From a96bfccbc0480f8abd069e8fb8aceab33ab730fe Mon Sep 17 00:00:00 2001 From: Kevin Albertson Date: Fri, 11 Oct 2024 13:19:29 -0400 Subject: [PATCH] MONGOCRYPT-727 update libbson to 1.28.1 (#894) * update bundled libbson to 1.28.1 * update version in `prep_c_driver_source.sh` --- .evergreen/prep_c_driver_source.sh | 2 +- cmake/FetchMongoC.cmake | 2 +- etc/cyclonedx.sbom.json | 19 ++++++++++--------- etc/purls.txt | 2 +- 4 files changed, 13 insertions(+), 12 deletions(-) diff --git a/.evergreen/prep_c_driver_source.sh b/.evergreen/prep_c_driver_source.sh index dfff60ea3..5858a013f 100755 --- a/.evergreen/prep_c_driver_source.sh +++ b/.evergreen/prep_c_driver_source.sh @@ -3,7 +3,7 @@ set -euxo pipefail # Clone mongo-c-driver and check out to a tagged version. -MONGO_C_DRIVER_VERSION=1.27.1 +MONGO_C_DRIVER_VERSION=1.28.1 # Force checkout with lf endings since .sh must have lf, not crlf on Windows git clone https://github.com/mongodb/mongo-c-driver.git --config core.eol=lf --config core.autocrlf=false --depth=1 --branch $MONGO_C_DRIVER_VERSION diff --git a/cmake/FetchMongoC.cmake b/cmake/FetchMongoC.cmake index 2e25c1033..f43d94d67 100644 --- a/cmake/FetchMongoC.cmake +++ b/cmake/FetchMongoC.cmake @@ -2,7 +2,7 @@ include (FetchContent) # Set the tag that we will fetch. # When updating the version of libbson, also update the version in etc/purls.txt -set (MONGOC_FETCH_TAG_FOR_LIBBSON "1.27.1" CACHE STRING "The Git tag of mongo-c-driver that will be fetched to obtain libbson") +set (MONGOC_FETCH_TAG_FOR_LIBBSON "1.28.1" CACHE STRING "The Git tag of mongo-c-driver that will be fetched to obtain libbson") # Add an option to disable patching if a patch command is unavailable. option (LIBBSON_PATCH_ENABLED "Whether to apply patches to the libbson library" ON) diff --git a/etc/cyclonedx.sbom.json b/etc/cyclonedx.sbom.json index a12ef9bf7..6c9af6d72 100644 --- a/etc/cyclonedx.sbom.json +++ b/etc/cyclonedx.sbom.json @@ -1,16 +1,16 @@ { "components": [ { - "bom-ref": "pkg:github/mongodb/mongo-c-driver@v1.27.1#src/libbson", + "bom-ref": "pkg:github/mongodb/mongo-c-driver@v1.28.1#src/libbson", "copyright": "Copyright 2009-present MongoDB, Inc.", "externalReferences": [ { "type": "distribution", - "url": "https://github.com/mongodb/mongo-c-driver/archive/refs/tags/v1.27.1.tar.gz" + "url": "https://github.com/mongodb/mongo-c-driver/archive/refs/tags/v1.28.1.tar.gz" }, { "type": "website", - "url": "https://github.com/mongodb/mongo-c-driver/tree/v1.27.1" + "url": "https://github.com/mongodb/mongo-c-driver/tree/v1.28.1" } ], "group": "mongodb", @@ -22,9 +22,9 @@ } ], "name": "mongo-c-driver", - "purl": "pkg:github/mongodb/mongo-c-driver@v1.27.1#src/libbson", + "purl": "pkg:github/mongodb/mongo-c-driver@v1.28.1#src/libbson", "type": "library", - "version": "v1.27.1" + "version": "v1.28.1" }, { "bom-ref": "pkg:generic/IntelRDFPMathLib@20U2?download_url=https://www.netlib.org/misc/intel/IntelRDFPMathLib20U2.tar.gz", @@ -53,11 +53,11 @@ "ref": "pkg:generic/IntelRDFPMathLib@20U2?download_url=https://www.netlib.org/misc/intel/IntelRDFPMathLib20U2.tar.gz" }, { - "ref": "pkg:github/mongodb/mongo-c-driver@v1.27.1#src/libbson" + "ref": "pkg:github/mongodb/mongo-c-driver@v1.28.1#src/libbson" } ], "metadata": { - "timestamp": "2024-05-10T12:07:55.084050+00:00", + "timestamp": "2024-10-10T20:09:56.207649+00:00", "tools": [ { "externalReferences": [ @@ -101,8 +101,9 @@ ] }, "serialNumber": "urn:uuid:879e1b41-08d8-4505-8c89-2285bc3e442c", - "version": 1, + "version": 2, "$schema": "http://cyclonedx.org/schema/bom-1.5.schema.json", "bomFormat": "CycloneDX", - "specVersion": "1.5" + "specVersion": "1.5", + "vulnerabilities": [] } diff --git a/etc/purls.txt b/etc/purls.txt index b6b855841..241c721a7 100644 --- a/etc/purls.txt +++ b/etc/purls.txt @@ -8,7 +8,7 @@ # `copyright` property. This information can be manually added. # libbson is obtained via `cmake/FetchMongoC.cmake`. -pkg:github/mongodb/mongo-c-driver@v1.27.1?#src/libbson +pkg:github/mongodb/mongo-c-driver@v1.28.1?#src/libbson # IntelDFP is obtained via `cmake/IntelDFP.cmake` pkg:generic/IntelRDFPMathLib@20U2?download_url=https://www.netlib.org/misc/intel/IntelRDFPMathLib20U2.tar.gz