Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package trivy for openSUSE:Factory checked
in at 2022-10-26 12:31:55
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
and /work/SRC/openSUSE:Factory/.trivy.new.2275 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy"
Wed Oct 26 12:31:55 2022 rev:36 rq:1031258 version:0.33.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-09-29
18:13:16.903246415 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.2275/trivy.changes 2022-10-26
12:31:58.284335483 +0200
@@ -1,0 +2,52 @@
+Wed Oct 26 05:22:55 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.33.0:
+ * refactor(k8s): custom reports (#3076)
+ * fix(misconf): Bump in-toto-golang with correct CycloneDX predicate (#3068)
+ * feat(image): add support for passing architecture and OS (#3012)
+ * test: disable containerd integration tests for non-amd64 arch (#3073)
+ * feat(server): Add support for client/server mode to rootfs command (#3021)
+ * feat(vuln): support non-packaged binaries (#3019)
+ * feat: compliance reports (#2951)
+ * fix(flag): disable flag parsing for each plugin command (#3074)
+ * feat(nodejs): add support dependency location for yarn.lock files (#3016)
+ * chore: Switch github.com/liamg dependencies to github.com/aquasecurity
(#3069)
+ * feat: add k8s components (#2589)
+ * fix(secret): update the regex for secrets scanning (#2964)
+ * chore(deps): bump github.com/samber/lo from 1.27.1 to 1.28.2 (#2979)
+ * fix: bump trivy-kubernetes (#3064)
+ * docs: fix missing 'image' subcommand (#3051)
+ * chore: Patch golang x/text vulnerability (#3046)
+ * chore: add licensed project logo (#3058)
+ * feat(ubuntu): set Ubuntu 22.10 EOL (#3054)
+ * refactor(analyzer): use strings.TrimSuffix instead of strings.HasSuffix
(#3028)
+ * feat(report): Use understandable value for shortDescription in SARIF
reports (#3009)
+ * docs(misconf): fix typo (#3043)
+ * feat: add support for scanning azure ARM (#3011)
+ * feat(report): add location.message to SARIF output (#3002) (#3003)
+ * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.95 to 1.44.109
(#2980)
+ * feat(nodejs): add dependency line numbers for npm lock files (#2932)
+ * test(fs): add `--skip-files`, `--skip-dirs` (#2984)
+ * docs: add Woodpecker CI integrations example (#2823)
+ * chore(deps): bump github.com/sigstore/rekor from 0.12.0 to 0.12.2 (#2981)
+ * chore(deps): bump github.com/liamg/memoryfs from 1.4.2 to 1.4.3 (#2976)
+ * chore(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 (#2975)
+ * chore(deps): bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 (#2982)
+ * fix(sbom): ref generation if serialNumber is empty when input is cyclonedx
file (#3000)
+ * fix(java): don't stop parsing jar file when wrong inner jar is found
(#2989)
+ * fix(sbom): use nuget purl type for dotnet-core (#2990)
+ * perf: retrieve rekor entries in bulk (#2987)
+ * feat(aws): Custom rego policies for AWS scanning (#2994)
+ * docs: jq cli formatting (#2881)
+ * docs(repo): troubleshooting $TMPDIR customization (#2985)
+ * chore(deps): bump actions/cache from 3.0.8 to 3.0.9 (#2969)
+ * chore(deps): bump actions/stale from 5 to 6 (#2970)
+ * chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.7.0 (#2971)
+ * chore(deps): bump helm/chart-testing-action from 2.3.0 to 2.3.1 (#2972)
+ * chore(deps): bump helm/kind-action from 1.3.0 to 1.4.0 (#2973)
+ * chore: run `go fmt` (#2897)
+ * chore(go): updates wazero to 1.0.0-pre.2 (#2955)
+ * fix(aws): Less function for slice sorting always returns false #2967
+ * fix(java): fix unmarshal pom exclusions (#2936)
+
+-------------------------------------------------------------------
Old:
----
trivy-0.32.1.tar.gz
New:
----
trivy-0.33.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.ilFGZ1/_old 2022-10-26 12:32:00.768340793 +0200
+++ /var/tmp/diff_new_pack.ilFGZ1/_new 2022-10-26 12:32:00.776340811 +0200
@@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
-Version: 0.32.1
+Version: 0.33.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.ilFGZ1/_old 2022-10-26 12:32:00.828340922 +0200
+++ /var/tmp/diff_new_pack.ilFGZ1/_new 2022-10-26 12:32:00.832340930 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
- <param name="revision">v0.32.1</param>
+ <param name="revision">v0.33.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.ilFGZ1/_old 2022-10-26 12:32:00.860340990 +0200
+++ /var/tmp/diff_new_pack.ilFGZ1/_new 2022-10-26 12:32:00.868341008 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
- <param
name="changesrevision">8b1cee845be41f50979e3ac0039660fbd3d4cf2b</param></service></servicedata>
+ <param
name="changesrevision">af89249deab0a9e4ed1a959cedf8b5ace731b45a</param></service></servicedata>
(No newline at EOF)
++++++ trivy-0.32.1.tar.gz -> trivy-0.33.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.32.1.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.2275/trivy-0.33.0.tar.gz differ: char 12,
line 1
++++++ vendor.tar.zst ++++++
Binary files /var/tmp/diff_new_pack.ilFGZ1/_old and
/var/tmp/diff_new_pack.ilFGZ1/_new differ
