Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package syft for openSUSE:Factory checked in
at 2022-11-16 15:42:47
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/syft (Old)
and /work/SRC/openSUSE:Factory/.syft.new.1597 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "syft"
Wed Nov 16 15:42:47 2022 rev:12 rq:1035810 version:0.60.3
Changes:
--------
--- /work/SRC/openSUSE:Factory/syft/syft.changes 2022-10-18
12:45:55.777850741 +0200
+++ /work/SRC/openSUSE:Factory/.syft.new.1597/syft.changes 2022-11-16
15:42:58.363746761 +0100
@@ -1,0 +2,57 @@
+Tue Nov 15 09:52:45 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.60.3:
+ * javascript cataloger: node binary: nil pointer dereference (#1313)
+ * Fix: Include version information in binary cataloger CPEs (#1310)
+ * fix: only generate PURL on empty string (#1312)
+ * add s3 credentials to release (#1309)
+ * port javascript cataloger to new generic cataloger pattern (#1308)
+
+-------------------------------------------------------------------
+Tue Nov 15 09:44:11 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.60.2:
+ * chore: update goreleaser brew token (#1306)
+ * fix: Decode binary and unknown metadata (#1307)
+
+-------------------------------------------------------------------
+Tue Nov 15 09:39:47 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.60.1:
+ * chore: update github token permissions for goreleaser (#1305)
+
+-------------------------------------------------------------------
+Tue Nov 15 09:29:12 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.60.0:
+ * fix: update ci secret to use new password (#1304)
+ * fix: update secret value to use new cert cahin (#1303)
+ * fix: verbose quill release failures (#1302)
+ * fix: unterminated quoted string (#1300)
+ * fix: update Makefile to remove old signing arch (#1299)
+ * feat: add nodejs-binary package classifier (#1296)
+ * update go-rpmdb to improve parsing of installed files (#1297)
+ * docs: update attestation directions with new cosign changes
+ * fix: Continue parsing Python RECORD files when bad lines encountered
(#1295)
+ * Fix #1245 Update SPDX license list to 3.18 (#1259)
+ * fix: Resolve Maven POM expressions (#1251) (#1278)
+ * port haskell cataloger to new generic cataloger pattern (#1290)
+ * port golang cataloger to new generic cataloger pattern (#1289)
+ * port deb/dpkg cataloger to new generic cataloger pattern (#1288)
+ * update cataloger tests to use pkgtest utils (#1287)
+ * port dotnet cataloger to new generic cataloger pattern (#1286)
+ * port dart cataloger to new generic cataloger pattern (#1285)
+ * port conan cataloger to new generic cataloger pattern (#1284)
+ * port apk cataloger to new generic cataloger pattern (#1283)
+ * replace signing tooling with quill (#1280)
+ * Upgrade generic cataloger (#1281)
+ * Update syft bootstrap tools to latest versions. (#1282)
+ * replace logger interface with anchore/go-logger (#1279)
+ * Update syft bootstrap tools to latest versions. (#1267)
+ * Add go binary h1 digest to SPDX (#1265)
+ * fix: move reproduction to top of issue (#1264)
+ * fix: update syftjson ID to match major schema version (#1274)
+ * Use in-toto CycloneDX predicate to be compatible with cosign (#1270)
+ * chore: handle deprecated SPDX license: StandardML-NJ (#1266)
+
+-------------------------------------------------------------------
Old:
----
syft-0.59.0.tar.gz
New:
----
syft-0.60.3.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ syft.spec ++++++
--- /var/tmp/diff_new_pack.SbJtlf/_old 2022-11-16 15:43:00.135753185 +0100
+++ /var/tmp/diff_new_pack.SbJtlf/_new 2022-11-16 15:43:00.139753200 +0100
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
-Version: 0.59.0
+Version: 0.60.3
Release: 0
Summary: CLI tool and library for generating a Software Bill of
Materials
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.SbJtlf/_old 2022-11-16 15:43:00.167753302 +0100
+++ /var/tmp/diff_new_pack.SbJtlf/_new 2022-11-16 15:43:00.171753316 +0100
@@ -3,7 +3,7 @@
<param name="url">https://github.com/anchore/syft</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.59.0</param>
+ <param name="revision">v0.60.3</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
@@ -16,7 +16,7 @@
<param name="compression">gz</param>
</service>
<service name="go_modules" mode="disabled">
- <param name="archive">syft-0.59.0.tar.gz</param>
+ <param name="archive">syft-0.60.3.tar.gz</param>
</service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.SbJtlf/_old 2022-11-16 15:43:00.191753389 +0100
+++ /var/tmp/diff_new_pack.SbJtlf/_new 2022-11-16 15:43:00.195753403 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/anchore/syft</param>
- <param
name="changesrevision">41bc6bb410352845f22766e27dd48ba93aa825a4</param></service></servicedata>
+ <param
name="changesrevision">bc9740d50a38e9660f2f98ed91d84c6d8799cf70</param></service></servicedata>
(No newline at EOF)
++++++ syft-0.59.0.tar.gz -> syft-0.60.3.tar.gz ++++++
++++ 25611 lines of diff (skipped)
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/syft/vendor.tar.gz
/work/SRC/openSUSE:Factory/.syft.new.1597/vendor.tar.gz differ: char 5, line 1
