shadowsocks-rust/1.23.0 package update #47440

octo-sts · 2025-03-19T14:52:28Z

octo-sts · 2025-03-19T14:55:55Z

⚠️ EXPERIMENTAL

Please use 👍 or 👎 on this comment to indicate if you agree or disagree with the recommendation.

To provide more detailed feedback please comment on the recommendation prefixed with /ai-verify:

e.g. /ai-verify partially helpful but I also added bash to the build environment

Gen AI suggestions to solve the build error:

• Detected Error: "fatal: bad object dccb3c4c4a4c407f18cfe2e1057d0e39acb9a2d2"

• Error Category: Version/Git Configuration

• Failure Point: Git cherry-pick operation during the git-checkout step

• Root Cause Analysis: The cherry-pick is failing because the specified commit hash dccb3c4c4a4c407f18cfe2e1057d0e39acb9a2d2 cannot be found in the repository. This could be because:

The commit hash is incorrect
The commit exists in a different branch/fork
The commit has been rebased or force-pushed away

• Suggested Fix:

Verify the correct commit hash from the upstream repository
Update the melange.yaml to remove or update the cherry-pick section:

pipeline:
  - uses: git-checkout
    with:
      repository: https://github.com/shadowsocks/shadowsocks-rust
      tag: v${{package.version}}
      expected-commit: 4beddbeb200ad7f2194479f95867c3fd447dc69c
      # Either remove cherry-picks or update with correct commit hash

• Explanation: The error indicates a Git operation failure when trying to apply patches from specific commits. Since this is a release version (v1.23.0), the cherry-picks may no longer be necessary as the changes should already be included in the release tag.

• Additional Notes:

Cherry-picks are typically used for backporting fixes, but since this is a new release (1.23.0), the changes may already be included
The changelog shows multiple dependency updates and fixes that may have made these cherry-picks obsolete
Consider checking if the Hickory bump changes are already part of v1.23.0

• References:

Original repository: https://github.com/shadowsocks/shadowsocks-rust/releases/tag/v1.23.0
Melange git-checkout documentation: https://github.com/chainguard-dev/melange/blob/main/pkg/build/pipelines/git.go

Signed-off-by: wolfi-bot <121097084+wolfi-bot@users.noreply.github.com>

octo-sts bot added request-version-update automated pr labels Mar 19, 2025

octo-sts bot added the ai/skip-comment label Mar 19, 2025

OddBloke self-assigned this Mar 20, 2025

wolfi-bot and others added 2 commits March 20, 2025 18:27

shadowsocks-rust: drop upstream-integrated cherry-picks

Unverified

The signing certificate or its chain could not be verified.

Certificate subject

Certificate issuer

CN sigstore-intermediate

O sigstore.dev

Learn about vigilant mode

Loading
Loading status checks…

4e68be3

OddBloke force-pushed the wolfictl-00ecb343-8abd-4992-a763-3ae2823f4913 branch from 6df28f4 to 4e68be3 Compare March 20, 2025 22:29

octo-sts bot added the bincapz/pass label Mar 20, 2025

OddBloke requested a review from a team March 20, 2025 22:46

OddBloke enabled auto-merge March 20, 2025 22:46

octo-sts bot added the manual/review-needed label Mar 20, 2025

philroche approved these changes Mar 21, 2025

View reviewed changes

OddBloke merged commit ebb3bae into main Mar 21, 2025
21 checks passed

OddBloke deleted the wolfictl-00ecb343-8abd-4992-a763-3ae2823f4913 branch March 21, 2025 13:29

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

shadowsocks-rust/1.23.0 package update #47440

shadowsocks-rust/1.23.0 package update #47440

octo-sts bot commented Mar 19, 2025

octo-sts bot commented Mar 19, 2025

Certificate subject

Certificate issuer

Certificate subject

Certificate issuer

shadowsocks-rust/1.23.0 package update #47440

shadowsocks-rust/1.23.0 package update #47440

Conversation

octo-sts bot commented Mar 19, 2025

octo-sts bot commented Mar 19, 2025