SHA256
1
0
forked from pool/trivy

Update to 0.57.1

This commit is contained in:
Christopher Hofmann 2024-12-02 14:15:45 +01:00
parent ee0748bb75
commit aae9ac0477
Signed by: cwh
GPG Key ID: B2E4580999F19163
7 changed files with 115 additions and 10 deletions

View File

@ -2,7 +2,7 @@
<service name="tar_scm" mode="manual">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
<param name="revision">v0.56.2</param>
<param name="revision">v0.57.1</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>

View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="changesrevision">f2252c833d4dee18546577f0c32ceb83c8bf20ae</param></service></servicedata>
<param name="changesrevision">b7947b37ee47ea79dff550462c297164eb47aa9e</param></service></servicedata>

BIN
trivy-0.56.2.tar.zst (Stored with Git LFS)

Binary file not shown.

BIN
trivy-0.57.1.tar.zst (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -1,3 +1,108 @@
-------------------------------------------------------------------
Mon Dec 02 13:10:12 UTC 2024 - cwh@suse.com
- Update to version 0.57.1:
* release: v0.57.1 [release/v0.57] (#7943)
* feat: Update registry fallbacks [backport: release/v0.57] (#7944)
* fix(redhat): don't return error if `root/buildinfo/content_manifests/` contains files that are not `contentSets` files [backport: release/v0.57] (#7939)
* test: change branch in spdx schema link to check in integration tests [backport: release/v0.57] (#7940)
* release: v0.57.0 [main] (#7710)
* chore: lint `errors.Join` (#7845)
* feat(db): append errors (#7843)
* docs(java): add info about supported scopes (#7842)
* docs: add example of creating whitelist of checks (#7821)
* chore(deps): Bump trivy-checks (#7819)
* fix(go): Do not trim v prefix from versions in Go Mod Analyzer (#7733)
* fix(k8s): skip resources without misconfigs (#7797)
* fix(sbom): use `Annotation` instead of `AttributionTexts` for `SPDX` formats (#7811)
* fix(cli): add config name to skip-policy-update alias (#7820)
* fix(helm): properly handle multiple archived dependencies (#7782)
* refactor(misconf): Deprecate `EXCEPTIONS` for misconfiguration scanning (#7776)
* fix(k8s)!: support k8s multi container (#7444)
* fix(k8s): support kubernetes v1.31 (#7810)
* docs: add Windows install instructions (#7800)
* ci(helm): auto public Helm chart after PR merged (#7526)
* feat: add end of life date for Ubuntu 24.10 (#7787)
* feat(report): update gitlab template to populate operating_system value (#7735)
* feat(misconf): Show misconfig ID in output (#7762)
* feat(misconf): export unresolvable field of IaC types to Rego (#7765)
* refactor(k8s): scan config files as a folder (#7690)
* fix(license): fix license normalization for Universal Permissive License (#7766)
* fix: enable usestdlibvars linter (#7770)
* fix(misconf): properly expand dynamic blocks (#7612)
* feat(cyclonedx): add file checksums to `CycloneDX` reports (#7507)
* fix(misconf): fix for Azure Storage Account network acls adaptation (#7602)
* refactor(misconf): simplify k8s scanner (#7717)
* feat(parser): ignore white space in pom.xml files (#7747)
* test: use forked images (#7755)
* fix(java): correctly inherit `version` and `scope` from upper/root `depManagement` and `dependencies` into parents (#7541)
* fix(misconf): check if property is not nil before conversion (#7578)
* fix(misconf): change default ACL of digitalocean_spaces_bucket to private (#7577)
* feat(misconf): ssl_mode support for GCP SQL DB instance (#7564)
* test: define constants for test images (#7739)
* docs: add note about disabled DS016 check (#7724)
* feat(misconf): public network support for Azure Storage Account (#7601)
* feat(cli): rename `trivy auth` to `trivy registry` (#7727)
* docs: apt-transport-https is a transitional package (#7678)
* refactor(misconf): introduce generic scanner (#7515)
* fix(cli): `clean --all` deletes only relevant dirs (#7704)
* feat(cli): add `trivy auth` (#7664)
* fix(sbom): add options for DBs in private registries (#7660)
* docs(report): fix reporting doc format (#7671)
* fix(repo): `git clone` output to Stderr (#7561)
* fix(redhat): include arch in PURL qualifiers (#7654)
* fix(report): Fix invalid URI in SARIF report (#7645)
* docs(report): Improve SARIF reporting doc (#7655)
* fix(db): fix javadb downloading error handling (#7642)
* feat(cli): error out when ignore file cannot be found (#7624)
-------------------------------------------------------------------
Mon Dec 2 13:01:41 UTC 2024 - Christopher Hofmann <cwh@suse.com>
- Update to version 0.57.1:
* Update registry fallbacks [backport: release/v0.57] (#7944) (cd0d128)
* redhat: don't return error if root/buildinfo/content_manifests/ contains files that are not contentSets files [backport: release/v0.57] (#7939) (7dd70dc)
- Update to version 0.57.0:
* BREAKING CHANGES
k8s: support k8s multi container (#7444)
* Features
add end of life date for Ubuntu 24.10 (#7787) (ad3c09e)
cli: add trivy auth (#7664) (27117f8)
cli: error out when ignore file cannot be found (#7624) (cb0b3a9)
cli: rename trivy auth to trivy registry (#7727) (633a7ab)
cyclonedx: add file checksums to CycloneDX reports (#7507) (c225883)
db: append errors (#7843) (5e78b6c)
misconf: export unresolvable field of IaC types to Rego (#7765) (9514148)
misconf: public network support for Azure Storage Account (#7601) (ad91412)
misconf: Show misconfig ID in output (#7762) (f75c0d1)
misconf: ssl_mode support for GCP SQL DB instance (#7564) (2eaa17e)
parser: ignore white space in pom.xml files (#7747) (a7baa93)
report: update gitlab template to populate operating_system value (#7735) (c0d79fa)
* Bug Fixes
cli: clean --all deletes only relevant dirs (#7704) (672e886)
cli: add config name to skip-policy-update alias (#7820) (b661d68)
db: fix javadb downloading error handling (#7642) (2c87f0c)
enable usestdlibvars linter (#7770) (57e24aa)
go: Do not trim v prefix from versions in Go Mod Analyzer (#7733) (e872ec0)
helm: properly handle multiple archived dependencies (#7782) (6fab88d)
java: correctly inherit version and scope from upper/root depManagement and dependencies into parents (#7541) (778df82)
k8s: skip resources without misconfigs (#7797) (7882776)
k8s: support k8s multi container (#7444) (c434775)
k8s: support kubernetes v1.31 (#7810) (7a4f4d8)
license: fix license normalization for Universal Permissive License (#7766) (f6acdf7)
misconf: change default ACL of digitalocean_spaces_bucket to private (#7577) (9da84f5)
misconf: check if property is not nil before conversion (#7578) (c8c14d3)
misconf: fix for Azure Storage Account network acls adaptation (#7602) (35fd018)
misconf: properly expand dynamic blocks (#7612) (8d5dbc9)
redhat: include arch in PURL qualifiers (#7654) (a585e95)
repo: git clone output to Stderr (#7561) (fdf203c)
report: Fix invalid URI in SARIF report (#7645) (015bb88)
sbom: add options for DBs in private registries (#7660) (1f2e91b)
sbom: use Annotation instead of AttributionTexts for SPDX formats (#7811) (f2bb9c6)
-------------------------------------------------------------------
Wed Oct 23 12:47:45 UTC 2024 - dmueller@suse.com

View File

@ -1,7 +1,7 @@
#
# spec file for package trivy
#
# Copyright (c) 2023 SUSE LLC
# Copyright (c) 2024 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@ -17,7 +17,7 @@
Name: trivy
Version: 0.56.2
Version: 0.57.1
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
@ -25,9 +25,9 @@ Group: System/Management
URL: https://github.com/aquasecurity/trivy
Source: %{name}-%{version}.tar.zst
Source1: vendor.tar.zst
BuildRequires: golang(API) = 1.22
BuildRequires: golang-packaging
BuildRequires: zstd
BuildRequires: golang(API) = 1.22
Requires: ca-certificates
Requires: git-core
Requires: rpm

BIN
vendor.tar.zst (Stored with Git LFS)

Binary file not shown.