Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ruby3.2-async-http/0.70.0 package update #26328

Merged
merged 1 commit into from
Aug 14, 2024
Merged

ruby3.2-async-http/0.70.0 package update #26328

merged 1 commit into from
Aug 14, 2024

Conversation

octo-sts[bot]
Copy link
Contributor

@octo-sts octo-sts bot commented Aug 14, 2024

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr labels Aug 14, 2024
@github-actions GitHub Actions
Copy link
Contributor

Package ruby3.2-async-http: Click to expand/collapse

Package ruby3.2-async-http:

.PKGINFO metadata:

  (
  	"""
  	# Generated by melange
  	pkgname = ruby3.2-async-http
- 	pkgver = 0.69.0-r0
+ 	pkgver = 0.70.0-r0
  	arch = x86_64
- 	size = 212837
+ 	size = 217278
  	origin = ruby3.2-async-http
  	pkgdesc = A HTTP client and server library.
  	url = 
- 	commit = de33499a29b83bc5861227e327b7c3836e9ddd74
- 	builddate = 1719211896
+ 	commit = faa3c9495a5751d8de8b3ee547113d8522c4ba1d
  	license = MIT
  	depend = ruby-3.2
  	... // 5 identical lines
  	depend = ruby3.2-protocol-http2
  	depend = ruby3.2-traces
- 	datahash = 745a59ba999a1d6a04b383a831cc40547f758eb72fa0dbcbbe097e3ddf2dda19
+ 	datahash = 05a01d8d53aa53a229896517b579a3daa16b036dfc75c8d1b2091fcf02f1c7b1
  	"""
  )

Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/bake/async/http/h2spec.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/bake/async/http.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/delayed.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/hijack.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/pipe.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/slowloris.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/writable.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/client.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/endpoint.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/internet/instance.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/internet.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/middleware/location_redirector.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/mock/endpoint.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/mock.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/client.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/connection.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/request.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/response.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/server.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http10.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http11.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/client.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/connection.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/input.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/output.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/request.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/response.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/server.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/stream.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/https.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/request.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/response.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/proxy.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/reference.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/relative_location.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/server.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/statistics.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/version.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http.rb
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/license.md
Added: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/readme.md
Added: /usr/lib/ruby/gems/3.2.0/specifications/async-http-0.70.0.gemspec
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/bake/async/http/h2spec.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/bake/async/http.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body/delayed.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body/hijack.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body/pipe.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body/slowloris.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body/writable.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/body.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/client.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/endpoint.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet/instance.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/mock/endpoint.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/mock.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/client.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/connection.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/request.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/response.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/server.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http10.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http11.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/client.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/connection.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/input.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/output.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/request.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/response.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/server.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/stream.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/https.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/request.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/response.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/proxy.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/reference.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/relative_location.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/server.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/statistics.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/version.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http.rb
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/license.md
Deleted: /usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/readme.md
Deleted: /usr/lib/ruby/gems/3.2.0/specifications/async-http-0.69.0.gemspec

bincapz found differences: Click to expand/collapse

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/stream.rb

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/write writes to a file handle input.write(data)

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/endpoint.rb [✅ → ⚠️ MEDIUM]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/socket/connect initiate a connection on a socket connect

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/stream.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/client.rb (similarity: 0.96) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/write writes to a file handle input.write(data)

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2/request.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http.rb (similarity: 0.94) [✅ → ✅ LOW]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.
+LOW net/http2 Uses the HTTP/2 protocol HTTP/2
+LOW ref/site/url contains embedded HTTPS URLs https://www.rfc-editor.org/rfc/rfc9113.html

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http2.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/mock/endpoint.rb (similarity: 0.91) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http2 Uses the HTTP/2 protocol HTTP/2

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/relative_location.rb (similarity: 0.90) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/server.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/https.rb (similarity: 0.91) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/connection.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/request.rb (similarity: 0.92) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http10.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/connection.rb (similarity: 0.93) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/request.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/client.rb (similarity: 0.96) [✅ → ⚠️ MEDIUM]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/socket/connect initiate a connection on a socket connect
+LOW net/http2 Uses the HTTP/2 protocol HTTP/2
+LOW ref/site/url contains embedded HTTPS URLs https://tools.ietf.org/html/rfc7230

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/request.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/server.rb (similarity: 0.96) [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/socket/connect initiate a connection on a socket connect
+LOW ref/site/url contains embedded HTTPS URLs https://trac.nginx.org/nginx/ticket/1005

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/request.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/mock.rb (similarity: 0.93) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/input.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol.rb (similarity: 0.93) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/reference.rb (similarity: 0.95) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/proxy.rb [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM exec/shell_command execute a shell command system
+MEDIUM net/socket/connect initiate a connection on a socket connect

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body.rb (similarity: 0.93) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/middleware/location_redirector.rb [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/http/post submit content to websites HTTP
POST
http
+LOW ref/site/url contains embedded HTTPS URLs https://datatracker.ietf.org/doc/html/rfc7231
https://datatracker.ietf.org/doc/html/rfc7538
https://fetch.spec.whatwg.org/

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/var/lib/db/sbom/ruby3.2-async-http-0.70.0-r0.spdx.json [✅ LOW → ⚠️ MEDIUM]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/download download files downloadLocation

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/output.rb

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/write writes to a file handle self.write(chunk)
+LOW net/http2 Uses the HTTP/2 protocol HTTP/2

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/pipe.rb [✅ → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW fd/write writes to a file handle head.write(chunk)
output.write(chunk)

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/hijack.rb (similarity: 0.92) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/internet/instance.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http2 Uses the HTTP/2 protocol HTTP/2

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/client.rb [✅ → ⚠️ MEDIUM]

2 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/url/request requests resources via URL http.request
+LOW ref/site/url contains embedded HTTPS URLs https://tools.ietf.org/html/draft-nottingham-httpbis-retry-01

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/write writes to a file handle input.write(data)

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/delayed.rb [✅ LOW → ✅ ]

3 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.
-LOW net/http2 Uses the HTTP/2 protocol HTTP/2
-LOW ref/site/url contains embedded HTTPS URLs https://http2.github.io/http2-spec/

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http10.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/request.rb (similarity: 0.94) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/statistics.rb (similarity: 0.91) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/writable.rb (similarity: 0.91) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/internet.rb [✅ → ✅ LOW]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1/response.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1/request.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http2/response.rb (similarity: 0.96) [✅ → ✅ LOW]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.
+LOW net/http2 Uses the HTTP/2 protocol HTTP/2
+LOW ref/site/url contains embedded HTTPS URLs https://http2.github.io/http2-spec/

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http1.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http11.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/internet.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/http10.rb (similarity: 0.91)

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+LOW net/http/request makes HTTP requests HTTP/1.

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW ref/site/url contains embedded HTTPS URLs https://www.codeotaku.com

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/body/slowloris.rb [✅ → ⚠️ MEDIUM]

1 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM 3P/threat_hunting/slowloris references 'SlowLoris' tool, by mthcht Slowloris

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/bake/async/http/h2spec.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/version.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW fd/write writes to a file handle input.write(data)

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/bake/async/http.rb [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http2 Uses the HTTP/2 protocol HTTP/2

Changed: /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/server.rb [✅ → ⚠️ MEDIUM]

3 new behaviors

RISK KEY DESCRIPTION EVIDENCE
+MEDIUM net/url/request requests resources via URL http.request
+LOW net/socket/listen listen on a socket accept
socket
+LOW ref/site/url contains embedded HTTPS URLs https://tools.ietf.org/html/rfc7230

Moved: ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.69.0/lib/async/http/protocol/http1.rb -> /tmp/wolfictl-apk-3076935711/ruby3.2-async-http/usr/lib/ruby/gems/3.2.0/gems/async-http-0.70.0/lib/async/http/protocol/response.rb (similarity: 0.95) [✅ LOW → ✅ ]

1 removed behaviors

RISK KEY DESCRIPTION EVIDENCE
-LOW net/http/request makes HTTP requests HTTP/1.

@mamccorm mamccorm merged commit 9c2b23b into main Aug 14, 2024
12 checks passed
@mamccorm mamccorm deleted the wolfictl-9944d84b-954c-45d1-8989-75254a7d42ad branch August 14, 2024 19:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mamccorm mamccorm mamccorm approved these changes

Assignees
No one assigned
Labels
automated pr request-version-update request for a newer version of a package service:bincapz/pass tests/missing
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@mamccorm @wolfi-bot