Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package syft for openSUSE:Factory checked in
at 2024-01-07 21:40:16
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/syft (Old)
and /work/SRC/openSUSE:Factory/.syft.new.28375 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "syft"
Sun Jan 7 21:40:16 2024 rev:58 rq:1137361 version:0.100.0
Changes:
--------
--- /work/SRC/openSUSE:Factory/syft/syft.changes 2023-12-22
22:42:02.565560669 +0100
+++ /work/SRC/openSUSE:Factory/.syft.new.28375/syft.changes 2024-01-07
21:40:28.540397487 +0100
@@ -1,0 +2,22 @@
+Sat Jan 06 15:26:12 UTC 2024 - andrea.manz...@suse.com
+
+- Update to version 0.100.0:
+ * Add ability to extend the binaries cataloguers (#2469)
+ * chore(deps): bump anchore/sbom-action from 0.15.1 to 0.15.2
+ (#2464)
+ * fix: add missing purl for busybox (#2457)
+ * Fix diff error obfuscating binary test failures message (#2468)
+ * Replace `packages` command with `scan` (#2446)
+ * fix: PURLs with "nuget" type are dotnet packages (#2466)
+ * chore(deps): update tools to latest versions (#2459)
+ * chore(deps): update CPE dictionary index (#2458)
+ * chore: update binary to -x (#2456)
+ * Add more functionality to the ErLang parser (#2390)
+ * Added OpenSSL binary matcher (#2416)
+ * chore(deps): update stereoscope to
+ 590920dabc5479216e755983d41367b6be3544f3 (#2452)
+ * chore(deps): update tools to latest versions (#2451)
+ * chore(deps): bump github/codeql-action from 3.22.11 to 3.22.12
+ (#2455)
+
+-------------------------------------------------------------------
@@ -7 +29,2 @@
- * fix: don't panic when hackage missing in haskell stack yaml lock (#2448)
+ * fix: don't panic when hackage missing in haskell stack yaml
+ lock (#2448)
@@ -11 +34,2 @@
- * chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 (#2433)
+ * chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0
+ (#2433)
@@ -13,2 +37,4 @@
- * chore(deps): update stereoscope to
4b999b76ca8901d15bb97aef445dc94c38d11d5c (#2440)
- * fix syft-json test to use pretty json for snapshot testing (#2441)
+ * chore(deps): update stereoscope to
+ 4b999b76ca8901d15bb97aef445dc94c38d11d5c (#2440)
+ * fix syft-json test to use pretty json for snapshot testing
+ (#2441)
@@ -16 +42,2 @@
- * refactor javascript cataloger to use configuration options when creating
packages (#2438)
+ * refactor javascript cataloger to use configuration options when
+ creating packages (#2438)
@@ -19,5 +46,10 @@
- * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2 to 0.8.0
(#2413)
- * Look for a maven version in a pom from a parent dependency management
section (#2423)
- * Parse Python licenses from LicenseExpression entry in the Wheel Metadata
(#2431)
- * chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11 (#2430)
- * chore(deps): bump modernc.org/sqlite from 1.27.0 to 1.28.0 (#2429)
+ * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.2
+ to 0.8.0 (#2413)
+ * Look for a maven version in a pom from a parent dependency
+ management section (#2423)
+ * Parse Python licenses from LicenseExpression entry in the Wheel
+ Metadata (#2431)
+ * chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11
+ (#2430)
+ * chore(deps): bump modernc.org/sqlite from 1.27.0 to 1.28.0
+ (#2429)
@@ -25,2 +57,4 @@
- * Parse Python licenses from LicenseFile entry in the Wheel Metadata (#2331)
- * fix: use filepath instead of path for file source exclusions (#2411)
+ * Parse Python licenses from LicenseFile entry in the Wheel
+ Metadata (#2331)
+ * fix: use filepath instead of path for file source exclusions
+ (#2411)
@@ -28,2 +62,4 @@
- * chore(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0 (#2425)
- * chore(deps): bump github/codeql-action from 2.22.9 to 2.22.10 (#2426)
+ * chore(deps): bump github.com/google/uuid from 1.4.0 to 1.5.0
+ (#2425)
+ * chore(deps): bump github/codeql-action from 2.22.9 to 2.22.10
+ (#2426)
@@ -31,4 +67,8 @@
- * feat: add the option to retrieve remote licenses for projects defined in a
maven pom (#2409)
- * chore(deps): bump github/codeql-action from 2.22.8 to 2.22.9 (#2400)
- * chore(deps): bump github.com/saferwall/pe from 1.4.7 to 1.4.8 (#2415)
- * chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to 5.11.0 (#2414)
+ * feat: add the option to retrieve remote licenses for projects
+ defined in a maven pom (#2409)
+ * chore(deps): bump github/codeql-action from 2.22.8 to 2.22.9
+ (#2400)
+ * chore(deps): bump github.com/saferwall/pe from 1.4.7 to 1.4.8
+ (#2415)
+ * chore(deps): bump github.com/go-git/go-git/v5 from 5.10.1 to
+ 5.11.0 (#2414)
@@ -38,4 +78,8 @@
- * fix(java): improve identification for org.codehaus.groovy artifacts (#2404)
- * fix(java): improve identification for commons-jelly artifacts (#2399)
- * fix(java): improve identification for io.minio artifacts (#2398)
- * fix(java): improve identification for com.graphql-java artifacts (#2397)
+ * fix(java): improve identification for org.codehaus.groovy
+ artifacts (#2404)
+ * fix(java): improve identification for commons-jelly artifacts
+ (#2399)
+ * fix(java): improve identification for io.minio artifacts
+ (#2398)
+ * fix(java): improve identification for com.graphql-java
+ artifacts (#2397)
@@ -44,7 +88,14 @@
- * feat: add ability to retrieve remote licenses for yarn.lock (#2338)
- * chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 (#2392)
- * Retrieve remote licenses using pom.properties when there is no pom.xml
(#2315)
- * fix(java): improve identification for org.apache.tapestry artifacts (#2384)
- * fix(java): improve identification for io.ratpack artifacts (#2379)
- * fix(java): improve identification for org.apache.cassandra artifacts
(#2386)
- * fix(java): improve identification for org.neo4j.procedure artifacts (#2388)
+ * feat: add ability to retrieve remote licenses for yarn.lock
+ (#2338)
+ * chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1
+ (#2392)
+ * Retrieve remote licenses using pom.properties when there is no
+ pom.xml (#2315)
+ * fix(java): improve identification for org.apache.tapestry
+ artifacts (#2384)
+ * fix(java): improve identification for io.ratpack artifacts
+ (#2379)
+ * fix(java): improve identification for org.apache.cassandra
+ artifacts (#2386)
+ * fix(java): improve identification for org.neo4j.procedure
+ artifacts (#2388)
@@ -52,5 +103,10 @@
- * fix(java): improve identification for org.elasticsearch artifacts (#2383)
- * fix(java): improve identification for org.apache.geode artifacts (#2382)
- * fix(java): improve identification for org.apache.tomcat.embed artifacts
(#2381)
- * fix(java): improve identification for io.projectreactor.netty artifacts
(#2378)
- * fix(java): improve identification for org.eclipse.platform artifacts
(#2349)
+ * fix(java): improve identification for org.elasticsearch
+ artifacts (#2383)
+ * fix(java): improve identification for org.apache.geode
+ artifacts (#2382)
+ * fix(java): improve identification for org.apache.tomcat.embed
+ artifacts (#2381)
+ * fix(java): improve identification for io.projectreactor.netty
+ artifacts (#2378)
+ * fix(java): improve identification for org.eclipse.platform
+ artifacts (#2349)
@@ -59 +115,2 @@
- * chore(deps): bump github.com/google/go-containerregistry (#2377)
+ * chore(deps): bump github.com/google/go-containerregistry
+ (#2377)
Old:
----
syft-0.99.0.obscpio
New:
----
syft-0.100.0.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ syft.spec ++++++
--- /var/tmp/diff_new_pack.jTJ5Uy/_old 2024-01-07 21:40:30.512469222 +0100
+++ /var/tmp/diff_new_pack.jTJ5Uy/_new 2024-01-07 21:40:30.512469222 +0100
@@ -1,7 +1,7 @@
#
# spec file for package syft
#
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -19,7 +19,7 @@
%define __arch_install_post export NO_BRP_STRIP_DEBUG=true
Name: syft
-Version: 0.99.0
+Version: 0.100.0
Release: 0
Summary: CLI tool and library for generating a Software Bill of
Materials
License: Apache-2.0
++++++ _service ++++++
--- /var/tmp/diff_new_pack.jTJ5Uy/_old 2024-01-07 21:40:30.536470095 +0100
+++ /var/tmp/diff_new_pack.jTJ5Uy/_new 2024-01-07 21:40:30.540470240 +0100
@@ -3,7 +3,7 @@
<param name="url">https://github.com/anchore/syft</param>
<param name="scm">git</param>
<param name="exclude">.git</param>
- <param name="revision">v0.99.0</param>
+ <param name="revision">v0.100.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="changesgenerate">enable</param>
<param name="versionrewrite-pattern">v(.*)</param>
++++++ _servicedata ++++++
--- /var/tmp/diff_new_pack.jTJ5Uy/_old 2024-01-07 21:40:30.556470822 +0100
+++ /var/tmp/diff_new_pack.jTJ5Uy/_new 2024-01-07 21:40:30.560470968 +0100
@@ -1,6 +1,6 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/anchore/syft</param>
- <param
name="changesrevision">3cffa0b7fd276a35123c48e45407c4f402f2c58f</param></service></servicedata>
+ <param
name="changesrevision">a16a4ad6c993aaaa1ec502667c215b0e8c8e51ff</param></service></servicedata>
(No newline at EOF)
++++++ syft-0.99.0.obscpio -> syft-0.100.0.obscpio ++++++
/work/SRC/openSUSE:Factory/syft/syft-0.99.0.obscpio
/work/SRC/openSUSE:Factory/.syft.new.28375/syft-0.100.0.obscpio differ: char
49, line 1
++++++ syft.obsinfo ++++++
--- /var/tmp/diff_new_pack.jTJ5Uy/_old 2024-01-07 21:40:30.592472132 +0100
+++ /var/tmp/diff_new_pack.jTJ5Uy/_new 2024-01-07 21:40:30.592472132 +0100
@@ -1,5 +1,5 @@
name: syft
-version: 0.99.0
-mtime: 1703111669
-commit: 3cffa0b7fd276a35123c48e45407c4f402f2c58f
+version: 0.100.0
+mtime: 1704486727
+commit: a16a4ad6c993aaaa1ec502667c215b0e8c8e51ff
++++++ vendor.tar.gz ++++++
/work/SRC/openSUSE:Factory/syft/vendor.tar.gz
/work/SRC/openSUSE:Factory/.syft.new.28375/vendor.tar.gz differ: char 5, line 1
