From 3e2167aa9be402875562cabe5c61cfa57520e6160c95f6b2711336f745ec164d Mon Sep 17 00:00:00 2001
From: Dirk Mueller <dmueller@suse.com>
Date: Mon, 12 Jun 2023 08:17:18 +0000
Subject: [PATCH] - Update to version 0.42.1:   * ci: remove 32bit packages
 (#4585)   * fix(misconf): deduplicate misconf results (#4588)   * fix(vm):
 support sector size of 4096 (#4564)   * fix(misconf): terraform relative
 paths (#4571)   * fix(purl): skip unsupported library type (#4577)   *
 fix(terraform): recursively detect all Root Modules (#4457)   * fix(vm):
 support post analyzer for vm command (#4544)   * fix(nodejs): change the type
 of the devDependencies field (#4560)   * fix(sbom): export empty dependencies
 in CycloneDX (#4568)   * refactor: add composite fs for post-analyzers
 (#4556)   * chore(deps): bump golangci/golangci-lint-action from 3.4.0 to
 3.5.0 (#4554)   * chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0
 (#4526)   * chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0
 (#4528)   * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to
 2.30.3 (#4529)   * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2
 (#4536)   * chore(deps): bump github.com/tetratelabs/wazero from 1.0.0 to
 1.2.0 (#4549)   * chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1
 (#4532)   * chore(deps): bump github.com/testcontainers/testcontainers-go
 (#4537)   * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0
 (#4530)   * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4534)   *
 chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)   *
 chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)   * feat: add SBOM
 analyzer (#4210)   * fix(sbom): update logic for work with files in spdx
 format (#4513)   * feat: azure workload identity support (#4489)   *
 feat(ubuntu): add eol date for 18.04 ESM (#4524)   * fix(misconf): Update
 required extensions for terraformplan (#4523)   * refactor(cyclonedx): add
 intermediate representation (#4490)   * fix(misconf): Remove debug print
 while scanning (#4521)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=63
---
 _service             |   2 +-
 _servicedata         |   2 +-
 trivy-0.41.0.tar.zst |   3 --
 trivy-0.42.1.tar.zst |   3 ++
 trivy.changes        | 110 +++++++++++++++++++++++++++++++++++++++++++
 trivy.spec           |   2 +-
 vendor.tar.zst       |   4 +-
 7 files changed, 118 insertions(+), 8 deletions(-)
 delete mode 100644 trivy-0.41.0.tar.zst
 create mode 100644 trivy-0.42.1.tar.zst

diff --git a/_service b/_service
index 6d06835..931d20a 100644
--- a/_service
+++ b/_service
@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.41.0</param>
+    <param name="revision">v0.42.1</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>
diff --git a/_servicedata b/_servicedata
index 2a2c14d..c226c86 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">1be1e2e6380efd9b63913721db1b9d61e3800126</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">9a279fa7bb5ccdcda642f99ac2dfd80551082ee2</param></service></servicedata>
\ No newline at end of file
diff --git a/trivy-0.41.0.tar.zst b/trivy-0.41.0.tar.zst
deleted file mode 100644
index 9354e6b..0000000
--- a/trivy-0.41.0.tar.zst
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:349550f75b2f44dc7a85e591a560db41e5533c62dfbc9de19fdff280c52e3192
-size 43405980
diff --git a/trivy-0.42.1.tar.zst b/trivy-0.42.1.tar.zst
new file mode 100644
index 0000000..ff265c1
--- /dev/null
+++ b/trivy-0.42.1.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f5dbb750cff0d398063b4b2b81219aab54d31a72bf5693e035a489c416645f92
+size 43417511
diff --git a/trivy.changes b/trivy.changes
index 3cbe598..24a5c47 100644
--- a/trivy.changes
+++ b/trivy.changes
@@ -1,3 +1,113 @@
+-------------------------------------------------------------------
+Mon Jun 12 07:56:25 UTC 2023 - dmueller@suse.com
+
+- Update to version 0.42.1:
+  * ci: remove 32bit packages (#4585)
+  * fix(misconf): deduplicate misconf results (#4588)
+  * fix(vm): support sector size of 4096 (#4564)
+  * fix(misconf): terraform relative paths (#4571)
+  * fix(purl): skip unsupported library type (#4577)
+  * fix(terraform): recursively detect all Root Modules (#4457)
+  * fix(vm): support post analyzer for vm command (#4544)
+  * fix(nodejs): change the type of the devDependencies field (#4560)
+  * fix(sbom): export empty dependencies in CycloneDX (#4568)
+  * refactor: add composite fs for post-analyzers (#4556)
+  * chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#4554)
+  * chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#4526)
+  * chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 (#4528)
+  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to 2.30.3 (#4529)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 (#4536)
+  * chore(deps): bump github.com/tetratelabs/wazero from 1.0.0 to 1.2.0 (#4549)
+  * chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 (#4532)
+  * chore(deps): bump github.com/testcontainers/testcontainers-go (#4537)
+  * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#4530)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4534)
+  * chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
+  * chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
+  * feat: add SBOM analyzer (#4210)
+  * fix(sbom): update logic for work with files in spdx format (#4513)
+  * feat: azure workload identity support (#4489)
+  * feat(ubuntu): add eol date for 18.04 ESM (#4524)
+  * fix(misconf): Update required extensions for terraformplan (#4523)
+  * refactor(cyclonedx): add intermediate representation (#4490)
+  * fix(misconf): Remove debug print while scanning (#4521)
+  * fix(java): remove duplicates of jar libs (#4515)
+  * fix(java): fix overwriting project props in pom.xml (#4498)
+  * docs: Update compilation instructions (#4512)
+  * fix(nodejs): update logic for parsing pnpm lock files (#4502)
+  *  fix(secret): remove aws-account-id rule (#4494)
+  * feat(oci): add support for referencing an input image by digest (#4470)
+  * chore(deps): bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 (#4338)
+  * docs: fixed the format (#4503)
+  * fix(java): add support of * for exclusions for pom.xml files (#4501)
+  * feat: adding issue template for documentation (#4453)
+  * docs: switch glad to ghsa for Go (#4493)
+  * chore(deps): Update defsec to v0.89.0 (#4474)
+  * feat(misconf): Add terraformplan support (#4342)
+  * feat(debian): add digests for dpkg (#4445)
+  * chore(deps): bump github.com/sigstore/rekor from 1.1.1 to 1.2.0 (#4478)
+  * feat(k8s): exclude node scanning by node labels (#4459)
+  * docs: add info about multi-line mode for regexp from custom secret rules (#4159)
+  * feat(cli): convert JSON reports into a different format (#4452)
+  * feat(image): add logic to guess base layer for docker-cis scan (#4344)
+  * fix(cyclonedx): set original names for packages (#4306)
+  * feat: group subcommands (#4449)
+  * feat(cli): add retry to cache operations (#4189)
+  * fix(vuln): report architecture for `apk` packages (#4247)
+  * refactor: enable cases where return values are not needed in pipeline (#4443)
+  * fix(image): resolve scan deadlock when error occurs in slow mode (#4336)
+  * docs(misconf): Update docs for kubernetes file patterns (#4435)
+  * test: k8s integration tests (#4423)
+  * feat(redhat): add package digest for rpm (#4410)
+  * feat(misconf): Add `--reset-policy-bundle` for policy bundle (#4167)
+  * fix: typo (#4431)
+  * add user instruction to imgconf (#4429)
+  * fix(k8s): add image sources (#4411)
+  * docs(scanning): Add versioning banner (#4415)
+  * feat(cli): add mage command to update golden integration test files (#4380)
+  * feat: node-collector custom namespace support (#4407)
+  * chore(deps): bump owenrumney/go-sarif from v2.1.3 to v2.2.0 (#4378)
+  * refactor(sbom): use multiline json for spdx-json format (#4404)
+  * fix(ubuntu): add EOL date for Ubuntu 23.04 (#4347)
+  * refactor: code-optimization (#4214)
+  * feat(image): Add image-src flag to specify which runtime(s) to use (#4047)
+  *  test: skip wrong update of test golden files (#4379)
+  * refactor: don't return error for package.json without version/name (#4377)
+  * docs: cmd  error (#4376)
+  * test(cli): add test for config file and env combination (#2666)
+  * fix(report): set a correct file location for license scan output (#4326)
+  * ci: rpm repository for all versions and aarch64 (#4077)
+  * chore(alpine): Update Alpine to 3.18 (#4351)
+  * fix(alpine): add EOL date for Alpine 3.18 (#4308)
+  * chore(deps): bump github.com/docker/distribution (#4337)
+  * feat: allow root break for mapfs (#4094)
+  * docs(misconf): Remove examples.md (#4256)
+  * fix(ubuntu): update eol dates for Ubuntu (#4258)
+  * feat(alpine): add digests for apk packages (#4168)
+  * chore: add discussion templates (#4190)
+  * fix(terraform): Support tfvars (#4123)
+  * chore: separate docs:generate (#4242)
+  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4246)
+  * refactor: define vulnerability scanner interfaces (#4117)
+  * feat: unified k8s scan resources (#4188)
+  * chore(deps): Update defsec to v0.88.1 (#4178)
+  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.1 to 2.30.2 (#4141)
+  * chore: trivy bin ignore (#4212)
+  * feat(image): enforce image platform (#4083)
+  * chore(deps): bump github.com/owenrumney/go-sarif/v2 from 2.1.2 to 2.1.3 (#4143)
+  * chore(deps): bump github.com/docker/docker (#4144)
+  * chore(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.1 to 2.0.2 (#4146)
+  * chore(deps): bump aquaproj/aqua-installer from 2.0.2 to 2.1.1 (#4140)
+  * fix(ubuntu): fix version selection logic for ubuntu esm (#4171)
+  * chore(deps): bump github.com/samber/lo from 1.37.0 to 1.38.1 (#4147)
+  * chore(deps): bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1 (#4145)
+  * chore(deps): bump sigstore/cosign-installer from 3.0.1 to 3.0.3 (#4138)
+  * chore(deps): bump github.com/testcontainers/testcontainers-go (#4150)
+  * chore: install.sh support for windows (#4155)
+  * chore(deps): bump github.com/sigstore/rekor from 1.1.0 to 1.1.1 (#4166)
+  * chore(deps): bump golang.org/x/crypto from 0.7.0 to 0.8.0 (#4149)
+  * docs: moving skipping files out of others (#4154)
+
 -------------------------------------------------------------------
 Thu May 11 17:05:04 UTC 2023 - Dirk Müller <dmueller@suse.com>
 
diff --git a/trivy.spec b/trivy.spec
index 5dfddcb..8fdffc5 100644
--- a/trivy.spec
+++ b/trivy.spec
@@ -17,7 +17,7 @@
 
 
 Name:           trivy
-Version:        0.41.0
+Version:        0.42.1
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0
diff --git a/vendor.tar.zst b/vendor.tar.zst
index 8973838..e703294 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:33341fb7a275e0a4d6e8bc43ee278bb1332909058ba00069d17d40dea14cefc1
-size 18766997
+oid sha256:b927fd5ffa78df2fe50df45ef81ed81636cc4b0605449fe414cc5ad38dbcd4ad
+size 19074946