- Update to version 0.37.0:

* fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=36

_service

@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.36.1</param>
+    <param name="revision">v0.37.0</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>

_servicedata

@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">9039df4993f1e574a4f0a8e630bbeea16dfed10d</param></service></servicedata>
+              <param name="changesrevision">e9d2af91745e92e3928ac492df9a0ab4a6b2c455</param></service></servicedata>

trivy.changes

@@ -1,3 +1,60 @@
+-------------------------------------------------------------------
+Wed Feb 01 12:09:23 UTC 2023 - dmueller@suse.com
+
+- Update to version 0.37.0:
+  * fix(image): close layers (#3517)
+  * refactor: db client changed (#3515)
+  * feat(java): use trivy-java-db to get GAV (#3484)
+  * docs: add note about the limitation in Rekor (#3494)
+  * docs: aggregate targets (#3503)
+  * deps: updates wazero to 1.0.0-pre.8 (#3510)
+  * docs: add alma 9 and rocky 9 to supported os (#3513)
+  * chore(deps): bump defsec to v0.82.9 (#3512)
+  * chore: add missing target labels (#3504)
+  * docs: add java vulnerability page (#3429)
+  * feat(image): add support for Docker CIS Benchmark (#3496)
+  * feat(image): secret scanning on container image config (#3495)
+  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
+  * feat(image): scan misconfigurations in image config (#3437)
+  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
+  * feat(k8s): add node info resource (#3482)
+  * perf(secret): optimize secret scanning memory usage (#3453)
+  * feat: support aliases in CLI flag, env and config (#3481)
+  * fix(k8s): migrate rbac k8s (#3459)
+  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
+  * refactor: rename security-checks to scanners (#3467)
+  * chore: display the troubleshooting URL for the DB denial error (#3474)
+  * docs: yaml tabs to spaces, auto create namespace (#3469)
+  * docs: adding show-and-tell template to GH discussions (#3391)
+  * fix: Fix a temporary file leak in case of error (#3465)
+  * fix(test): sort cyclonedx components (#3468)
+  * docs: fixing spelling mistakes (#3462)
+  * ci: set paths triggering VM tests in PR (#3438)
+  * docs: typo in --skip-files (#3454)
+  * feat(custom-forward): Extended advisory data (#3444)
+  * docs: fix spelling error (#3436)
+  * refactor(image): extend image config analyzer (#3434)
+  * fix(nodejs): add ignore protocols to yarn parser (#3433)
+  * fix(db): check proxy settings when using insecure flag (#3435)
+  * feat(misconf): Fetch policies from OCI registry (#3015)
+  * ci: downgrade Go to 1.18 and use stable and oldstable go versions for unit tests (#3413)
+  * ci: store URLs to Github Releases in RPM repository (#3414)
+  * feat(server): add support of `skip-db-update` flag for hot db update (#3416)
+  * chore(deps): bump github.com/moby/buildkit from v0.10.6 to v0.11.0 (#3411)
+  * fix(image): handle wrong empty layer detection (#3375)
+  * test: fix integration tests for spdx and cycloneDX (#3412)
+  * feat(python): Include Conda packages in SBOMs (#3379)
+  * feat: add support pubspec.lock files for dart (#3344)
+  * fix(image): parsePlatform is failing with UNAUTHORIZED error (#3326)
+  * fix(license): change normalize for GPL-3+-WITH-BISON-EXCEPTION (#3405)
+  * feat(server): log errors on server side (#3397)
+  * chore(deps): bump defsec to address helm vulnerabilities (#3399)
+  * docs: rewrite installation docs and general improvements (#3368)
+  * chore: update code owners (#3393)
+  * chore: test docs separately from code (#3392)
+  * docs: use the formula maintained by Homebrew (#3389)
+  * docs: add `Security Management` section with SonarQube plugin
+
 -------------------------------------------------------------------
 Thu Jan 05 12:08:53 UTC 2023 - dmueller@suse.com
 

trivy.spec

@@ -19,7 +19,7 @@
 
 %global goipath github.com/aquasecurity/trivy
 Name:           trivy
-Version:        0.36.1
+Version:        0.37.0
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0