fmt/11.0.2 package update #24349

octo-sts · 2024-07-20T15:18:13Z

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

github-actions · 2024-07-20T15:23:32Z

Package fmt-dev: Click to expand/collapse

Package fmt-dev:
Added: /usr/include/fmt/base.h
Modified: /usr/include/fmt/args.h
Modified: /usr/include/fmt/chrono.h
Modified: /usr/include/fmt/color.h
Modified: /usr/include/fmt/compile.h
Modified: /usr/include/fmt/core.h
Modified: /usr/include/fmt/format-inl.h
Modified: /usr/include/fmt/format.h
Modified: /usr/include/fmt/os.h
Modified: /usr/include/fmt/ostream.h
Modified: /usr/include/fmt/printf.h
Modified: /usr/include/fmt/ranges.h
Modified: /usr/include/fmt/std.h
Modified: /usr/include/fmt/xchar.h
Modified: /usr/lib/cmake/fmt/fmt-config-version.cmake
Modified: /usr/lib/cmake/fmt/fmt-targets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/fmt.pc

Package fmt: Click to expand/collapse

Package fmt:
Added: /usr/lib/libfmt.so.11.0.2
Deleted: /usr/lib/libfmt.so.10.2.1

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-3256227662/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d8617a465698f84484aeae5eedac

Changed: /tmp/wolfictl-apk-3256227662/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/206ca18adf9341e9f344b7831027

Changed: /tmp/wolfictl-apk-3256227662/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/7d53d6ed8418b2a7141ebaaae0c4

Changed: /tmp/wolfictl-apk-3256227662/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+LOW	ref/site/url	contains embedded HTTPS URLs	https://fmt.dev/latest/api.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59884 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61414 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67371. fmtlib/fmt#1628 fmtlib/fmt#3247 fmtlib/fmt#3796 fmtlib/fmt#2297 fmtlib/fmt#2582 https://godbolt.org/z/GvWzcTjh1. https://godbolt.org/z/sWw4vP. https://herbsutter.com/2009/10/18/mailbag-shutting-up-compiler-warnings/.

octo-sts · 2024-07-20T15:24:38Z

Open AI suggestions to solve the build error:

The log file does not contain any error messages.

Signed-off-by: James Rawlings <jrawlings@chainguard.dev>

octo-sts · 2024-07-20T17:53:08Z

Open AI suggestions to solve the build error:

The error message is: "INFO /home/build/micromamba/src/run.cpp:76:40: error: 'join' is not a member of 'fmt'; did you mean 'CLI::detail::join'?
INFO    76 |                 fmt::format(\"{}\", fmt::join(el[\"command\"].get<std::vector<std::string>>(), \" \")),
INFO       |                                        ^~~~
INFO In file included from /usr/include/CLI/CLI.hpp:22,
INFO                  from /home/build/micromamba/src/common_options.hpp:10,
INFO                  from /home/build/micromamba/src/run.cpp:24:
INFO /usr/include/CLI/StringTools.hpp:69:13: note: 'CLI::detail::join' declared here
INFO    69 | std::string join(const T &v, Callable func, std::string delim = \",\") {
INFO       |             ^~~~
INFO /home/build/micromamba/src/run.cpp:72:26: error: cannot convert '<brace-enclosed initializer list>' to 'const std::vector<mamba::printers::FormattedString>&'
INFO    72 |             table.add_row({
INFO       |             ~~~~~~~~~~~~~^~
INFO    73 |                 el[\"pid\"].get<std::string>(),
INFO       |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
INFO    74 |                 el[\"name\"].get<std::string>(),
INFO       |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
INFO    75 |                 prefix,
INFO       |                 ~~~~~~~   
INFO    76 |                 fmt::format(\"{}\", fmt::join(el[\"command\"].get<std::vector<std::string>>(), \" \")),
INFO       |                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
INFO    77 |             });
INFO       |             ~~            
INFO In file included from /home/build/libmamba/include/mamba/core/util_scope.hpp:7,
INFO                  from /home/build/libmamba/include/mamba/core/tasksync.hpp:16,
INFO                  from /home/build/libmamba/include/mamba/core/context.hpp:19,
INFO                  from /home/build/libmamba/include/mamba/api/configuration_impl.hpp:11,
INFO                  from /home/build/libmamba/include/mamba/api/configuration.hpp:14,
INFO                  from /home/build/micromamba/src/run.cpp:17:
INFO /home/build/libmamba/include/mamba/core/output.hpp:84:62: note:   initializing argument 1 of 'void mamba::printers::Table::add_row(const std::vector<mamba::printers::FormattedString>&)'
INFO    84 |             void add_row(const std::vector<FormattedString>& r);
INFO       |                          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~^
WARN ninja: job failed: /usr/bin/c++ -DFMT_SHARED -DSPDLOG_FMT_EXTERNAL -I/home/build/libmamba/include -isystem /usr/share -O2 -Wall -fno-omit-frame-pointer -mno-omit-leaf-frame-pointer -march=armv8-a+crc+crypto -mtune=neoverse-n1 -O3 -DNDEBUG -std=gnu++17 -Wall -Wextra -Wshadow -Wnon-virtual-dtor -Wold-style-cast -Wcast-align -Wunused -Woverloaded-virtual -Wpedantic -Wconversion -Wsign-conversion -Wnull-dereference -Wdouble-promotion -Wformat=2 -Wunreachable-code -Wuninitialized -Wmisleading-indentation -Wduplicated-cond -Wduplicated-branches -Wlogical-op -Wuseless-cast -MD -MT micromamba/CMakeFiles/micromamba.dir/src/run.cpp.o -MF micromamba/CMakeFiles/micromamba.dir/src/run.cpp.o.d -o micromamba/CMakeFiles/micromamba.dir/src/run.cpp.o -c /home/build/micromamba/src/run.cpp"

1. Replace `fmt::join` with `CLI::detail::join`.
2. Ensure the `table.add_row` argument is a `std::vector<mamba::printers::FormattedString>`. Convert each element to `FormattedString`.

```cpp
#include <CLI/StringTools.hpp>
#include <mamba/core/output.hpp>

// Replace fmt::join with CLI::detail::join
std::string joined_command = CLI::detail::join(el["command"].get<std::vector<std::string>>(), " ");

// Convert elements to FormattedString
std::vector<mamba::printers::FormattedString> row = {
    el["pid"].get<std::string>(),
    el["name"].get<std::string>(),
    prefix,
    mamba::printers::FormattedString(fmt::format("{}", joined_command))
};

table.add_row(row);

octo-sts · 2024-07-25T00:39:45Z

Open AI suggestions to solve the build error:

The error message is: "ERROR: failed to build package. the build environment has been preserved:
INFO   workspace dir: /temp/melange-workspace-3589938728
INFO   guest dir: /temp/melange-guest-219954689
ERRO failed to build package: unable to run package libmamba pipeline: unable to run pipeline: unable to run pipeline: exit status 1
make[1]: *** [Makefile:111: packages/aarch64/libmamba-2024.03.25-r3.apk] Error 1
make[1]: Leaving directory '/github/home'
make: *** [Makefile:101: package/libmamba] Error 2
##[error]Process completed with exit code 2."

Steps to fix:
1. Ensure all dependencies are installed and accessible.
2. Add missing packages to PKG_CONFIG_PATH.
3. Replace deprecated 'PyExtraPkgInfo'.
4. Correct 'fmt::join' usage or include necessary headers.
5. Fix type conversion warnings.

github-actions · 2024-08-05T12:04:11Z

Package fmt: Click to expand/collapse

Package fmt:
Added: /usr/lib/libfmt.so.11.0.2
Deleted: /usr/lib/libfmt.so.10.2.1

Package spdlog: Click to expand/collapse

Package spdlog:
Modified: /usr/lib/libspdlog.so.1.14.1

Package libmamba-dev: Click to expand/collapse

Package libmamba-dev:
Modified: /usr/include/mamba/core/mamba_fs.hpp
Modified: /usr/include/mamba/specs/version.hpp

Package mamba-package: Click to expand/collapse

Package mamba-package:
Modified: /usr/bin/mamba-package

Package fmt-dev: Click to expand/collapse

Package fmt-dev:
Added: /usr/include/fmt/base.h
Modified: /usr/include/fmt/args.h
Modified: /usr/include/fmt/chrono.h
Modified: /usr/include/fmt/color.h
Modified: /usr/include/fmt/compile.h
Modified: /usr/include/fmt/core.h
Modified: /usr/include/fmt/format-inl.h
Modified: /usr/include/fmt/format.h
Modified: /usr/include/fmt/os.h
Modified: /usr/include/fmt/ostream.h
Modified: /usr/include/fmt/printf.h
Modified: /usr/include/fmt/ranges.h
Modified: /usr/include/fmt/std.h
Modified: /usr/include/fmt/xchar.h
Modified: /usr/lib/cmake/fmt/fmt-config-version.cmake
Modified: /usr/lib/cmake/fmt/fmt-targets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/fmt.pc

Package spdlog-dev: Click to expand/collapse

Package spdlog-dev:
Unchanged

Package libmamba: Click to expand/collapse

Package libmamba:
Modified: /usr/lib/libmamba.so.2.0.0

Package py3-libmambapy: Click to expand/collapse

Package py3-libmambapy:
Modified: /usr/lib/python3.12/site-packages/libmambapy/bindings.cpython-312-x86_64-linux-gnu.so

Package micromamba: Click to expand/collapse

Package micromamba:
Modified: /usr/bin/micromamba

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-3700312557/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

Changed: /tmp/wolfictl-apk-3700312557/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+LOW	ref/site/url	contains embedded HTTPS URLs	https://fmt.dev/latest/api.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59884 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61414 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67371. fmtlib/fmt#1628 fmtlib/fmt#3247 fmtlib/fmt#3796 fmtlib/fmt#2297 fmtlib/fmt#2582 https://godbolt.org/z/GvWzcTjh1. https://godbolt.org/z/sWw4vP. https://herbsutter.com/2009/10/18/mailbag-shutting-up-compiler-warnings/.

Changed: /tmp/wolfictl-apk-3700312557/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json

Moved: spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-3700312557/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json (similarity: 0.91)

Changed: /tmp/wolfictl-apk-3700312557/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/d8617a465698f84484aeae5eedac

Changed: /tmp/wolfictl-apk-3700312557/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/624b623bc0307f2ad686298a003e

octo-sts · 2024-08-05T12:06:49Z

Open AI suggestions to solve the build error:

The error message is: "WARN ignoring missing keys: failed to perform key discovery: Get \"./packages/apk-configuration\": unsupported protocol scheme \"\""

1. Check the URL in the configuration file for missing or incorrect protocol (e.g., http:// or https://).
2. Ensure the URL is correctly formatted and accessible.
3. Verify network connectivity and permissions.
4. Update the configuration file with the correct URL and retry.

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@chainguard.dev>

github-actions · 2024-08-05T14:33:03Z

Package py3-libmambapy: Click to expand/collapse

Package py3-libmambapy:
Modified: /usr/lib/python3.12/site-packages/libmambapy/bindings.cpython-312-x86_64-linux-gnu.so

Package micromamba: Click to expand/collapse

Package micromamba:
Modified: /usr/bin/micromamba

Package mamba-package: Click to expand/collapse

Package mamba-package:
Modified: /usr/bin/mamba-package

Package fmt: Click to expand/collapse

Package fmt:
Added: /usr/lib/libfmt.so.11.0.2
Deleted: /usr/lib/libfmt.so.10.2.1

Package fmt-dev: Click to expand/collapse

Package fmt-dev:
Added: /usr/include/fmt/base.h
Modified: /usr/include/fmt/args.h
Modified: /usr/include/fmt/chrono.h
Modified: /usr/include/fmt/color.h
Modified: /usr/include/fmt/compile.h
Modified: /usr/include/fmt/core.h
Modified: /usr/include/fmt/format-inl.h
Modified: /usr/include/fmt/format.h
Modified: /usr/include/fmt/os.h
Modified: /usr/include/fmt/ostream.h
Modified: /usr/include/fmt/printf.h
Modified: /usr/include/fmt/ranges.h
Modified: /usr/include/fmt/std.h
Modified: /usr/include/fmt/xchar.h
Modified: /usr/lib/cmake/fmt/fmt-config-version.cmake
Modified: /usr/lib/cmake/fmt/fmt-targets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/fmt.pc

Package spdlog: Click to expand/collapse

Package spdlog:
Modified: /usr/lib/libspdlog.so.1.14.1

Package spdlog-dev: Click to expand/collapse

Package spdlog-dev:
Unchanged

Package libmamba: Click to expand/collapse

Package libmamba:
Modified: /usr/lib/libmamba.so.2.0.0

Package libmamba-dev: Click to expand/collapse

Package libmamba-dev:
Modified: /usr/include/mamba/core/mamba_fs.hpp
Modified: /usr/include/mamba/specs/version.hpp

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-2084580459/fmt-dev/usr/include/fmt/base.h [⚠️ MEDIUM → ✅ LOW]

1 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation

Changed: /tmp/wolfictl-apk-2084580459/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json

Changed: /tmp/wolfictl-apk-2084580459/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/206ca18adf9341e9f344b7831027

Changed: /tmp/wolfictl-apk-2084580459/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json

Moved: spdlog/var/lib/db/sbom/spdlog-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-2084580459/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json (similarity: 0.99)

Changed: /tmp/wolfictl-apk-2084580459/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

octo-sts · 2024-08-05T14:35:06Z

Open AI suggestions to solve the build error:

No error message found in the log file. Please ensure the log file path is correct and verify that the log file contains error messages.

Signed-off-by: jamie-albert <jamie.albert@chainguard.dev>

github-actions · 2024-08-05T21:58:33Z

Package mamba-package: Click to expand/collapse

Package mamba-package:
Modified: /usr/bin/mamba-package

Package fmt: Click to expand/collapse

Package fmt:
Added: /usr/lib/libfmt.so.11.0.2
Deleted: /usr/lib/libfmt.so.10.2.1

Package fmt-dev: Click to expand/collapse

Package fmt-dev:
Added: /usr/include/fmt/base.h
Modified: /usr/include/fmt/args.h
Modified: /usr/include/fmt/chrono.h
Modified: /usr/include/fmt/color.h
Modified: /usr/include/fmt/compile.h
Modified: /usr/include/fmt/core.h
Modified: /usr/include/fmt/format-inl.h
Modified: /usr/include/fmt/format.h
Modified: /usr/include/fmt/os.h
Modified: /usr/include/fmt/ostream.h
Modified: /usr/include/fmt/printf.h
Modified: /usr/include/fmt/ranges.h
Modified: /usr/include/fmt/std.h
Modified: /usr/include/fmt/xchar.h
Modified: /usr/lib/cmake/fmt/fmt-config-version.cmake
Modified: /usr/lib/cmake/fmt/fmt-targets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/fmt.pc

Package py3-libmambapy: Click to expand/collapse

Package py3-libmambapy:
Modified: /usr/lib/python3.12/site-packages/libmambapy/bindings.cpython-312-x86_64-linux-gnu.so

Package libmamba-dev: Click to expand/collapse

Package libmamba-dev:
Modified: /usr/include/mamba/core/mamba_fs.hpp
Modified: /usr/include/mamba/specs/version.hpp

Package micromamba: Click to expand/collapse

Package micromamba:
Modified: /usr/bin/micromamba

Package spdlog: Click to expand/collapse

Package spdlog:
Modified: /usr/lib/libspdlog.so.1.14.1

Package spdlog-dev: Click to expand/collapse

Package spdlog-dev:
Unchanged

Package libmamba: Click to expand/collapse

Package libmamba:
Modified: /usr/lib/libmamba.so.2.0.0

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-3357208289/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r1.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/libmamba-dev/var/lib/db/sbom/libmamba-dev-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/micromamba/var/lib/db/sbom/micromamba-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/libmamba/var/lib/db/sbom/libmamba-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r2.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+LOW	ref/site/url	contains embedded HTTPS URLs	https://fmt.dev/latest/api.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59884 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61414 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67371. fmtlib/fmt#1628 fmtlib/fmt#3247 fmtlib/fmt#3796 fmtlib/fmt#2297 fmtlib/fmt#2582 https://godbolt.org/z/GvWzcTjh1. https://godbolt.org/z/sWw4vP. https://herbsutter.com/2009/10/18/mailbag-shutting-up-compiler-warnings/.

Changed: /tmp/wolfictl-apk-3357208289/mamba-package/var/lib/db/sbom/mamba-package-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/py3-libmambapy/var/lib/db/sbom/py3-libmambapy-2024.03.25-r4.spdx.json

Moved: spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-3357208289/spdlog/var/lib/db/sbom/spdlog-1.14.1-r2.spdx.json (similarity: 0.91)

Changed: /tmp/wolfictl-apk-3357208289/fmt/var/lib/db/sbom/fmt-11.0.2-r1.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/a1e34d2c81f3046273c33652e030

octo-sts · 2024-08-05T21:59:43Z

Open AI suggestions to solve the build error:

No error messages were found in the log file.

github-actions · 2024-08-05T22:15:30Z

Package py3-libmambapy: Click to expand/collapse

Package py3-libmambapy:
Modified: /usr/lib/python3.12/site-packages/libmambapy/bindings.cpython-312-x86_64-linux-gnu.so

Package micromamba: Click to expand/collapse

Package micromamba:
Modified: /usr/bin/micromamba

Package fmt: Click to expand/collapse

Package fmt:
Added: /usr/lib/libfmt.so.11.0.2
Deleted: /usr/lib/libfmt.so.10.2.1

Package libmamba: Click to expand/collapse

Package libmamba:
Modified: /usr/lib/libmamba.so.2.0.0

Package spdlog-dev: Click to expand/collapse

Package spdlog-dev:
Unchanged

Package libmamba-dev: Click to expand/collapse

Package libmamba-dev:
Modified: /usr/include/mamba/core/mamba_fs.hpp
Modified: /usr/include/mamba/specs/version.hpp

Package mamba-package: Click to expand/collapse

Package mamba-package:
Modified: /usr/bin/mamba-package

Package fmt-dev: Click to expand/collapse

Package fmt-dev:
Added: /usr/include/fmt/base.h
Modified: /usr/include/fmt/args.h
Modified: /usr/include/fmt/chrono.h
Modified: /usr/include/fmt/color.h
Modified: /usr/include/fmt/compile.h
Modified: /usr/include/fmt/core.h
Modified: /usr/include/fmt/format-inl.h
Modified: /usr/include/fmt/format.h
Modified: /usr/include/fmt/os.h
Modified: /usr/include/fmt/ostream.h
Modified: /usr/include/fmt/printf.h
Modified: /usr/include/fmt/ranges.h
Modified: /usr/include/fmt/std.h
Modified: /usr/include/fmt/xchar.h
Modified: /usr/lib/cmake/fmt/fmt-config-version.cmake
Modified: /usr/lib/cmake/fmt/fmt-targets-minsizerel.cmake
Modified: /usr/lib/pkgconfig/fmt.pc

Package spdlog: Click to expand/collapse

Package spdlog:
Modified: /usr/lib/libspdlog.so.1.14.1

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-54742022/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json

Changed: /tmp/wolfictl-apk-54742022/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+MEDIUM	net/download	download files	downloadLocation
+LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/7d53d6ed8418b2a7141ebaaae0c4

Changed: /tmp/wolfictl-apk-54742022/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
+LOW	ref/site/url	contains embedded HTTPS URLs	https://fmt.dev/latest/api.html https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59884 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=61414 https://gcc.gnu.org/bugzilla/show_bug.cgi?id=67371. fmtlib/fmt#1628 fmtlib/fmt#3247 fmtlib/fmt#3796 fmtlib/fmt#2297 fmtlib/fmt#2582 https://godbolt.org/z/GvWzcTjh1. https://godbolt.org/z/sWw4vP. https://herbsutter.com/2009/10/18/mailbag-shutting-up-compiler-warnings/.

Changed: /tmp/wolfictl-apk-54742022/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

RISK	KEY	DESCRIPTION	EVIDENCE
-MEDIUM	net/download	download files	downloadLocation
-LOW	ref/site/url	contains embedded HTTPS URLs	https://spdx.org/spdxdocs/chainguard/melange/a1e34d2c81f3046273c33652e030

Changed: /tmp/wolfictl-apk-54742022/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

Changed: /tmp/wolfictl-apk-54742022/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json

octo-sts · 2024-08-05T22:16:45Z

Open AI suggestions to solve the build error:

No errors were found in the log file at `/tmp/script1137219971`.

jamie-albert

Upstream patch resolves build error

philroche · 2024-08-06T07:36:04Z

The ABI compatibility check is failing and will need addressing in the dependent packages.

xnox · 2024-08-06T09:14:22Z

The ABI compatibility check is failing and will need addressing in the dependent packages.

that's what the two bumps of defendant packages are for, there are no other reverse dependencies.

fmt/11.0.2 package update

80c91ff

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

octo-sts bot added request-version-update request for a newer version of a package automated pr labels Jul 20, 2024

octo-sts bot mentioned this pull request Jul 20, 2024

fmt/11.0.1 package update #23233

Closed

octo-sts bot added the service:bincapz/pass label Jul 20, 2024

bump downstream deps of fmt to rebuild with new SO version

69443c8

Signed-off-by: James Rawlings <jrawlings@chainguard.dev>

octo-sts bot added the manual/review-needed label Jul 20, 2024

Merge branch 'main' into wolfictl-20492592-1c58-4a9c-a3d4-ce57de7d939b

49d60ab

jamie-albert self-assigned this Jul 29, 2024

jamie-albert added the squad:foundations label Aug 1, 2024

Cherry-pick upstream pull request for compat with fmt 11

5e3c054

Signed-off-by: Dimitri John Ledkov <dimitri.ledkov@chainguard.dev>

xnox force-pushed the wolfictl-20492592-1c58-4a9c-a3d4-ce57de7d939b branch from beb77a5 to 5e3c054 Compare August 5, 2024 14:23

jamie-albert added 2 commits August 5, 2024 14:45

bumped epoch of dependencies and fmt so the abi file is updated

e598cf3

Merge branch 'main' into wolfictl-20492592-1c58-4a9c-a3d4-ce57de7d939b

cc3169f

Signed-off-by: jamie-albert <jamie.albert@chainguard.dev>

reverting epoch as that did not resolve abi check

de6a010

jamie-albert approved these changes Aug 5, 2024

View reviewed changes

xnox approved these changes Aug 6, 2024

View reviewed changes

xnox merged commit 8abf49c into main Aug 6, 2024
12 of 13 checks passed

xnox deleted the wolfictl-20492592-1c58-4a9c-a3d4-ce57de7d939b branch August 6, 2024 09:15

fmt/11.0.2 package update #24349

fmt/11.0.2 package update #24349

Conversation

octo-sts bot commented Jul 20, 2024

github-actions bot commented Jul 20, 2024

Changed: /tmp/wolfictl-apk-3256227662/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

Changed: /tmp/wolfictl-apk-3256227662/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

Changed: /tmp/wolfictl-apk-3256227662/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

Changed: /tmp/wolfictl-apk-3256227662/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

octo-sts bot commented Jul 20, 2024

octo-sts bot commented Jul 20, 2024

octo-sts bot commented Jul 25, 2024

github-actions bot commented Aug 5, 2024

Changed: /tmp/wolfictl-apk-3700312557/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

Changed: /tmp/wolfictl-apk-3700312557/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

Changed: /tmp/wolfictl-apk-3700312557/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json

Moved: spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-3700312557/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json (similarity: 0.91)

Changed: /tmp/wolfictl-apk-3700312557/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

Changed: /tmp/wolfictl-apk-3700312557/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

octo-sts bot commented Aug 5, 2024

github-actions bot commented Aug 5, 2024

Changed: /tmp/wolfictl-apk-2084580459/fmt-dev/usr/include/fmt/base.h [⚠️ MEDIUM → ✅ LOW]

1 removed behaviors

Changed: /tmp/wolfictl-apk-2084580459/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json

Changed: /tmp/wolfictl-apk-2084580459/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

Changed: /tmp/wolfictl-apk-2084580459/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json

Moved: spdlog/var/lib/db/sbom/spdlog-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-2084580459/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json (similarity: 0.99)

Changed: /tmp/wolfictl-apk-2084580459/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

octo-sts bot commented Aug 5, 2024

github-actions bot commented Aug 5, 2024

Changed: /tmp/wolfictl-apk-3357208289/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r1.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/libmamba-dev/var/lib/db/sbom/libmamba-dev-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/micromamba/var/lib/db/sbom/micromamba-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/libmamba/var/lib/db/sbom/libmamba-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r2.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

Changed: /tmp/wolfictl-apk-3357208289/mamba-package/var/lib/db/sbom/mamba-package-2024.03.25-r4.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/py3-libmambapy/var/lib/db/sbom/py3-libmambapy-2024.03.25-r4.spdx.json

Moved: spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r0.spdx.json -> /tmp/wolfictl-apk-3357208289/spdlog/var/lib/db/sbom/spdlog-1.14.1-r2.spdx.json (similarity: 0.91)

Changed: /tmp/wolfictl-apk-3357208289/fmt/var/lib/db/sbom/fmt-11.0.2-r1.spdx.json

Changed: /tmp/wolfictl-apk-3357208289/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

octo-sts bot commented Aug 5, 2024

github-actions bot commented Aug 5, 2024

Changed: /tmp/wolfictl-apk-54742022/fmt/var/lib/db/sbom/fmt-11.0.2-r0.spdx.json

Changed: /tmp/wolfictl-apk-54742022/fmt-dev/var/lib/db/sbom/fmt-dev-11.0.2-r0.spdx.json [✅ → ⚠️ MEDIUM]

2 new behaviors

Changed: /tmp/wolfictl-apk-54742022/fmt-dev/usr/include/fmt/base.h [✅ → ✅ LOW]

1 new behaviors

Changed: /tmp/wolfictl-apk-54742022/fmt/usr/lib/libfmt.so.11.0.2 [⚠️ MEDIUM → ✅ ]

2 removed behaviors

Changed: /tmp/wolfictl-apk-54742022/spdlog-dev/var/lib/db/sbom/spdlog-dev-1.14.1-r1.spdx.json

Changed: /tmp/wolfictl-apk-54742022/spdlog/var/lib/db/sbom/spdlog-1.14.1-r1.spdx.json

octo-sts bot commented Aug 5, 2024

jamie-albert left a comment

Choose a reason for hiding this comment

philroche commented Aug 6, 2024

xnox commented Aug 6, 2024