Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package kbom for openSUSE:Factory checked in at 2026-05-30 22:58:35 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/kbom (Old) and /work/SRC/openSUSE:Factory/.kbom.new.1937 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "kbom" Sat May 30 22:58:35 2026 rev:5 rq:1356006 version:0.3.4 Changes: -------- --- /work/SRC/openSUSE:Factory/kbom/kbom.changes 2024-10-30 17:34:53.693409797 +0100 +++ /work/SRC/openSUSE:Factory/.kbom.new.1937/kbom.changes 2026-05-30 23:01:25.932397297 +0200 @@ -1,0 +2,12 @@ +Sat May 30 06:59:16 UTC 2026 - Johannes Kastl <[email protected]> + +- Update to version 0.3.4 (no releases between .1 and this one): + * Do not push docker image + * Ignore unsupported windows/arm build target + * Fail on high + * Update deps + * FIx linter + * Bump go version, fix vulnerabilities + * Update homebrew tap repo name to rad-security/homebrew + +------------------------------------------------------------------- Old: ---- kbom-0.3.1.obscpio New: ---- kbom-0.3.4.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ kbom.spec ++++++ --- /var/tmp/diff_new_pack.LiHNME/_old 2026-05-30 23:01:26.952439230 +0200 +++ /var/tmp/diff_new_pack.LiHNME/_new 2026-05-30 23:01:26.956439394 +0200 @@ -1,7 +1,7 @@ # # spec file for package kbom # -# Copyright (c) 2024 SUSE LLC +# Copyright (c) 2026 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,7 +17,7 @@ Name: kbom -Version: 0.3.1 +Version: 0.3.4 Release: 0 Summary: Kubernetes Bill of Materials License: Apache-2.0 @@ -26,7 +26,7 @@ Source1: vendor.tar.gz BuildRequires: bash-completion BuildRequires: fish -BuildRequires: go >= 1.22 +BuildRequires: go1.26 >= 1.26.0 BuildRequires: zsh %description ++++++ _service ++++++ --- /var/tmp/diff_new_pack.LiHNME/_old 2026-05-30 23:01:26.992440874 +0200 +++ /var/tmp/diff_new_pack.LiHNME/_new 2026-05-30 23:01:26.996441038 +0200 @@ -1,9 +1,9 @@ <services> <service name="obs_scm" mode="manual"> - <param name="url">https://github.com/rad-security/kbom</param> + <param name="url">https://github.com/rad-security/kbom.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="revision">v0.3.1</param> + <param name="revision">refs/tags/v0.3.4</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.LiHNME/_old 2026-05-30 23:01:27.020442025 +0200 +++ /var/tmp/diff_new_pack.LiHNME/_new 2026-05-30 23:01:27.028442354 +0200 @@ -3,6 +3,8 @@ <param name="url">https://github.com/ksoclabs/kbom</param> <param name="changesrevision">5873ff285776c931b4158b76c91074620589d16f</param></service><service name="tar_scm"> <param name="url">https://github.com/rad-security/kbom</param> - <param name="changesrevision">02a85545f3b04f2383db211509d3d180950318da</param></service></servicedata> + <param name="changesrevision">02a85545f3b04f2383db211509d3d180950318da</param></service><service name="tar_scm"> + <param name="url">https://github.com/rad-security/kbom.git</param> + <param name="changesrevision">6fe6f781b9f4c708282e36bfc27f1d742379a8d0</param></service></servicedata> (No newline at EOF) ++++++ kbom-0.3.1.obscpio -> kbom-0.3.4.obscpio ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/ISSUE_TEMPLATE/config.yml new/kbom-0.3.4/.github/ISSUE_TEMPLATE/config.yml --- old/kbom-0.3.1/.github/ISSUE_TEMPLATE/config.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/ISSUE_TEMPLATE/config.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,5 +0,0 @@ -blank_issues_enabled: true -contact_links: - - name: Ask a question - url: https://github.com/rad-security/kbom/discussions - about: Please ask and answer questions here. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/build.yml new/kbom-0.3.4/.github/workflows/build.yml --- old/kbom-0.3.1/.github/workflows/build.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/build.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,65 +0,0 @@ -name: build - -on: - pull_request: - -jobs: - version: - runs-on: ubuntu-latest - if: startsWith(github.head_ref, 'renovate') == false - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Detect Version for Docker - id: docker-version - run: echo "VERSION=$(SEP="-" scripts/version)" >> $GITHUB_OUTPUT - - name: Detect Version - id: version - run: echo "VERSION=$(scripts/version)" >> $GITHUB_OUTPUT - outputs: - docker-version: ${{ steps.docker-version.outputs.VERSION }} - version: ${{ steps.version.outputs.VERSION }} - - build: - runs-on: ubuntu-latest - needs: - - version - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - # Force version to solve cache restore issue: https://github.com/actions/setup-go/issues/506 - go-version: 1.23.2 - check-latest: true # https://github.com/actions/setup-go#check-latest-version - cache: true # https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs - - - name: Build - run: go build -race ./... - - - name: Install GoReleaser - uses: goreleaser/goreleaser-action@v5 - with: - version: latest - install-only: true - - - name: Snapshot - run: make snapshot - env: - GORELEASER_CURRENT_TAG: ${{ needs.version.outputs.docker-version }} - - - name: Grype scan - id: scan - uses: anchore/scan-action@v5 - with: - path: "." - fail-build: true - severity-cutoff: medium - output-format: sarif - - - name: Upload SARIF report - uses: github/codeql-action/upload-sarif@v3 - with: - sarif_file: ${{ steps.scan.outputs.sarif }} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/dco.yml new/kbom-0.3.4/.github/workflows/dco.yml --- old/kbom-0.3.1/.github/workflows/dco.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/dco.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,10 +0,0 @@ -name: DCO Check - -on: - pull_request: - -jobs: - check: - runs-on: ubuntu-latest - steps: - - uses: KineticCafe/actions-dco@v1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/golangci-lint.yml new/kbom-0.3.4/.github/workflows/golangci-lint.yml --- old/kbom-0.3.1/.github/workflows/golangci-lint.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/golangci-lint.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,27 +0,0 @@ -name: golangci-lint - -on: - pull_request: - -permissions: - contents: read - -jobs: - golangci: - name: lint - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '1.23' - check-latest: true # https://github.com/actions/setup-go#check-latest-version - cache: true # https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs - - - name: golangci-lint - uses: golangci/golangci-lint-action@v6 - with: - version: v1.60.3 - args: --timeout=5m diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/release.yml new/kbom-0.3.4/.github/workflows/release.yml --- old/kbom-0.3.1/.github/workflows/release.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/release.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,85 +0,0 @@ -name: release - -on: - push: - tags: - - "v*" - workflow_call: - secrets: - PERSONAL_ACCESS_TOKEN: - required: true - PUBLIC_GCR_JSON_KEY: - required: true - -permissions: - contents: write # needed to write releases - id-token: write # needed for keyless signing - -jobs: - version: - runs-on: ubuntu-latest - if: startsWith(github.head_ref, 'renovate') == false - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - name: Detect Version for Docker - id: docker-version - run: echo "VERSION=$(SEP="-" scripts/version)" >> $GITHUB_OUTPUT - - name: Detect Version - id: version - run: echo "VERSION=$(scripts/version)" >> $GITHUB_OUTPUT - outputs: - docker-version: ${{ steps.docker-version.outputs.VERSION }} - version: ${{ steps.version.outputs.VERSION }} - - goreleaser: - timeout-minutes: 90 - runs-on: ubuntu-latest - needs: - - version - env: - SUMMARY: ${{ needs.version.outputs.docker-version }} - VERSION: ${{ needs.version.outputs.version }} - steps: - - name: Checkout - uses: actions/checkout@v4 - with: - fetch-depth: 0 - - - name: Set up Go - uses: actions/setup-go@v5 - with: - go-version: '1.23' - check-latest: true # https://github.com/actions/setup-go#check-latest-version - cache: true # https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs - - - uses: sigstore/cosign-installer@v3 - - uses: anchore/sbom-action/download-syft@v0 - - - name: Login to GCR - uses: docker/login-action@v3 - with: - registry: us.gcr.io - username: _json_key - password: ${{ secrets.PUBLIC_GCR_JSON_KEY }} - - - name: Install GoReleaser - uses: goreleaser/goreleaser-action@v5 - with: - version: latest - install-only: true - - - name: Generate SBOM - uses: CycloneDX/gh-gomod-generate-sbom@v2 - with: - args: mod -licenses -json -output bom.json - version: ^v1 - - - name: Release - if: startsWith(github.ref , 'refs/tags/v') == true - run: make release - env: - GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} - HOMEBREW_TAP_GITHUB_TOKEN: ${{ secrets.PERSONAL_ACCESS_TOKEN }} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/scan.yml new/kbom-0.3.4/.github/workflows/scan.yml --- old/kbom-0.3.1/.github/workflows/scan.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/scan.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,37 +0,0 @@ -name: scan - -on: - workflow_dispatch: - push: - branches: [ main ] - pull_request: - branches: [ main ] - schedule: - - cron: '18 10 * * 3' - -permissions: - contents: read - -jobs: - scan-codeql: - runs-on: ubuntu-latest - permissions: - security-events: write - steps: - - name: Checkout repository - uses: actions/checkout@v4 - - name: Setup Go - uses: actions/setup-go@v5 - with: - go-version: 1.23.x - cache-dependency-path: | - **/go.sum - **/go.mod - - name: Initialize CodeQL - uses: github/codeql-action/init@v3 - with: - languages: go - - name: Autobuild - uses: github/codeql-action/autobuild@v3 - - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.github/workflows/test.yml new/kbom-0.3.4/.github/workflows/test.yml --- old/kbom-0.3.1/.github/workflows/test.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.github/workflows/test.yml 1970-01-01 01:00:00.000000000 +0100 @@ -1,19 +0,0 @@ -name: test - -on: - pull_request: - -jobs: - test: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v4 - - - uses: actions/setup-go@v5 - with: - go-version: '1.23' - check-latest: true # https://github.com/actions/setup-go#check-latest-version - cache: true # https://github.com/actions/setup-go#caching-dependency-files-and-build-outputs - - - name: Test - run: go test -race ./... diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.gitignore new/kbom-0.3.4/.gitignore --- old/kbom-0.3.1/.gitignore 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.gitignore 1970-01-01 01:00:00.000000000 +0100 @@ -1,17 +0,0 @@ -# Directories -vendor -release -archive - -# Files -.envrc - -# KBOM Binaries -/kbom* - -# BOM file -bom.json - -# Coverage -coverage.out -coverage_report.html diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.golangci.yml new/kbom-0.3.4/.golangci.yml --- old/kbom-0.3.1/.golangci.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.golangci.yml 2026-05-22 20:00:54.000000000 +0200 @@ -1,76 +1,83 @@ -linters-settings: - dupl: - threshold: 110 - funlen: - lines: 100 - statements: 50 - goconst: - min-len: 2 - min-occurrences: 3 - gocritic: - enabled-tags: - - diagnostic - - experimental - - opinionated - - performance - - style - disabled-checks: - - dupImport # https://github.com/go-critic/go-critic/issues/845 - - ifElseChain - - octalLiteral - - whyNoLint - gocyclo: - min-complexity: 15 - goimports: - local-prefixes: github.com/rad-security - golint: - min-confidence: 0 - lll: - line-length: 140 - maligned: - suggest-new: true - misspell: - locale: US - +version: "2" linters: - # please, do not use `enable-all`: it's deprecated and will be removed soon. - # inverted configuration with `enable-all` and `disable` is not scalable during updates of golangci-lint - disable-all: true + default: none enable: - - bodyclose - - dogsled - - dupl - - errcheck - - exportloopref - - funlen - - goconst - - gocritic - - gocyclo - - gofmt - - goimports - - goprintffuncname - - gosec - - gosimple - - govet - - ineffassign - - lll - - misspell - - nakedret - - noctx - - nolintlint - - staticcheck - - stylecheck - - typecheck - - unconvert - - unparam - - unused - - whitespace - -issues: - exclude-rules: - - path: _test\.go - linters: - - funlen - -run: - timeout: 2m + - bodyclose + - copyloopvar + - dogsled + - dupl + - errcheck + - funlen + - goconst + - gocritic + - gocyclo + - goprintffuncname + - gosec + - govet + - ineffassign + - lll + - misspell + - nakedret + - noctx + - nolintlint + - staticcheck + - unconvert + - unparam + - unused + - whitespace + settings: + dupl: + threshold: 110 + funlen: + lines: 100 + statements: 50 + goconst: + min-len: 2 + min-occurrences: 3 + gocritic: + disabled-checks: + - dupImport + - ifElseChain + - octalLiteral + - whyNoLint + enabled-tags: + - diagnostic + - experimental + - opinionated + - performance + - style + gocyclo: + min-complexity: 15 + lll: + line-length: 140 + misspell: + locale: US + exclusions: + generated: lax + presets: + - comments + - common-false-positives + - legacy + - std-error-handling + rules: + - linters: + - funlen + path: _test\.go + paths: + - third_party$ + - builtin$ + - examples$ +formatters: + enable: + - gofmt + - goimports + settings: + goimports: + local-prefixes: + - github.com/rad-security + exclusions: + generated: lax + paths: + - third_party$ + - builtin$ + - examples$ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/.goreleaser.yml new/kbom-0.3.4/.goreleaser.yml --- old/kbom-0.3.1/.goreleaser.yml 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/.goreleaser.yml 2026-05-22 20:00:54.000000000 +0200 @@ -30,6 +30,8 @@ ignore: - goos: darwin goarch: "386" + - goos: windows + goarch: arm ldflags: - -X "{{.Env.CFG_PACKAGE_NAME}}.AppName=kbom" - -X "{{.Env.CFG_PACKAGE_NAME}}.AppVersion={{.Env.VERSION}}" @@ -73,28 +75,13 @@ brews: - repository: owner: rad-security - name: homebrew-kbom + name: homebrew homepage: "https://github.com/rad-security/kbom"; description: "The Kubernetes Bill of Materials (KBOM) standard provides insight into container orchestration tools widely used across the industry." license: "Apache 2" test: | system "#{bin}/kbom", "version" -dockers: - - goos: linux - goarch: amd64 - dockerfile: build/package/Dockerfile.gorelease - image_templates: - - us.gcr.io/{{.Env.GCR_ORG}}/{{.Env.APP_NAME}}:{{- if .IsSnapshot -}}{{ .Env.VERSION }}{{- else -}}{{ .Tag }}{{- end -}} - build_flag_templates: - - "--pull" - - "--label=org.opencontainers.image.created={{.Date}}" - - "--label=org.opencontainers.image.title={{.ProjectName}}" - - "--label=org.opencontainers.image.revision={{.FullCommit}}" - - "--label=org.opencontainers.image.version={{.Version}}" - - "--label=org.opencontainers.image.source=https://{{.Env.PACKAGE_NAME}}"; - - "--platform=linux/amd64" - checksum: name_template: "checksums.txt" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/README.md new/kbom-0.3.4/README.md --- old/kbom-0.3.1/README.md 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/README.md 2026-05-22 20:00:54.000000000 +0200 @@ -13,10 +13,13 @@ ## Getting Started +### Download KBOM +If you prefer to download the binary, you can do so from the [releases page](https://github.com/rad-security/kbom/releases). + ### Installation ```sh -brew install rad-security/homebrew-kbom/kbom +brew install rad-security/homebrew/kbom ``` or diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/build/package/Dockerfile.gorelease new/kbom-0.3.4/build/package/Dockerfile.gorelease --- old/kbom-0.3.1/build/package/Dockerfile.gorelease 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/build/package/Dockerfile.gorelease 2026-05-22 20:00:54.000000000 +0200 @@ -1,4 +1,4 @@ -FROM alpine:3.20.0 +FROM alpine:3.23 RUN mkdir /app diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/go.mod new/kbom-0.3.4/go.mod --- old/kbom-0.3.1/go.mod 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/go.mod 2026-05-22 20:00:54.000000000 +0200 @@ -1,6 +1,6 @@ module github.com/rad-security/kbom -go 1.23 +go 1.26 require ( github.com/CycloneDX/cyclonedx-go v0.7.2 @@ -14,7 +14,7 @@ github.com/spf13/pflag v1.0.5 github.com/spf13/viper v1.18.2 github.com/stretchr/testify v1.9.0 - golang.org/x/term v0.20.0 + golang.org/x/term v0.43.0 gopkg.in/yaml.v3 v3.0.1 k8s.io/api v0.29.0 k8s.io/apimachinery v0.30.1 @@ -23,7 +23,7 @@ require ( github.com/bahlo/generic-list-go v0.2.0 // indirect - github.com/buger/jsonparser v1.1.1 // indirect + github.com/buger/jsonparser v1.2.0 // indirect github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect github.com/emicklei/go-restful/v3 v3.11.0 // indirect github.com/fsnotify/fsnotify v1.7.0 // indirect @@ -61,12 +61,11 @@ go.uber.org/atomic v1.9.0 // indirect go.uber.org/multierr v1.9.0 // indirect golang.org/x/exp v0.0.0-20230905200255-921286631fa9 // indirect - golang.org/x/net v0.23.0 // indirect - golang.org/x/oauth2 v0.15.0 // indirect - golang.org/x/sys v0.20.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/net v0.55.0 // indirect + golang.org/x/oauth2 v0.36.0 // indirect + golang.org/x/sys v0.45.0 // indirect + golang.org/x/text v0.37.0 // indirect golang.org/x/time v0.5.0 // indirect - google.golang.org/appengine v1.6.7 // indirect google.golang.org/protobuf v1.33.0 // indirect gopkg.in/inf.v0 v0.9.1 // indirect gopkg.in/ini.v1 v1.67.0 // indirect diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/go.sum new/kbom-0.3.4/go.sum --- old/kbom-0.3.1/go.sum 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/go.sum 2026-05-22 20:00:54.000000000 +0200 @@ -6,8 +6,8 @@ github.com/bahlo/generic-list-go v0.2.0/go.mod h1:2KvAjgMlE5NNynlg/5iLrrCCZ2+5xWbdbCW3pNTGyYg= github.com/bradleyjkemp/cupaloy/v2 v2.8.0 h1:any4BmKE+jGIaMpnU8YgH/I2LPiLBufr6oMMlVBbn9M= github.com/bradleyjkemp/cupaloy/v2 v2.8.0/go.mod h1:bm7JXdkRd4BHJk9HpwqAI8BoAY1lps46Enkdqw6aRX0= -github.com/buger/jsonparser v1.1.1 h1:2PnMjfWD7wBILjqQbt530v576A/cAbQvEW9gGIpYMUs= -github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= +github.com/buger/jsonparser v1.2.0 h1:4EFcvK1kD4jyj6YqNK6skK6w+y7FHHBR+XBCtxwu/6g= +github.com/buger/jsonparser v1.2.0/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0= github.com/coreos/go-systemd/v22 v22.5.0/go.mod h1:Y58oyj3AT4RCenI/lSvhwexgC+NSVTIJ3seZv2GcEnc= github.com/cpuguy83/go-md2man/v2 v2.0.3/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o= github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= @@ -36,7 +36,6 @@ github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.5.4 h1:i7eJL8qZTpSEXOPTxNKhASYpMn+8e5Q6AdndVa1dWek= github.com/golang/protobuf v1.5.4/go.mod h1:lnTiLA8Wa4RWRcIUkrtSVa5nRhsEGBg48fD6rSs7xps= github.com/google/gnostic-models v0.6.8 h1:yo/ABAfM5IMRsS1VnXjTBvUb61tFIHozhlYvRgGre9I= @@ -162,14 +161,13 @@ golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= -golang.org/x/oauth2 v0.15.0 h1:s8pnnxNVzjWyrvYdFUQq5llS1PX2zhPXmccZv99h7uQ= -golang.org/x/oauth2 v0.15.0/go.mod h1:q48ptWNTY5XWf+JNten23lcvHpLJ0ZSxF5ttTHKVCAM= +golang.org/x/net v0.55.0 h1:bcvxaJn3e1U6InsFWt1JUq1aSjnRxLzT2rtD2KfkDF8= +golang.org/x/net v0.55.0/go.mod h1:L5U2KuzuOe1lY7Z+aWVIKK6qEeJXnXV9yzGA+WCHJww= +golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs= +golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -179,29 +177,26 @@ golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= -golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= -golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= +golang.org/x/sys v0.45.0 h1:dO4czNzziLiiXplLQgBCEpCvXQ3dnkn0SdaZSYdQ+FY= +golang.org/x/sys v0.45.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= +golang.org/x/term v0.43.0 h1:S4RLU2sB31O/NCl+zFN9Aru9A/Cq2aqKpTZJ6B+DwT4= +golang.org/x/term v0.43.0/go.mod h1:lrhlHNdQJHO+1qVYiHfFKVuVioJIheAc3fBSMFYEIsk= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.37.0 h1:Cqjiwd9eSg8e0QAkyCaQTNHFIIzWtidPahFWR83rTrc= +golang.org/x/text v0.37.0/go.mod h1:a5sjxXGs9hsn/AJVwuElvCAo9v8QYLzvavO5z2PiM38= golang.org/x/time v0.5.0 h1:o7cqy6amK/52YcAKIPlM3a+Fpj35zvRj2TP+e1xFSfk= golang.org/x/time v0.5.0/go.mod h1:3BpzKBy/shNhVucY/MWOyx10tF3SFh9QdLuxbVysPQM= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ= -golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg= +golang.org/x/tools v0.44.0 h1:UP4ajHPIcuMjT1GqzDWRlalUEoY+uzoZKnhOjbIPD2c= +golang.org/x/tools v0.44.0/go.mod h1:KA0AfVErSdxRZIsOVipbv3rQhVXTnlU6UhKxHd1seDI= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v1.33.0 h1:uNO2rsAINq/JlFpSdYEKIZ0uKD/R9cpdv0T+yoGwGmI= google.golang.org/protobuf v1.33.0/go.mod h1:c6P6GXX6sHbq/GpV6MGZEdwhWPcYBgnhAHhKbcUYpos= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/kbom-0.3.1/internal/kube/kube.go new/kbom-0.3.4/internal/kube/kube.go --- old/kbom-0.3.1/internal/kube/kube.go 2024-10-28 16:20:33.000000000 +0100 +++ new/kbom-0.3.4/internal/kube/kube.go 2026-05-22 20:00:54.000000000 +0200 @@ -230,10 +230,7 @@ return nil, err } - controlPlane := false - if namespace == "kube-system" { - controlPlane = true - } + controlPlane := namespace == "kube-system" res := &model.Image{ FullName: img, ++++++ kbom.obsinfo ++++++ --- /var/tmp/diff_new_pack.LiHNME/_old 2026-05-30 23:01:27.196449260 +0200 +++ /var/tmp/diff_new_pack.LiHNME/_new 2026-05-30 23:01:27.204449589 +0200 @@ -1,5 +1,5 @@ name: kbom -version: 0.3.1 -mtime: 1730128833 -commit: 02a85545f3b04f2383db211509d3d180950318da +version: 0.3.4 +mtime: 1779472854 +commit: 6fe6f781b9f4c708282e36bfc27f1d742379a8d0 ++++++ vendor.tar.gz ++++++ /work/SRC/openSUSE:Factory/kbom/vendor.tar.gz /work/SRC/openSUSE:Factory/.kbom.new.1937/vendor.tar.gz differ: char 5, line 1
