From 9835e2ae736235810b4ea1c162ca5e65c547e770 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Sat, 18 May 2024 04:49:50 +0200 Subject: Merging upstream version 1.71.1+dfsg1. Signed-off-by: Daniel Baumann --- vendor/spdx-rs/.cargo-checksum.json | 2 +- vendor/spdx-rs/CHANGELOG.md | 9 +++++++++ vendor/spdx-rs/Cargo.toml | 10 +++++++--- vendor/spdx-rs/src/models/annotation.rs | 6 +++--- vendor/spdx-rs/src/models/checksum.rs | 4 ++-- vendor/spdx-rs/src/models/document_creation_information.rs | 8 ++++---- vendor/spdx-rs/src/models/file_information.rs | 4 ++-- .../spdx-rs/src/models/other_licensing_information_detected.rs | 2 +- vendor/spdx-rs/src/models/package_information.rs | 8 ++++---- vendor/spdx-rs/src/models/snippet.rs | 6 +++--- vendor/spdx-rs/src/models/spdx_document.rs | 2 +- vendor/spdx-rs/src/parsers/mod.rs | 4 ++-- vendor/spdx-rs/src/parsers/tag_value.rs | 8 ++++---- 13 files changed, 43 insertions(+), 30 deletions(-) (limited to 'vendor/spdx-rs') diff --git a/vendor/spdx-rs/.cargo-checksum.json b/vendor/spdx-rs/.cargo-checksum.json index a8e5213fc..953a24822 100644 --- a/vendor/spdx-rs/.cargo-checksum.json +++ b/vendor/spdx-rs/.cargo-checksum.json @@ -1 +1 @@ -{"files":{"CHANGELOG.md":"1bae675d114d04729ffbdf2a268d987dd07cdcf6a7df2ea5375079a666eca7a8","Cargo.toml":"f1238c1069f12770511a0a8e3d9c13aa6c65d76514414aa268df88d36e40efe8","LICENSE.txt":"b85dcd3e453d05982552c52b5fc9e0bdd6d23c6f8e844b984a88af32570b0cc0","LICENSES/CC0-1.0.txt":"a2010f343487d3f7618affe54f789f5487602331c0a8d03f49e9a7c547cf0499","LICENSES/MIT.txt":"b85dcd3e453d05982552c52b5fc9e0bdd6d23c6f8e844b984a88af32570b0cc0","README.md":"29147d67d15bd7abc2ed1e2b3fe6b82ce6477c9985234cb58d759c35f3ec252a","src/error.rs":"52d3645d8e9f6f330cd0de7262f332b99333b2d6095e4e53f0645d0de094095d","src/lib.rs":"8c4069be33582c176d96075a323985b9d368b2aee04a7d5e71dc97d9ad5d7807","src/models/annotation.rs":"f0986c54d02217b69453f594b9e923d6483aae697abadffdb6528378b01795c9","src/models/checksum.rs":"a5a2070b2293a81f7d102e3bbe2cd540a9feb0b22e4bd8620741359c1e4298f5","src/models/document_creation_information.rs":"90c86fefa95ed0626aaa6e7aa84ba3a03d225665da33c962c3dd0bfc32445883","src/models/file_information.rs":"5396f8e54b95b0d5d2847dd9b3291e1ebc6d098146d75dba1616a4ddb7fdadaf","src/models/mod.rs":"d7d5a669738c8a6d9131ac88512c53cc3215ed621771180340658391c1fe230e","src/models/other_licensing_information_detected.rs":"df0c984a9304f5ee1f4881ac44e0dde9ea0a2e8b12175457fd1970cc49227f02","src/models/package_information.rs":"2313113e35c3d130c89eada015189c7c3de32cc629c383d74acfba2dcabddda7","src/models/relationship.rs":"2ff0766d6aaefa40b082c9fb3be67a3ac7def3167244a1e0fa31faadac734d27","src/models/snippet.rs":"8bd1e67dd255e42a152602adccf69636c1a03d86509ceb1213d826ca1735ccdd","src/models/spdx_document.rs":"f5102b971e4689170e3d32559d13d3c94ec8bf8c16d4eb93914028f95497a223","src/parsers/mod.rs":"2539dafcb95b087806f5068a2f4914ca3915932fb98849d04ce1eabff0f6cd96","src/parsers/tag_value.rs":"ee6befa486a49344680cae689af4ef304e2661724d1f7df19dbeeede33ef065d"},"package":"b3c02f6eb7e7b4100c272f685a9ccaccaab302324e8c7ec3e2ee72340fb29ff3"} \ No newline at end of file +{"files":{"CHANGELOG.md":"0d93ccd65530c1e31e28b89a6f4f38a2bd37f78c2d9044f5d84ccb29543b5941","Cargo.toml":"d74368baf62c9472ac3bbbafda7fce42dc6f7e92fa069509dd666b3f2e69651c","LICENSE.txt":"b85dcd3e453d05982552c52b5fc9e0bdd6d23c6f8e844b984a88af32570b0cc0","LICENSES/CC0-1.0.txt":"a2010f343487d3f7618affe54f789f5487602331c0a8d03f49e9a7c547cf0499","LICENSES/MIT.txt":"b85dcd3e453d05982552c52b5fc9e0bdd6d23c6f8e844b984a88af32570b0cc0","README.md":"29147d67d15bd7abc2ed1e2b3fe6b82ce6477c9985234cb58d759c35f3ec252a","src/error.rs":"52d3645d8e9f6f330cd0de7262f332b99333b2d6095e4e53f0645d0de094095d","src/lib.rs":"8c4069be33582c176d96075a323985b9d368b2aee04a7d5e71dc97d9ad5d7807","src/models/annotation.rs":"17dd6efdb54dbf6705e87881d91adebb39bd304cb702f4423a9cb34556ed400f","src/models/checksum.rs":"ff5773b7301bdb1761057e61c7bfd8279a0f5527660b29e910dcdb7348e0ba90","src/models/document_creation_information.rs":"6951d156ab083bd0666213a0448289bfbb91517405b768ea1d999dbe3af443c5","src/models/file_information.rs":"d865474c1b48357541e2c68398e40ec5669a2ae2f5ec58401a8810af5f5cd33c","src/models/mod.rs":"d7d5a669738c8a6d9131ac88512c53cc3215ed621771180340658391c1fe230e","src/models/other_licensing_information_detected.rs":"c14194b1a7f8ebd54385456bd25b87dd4d3c59897476eb11f3a25e132505584c","src/models/package_information.rs":"99ba6b0c1e0229e7125e39eb22657e1906881201bcec1be44b29507da4d23139","src/models/relationship.rs":"2ff0766d6aaefa40b082c9fb3be67a3ac7def3167244a1e0fa31faadac734d27","src/models/snippet.rs":"2d6434622412bb783a503948c58d96d2d934117ead4171846ed551734146c64e","src/models/spdx_document.rs":"bad4e525b05788e9e072ee6c4df4fbf6140c208a55fce8949594aac3fd6481df","src/parsers/mod.rs":"5f9ec14ff137c3594458b0d495f436211eb86beaf9cba06367f2985afd36bbeb","src/parsers/tag_value.rs":"e58f8e9be5ff7b55493a21b5108153d40e21cc2054e389266e3156c812e4e8c2"},"package":"6b1ec09829bf2d82c175c121b20de11ffab2def83bd55979002099b1f9956c9b"} \ No newline at end of file diff --git a/vendor/spdx-rs/CHANGELOG.md b/vendor/spdx-rs/CHANGELOG.md index 556eaedec..97e907ae4 100644 --- a/vendor/spdx-rs/CHANGELOG.md +++ b/vendor/spdx-rs/CHANGELOG.md @@ -6,6 +6,15 @@ SPDX-License-Identifier: MIT # Changelog +## [0.5.2](https://github.com/doubleopen-project/spdx-rs/compare/v0.5.1...v0.5.2) (2022-12-01) + + +### Bug Fixes + +* disable default features of chrono to avoid security vuln ([370c25c](https://github.com/doubleopen-project/spdx-rs/commit/370c25c4580b6d7da915f0ce6c38b34c07565c6f)) +* remove needless lifetimes ([151a7c7](https://github.com/doubleopen-project/spdx-rs/commit/151a7c76a12c8553f204adfb37a3e2e7fa281160)) +* replace deprecated chrono usage ([dc29e99](https://github.com/doubleopen-project/spdx-rs/commit/dc29e99902df10d493cc42fb5f3887e7a99d3fce)) + ## [0.5.1](https://github.com/doubleopen-project/spdx-rs/compare/v0.5.0...v0.5.1) (2022-07-05) diff --git a/vendor/spdx-rs/Cargo.toml b/vendor/spdx-rs/Cargo.toml index 069cf2a1f..0bda65ca9 100644 --- a/vendor/spdx-rs/Cargo.toml +++ b/vendor/spdx-rs/Cargo.toml @@ -12,7 +12,7 @@ [package] edition = "2018" name = "spdx-rs" -version = "0.5.1" +version = "0.5.2" authors = ["Mikko Murto "] exclude = [ "/tests/", @@ -30,7 +30,11 @@ repository = "https://github.com/doubleopen-project/spdx-rs" [dependencies.chrono] version = "0.4" -features = ["serde"] +features = [ + "clock", + "serde", +] +default-features = false [dependencies.log] version = "0.4" @@ -55,7 +59,7 @@ version = "0.24" version = "1" [dependencies.uuid] -version = "0.8" +version = "1" features = ["v4"] [dev-dependencies.serde_json] diff --git a/vendor/spdx-rs/src/models/annotation.rs b/vendor/spdx-rs/src/models/annotation.rs index f5396aa1d..6e82b6274 100644 --- a/vendor/spdx-rs/src/models/annotation.rs +++ b/vendor/spdx-rs/src/models/annotation.rs @@ -6,7 +6,7 @@ use chrono::{DateTime, Utc}; use serde::{Deserialize, Serialize}; /// -#[derive(Serialize, Deserialize, Debug, PartialEq, Clone)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)] #[serde(rename_all = "camelCase")] pub struct Annotation { /// @@ -47,7 +47,7 @@ impl Annotation { } /// -#[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Copy)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone, Copy)] #[serde(rename_all = "SCREAMING_SNAKE_CASE")] pub enum AnnotationType { Review, @@ -84,7 +84,7 @@ mod test { .unwrap(); assert_eq!( spdx_file.annotations[0].annotation_date, - Utc.ymd(2010, 1, 29).and_hms(18, 30, 22) + Utc.with_ymd_and_hms(2010, 1, 29, 18, 30, 22).unwrap() ); } diff --git a/vendor/spdx-rs/src/models/checksum.rs b/vendor/spdx-rs/src/models/checksum.rs index bd91f4c7a..f8e2bc258 100644 --- a/vendor/spdx-rs/src/models/checksum.rs +++ b/vendor/spdx-rs/src/models/checksum.rs @@ -9,7 +9,7 @@ use serde::{Deserialize, Serialize}; /// and /// [File Checksum](https://spdx.github.io/spdx-spec/4-file-information/#44-file-checksum). /// According to the spec, SHA1 is mandatory but we don't currently enforce that. -#[derive(Debug, Serialize, Deserialize, PartialEq, PartialOrd, Clone)] +#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Clone)] pub struct Checksum { /// Algorithm used to calculate the checksum pub algorithm: Algorithm, @@ -32,7 +32,7 @@ impl Checksum { /// Possible algorithms to be used for SPDX's /// [package checksum](https://spdx.github.io/spdx-spec/3-package-information/#310-package-checksum) /// and [file checksum](https://spdx.github.io/spdx-spec/4-file-information/#44-file-checksum). -#[derive(Debug, Serialize, Deserialize, PartialEq, PartialOrd, Clone, Copy)] +#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Clone, Copy)] pub enum Algorithm { SHA1, SHA224, diff --git a/vendor/spdx-rs/src/models/document_creation_information.rs b/vendor/spdx-rs/src/models/document_creation_information.rs index 610803354..6a3c01e66 100644 --- a/vendor/spdx-rs/src/models/document_creation_information.rs +++ b/vendor/spdx-rs/src/models/document_creation_information.rs @@ -10,7 +10,7 @@ use super::Checksum; /// ## Document Creation Information /// /// SPDX's [Document Creation Information](https://spdx.github.io/spdx-spec/2-document-creation-information/) -#[derive(Serialize, Deserialize, Debug, Clone, PartialEq)] +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq)] #[serde(rename_all = "camelCase")] pub struct DocumentCreationInformation { /// @@ -69,7 +69,7 @@ impl Default for DocumentCreationInformation { } } -#[derive(Serialize, Deserialize, Debug, Clone, PartialEq)] +#[derive(Serialize, Deserialize, Debug, Clone, PartialEq, Eq)] #[serde(rename_all = "camelCase")] pub struct CreationInfo { /// @@ -104,7 +104,7 @@ impl Default for CreationInfo { } /// -#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, PartialOrd)] +#[derive(Debug, Clone, Serialize, Deserialize, PartialEq, Eq, PartialOrd)] pub struct ExternalDocumentReference { /// Unique ID string of the reference. #[serde(rename = "externalDocumentId")] @@ -236,7 +236,7 @@ mod test { .unwrap(); assert_eq!( spdx.document_creation_information.creation_info.created, - Utc.ymd(2010, 1, 29).and_hms(18, 30, 22) + Utc.with_ymd_and_hms(2010, 1, 29, 18, 30, 22).unwrap() ); } #[test] diff --git a/vendor/spdx-rs/src/models/file_information.rs b/vendor/spdx-rs/src/models/file_information.rs index f2db6e030..aba2defe7 100644 --- a/vendor/spdx-rs/src/models/file_information.rs +++ b/vendor/spdx-rs/src/models/file_information.rs @@ -10,7 +10,7 @@ use super::{Algorithm, Checksum}; /// ## File Information /// /// SPDX's [File Information](https://spdx.github.io/spdx-spec/4-file-information/) -#[derive(Debug, Serialize, Deserialize, Clone, PartialEq)] +#[derive(Debug, Serialize, Deserialize, Clone, PartialEq, Eq)] #[serde(rename_all = "camelCase")] pub struct FileInformation { /// @@ -127,7 +127,7 @@ impl FileInformation { } /// -#[derive(Debug, Serialize, Deserialize, PartialEq, PartialOrd, Clone, Copy)] +#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Clone, Copy)] #[serde(rename_all = "UPPERCASE")] pub enum FileType { Source, diff --git a/vendor/spdx-rs/src/models/other_licensing_information_detected.rs b/vendor/spdx-rs/src/models/other_licensing_information_detected.rs index 30bd1d318..28ba8b683 100644 --- a/vendor/spdx-rs/src/models/other_licensing_information_detected.rs +++ b/vendor/spdx-rs/src/models/other_licensing_information_detected.rs @@ -5,7 +5,7 @@ use serde::{Deserialize, Serialize}; /// -#[derive(Debug, Serialize, Deserialize, Clone, Default, PartialEq)] +#[derive(Debug, Serialize, Deserialize, Clone, Default, PartialEq, Eq)] #[serde(rename_all = "camelCase")] pub struct OtherLicensingInformationDetected { /// diff --git a/vendor/spdx-rs/src/models/package_information.rs b/vendor/spdx-rs/src/models/package_information.rs index 1cfd938f8..c5d73fb3f 100644 --- a/vendor/spdx-rs/src/models/package_information.rs +++ b/vendor/spdx-rs/src/models/package_information.rs @@ -12,7 +12,7 @@ use super::{Checksum, FileInformation}; /// ## Package Information /// /// SPDX's [Package Information](https://spdx.github.io/spdx-spec/3-package-information/). -#[derive(Debug, Serialize, Deserialize, Clone, PartialEq)] +#[derive(Debug, Serialize, Deserialize, Clone, PartialEq, Eq)] #[serde(rename_all = "camelCase", deny_unknown_fields)] pub struct PackageInformation { /// @@ -203,7 +203,7 @@ impl PackageInformation { } /// -#[derive(Debug, Serialize, Deserialize, PartialEq, PartialOrd, Clone)] +#[derive(Debug, Serialize, Deserialize, PartialEq, Eq, PartialOrd, Clone)] pub struct PackageVerificationCode { /// Value of the verification code. #[serde(rename = "packageVerificationCodeValue")] @@ -225,7 +225,7 @@ impl PackageVerificationCode { } /// -#[derive(Serialize, Deserialize, Debug, PartialEq, PartialOrd, Clone)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, PartialOrd, Clone)] #[serde(rename_all = "camelCase")] pub struct ExternalPackageReference { pub reference_category: ExternalPackageReferenceCategory, @@ -254,7 +254,7 @@ impl ExternalPackageReference { } /// -#[derive(Serialize, Deserialize, Debug, PartialEq, PartialOrd, Clone)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, PartialOrd, Clone)] #[serde(rename_all = "SCREAMING-KEBAB-CASE")] pub enum ExternalPackageReferenceCategory { Security, diff --git a/vendor/spdx-rs/src/models/snippet.rs b/vendor/spdx-rs/src/models/snippet.rs index e4a644ac5..7585a0087 100644 --- a/vendor/spdx-rs/src/models/snippet.rs +++ b/vendor/spdx-rs/src/models/snippet.rs @@ -6,7 +6,7 @@ use serde::{Deserialize, Serialize}; use spdx_expression::SpdxExpression; /// -#[derive(Serialize, Deserialize, Debug, PartialEq, Clone, Default)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone, Default)] pub struct Snippet { /// #[serde(rename = "SPDXID")] @@ -61,7 +61,7 @@ pub struct Snippet { } /// -#[derive(Serialize, Deserialize, Debug, PartialEq, Clone)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)] #[serde(rename_all = "camelCase")] pub struct Range { pub start_pointer: Pointer, @@ -77,7 +77,7 @@ impl Range { } } -#[derive(Serialize, Deserialize, Debug, PartialEq, Clone)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq, Clone)] #[serde(untagged)] pub enum Pointer { Byte { diff --git a/vendor/spdx-rs/src/models/spdx_document.rs b/vendor/spdx-rs/src/models/spdx_document.rs index d7db1009a..df619e5dc 100644 --- a/vendor/spdx-rs/src/models/spdx_document.rs +++ b/vendor/spdx-rs/src/models/spdx_document.rs @@ -37,7 +37,7 @@ use super::{ /// [Serde]: https://serde.rs /// [review information]: https://spdx.github.io/spdx-spec/review-information-deprecated/ /// [tag-value format]: https://spdx.github.io/spdx-spec/conformance/ -#[derive(Serialize, Deserialize, Debug, PartialEq)] +#[derive(Serialize, Deserialize, Debug, PartialEq, Eq)] #[serde(rename_all = "camelCase", deny_unknown_fields)] pub struct SPDX { /// diff --git a/vendor/spdx-rs/src/parsers/mod.rs b/vendor/spdx-rs/src/parsers/mod.rs index 59ce03bae..48c863fca 100644 --- a/vendor/spdx-rs/src/parsers/mod.rs +++ b/vendor/spdx-rs/src/parsers/mod.rs @@ -777,7 +777,7 @@ mod test_super { .contains(&"Person: Jane Doe ()".to_string())); assert_eq!( document_creation_information.creation_info.created, - Utc.ymd(2010, 1, 29).and_hms(18, 30, 22) + Utc.with_ymd_and_hms(2010, 1, 29, 18, 30, 22).unwrap() ); assert_eq!( document_creation_information.creation_info.creator_comment, @@ -1050,7 +1050,7 @@ THE SOFTWARE IS PROVIDED �AS IS', WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMP annotations[2], Annotation::new( "Person: Suzanne Reviewer".to_string(), - Utc.ymd(2011, 3, 13).and_hms(0, 0, 0), + Utc.with_ymd_and_hms(2011, 3, 13, 0, 0, 0).unwrap(), AnnotationType::Review, Some("SPDXRef-DOCUMENT".to_string()), "Another example reviewer.".to_string() diff --git a/vendor/spdx-rs/src/parsers/tag_value.rs b/vendor/spdx-rs/src/parsers/tag_value.rs index 0c8fdb4e3..765348d2f 100644 --- a/vendor/spdx-rs/src/parsers/tag_value.rs +++ b/vendor/spdx-rs/src/parsers/tag_value.rs @@ -273,7 +273,7 @@ fn file_type(i: &str) -> IResult<&str, FileType, VerboseError<&str>> { } } -fn document_ref<'a>(i: &'a str) -> IResult<&'a str, &str, VerboseError<&'a str>> { +fn document_ref(i: &str) -> IResult<&str, &str, VerboseError<&str>> { preceded(tag("DocumentRef-"), ws(idstring))(i) } @@ -395,7 +395,7 @@ fn range(i: &str) -> IResult<&str, (i32, i32), VerboseError<&str>> { )(i) } -fn idstring<'a>(i: &'a str) -> IResult<&'a str, &str, VerboseError<&'a str>> { +fn idstring(i: &str) -> IResult<&str, &str, VerboseError<&str>> { take_while(|c: char| c.is_alphanum() || c == '.' || c == '-' || c == '+')(i) } @@ -427,7 +427,7 @@ fn tv_comment(i: &str) -> IResult<&str, Atom, VerboseError<&str>> { })(i) } -fn tag_value<'a>(i: &'a str) -> IResult<&'a str, (&str, &str), VerboseError<&'a str>> { +fn tag_value(i: &str) -> IResult<&str, (&str, &str), VerboseError<&str>> { separated_pair( ws(alphanumeric0), tag(":"), @@ -435,7 +435,7 @@ fn tag_value<'a>(i: &'a str) -> IResult<&'a str, (&str, &str), VerboseError<&'a )(i) } -fn multiline_text<'a>(i: &'a str) -> IResult<&'a str, &str, VerboseError<&'a str>> { +fn multiline_text(i: &str) -> IResult<&str, &str, VerboseError<&str>> { delimited(tag(""), take_until(""), tag(""))(i) } -- cgit v1.2.3