Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2023-04-17 17:41:01 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.2023 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Mon Apr 17 17:41:01 2023 rev:50 rq:1079785 version:0.40.0 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2023-04-03 18:11:15.061613956 +0200 +++ /work/SRC/openSUSE:Factory/.trivy.new.2023/trivy.changes 2023-04-17 17:41:04.930145409 +0200 @@ -1,0 +2,52 @@ +Sun Apr 16 18:05:08 UTC 2023 - dmuel...@suse.com + +- Update to version 0.40.0: + * feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026) + * chore(deps): bump actions/stale from 7 to 8 (#3955) + * fix: return insecure option to download javadb (#4064) + * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052) + * ci: add gpg signing for RPM packages (#4056) + * fix(k8s): current context title (#4055) + * fix(k8s): quit support on k8s progress bar (#4021) + * chore: add a note about Dockerfile.canary (#4050) + * ci: fix path to canary binaries (#4045) + * fix(vuln): report architecture for debian packages (#4032) + * feat: add support for Chainguard's commercial distro (#3641) + * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979) + * fix(vuln): fix error message for remote scanners (#4031) + * feat(report): add image metadata to SARIF (#4020) + * docs: fix broken cache link on Installation page (#3999) + * fix: lock downloading policies and database (#4017) + * fix: avoid concurrent access to the global map (#4014) + * feat(rust): add Cargo.lock v3 support (#4012) + * feat: auth support oci download server subcommand (#4008) + * chore(deps): bump github.com/docker/docker (#4009) + * chore: install.sh support for armv7 (#3985) + * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961) + +------------------------------------------------------------------- +Thu Apr 13 08:10:58 UTC 2023 - dmuel...@suse.com + +- Update to version 0.39.1: + * fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997) + * fix(sbom): fix infinite loop for cyclonedx (#3998) + * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954) + * fix: use warning for errors from enrichment files for post-analyzers (#3972) + * chore(deps): bump github.com/docker/docker (#3963) + * fix(helm): added annotation to psp configurable from values (#3893) + * chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962) + * fix(secret): update built-in rule `tests` (#3855) + * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957) + * test: rewrite scripts in Go (#3968) + * docs(cli): Improve glob documentation (#3945) + * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959) + * ci: check CLI references (#3967) + * chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951) + * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956) + * chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958) + * chore(deps): bump actions/setup-go from 3 to 4 (#3953) + * chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950) + * chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965) + * chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964) + +------------------------------------------------------------------- Old: ---- trivy-0.39.0.tar.zst New: ---- trivy-0.40.0.tar.zst ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.tfLqdW/_old 2023-04-17 17:41:08.746167711 +0200 +++ /var/tmp/diff_new_pack.tfLqdW/_new 2023-04-17 17:41:08.754167758 +0200 @@ -14,12 +14,10 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # -# nodebuginfo -%global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.39.0 +Version: 0.40.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 @@ -46,17 +44,13 @@ %prep %setup -qa1 -%autopatch -p1 %build -%goprep %{goipath} - export CGO_ENABLED=0 - -%gobuild -mod vendor -ldflags "-X=main.version=%{version}" cmd/trivy +go build -o trivy -mod=vendor -buildmode=pie -trimpath -ldflags "-s -w -X=main.version=%{version}" cmd/trivy/main.go %install -%goinstall +install -D -m 755 trivy %{buildroot}/%{_bindir}/%{name} %files %license LICENSE ++++++ _service ++++++ --- /var/tmp/diff_new_pack.tfLqdW/_old 2023-04-17 17:41:08.810168085 +0200 +++ /var/tmp/diff_new_pack.tfLqdW/_new 2023-04-17 17:41:08.814168108 +0200 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="disabled"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.39.0</param> + <param name="revision">v0.40.0</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.tfLqdW/_old 2023-04-17 17:41:08.838168248 +0200 +++ /var/tmp/diff_new_pack.tfLqdW/_new 2023-04-17 17:41:08.838168248 +0200 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">ed590966a3efdaf6cbb48e34bfb36ea0884e45d8</param></service></servicedata> + <param name="changesrevision">b43b19ba54cbf30adfaf98febccef033701a1df3</param></service></servicedata> (No newline at EOF) ++++++ vendor.tar.zst ++++++ Binary files /var/tmp/diff_new_pack.tfLqdW/_old and /var/tmp/diff_new_pack.tfLqdW/_new differ
