Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package trivy for openSUSE:Factory checked in at 2023-12-06 23:48:47 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/trivy (Old) and /work/SRC/openSUSE:Factory/.trivy.new.25432 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "trivy" Wed Dec 6 23:48:47 2023 rev:60 rq:1131309 version:0.48.0 Changes: -------- --- /work/SRC/openSUSE:Factory/trivy/trivy.changes 2023-11-08 22:20:34.977466262 +0100 +++ /work/SRC/openSUSE:Factory/.trivy.new.25432/trivy.changes 2023-12-06 23:49:24.081829242 +0100 @@ -1,0 +2,61 @@ +Wed Dec 06 10:00:18 UTC 2023 - dmuel...@suse.com + +- Update to version 0.48.0: + * chore(deps): bump sigstore/cosign-installer from 4a861528be5e691840a69536975ada1d4c30349d to 1fc5bd396d372bee37d608f955b336615edf79c8 (#5696) + * chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.1 (#5694) + * feat: filter k8s core components vuln results (#5713) + * feat(vuln): remove duplicates in Fixed Version (#5596) + * feat(report): output plugin (#4863) + * chore(deps): bump alpine from 3.18.4 to 3.18.5 (#5700) + * chore(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 (#5704) + * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.10.1 (#5699) + * chore(deps): bump actions/github-script from 6 to 7 (#5697) + * chore(deps): bump easimon/maximize-build-space from 8 to 9 (#5695) + * docs: typo in modules.md (#5712) + * feat: Add flag to configure node-collector image ref (#5710) + * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.1 to 1.9.0 (#5702) + * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.31.0 (#5698) + * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 (#5706) + * feat(misconf): Add `--misconfig-scanners` option (#5670) + * chore: bump Go to 1.21 (#5662) + * feat: Packagesprops support (#5605) + * chore(deps): Bump up trivy misconf deps (#5656) + * docs: update adopters discussion template (#5632) + * docs: terraform tutorial links updated to point to correct loc (#5661) + * fix(secret): add `sec` and space to secret prefix for `aws-secret-access-key` (#5647) + * fix(nodejs): support protocols for dependency section in yarn.lock files (#5612) + * fix(secret): exclude upper case before secret for `alibaba-access-key-id` (#5618) + * docs: Update Arch Linux package URL in installation.md (#5619) + * chore: add prefix to image errors (#5601) + * docs(vuln): fix link anchor (#5606) + * docs: Add Dagger integration section and cleanup Ecosystem CICD docs page (#5608) + * fix: k8s friendly error messages kbom non cluster scans (#5594) + * feat: set InstalledFiles for DEB and RPM packages (#5488) + * fix(report): use time.Time for CreatedAt (#5598) + * test: retry containerd initialization (#5597) + * feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550) + * test: mock VM walker (#5589) + * chore: bump node-collector v0.0.9 (#5591) + * feat(misconf): Add support for `--cf-params` for CFT (#5507) + * feat(flag): replace '--slow' with '--parallel' (#5572) + * fix(report): add escaping for Sarif format (#5568) + * chore: show a deprecation notice for `--scanners config` (#5587) + * feat(report): Add CreatedAt to the JSON report. (#5542) (#5549) + * test: mock RPM DB (#5567) + * feat: add aliases to '--scanners' (#5558) + * refactor: reintroduce output writer (#5564) + * chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#5543) + * chore: not load plugins for auto-generating docs (#5569) + * chore: sort supported AWS services (#5570) + * fix: no schedule toleration (#5562) + * fix(cli): set correct `scanners` for `k8s` target (#5561) + * fix(sbom): add `FilesAnalyzed` and `PackageVerificationCode` fields for SPDX (#5533) + * refactor(misconf): Update refactored dependencies (#5245) + * feat(secret): add built-in rule for JWT tokens (#5480) + * fix: trivy k8s parse ecr image with arn (#5537) + * fix: fail k8s resource scanning (#5529) + * refactor(misconf): don't remove Highlighted in json format (#5531) + * docs(k8s): fix link in kubernetes.md (#5524) + * docs(k8s): fix whitespace in list syntax (#5525) + +------------------------------------------------------------------- Old: ---- trivy-0.47.0.tar.zst New: ---- trivy-0.48.0.tar.zst ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ trivy.spec ++++++ --- /var/tmp/diff_new_pack.UzgkN8/_old 2023-12-06 23:49:25.629886288 +0100 +++ /var/tmp/diff_new_pack.UzgkN8/_new 2023-12-06 23:49:25.629886288 +0100 @@ -17,7 +17,7 @@ Name: trivy -Version: 0.47.0 +Version: 0.48.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 ++++++ _scmsync.obsinfo ++++++ --- /var/tmp/diff_new_pack.UzgkN8/_old 2023-12-06 23:49:25.661887467 +0100 +++ /var/tmp/diff_new_pack.UzgkN8/_new 2023-12-06 23:49:25.665887614 +0100 @@ -1,5 +1,5 @@ -mtime: 1699461074 -commit: e7076f0971c7963534b0ad701267258c921d4720 +mtime: 1701858137 +commit: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c url: https://src.opensuse.org/dirkmueller/trivy.git -revision: e7076f0971c7963534b0ad701267258c921d4720 +revision: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c ++++++ _service ++++++ --- /var/tmp/diff_new_pack.UzgkN8/_old 2023-12-06 23:49:25.685888351 +0100 +++ /var/tmp/diff_new_pack.UzgkN8/_new 2023-12-06 23:49:25.685888351 +0100 @@ -2,7 +2,7 @@ <service name="tar_scm" mode="manual"> <param name="url">https://github.com/aquasecurity/trivy</param> <param name="scm">git</param> - <param name="revision">v0.47.0</param> + <param name="revision">v0.48.0</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="changesgenerate">enable</param> ++++++ _servicedata ++++++ --- /var/tmp/diff_new_pack.UzgkN8/_old 2023-12-06 23:49:25.705889089 +0100 +++ /var/tmp/diff_new_pack.UzgkN8/_new 2023-12-06 23:49:25.709889236 +0100 @@ -1,6 +1,6 @@ <servicedata> <service name="tar_scm"> <param name="url">https://github.com/aquasecurity/trivy</param> - <param name="changesrevision">d6df5fbcda878e43e5e02484304726ebe7c6c418</param></service></servicedata> + <param name="changesrevision">f2aa9bf3eb31468921491a071be60e9de8fd10bf</param></service></servicedata> (No newline at EOF) ++++++ vendor.tar.zst ++++++ Binary files /var/tmp/diff_new_pack.UzgkN8/_old and /var/tmp/diff_new_pack.UzgkN8/_new differ
