1
0
forked from pool/trivy
trivy/trivy.spec

68 lines
2.3 KiB
RPMSpec
Raw Permalink Normal View History

#
# spec file for package trivy
#
- Update to version 0.36.0: * docs: improve compliance docs (#3340) * feat(deps): add yarn lock dependency tree (#3348) * fix: compliance change id and title naming (#3349) * feat: add support for mix.lock files for elixir language (#3328) * feat: add k8s cis bench (#3315) * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322) * revert: cache merged layers (#3334) * feat(cyclonedx): add recommendation (#3336) * feat(ubuntu): added support ubuntu ESM versions (#1893) * fix: change logic to build relative paths for skip-dirs and skip-files (#3331) * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265) * feat: Adding support for Windows testing (#3037) * feat: add support for Alpine 3.17 (#3319) * docs: change PodFile.lock to Podfile.lock (#3318) * fix(sbom): support for the detection of old CycloneDX predicate type (#3316) * feat(secret): Use .trivyignore for filtering secret scanning result (#3312) * chore(go): remove experimental FS API usage in Wasm (#3299) * ci: add workflow to add issues to roadmap project (#3292) * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275) * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250) * feat(sbom): better support for third-party SBOMs (#3262) * docs: add information about languages with support for dependency locations (#3306) * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284) * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251) * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255) * docs: remove comparisons (#3289) * feat: add support for Wolfi Linux (#3215) * ci: add go.mod to canary workflow (#3288) * feat(python): skip dev dependencies (#3282) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 09:37:03 +01:00
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: trivy
2024-06-19 18:19:40 +02:00
Version: 0.52.2
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
Group: System/Management
URL: https://github.com/aquasecurity/trivy
- Update to version 0.36.0: * docs: improve compliance docs (#3340) * feat(deps): add yarn lock dependency tree (#3348) * fix: compliance change id and title naming (#3349) * feat: add support for mix.lock files for elixir language (#3328) * feat: add k8s cis bench (#3315) * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322) * revert: cache merged layers (#3334) * feat(cyclonedx): add recommendation (#3336) * feat(ubuntu): added support ubuntu ESM versions (#1893) * fix: change logic to build relative paths for skip-dirs and skip-files (#3331) * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265) * feat: Adding support for Windows testing (#3037) * feat: add support for Alpine 3.17 (#3319) * docs: change PodFile.lock to Podfile.lock (#3318) * fix(sbom): support for the detection of old CycloneDX predicate type (#3316) * feat(secret): Use .trivyignore for filtering secret scanning result (#3312) * chore(go): remove experimental FS API usage in Wasm (#3299) * ci: add workflow to add issues to roadmap project (#3292) * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275) * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250) * feat(sbom): better support for third-party SBOMs (#3262) * docs: add information about languages with support for dependency locations (#3306) * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284) * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251) * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255) * docs: remove comparisons (#3289) * feat: add support for Wolfi Linux (#3215) * ci: add go.mod to canary workflow (#3288) * feat(python): skip dev dependencies (#3282) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 09:37:03 +01:00
Source: %{name}-%{version}.tar.zst
Source1: vendor.tar.zst
2024-06-19 18:19:40 +02:00
# From https://github.com/aquasecurity/trivy-db/pull/411.patch
Patch1: add-opensuse-tumbleweed-db.patch
Patch2: https://github.com/aquasecurity/trivy/pull/6965.patch#/add-opensuse-tumbleweed-support.patch
BuildRequires: golang(API) = 1.22
BuildRequires: golang-packaging
BuildRequires: zstd
Requires: ca-certificates
Requires: git-core
Requires: rpm
%description
Trivy (`tri` pronounced like trigger, `vy` pronounced like envy) is a simple and
comprehensive vulnerability scanner for containers and other artifacts. A
software vulnerability is a glitch, flaw, or weakness present in the software or
in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
etc.). Trivy is easy to use. Just install the binary and you're ready to
scan. All you need to do for scanning is to specify a target such as an image
name of the container.
%prep
2024-06-19 18:19:40 +02:00
%setup -a1
pushd vendor/github.com/aquasecurity/trivy-db
%patch -P 1 -p1
popd
%patch -P 2 -p1
%build
export CGO_ENABLED=1
go build -o trivy -mod=vendor -buildmode=pie -trimpath -ldflags "-s -w -X=main.version=%{version}" cmd/trivy/main.go
%install
install -D -m 755 trivy %{buildroot}/%{_bindir}/%{name}
%files
%license LICENSE
%doc NOTICE README.md
%{_bindir}/%{name}
%changelog