Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package trivy for openSUSE:Factory checked
in at 2022-09-19 16:03:24
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/trivy (Old)
and /work/SRC/openSUSE:Factory/.trivy.new.2083 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy"
Mon Sep 19 16:03:24 2022 rev:34 rq:1004582 version:0.32.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2022-09-05
21:22:23.773195543 +0200
+++ /work/SRC/openSUSE:Factory/.trivy.new.2083/trivy.changes 2022-09-19
16:03:27.782170603 +0200
@@ -1,0 +2,55 @@
+Mon Sep 19 07:17:00 UTC 2022 - dmuel...@suse.com
+
+- Update to version 0.32.0:
+ * docs: add Rekor SBOM attestation scanning (#2893)
+ * chore: narrow the owner scope (#2894)
+ * fix: remove a patch number from the recommendation link (#2891)
+ * fix: enable parsing of UUID-only rekor entry ID (#2887)
+ * docs(sbom): add SPDX scanning (#2885)
+ * docs: restructure docs and add tutorials (#2883)
+ * feat(sbom): scan sbom attestation in the rekor record (#2699)
+ * feat(k8s): support outdated-api (#2877)
+ * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
+ * fix(c): support revisions in Conan parser (#2878)
+ * feat: dynamic links support for scan results (#2838)
+ * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
+ * docs: update archlinux commands (#2876)
+ * feat(secret): add line from dockerfile where secret was added to secret
result (#2780)
+ * feat(sbom): Add unmarshal for spdx (#2868)
+ * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
+ * fix: revert asff arn and add documentation (#2852)
+ * docs: batch-import-findings limit (#2851)
+ * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
+ * feat(sbom): Add marshal for spdx (#2867)
+ * build: checkout before setting up Go (#2873)
+ * chore: bump Go to 1.19 (#2861)
+ * docs: azure doc and trivy (#2869)
+ * fix: Scan tarr'd dependencies (#2857)
+ * chore(helm): helm test with ingress (#2630)
+ * feat(report): add secrets to sarif format (#2820)
+ * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
+ * refactor: add a new interface for initializing analyzers (#2835)
+ * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)
+ * fix: update ProductArn with account id (#2782)
+ * feat(helm): make cache TTL configurable (#2798)
+ * build(): Sign releaser artifacts, not only container manifests (#2789)
+ * chore: improve doc about azure devops (#2795)
+ * chore(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (#2804)
+ * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#2825)
+ * docs: don't push patch versions (#2824)
+ * feat: add support for conan.lock file (#2779)
+ * feat: cache merged layers
+ * chore(deps): bump helm/chart-testing-action from 2.2.1 to 2.3.0 (#2805)
+ * chore(deps): bump actions/cache from 3.0.5 to 3.0.8 (#2806)
+ * chore(deps): bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 (#2811)
+ * chore(deps): bump github.com/aquasecurity/table from 1.7.2 to 1.8.0 (#2810)
+ * chore(deps): bump github.com/samber/lo from 1.27.0 to 1.27.1 (#2808)
+ * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.22.0 to 2.23.0
(#2814)
+ * feat: add support for gradle.lockfile (#2759)
+ * chore(mod): updates wazero to 1.0.0-pre.1 #2791
+ * feat: move file patterns to a global level to be able to use it on any
analyzer (#2539)
+ * Fix url validaton failures (#2783)
+ * fix(image): add logic to detect empty layers (#2790)
+ * feat(rust): add dependency graph from Rust binaries (#2771)
+
+-------------------------------------------------------------------
Old:
----
trivy-0.31.3.tar.gz
New:
----
trivy-0.32.0.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ trivy.spec ++++++
--- /var/tmp/diff_new_pack.tetOvl/_old 2022-09-19 16:03:33.786186642 +0200
+++ /var/tmp/diff_new_pack.tetOvl/_new 2022-09-19 16:03:33.790186652 +0200
@@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
-Version: 0.31.3
+Version: 0.32.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
@@ -28,7 +28,7 @@
Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang-packaging
-BuildRequires: golang(API) = 1.18
+BuildRequires: golang(API) = 1.19
Requires: ca-certificates
Requires: git-core
Requires: rpm
++++++ _service ++++++
--- /var/tmp/diff_new_pack.tetOvl/_old 2022-09-19 16:03:33.826186749 +0200
+++ /var/tmp/diff_new_pack.tetOvl/_new 2022-09-19 16:03:33.826186749 +0200
@@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
- <param name="revision">v0.31.3</param>
+ <param name="revision">v0.32.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.tetOvl/_old 2022-09-19 16:03:33.846186802 +0200
+++ /var/tmp/diff_new_pack.tetOvl/_new 2022-09-19 16:03:33.850186813 +0200
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
- <param
name="changesrevision">db67f16ac6a8a1b880c29b5ef0ac9ec49da5c566</param></service></servicedata>
+ <param
name="changesrevision">585985edb30fcd2ff60a90ad31c0aeb7ea4d445f</param></service></servicedata>
(No newline at EOF)
++++++ trivy-0.31.3.tar.gz -> trivy-0.32.0.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/trivy-0.31.3.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.2083/trivy-0.32.0.tar.gz differ: char 12,
line 1
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/trivy/vendor.tar.gz
/work/SRC/openSUSE:Factory/.trivy.new.2083/vendor.tar.gz differ: char 5, line 1
