Script 'mail_helper' called by obssrc
Hello community,

here is the log from the commit of package trivy for openSUSE:Factory checked 
in at 2026-07-06 12:29:02
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
 and      /work/SRC/openSUSE:Factory/.trivy.new.1982 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "trivy"

Mon Jul  6 12:29:02 2026 rev:96 rq:1363713 version:0.72.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes      2026-06-30 
15:12:02.537216227 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.1982/trivy.changes    2026-07-06 
12:30:40.343932658 +0200
@@ -1,0 +2,50 @@
+Fri Jul 03 15:12:16 UTC 2026 - Dirk Müller <[email protected]>
+
+- Update to version 0.72.0:
+  * release: v0.72.0 [main] (#10782)
+  * test: close plugin manager in tests cleanup (#10904)
+  * Merge commit from fork
+  * feat(bottlerocket): add vulnerability matching for Bottlerocket OS (#10893)
+  * fix(misconf): support github_repository_vulnerability_alerts resource 
(#10680)
+  * feat(java): detect JAR licenses from packaged LICENSE files (#10856)
+  * fix(nodejs): parse project dependencies from multi-document pnpm-lock.yaml 
(#10861)
+  * fix(server): propagate package repository class in client/server mode 
(#10874)
+  * chore(deps): bump github.com/containerd/containerd/v2 from 2.3.1 to 2.3.2 
(#10888)
+  * fix(vuln): fall back to UNKNOWN severity when vulnerability details are 
missing (#10795)
+  * feat(java): detect JAR licenses from the embedded pom.xml (#10851)
+  * chore(deps): Upgrade github.com/cenkalti/backoff to v6 (#10863)
+  * ci(helm): bump Trivy version to 0.71.2 for Trivy Helm Chart 0.23.2 (#10873)
+  * chore(deps): bump alpine to 3.24.1 (#10868)
+  * docs: fix article typo in plugin developer guide (#10860)
+  * feat(misconf): Adds CloudFront standard logging v2 support to AVD-AWS-0010 
(#10848)
+  * docs: fix typos (#10857)
+  * fix(terraform): avoid data race on global getter.Getters in remote module 
resolver (#10843)
+  * feat(secret): support new stateless format for GitHub App installation 
tokens (#10826)
+  * fix: correct format verbs in diagnostic messages (#10805)
+  * ci(helm): bump Trivy version to 0.71.1 for Trivy Helm Chart 0.23.1 (#10845)
+  * refactor: use ParseErrorsAllowlist instead of ParseErrorsWhitelist (#10830)
+  * docs: fix repository scan heading typo (#10828)
+  * Merge commit from fork
+  * fix: forward ospkg detector options through ospkg.NewScanner (#10811)
+  * chore(deps): bump github.com/bufbuild/buf to v1.70.0 (#10801)
+  * fix(vex): load VEX documents from within the repository directory (#10820)
+  * ci!: migrate docker config to dockers_v2 (#10783)
+  * feat(dotnet): detect bundled runtime in self-contained deployments (#10786)
+  * feat(secret): add OpenAI secret detection rules (#10798)
+  * ci: expect GitHub App bot as backport PR author (#10813)
+  * fix: surface the original analysis error instead of context cancellation 
(#10793)
+  * chore(deps): bump the github-actions group across 1 directory with 11 
updates (#10803)
+  * chore(deps): bump the common group with 4 updates (#10797)
+  * chore(deps): bump the aws group with 4 updates (#10796)
+  * fix: use random suffix for process temp directory instead of PID (#10431)
+  * docs: update signature verification for deb and rpm packages (#10784)
+  * fix(image): lookup origin layer for custom resources in merged layers 
(#10788)
+  * test: fix flaky containerd integration test (#10760)
+  * ci: bump GoReleaser to v2.16.0 (#10774)
+  * docs: fix broken nixpkgs reference link in installation guide (#10776)
+  * test(java): force offline-scan for client/server integration tests (#10721)
+  * fix(image): deterministic OS package deduplication for images with 
embedded SBOMs (#10777)
+  * fix(spdx): guard against nil root component in SPDX marshaler (#10771)
+  * ci(helm): bump Trivy version to 0.71.0 for Trivy Helm Chart 0.23.0 (#10768)
+
+-------------------------------------------------------------------

Old:
----
  trivy-0.71.2.tar.zst

New:
----
  trivy-0.72.0.tar.zst

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.fW9Ib2/_old  2026-07-06 12:30:41.855985135 +0200
+++ /var/tmp/diff_new_pack.fW9Ib2/_new  2026-07-06 12:30:41.859985274 +0200
@@ -17,7 +17,7 @@
 
 
 Name:           trivy
-Version:        0.71.2
+Version:        0.72.0
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0

++++++ _scmsync.obsinfo ++++++
--- /var/tmp/diff_new_pack.fW9Ib2/_old  2026-07-06 12:30:41.911987079 +0200
+++ /var/tmp/diff_new_pack.fW9Ib2/_new  2026-07-06 12:30:41.915987218 +0200
@@ -1,5 +1,5 @@
-mtime: 1782681094
-commit: 662df950767b4edf03c2c1b137e1565aee87cb2b29c480062b998d72975eedc0
+mtime: 1783092272
+commit: 5a953208a3ef381606b133be161da5eef075018a696318cf37ece0cacf3c0217
 url: https://src.opensuse.org/dirkmueller/trivy.git
 revision: factory
 

++++++ _service ++++++
--- /var/tmp/diff_new_pack.fW9Ib2/_old  2026-07-06 12:30:41.939988051 +0200
+++ /var/tmp/diff_new_pack.fW9Ib2/_new  2026-07-06 12:30:41.943988189 +0200
@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="manual">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.71.2</param>
+    <param name="revision">v0.72.0</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>
@@ -16,7 +16,6 @@
   </service>
   <service name="go_modules" mode="manual">
     <param name="compression">zst</param>
-    <param 
name="replace">github.com/containerd/containerd/v2=github.com/containerd/containerd/[email protected]</param>
   </service>
 </services>
 

++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.fW9Ib2/_old  2026-07-06 12:30:41.967989022 +0200
+++ /var/tmp/diff_new_pack.fW9Ib2/_new  2026-07-06 12:30:41.971989161 +0200
@@ -1,6 +1,6 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param 
name="changesrevision">055a5c8a53bfd61f7a8e276a5b2f0c3fc1673420</param></service></servicedata>
+              <param 
name="changesrevision">8a32853686209a428179bb3a1688802b25691564</param></service></servicedata>
 (No newline at EOF)
 

++++++ build.specials.obscpio ++++++

++++++ build.specials.obscpio ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' 
'--exclude=.svnignore' old/.gitignore new/.gitignore
--- old/.gitignore      1970-01-01 01:00:00.000000000 +0100
+++ new/.gitignore      2026-07-03 17:24:32.000000000 +0200
@@ -0,0 +1 @@
+.osc

++++++ trivy-0.71.2.tar.zst -> trivy-0.72.0.tar.zst ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.71.2.tar.zst 
/work/SRC/openSUSE:Factory/.trivy.new.1982/trivy-0.72.0.tar.zst differ: char 7, 
line 1

++++++ vendor.tar.zst ++++++
/work/SRC/openSUSE:Factory/trivy/vendor.tar.zst 
/work/SRC/openSUSE:Factory/.trivy.new.1982/vendor.tar.zst differ: char 7, line 1

Reply via email to