From 680cf20754c5b82f8c8a819720462c02372125c3 Mon Sep 17 00:00:00 2001 From: David Cantrell Date: Apr 30 2021 16:15:56 +0000 Subject: Begin work on version 1.5 Use llabs() instead of labs() in the filesize inspection Improve has invalid execstack flags reporting Use long unsigned int to report size changes in patches Fix some errors in the changedfiles inspection Update the changedfiles test cases Check DT_SONAME in is_elf_shared_library() Skip debuginfo and debugsource files in abidiff Make sure abidiff test cases add a DT_SONAME to the test lib Report INFO level for patches findings by default Python black fixes in test/test_abidiff.py Update the test/test_patches.py cases for patches changes Generate regular changelog in utils/srpm.h Skip branches without targets in submit-koji-builds.sh Fedora and CentOS systems in ci need diffstat opensuse-leap CI job requires diffstat Fix the Debian CI jobs in GitHub Actions Fix and enable the Ubuntu extra-ci job in GitHub Actions Use pip instead of pip3 for the Ubuntu command Use apt-get -y install in Enable the opensuse-tumbleweed GHA job again Make sure the Gentoo GHA job has diffstat Get the Arch Linux GHA job working again Use ubuntu:latest for the ubuntu GHA image Simplify the utils/determine-os.sh script Update license table in README.md Allow any number of builds specified for fetch only mode Handle old or broken versions of libmagic in changedfiles Update GitHub Action status badges in README.md Fix $(OS) check in the Makefile Fix the ubuntu GitHub Actions extra-ci job Make sure the centos8 job has git available before cloning Change strappend() to work as a variadic function Use json_tokener_parse_ex() to get better error reporting Fix reading of the javabytecode block in the config file Catch missing/losing -fPIC correctly on .a ELF objects (#352) Refactor elf_archive_tests() and its helper functions Followup fix for find_no_pic, find_pic, and find_all Install cpp-coveralls using pacman on Arch Linux Install cpp-coveralls using pip on Arch Linux Install cpp-coveralls in pre.sh on Arch Linux Install required Python modules in pre.sh on Arch Linux Do not upgrade pip on Arch Linux, go back to using pip.txt Drop DEBUG_PRINT from source generated by pic_bits.sh Do not run apt-get update as a second time on Debians systems The lost PIC tests need to invoke gcc with -fno-PIC Update the OpenSUSE Tumbleweed files, but disable it anyway Define inspection_ignores in struct rpminspect Clean up the config file section reading code Add add_ignore() to init.c Fix fetch only mode download directory Stub out libcurl download progress callback function Perform symbolic owner and group matching in ownership (#364) Restrict download_progress() to systems with CURLOPT_XFERINFOFUNCTION Read per-inspection ignore lists from the config file. Add commented out per-inspection ignore blocks Implement per-inspection path ignore support (#351) Report annocheck failures correctly in librpminspect. Note all regular expression settings use regex(7) syntax Allow size_threshold: info in the config file (#261) Check ignore list in files for path prefixes to ignore (#360) Support a list of expected empty RPMs in the config file (#355) Call mparse_reset() before mparse_readfd() Do not crash with the -c option specifies a non-existent file Update TODO list Make sure brp-compress is disabled in test_manpage.py Require/Recommend /usr/bin/annocheck Note size_threshold can be the keyword info Ensure ctxt->lastError.message is not NULL before strdup (#382) Handle corrupt compressed files in changedfiles (#382) Disable debugging output for the ignore lists in init.c Drop debugging output in the xml inspection Remove what working directories we can Correctly find icons for desktop files in subpackages (#367) Followup to the Icon= check in the desktop inspection (#367) BuildRequires libmandoc-devel >= 1.14.5 Manually install mandoc on centos7 for now Signed-off-by: David Cantrell --- diff --git a/.gitignore b/.gitignore index 9133d14..979d00e 100644 --- a/.gitignore +++ b/.gitignore @@ -20,3 +20,4 @@ /rpminspect-1.3.tar.xz /rpminspect-1.3.1.tar.xz /rpminspect-1.4.tar.xz +/rpminspect-1.5.tar.xz diff --git a/changelog b/changelog index 0e1a43f..a54e3b1 100644 --- a/changelog +++ b/changelog @@ -1,3 +1,82 @@ +* Fri Apr 30 2021 David Cantrell - 1.5-1 +- Begin work on version 1.5 +- Use llabs() instead of labs() in the filesize inspection +- Improve has invalid execstack flags reporting +- Use long unsigned int to report size changes in patches +- Fix some errors in the changedfiles inspection +- Update the changedfiles test cases +- Check DT_SONAME in is_elf_shared_library() +- Skip debuginfo and debugsource files in abidiff +- Make sure abidiff test cases add a DT_SONAME to the test lib +- Report INFO level for patches findings by default +- Python black fixes in test/test_abidiff.py +- Update the test/test_patches.py cases for patches changes +- Generate regular changelog in utils/srpm.h +- Skip branches without targets in submit-koji-builds.sh +- Fedora and CentOS systems in ci need diffstat +- opensuse-leap CI job requires diffstat +- Fix the Debian CI jobs in GitHub Actions +- Fix and enable the Ubuntu extra-ci job in GitHub Actions +- Use pip instead of pip3 for the Ubuntu command +- Use apt-get -y install in +- Enable the opensuse-tumbleweed GHA job again +- Make sure the Gentoo GHA job has diffstat +- Get the Arch Linux GHA job working again +- Use ubuntu:latest for the ubuntu GHA image +- Simplify the utils/determine-os.sh script +- Update license table in README.md +- Allow any number of builds specified for fetch only mode +- Handle old or broken versions of libmagic in changedfiles +- Update GitHub Action status badges in README.md +- Fix $(OS) check in the Makefile +- Fix the ubuntu GitHub Actions extra-ci job +- Make sure the centos8 job has git available before cloning +- Change strappend() to work as a variadic function +- Use json_tokener_parse_ex() to get better error reporting +- Fix reading of the javabytecode block in the config file +- Catch missing/losing -fPIC correctly on .a ELF objects (#352) +- Refactor elf_archive_tests() and its helper functions +- Followup fix for find_no_pic, find_pic, and find_all +- Install cpp-coveralls using pacman on Arch Linux +- Install cpp-coveralls using pip on Arch Linux +- Install cpp-coveralls in pre.sh on Arch Linux +- Install required Python modules in pre.sh on Arch Linux +- Do not upgrade pip on Arch Linux, go back to using pip.txt +- Drop DEBUG_PRINT from source generated by pic_bits.sh +- Do not run apt-get update as a second time on Debians systems +- The lost PIC tests need to invoke gcc with -fno-PIC +- Update the OpenSUSE Tumbleweed files, but disable it anyway +- Define inspection_ignores in struct rpminspect +- Clean up the config file section reading code +- Add add_ignore() to init.c +- Fix fetch only mode download directory +- Stub out libcurl download progress callback function +- Perform symbolic owner and group matching in ownership (#364) +- Restrict download_progress() to systems with CURLOPT_XFERINFOFUNCTION +- Read per-inspection ignore lists from the config file. +- Add commented out per-inspection ignore blocks +- Implement per-inspection path ignore support (#351) +- Report annocheck failures correctly in librpminspect. +- Note all regular expression settings use regex(7) syntax +- Allow size_threshold: info in the config file (#261) +- Check ignore list in files for path prefixes to ignore (#360) +- Support a list of expected empty RPMs in the config file (#355) +- Call mparse_reset() before mparse_readfd() +- Do not crash with the -c option specifies a non-existent file +- Update TODO list +- Make sure brp-compress is disabled in test_manpage.py +- Require/Recommend /usr/bin/annocheck +- Note size_threshold can be the keyword info +- Ensure ctxt->lastError.message is not NULL before strdup (#382) +- Handle corrupt compressed files in changedfiles (#382) +- Disable debugging output for the ignore lists in init.c +- Drop debugging output in the xml inspection +- Remove what working directories we can +- Correctly find icons for desktop files in subpackages (#367) +- Followup to the Icon= check in the desktop inspection (#367) +- BuildRequires libmandoc-devel >= 1.14.5 +- Manually install mandoc on centos7 for now + * Thu Mar 25 2021 David Cantrell - 1.4-2 - ExcludeArch %%{ix86} and %%{arm} diff --git a/rpminspect.spec b/rpminspect.spec index 937e452..e1629f6 100644 --- a/rpminspect.spec +++ b/rpminspect.spec @@ -1,6 +1,6 @@ Name: rpminspect -Version: 1.4 -Release: 2%{?dist} +Version: 1.5 +Release: 1%{?dist} Summary: Build deviation compliance tool Group: Development/Tools # librpminspect is licensed under the LGPLv3+, but 5 source files in @@ -10,12 +10,10 @@ Group: Development/Tools # license. License: GPLv3+ and LGPLv2+ and ASL 2.0 and CC-BY URL: https://github.com/rpminspect/rpminspect -Source0: https://github.com/rpminspect/rpminspect/releases/download/v1.4/rpminspect-1.4.tar.xz +Source0: https://github.com/rpminspect/rpminspect/releases/download/v1.5/rpminspect-1.5.tar.xz Source1: changelog Requires: librpminspect%{?_isa} = %{version}-%{release} -ExcludeArch: %{ix86} %{arm} - BuildRequires: meson BuildRequires: ninja-build BuildRequires: gcc @@ -35,17 +33,8 @@ BuildRequires: openssl-devel BuildRequires: libcap-devel BuildRequires: gettext-devel BuildRequires: clamav-devel - -# This block can be removed when all targeted platforms have 1.14.5. -# The 1.14.5 mandoc package has libmandoc.a and fixes for some known -# problems, which we want for librpminspect. Fedora <= 30 and EPEL <= -# 7 do not currently have this build. When they do, reduce this block -# to a single BuildRequires line. -%if 0%{?rhel} >= 8 || 0%{?epel} >= 8 || 0%{?fedora} >= 31 BuildRequires: libmandoc-devel >= 1.14.5 -%else -BuildRequires: libmandoc-devel -%endif + %description Build deviation and compliance tool. This program runs a number of tests @@ -91,9 +80,9 @@ Requires: bash # The annocheck program is used by the annocheck inspection. If it is # not present, you can disable the annocheck inspection. %if 0%{?rhel} >= 8 || 0%{?epel} >= 8 || 0%{?fedora} -Recommends: annobin-annocheck +Recommends: /usr/bin/annocheck %else -Requires: annobin-annocheck +Requires: /usr/bin/annocheck %endif # The abidiff and kmidiff inspections require a external executable by @@ -133,7 +122,7 @@ control files. %prep -%setup -q -n rpminspect-1.4 +%setup -q -n rpminspect-1.5 %build diff --git a/sources b/sources index e2300c2..9a23a88 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (rpminspect-1.4.tar.xz) = 16563ec3a720bddfed4cbfeaef0a82c02b3a28123d12306d47b0dabc3352b21cdce55342c7ab079a38e1124c31085240d2a0ca08ac44aac46be32de1bbc97a5d +SHA512 (rpminspect-1.5.tar.xz) = 2c477a557fe153bdacb6cd330eaa77d3fbd1228cd517d84625377dfe8c55dfb44aeb18be8ecf72eecacdb4a0c5e50ec18ac99dfd968d40474d359a169e5b0806