Accepting request 1131309 from devel:Factory:git-workflow:staging:dirkmueller:trivy:3

Update to trivy 0.48.0 (🤖: Submission of trivy via pool/trivy#3 by dirkmueller) OBS-URL: https://build.opensuse.org/request/show/1131309 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=60
2023-12-06 22:48:47 +00:00 · 2023-12-06 22:48:47 +00:00 · 18fc7020bd
commit 18fc7020bd
parent 39f9c75e6b 9ac027b7ed
8 changed files with 72 additions and 11 deletions
--- a/_scmsync.obsinfo
+++ b/_scmsync.obsinfo
@ -1,4 +1,4 @@
-mtime: 1699461074
-commit: e7076f0971c7963534b0ad701267258c921d4720
+mtime: 1701858137
+commit: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c
 url: https://src.opensuse.org/dirkmueller/trivy.git
-revision: e7076f0971c7963534b0ad701267258c921d4720
+revision: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c
--- a/2
+++ b/2
@ -2,7 +2,7 @@
  <service name="tar_scm" mode="manual">
    <param name="url">https://github.com/aquasecurity/trivy</param>
    <param name="scm">git</param>
-    <param name="revision">v0.47.0</param>
+    <param name="revision">v0.48.0</param>
    <param name="versionformat">@PARENT_TAG@</param>
    <param name="versionrewrite-pattern">v(.*)</param>
    <param name="changesgenerate">enable</param>
--- a/2
+++ b/2
@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">d6df5fbcda878e43e5e02484304726ebe7c6c418</param></service></servicedata>
+              <param name="changesrevision">f2aa9bf3eb31468921491a071be60e9de8fd10bf</param></service></servicedata>
--- a/trivy-0.47.0.tar.zst
+++ b/trivy-0.47.0.tar.zst
--- a/trivy-0.48.0.tar.zst
+++ b/trivy-0.48.0.tar.zst
--- a/trivy.changes
+++ b/trivy.changes
@ -1,3 +1,64 @@
+-------------------------------------------------------------------
+Wed Dec 06 10:00:18 UTC 2023 - dmueller@suse.com
+
+- Update to version 0.48.0:
+  * chore(deps): bump sigstore/cosign-installer from 4a861528be5e691840a69536975ada1d4c30349d to 1fc5bd396d372bee37d608f955b336615edf79c8 (#5696)
+  * chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.1 (#5694)
+  * feat: filter k8s core components vuln results (#5713)
+  * feat(vuln): remove duplicates in Fixed Version (#5596)
+  * feat(report): output plugin (#4863)
+  * chore(deps): bump alpine from 3.18.4 to 3.18.5 (#5700)
+  * chore(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 (#5704)
+  * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.10.1 (#5699)
+  * chore(deps): bump actions/github-script from 6 to 7 (#5697)
+  * chore(deps): bump easimon/maximize-build-space from 8 to 9 (#5695)
+  * docs: typo in modules.md (#5712)
+  * feat: Add flag to configure node-collector image ref (#5710)
+  * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.1 to 1.9.0 (#5702)
+  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.31.0 (#5698)
+  * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 (#5706)
+  * feat(misconf): Add `--misconfig-scanners` option (#5670)
+  * chore: bump Go to 1.21 (#5662)
+  * feat: Packagesprops support (#5605)
+  * chore(deps): Bump up trivy misconf deps (#5656)
+  * docs: update adopters discussion template (#5632)
+  * docs: terraform tutorial links updated to point to correct loc (#5661)
+  * fix(secret): add `sec` and space to secret prefix for `aws-secret-access-key` (#5647)
+  * fix(nodejs): support protocols for dependency section in yarn.lock files (#5612)
+  * fix(secret): exclude upper case before secret for `alibaba-access-key-id` (#5618)
+  * docs: Update Arch Linux package URL in installation.md (#5619)
+  * chore: add prefix to image errors (#5601)
+  * docs(vuln): fix link anchor (#5606)
+  * docs: Add Dagger integration section and cleanup Ecosystem CICD docs page (#5608)
+  * fix: k8s friendly error messages kbom non cluster scans (#5594)
+  * feat: set InstalledFiles for DEB and RPM packages (#5488)
+  * fix(report): use time.Time for CreatedAt (#5598)
+  * test: retry containerd initialization (#5597)
+  * feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550)
+  * test: mock VM walker (#5589)
+  * chore: bump node-collector v0.0.9 (#5591)
+  * feat(misconf): Add support for `--cf-params` for CFT (#5507)
+  * feat(flag): replace '--slow' with '--parallel' (#5572)
+  * fix(report): add escaping for Sarif format (#5568)
+  * chore: show a deprecation notice for `--scanners config` (#5587)
+  * feat(report): Add CreatedAt to the JSON report. (#5542) (#5549)
+  * test: mock RPM DB (#5567)
+  * feat: add aliases to '--scanners' (#5558)
+  * refactor: reintroduce output writer (#5564)
+  * chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#5543)
+  * chore: not load plugins for auto-generating docs (#5569)
+  * chore: sort supported AWS services (#5570)
+  * fix: no schedule toleration (#5562)
+  * fix(cli): set correct `scanners` for `k8s` target (#5561)
+  * fix(sbom): add `FilesAnalyzed` and `PackageVerificationCode` fields for SPDX (#5533)
+  * refactor(misconf): Update refactored dependencies (#5245)
+  * feat(secret): add built-in rule for JWT tokens (#5480)
+  * fix: trivy k8s parse ecr image with arn (#5537)
+  * fix: fail k8s resource scanning (#5529)
+  * refactor(misconf): don't remove Highlighted in json format (#5531)
+  * docs(k8s): fix link in kubernetes.md (#5524)
+  * docs(k8s): fix whitespace in list syntax (#5525)
+
 -------------------------------------------------------------------
 Tue Nov 07 12:24:51 UTC 2023 - dmueller@suse.com

--- a/trivy.spec
+++ b/trivy.spec
@ -17,7 +17,7 @@


 Name:           trivy
-Version:        0.47.0
+Version:        0.48.0
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0
--- a/vendor.tar.zst
+++ b/vendor.tar.zst