Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package syft for openSUSE:Factory checked in
at 2022-09-07 11:06:28
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/syft (Old)
and /work/SRC/openSUSE:Factory/.syft.new.2083 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "syft"
Wed Sep 7 11:06:28 2022 rev:7 rq:1001570 version:0.55.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/syft/syft.changes 2022-07-22
19:21:48.640715118 +0200
+++ /work/SRC/openSUSE:Factory/.syft.new.2083/syft.changes 2022-09-07
11:06:47.288521138 +0200
@@ -1,0 +2,82 @@
+Wed Sep 07 05:42:57 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.55.0:
+ * update stereoscope to latest (#1181)
+ * Update syft bootstrap tools to latest versions. (#1180)
+ * Bug fix for 1095 - syft conversion option error (#1177)
+ * Update syft bootstrap tools to latest versions. (#1176)
+ * enhance development support on macOS ARM (#1163)
+ * Capture if a node module is private (#1161)
+ * Find version numbers from jars with different naming conventions (#1174)
+ * Update syft bootstrap tools to latest versions. (#1171)
+ * Fix update-bootstrap-tools workflow (#1170)
+ * workflow to create automated PRs to update bootstrap tools (#1167)
+ * feat: add support for licenses in package-lock json v2 (#1164)
+ * External sources configuration (#1158)
+ * feat: add support for pnpm (#1166)
+ * Prevent symlinks causing duplicate package-file relationships (#1168)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:38:56 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.54.0:
+ * Associate node package licenses from node_modules (#1152)
+ * Give the contributing guide a substantial rework (#1155)
+ * fix: extract file ids correctly for spdx-json (#1156)
+ * metadata decoding should be optional (#1154)
+ * Update Stereoscope to 84004345484edb881f1cc1d841115da8abda06c3 (#1151)
+ * Add modularitylabel metadata to RPM type records generated by syft (#1148)
+ * Update Stereoscope to 1c79d5c84abcc54466417fcc17c844a4875888a1 (#1149)
+ * retraction for mispublished versions (#1147)
+ * cataloger configuration is respected regardless of source (#1142)
+ * Update README.md (#1146)
+ * bump cosign to v1.10.1 (#1144)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:35:58 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.4:
+ * Update stereoscope to get rid of the replace directive (#1140)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:33:24 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.3:
+ * Correct squashfs import and fix incorrect bouncer configuration (#1138)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:31:12 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.2:
+ * Overwrite deprecated SPDX licenses automatically (#1009)
+ * disable release for docker assets (#1137)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:29:04 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.1:
+ * improve docker release bootstrap (#1136)
+ * Singularity Image Support (#974)
+
+-------------------------------------------------------------------
+Wed Sep 07 05:25:20 UTC 2022 - ka...@b1-systems.de
+
+- Update to version 0.53.0:
+ * remove docker login from keychain (#1135)
+ * remove ENV checks from siging script (#1134)
+ * remove docker assets from main goreleaser configuration to reduce mac-os
runner friction (#1133)
+ * remove prefixed v from tag to match release (#1131)
+ * rollback actions-setup-docker to earlier version (#1130)
+ * Bump go-rustaudit to support rustaudit 0.2.0 (#1127)
+ * bump bouncer to v0.4.0 (#1125)
+ * Added ppc64le supported to the syft:debug image (#1124)
+ * add a cataloger for binaries built with rust-audit (#1116)
+ * bump goreleaser to v1.10.3 (#1123)
+ * bump golangci-lint to v1.47.2 (#1122)
+ * bump cosign in bootstrap-tools to v1.10.0 (#1121)
+ * Added s390x support (#1117)
+ * Delete pr_action.yaml (#1120)
+ * fix: use generic instead of not generating purl (#1119)
+ * bump cosign to v1.10.0 (#1114)
+
+-------------------------------------------------------------------
Old:
----
syft-0.52.0.tar.gz
New:
----
syft-0.55.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ syft.spec ++++++
--- /var/tmp/diff_new_pack.7Dx5EU/_old 2022-09-07 11:06:48.740524829 +0200
+++ /var/tmp/diff_new_pack.7Dx5EU/_new 2022-09-07 11:06:48.744524838 +0200
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
-Version: 0.52.0
+Version: 0.55.0
Release: 0
Summary: CLI tool and library for generating a Software Bill of
Materials
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.7Dx5EU/_old 2022-09-07 11:06:48.776524920 +0200
+++ /var/tmp/diff_new_pack.7Dx5EU/_new 2022-09-07 11:06:48.780524930 +0200
@@ -3,7 +3,7 @@
<param name="url">https://github.com/anchore/syft</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.52.0</param>
+ <param name="revision">v0.55.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
@@ -16,7 +16,7 @@
<param name="compression">gz</param>
</service>
<service name="go_modules" mode="disabled">
- <param name="archive">syft-0.52.0.tar.gz</param>
+ <param name="archive">syft-0.55.0.tar.gz</param>
</service>
</services>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.7Dx5EU/_old 2022-09-07 11:06:48.796524971 +0200
+++ /var/tmp/diff_new_pack.7Dx5EU/_new 2022-09-07 11:06:48.796524971 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/anchore/syft</param>
- <param
name="changesrevision">ba9adb17ebb510a2a3bd2b641738b1d9235e1f3e</param></service></servicedata>
+ <param
name="changesrevision">a7966a4d9d8155be788af33fe5e5af2e40043f82</param></service></servicedata>
(No newline at EOF)
++++++ syft-0.52.0.tar.gz -> syft-0.55.0.tar.gz ++++++
++++ 16378 lines of diff (skipped)
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/syft/vendor.tar.gz
/work/SRC/openSUSE:Factory/.syft.new.2083/vendor.tar.gz differ: char 5, line 1
