py-diffoscope: update to version 264 Changelog (from https://salsa.debian.org/reproducible-builds/diffoscope/-/blob/master/debian/changelog?ref_type=heads): diffoscope (264) unstable; urgency=medium [ Chris Lamb ] * Don't crash on invalid zipfiles, even if we encounter 'badness' halfway through the file. (Re: #1068705) [ FC (Fay) Stegerman ] * Fix a crash when there are (invalid) duplicate entries in .zip files. (Closes: #1068705) * Add note when there are duplicate entries in ZIP files. (Closes: reproducible-builds/diffoscope!140) [ Vagrant Cascadian ] * Add an external tool reference for GNU Guix for zipdetails. -- Chris Lamb <lamby@debian.org> Fri, 12 Apr 2024 09:38:55 +0100 diffoscope (263) unstable; urgency=medium [ Chris Lamb ] * Add support for the zipdetails(1) tool included in the Perl distribution. Thanks to Larry Doolittle et al. for the pointer to this tool. * Don't use parenthesis within test "skipping…" messages; PyTest adds its own parenthesis, so we were ending up with double nested parens. * Fix the .epub tests after supporting zipdetails(1). * Update copyright years and debian/tests/control. [ FC (Fay) Stegerman ] * Fix MozillaZipContainer's monkeypatch after Python's zipfile module changed to detect potentially insecure overlapping entries within .zip files. (Closes: reproducible-builds/diffoscope#362) -- Chris Lamb <lamby@debian.org> Fri, 05 Apr 2024 12:21:10 +0100 diffoscope (262) unstable; urgency=medium [ Chris Lamb ] * Factor out Python version checking in test_zip.py. (Re: #362) * Also skip some zip tests under 3.10.14 as well; a potential regression may have been backported to the 3.10.x series. The underlying cause is still to be investigated. (Re: #362) -- Chris Lamb <lamby@debian.org> Fri, 29 Mar 2024 09:43:00 +0000 diffoscope (261) unstable; urgency=medium [ Chris Lamb ] * Don't crash if we encounter an .rdb file without an equivalent .rdx file. (Closes: #1066991) * In addition, don't identify Redis database dumps (etc.) as GNU R database files based simply on their filename. (Re: #1066991) * Update copyright years. -- Chris Lamb <lamby@debian.org> Fri, 22 Mar 2024 09:42:15 +0000 diffoscope (260) unstable; urgency=medium [ Chris Lamb ] * Actually test 7z support in the test_7z set of tests, not the lz4 functionality. (Closes: reproducible-builds/diffoscope#359) * In addition, correctly check for the 7z binary being available (and not lz4) when testing 7z. * Prevent a traceback when comparing a contentful .pyc file with an empty one. (Re: Debian:#1064973) -- Chris Lamb <lamby@debian.org> Fri, 08 Mar 2024 11:07:49 +0000 diffoscope (259) unstable; urgency=medium [ Chris Lamb ] * Don't error-out with a traceback if we encounter "struct.unpack"-related errors when parsing .pyc files. (Closes: #1064973) * Fix compatibility with PyTest 8.0. (Closes: reproducible-builds/diffoscope#365) * Don't try and compare rdb_expected_diff on non-GNU systems as %p formatting can vary. (Re: reproducible-builds/diffoscope#364) -- Chris Lamb <lamby@debian.org> Fri, 01 Mar 2024 09:34:23 +0000 diffoscope (258) unstable; urgency=medium [ Chris Lamb ] * Use the 7zip package (over p7zip-full) after package transition. (Closes: #1063559) * Update debian/tests/control. [ Vagrant Cascadian ] * Fix a typo in the package name field (!) within debian/changelog. -- Chris Lamb <lamby@debian.org> Fri, 23 Feb 2024 11:31:52 +0000 diffoscope (257) unstable; urgency=medium [ James Addison ] * Parse the header and hunksize of diffs strictly before parsing the context below. (Closes: reproducible-builds/diffoscope#363) * Reformat code to comply with the latest version of Black (24.1.1). [ Chris Lamb ] * Expand the previous changelog entry to include the CVE number that was subsequently assigned. * Bump the miniumum Black requirement to run the "Black clean" test and make test_zip.py Black clean. -- Chris Lamb <lamby@debian.org> Mon, 12 Feb 2024 10:08:35 -0800 diffoscope (256) unstable; urgency=high * CVE-2024-25711: Use a determistic name when extracting content from GPG artifacts instead of trusting the value of gpg's --use-embedded-filenames. This prevents a potential information disclosure vulnerability that could have been exploited by providing a specially-crafted GPG file with an embedded filename of, say, "../../.ssh/id_rsa". Many thanks to Daniel Kahn Gillmor <dkg@debian.org> for reporting this issue and providing feedback. (Closes: reproducible-builds/diffoscope#361) * Temporarily fix support for Python 3.11.8 re. a potential regression with the handling of ZIP files. (See reproducible-builds/diffoscope#362) -- Chris Lamb <lamby@debian.org> Fri, 09 Feb 2024 12:22:37 -0800diff -r1.24 -r1.25 pkgsrc/sysutils/py-diffoscope/Makefile
(nikita)
@@ -1,16 +1,16 @@ | @@ -1,16 +1,16 @@ | |||
1 | # $NetBSD: Makefile,v 1.24 2024/01/28 21:04:45 adam Exp $ | 1 | # $NetBSD: Makefile,v 1.25 2024/04/12 19:28:40 nikita Exp $ | |
2 | 2 | |||
3 | DISTNAME= diffoscope-255 | 3 | DISTNAME= diffoscope-264 | |
4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | 4 | PKGNAME= ${PYPKGPREFIX}-${DISTNAME} | |
5 | CATEGORIES= sysutils python | 5 | CATEGORIES= sysutils python | |
6 | MASTER_SITES= ${MASTER_SITE_PYPI:=d/diffoscope/} | 6 | MASTER_SITES= ${MASTER_SITE_PYPI:=d/diffoscope/} | |
7 | 7 | |||
8 | MAINTAINER= pkgsrc-users@NetBSD.org | 8 | MAINTAINER= pkgsrc-users@NetBSD.org | |
9 | HOMEPAGE= https://diffoscope.org/ | 9 | HOMEPAGE= https://diffoscope.org/ | |
10 | COMMENT= In-depth comparison of files, archives, and directories | 10 | COMMENT= In-depth comparison of files, archives, and directories | |
11 | LICENSE= gnu-gpl-v3 | 11 | LICENSE= gnu-gpl-v3 | |
12 | 12 | |||
13 | TOOL_DEPENDS+= ${PYPKGPREFIX}-setuptools-[0-9]*:../../devel/py-setuptools | 13 | TOOL_DEPENDS+= ${PYPKGPREFIX}-setuptools-[0-9]*:../../devel/py-setuptools | |
14 | TOOL_DEPENDS+= ${PYPKGPREFIX}-wheel-[0-9]*:../../devel/py-wheel | 14 | TOOL_DEPENDS+= ${PYPKGPREFIX}-wheel-[0-9]*:../../devel/py-wheel | |
15 | DEPENDS+= ${PYPKGPREFIX}-libarchive-c-[0-9]*:../../archivers/py-libarchive-c | 15 | DEPENDS+= ${PYPKGPREFIX}-libarchive-c-[0-9]*:../../archivers/py-libarchive-c | |
16 | DEPENDS+= ${PYPKGPREFIX}-magic-[0-9]*:../../sysutils/py-magic | 16 | DEPENDS+= ${PYPKGPREFIX}-magic-[0-9]*:../../sysutils/py-magic |
@@ -1,30 +1,30 @@ | @@ -1,30 +1,30 @@ | |||
1 | @comment $NetBSD: PLIST,v 1.11 2024/01/24 23:53:04 adam Exp $ | 1 | @comment $NetBSD: PLIST,v 1.12 2024/04/12 19:28:40 nikita Exp $ | |
2 | bin/diffoscope-${PYVERSSUFFIX} | 2 | bin/diffoscope-${PYVERSSUFFIX} | |
3 | ${PYSITELIB}/${WHEEL_INFODIR}/COPYING | 3 | ${PYSITELIB}/${WHEEL_INFODIR}/COPYING | |
4 | ${PYSITELIB}/${WHEEL_INFODIR}/METADATA | 4 | ${PYSITELIB}/${WHEEL_INFODIR}/METADATA | |
5 | ${PYSITELIB}/${WHEEL_INFODIR}/RECORD | 5 | ${PYSITELIB}/${WHEEL_INFODIR}/RECORD | |
6 | ${PYSITELIB}/${WHEEL_INFODIR}/WHEEL | 6 | ${PYSITELIB}/${WHEEL_INFODIR}/WHEEL | |
7 | ${PYSITELIB}/${WHEEL_INFODIR}/entry_points.txt | 7 | ${PYSITELIB}/${WHEEL_INFODIR}/entry_points.txt | |
8 | ${PYSITELIB}/${WHEEL_INFODIR}/top_level.txt | 8 | ${PYSITELIB}/${WHEEL_INFODIR}/top_level.txt | |
9 | ${PYSITELIB}/diffoscope/__init__.py | 9 | ${PYSITELIB}/diffoscope/__init__.py | |
10 | ${PYSITELIB}/diffoscope/__init__.pyc | 10 | ${PYSITELIB}/diffoscope/__init__.pyc | |
11 | ${PYSITELIB}/diffoscope/__init__.pyo | 11 | ${PYSITELIB}/diffoscope/__init__.pyo | |
12 | ${PYSITELIB}/diffoscope/changes.py | 12 | ${PYSITELIB}/diffoscope/changes.py | |
13 | ${PYSITELIB}/diffoscope/changes.pyc | 13 | ${PYSITELIB}/diffoscope/changes.pyc | |
14 | ${PYSITELIB}/diffoscope/changes.pyo | 14 | ${PYSITELIB}/diffoscope/changes.pyo | |
15 | ${PYSITELIB}/diffoscope/comparators/7z.py | 15 | ${PYSITELIB}/diffoscope/comparators/sevenz.py | |
16 | ${PYSITELIB}/diffoscope/comparators/7z.pyc | 16 | ${PYSITELIB}/diffoscope/comparators/sevenz.pyc | |
17 | ${PYSITELIB}/diffoscope/comparators/7z.pyo | 17 | ${PYSITELIB}/diffoscope/comparators/sevenz.pyo | |
18 | ${PYSITELIB}/diffoscope/comparators/__init__.py | 18 | ${PYSITELIB}/diffoscope/comparators/__init__.py | |
19 | ${PYSITELIB}/diffoscope/comparators/__init__.pyc | 19 | ${PYSITELIB}/diffoscope/comparators/__init__.pyc | |
20 | ${PYSITELIB}/diffoscope/comparators/__init__.pyo | 20 | ${PYSITELIB}/diffoscope/comparators/__init__.pyo | |
21 | ${PYSITELIB}/diffoscope/comparators/android.py | 21 | ${PYSITELIB}/diffoscope/comparators/android.py | |
22 | ${PYSITELIB}/diffoscope/comparators/android.pyc | 22 | ${PYSITELIB}/diffoscope/comparators/android.pyc | |
23 | ${PYSITELIB}/diffoscope/comparators/android.pyo | 23 | ${PYSITELIB}/diffoscope/comparators/android.pyo | |
24 | ${PYSITELIB}/diffoscope/comparators/apk.py | 24 | ${PYSITELIB}/diffoscope/comparators/apk.py | |
25 | ${PYSITELIB}/diffoscope/comparators/apk.pyc | 25 | ${PYSITELIB}/diffoscope/comparators/apk.pyc | |
26 | ${PYSITELIB}/diffoscope/comparators/apk.pyo | 26 | ${PYSITELIB}/diffoscope/comparators/apk.pyo | |
27 | ${PYSITELIB}/diffoscope/comparators/ar.py | 27 | ${PYSITELIB}/diffoscope/comparators/ar.py | |
28 | ${PYSITELIB}/diffoscope/comparators/ar.pyc | 28 | ${PYSITELIB}/diffoscope/comparators/ar.pyc | |
29 | ${PYSITELIB}/diffoscope/comparators/ar.pyo | 29 | ${PYSITELIB}/diffoscope/comparators/ar.pyo | |
30 | ${PYSITELIB}/diffoscope/comparators/arsc.py | 30 | ${PYSITELIB}/diffoscope/comparators/arsc.py |
@@ -1,5 +1,5 @@ | @@ -1,5 +1,5 @@ | |||
1 | $NetBSD: distinfo,v 1.18 2024/01/28 21:04:45 adam Exp $ | 1 | $NetBSD: distinfo,v 1.19 2024/04/12 19:28:40 nikita Exp $ | |
2 | 2 | |||
3 | BLAKE2s (diffoscope-255.tar.gz) = 040064a0e7f0f6829a75d2d4b62e9733686986aa6a7ce4a5f75365838bfd929b | 3 | BLAKE2s (diffoscope-264.tar.gz) = c50deec25fbe9cc13c767529515fd275bd719ae17b81b811c0bb6bca64112841 | |
4 | SHA512 (diffoscope-255.tar.gz) = ec1e04734fea3dd8504f857b68704c4f0aa4007507c404f0c557c56bd1902da703907b7bfda2c465bc2ccb36a3d496404058adf7ec123bc22c210b7bdef68d64 | 4 | SHA512 (diffoscope-264.tar.gz) = 8ec98d3c117ff7555398c4d2e8035a8a4c721d4f0274b6e478cbd3bdf3d8d5be19bfe344aa874dc60da2272695d5fc1cb7913bb488dd80fa4d8e14c1e276b31e | |
5 | Size (diffoscope-255.tar.gz) = 3170546 bytes | 5 | Size (diffoscope-264.tar.gz) = 3284441 bytes |