From a9593f7bd8e67ec8232ceafb4c38d3a250f1fe183cd508c0b31e0b9dd30c57b4 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 13 Apr 2023 09:17:33 +0000 Subject: [PATCH 1/3] - Update to version 0.39.1: * fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997) * fix(sbom): fix infinite loop for cyclonedx (#3998) * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954) * fix: use warning for errors from enrichment files for post-analyzers (#3972) * chore(deps): bump github.com/docker/docker (#3963) * fix(helm): added annotation to psp configurable from values (#3893) * chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962) * fix(secret): update built-in rule `tests` (#3855) * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957) * test: rewrite scripts in Go (#3968) * docs(cli): Improve glob documentation (#3945) * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959) * ci: check CLI references (#3967) * chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951) * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956) * chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958) * chore(deps): bump actions/setup-go from 3 to 4 (#3953) * chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950) * chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965) * chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=55 --- _service | 2 +- _servicedata | 2 +- trivy-0.39.0.tar.zst | 3 --- trivy-0.39.1.tar.zst | 3 +++ trivy.changes | 25 +++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 ++-- 7 files changed, 33 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.39.0.tar.zst create mode 100644 trivy-0.39.1.tar.zst diff --git a/_service b/_service index 20b6d82..f3d49a9 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.39.0 + v0.39.1 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 169bf10..be464ed 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - ed590966a3efdaf6cbb48e34bfb36ea0884e45d8 \ No newline at end of file + a119ef86ea28b0cbd6ad7708ac1ff64a89bd8034 \ No newline at end of file diff --git a/trivy-0.39.0.tar.zst b/trivy-0.39.0.tar.zst deleted file mode 100644 index 8de5d22..0000000 --- a/trivy-0.39.0.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:8eec8b9859100325cba0854b654f4a5dc55e752aa6c6ff51fd02098cc3d94b2e -size 44746619 diff --git a/trivy-0.39.1.tar.zst b/trivy-0.39.1.tar.zst new file mode 100644 index 0000000..3156789 --- /dev/null +++ b/trivy-0.39.1.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b3fa84d04e1768092c499edadbd6355192fb270d4b47ad0b6fe98a97daebe49 +size 76724367 diff --git a/trivy.changes b/trivy.changes index 4e818e3..038d1f7 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Thu Apr 13 08:10:58 UTC 2023 - dmueller@suse.com + +- Update to version 0.39.1: + * fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997) + * fix(sbom): fix infinite loop for cyclonedx (#3998) + * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954) + * fix: use warning for errors from enrichment files for post-analyzers (#3972) + * chore(deps): bump github.com/docker/docker (#3963) + * fix(helm): added annotation to psp configurable from values (#3893) + * chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962) + * fix(secret): update built-in rule `tests` (#3855) + * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957) + * test: rewrite scripts in Go (#3968) + * docs(cli): Improve glob documentation (#3945) + * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959) + * ci: check CLI references (#3967) + * chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951) + * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956) + * chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958) + * chore(deps): bump actions/setup-go from 3 to 4 (#3953) + * chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950) + * chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965) + * chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964) + ------------------------------------------------------------------- Mon Apr 03 08:36:44 UTC 2023 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index 36c0637..c8fbb1e 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.39.0 +Version: 0.39.1 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 62c220c..0be9da2 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:b6e232385c23bddd81ab6255903fa586f48715110dddcc462d8924e08e5d567c -size 18634053 +oid sha256:938e8a779283a9f285c6bb35eff641d07386607302a26707b9b822a1feefb1c5 +size 18602937 From 1c04f09b2d2f7c5be03fdfb4f528b64d397e8c1e0bc0ba7138288f2caac3c3c6 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 16 Apr 2023 18:11:29 +0000 Subject: [PATCH 2/3] - Update to version 0.40.0: * feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026) * chore(deps): bump actions/stale from 7 to 8 (#3955) * fix: return insecure option to download javadb (#4064) * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052) * ci: add gpg signing for RPM packages (#4056) * fix(k8s): current context title (#4055) * fix(k8s): quit support on k8s progress bar (#4021) * chore: add a note about Dockerfile.canary (#4050) * ci: fix path to canary binaries (#4045) * fix(vuln): report architecture for debian packages (#4032) * feat: add support for Chainguard's commercial distro (#3641) * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979) * fix(vuln): fix error message for remote scanners (#4031) * feat(report): add image metadata to SARIF (#4020) * docs: fix broken cache link on Installation page (#3999) * fix: lock downloading policies and database (#4017) * fix: avoid concurrent access to the global map (#4014) * feat(rust): add Cargo.lock v3 support (#4012) * feat: auth support oci download server subcommand (#4008) * chore(deps): bump github.com/docker/docker (#4009) * chore: install.sh support for armv7 (#3985) * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=56 --- _service | 2 +- _servicedata | 2 +- trivy-0.39.1.tar.zst | 3 --- trivy-0.40.0.tar.zst | 3 +++ trivy.changes | 27 +++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 ++-- 7 files changed, 35 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.39.1.tar.zst create mode 100644 trivy-0.40.0.tar.zst diff --git a/_service b/_service index f3d49a9..147b6ad 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.39.1 + v0.40.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index be464ed..9c9358e 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - a119ef86ea28b0cbd6ad7708ac1ff64a89bd8034 \ No newline at end of file + b43b19ba54cbf30adfaf98febccef033701a1df3 \ No newline at end of file diff --git a/trivy-0.39.1.tar.zst b/trivy-0.39.1.tar.zst deleted file mode 100644 index 3156789..0000000 --- a/trivy-0.39.1.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:7b3fa84d04e1768092c499edadbd6355192fb270d4b47ad0b6fe98a97daebe49 -size 76724367 diff --git a/trivy-0.40.0.tar.zst b/trivy-0.40.0.tar.zst new file mode 100644 index 0000000..7789b61 --- /dev/null +++ b/trivy-0.40.0.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:1438d1d21cc67ed45d82f725540831ca24f9fc119845cfe68eb2f87cb82b49e1 +size 76730751 diff --git a/trivy.changes b/trivy.changes index 038d1f7..4457f8f 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,30 @@ +------------------------------------------------------------------- +Sun Apr 16 18:05:08 UTC 2023 - dmueller@suse.com + +- Update to version 0.40.0: + * feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026) + * chore(deps): bump actions/stale from 7 to 8 (#3955) + * fix: return insecure option to download javadb (#4064) + * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052) + * ci: add gpg signing for RPM packages (#4056) + * fix(k8s): current context title (#4055) + * fix(k8s): quit support on k8s progress bar (#4021) + * chore: add a note about Dockerfile.canary (#4050) + * ci: fix path to canary binaries (#4045) + * fix(vuln): report architecture for debian packages (#4032) + * feat: add support for Chainguard's commercial distro (#3641) + * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979) + * fix(vuln): fix error message for remote scanners (#4031) + * feat(report): add image metadata to SARIF (#4020) + * docs: fix broken cache link on Installation page (#3999) + * fix: lock downloading policies and database (#4017) + * fix: avoid concurrent access to the global map (#4014) + * feat(rust): add Cargo.lock v3 support (#4012) + * feat: auth support oci download server subcommand (#4008) + * chore(deps): bump github.com/docker/docker (#4009) + * chore: install.sh support for armv7 (#3985) + * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961) + ------------------------------------------------------------------- Thu Apr 13 08:10:58 UTC 2023 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index c8fbb1e..f83c12c 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.39.1 +Version: 0.40.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 0be9da2..6bf1fab 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:938e8a779283a9f285c6bb35eff641d07386607302a26707b9b822a1feefb1c5 -size 18602937 +oid sha256:02729eaeacb2c7766ab96065aaf3c12f78cae80f8c24cea2579a17adbdd7026f +size 18644113 From b634bc69afee3151727b335e7b3747657c6170495352feb8259ba17977c19ae1 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Sun, 16 Apr 2023 19:13:49 +0000 Subject: [PATCH 3/3] OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=57 --- trivy-0.40.0.tar.zst | 4 ++-- trivy.spec | 10 ++-------- vendor.tar.zst | 4 ++-- 3 files changed, 6 insertions(+), 12 deletions(-) diff --git a/trivy-0.40.0.tar.zst b/trivy-0.40.0.tar.zst index 7789b61..b5de803 100644 --- a/trivy-0.40.0.tar.zst +++ b/trivy-0.40.0.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1438d1d21cc67ed45d82f725540831ca24f9fc119845cfe68eb2f87cb82b49e1 -size 76730751 +oid sha256:26a4295308f2a927f422338b81f42b4287dd08bcd8834814073e97a27f2a467e +size 76945308 diff --git a/trivy.spec b/trivy.spec index f83c12c..ae69624 100644 --- a/trivy.spec +++ b/trivy.spec @@ -14,10 +14,8 @@ # Please submit bugfixes or comments via https://bugs.opensuse.org/ # -# nodebuginfo -%global goipath github.com/aquasecurity/trivy Name: trivy Version: 0.40.0 Release: 0 @@ -46,17 +44,13 @@ name of the container. %prep %setup -qa1 -%autopatch -p1 %build -%goprep %{goipath} - export CGO_ENABLED=0 - -%gobuild -mod vendor -ldflags "-X=main.version=%{version}" cmd/trivy +go build -o trivy -mod=vendor -buildmode=pie -trimpath -ldflags "-s -w -X=main.version=%{version}" cmd/trivy/main.go %install -%goinstall +install -D -m 755 trivy %{buildroot}/%{_bindir}/%{name} %files %license LICENSE diff --git a/vendor.tar.zst b/vendor.tar.zst index 6bf1fab..79fa466 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:02729eaeacb2c7766ab96065aaf3c12f78cae80f8c24cea2579a17adbdd7026f -size 18644113 +oid sha256:d7be343b5d750b8fc7db53aa68733003a06759a25c9e95e7a5ace40ac90425b6 +size 18622680