-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Sat, 23 May 2020 09:31:26 +0100 Source: diffoscope Architecture: source Version: 145 Distribution: unstable Urgency: medium Maintainer: Reproducible builds folks <reproducible-builds@lists.alioth.debian.org> Changed-By: Chris Lamb <lamby@debian.org> Changes: diffoscope (145) unstable; urgency=medium . [ Chris Lamb ] . * Improvements: . - Add support for Apple Xcode mobile provisioning .mobilepovision files. (Closes: reproducible-builds/diffoscope#113) - Add support for printing the signatures via apksigner(1). (Closes: reproducible-builds/diffoscope#121) - Use SHA256 over MD5 when generating page names for the HTML directory presenter, validate checksums for files referenced in .changes files using SHA256 too, and move to using SHA256 in "Too much input for diff" output too. (Closes: reproducible-builds/diffoscope#124) - Don't leak the full path of the temporary directory in "Command [..] exited with 1". (Closes: reproducible-builds/diffoscope#126) - Identify "iOS App Zip archive data" files as .zip files. (Closes: reproducible-builds/diffoscope#116) . * Bug fixes: . - Correct "differences" typo in the ApkFile handler. (Closes: reproducible-builds/diffoscope#127) . * Reporting/output improvements: . - Never emit the same id="foo" TML anchor reference twice, otherwise identically-named parts will not be able to linked to via "#foo". (Closes: reproducible-builds/diffoscope#120) - Never emit HTML with empty "id" anchor lements as it is not possible to link to "#" (vs "#foo"). We use "#top" as a fallback value so it will work for the top-level parent container. - Clarify the message when we cannot find the "debian" Python module. - Clarify "Command [..] failed with exit code" to remove duplicate "exited with exit" but also to note that diffoscope is intepreting this as an error. - Add descriptions for the 'fallback' Debian module file types. - Rename the --debugger command-line argument to --pdb. . * Testsuite improvements: . - Prevent CI (and runtime) apksigner test failures due to lack of binfmt_misc on Salsa CI and elsewhere. . * Codebase improvements: . - Initially add a pair of comments to tidy up a slightly abstraction level violating code in diffoscope.comparators.mising_file and the .dsc/.buildinfo file handling, but replace this later by by inlining MissingFile's special handling of deb822 to prevent leaking through abstraction layers in the first place. - Use a BuildinfoFile (etc.) regardless of whether the associated files such as the orig.tar.gz and the .deb are present, but don't treat them as actual containers. (Re: reproducible-builds/diffoscope#122) - Rename the "Openssl" command class to "OpenSSLPKCS7" to accommodate other commands with this prefix. - Wrap a docstring across multiple lines, drop an inline pprint import and comment the HTMLPrintContext class, etc. . [ Emanuel Bronshtein ] * Avoid build-cache in building the released Docker image. (Closes: reproducible-builds/diffoscope#123) . [ Holger Levsen ] * Wrap long lines in older changelog entries. Checksums-Sha1: f4965523a35bac6f0b0db1082fe9801cff05ed09 4828 diffoscope_145.dsc c1e9dcef41aa31d397ddfce881d92cfba88149f8 981320 diffoscope_145.tar.xz b02eec6d3b4ae4f0dc70d0a8f3d27e7968f170f3 26930 diffoscope_145_amd64.buildinfo Checksums-Sha256: 111bcdf35ab3569277302322c2d84811ef01f3fcfc95268e653b42deb421014b 4828 diffoscope_145.dsc 2c744c04a6eb32c8dda2672987573f647bfe7d629bea60b9302988c8a40a9019 981320 diffoscope_145.tar.xz d5faf65e8a5606b665caea8c6e05f09eb625d346b0e646dd5230ef346ed6db25 26930 diffoscope_145_amd64.buildinfo Files: 4ce8739914d17e80142b70219b591350 4828 devel optional diffoscope_145.dsc ec5233ea3ef7e69b6c2482f20afaa188 981320 devel optional diffoscope_145.tar.xz 89284319d9c99ec1d48eafc9b429da1c 26930 devel optional diffoscope_145_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl7I5MEACgkQHpU+J9Qx Hli+nRAAmzjyhWjhY3gsd7ZBDI5sMHAsX7BjbY2kY6kwyvgXtsNsmWXouD1w/zqh x2DrGPDZx7TaNuyIhteXVnVtHLoMPd+AqqolPMIW47CFNAg54FbZGmW/llT6aFE8 azlF37liTRCqJj8uHJa+O1YskJqm4zmV7rAgZAWDn5q6967pUW5jR3dGMeQdy9hd mDllrWLCjQY+6oqRQYcJjE2W2/hwTgB7IsZEP7Iq2n8Twd4VXmb9T9k9BApL3/J5 C+qBeNZo5HJ4NpVkFaCHxG0VqJJpr2xlshx93lckO9MvX/bXmMtcAJo4yd4scWkT DPSZb4p4549NA5fB4OR+AMtJHT8rYYGU/aahl90kWOa4oOLPE3rvXqTfV7ghoMcO MvPwe5HA8Gl0SggMOoO9Cj0AyGR+KmhavxenC4TqcfcV9njGJeA1D8EAxcNmCK8P 5iWGZp/TOskH/7VM+m6O+uUUOrU2G15dqV183VSQubdqie3IQEBD2TsGGiiltunD WrBscTUE1rAsbLsllXLNLMzE4egcwSdx2584FPBfpjLz6xGg9D3uqUnUOuYY1JWZ xEvZPAbv33lR/f231+sfKYMGhow2Ym4IMoXUXn5v6kreUUHQ0y40WQp0401LmBjF Pf/9/7Rwmtdd36OVQ9YgloxYGItyp6M99pNfuQmi4BVImorSGm4= =quGr -----END PGP SIGNATURE-----