From 1afcdaafd320f8ce52cc19e6bc19a4a2c5c2cb23ce2b7f47471f7384914cf6ef Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 26 Oct 2022 06:33:34 +0000 Subject: [PATCH] Accepting request 1031236 from home:ojkastl_buildservice:Branch_Virtualization_containers update to 0.33.0 OBS-URL: https://build.opensuse.org/request/show/1031236 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=26 --- _service | 2 +- _servicedata | 2 +- trivy-0.32.1.tar.gz | 3 --- trivy-0.33.0.tar.gz | 3 +++ trivy.changes | 52 +++++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 ++-- 7 files changed, 60 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.32.1.tar.gz create mode 100644 trivy-0.33.0.tar.gz diff --git a/_service b/_service index 05a7839..ffc31a8 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.32.1 + v0.33.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 3644458..59e8275 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 8b1cee845be41f50979e3ac0039660fbd3d4cf2b \ No newline at end of file + af89249deab0a9e4ed1a959cedf8b5ace731b45a \ No newline at end of file diff --git a/trivy-0.32.1.tar.gz b/trivy-0.32.1.tar.gz deleted file mode 100644 index e282c6d..0000000 --- a/trivy-0.32.1.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:a611cf73072d4c20a92b1bebbc305f57c652209807a42fd0edbf29e746629957 -size 48947558 diff --git a/trivy-0.33.0.tar.gz b/trivy-0.33.0.tar.gz new file mode 100644 index 0000000..4501774 --- /dev/null +++ b/trivy-0.33.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:5ef1d420ba82253dea0f31bd7f1b1e5c161a946b8c3f80876271beec73fc0eb7 +size 49441493 diff --git a/trivy.changes b/trivy.changes index 90d35f1..6c8dcf2 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,55 @@ +------------------------------------------------------------------- +Wed Oct 26 05:22:55 UTC 2022 - kastl@b1-systems.de + +- Update to version 0.33.0: + * refactor(k8s): custom reports (#3076) + * fix(misconf): Bump in-toto-golang with correct CycloneDX predicate (#3068) + * feat(image): add support for passing architecture and OS (#3012) + * test: disable containerd integration tests for non-amd64 arch (#3073) + * feat(server): Add support for client/server mode to rootfs command (#3021) + * feat(vuln): support non-packaged binaries (#3019) + * feat: compliance reports (#2951) + * fix(flag): disable flag parsing for each plugin command (#3074) + * feat(nodejs): add support dependency location for yarn.lock files (#3016) + * chore: Switch github.com/liamg dependencies to github.com/aquasecurity (#3069) + * feat: add k8s components (#2589) + * fix(secret): update the regex for secrets scanning (#2964) + * chore(deps): bump github.com/samber/lo from 1.27.1 to 1.28.2 (#2979) + * fix: bump trivy-kubernetes (#3064) + * docs: fix missing 'image' subcommand (#3051) + * chore: Patch golang x/text vulnerability (#3046) + * chore: add licensed project logo (#3058) + * feat(ubuntu): set Ubuntu 22.10 EOL (#3054) + * refactor(analyzer): use strings.TrimSuffix instead of strings.HasSuffix (#3028) + * feat(report): Use understandable value for shortDescription in SARIF reports (#3009) + * docs(misconf): fix typo (#3043) + * feat: add support for scanning azure ARM (#3011) + * feat(report): add location.message to SARIF output (#3002) (#3003) + * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.95 to 1.44.109 (#2980) + * feat(nodejs): add dependency line numbers for npm lock files (#2932) + * test(fs): add `--skip-files`, `--skip-dirs` (#2984) + * docs: add Woodpecker CI integrations example (#2823) + * chore(deps): bump github.com/sigstore/rekor from 0.12.0 to 0.12.2 (#2981) + * chore(deps): bump github.com/liamg/memoryfs from 1.4.2 to 1.4.3 (#2976) + * chore(deps): bump github.com/spf13/viper from 1.12.0 to 1.13.0 (#2975) + * chore(deps): bump github.com/caarlos0/env/v6 from 6.10.0 to 6.10.1 (#2982) + * fix(sbom): ref generation if serialNumber is empty when input is cyclonedx file (#3000) + * fix(java): don't stop parsing jar file when wrong inner jar is found (#2989) + * fix(sbom): use nuget purl type for dotnet-core (#2990) + * perf: retrieve rekor entries in bulk (#2987) + * feat(aws): Custom rego policies for AWS scanning (#2994) + * docs: jq cli formatting (#2881) + * docs(repo): troubleshooting $TMPDIR customization (#2985) + * chore(deps): bump actions/cache from 3.0.8 to 3.0.9 (#2969) + * chore(deps): bump actions/stale from 5 to 6 (#2970) + * chore(deps): bump sigstore/cosign-installer from 2.5.1 to 2.7.0 (#2971) + * chore(deps): bump helm/chart-testing-action from 2.3.0 to 2.3.1 (#2972) + * chore(deps): bump helm/kind-action from 1.3.0 to 1.4.0 (#2973) + * chore: run `go fmt` (#2897) + * chore(go): updates wazero to 1.0.0-pre.2 (#2955) + * fix(aws): Less function for slice sorting always returns false #2967 + * fix(java): fix unmarshal pom exclusions (#2936) + ------------------------------------------------------------------- Wed Sep 28 13:42:03 UTC 2022 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index 7157593..c018a64 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.32.1 +Version: 0.33.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index e6a34b4..4538019 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:2967295997f9892b8965262afe1289fafe6cf6bce7359cc7b32c69281b5f7d4d -size 67586713 +oid sha256:7e8a640a429b9d68a28ab95f53cad0e8101a1b15fc39272ad9eb5ebb25fd467b +size 67738602