Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2021-11-10 21:46:48 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.1890 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Wed Nov 10 21:46:48 2021 rev:10 rq:930653 version:0.20.2 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2021-06-19 23:03:30.067713943 +0200 +++ /work/SRC/openSUSE:Factory/.trivy.new.1890/trivy.changes 2021-11-10 21:47:30.203839043 +0100 @@ -1,0 +2,102 @@ +Wed Nov 10 11:42:19 UTC 2021 - dmuel...@suse.com + +- Update to version 0.20.2: + * docs: update builtin.md (#1335) + * chore: fix issues with Homebrew formula (#1329) + * chore: bump GoReleaser to v0.183.0 (#1328) + * docs: update iac.md for a typo (#1326) + * docs: typo fix (#1308) + * Add new networking API features to Ingress (#1262) + * chore(release): bump up GoReleaser to v0.182.1 (#1299) + * fix(yarn): support quoted version (#1298) + * feat(custom-forward): Forward the extended advisory data (#1247) + * feat(javascript) : Initialize npm driver for javascript packages (#1289) + * fix(cli): fix incorrect comparision of DB metadata type. (#1286) + * docs: add footer to readme (#1281) + * feat(report): add package path (#1274) + * feat(command): add rootfs command (#1271) + * fix: update fanal (#1272) + * feat(commands): remove deprecated options (#1270) + * Aggregate jar result for table (#1269) + * BREAKING(report): migrate to new json schema (#1265) + * feat: improve --skip-dirs and --skip-files (#1249) + * fix(gobinary): skip large files (#1259) + * Disable library analyzer for OS only scan type (#1191) + * chore: update trivy version (#1252) + * refactor: move from io/ioutil to io and os package (#1245) + * fix: brew test command (#1253) + * fix:added layer info in packages (#1248) + * fix(go/binary): improve debug messages (#1244) + * Update db.go (#1199) + * fix(deps): fix CVE-2021-32760 for github.com/containerd/containerd (#1243) + * feat(debian): support the versions that reached EOL (#1237) + * feat(alpine): support unfixed vulnerabilities (#1235) + * feat(report): add image config (#1231) + * feat(nodejs): support package.json (#1225) + * refactor: use testing DB instead of mock (#1234) + * feat(ruby): support gemspec (#1224) + * feat(python): add packaging detector and respective hook (#1223) + * feat(license): Added support to new License field of go-dep-parser's library (#1167) + * fix(oracle): handle advisories contain ksplice versions (#1209) + * fix(docs): remove OSVDB advisories (#1215) + * docs: fix typos in CONTRIBUTING.md (#1181) + * Update EOL of Debian 11 (#1180) + * fix(plugin): resolve a closure (#1207) + * docs: fix typo (#1206) + * fix(detector): change an argument for trivy-db getter (#1203) + * chore(mod): update fanal (#1179) + * Add license info to package data (#1176) + * feat(nuget): support packages.config (#1095) + * feat(python): add support for requirements.txt (#1169) + * GitLab CI integration documentation (#1168) + * chore(gorelease) change goreleaser config to include template examples (#1138) + * chore(deps): bump dmnemec/copy_file_to_another_repo_action (#1153) + * chore(deps): bump actions/stale from 3 to 4 (#1152) + * feat(report): add end of service life flag to OS metadata (#1142) + * chore: set up Dependabot for github-actions and docker (#1128) + * docs: fix typo (#1149) + * docs: add some external links (#1147) + * chore (release): add ubuntu esm versions to deploy script (#1151) + * docs(troubleshooting) add urls which are required to download vuls db (#1137) + * Updated the Alpine Image to 3.14 (latest) (#1130) + * Added EOL for Ubuntu 21.10 (#1131) + * fix(image): disabled scanning of config files within container images (#1133) + * docs: fixed typo (#1124) + * update cyclonedx github action to v0.3.0 (#1127) + * fix(policy): fix panic on the first run (#1116) + * docs(misconf): add comparison with Conftest and tfsec (#1111) + * feat(report): add schema version (#1110) + * fix(scan): change unknown os from info to debug (#1109) + * docs: add misconfiguration (#1101) + * fix(config): rename include-successes with include-non-failures (#1107) + * feat(config): support --trace (#1106) + * fix(policy): reduce the Internet access (#1105) + * chore: bump golangci-lint to v1.41.1 (#1104) + * feat: support config scanning (#931) + * feat(report): add artifact metadata (#1079) + * Generate SBOM (#1076) + * fix(db): multiple prefixed data sources (#1070) + * Add EOL date for Alpine 3.14 (#1072) + * suse: mark sle 15.3 as maintained, add opensuse 15.3 (#1059) + * docs: improve data sources (#1069) + * chore(label): add kind/security-advisory (#1068) + * fix(asff): replace slice with substr (#1058) + * fix(helm-chart): parametrized ingress host path (#1049) + * feat: support Google Artifact Repository (#1055) + * Update ASFF template to use label for severity (#1047) + * BREAKING: migrate to a new JSON schema (#782) + * docs: Fix link to AWS Security Hub template (#1046) + * refactor(server): support gzip (#1045) + * chore(rpc): update protoc and twirp (#1044) + * Added support for list all packages flag in client (#1032) + * chore: chart with 0.18.3 (#1033) + * feat: add gitlab codequality template (#895) + * feat(plugin): add aqua plugin (#1029) + * fix(go): if patchedVersion is empty mark it as vulnerable (#1030) + * docs(ubuntu): fix supported versions (#1028) + * Support Ubuntu 21.04 (#1027) + * chore: remove codecov (#1016) + * fix typo on github-actions.md (#1022) +- drop 0001-suse-mark-sle-15.3-as-maintained-add-opensuse-15.3.patch (upstream) + +------------------------------------------------------------------- Old: ---- 0001-suse-mark-sle-15.3-as-maintained-add-opensuse-15.3.patch trivy-0.18.3.tar.gz New: ---- trivy-0.20.2.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.nbpLZ3/_old 2021-11-10 21:47:31.323839531 +0100 +++ /var/tmp/diff_new_pack.nbpLZ3/_new 2021-11-10 21:47:31.327839533 +0100 @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.18.3 +Version: 0.20.2 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 @@ -27,7 +27,6 @@ URL: https://github.com/aquasecurity/trivy Source: %{name}-%{version}.tar.gz Source1: vendor.tar.gz -Patch0: 0001-suse-mark-sle-15.3-as-maintained-add-opensuse-15.3.patch BuildRequires: golang-packaging BuildRequires: golang(API) >= 1.16 Requires: ca-certificates ++++++ _service ++++++ --- /var/tmp/diff_new_pack.nbpLZ3/_old 2021-11-10 21:47:31.355839545 +0100 +++ /var/tmp/diff_new_pack.nbpLZ3/_new 2021-11-10 21:47:31.355839545 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.18.3</param> + <param name="revision">v0.20.2</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.nbpLZ3/_old 2021-11-10 21:47:31.395839563 +0100 +++ /var/tmp/diff_new_pack.nbpLZ3/_new 2021-11-10 21:47:31.395839563 +0100 @@ -1,4 +1,4 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">85e45cad958c60245f848a9cf3bf103bb8efdd6e</param></service></servicedata> \ No newline at end of file + <param name="changesrevision">5dc8cfe55d808c39ae0d785710a7107d6e6de06b</param></service></servicedata> \ No newline at end of file ++++++ trivy-0.18.3.tar.gz -> trivy-0.20.2.tar.gz ++++++ /work/SRC/openSUSE:Factory/trivy/trivy-0.18.3.tar.gz /work/SRC/openSUSE:Factory/.trivy.new.1890/trivy-0.20.2.tar.gz differ: char 13, line 1 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/trivy/vendor.tar.gz /work/SRC/openSUSE:Factory/.trivy.new.1890/vendor.tar.gz differ: char 5, line 1
