Hello community, here is the log from the commit of package gdk-pixbuf for openSUSE:Factory checked in at 2020-02-29 21:21:00 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/gdk-pixbuf (Old) and /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "gdk-pixbuf" Sat Feb 29 21:21:00 2020 rev:78 rq:779892 version:2.40.0 Changes: -------- --- /work/SRC/openSUSE:Factory/gdk-pixbuf/gdk-pixbuf.changes 2020-02-03 11:26:55.534138004 +0100 +++ /work/SRC/openSUSE:Factory/.gdk-pixbuf.new.26092/gdk-pixbuf.changes 2020-02-29 21:21:09.894118774 +0100 @@ -1,0 +2,17 @@ +Mon Feb 24 01:29:03 UTC 2020 - Yifan Jiang <yfjiang@suse.com> + +- A file tests/test-images/gif-test-suite/max-width.gif from the + test suite is correctly identified by clamav to be a malicious + BC.Gif.Exploit.Agent-1425366.Agent. This is an intentional part + of the test suite to ensure it has no negative side effects. + + On SLE, the package is built with clamav scanning, which then + prevents a successful build. This change repacks the source + package to a password-protected zip to bypass the clamav scanning + for SLE (bsc#1159337), with following update: + + + Download upstream tarball through source service + + Add pre_checkin.sh to convert tarball to zip file + + Update spec-file to use the zip file as main source + +------------------------------------------------------------------- Old: ---- gdk-pixbuf-2.40.0.tar.xz New: ---- _service gdk-pixbuf-2.40.0.zip pre_checkin.sh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ gdk-pixbuf.spec ++++++ --- /var/tmp/diff_new_pack.udetm4/_old 2020-02-29 21:21:11.774122495 +0100 +++ /var/tmp/diff_new_pack.udetm4/_new 2020-02-29 21:21:11.798122542 +0100 @@ -1,7 +1,7 @@ # # spec file for package gdk-pixbuf # -# Copyright (c) 2019 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2020 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -27,7 +27,11 @@ Group: Development/Libraries/GNOME URL: https://www.gnome.org/ -Source0: https://download.gnome.org/sources/gdk-pixbuf/2.40/%{name}-%{version}.tar.xz +# A filefrom the test suite is correctly identified by clamav to be a +# malicious BC.Gif.Exploit.Agent-1425366.Agent. This is an intentional part of +# the test suite to ensure it has no negative side effects. Change the Source0 +# from tar.xz to zip to bypass clamav scanning on SLE. +Source0: %{name}-%{version}.zip Source1: macros.gdk-pixbuf Source2: README.SUSE Source3: gdk-pixbuf-rpmlintrc @@ -40,6 +44,7 @@ BuildRequires: meson BuildRequires: pkgconfig BuildRequires: translation-update-upstream +BuildRequires: unzip BuildRequires: xsltproc BuildRequires: pkgconfig(glib-2.0) >= 2.48.0 BuildRequires: pkgconfig(gobject-introspection-1.0) @@ -127,7 +132,8 @@ %lang_package %prep -%autosetup -p1 +%setup -c -T -q +unzip -P gecko %{SOURCE0} translation-update-upstream %if "%{_lib}" == "lib64" cp -a %{SOURCE2} . ++++++ _service ++++++ <services> <service name="download_url" mode="disabled"> <param name="protocol">https</param> <param name="host">download.gnome.org</param> <param name="path">sources/gdk-pixbuf/2.40/gdk-pixbuf-2.40.0.tar.xz</param> </service> <service name="set_version" mode="disabled" /> </services> ++++++ pre_checkin.sh ++++++ #!/bin/sh # To update the package: ## 1. update the version tags in _service ## 2. run `osc service ra`; # get the upstream release, and set the version string in spec ## 3. run `./pre_checkin.sh`; # generate the zip file ## 4. edit changelog and commit the change # the tar.xz file generated by the step 2 is not necessarily to commit EXTRACTDIR=$(mktemp -d); BASENAME=$(grep ^Name\: gdk-pixbuf.spec | cut -d: -f2 | sed 's/[[:space:]]//g'); VERSION=$(grep ^Version\: gdk-pixbuf.spec | cut -d: -f2 | sed 's/[[:space:]]//g'); tar xvfJ $BASENAME-$VERSION.tar.xz -C $EXTRACTDIR; pushd $EXTRACTDIR/$BASENAME-$VERSION && zip -r -P gecko $BASENAME-$VERSION.zip * && popd && mv $EXTRACTDIR/$BASENAME-$VERSION/$BASENAME-$VERSION.zip .; rm -fr $EXTRACTDIR && rm -fr $BASENAME-$VERSION.tar.xz;