Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package trivy for openSUSE:Factory checked
in at 2022-06-23 10:25:11
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
and /work/SRC/openSUSE:Factory/.trivy.new.1548 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy"
Thu Jun 23 10:25:11 2022 rev:26 rq:984654 version:0.29.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-05-23
15:52:03.182663764 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.1548/trivy.changes 2022-06-23
10:25:49.279841105 +0200
@@ -1,0 +2,94 @@
+Wed Jun 22 11:15:35 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.29.1:
+ * fix(report): add required fields to the SARIF template (#2341)
+ * chore: fix spelling errors (#2352)
+ * Omit Remediation if PrimaryURL is empty (#2006)
+ * docs(repo): Link to installation documentation in readme shows 404 (#2348)
+ * feat(alma): support for scanning of modular packages for AlmaLinux (#2347)
+
+-------------------------------------------------------------------
+Wed Jun 22 08:31:01 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.29.0:
+ * fix(lang): fix dependency graph in client server mode (#2336)
+ * feat: allow expiration date for .trivyignore entries (#2332)
+ * feat(lang): add dependency origin graph (#1970)
+ * docs: update nix installation info (#2331)
+ * feat: add rbac scanning support (#2328)
+ * refactor: move WordPress module to another repository (#2329)
+ * ci: add support for ppc64le (#2281)
+ * feat: add support for WASM modules (#2195)
+ * feat(secret): show recommendation for slow scanning (#2051)
+ * fix(flag): remove --clear-cache flag client mode (#2301)
+ * fix(java): added check for looping for variable evaluation in pom file
(#2322)
+ * BREAKING(k8s): change CLI API (#2186)
+ * feat(alpine): add Alpine Linux 3.16 (#2319)
+ * docs: bump trivy-operator to v0.0.7 (#2320)
+ * ci: add `go mod tidy` check (#2314)
+ * chore: run `go mod tidy` (#2313)
+ * fix: do not exit if one resource is not found (#2311)
+ * feat(cli): use stderr for all log messages (resolve #381) (#2289)
+ * test: replace deprecated subcommand client in integration tests (#2308)
+ * feat: add support for containerd (#2305)
+ * fix(kubernetes): Support floats in manifest yaml (#2297)
+ * docs(kubernetes): dead links (#2307)
+ * chore: add license label (#2304)
+ * feat(mariner): added support for CBL-Mariner Distroless v2.0 (#2293)
+ * feat(helm): add pod annotations (#2272)
+ * refactor: do not import defsec in fanal types package (#2292)
+ * feat(report): Add misconfiguration support to ASFF report template (#2285)
+ * test: use images in GHCR (#2275)
+ * feat(helm): support pod annotations (#2265)
+ * feat(misconf): Helm chart scanning (#2269)
+ * docs: Update custom rego policy docs to reflect latest defsec/fanal
changes (#2267)
+ * fix: mask redis credentials when logging (#2264)
+ * refactor: extract commands Runner interface (#2147)
+ * chore(deps): bump alpine from 3.15.4 to 3.16.0 (#2234)
+ * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.2 to 0.6.0
(#2245)
+ * docs: update operator release (#2263)
+ * chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (#2243)
+ * feat(redhat): added architecture check (#2172)
+ * docs: updating links in the docs to work again (#2256)
+ * docs: fix readme (#2251)
+ * fix: fixed incorrect CycloneDX output format (#2255)
+ * chore(deps): bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.3 (#2241)
+ * chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (#2242)
+ * chore(deps): bump goreleaser/goreleaser-action from 2 to 3 (#2240)
+ * chore(deps): bump docker/setup-buildx-action from 1 to 2 (#2238)
+ * chore(deps): bump docker/setup-qemu-action from 1 to 2 (#2236)
+ * chore(deps): bump golang from 1.18.1 to 1.18.2 (#2235)
+ * chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#2237)
+ * chore(deps): bump docker/login-action from 1 to 2 (#2239)
+ * chore(deps): bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.1
(#2246)
+ * refactor(deps): move dependencies to package (#2189)
+ * fix(report): change github format version to required (#2229)
+ * docs: update readme (#2110)
+ * docs: added information about choosing advisory database (#2212)
+ * chore: update trivy-kubernetes (#2224)
+ * docs: clarifying parts of the k8s docs and updating links (#2222)
+ * fix(k8s): timeout error logging (#2179)
+ * chore(deps): updated fanal after fix AsymmetricPrivateKeys (#2214)
+ * feat(k8s): add --context flag (#2171)
+ * fix(k8s): properly instantiate TableWriter (#2175)
+ * test: fixed integration tests after updating testcontainers to v0.13.0
(#2208)
+ * chore: update labels (#2197)
+ * fix(report): fixed panic if all misconf reports were removed in filter
(#2188)
+ * feat(k8s): scan secrets (#2178)
+ * feat(report): GitHub Dependency Snapshots support (#1522)
+ * feat(db): added insecure skip tls verify to download trivy db (#2140)
+ * fix(redhat): always use vulns with fixed version if there is one (#2165)
+ * chore(redhat): Add support for Red Hat UBI 9. (#2183)
+ * fix(k8s): update trivy-kubernetes (#2163)
+ * fix misconfig start line for code quality tpl (#2181)
+ * fix: update docker/distribution from 2.8.0 to 2.8.1 (#2176)
+ * docs(vuln): Include GitLab 15.0 integration (#2153)
+ * docs: fix the operator version (#2167)
+ * fix(k8s): summary report when when only vulns exit (#2146)
+ * chore(deps): Update fanal to get defsec v0.58.2 (fixes false positives in
ksv038) (#2156)
+ * perf(misconf): Improve performance when scanning very large files (#2152)
+ * docs(misconf): Update examples and docs to refer to builtin/defsec instead
of appshield (#2150)
+ * chore(deps): Update fanal (for less verbose code in misconf results)
(#2151)
+ * docs: fixed installation instruction for rhel/centos (#2143)
+
+-------------------------------------------------------------------
Old:
----
trivy-0.28.0.tar.gz
New:
----
trivy-0.29.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.DQ70gX/_old 2022-06-23 10:25:50.315842231 +0200
+++ /var/tmp/diff_new_pack.DQ70gX/_new 2022-06-23 10:25:50.319842235 +0200
@@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
-Version: 0.28.0
+Version: 0.29.1
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.DQ70gX/_old 2022-06-23 10:25:50.351842270 +0200
+++ /var/tmp/diff_new_pack.DQ70gX/_new 2022-06-23 10:25:50.355842274 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
- <param name="revision">v0.28.0</param>
+ <param name="revision">v0.29.1</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.DQ70gX/_old 2022-06-23 10:25:50.371842292 +0200
+++ /var/tmp/diff_new_pack.DQ70gX/_new 2022-06-23 10:25:50.375842296 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
- <param
name="changesrevision">afe32928436231e6c05602fd15359c7432520167</param></service></servicedata>
+ <param
name="changesrevision">6ce9404c167963e3a1581df96b889995994cfdac</param></service></servicedata>
(No newline at EOF)
++++++ trivy-0.28.0.tar.gz -> trivy-0.29.1.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.28.0.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1548/trivy-0.29.1.tar.gz differ: char 12,
line 1
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/vendor.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1548/vendor.tar.gz differ: char 4, line 1
