Skip to content

chromium/133.0.6943.126 package update #43005

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
EyeCantCU merged 3 commits into from
Feb 20, 2025
Merged

chromium/133.0.6943.126 package update #43005

EyeCantCU merged 3 commits into from
Feb 20, 2025

Conversation

@octo-sts
Copy link
Contributor

@octo-sts octo-sts bot commented Feb 19, 2025

@octo-sts octo-sts bot added request-version-update request for a newer version of a package automated pr P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. labels Feb 19, 2025
@octo-sts
Copy link
Contributor Author

octo-sts bot commented Feb 19, 2025

⚠️ EXPERIMENTAL

Please use 👍 or 👎 on this comment to indicate if you agree or disagree with the recommendation.

To provide more detailed feedback please comment on the recommendation prefixed with /ai-verify:

e.g. /ai-verify partially helpful but I also added bash to the build environment

Gen AI suggestions to solve the build error:

• Detected Error: "FAIL Expected commit da53563ceb66412e2637507c8724bd0cab05e453 for 133.0.6943.126, found cffa127ce7b6be72885391527c15b452056a2e81"

• Error Category: Version/Commit Mismatch

• Failure Point: Git checkout step validation of expected commit hash

• Root Cause Analysis: The expected commit hash in the melange YAML doesn't match the actual commit hash for the specified tag in the Chromium repository. This typically happens when the package version is updated but the expected-commit hash wasn't updated to match.

• Suggested Fix:

  1. Update the expected-commit hash in the git-checkout step:
  - uses: git-checkout
    with:
      repository: https://chromium.googlesource.com/chromium/src.git
      tag: ${{package.version}}
      depth: 1
      expected-commit: cffa127ce7b6be72885391527c15b452056a2e81  # Update this line
      destination: /home/src

• Explanation: The build system validates that the checked out commit matches what's expected to ensure reproducible builds and prevent supply chain attacks. The current mismatch indicates the expected-commit needs to be updated to match the actual commit hash for Chromium version 133.0.6943.126.

• Additional Notes:

  • This is a common issue when updating package versions
  • The actual commit hash can be verified from the Chromium source repository
  • Always verify the commit hash when updating package versions
  • Consider adding a comment with the command used to obtain the commit hash

• References:

@octo-sts octo-sts bot added the ai/skip-comment Stop AI from commenting on PR label Feb 19, 2025
@hbh7 hbh7 self-assigned this Feb 19, 2025
@octo-sts octo-sts bot added the bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. label Feb 20, 2025
@EyeCantCU EyeCantCU merged commit 1ade71b into main Feb 20, 2025
16 checks passed
@EyeCantCU EyeCantCU deleted the wolfictl-65540c23-898a-479d-80e2-323679d512a6 branch February 20, 2025 23:29
@octo-sts octo-sts bot mentioned this pull request Jul 23, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kbsteere kbsteere kbsteere approved these changes

Assignees

@hbh7 hbh7

Labels

ai/skip-comment Stop AI from commenting on PR automated pr bincapz/pass bincapz/pass Bincapz (aka. malcontent) scan didn't detect any CRITICALs on the scanned packages. P1 This label indicates our scanning found High, Medium or Low CVEs for these packages. request-version-update request for a newer version of a package

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

6 participants

@kbsteere @hbh7 @EyeCantCU @wolfi-bot @AmberArcadia