packages/jgit
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Compare commits

base: packages:77d6f56eac6c48e879eb3ab7d9f77201c1b8023c
Branches Tags
packages:main
..
compare: packages:63097cc1681d65a164964aa682bddb07e8f46a24
Branches Tags
packages:main

No commits in common. "77d6f56eac6c48e879eb3ab7d9f77201c1b8023c" and "63097cc1681d65a164964aa682bddb07e8f46a24" have entirely different histories.
77d6f56eac ... 63097cc168

6 changed files with 0 additions and 1927 deletions
Show Stats Expand all files Collapse all files

26
0001-Ensure-the-correct-classpath-is-set-for-the-jgit-com.patch
View File

@ -1,26 +0,0 @@
From 5f1d7c576160b1682a5787018c1aa82b8cb0e747 Mon Sep 17 00:00:00 2001
From: Mat Booth <mat.booth@redhat.com>
Date: Fri, 7 Dec 2018 10:04:44 +0000
Subject: [PATCH 1/2] Ensure the correct classpath is set for the jgit command
line tool
---
org.eclipse.jgit.pgm/jgit.sh | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/org.eclipse.jgit.pgm/jgit.sh b/org.eclipse.jgit.pgm/jgit.sh
index e263782..4086e37 100644
--- a/org.eclipse.jgit.pgm/jgit.sh
+++ b/org.eclipse.jgit.pgm/jgit.sh
@@ -60,7 +60,7 @@ esac
this_script=`which "$0" 2>/dev/null`
[ $? -gt 0 -a -f "$0" ] && this_script="$0"
cp=$this_script
-
+export JGIT_CLASSPATH="$(build-classpath jgit slf4j/api slf4j/simple args4j jzlib jsch commons-compress xz-java javaewah httpcomponents/httpcore httpcomponents/httpclient commons-logging commons-codec eddsa apache-sshd/sshd-osgi apache-sshd/sshd-sftp)"
platform="`uname`"
if [ -n "$JGIT_CLASSPATH" ]
then
--
2.20.1

1748
CVE-2023-4759.patch
View File

File diff suppressed because it is too large Load Diff

BIN
jgit-5.13.0.202109080827-r.tar.gz
View File

Binary file not shown.

122
jgit.spec
View File

@ -1,122 +0,0 @@
%global gittag 5.13.0.202109080827-r
%bcond_with tests
Name: jgit
Version: 5.13.0
Release: 2
Summary: A pure java implementation of git
License: BSD-3-Clause
URL: https://www.eclipse.org/jgit/
Source0: https://git.eclipse.org/c/jgit/jgit.git/snapshot/jgit-%{gittag}.tar.gz
Patch0: 0001-Ensure-the-correct-classpath-is-set-for-the-jgit-com.patch
Patch1: pom_for_bcpkix.patch
Patch2: CVE-2023-4759.patch
BuildArch: noarch
BuildRequires: maven-local mvn(args4j:args4j) mvn(com.google.code.gson:gson)
BuildRequires: mvn(com.googlecode.javaewah:JavaEWAH) mvn(com.jcraft:jsch)
BuildRequires: mvn(com.jcraft:jzlib) mvn(javax.servlet:javax.servlet-api) <= 3.1.0 mvn(junit:junit)
BuildRequires: mvn(net.i2p.crypto:eddsa) mvn(org.apache.ant:ant)
BuildRequires: mvn(org.apache.commons:commons-compress)
BuildRequires: mvn(org.apache.httpcomponents:httpclient)
BuildRequires: mvn(org.apache.httpcomponents:httpcore)
BuildRequires: mvn(org.apache.maven.plugins:maven-antrun-plugin)
BuildRequires: mvn(org.apache.sshd:sshd-osgi) >= 2.6.0 mvn(org.apache.sshd:sshd-sftp) >= 2.6.0
BuildRequires: mvn(org.bouncycastle:bcpg-jdk15on) >= 1.65
BuildRequires: mvn(org.bouncycastle:bcpkix-jdk15on) >= 1.65
BuildRequires: mvn(org.bouncycastle:bcprov-jdk15on) >= 1.65
BuildRequires: mvn(org.codehaus.mojo:build-helper-maven-plugin)
BuildRequires: mvn(org.eclipse.jetty:jetty-servlet) mvn(org.osgi:osgi.core)
BuildRequires: mvn(org.slf4j:slf4j-api) mvn(org.slf4j:slf4j-simple) mvn(org.tukaani:xz)
%if %{with tests}
BuildRequires: git mvn(org.hamcrest:hamcrest-library) mvn(org.mockito:mockito-core)
%endif
Requires: bouncycastle >= 1.65 apache-sshd >= 1:2.6.0
%description
A pure Java implementation of the Git version control system and command
line interface.
%package javadoc
Summary: API documentation for %{name}
%description javadoc
%{summary}.
%prep
%setup -n jgit-%{gittag} -q
%patch0 -p1
%patch1 -p1
%patch2 -p1
rm .mvn/maven.config
%pom_xpath_remove "pom:configuration/pom:annotationProcessorPaths"
%pom_xpath_remove "pom:configuration/pom:compilerArgs"
%pom_change_dep -r org.osgi:org.osgi.core org.osgi:osgi.core:provided
%pom_disable_module org.eclipse.jgit.coverage
%pom_disable_module org.eclipse.jgit.benchmarks
%pom_remove_plugin :jacoco-maven-plugin
%pom_remove_plugin :maven-javadoc-plugin
%pom_remove_plugin -r :maven-source-plugin
%pom_remove_plugin :maven-enforcer-plugin
%pom_remove_plugin -r :japicmp-maven-plugin
sed -i -e 's/@{argLine}//' $(find -name pom.xml)
%pom_remove_plugin org.codehaus.mojo:build-helper-maven-plugin org.eclipse.jgit.pgm
%pom_remove_plugin :spring-boot-maven-plugin org.eclipse.jgit.pgm
%pom_xpath_remove "pom:plugins/pom:plugin/pom:executions/pom:execution[pom:id='create_jgit']" org.eclipse.jgit.pgm
sed -i -e 's/org\.springframework\.boot\.loader\.JarLauncher/org.eclipse.jgit.pgm.Main/' \
org.eclipse.jgit.pgm/jgit.sh
sed -i -e '/javax\.servlet/s/4\.0\.0/5.0.0/' org.eclipse.jgit.lfs.server/META-INF/MANIFEST.MF org.eclipse.jgit.pgm/META-INF/MANIFEST.MF
sed -i -e '/javax\.servlet/s/3\.2\.0/5.0.0/' org.eclipse.jgit.junit.http/META-INF/MANIFEST.MF org.eclipse.jgit.http.server/META-INF/MANIFEST.MF
%pom_remove_dep log4j:log4j . org.eclipse.jgit.pgm
%pom_change_dep org.slf4j:slf4j-log4j12 org.slf4j:slf4j-simple . org.eclipse.jgit.pgm
%if %{without tests}
sed -i -e '/\.test<\/module>/d' pom.xml
%endif
%mvn_package ":*.test" __noinstall
%pom_disable_module org.eclipse.jgit.junit
%pom_disable_module org.eclipse.jgit.junit.ssh
%pom_disable_module org.eclipse.jgit.junit.http
%build
%if %{without tests}
%mvn_build -f -- -Pjavac
%else
%mvn_build -- -Pjavac -Dmaven.test.failure.ignore=true
%endif
sed -i 's/sshd-sftp/sshd-sftp glassfish-servlet-api jetty/g' org.eclipse.jgit.pgm/jgit.sh
%install
%mvn_install
install -dm 755 %{buildroot}%{_bindir}
install -m 755 org.eclipse.jgit.pgm/jgit.sh %{buildroot}%{_bindir}/jgit
install -dm 755 %{buildroot}%{_sysconfdir}/ant.d
cat > %{buildroot}%{_sysconfdir}/ant.d/jgit <<EOF
jgit/org.eclipse.jgit jgit/org.eclipse.jgit.ant slf4j/slf4j-api slf4j/slf4j-simple jzlib jsch commons-compress xz-java javaewah httpcomponents/httpcore httpcomponents/httpclient commons-logging commons-codec eddsa apache-sshd/sshd-osgi apache-sshd/sshd-sftp
EOF
%files -f .mfiles
%license LICENSE
%doc README.md
%{_bindir}/jgit
%config(noreplace) %{_sysconfdir}/ant.d/jgit
%files javadoc -f .mfiles-javadoc
%license LICENSE
%changelog
* Tue Dec 26 2023 wangkai <13474090681@163.com> - 5.13.0-2
- Fix CVE-2023-4759
* Tue June 6 2023 zhuwenshuo <1003254035@qq.com> - 5.13.0-1
- Update to 5.13.0
* Wed Mar 29 2023 Ge Wang <wangge20@h-partners.com> - 5.11.0-2
- Add classpath to resolve NoClassDefFoundError
* Fri Nov 25 2022 yaoxin <yaoxin30@h-partners.com> - 5.11.0-1
- Update to 5.11.0
* Fri Sep 23 2022 caodongxia <caodongxia@h-partners.com> - 5.4.0-2
- Add glassfish-servlet-api version limit
* Fri Aug 7 2020 Jeffery.Gao <gaojianxing@huawei.com> - 5.4.0-1
- Package init

4
jgit.yaml
View File

@ -1,4 +0,0 @@
version_control: NA
src_repo: NA
tag_prefix: NA
seperator: NA

27
pom_for_bcpkix.patch
View File

@ -1,27 +0,0 @@
diff -ru jgit-5.13.0.202109080827-r/org.eclipse.jgit.gpg.bc/pom.xml jgit-5.13.0.202109080827-r.new/org.eclipse.jgit.gpg.bc/pom.xml
--- jgit-5.13.0.202109080827-r/org.eclipse.jgit.gpg.bc/pom.xml 2021-09-08 20:27:06.000000000 +0800
+++ jgit-5.13.0.202109080827-r.new/org.eclipse.jgit.gpg.bc/pom.xml 2023-06-06 11:11:02.594321250 +0800
@@ -51,11 +51,6 @@
<dependency>
<groupId>org.bouncycastle</groupId>
- <artifactId>bcutil-jdk15on</artifactId>
- </dependency>
-
- <dependency>
- <groupId>org.bouncycastle</groupId>
<artifactId>bcpkix-jdk15on</artifactId>
</dependency>
diff -ru jgit-5.13.0.202109080827-r/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java jgit-5.13.0.202109080827-r.new/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java
--- jgit-5.13.0.202109080827-r/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java 2021-09-08 20:27:06.000000000 +0800
+++ jgit-5.13.0.202109080827-r.new/org.eclipse.jgit.gpg.bc/src/org/eclipse/jgit/gpg/bc/internal/BouncyCastleGpgSigner.java 2023-06-06 17:14:42.614321250 +0800
@@ -195,7 +195,7 @@
}
}
if (userId != null) {
- subpackets.addSignerUserID(false, userId);
+ subpackets.setSignerUserID(false, userId);
}
signatureGenerator
.setHashedSubpackets(subpackets.generate());