2022-12-08T02:51:36 cve 1.1.0 -> 1.2.0 https://github.com/RedHatProductSecurity/cvelib/releases
2022-12-08T02:51:39 attrpath: cve
2022-12-08T02:51:39 Checking auto update branch...
2022-12-08T02:51:39 No auto update branch exists
2022-12-08T02:51:44 [version]
2022-12-08T02:51:46 [version] updated version and sha256
2022-12-08T02:51:46 [rustCrateVersion]
2022-12-08T02:51:46 [rustCrateVersion] No cargoSha256 found
2022-12-08T02:51:46 [golangModuleVersion]
2022-12-08T02:51:46 [golangModuleVersion] Not a buildGoModule package with vendorSha256
2022-12-08T02:51:46 [updateScript]
2022-12-08T02:51:46 [updateScript] skipping because derivation has no updateScript
2022-12-08T02:51:46
2022-12-08T02:51:46 [quotedUrls]
2022-12-08T02:51:46 [quotedUrls] nothing found to replace
2022-12-08T02:51:46 Diff after rewrites:
diff --git a/pkgs/development/python-modules/cvelib/default.nix b/pkgs/development/python-modules/cvelib/default.nix
index 49b5c759069..8bdcb400b96 100644
--- a/pkgs/development/python-modules/cvelib/default.nix
+++ b/pkgs/development/python-modules/cvelib/default.nix
@@ -10,7 +10,7 @@
buildPythonPackage rec {
pname = "cvelib";
- version = "1.1.0";
+ version = "1.2.0";
format = "setuptools";
disabled = pythonOlder "3.7";
@@ -19,7 +19,7 @@ buildPythonPackage rec {
owner = "RedHatProductSecurity";
repo = "cvelib";
rev = "tags/${version}";
- hash = "sha256-MZzCTUleEddIlZBRhxD8ZgaWAOFcpa5hvNuIjrBJRzk=";
+ hash = "sha256-8qlXwEbgLRZ1qYtBJ1c0nv6qfIOW5zAK9eOS+n+afWQ=";
};
SETUPTOOLS_SCM_PRETEND_VERSION = "v${version}";
2022-12-08T02:53:17 Successfully finished processing
2022-12-08T02:53:17 cachix "/nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0"
2022-12-08T02:53:20 [check][nixpkgs-review]
2022-12-08T02:56:04 Result of `nixpkgs-review` run on x86_64-linux [1](https://github.com/Mic92/nixpkgs-review)
2 packages built:
- cve (python310Packages.cvelib)
- python39Packages.cvelib
2022-12-08T02:56:06 Automatic update generated by [nixpkgs-update](https://github.com/ryantm/nixpkgs-update) tools. This update was made based on information from https://github.com/RedHatProductSecurity/cvelib/releases.
meta.description for cve is: "Library and a command line interface for the CVE Services API"
meta.homepage for cve is: "https://github.com/RedHatProductSecurity/cvelib"
meta.changelog for cve is: ""
###### Updates performed
- Version update
###### To inspect upstream changes
###### Impact
Checks done (click to expand)
---
- built on NixOS
- The tests defined in `passthru.tests`, if any, passed
- found 1.2.0 with grep in /nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0
- found 1.2.0 in filename of file in /nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0
---
Rebuild report (if merged into master) (click to expand)
```
3 total rebuild path(s)
3 package rebuild(s)
First fifty rebuilds by attrpath
cve
python310Packages.cvelib
python39Packages.cvelib
```
Instructions to test this update (click to expand)
---
Either **download from Cachix**:
```
nix-store -r /nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0 \
--option binary-caches 'https://cache.nixos.org/ https://nix-community.cachix.org/' \
--option trusted-public-keys '
nix-community.cachix.org-1:mB9FSh9qf2dCimDSUo8Zy7bkq5CX+/rkCWyvRCYg3Fs=
cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
'
```
(The Cachix cache is only trusted for this store-path realization.)
For the Cachix download to work, your user must be in the `trusted-users` list or you can use `sudo` since root is effectively trusted.
Or, **build yourself**:
```
nix-build -A cve https://github.com/r-ryantm/nixpkgs/archive/4e9abf3af4e9cd5850027bd66b88abfc89a36d2f.tar.gz
```
After you've downloaded or built it, look at the files and if there are any, run the binaries:
```
ls -la /nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0
ls -la /nix/store/1df9gmp0r66rvpdpdzz4xlsdb9npbbhq-python3.10-cvelib-1.2.0/bin
```
---
### Pre-merge build results
We have automatically built all packages that will get rebuilt due to
this change.
This gives evidence on whether the upgrade will break dependent packages.
Note sometimes packages show up as _failed to build_ independent of the
change, simply because they are already broken on the target branch.
Result of `nixpkgs-review` run on x86_64-linux [1](https://github.com/Mic92/nixpkgs-review)
2 packages built:
- cve (python310Packages.cvelib)
- python39Packages.cvelib
---
###### Maintainer pings
cc @raboof for [testing](https://github.com/ryantm/nixpkgs-update/blob/master/doc/nixpkgs-maintainer-faq.md#r-ryantm-opened-a-pr-for-my-package-what-do-i-do).
2022-12-08T02:56:09 https://api.github.com/repos/NixOS/nixpkgs/pulls/205090