Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2025-12-03 14:13:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.14147 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Wed Dec 3 14:13:46 2025 rev:83 rq:1320965 version:0.68.1 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2025-11-10 19:21:12.142063448 +0100 +++ /work/SRC/openSUSE:Factory/.trivy.new.14147/trivy.changes 2025-12-03 14:15:16.257512395 +0100 @@ -1,0 +2,119 @@ +Wed Dec 03 10:23:46 UTC 2025 - Dirk Müller <[email protected]> + +- Update to version 0.68.1: + * release: v0.68.1 [main] (#9867) + * fix: update cosing settings for GoReleaser after bumping cosing to v3 (#9863) + * chore(deps): bump the testcontainers group with 2 updates (#9506) + * release: v0.68.0 [main] (#9549) + * feat(aws): Add support for dualstack ECR endpoints (#9862) + * fix(vex): use a separate `visited` set for each DFS path (#9760) + * docs: catch some missed docs -> guide (#9850) + * refactor(misconf): parse azure_policy_enabled to addonprofile.azurepolicy.enabled (#9851) + * chore(cli): Remove Trivy Cloud (#9847) + * fix(misconf): ensure value used as ignore marker is non-null and known (#9835) + * fix(misconf): map healthcheck start period flag to --start-period instead of --startPeriod (#9837) + * chore(deps): bump the docker group with 3 updates (#9776) + * chore(deps): bump golang.org/x/crypto from 0.41.0 to 0.45.0 (#9827) + * chore(deps): bump the common group across 1 directory with 20 updates (#9840) + * feat(image): add Sigstore bundle SBOM support (#9516) + * chore(deps): bump the aws group with 7 updates (#9691) + * test(k8s): update k8s integrtion test (#9725) + * chore(deps): bump github.com/containerd/containerd from 1.7.28 to 1.7.29 (#9764) + * feat(sbom): add support for SPDX attestations (#9829) + * docs(misconf): Remove duplicate sections (#9819) + * feat(misconf): Update Azure network schema for new checks (#9791) + * feat(misconf): Update AppService schema (#9792) + * fix(misconf): ensure boolean metadata values are correctly interpreted (#9770) + * feat(misconf): support https_traffic_only_enabled in Az storage account (#9784) + * docs: restructure docs for new hosting (#9799) + * docs(server): fix info about scanning licenses on the client side. (#9805) + * ci: remove unused preinstalled software/images for build tests to free up disk space. (#9814) + * feat(report): add fingerprint generation for vulnerabilities (#9794) + * chore: trigger the trivy-www workflow (#9737) + * fix: update all documentation links (#9777) + * feat(suse): Add new openSUSE, Micro and SLES releases end of life dates (#9788) + * test(go): set `GOPATH` for tests (#9785) + * feat(flag): add `--cacert` flag (#9781) + * fix(misconf): handle unsupported experimental flags in Dockerfile (#9769) + * test(go): refactor mod_test.go to use txtar format (#9775) + * docs: Fix typos and linguistic errors in documentation / hacktoberfest (#9586) + * chore(deps): bump github.com/opencontainers/selinux from 1.12.0 to 1.13.0 (#9778) + * chore(deps): bump github.com/containerd/containerd/v2 from 2.1.4 to 2.1.5 (#9763) + * fix(java): use `true` as default value for Repository Release|Snapshot Enabled in pom.xml and settings.xml files (#9751) + * docs: add info that `SSL_CERT_FILE` works on `Unix systems other than macOS` only (#9772) + * docs: change SecObserve URLs in documentatio (#9771) + * feat(db): enable concurrent access to vulnerability database (#9750) + * feat(misconf): add agentpools to azure container schema (#9714) + * feat(report): switch ReportID from UUIDv4 to UUIDv7 (#9749) + * feat(misconf): Update Azure Compute schema (#9675) + * feat(misconf): Update azure storage schema (#9728) + * feat(misconf): Update SecurityCenter schema (#9674) + * feat(image): pass global context to docker/podman image save func (#9733) + * chore(deps): bump the github-actions group with 4 updates (#9739) + * fix(flag): remove viper.SetDefault to fix IsSet() for config-only flags (#9732) + * feat(license): use separate SPDX ids to ignore SPDX expressions (#9087) + * feat(dotnet): add dependency graph support for .deps.json files (#9726) + * feat(misconf): Add support for configurable Rego error limit (#9657) + * feat(misconf): Add RoleAssignments attribute (#9396) + * feat(report): add image reference to report metadata (#9729) + * fix(os): Add photon 5.0 in supported OS (#9724) + * fix(license): handle SPDX WITH exceptions as single license in category detection (#9380) + * refactor: add case-insensitive string set implementation (#9720) + * feat: include registry and repository in artifact ID calculation (#9689) + * feat(java): add support remote repositories from settings.xml files (#9708) + * fix(sbom): don’t panic on SBOM format if scanned CycloneDX file has empty metadata (#9562) + * docs: update vulnerability reporting guidelines in SECURITY.md (#9395) + * docs: add info about `java-db` subdir (#9706) + * fix(report): correct field order in SARIF license results (#9712) + * test: improve golden file management in integration tests (#9699) + * ci: get base_sha using base.ref (#9704) + * refactor(misconf): mark AVDID fields as deprecated and use ID internally (#9576) + * fix(nodejs): fix npmjs parser.pkgNameFromPath() panic issue (#9688) + * fix: close all opened resources if an error occurs (#9665) + * refactor(misconf): type-safe parser results in generic scanner (#9685) + * feat(image): add RepoTags support for Docker archives (#9690) + * chore(deps): bump github.com/quic-go/quic-go from 0.52.0 to 0.54.1 (#9694) + * feat(misconf): Update Azure Container Schema (#9673) + * ci: use merge commit for apidiff to avoid false positives (#9622) + * feat(misconf): include map key in manifest snippet for diagnostics (#9681) + * refactor(misconf): add ManifestFromYAML for unified manifest parsing (#9680) + * test: update golden files for TestRepository* integration tests (#9684) + * refactor(cli): Update the cloud config command (#9676) + * fix(sbom): add `buildInfo` info as properties (#9683) + * feat: add ReportID field to scan reports (#9670) + * docs: add vulnerability database contribution guide (#9667) + * feat(cli): Add trivy cloud suppport (#9637) + * feat: add ArtifactID field to uniquely identify scan targets (#9663) + * fix(nodejs): use the default ID format to match licenses in pnpm packages. (#9661) + * feat(sbom): use SPDX license IDs list to validate SPDX IDs (#9569) + * fix: use context for analyzers (#9538) + * chore(deps): bump the docker group with 3 updates (#9545) + * chore(deps): bump the aws group with 6 updates (#9547) + * ci(helm): bump Trivy version to 0.67.2 for Trivy Helm Chart 0.19.1 (#9641) + * test(helm): bump up Yamale dependency for Helm chart-testing-action (#9653) + * fix: Trim the end-of-range suffix (#9618) + * test(k8s): use a specific bundle for k8s misconfig scan (#9633) + * fix: Use `fetch-level: 1` to check out trivy-repo in the release workflow (#9636) + * refactor: move the aws config (#9617) + * fix(license): don't normalize `unlicensed` licenses into `unlicense` (#9611) + * fix: using SrcVersion instead of Version for echo detector (#9552) + * feat(fs): change artifact type to repository when git info is detected (#9613) + * fix: add `buildInfo` for `BlobInfo` in `rpc` package (#9608) + * fix(vex): don't use reused BOM (#9604) + * ci: use pull_request_target for apidiff workflow to support fork PRs (#9605) + * fix: restore compatibility for google.protobuf.Value (#9559) + * ci: add API diff workflow (#9600) + * chore(deps): update to module-compatible docker-credential-gcr/v2 (#9591) + * docs: improve documentation for scanning raw IaC configurations (#9571) + * feat: allow ignoring findings by type in Rego (#9578) + * docs: bump pygments from 2.18.0 to 2.19.2 (#9596) + * refactor(misconf): add ID to scan.Rule (#9573) + * fix(java): update order for resolving package fields from multiple demManagement (#9575) + * chore(deps): bump the github-actions group across 1 directory with 9 updates (#9563) + * chore(deps): bump the common group across 1 directory with 7 updates (#9590) + * chore(deps): Switch to go-viper/mapstructure (#9579) + * chore: add context to the cache interface (#9565) + * ci(helm): bump Trivy version to 0.67.0 for Trivy Helm Chart 0.19.0 (#9554) + * fix: validate backport branch name (#9548) + +------------------------------------------------------------------- Old: ---- trivy-0.67.2.tar.zst New: ---- trivy-0.68.1.tar.zst ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.kzFjHQ/_old 2025-12-03 14:15:21.029713775 +0100 +++ /var/tmp/diff_new_pack.kzFjHQ/_new 2025-12-03 14:15:21.033713944 +0100 @@ -17,7 +17,7 @@ Name: trivy -Version: 0.67.2 +Version: 0.68.1 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 ++++++ _constraints ++++++ --- /var/tmp/diff_new_pack.kzFjHQ/_old 2025-12-03 14:15:21.061715125 +0100 +++ /var/tmp/diff_new_pack.kzFjHQ/_new 2025-12-03 14:15:21.065715294 +0100 @@ -2,7 +2,7 @@ <constraints> <hardware> <disk> - <size unit="G">10</size> + <size unit="G">14</size> </disk> </hardware> </constraints> ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.kzFjHQ/_old 2025-12-03 14:15:21.089716307 +0100 +++ /var/tmp/diff_new_pack.kzFjHQ/_new 2025-12-03 14:15:21.093716476 +0100 @@ -1,5 +1,5 @@ -mtime: 1762785671 -commit: 164877c6629cb2e90213000c34f05c349a050b059b858659c8e8dc8c72e8c662 +mtime: 1764757918 +commit: 9be48396ff34661becca0a625465081e14bcc00512524f8c5226658c82082fac url: https://src.opensuse.org/dirkmueller/trivy.git revision: factory ++++++ _service ++++++ --- /var/tmp/diff_new_pack.kzFjHQ/_old 2025-12-03 14:15:21.117717488 +0100 +++ /var/tmp/diff_new_pack.kzFjHQ/_new 2025-12-03 14:15:21.117717488 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="manual"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.67.2</param> + <param name="revision">v0.68.1</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.kzFjHQ/_old 2025-12-03 14:15:21.141718501 +0100 +++ /var/tmp/diff_new_pack.kzFjHQ/_new 2025-12-03 14:15:21.145718670 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">60c57ad5ad7f270cecb51dff2dbf4d680114f6f8</param></service></servicedata> + <param name="changesrevision">96290ae3fb1d974fd2f9ec7e37cee43f6b7f1511</param></service></servicedata> (No newline at EOF) ++++++ build.specials.obscpio ++++++ ++++++ build.specials.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/.gitignore new/.gitignore --- old/.gitignore 1970-01-01 01:00:00.000000000 +0100 +++ new/.gitignore 2025-12-03 11:32:07.000000000 +0100 @@ -0,0 +1 @@ +.osc ++++++ trivy-0.67.2.tar.zst -> trivy-0.68.1.tar.zst ++++++ /work/SRC/openSUSE:Factory/trivy/trivy-0.67.2.tar.zst /work/SRC/openSUSE:Factory/.trivy.new.14147/trivy-0.68.1.tar.zst differ: char 7, line 1 ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/trivy/vendor.tar.zst /work/SRC/openSUSE:Factory/.trivy.new.14147/vendor.tar.zst differ: char 7, line 1
