commit govulncheck for openSUSE:Factory

Source-Sync Thu, 18 Jan 2024 12:53:04 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package govulncheck for openSUSE:Factory 
checked in at 2024-01-18 21:52:07
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/govulncheck (Old)
 and      /work/SRC/openSUSE:Factory/.govulncheck.new.16006 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "govulncheck"

Thu Jan 18 21:52:07 2024 rev:4 rq:1139545 version:1.0.2

Changes:
--------
--- /work/SRC/openSUSE:Factory/govulncheck/govulncheck.changes  2023-09-25 
20:47:33.242284575 +0200
+++ /work/SRC/openSUSE:Factory/.govulncheck.new.16006/govulncheck.changes       
2024-01-18 21:52:22.150520866 +0100
@@ -1,0 +2,65 @@
+Wed Jan 17 20:49:27 UTC 2024 - Jeff Kowalczyk <jkowalc...@suse.com>
+
+- Update to version 1.0.2:
+  * cmd/govulncheck: update test data
+  * go.mod: update golang.org/x dependencies
+  * internal/osv: fix type name in comment
+  * internal/scan: remove informational header for package and module mode
+  * internal/scan: remove redundant newline for package and module mode
+  * cmd/govulncheck/integration/stackrox: update vuln expectation
+  * all: update tools to pick up bug fixes
+  * internal/vulncheck: compute proper db names for generic functions
+  * internal/vulncheck: improve error message for fetching vulns
+  * testdata: Add more package/mod level tests
+  * internal/scan: change text based on scan level
+  * internal/scan: update show help message
+  * internal/sarif: add sarif types
+  * internal/scan: enable module scan mode
+  * internal/scan: add scan_level to text tests
+  * internal/scan: add scan level to textHandler
+  * cmd/govulncheck: rearrange test files
+  * all: add logging to TestGovulncheck
+  * internal/scan: disallow package input in mod level
+  * go.mod: update golang.org/x dependencies
+  * cmd/govulncheck: fix mod level behavior
+  * all: update to x/tools@v.15.0
+  * internal/vulncheck: define Binary over Bin
+  * internal/vulncheck: add binary abstraction data structure
+  * cmd/govulncheck: organize tests into subdirs
+  * internal/scan: Improve "Informational" text output
+  * internal/scan: properly "genericify" choose
+  * internal/vulncheck: emit package findings all at once
+  * internal/vulncheck: update logic for package level analysis
+  * internal/vulncheck: remove obsolete tests and helpers
+  * internal/scan: remove obsolete function
+  * internal/scan: check for go mod before running
+  * cmd/govulncheck/integration: add new expectations
+  * cmd/govulncheck: Fix no go mod tests
+  * internal/vulncheck: rename moduleVulnerabilities
+  * internal/vulncheck: add documentation and propagate errors
+  * internal/vulncheck: emit OSVs in their raw form asap
+  * internal/scan: move emit logic for findings to internal/vulncheck
+  * internal: properly fetch modules in source mode
+  * internal/scan: verify scan level flag
+  * internal/govulncheck: update Finding docstring
+  * internal/vulncheck: remove file set computation
+  * internal/scan: generate better message when patterns matches no packages
+  * internal/scan, vulncheck: emit vulns as found
+  * internal/scan: use modVersion for mod version
+  * internal/scan: suggest earliest valid fixed version as the fix
+  * internal/scan: communicate default value for test flag
+  * internal/semver: rename the LatestFixedVersion function
+  * cmd/govulncheck: fix incorrect test file name
+  * cmd/govulncheck: remove go version for test file
+  * internal/vulnchec: improve comments and names for imports level logic
+  * internal/govulncheck: update description of Findings
+  * internal/vulncheck/internal/buildinfo: support stripped darwin binaries
+  * internal/scan: update test names
+  * internal/scan: text output allows module level vulns
+  * internal/client: add additional context to HTTP error message
+  * internal/scan: add isImported function
+  * internal/scan: fix trace count bug
+  * internal/vulncheck: add LoadModules using go.mod
+  * internal/govulncheck: add WantPackages scan level
+
+-------------------------------------------------------------------

Old:
----
  govulncheck-1.0.1.tar.gz

New:
----
  govulncheck-1.0.2.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ govulncheck.spec ++++++
--- /var/tmp/diff_new_pack.byvV3q/_old  2024-01-18 21:52:22.758542806 +0100
+++ /var/tmp/diff_new_pack.byvV3q/_new  2024-01-18 21:52:22.758542806 +0100
@@ -1,7 +1,7 @@
 #
 # spec file for package govulncheck
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
 
 
 Name:           govulncheck
-Version:        1.0.1
+Version:        1.0.2
 Release:        0
 Summary:        CLI tool to report known CVE vulnerabilities in Go source code 
and binaries
 License:        Apache-2.0 AND BSD-3-Clause

++++++ _service ++++++
--- /var/tmp/diff_new_pack.byvV3q/_old  2024-01-18 21:52:22.782543672 +0100
+++ /var/tmp/diff_new_pack.byvV3q/_new  2024-01-18 21:52:22.786543817 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/golang/vuln.git</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">v1.0.1</param>
+    <param name="revision">v1.0.2</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">enable</param>
     <param name="versionrewrite-pattern">v(.*)</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.byvV3q/_old  2024-01-18 21:52:22.802544393 +0100
+++ /var/tmp/diff_new_pack.byvV3q/_new  2024-01-18 21:52:22.806544538 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/golang/vuln.git</param>
-              <param 
name="changesrevision">da4b74a5408a0116e9a2dde953659a7b0956dc56</param></service></servicedata>
+              <param 
name="changesrevision">e313109e39439a94eee0185a019b909e74ba6665</param></service></servicedata>
 (No newline at EOF)
 

++++++ govulncheck-1.0.1.tar.gz -> govulncheck-1.0.2.tar.gz ++++++
++++ 19241 lines of diff (skipped)

++++++ vendor.tar.gz ++++++
++++ 8146 lines of diff (skipped)

commit govulncheck for openSUSE:Factory

Reply via email to