commit grype-db for openSUSE:Factory

Source-Sync Fri, 30 Jan 2026 09:26:42 -0800

Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package grype-db for openSUSE:Factory 
checked in at 2026-01-30 18:25:49
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/grype-db (Old)
 and      /work/SRC/openSUSE:Factory/.grype-db.new.1995 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Package is "grype-db"

Fri Jan 30 18:25:49 2026 rev:28 rq:1329951 version:0.50.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/grype-db/grype-db.changes        2026-01-28 
15:17:07.770927082 +0100
+++ /work/SRC/openSUSE:Factory/.grype-db.new.1995/grype-db.changes      
2026-01-30 18:26:08.651267396 +0100
@@ -1,0 +2,12 @@
+Fri Jan 30 06:25:15 UTC 2026 - Johannes Kastl 
<[email protected]>
+
+- Update to version 0.50.0:
+  * Added Features
+    - prepare to receive erlang data [#855 @willmurphyscode]
+  * Additional Changes
+    - Add Secureos mappings ahead of enabling provider [#857
+      @willmurphyscode]
+  * Dependencies
+    - chore(deps): update anchore dependencies (#858)
+
+-------------------------------------------------------------------

Old:
----
  grype-db-0.49.0.obscpio

New:
----
  grype-db-0.50.0.obscpio

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ grype-db.spec ++++++
--- /var/tmp/diff_new_pack.z6ieeF/_old  2026-01-30 18:26:11.431384111 +0100
+++ /var/tmp/diff_new_pack.z6ieeF/_new  2026-01-30 18:26:11.431384111 +0100
@@ -17,7 +17,7 @@
 
 
 Name:           grype-db
-Version:        0.49.0
+Version:        0.50.0
 Release:        0
 Summary:        A vulnerability scanner for container images and filesystems
 License:        Apache-2.0

++++++ _service ++++++
--- /var/tmp/diff_new_pack.z6ieeF/_old  2026-01-30 18:26:11.479386126 +0100
+++ /var/tmp/diff_new_pack.z6ieeF/_new  2026-01-30 18:26:11.479386126 +0100
@@ -3,7 +3,7 @@
     <param name="url">https://github.com/anchore/grype-db</param>
     <param name="scm">git</param>
     <param name="exclude">.git</param>
-    <param name="revision">v0.49.0</param>
+    <param name="revision">v0.50.0</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.z6ieeF/_old  2026-01-30 18:26:11.503387134 +0100
+++ /var/tmp/diff_new_pack.z6ieeF/_new  2026-01-30 18:26:11.507387302 +0100
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/anchore/grype-db</param>
-              <param 
name="changesrevision">5629471685a768ffa129ec75b77df5a591022782</param></service></servicedata>
+              <param 
name="changesrevision">ebc5f8151645415711407e8edc248df8c89d5195</param></service></servicedata>
 (No newline at EOF)
 

++++++ grype-db-0.49.0.obscpio -> grype-db-0.50.0.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-db-0.49.0/go.mod new/grype-db-0.50.0/go.mod
--- old/grype-db-0.49.0/go.mod  2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/go.mod  2026-01-30 00:06:00.000000000 +0100
@@ -8,9 +8,9 @@
        github.com/acarl005/stripansi v0.0.0-20180116102854-5a71ef0e047d
        github.com/adrg/xdg v0.5.3
        github.com/anchore/go-logger v0.0.0-20250318195838-07ae343dd722
-       github.com/anchore/grype v0.106.0
+       github.com/anchore/grype v0.107.0
        github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115
-       github.com/anchore/syft v1.41.0
+       github.com/anchore/syft v1.41.1
        github.com/araddon/dateparse v0.0.0-20210429162001-6b43995a97de
        github.com/dave/jennifer v1.7.1
        github.com/dustin/go-humanize v1.0.1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/grype-db-0.49.0/go.sum new/grype-db-0.50.0/go.sum
--- old/grype-db-0.49.0/go.sum  2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/go.sum  2026-01-30 00:06:00.000000000 +0100
@@ -152,14 +152,14 @@
 github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod 
h1:6dK64g27Qi1qGQZ67gFmBFvEHScy0/C8qhQhNe5B5pQ=
 github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4 
h1:rmZG77uXgE+o2gozGEBoUMpX27lsku+xrMwlmBZJtbg=
 github.com/anchore/go-version v1.2.2-0.20210903204242-51efa5b487c4/go.mod 
h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E=
-github.com/anchore/grype v0.106.0 
h1:mzsdv52krUw4fUVGBldkVc05rwKZ2CMts5368qXoMmQ=
-github.com/anchore/grype v0.106.0/go.mod 
h1:RqcBZWmonvAxhmAOxqukvvAW2S6RVQdCW3/PnlaDPsc=
+github.com/anchore/grype v0.107.0 
h1:7uzKfPikWG5EIDOWG+vHn8s1eGlDggR2WYHxHW0qxVM=
+github.com/anchore/grype v0.107.0/go.mod 
h1:pA3mape0QNEI+beNfjS3LXtnUfJgk3zVvOR1FYIlE8Y=
 github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115 
h1:ZyRCmiEjnoGJZ1+Ah0ZZ/mKKqNhGcUZBl0s7PTTDzvY=
 github.com/anchore/packageurl-go v0.1.1-0.20250220190351-d62adb6e1115/go.mod 
h1:KoYIv7tdP5+CC9VGkeZV4/vGCKsY55VvoG+5dadg4YI=
 github.com/anchore/stereoscope v0.1.19 
h1:1G5LVmRN1Sz6qNezpVAEeN7QfWwCE9zw9TJK1ZGnkvw=
 github.com/anchore/stereoscope v0.1.19/go.mod 
h1:+laNHlk05xA2YqgEzq8mxkFzclL3NRdeNIsiQQVeZZ4=
-github.com/anchore/syft v1.41.0 h1:OyiSnf4OpkwSnDMK+9D/ZNJymtzzdZ2VokjwAmpNlrA=
-github.com/anchore/syft v1.41.0/go.mod 
h1:vrE06rTzgwrHB3T7fh83S/M555rpxy/olUG5c+oVcoU=
+github.com/anchore/syft v1.41.1 h1:lUoEi/ICCSe8eqDmwwG7Kw6brVT20Ap5OmiqWlmddAg=
+github.com/anchore/syft v1.41.1/go.mod 
h1:vrE06rTzgwrHB3T7fh83S/M555rpxy/olUG5c+oVcoU=
 github.com/andreyvit/diff v0.0.0-20170406064948-c7f18ee00883/go.mod 
h1:rCTlJbsFo29Kk6CurOXKm700vrz8f0KW0JNfpkRJY/8=
 github.com/andybalholm/brotli v1.2.0 
h1:ukwgCxwYrmACq68yiUqwIWnGY0cTPox/M94sVwToPjQ=
 github.com/andybalholm/brotli v1.2.0/go.mod 
h1:rzTDkvFWvIrjDXZHkuS16NPggd91W3kUSvPlQ1pLaKY=
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/grype-db-0.49.0/pkg/process/v5/transformers/github/transform.go 
new/grype-db-0.50.0/pkg/process/v5/transformers/github/transform.go
--- old/grype-db-0.49.0/pkg/process/v5/transformers/github/transform.go 
2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/pkg/process/v5/transformers/github/transform.go 
2026-01-30 00:06:00.000000000 +0100
@@ -30,8 +30,8 @@
                switch feedGroupLang {
                case "nuget":
                        syftLanguage = syftPkg.Dotnet
-               case "github-action":
-                       // we don't want to error out on this, but grype at 
this version does not support github-action matching
+               case "github-action", "erlang":
+                       // we don't want to error out on this, but grype at 
this version does not support these ecosystems
                        return nil, errSkip
                default:
                        return nil, fmt.Errorf("unable to determine grype 
namespace for enterprise namespace=%s", group)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/grype-db-0.49.0/pkg/process/v5/transformers/os/transform.go 
new/grype-db-0.50.0/pkg/process/v5/transformers/os/transform.go
--- old/grype-db-0.49.0/pkg/process/v5/transformers/os/transform.go     
2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/pkg/process/v5/transformers/os/transform.go     
2026-01-30 00:06:00.000000000 +0100
@@ -24,6 +24,12 @@
 
        // Currently known enterprise feed groups are expected to be of the 
form {distroID}:{version}
        feedGroupDistroID := feedGroupComponents[0]
+
+       // secureos is not supported in the grype v5 schema, so the records 
should be dropped entirely
+       if feedGroupDistroID == "secureos" {
+               return nil, nil
+       }
+
        d, ok := distro.IDMapping[feedGroupDistroID]
        if !ok {
                return nil, fmt.Errorf("unable to determine grype namespace for 
enterprise namespace=%s", group)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/grype-db-0.49.0/pkg/process/v6/transformers/github/transform.go 
new/grype-db-0.50.0/pkg/process/v6/transformers/github/transform.go
--- old/grype-db-0.49.0/pkg/process/v6/transformers/github/transform.go 
2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/pkg/process/v6/transformers/github/transform.go 
2026-01-30 00:06:00.000000000 +0100
@@ -219,6 +219,8 @@
                return pkg.SwiftPkg
        case "rubygems", "ruby", "gem":
                return pkg.GemPkg
+       case "erlang", "hex", "elixir":
+               return pkg.HexPkg
        case "apk":
                return pkg.ApkPkg
        case "rpm":
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' 
old/grype-db-0.49.0/pkg/process/v6/transformers/os/transform.go 
new/grype-db-0.50.0/pkg/process/v6/transformers/os/transform.go
--- old/grype-db-0.49.0/pkg/process/v6/transformers/os/transform.go     
2026-01-27 17:17:39.000000000 +0100
+++ new/grype-db-0.50.0/pkg/process/v6/transformers/os/transform.go     
2026-01-30 00:06:00.000000000 +0100
@@ -244,7 +244,7 @@
                return pkg.RpmPkg
        case "ubuntu", "debian", "echo":
                return pkg.DebPkg
-       case "alpine", "chainguard", "wolfi", "minimos":
+       case "alpine", "chainguard", "wolfi", "minimos", "secureos":
                return pkg.ApkPkg
        case "windows":
                return pkg.KbPkg

++++++ grype-db.obsinfo ++++++
--- /var/tmp/diff_new_pack.z6ieeF/_old  2026-01-30 18:26:21.551808988 +0100
+++ /var/tmp/diff_new_pack.z6ieeF/_new  2026-01-30 18:26:21.583810331 +0100
@@ -1,5 +1,5 @@
 name: grype-db
-version: 0.49.0
-mtime: 1769530659
-commit: 5629471685a768ffa129ec75b77df5a591022782
+version: 0.50.0
+mtime: 1769727960
+commit: ebc5f8151645415711407e8edc248df8c89d5195
 

++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/grype-db/vendor.tar.gz 
/work/SRC/openSUSE:Factory/.grype-db.new.1995/vendor.tar.gz differ: char 134, 
line 1

commit grype-db for openSUSE:Factory

Reply via email to