Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package grype for openSUSE:Factory checked
in at 2025-08-10 22:21:05
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grype (Old)
and /work/SRC/openSUSE:Factory/.grype.new.1085 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "grype"
Sun Aug 10 22:21:05 2025 rev:99 rq:1298659 version:0.97.2
Changes:
--------
--- /work/SRC/openSUSE:Factory/grype/grype.changes 2025-08-04
15:22:57.089242422 +0200
+++ /work/SRC/openSUSE:Factory/.grype.new.1085/grype.changes 2025-08-10
22:21:43.254015332 +0200
@@ -1,0 +2,25 @@
+Sun Aug 10 07:04:18 UTC 2025 - Johannes Kastl
<opensuse_buildserv...@ojkastl.de>
+
+- Update to version 0.97.2:
+ * Added Features
+ - new syft version adds binary classifier for hashicorp vault
+ [#4121 @willmurphyscode]
+ * Bug Fixes
+ - fix: update syft's nondeterministic Java archive purl and
+ improve groupID for better matching [#3521 #4118 @kzantow]
+ * Dependencies
+ - chore(deps): update anchore dependencies (#2860)
+ - chore(deps): bump docker/login-action from 3.4.0 to 3.5.0
+ (#2848)
+ - chore(deps): bump actions/cache in /.github/actions/bootstrap
+ (#2854)
+ - chore(deps): bump github/codeql-action from 3.29.6 to 3.29.8
+ (#2857)
+ - chore(deps): bump golang.org/x/tools from 0.35.0 to 0.36.0
+ (#2859)
+ - chore(deps): bump actions/cache from 4.2.3 to 4.2.4 (#2855)
+ - chore(deps): bump github/codeql-action from 3.29.5 to 3.29.6
+ (#2856)
+ - chore(deps): update tools to latest versions (#2839)
+
+-------------------------------------------------------------------
Old:
----
grype-0.97.1.obscpio
New:
----
grype-0.97.2.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ grype.spec ++++++
--- /var/tmp/diff_new_pack.ERon3j/_old 2025-08-10 22:21:45.322101219 +0200
+++ /var/tmp/diff_new_pack.ERon3j/_new 2025-08-10 22:21:45.326101385 +0200
@@ -17,7 +17,7 @@
Name: grype
-Version: 0.97.1
+Version: 0.97.2
Release: 0
Summary: A vulnerability scanner for container images and filesystems
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.ERon3j/_old 2025-08-10 22:21:45.358102714 +0200
+++ /var/tmp/diff_new_pack.ERon3j/_new 2025-08-10 22:21:45.362102880 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/anchore/grype</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.97.1</param>
+ <param name="revision">v0.97.2</param>
<param name="match-tag">v*</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.ERon3j/_old 2025-08-10 22:21:45.386103877 +0200
+++ /var/tmp/diff_new_pack.ERon3j/_new 2025-08-10 22:21:45.390104043 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/anchore/grype</param>
- <param
name="changesrevision">e5e784d5a9dffbea61d358a655edd1931f658c20</param></service></servicedata>
+ <param
name="changesrevision">5f39c25063334745ec0b39152189d010be7717a3</param></service></servicedata>
(No newline at EOF)
++++++ grype-0.97.1.obscpio -> grype-0.97.2.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/grype-0.97.1/.binny.yaml new/grype-0.97.2/.binny.yaml
--- old/grype-0.97.1/.binny.yaml 2025-08-01 17:31:09.000000000 +0200
+++ new/grype-0.97.2/.binny.yaml 2025-08-08 21:00:39.000000000 +0200
@@ -26,7 +26,7 @@
# used for linting
- name: golangci-lint
version:
- want: v2.3.0
+ want: v2.3.1
method: github-release
with:
repo: golangci/golangci-lint
@@ -50,7 +50,7 @@
# used to release all artifacts
- name: goreleaser
version:
- want: v2.11.1
+ want: v2.11.2
method: github-release
with:
repo: goreleaser/goreleaser
@@ -90,7 +90,7 @@
# used for triggering a release
- name: gh
version:
- want: v2.76.1
+ want: v2.76.2
method: github-release
with:
repo: cli/cli
@@ -98,7 +98,7 @@
# used for integration tests
- name: skopeo
version:
- want: v1.19.0
+ want: v1.20.0
method: go-install
with:
module: github.com/containers/skopeo
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/grype-0.97.1/go.mod new/grype-0.97.2/go.mod
--- old/grype-0.97.1/go.mod 2025-08-01 17:31:09.000000000 +0200
+++ new/grype-0.97.2/go.mod 2025-08-08 21:00:39.000000000 +0200
@@ -19,7 +19,7 @@
github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4
github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115
github.com/anchore/stereoscope v0.1.8
- github.com/anchore/syft v1.29.1
+ github.com/anchore/syft v1.30.0
github.com/aquasecurity/go-pep440-version v0.0.1
github.com/araddon/dateparse v0.0.0-20210429162001-6b43995a97de
github.com/bitnami/go-version v0.0.0-20250131085805-b1f57a8634ef
@@ -67,7 +67,7 @@
github.com/xi2/xz v0.0.0-20171230120015-48954b6210f8
golang.org/x/exp v0.0.0-20250620022241-b7579e27df2b
golang.org/x/time v0.12.0
- golang.org/x/tools v0.35.0
+ golang.org/x/tools v0.36.0
gopkg.in/yaml.v3 v3.0.1
gorm.io/gorm v1.30.1
)
@@ -290,14 +290,14 @@
go.opentelemetry.io/otel/trace v1.36.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
go4.org v0.0.0-20230225012048-214862532bf5 // indirect
- golang.org/x/crypto v0.40.0 // indirect
- golang.org/x/mod v0.26.0 // indirect
- golang.org/x/net v0.42.0 // indirect
+ golang.org/x/crypto v0.41.0 // indirect
+ golang.org/x/mod v0.27.0 // indirect
+ golang.org/x/net v0.43.0 // indirect
golang.org/x/oauth2 v0.30.0 // indirect
golang.org/x/sync v0.16.0 // indirect
- golang.org/x/sys v0.34.0 // indirect
- golang.org/x/term v0.33.0 // indirect
- golang.org/x/text v0.27.0 // indirect
+ golang.org/x/sys v0.35.0 // indirect
+ golang.org/x/term v0.34.0 // indirect
+ golang.org/x/text v0.28.0 // indirect
golang.org/x/xerrors v0.0.0-20231012003039-104605ab7028 // indirect
google.golang.org/api v0.215.0 // indirect
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 //
indirect
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/grype-0.97.1/go.sum new/grype-0.97.2/go.sum
--- old/grype-0.97.1/go.sum 2025-08-01 17:31:09.000000000 +0200
+++ new/grype-0.97.2/go.sum 2025-08-08 21:00:39.000000000 +0200
@@ -712,8 +712,8 @@
github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115/go.mod
h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI=
github.com/anchore/stereoscope v0.1.8
h1:K1NRFUqGy6z/jp4ADHNXZWbZ+xd6fPr0Kn4gYp1zm1c=
github.com/anchore/stereoscope v0.1.8/go.mod
h1:VA9zyFcUzN7GIFsXfe8lj3Z6Ocs4CP5QZqbmFc1I7ag=
-github.com/anchore/syft v1.29.1 h1:TEz8jY4ScJAIma9/ZGruYofzZ0hOl6vRJrrVxR2Cxqc=
-github.com/anchore/syft v1.29.1/go.mod
h1:PJW2MAAl6jiyt/gf+PjEDePKuxVd1ce3XSM3QUyBPig=
+github.com/anchore/syft v1.30.0 h1:gphJZugA2hbmneNxSetdZkfXTsaiWNb0JUdS6pWcU+w=
+github.com/anchore/syft v1.30.0/go.mod
h1:9Tv69IfPRmp5LD0htsEKR7i8AfOM/8QFGaC+hRdUo2o=
github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod
h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
github.com/andybalholm/brotli v1.0.4/go.mod
h1:fO7iG3H7G2nSZ7m0zPUDn85XEX2GTukHGRSepvi9Eig=
github.com/andybalholm/brotli v1.1.2-0.20250424173009-453214e765f3
h1:8PmGpDEZl9yDpcdEr6Odf23feCxK3LNUNMxjXg41pZQ=
@@ -1695,8 +1695,8 @@
golang.org/x/crypto v0.19.0/go.mod
h1:Iy9bg/ha4yyC70EfRS8jz+B6ybOBKMaSxLj6P6oBDfU=
golang.org/x/crypto v0.23.0/go.mod
h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8=
golang.org/x/crypto v0.32.0/go.mod
h1:ZnnJkOaASj8g0AjIduWNlq2NRxL0PlBrbKVyZ6V/Ugc=
-golang.org/x/crypto v0.40.0 h1:r4x+VvoG5Fm+eJcxMaY8CQM7Lb0l1lsmjGBQ6s8BfKM=
-golang.org/x/crypto v0.40.0/go.mod
h1:Qr1vMER5WyS2dfPHAlsOj01wgLbsyWtFn/aY+5+ZdxY=
+golang.org/x/crypto v0.41.0 h1:WKYxWedPGCTVVl5+WHSSrOBT0O8lx32+zxmHxijgXp4=
+golang.org/x/crypto v0.41.0/go.mod
h1:pO5AFd7FA68rFak7rOAGVuygIISepHftHnr8dr6+sUc=
golang.org/x/exp v0.0.0-20180321215751-8460e604b9de/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20180807140117-3d87b88a115f/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod
h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
@@ -1759,8 +1759,8 @@
golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs=
golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
-golang.org/x/mod v0.26.0 h1:EGMPT//Ezu+ylkCijjPc+f4Aih7sZvaAr+O3EHBxvZg=
-golang.org/x/mod v0.26.0/go.mod h1:/j6NAhSk8iQ723BGAUyoAcn7SlD7s15Dp9Nd/SfeaFQ=
+golang.org/x/mod v0.27.0 h1:kb+q2PyFnEADO2IEF935ehFUXlWiNjJWtRNgBLSfbxQ=
+golang.org/x/mod v0.27.0/go.mod h1:rWI627Fq0DEoudcK+MBkNkCe0EetEaDSwJJkCcjpazc=
golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod
h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
@@ -1830,8 +1830,8 @@
golang.org/x/net v0.21.0/go.mod h1:bIjVDfnllIU7BJ2DNgfnXvpSvtn8VRwhlsaeUTyUS44=
golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM=
golang.org/x/net v0.34.0/go.mod h1:di0qlW3YNM5oh6GqDGQr92MyTozJPmybPK4Ev/Gm31k=
-golang.org/x/net v0.42.0 h1:jzkYrhi3YQWD6MLBJcsklgQsoAcw89EcZbJw8Z614hs=
-golang.org/x/net v0.42.0/go.mod h1:FF1RA5d3u7nAYA4z2TkclSCKh68eSXtiFwcWQpPXdt8=
+golang.org/x/net v0.43.0 h1:lat02VYK2j4aLzMzecihNvTlJNQUq316m2Mr9rnM6YE=
+golang.org/x/net v0.43.0/go.mod h1:vhO1fvI4dGsIjh73sWfUVjj3N7CA9WkKJNQm2svM6Jg=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod
h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod
h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod
h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -1990,8 +1990,8 @@
golang.org/x/sys v0.17.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
golang.org/x/sys v0.29.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
-golang.org/x/sys v0.34.0 h1:H5Y5sJ2L2JRdyv7ROF1he/lPdvFsd0mJHFw2ThKHxLA=
-golang.org/x/sys v0.34.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
+golang.org/x/sys v0.35.0 h1:vz1N37gP5bs89s7He8XuIYXpyY0+QlsKmzipCbUtyxI=
+golang.org/x/sys v0.35.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k=
golang.org/x/telemetry v0.0.0-20240228155512-f48c80bd79b2/go.mod
h1:TeRTkGYfJXctD9OcfyVLyj2J3IxLnKwHJR8f4D8a3YE=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod
h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod
h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
@@ -2007,8 +2007,8 @@
golang.org/x/term v0.17.0/go.mod
h1:lLRBjIVuehSbZlaOtGMbcMncT+aqLLLmKrsjNrUguwk=
golang.org/x/term v0.20.0/go.mod
h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY=
golang.org/x/term v0.28.0/go.mod
h1:Sw/lC2IAUZ92udQNf3WodGtn4k/XoLyZoh8v/8uiwek=
-golang.org/x/term v0.33.0 h1:NuFncQrRcaRvVmgRkvM3j/F00gWIAlcmlB8ACEKmGIg=
-golang.org/x/term v0.33.0/go.mod
h1:s18+ql9tYWp1IfpV9DmCtQDDSRBUjKaw9M1eAv5UeF0=
+golang.org/x/term v0.34.0 h1:O/2T7POpk0ZZ7MAzMeWFSg6S5IpWd/RXDlM9hgM3DR4=
+golang.org/x/term v0.34.0/go.mod
h1:5jC53AEywhIVebHgPVeg0mj8OD3VO9OzclacVrqpaAw=
golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod
h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod
h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -2030,8 +2030,8 @@
golang.org/x/text v0.14.0/go.mod
h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.15.0/go.mod
h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
golang.org/x/text v0.21.0/go.mod
h1:4IBbMaMmOPCJ8SecivzSH54+73PCFmPWxNTLm+vZkEQ=
-golang.org/x/text v0.27.0 h1:4fGWRpyh641NLlecmyl4LOe6yDdfaYNrGb2zdfo4JV4=
-golang.org/x/text v0.27.0/go.mod
h1:1D28KMCvyooCX9hBiosv5Tz/+YLxj0j7XhWjpSUF7CU=
+golang.org/x/text v0.28.0 h1:rhazDwis8INMIwQ4tpjLDzUhx6RlXqZNPEM0huQojng=
+golang.org/x/text v0.28.0/go.mod
h1:U8nCwOR8jO/marOQ0QbDiOngZVEBB7MAiitBuMjXiNU=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod
h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -2106,8 +2106,8 @@
golang.org/x/tools v0.7.0/go.mod
h1:4pg6aUX35JBAogB10C9AtvVL+qowtN4pT3CGSQex14s=
golang.org/x/tools v0.13.0/go.mod
h1:HvlwmtVNQAhOuCjW7xxvovg8wbNq7LwfXh/k7wXUl58=
golang.org/x/tools v0.21.1-0.20240508182429-e35e4ccd0d2d/go.mod
h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk=
-golang.org/x/tools v0.35.0 h1:mBffYraMEf7aa0sB+NuKnuCy8qI/9Bughn8dC2Gu5r0=
-golang.org/x/tools v0.35.0/go.mod
h1:NKdj5HkL/73byiZSJjqJgKn3ep7KjFkBOkR/Hps3VPw=
+golang.org/x/tools v0.36.0 h1:kWS0uv/zsvHEle1LbV5LE8QujrxB3wfQyxHfhOk0Qkg=
+golang.org/x/tools v0.36.0/go.mod
h1:WBDiHKJK8YgLHlcQPYQzNCkUxUypCaa5ZegCVutKm+s=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod
h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/grype-0.97.1/test/quality/test-db
new/grype-0.97.2/test/quality/test-db
--- old/grype-0.97.1/test/quality/test-db 2025-08-01 17:31:09.000000000
+0200
+++ new/grype-0.97.2/test/quality/test-db 2025-08-08 21:00:39.000000000
+0200
@@ -1 +1 @@
-vulnerability-db_v6.0.2_2025-07-02T01:31:00Z_1751429758.tar.zst
+vulnerability-db_v6.0.3_2025-08-01T01:33:15Z_1754022694.tar.zst
++++++ grype.obsinfo ++++++
--- /var/tmp/diff_new_pack.ERon3j/_old 2025-08-10 22:21:57.062588794 +0200
+++ /var/tmp/diff_new_pack.ERon3j/_new 2025-08-10 22:21:57.062588794 +0200
@@ -1,5 +1,5 @@
name: grype
-version: 0.97.1
-mtime: 1754062269
-commit: e5e784d5a9dffbea61d358a655edd1931f658c20
+version: 0.97.2
+mtime: 1754679639
+commit: 5f39c25063334745ec0b39152189d010be7717a3
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/grype/vendor.tar.gz
/work/SRC/openSUSE:Factory/.grype.new.1085/vendor.tar.gz differ: char 115, line
1
