Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2022-08-16 17:08:19 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.1521 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Tue Aug 16 17:08:19 2022 rev:31 rq:997334 version:0.31.0 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-07-28 20:58:52.355607752 +0200 +++ /work/SRC/openSUSE:Factory/.trivy.new.1521/trivy.changes 2022-08-16 17:08:25.111999180 +0200 @@ -1,0 +2,52 @@ +Tue Aug 16 12:02:47 UTC 2022 - dmuel...@suse.com + +- Update to version 0.31.0: + * fix(flag): add error when there are no supported security checks (#2713) + * fix(vuln): continue scanning when no vuln found in the first application (#2712) + * revert: add new classes for vulnerabilities (#2701) + * feat(secret): detect secrets removed or overwritten in upper layer (#2611) + * fix(cli): secret scanning perf link fix (#2607) + * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650) + * feat: Add AWS Cloud scanning (#2493) + * docs: specify the type when verifying an attestation (#2697) + * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690) + * fix(rpc): scanResponse rpc conversion for custom resources (#2692) + * feat(rust): Add support for cargo-auditable (#2675) + * feat: Support passing value overrides for configuration checks (#2679) + * feat(sbom): add support for scanning a sbom attestation (#2652) + * chore(image): skip symlinks and hardlinks from tar scan (#2634) + * fix(report): Update junit.tpl (#2677) + * fix(cyclonedx): add nil check to metadata.component (#2673) + * docs(secret): fix missing and broken links (#2674) + * refactor(cyclonedx): implement json.Unmarshaler (#2662) + * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643) + * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642) + * feat(kubernetes): add option to specify kubeconfig file path (#2576) + * docs: follow Debian's "instructions to connect to a third-party repository" (#2511) + * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644) + * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645) + * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647) + * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646) + * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641) + * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640) + * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639) + * chore(deps): bump golang from 1.18.3 to 1.18.4 (#2638) + * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.48 to 1.44.66 (#2648) + * chore(deps): bump github.com/open-policy-agent/opa from 0.42.0 to 0.43.0 (#2649) + * chore(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1 (#2651) + * feat(alma): set AlmaLinux 9 EOL (#2653) + * fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative dirs (#2636) + * test(misconf): add tests for misconf handler for dockerfiles (#2621) + * feat(oracle): set Oracle Linux 9 EOL (#2635) + * BREAKING: add new classes for vulnerabilities (#2541) + * fix(secret): add newline escaping for asymmetric private key (#2532) + * docs: improve formatting (#2572) + * feat(helm): allows users to define an existing secret for tokens (#2587) + * docs(mariner): use tdnf in fs usage example (#2616) + * docs: remove unnecessary double quotation marks (#2609) + * fix: Fix --file-patterns flag (#2625) + * feat(report): add support for Cosign vulnerability attestation (#2567) + * docs(mariner): use v2.0 in examples (#2602) + * feat(report): add secrets template for codequality report (#2461) + +------------------------------------------------------------------- Old: ---- trivy-0.30.4.tar.gz New: ---- trivy-0.31.0.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.296008700 +0200 +++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.304008725 +0200 @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.30.4 +Version: 0.31.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.340008832 +0200 +++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.344008844 +0200 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.30.4</param> + <param name="revision">v0.31.0</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.364008904 +0200 +++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.368008916 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">f9c17bd2d87b9c02da1eebd21dd45ce1ccf97995</param></service></servicedata> + <param name="changesrevision">917f388852b39a0d31da4a17a73c7302b3dc0d6f</param></service></servicedata> (No newline at EOF) ++++++ trivy-0.30.4.tar.gz -> trivy-0.31.0.tar.gz ++++++ /work/SRC/openSUSE:Factory/trivy/trivy-0.30.4.tar.gz /work/SRC/openSUSE:Factory/.trivy.new.1521/trivy-0.31.0.tar.gz differ: char 12, line 1 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/trivy/vendor.tar.gz /work/SRC/openSUSE:Factory/.trivy.new.1521/vendor.tar.gz differ: char 5, line 1