1
0
forked from pool/trivy

[info=9db9048f8fcda9228fdaecd994a195b439617cc7]

OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:6/trivy?expand=0&rev=1
This commit is contained in:
Git SCM Staging 2024-05-17 20:27:28 +00:00 committed by Git OBS Bridge
parent d4192f4986
commit 3aa0363cbf
8 changed files with 213 additions and 12 deletions

View File

@ -1,4 +1,4 @@
mtime: 1707400276
commit: 2104123c72636f1cd80a006a15bd8b68af402960
mtime: 1715975286
commit: 9db9048f8fcda9228fdaecd994a195b439617cc7
url: https://src.opensuse.org/dirkmueller/trivy.git
revision: 2104123c72636f1cd80a006a15bd8b68af402960
revision: 9db9048f8fcda9228fdaecd994a195b439617cc7

View File

@ -2,7 +2,7 @@
<service name="tar_scm" mode="manual">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
<param name="revision">v0.49.1</param>
<param name="revision">v0.51.1</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>

View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="changesrevision">6ccc0a554b07b05fd049f882a1825a0e1e0aabe1</param></service></servicedata>
<param name="changesrevision">8016b821a260840ccb81ef520f2804b9482f3820</param></service></servicedata>

BIN
trivy-0.49.1.tar.zst (Stored with Git LFS)

Binary file not shown.

BIN
trivy-0.51.1.tar.zst (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -1,3 +1,204 @@
-------------------------------------------------------------------
Fri May 17 19:43:20 UTC 2024 - dmueller@suse.com
- Update to version 0.51.1:
* fix(fs): handle default skip dirs properly (#6628)
* fix(misconf): load cached tf modules (#6607)
* fix(misconf): do not use semver for parsing tf module versions (#6614)
* refactor: move setting scanners when using compliance reports to flag parsing (#6619)
* feat: introduce package UIDs for improved vulnerability mapping (#6583)
* perf(misconf): Improve cause performance (#6586)
* docs: trivy-k8s new experiance remove un-used section (#6608)
* chore(deps): bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible (#6612)
* docs: remove mention of GitLab Gold because it doesn't exist anymore (#6609)
* feat(misconf): Use updated terminology for misconfiguration checks (#6476)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.15 to 1.16.15 (#6593)
* docs: use `generic` link from `trivy-repo` (#6606)
* docs: update trivy k8s with new experience (#6465)
* feat: support `--skip-images` scanning flag (#6334)
* BREAKING: add support for k8s `disable-node-collector` flag (#6311)
* chore(deps): bump github.com/zclconf/go-cty from 1.14.1 to 1.14.4 (#6601)
* chore(deps): bump github.com/sigstore/rekor from 1.2.2 to 1.3.6 (#6599)
* chore(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (#6597)
* chore(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#6588)
* chore(deps): bump github.com/testcontainers/testcontainers-go from 0.28.0 to 0.30.0 (#6595)
* chore(deps): bump github.com/open-policy-agent/opa from 0.62.0 to 0.64.1 (#6596)
* feat: add ubuntu 23.10 and 24.04 support (#6573)
* chore(deps): bump azure/setup-helm from 3.5 to 4 (#6590)
* chore(deps): bump actions/checkout from 4.1.2 to 4.1.4 (#6587)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ecr from 1.24.6 to 1.27.4 (#6598)
* docs(go): add stdlib (#6580)
* chore(deps): bump github.com/containerd/containerd from 1.7.13 to 1.7.16 (#6592)
* chore(deps): bump github.com/go-openapi/runtime from 0.27.1 to 0.28.0 (#6600)
* feat(go): parse main mod version from build info settings (#6564)
* feat: respect custom exit code from plugin (#6584)
* docs: add asdf and mise installation method (#6063)
* feat(vuln): Handle scanning conan v2.x lockfiles (#6357)
* feat: add support `environment.yaml` files (#6569)
* fix: close plugin.yaml (#6577)
* fix: trivy k8s avoid deleting non-default node collector namespace (#6559)
* BREAKING: support exclude `kinds/namespaces` and include `kinds/namespaces` (#6323)
* feat(go): add main module (#6574)
* feat: add relationships (#6563)
* ci: disable `Go` cache for `reusable-release.yaml` (#6572)
* docs: mention `--show-suppressed` is available in table (#6571)
* chore: fix sqlite to support loong64 (#6511)
* fix(debian): sort dpkg info before parsing due to exclude directories (#6551)
* docs: update info about config file (#6547)
* docs: remove RELEASE_VERSION from trivy.repo (#6546)
* fix(sbom): change error to warning for multiple OSes (#6541)
* fix(vuln): skip empty versions (#6542)
* feat(c): add license support for conan lock files (#6329)
* fix(terraform): Attribute and fileset fixes (#6544)
* refactor: change warning if no vulnerability details are found (#6230)
* refactor(misconf): improve error handling in the Rego scanner (#6527)
* ci: use tmp dir inside Trivy repo dir for GoReleaser (#6533)
* feat(go): parse main module of go binary files (#6530)
* chore(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 (#6526)
* refactor(misconf): simplify the retrieval of module annotations (#6528)
* chore(deps): bump github.com/hashicorp/go-getter from 1.7.3 to 1.7.4 (#6523)
* docs(nodejs): add info about supported versions of pnpm lock files (#6510)
* feat(misconf): loading embedded checks as a fallback (#6502)
* fix(misconf): Parse JSON k8s manifests properly (#6490)
* refactor: remove parallel walk (#5180)
* fix: close pom.xml (#6507)
* fix(secret): convert severity for custom rules (#6500)
* fix(java): update logic to detect `pom.xml` file snapshot artifacts from remote repositories (#6412)
* fix: typo (#6283)
* docs(k8s,image): fix command-line syntax issues (#6403)
* chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 (#6435)
* fix(misconf): avoid panic if the scheme is not valid (#6496)
* feat(image): goversion as stdlib (#6277)
* fix: add color for error inside of log message (#6493)
* chore(deps): bump actions/add-to-project from 0.4.1 to 1.0.0 (#6438)
* docs: fix links to OPA docs (#6480)
* refactor: replace zap with slog (#6466)
* docs: update links to IaC schemas (#6477)
* chore: bump Go to 1.22 (#6075)
* refactor(terraform): sync funcs with Terraform (#6415)
* feat(misconf): add helm-api-version and helm-kube-version flag (#6332)
* chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.4.0 to 1.5.1 (#6426)
* chore(deps): bump github.com/go-openapi/strfmt from 0.22.0 to 0.23.0 (#6452)
* chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.6 to 2.0.7 (#6430)
* chore(deps): bump aquaproj/aqua-installer from 2.2.0 to 3.0.0 (#6437)
* fix(terraform): eval submodules (#6411)
* refactor(terraform): remove unused options (#6446)
* refactor(terraform): remove unused file (#6445)
* chore(deps): bump github.com/testcontainers/testcontainers-go to v0.28.0 (#6387)
* chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.9.0 to 1.10.0 (#6427)
* fix(misconf): Escape template value correctly (#6292)
* feat(misconf): add support for wildcard ignores (#6414)
* fix(cloudformation): resolve `DedicatedMasterEnabled` parsing issue (#6439)
* refactor(terraform): remove metrics collection (#6444)
* feat(cloudformation): add support for logging and endpoint access for EKS (#6440)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.51.1 to 1.53.1 (#6424)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.4 to 1.27.10 (#6428)
* chore(deps): bump go.etcd.io/bbolt from 1.3.8 to 1.3.9 (#6429)
* fix(db): check schema version for image name only (#6410)
* chore(deps): bump github.com/google/wire from 0.5.0 to 0.6.0 (#6425)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.149.1 to 1.155.1 (#6433)
* chore(deps): bump actions/cache from 4.0.0 to 4.0.2 (#6436)
* feat(misconf): Support private registries for misconf check bundle (#6327)
* feat(cloudformation): inline ignore support for YAML templates (#6358)
* feat(terraform): ignore resources by nested attributes (#6302)
* perf(helm): load in-memory files (#6383)
* feat(aws): apply filter options to result (#6367)
* feat(aws): quiet flag support (#6331)
* fix(misconf): clear location URI for SARIF (#6405)
* test(cloudformation): add CF tests (#6315)
* fix(cloudformation): infer type after resolving a function (#6406)
* fix(sbom): fix error when parent of SPDX Relationships is not a package. (#6399)
* fix(nodejs): merge `Indirect`, `Dev`, `ExternalReferences` fields for same deps from `package-lock.json` files v2 or later (#6356)
* docs: add info about support for package license detection in `fs`/`repo` modes (#6381)
* fix(nodejs): add support for parsing `workspaces` from `package.json` as an object (#6231)
* fix: use `0600` perms for tmp files for post analyzers (#6386)
* fix(helm): scan the subcharts once (#6382)
* docs(terraform): add file patterns for Terraform Plan (#6393)
* fix(terraform): сhecking SSE encryption algorithm validity (#6341)
* fix(java): parse modules from `pom.xml` files once (#6312)
* chore(deps): bump github.com/docker/docker from 25.0.3+incompatible to 25.0.5+incompatible (#6364)
* fix(server): add Locations for `Packages` in client/server mode (#6366)
* fix(sbom): add check for `CreationInfo` to nil when detecting SPDX created using Trivy (#6346)
* fix(report): don't include empty strings in `.vulnerabilities[].identifiers[].url` when `gitlab.tpl` is used (#6348)
* chore(ubuntu): Add Ubuntu 22.04 EOL date (#6371)
* chore(deps): bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (#6321)
* feat(java): add support licenses and graph for gradle lock files (#6140)
* feat(vex): consider root component for relationships (#6313)
* fix: increase the default buffer size for scanning dpkg status files by 2 times (#6298)
* chore: updates wazero to v1.7.0 (#6301)
* feat(sbom): Support license detection for SBOM scan (#6072)
* refactor(sbom): use intermediate representation for SPDX (#6310)
* docs(terraform): improve documentation for filtering by inline comments (#6284)
* fix(terraform): fix policy document retrieval (#6276)
* refactor(terraform): remove unused custom error (#6303)
* refactor(sbom): add intermediate representation for BOM (#6240)
* fix(amazon): check only major version of AL to find advisories (#6295)
* fix(db): use schema version as tag only for `trivy-db` and `trivy-java-db` registries by default (#6219)
* fix(nodejs): add name validation for package name from `package.json` (#6268)
* docs: Added install instructions for FreeBSD (#6293)
* feat(image): customer podman host or socket option (#6256)
* chore(deps): bump wazero from 1.2.1 to 1.6.0 (#6290)
* feat(java): mark dependencies from `maven-invoker-plugin` integration tests pom.xml files as `Dev` (#6213)
* fix(license): reorder logic of how python package licenses are acquired (#6220)
* test(terraform): skip cached modules (#6281)
* feat(secret): Support for detecting Hugging Face Access Tokens (#6236)
* fix(cloudformation): support of all SSE algorithms for s3 (#6270)
* feat(terraform): Terraform Plan snapshot scanning support (#6176)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.26.6 to 1.27.4 (#6249)
* fix: typo function name and comment optimization (#6200)
* fix(java): don't ignore runtime scope for pom.xml files (#6223)
* chore(deps): bump helm/kind-action from 1.8.0 to 1.9.0 (#6242)
* chore(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (#6243)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/s3 from 1.48.1 to 1.51.1 (#6251)
* chore(deps): bump github.com/hashicorp/go-uuid from 1.0.1 to 1.0.3 (#6253)
* chore(deps): bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 (#6250)
* chore(deps): bump github.com/containerd/containerd from 1.7.12 to 1.7.13 (#6247)
* chore(deps): bump go.uber.org/zap from 1.26.0 to 1.27.0 (#6246)
* fix(license): add FilePath to results to allow for license path filtering via trivyignore file (#6215)
* chore(deps): Upgrade iac deps (#6255)
* feat: add info log message about dev deps suppression (#6211)
* test(k8s): use test-db for k8s integration tests (#6222)
* ci: add maximize-build-space for `Test` job (#6221)
* fix(terraform): fix root module search (#6160)
* test(parser): squash test data for yarn (#6203)
* fix(terraform): do not re-expand dynamic blocks (#6151)
* docs: update ecosystem page reporting with db app (#6201)
* fix: k8s summary separate infra and user finding results (#6120)
* fix: add context to target finding on k8s table view (#6099)
* fix: Printf format err (#6198)
* refactor: better integration of the parser into Trivy (#6183)
* chore(deps): bump helm.sh/helm/v3 from 3.14.1 to 3.14.2 (#6189)
* feat(terraform): Add hyphen and non-ASCII support for domain names in credential extraction (#6108)
* fix(vex): CSAF filtering should consider relationships (#5923)
* refactor(report): Replacing `source_location` in `github` report when scanning an image (#5999)
* feat(vuln): ignore vulnerabilities by PURL (#6178)
* feat(java): add support for fetching packages from repos mentioned in pom.xml (#6171)
* feat(k8s): rancher rke2 version support (#5988)
* docs: update kbom distribution for scanning (#6019)
* chore: update CODEOWNERS (#6173)
* fix(swift): try to use branch to resolve version (#6168)
* fix(terraform): ensure consistent path handling across OS (#6161)
* fix(java): add only valid libs from `pom.properties` files from `jars` (#6164)
* fix(sbom): skip executable file analysis if Rekor isn't a specified SBOM source (#6163)
* chore(deps): merge go-dep-parser into Trivy (#6094)
* docs(report): add remark about `path` to filter licenses using `.trivyignore.yaml` file (#6145)
* docs: update template path for gitlab-ci tutorial (#6144)
* feat(report): support for filtering licenses and secrets via rego policy files (#6004)
* fix(cyclonedx): move root component from scanned cyclonedx file to output cyclonedx file (#6113)
* refactor(deps): Merge defsec into trivy (#6109)
* chore(deps): bump helm.sh/helm/v3 from 3.14.0 to 3.14.1 (#6142)
* docs: add SecObserve in CI/CD and reporting (#6139)
* fix(alpine): exclude empty licenses for apk packages (#6130)
* docs: add docs tutorial on custom policies with rego (#6104)
* fix(nodejs): use project dir when searching for workspaces for Yarn.lock files (#6102)
* feat(vuln): show suppressed vulnerabilities in table (#6084)
* docs: rename governance to principles (#6107)
* docs: add governance (#6090)
* refactor(deps): Merge trivy-iac into Trivy (#6005)
* feat(java): add dependency location support for `gradle` files (#6083)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/feature/s3/manager from 1.15.11 to 1.15.15 (#6038)
* fix(misconf): get `user` from `Config.User` (#6070)
-------------------------------------------------------------------
Thu Feb 08 12:51:32 UTC 2024 - dmueller@suse.com

View File

@ -17,7 +17,7 @@
Name: trivy
Version: 0.49.1
Version: 0.51.1
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
@ -25,7 +25,7 @@ Group: System/Management
URL: https://github.com/aquasecurity/trivy
Source: %{name}-%{version}.tar.zst
Source1: vendor.tar.zst
BuildRequires: golang(API) = 1.21
BuildRequires: golang(API) = 1.22
BuildRequires: golang-packaging
BuildRequires: zstd
Requires: ca-certificates

BIN
vendor.tar.zst (Stored with Git LFS)

Binary file not shown.