commit govulncheck for openSUSE:Factory

Source-Sync Wed, 06 Mar 2024 14:07:38 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package govulncheck for openSUSE:Factory 
checked in at 2024-03-06 23:06:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/govulncheck (Old)
 and      /work/SRC/openSUSE:Factory/.govulncheck.new.1770 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "govulncheck"

Wed Mar  6 23:06:58 2024 rev:5 rq:1155753 version:1.0.4

Changes:
--------
--- /work/SRC/openSUSE:Factory/govulncheck/govulncheck.changes  2024-01-18 
21:52:22.150520866 +0100
+++ /work/SRC/openSUSE:Factory/.govulncheck.new.1770/govulncheck.changes        
2024-03-06 23:07:26.251639065 +0100
@@ -1,0 +2,38 @@
+Wed Mar 06 20:44:38 UTC 2024 - Jeff Kowalczyk <[email protected]>
+
+- Update to version 1.0.4:
+  * cmd/govulncheck: mask line numbers and columns
+  * internal/scan: remove redundant new lines
+  * internal/vulncheck: add position for sinks in findings' trace
+  * internal/scan: put -show <option> into single quotes
+  * internal/buildinfo: do module-level analysis with no PCLN table
+  * internal/scan: add a newline after summary
+  * internal/test: add more info on GoBuild failures
+  * internal/scan: remove extra dot in a comment
+  * cmd/govulncheck: fix vendor test
+  * internal/vulncheck: refactor a loop with an append
+  * cmd/govulncheck: fix stripped bin test
+  * cmd/govulncheck: update vendor tests
+  * cmd/govulncheck: add more tests and reorganize them
+  * internal/vulncheck: add package and module mode for binaries
+  * internal/scan: replace Source with Symbol in text output
+  * internal/scan: fix error statuses for scan={package|module}
+  * internal/scan: add -show verbose flag
+  * internal/scan: overhaul text output
+  * internal/scan: simplify redundant error checking
+  * internal/scan: add scan level to testdata
+  * cmd/govulncheck/integration: update expectations for stackrox
+  * internal/vulncheck: support osv entries with no pkg info
+  * internal/vulncheck: remove redundant symbol check
+  * internal/vulncheck: simplify vulnerability detection
+
+-------------------------------------------------------------------
+Wed Mar 06 20:44:25 UTC 2024 - Jeff Kowalczyk <[email protected]>
+
+- Update to version 1.0.3:
+  * internal/scan: add binary extract mode
+  * internal/scan, vulncheck: use packages.load for mod info
+  * internal/govulncheck: briefly explain streaming JSON
+  * internal/vulncheck: remove -mod=mod flag from LoadModules
+
+-------------------------------------------------------------------

Old:
----
  govulncheck-1.0.2.tar.gz

New:
----
  govulncheck-1.0.4.tar.gz

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ govulncheck.spec ++++++
--- /var/tmp/diff_new_pack.Btkqoq/_old  2024-03-06 23:07:26.863661272 +0100
+++ /var/tmp/diff_new_pack.Btkqoq/_new  2024-03-06 23:07:26.867661417 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           govulncheck
-Version:        1.0.2
+Version:        1.0.4
 Release:        0
 Summary:        CLI tool to report known CVE vulnerabilities in Go source code 
and binaries
 License:        Apache-2.0 AND BSD-3-Clause

++++++ _service ++++++
--- /var/tmp/diff_new_pack.Btkqoq/_old  2024-03-06 23:07:26.891662288 +0100
+++ /var/tmp/diff_new_pack.Btkqoq/_new  2024-03-06 23:07:26.895662433 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/golang/vuln.git</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">v1.0.2</param>
+    <param name="revision">v1.0.4</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="changesgenerate">enable</param>
     <param name="versionrewrite-pattern">v(.*)</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.Btkqoq/_old  2024-03-06 23:07:26.911663013 +0100
+++ /var/tmp/diff_new_pack.Btkqoq/_new  2024-03-06 23:07:26.915663159 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/golang/vuln.git</param>
-              <param 
name="changesrevision">e313109e39439a94eee0185a019b909e74ba6665</param></service></servicedata>
+              <param 
name="changesrevision">5507063454b1b8c930db99818a88b52f1f143418</param></service></servicedata>
 (No newline at EOF)
 

++++++ govulncheck-1.0.2.tar.gz -> govulncheck-1.0.4.tar.gz ++++++
++++ 10099 lines of diff (skipped)

++++++ vendor.tar.gz ++++++

commit govulncheck for openSUSE:Factory

Reply via email to