Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package trivy for openSUSE:Factory checked
in at 2022-08-16 17:08:19
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
and /work/SRC/openSUSE:Factory/.trivy.new.1521 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy"
Tue Aug 16 17:08:19 2022 rev:31 rq:997334 version:0.31.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-07-28
20:58:52.355607752 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.1521/trivy.changes 2022-08-16
17:08:25.111999180 +0200
@@ -1,0 +2,52 @@
+Tue Aug 16 12:02:47 UTC 2022 - dmuel...@suse.com
+
+- Update to version 0.31.0:
+ * fix(flag): add error when there are no supported security checks (#2713)
+ * fix(vuln): continue scanning when no vuln found in the first application
(#2712)
+ * revert: add new classes for vulnerabilities (#2701)
+ * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
+ * fix(cli): secret scanning perf link fix (#2607)
+ * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
+ * feat: Add AWS Cloud scanning (#2493)
+ * docs: specify the type when verifying an attestation (#2697)
+ * docs(sbom): improve SBOM docs by adding a description for scanning SBOM
attestation (#2690)
+ * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
+ * feat(rust): Add support for cargo-auditable (#2675)
+ * feat: Support passing value overrides for configuration checks (#2679)
+ * feat(sbom): add support for scanning a sbom attestation (#2652)
+ * chore(image): skip symlinks and hardlinks from tar scan (#2634)
+ * fix(report): Update junit.tpl (#2677)
+ * fix(cyclonedx): add nil check to metadata.component (#2673)
+ * docs(secret): fix missing and broken links (#2674)
+ * refactor(cyclonedx): implement json.Unmarshaler (#2662)
+ * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
+ * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
+ * feat(kubernetes): add option to specify kubeconfig file path (#2576)
+ * docs: follow Debian's "instructions to connect to a third-party
repository" (#2511)
+ * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
+ * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
+ * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
+ * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
+ * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
+ * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
+ * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)
+ * chore(deps): bump golang from 1.18.3 to 1.18.4 (#2638)
+ * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.48 to 1.44.66 (#2648)
+ * chore(deps): bump github.com/open-policy-agent/opa from 0.42.0 to 0.43.0
(#2649)
+ * chore(deps): bump google.golang.org/protobuf from 1.28.0 to 1.28.1 (#2651)
+ * feat(alma): set AlmaLinux 9 EOL (#2653)
+ * fix(misconf): Allow quotes in Dockerfile WORKDIR when detecting relative
dirs (#2636)
+ * test(misconf): add tests for misconf handler for dockerfiles (#2621)
+ * feat(oracle): set Oracle Linux 9 EOL (#2635)
+ * BREAKING: add new classes for vulnerabilities (#2541)
+ * fix(secret): add newline escaping for asymmetric private key (#2532)
+ * docs: improve formatting (#2572)
+ * feat(helm): allows users to define an existing secret for tokens (#2587)
+ * docs(mariner): use tdnf in fs usage example (#2616)
+ * docs: remove unnecessary double quotation marks (#2609)
+ * fix: Fix --file-patterns flag (#2625)
+ * feat(report): add support for Cosign vulnerability attestation (#2567)
+ * docs(mariner): use v2.0 in examples (#2602)
+ * feat(report): add secrets template for codequality report (#2461)
+
+-------------------------------------------------------------------
Old:
----
trivy-0.30.4.tar.gz
New:
----
trivy-0.31.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.296008700 +0200
+++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.304008725 +0200
@@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
-Version: 0.30.4
+Version: 0.31.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.340008832 +0200
+++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.344008844 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
- <param name="revision">v0.30.4</param>
+ <param name="revision">v0.31.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.7vJCuO/_old 2022-08-16 17:08:28.364008904 +0200
+++ /var/tmp/diff_new_pack.7vJCuO/_new 2022-08-16 17:08:28.368008916 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
- <param
name="changesrevision">f9c17bd2d87b9c02da1eebd21dd45ce1ccf97995</param></service></servicedata>
+ <param
name="changesrevision">917f388852b39a0d31da4a17a73c7302b3dc0d6f</param></service></servicedata>
(No newline at EOF)
++++++ trivy-0.30.4.tar.gz -> trivy-0.31.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.30.4.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1521/trivy-0.31.0.tar.gz differ: char 12,
line 1
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/vendor.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.1521/vendor.tar.gz differ: char 5, line 1
