Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package osv-scanner for openSUSE:Factory
checked in at 2025-08-07 16:49:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/osv-scanner (Old)
and /work/SRC/openSUSE:Factory/.osv-scanner.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "osv-scanner"
Thu Aug 7 16:49:24 2025 rev:34 rq:1298049 version:2.2.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/osv-scanner/osv-scanner.changes 2025-07-11
21:32:38.439304720 +0200
+++ /work/SRC/openSUSE:Factory/.osv-scanner.new.1085/osv-scanner.changes
2025-08-07 16:51:14.982423770 +0200
@@ -1,0 +2,42 @@
+Thu Aug 07 05:03:32 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 2.2.0:
+ OSV-Scanner now supports all OSV-Scalibr features behind
+ experimental flags (--experimental-plugins, see details here)!
+ * Features:
+ - Feature #2146 Allow manual OSV-Scalibr plugin selection.
+ - Feature #2144 Add OSV-Scalibr version to osv-scanner
+ --version output.
+ - Feature #2021 Add experimental support for running
+ OSV-Scalibr detectors.
+ - Feature #2079 Fall back to offline extractor if the
+ transitive one fails, so at least direct dependencies are
+ returned.
+ - Feature #2032 Add summary section at the top of outputs and a
+ 'Fixed Version' column.
+ - Feature #2076 Support Ubuntu severity type.
+ * Fixes:
+ - Bug #2141 Fix OSV-Scanner json scans not matching with
+ correct ecosystem.
+ - Bug #2084 Show absolute paths when scanning containers.
+ - Bug #2126 Log and preserve package count before continuing on
+ db error.
+ - Bug #2095 Pass through plugin capabilities correctly.
+ - Bug #2051 Properly flag if running on Linux or Mac OSs for
+ plugin compatibility.
+ - Bug #2072 Add missing "text" property in description fields.
+ - Bug #2068 Change links in output to go to the specific
+ vulnerability page instead of the list page.
+ - Bug #2064 Fix SARIF v3 output to include results.
+ * API Changes:
+ - API Change #2096 Allow log handler to be overridden.
+ * Dependencies:
+ - chore(deps): update alpine:3.22 docker digest to 4bcff63
+ (#2089)
+ - chore(deps): update github/codeql-action action to v3.29.5
+ (#2116)
+ - chore(deps): update golang docker tag to v1.24.5 (#2062)
+ - chore(deps): update golang:1.24.5-alpine3.21 docker digest to
+ 6edc205 (#2090)
+
+-------------------------------------------------------------------
Old:
----
osv-scanner-2.1.0.obscpio
New:
----
osv-scanner-2.2.0.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ osv-scanner.spec ++++++
--- /var/tmp/diff_new_pack.w5F8DP/_old 2025-08-07 16:51:16.750496301 +0200
+++ /var/tmp/diff_new_pack.w5F8DP/_new 2025-08-07 16:51:16.754496465 +0200
@@ -1,7 +1,7 @@
#
# spec file for package osv-scanner
#
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2025 SUSE LLC and contributors
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: osv-scanner
-Version: 2.1.0
+Version: 2.2.0
Release: 0
Summary: Vulnerability scanner written in Go
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.w5F8DP/_old 2025-08-07 16:51:16.790497942 +0200
+++ /var/tmp/diff_new_pack.w5F8DP/_new 2025-08-07 16:51:16.794498106 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/google/osv-scanner</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v2.1.0</param>
+ <param name="revision">v2.2.0</param>
<param name="match-tag">v*</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.w5F8DP/_old 2025-08-07 16:51:16.814498926 +0200
+++ /var/tmp/diff_new_pack.w5F8DP/_new 2025-08-07 16:51:16.818499090 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/google/osv-scanner</param>
- <param
name="changesrevision">9267fda97136812f3217852fd380104487cf4a00</param></service></servicedata>
+ <param
name="changesrevision">a14aa98ab8408547083d4411091c5fbaf5b47d8e</param></service></servicedata>
(No newline at EOF)
++++++ osv-scanner-2.1.0.obscpio -> osv-scanner-2.2.0.obscpio ++++++
++++ 32199 lines of diff (skipped)
++++++ osv-scanner.obsinfo ++++++
--- /var/tmp/diff_new_pack.w5F8DP/_old 2025-08-07 16:51:18.210556196 +0200
+++ /var/tmp/diff_new_pack.w5F8DP/_new 2025-08-07 16:51:18.222556689 +0200
@@ -1,5 +1,5 @@
name: osv-scanner
-version: 2.1.0
-mtime: 1752207738
-commit: 9267fda97136812f3217852fd380104487cf4a00
+version: 2.2.0
+mtime: 1754536837
+commit: a14aa98ab8408547083d4411091c5fbaf5b47d8e
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/osv-scanner/vendor.tar.gz
/work/SRC/openSUSE:Factory/.osv-scanner.new.1085/vendor.tar.gz differ: char 31,
line 1
