diff --git a/CVE-2025-58371.patch b/CVE-2025-58371.patch new file mode 100644 index 0000000000000000000000000000000000000000..f7724baea057d76e97a151ca71ab0d458fc73791 --- /dev/null +++ b/CVE-2025-58371.patch @@ -0,0 +1,45 @@ +From a0384f35d5ae3b7f66506cc62dda25d9bb673f49 Mon Sep 17 00:00:00 2001 +From: Matt Rubens +Date: Wed, 3 Sep 2025 23:18:11 -0400 +Subject: [PATCH] Delete .github/workflows/discord-pr-notify.yml + +--- + .github/workflows/discord-pr-notify.yml | 26 ------------------------- + 1 file changed, 26 deletions(-) + delete mode 100644 .github/workflows/discord-pr-notify.yml + +diff --git a/.github/workflows/discord-pr-notify.yml b/.github/workflows/discord-pr-notify.yml +deleted file mode 100644 +index 88c918e..000000000 +--- a/.github/workflows/discord-pr-notify.yml ++++ /dev/null +@@ -1,26 +0,0 @@ +-name: Discord PR Notifier +- +-on: +- workflow_dispatch: +- pull_request_target: +- types: [opened] +- +-jobs: +- notify: +- runs-on: ubuntu-latest +- if: github.head_ref != 'changeset-release/main' +- steps: +- - name: Send Discord Notification +- run: | +- PAYLOAD=$(jq -n \ +- --arg title "${{ github.event.pull_request.title }}" \ +- --arg url "${{ github.event.pull_request.html_url }}" \ +- --arg author "${{ github.event.pull_request.user.login }}" \ +- '{ +- content: ("šŸš€ **New PR:** " + $title + "\nšŸ”— <" + $url + ">\nšŸ‘¤ **Author:** " + $author), +- thread_name: ($title + " by " + $author) +- }') +- +- curl -X POST "${{ secrets.DISCORD_WEBHOOK }}" \ +- -H "Content-Type: application/json" \ +- -d "$PAYLOAD" +-- +2.43.0 + diff --git a/roo-code.spec b/roo-code.spec index 6f3d6085d1cf582a4930d458bc5cba8a2f4f69c4..a831f000448eee9243e3e919817ded0ad9437231 100644 --- a/roo-code.spec +++ b/roo-code.spec @@ -2,7 +2,7 @@ Name: roo-code Version: 3.25.14 -Release: 1 +Release: 2 Summary: Roo Code (prev. Roo Cline) gives you a whole dev team of AI agents in your code editor. License: Apache-2.0 URL: https://roocode.com @@ -16,7 +16,7 @@ Requires: vscodium rust-ripgrep Patch0: ripgrep.patch - +Patch1: CVE-2025-58371.patch %description Roo Code (prev. Roo Cline) gives you a whole dev team of AI agents in your code editor. @@ -25,7 +25,7 @@ Roo Code (prev. Roo Cline) gives you a whole dev team of AI agents in your code %prep %setup -q -T -b 0 -c -n Roo-Code-%{version} -%autopatch -p1 -M 0 +%autopatch -p1 %build npm config set registry https://mirrors.huaweicloud.com/repository/npm/ @@ -49,6 +49,9 @@ mv extension %{buildroot}%{_datadir}/vscodium/resources/app/extensions/%{name} %changelog +* Mon Sep 08 2025 jinshuaiyu - 3.25.14-2 +- Fix CVE-2025-58371 + * Mon Jul 28 2025 wangkui35 - 3.25.14-1 - update to 3.25.14-1