Skip to content

build(deps): bump csaf from 9362acd to 17f90fd#477

Open
dependabot[bot] wants to merge 4 commits intomainfrom
dependabot/submodules/csaf-17f90fd
Open

build(deps): bump csaf from 9362acd to 17f90fd#477
dependabot[bot] wants to merge 4 commits intomainfrom
dependabot/submodules/csaf-17f90fd

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026

Bumps csaf from 9362acd to 17f90fd.

Commits
  • 17f90fd Merge pull request #1292 from oasis-tcs/editor-revision-2026-02-25
  • 5198ef8 Merge pull request #1355 from oasis-tcs/automatic-section-mapping
  • d868bc2 Rendered GFM-Plus, HTM, and PDF delivery items
  • f928781 Maintenance: Completed adaption of lapidify PDF tool
  • 7fad1d7 Maintenance: Added the missing RFC9535 JSON Path entry to informative references
  • 950b46d Maintenance: PDF generator fixed to not bail out with new section mapping (WI...
  • 7eee3cc Maintenance: removed old derivation function and dead code
  • 4f2d805 Maintenance: Fixed directory jumping
  • b650cb1 Rendered GFM-Plus and HTML delivery items
  • 710b417 Maintenance: Aligned GFM-Plus and HTML generation with new section mapping st...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file submodules Pull requests that update submodules code labels Mar 16, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 16, 2026 03:09
@dependabot dependabot bot added dependencies Pull requests that update a dependency file submodules Pull requests that update submodules code labels Mar 16, 2026
@peinjoh peinjoh mentioned this pull request Mar 16, 2026
Draft
@peinjoh
Copy link
Contributor

peinjoh commented Mar 16, 2026
edited
Loading 

type-generator % cargo run -- -c -i                                                                                             
    Finished `dev` profile [unoptimized + debuginfo] target(s) in 2.49s
     Running `<redacted>/csaf/target/debug/type-generator -c -i`
Building types from schema: assets/csaf_2.0_json_schema.json
Writing generated types to: ../csaf-rs/src/schema/csaf2_0/schema.rs
Building types from schema: assets/csaf_2.1_json_schema.json

thread 'main' (4217391) panicked at <redacted>/typify-impl-0.5.0/src/convert.rs:1345:13:
**external references are not supported: https://docs.oasis-open.org/csaf/csaf/v2.1/schema/extension-content.json**
note: run with `RUST_BACKTRACE=1` environment variable to display a backtrace

Tried the same with 0.6.1 (most recent version), same error. @tziemek @aschierl-xitaso lets discuss how we handle this.

@peinjoh peinjoh added the blocked blocked due do some external dependencies label Mar 16, 2026
dependabot bot and others added 2 commits March 25, 2026 14:56
@dependabot @aschierl-xitaso
build(deps): bump csaf from 9362acd to 17f90fd
36d1e7f 
Bumps [csaf](https://github.com/oasis-tcs/csaf) from `9362acd` to `17f90fd`.
- [Release notes](https://github.com/oasis-tcs/csaf/releases)
- [Commits](oasis-tcs/csaf@9362acd...17f90fd)

---
updated-dependencies:
- dependency-name: csaf
  dependency-version: 17f90fd3078feaf05109f016ec3bda9d696100b2
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@aschierl-xitaso
chore: sync assets via workflow
9734968
@aschierl-xitaso aschierl-xitaso force-pushed the dependabot/submodules/csaf-17f90fd branch 2 times, most recently from 4b3df5c to 1d80e91 Compare March 25, 2026 14:07
@aschierl-xitaso aschierl-xitaso removed the blocked blocked due do some external dependencies label Mar 25, 2026
@aschierl-xitaso aschierl-xitaso force-pushed the dependabot/submodules/csaf-17f90fd branch from 1d80e91 to e0e45cf Compare March 25, 2026 14:12
tziemek
tziemek requested changes Mar 26, 2026
View reviewed changes
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tziemek tziemek tziemek requested changes

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file submodules Pull requests that update submodules code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@peinjoh @tziemek @aschierl-xitaso