Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package trivy for openSUSE:Factory checked
in at 2022-07-19 17:19:27
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
and /work/SRC/openSUSE:Factory/.trivy.new.1523 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy"
Tue Jul 19 17:19:27 2022 rev:28 rq:989979 version:0.30.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-07-08
14:03:12.526537103 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.1523/trivy.changes 2022-07-19
17:19:29.064376439 +0200
@@ -1,0 +2,70 @@
+Sat Jul 16 19:28:03 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.30.0:
+ * fix: separating multiple licenses from one line in dpkg copyright files
(#2508)
+ * fix: change a capital letter for `plugin uninstall` subcommand (#2519)
+ * fix: k8s hide empty report when scanning resource (#2517)
+ * refactor: fix comments (#2516)
+ * fix: scan vendor dir (#2515)
+ * feat: Add support for license scanning (#2418)
+ * chore: add owners for secret scanning (#2485)
+ * fix: remove dependency-tree flag for image subcommand (#2492)
+ * fix(k8s): add shorthand for k8s namespace flag (#2495)
+ * docs: add information about using multiple servers to troubleshooting
(#2498)
+ * ci: add pushing canary build images to registries (#2428)
+ * chore(deps): bump github.com/open-policy-agent/opa from 0.41.0 to 0.42.0
(#2479)
+ * feat(dotnet): add support for .Net core .deps.json files (#2487)
+ * feat(amazon): add support for 2022 version (#2429)
+ * Type correction bitnami chart (#2415)
+ * chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.1 to 2.1.2
(#2449)
+ * chore(deps): bump github.com/aquasecurity/table from 1.5.1 to 1.6.0 (#2446)
+ * docs: add config file and update CLI references (#2489)
+ * feat: add support for flag groups (#2488)
+ * refactor: move from urfave/cli to spf13/cobra (#2458)
+ * fix: Fix secrets output not containing file/lines (#2467)
+ * fix: clear output with modules (#2478)
+ * chore(deps): bump github.com/mailru/easyjson from 0.7.6 to 0.7.7 (#2448)
+ * docs(cbl): distroless 1.0 supported (#2473)
+ * fix: Fix example dockerfile rego policy (#2460)
+ * fix(config): add helm to list of config analyzers (#2457)
+ * feat: k8s resouces scan (#2395)
+ * feat(sbom): add cyclonedx sbom scan (#2203)
+ * chore(deps): bump wazero to latest main (#2436)
+ * chore(deps): bump github.com/stretchr/testify from 1.7.3 to 1.8.0 (#2444)
+ * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.21.0 to 2.22.0
(#2445)
+ * chore(deps): bump sigstore/cosign-installer from 2.3.0 to 2.4.1 (#2442)
+ * chore(deps): bump actions/setup-python from 3 to 4 (#2441)
+ * chore(deps): bump github.com/Azure/azure-sdk-for-go (#2450)
+ * docs: remove links to removed content (#2431)
+ * ci: added rpm build for rhel 9 (#2437)
+ * fix(secret): remove space from asymmetric private key (#2434)
+ * chore(deps): bump actions/cache from 3.0.2 to 3.0.4 (#2440)
+ * chore(deps): bump helm/kind-action from 1.2.0 to 1.3.0 (#2439)
+ * chore(deps): bump golang from 1.18.2 to 1.18.3 (#2438)
+ * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.25 to 1.44.46 (#2447)
+ * test(integration): fix golden files for debian 9 (#2435)
+ * fix(cli): fix version string in docs link when secret scanning is enabled
(#2422)
+ * refactor: move CycloneDX marshaling (#2420)
+ * docs(nodejs): add docs about pnpm support (#2423)
+ * docs: improve k8s usage documentation (#2425)
+ * feat: Make secrets scanning output consistant (#2410)
+ * ci: create canary build after main branch changes (#1638)
+ * fix(misconf): skip broken scans (#2396)
+ * feat(nodejs): add pnpm support (#2414)
+ * fix: Fix false positive for use of COS images (#2413)
+ * eliminate nerdctl dependency (#2412)
+ * Add EOL date for SUSE SLES 15.3, 15.4 and OpenSUSE 15.4 (#2403)
+ * fix(go): no cast to lowercase go package names (#2401)
+ * BREAKING(sbom): change 'trivy sbom' to scan SBOM (#2408)
+ * fix(server): hot update the db from custom repository (#2406)
+ * feat: added license parser for dpkg (#2381)
+ * chore(helm): bump appVersion to latest release (#2397)
+ * fix(misconf): Update defsec (v0.68.5) to fix docker rego duplicate key
(#2400)
+ * feat: extract stripe publishable and secret keys (#2392)
+ * feat: rbac support k8s sub-command (#2339)
+ * feat(ruby): drop platform strings from dependency versions bundled with
bundler v2 (#2390)
+ * docs: Updating README with new CLI command (#2359)
+ * fix(misconf): Update defsec to v0.68.4 to resolve CF detection bug (#2383)
+ * chore: add integration label and merge security label (#2316)
+
+-------------------------------------------------------------------
Old:
----
trivy-0.29.2.tar.gz
New:
----
trivy-0.30.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.3HZ4T0/_old 2022-07-19 17:19:31.616379841 +0200
+++ /var/tmp/diff_new_pack.3HZ4T0/_new 2022-07-19 17:19:31.620379846 +0200
@@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
-Version: 0.29.2
+Version: 0.30.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.3HZ4T0/_old 2022-07-19 17:19:31.648379884 +0200
+++ /var/tmp/diff_new_pack.3HZ4T0/_new 2022-07-19 17:19:31.652379889 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
- <param name="revision">v0.29.2</param>
+ <param name="revision">v0.30.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.3HZ4T0/_old 2022-07-19 17:19:31.664379905 +0200
+++ /var/tmp/diff_new_pack.3HZ4T0/_new 2022-07-19 17:19:31.668379910 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
- <param
name="changesrevision">6b515bc73632e08a2d8d6d1bb9b8bea108c41fbe</param></service></servicedata>
+ <param
name="changesrevision">45dae7c2cfbd5c940ef0e3a145301b2d315943f9</param></service></servicedata>
(No newline at EOF)
++++++ trivy-0.29.2.tar.gz -> trivy-0.30.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.29.2.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1523/trivy-0.30.0.tar.gz differ: char 15,
line 1
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/vendor.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1523/vendor.tar.gz differ: char 5, line 1
