py3-botocore - version: 1.31.84 - epoch: 1 + version: 1.31.85 + epoch: 0 description: "The low-level, core functionality of Boto3" copyright: - license: Apache-2.0 @@ -27,7 +27,7 @@ pipeline: - uses: fetch with: uri: https://files.pythonhosted.org/packages/source/b/botocore/botocore-${{package.version}}.tar.gz - expected-sha256: 8913bedb96ad0427660dee083aeaa675466eb662bbf1a47781956b5882aadcc5 + expected-sha256: ce58e688222df73ec5691f934be1a2122a52c9d11d3037b586b3fff16ed6d25f - runs: | python3 setup.py build From 8035d66553ef8057fc8ea970afcff0d2f9425cf9 Mon Sep 17 00:00:00 2001 From: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com> Date: Mon, 13 Nov 2023 21:11:17 +0000 Subject: [PATCH 54/54] aws-cli/1.29.85 package update --- aws-cli.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/aws-cli.yaml b/aws-cli.yaml index 9f0482d8cf0..4cfc17f727a 100644 --- a/aws-cli.yaml +++ b/aws-cli.yaml @@ -1,7 +1,7 @@ package: name: aws-cli - version: 1.29.84 - epoch: 1 + version: 1.29.85 + epoch: 0 description: "Universal Command Line Interface for Amazon Web Services" copyright: - license: Apache-2.0 @@ -33,7 +33,7 @@ pipeline: - uses: fetch with: uri: https://github.com/aws/aws-cli/archive/${{package.version}}.tar.gz - expected-sha256: adfb94cbf92fa46d343b56245a3955964696f88410aa96ce66ef255f24b736ac + expected-sha256: d8faf32a2bc002b4b85381fd74dbac37f409d8ca0bbe42a49f419921bec61aef - runs: | python3 setup.py build