commit grype for openSUSE:Factory

Source-Sync Tue, 22 Nov 2022 07:10:53 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package grype for openSUSE:Factory checked 
in at 2022-11-22 16:10:30
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grype (Old)
 and      /work/SRC/openSUSE:Factory/.grype.new.1597 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "grype"

Tue Nov 22 16:10:30 2022 rev:13 rq:1037247 version:0.53.1

Changes:
--------
--- /work/SRC/openSUSE:Factory/grype/grype.changes      2022-11-19 
18:09:57.134652630 +0100
+++ /work/SRC/openSUSE:Factory/.grype.new.1597/grype.changes    2022-11-22 
16:10:40.038177434 +0100
@@ -1,0 +2,8 @@
+Tue Nov 22 07:29:31 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.1:
+  * Update Syft to v0.62.1 (#1006)
+  * Update grype bootstrap tools to latest versions. (#1004)
+  * scoped: token release for content write on image assets (#1002)
+
+-------------------------------------------------------------------

Old:
----
  grype-0.53.0.tar.gz

New:
----
  grype-0.53.1.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ grype.spec ++++++
--- /var/tmp/diff_new_pack.ahOOdj/_old  2022-11-22 16:10:42.082187803 +0100
+++ /var/tmp/diff_new_pack.ahOOdj/_new  2022-11-22 16:10:42.086187824 +0100
@@ -19,7 +19,7 @@
 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true
 
 Name:           grype
-Version:        0.53.0
+Version:        0.53.1
 Release:        0
 Summary:        A vulnerability scanner for container images and filesystems
 License:        Apache-2.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.ahOOdj/_old  2022-11-22 16:10:42.134188067 +0100
+++ /var/tmp/diff_new_pack.ahOOdj/_new  2022-11-22 16:10:42.138188087 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/anchore/grype</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">v0.53.0</param>
+    <param name="revision">v0.53.1</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">enable</param>
     <param name="versionrewrite-pattern">v(.*)</param>
@@ -17,7 +17,7 @@
     <param name="compression">gz</param>
   </service>
   <service name="go_modules" mode="disabled">
-    <param name="archive">grype-0.53.0.tar.gz</param>
+    <param name="archive">grype-0.53.1.tar.gz</param>
   </service>
 </services>
 

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.ahOOdj/_old  2022-11-22 16:10:42.166188229 +0100
+++ /var/tmp/diff_new_pack.ahOOdj/_new  2022-11-22 16:10:42.170188250 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/anchore/grype</param>
-              <param 
name="changesrevision">a4a62aab4bbd8aacdd639a59b9ceb1684398c6b6</param></service></servicedata>
+              <param 
name="changesrevision">826726d553e68cb862597a8737b83f7ade898c3b</param></service></servicedata>
 (No newline at EOF)
 

++++++ grype-0.53.0.tar.gz -> grype-0.53.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-0.53.0/.github/workflows/release.yaml 
new/grype-0.53.1/.github/workflows/release.yaml
--- old/grype-0.53.0/.github/workflows/release.yaml     2022-11-18 
21:03:15.000000000 +0100
+++ new/grype-0.53.1/.github/workflows/release.yaml     2022-11-21 
17:11:25.000000000 +0100
@@ -167,6 +167,8 @@
     # a previous release process installed and configured docker on the mac-os 
runner which lead to blocked releases
     # the anchore tools team opted to break this step out to a separate 
process to remove this work constraint
     runs-on: ubuntu-latest
+    permissions:
+      packages: write
     steps:
       - uses: actions/checkout@e2f20e631ae6d7dd3b768f56a5d2af784dd54791 # 
v2.5.0
       - uses: actions/setup-go@c4a742cab115ed795e34d4513e2cf7d472deb55f # 
v3.3.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-0.53.0/Makefile new/grype-0.53.1/Makefile
--- old/grype-0.53.0/Makefile   2022-11-18 21:03:15.000000000 +0100
+++ new/grype-0.53.1/Makefile   2022-11-21 17:11:25.000000000 +0100
@@ -39,7 +39,7 @@
 CHRONICLE_VERSION = v0.4.2
 GOSIMPORTS_VERSION = v0.3.4
 YAJSV_VERSION = v1.4.1
-GORELEASER_VERSION = v1.12.3
+GORELEASER_VERSION = v1.13.0
 
 ## Variable assertions
 
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-0.53.0/go.mod new/grype-0.53.1/go.mod
--- old/grype-0.53.0/go.mod     2022-11-18 21:03:15.000000000 +0100
+++ new/grype-0.53.1/go.mod     2022-11-21 17:11:25.000000000 +0100
@@ -53,7 +53,7 @@
 require (
        github.com/anchore/go-logger v0.0.0-20220728155337-03b66a5207d8
        github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963
-       github.com/anchore/syft v0.62.0
+       github.com/anchore/syft v0.62.1
        github.com/hako/durafmt v0.0.0-20210608085754-5c1018a4e16b
        github.com/in-toto/in-toto-golang v0.4.1-0.20221018183522-731d0640b65f
        github.com/mitchellh/mapstructure v1.5.0
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-0.53.0/go.sum new/grype-0.53.1/go.sum
--- old/grype-0.53.0/go.sum     2022-11-18 21:03:15.000000000 +0100
+++ new/grype-0.53.1/go.sum     2022-11-21 17:11:25.000000000 +0100
@@ -240,8 +240,8 @@
 github.com/anchore/sqlite v1.4.6-0.20220607210448-bcc6ee5c4963/go.mod 
h1:AVRyXOUP0hTz9Cb8OlD1XnwA8t4lBPfTuwPHmEUuiLc=
 github.com/anchore/stereoscope v0.0.0-20221006201143-d24c9d626b33 
h1:Y+9aMJMTEMH+kJJFEaxqrF6X1t9CkjpWjOzaCo1q5vM=
 github.com/anchore/stereoscope v0.0.0-20221006201143-d24c9d626b33/go.mod 
h1:WOWtswyDxLkBnizq9LihYa9uw88r1FhBvJo7g//Ljcc=
-github.com/anchore/syft v0.62.0 h1:eKi0lfcQJVEte6rQSk2ZEU4CYwGWXkOaGtzu9apsfZM=
-github.com/anchore/syft v0.62.0/go.mod 
h1:aDR91I0K5EHp8oiE3DibOnOajF/A0N2tti46RNTiSrc=
+github.com/anchore/syft v0.62.1 h1:3pIZb+Bm5wBJaKbcy48uW6WrSPdXmtCxScnA9ra2HPQ=
+github.com/anchore/syft v0.62.1/go.mod 
h1:aDR91I0K5EHp8oiE3DibOnOajF/A0N2tti46RNTiSrc=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod 
h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
 github.com/andybalholm/brotli v1.0.1/go.mod 
h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=
 github.com/andybalholm/brotli v1.0.2/go.mod 
h1:loMXtMfwqflxFJPmdbJO0a3KNoPuLBgiu3qAvBg8x/Y=

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/grype/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.grype.new.1597/vendor.tar.gz differ: char 5, line 1

commit grype for openSUSE:Factory

Reply via email to