FEDORA-2026-bc3a541ebd
Packages in this update:
- kryoptic-1.5.2-2.fc45
- mir-2.28.0-2.fc45
- rust-ashpd-0.13.12-2.fc45
- rust-busd-0.5.0-3.fc45
- rust-gtk4-macros-0.11.4-3.fc45
- rust-inferno-0.12.6-3.fc45
- rust-quick-xml-0.41.0-1.fc45
- rust-reqsign-aws-v4-3.0.1-4.fc45
- rust-wayland-scanner-0.31.10-5.fc45
- sandogasa-0.15.3-2.fc45
Update description:
Update quick-xml for two security advisories, rebuild dependents, and update sandogasa to the latest
sandogasa
v0.15.3
- ebranch base-distro guard — resolve/file-requests now know EPEL must
not replace RHEL/CentOS Stream packages: deps present in the base at a
too-old version are blocked with clear options (alternate package via
--override, or lower the requirement) instead of becoming CANTFIX
branch requests; file-requests re-checks the base before filing
- New sandogasa-sourcehut crate — sr.ht GraphQL client; sandogasa-report
gains a Sourcehut section (patches, tickets, commits split yours vs
third-party, git_emails attribution)
- ebranch check-crate — human report on stderr alongside --koji/--copr
machine output, so build scripts stay pipeable
- dbranch rebuild — creates debian/gbp.conf when the Debian branch has
none and handles the modern single-line salsa-ci.yml
- Robustness: 120s HTTP timeout on every client; --version on every
tool; quick-xml bumped to 0.41 for RUSTSEC-2026-0194/-0195
- sandogasa-report: consistent commit detail levels across forges
Full details:
https://github.com/slopfest/sandogasa/blob/v0.15.3/CHANGELOG.md#v0153
v0.15.2
- New sandogasa-review crate — shared keep/explain/remove resolution for
reviewer-curated findings; adopted by fedora-review-digest, ebranch
check-update, and fedora-cve-triage
- New sandogasa-forgejo crate — Forgejo/Gitea REST API client (PR activity
- issue filing); powers sandogasa-report's Forgejo accounting
- ebranch check-update overhaul — condensed output (counts + version
grouping), reviewer curation of blocking findings before karma, branch
inference for Fedora side tags (EPEL still needs -b al9 -r @epel), plus
fixes for stale-side-tag and rich-dep installability false positives and
large-update performance
- fedora-cve-triage — per-bug keep/explain/remove review before closing
detected false positives
- sandogasa-report — Forgejo PR-merge and issue accounting
Full details:
https://github.com/slopfest/sandogasa/blob/v0.15.2/CHANGELOG.md#v0152