forked from pool/trivy
Accepting request 1077009 from Virtualization:containers
- Update to version 0.39.0: * docs(cli): added makefile and go file to create docs (#3930) * chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946) * chore: ignore gpg key (#3943) * feat(cyclonedx): support dependency graph (#3177) * chore(deps): Bump defsec to v0.85.0 (#3940) * feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919) * feat(server): redis with public TLS certs support (#3783) * feat(flag): Add glob support to `--skip-dirs` and `--skip-files` (#3866) * chore: replace make with mage (#3932) * fix(sbom): add checksum to files (#3888) * chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928) * chore: remove unused mount volumes (#3927) * feat: add auth support for downloading OCI artifacts (#3915) * refactor(purl): use epoch in qualifier (#3913) * chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727) * feat(image): add registry options (#3906) * feat(rust): dependency tree and line numbers support for cargo lock file (#3746) * chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905) * feat(php): add support for location, licenses and graph for composer.lock files (#3873) * chore(deps): updates wazero to 1.0.0 (#3904) * feat(image): discover SBOM in OCI referrers (#3768) * docs: change cache-dir key in config file (#3897) * fix(sbom): use release and epoch for SPDX package version (#3896) * ci: add gpg signing for RPM packages (#3612) * docs: Update incorrect comment for skip-update flag (#3878) * refactor(misconf): simplify policy filesystem (#3875) * feat(nodejs): parse package.json alongside yarn.lock (#3757) * fix(spdx): add PkgDownloadLocation field (#3879) * fix(report): try to guess direct deps for dependency tree (#3852) OBS-URL: https://build.opensuse.org/request/show/1077009 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=49
This commit is contained in:
commit
6ce1e32625
2
_service
2
_service
@ -2,7 +2,7 @@
|
||||
<service name="tar_scm" mode="disabled">
|
||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="revision">v0.38.3</param>
|
||||
<param name="revision">v0.39.0</param>
|
||||
<param name="versionformat">@PARENT_TAG@</param>
|
||||
<param name="versionrewrite-pattern">v(.*)</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
|
@ -1,4 +1,4 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||
<param name="changesrevision">a12f58be57931c13b5ba9016bc8afd52bd63d3ae</param></service></servicedata>
|
||||
<param name="changesrevision">ed590966a3efdaf6cbb48e34bfb36ea0884e45d8</param></service></servicedata>
|
BIN
trivy-0.38.3.tar.zst
(Stored with Git LFS)
BIN
trivy-0.38.3.tar.zst
(Stored with Git LFS)
Binary file not shown.
BIN
trivy-0.39.0.tar.zst
(Stored with Git LFS)
Normal file
BIN
trivy-0.39.0.tar.zst
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,18 +1,76 @@
|
||||
-------------------------------------------------------------------
|
||||
Mon Apr 03 08:36:44 UTC 2023 - dmueller@suse.com
|
||||
|
||||
- Update to version 0.39.0:
|
||||
* docs(cli): added makefile and go file to create docs (#3930)
|
||||
* chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
|
||||
* chore: ignore gpg key (#3943)
|
||||
* feat(cyclonedx): support dependency graph (#3177)
|
||||
* chore(deps): Bump defsec to v0.85.0 (#3940)
|
||||
* feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
|
||||
* feat(server): redis with public TLS certs support (#3783)
|
||||
* feat(flag): Add glob support to `--skip-dirs` and `--skip-files` (#3866)
|
||||
* chore: replace make with mage (#3932)
|
||||
* fix(sbom): add checksum to files (#3888)
|
||||
* chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
|
||||
* chore: remove unused mount volumes (#3927)
|
||||
* feat: add auth support for downloading OCI artifacts (#3915)
|
||||
* refactor(purl): use epoch in qualifier (#3913)
|
||||
* chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
|
||||
* feat(image): add registry options (#3906)
|
||||
* feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
|
||||
* chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
|
||||
* feat(php): add support for location, licenses and graph for composer.lock files (#3873)
|
||||
* chore(deps): updates wazero to 1.0.0 (#3904)
|
||||
* feat(image): discover SBOM in OCI referrers (#3768)
|
||||
* docs: change cache-dir key in config file (#3897)
|
||||
* fix(sbom): use release and epoch for SPDX package version (#3896)
|
||||
* ci: add gpg signing for RPM packages (#3612)
|
||||
* docs: Update incorrect comment for skip-update flag (#3878)
|
||||
* refactor(misconf): simplify policy filesystem (#3875)
|
||||
* feat(nodejs): parse package.json alongside yarn.lock (#3757)
|
||||
* fix(spdx): add PkgDownloadLocation field (#3879)
|
||||
* fix(report): try to guess direct deps for dependency tree (#3852)
|
||||
* chore(amazon): update EOL (#3876)
|
||||
* fix(nodejs): improvement logic for package-lock.json v2-v3 (#3877)
|
||||
* feat(amazon): add al2023 support (#3854)
|
||||
* chore(deps): bump github.com/cheggaaa/pb/v3 from 3.1.0 to 3.1.2 (#3736)
|
||||
* docs(misconf): Add information about selectors (#3703)
|
||||
* docs(cli): update CLI docs with cobra (#3815)
|
||||
* feat: k8s parallel processing (#3693)
|
||||
* docs: add DefectDojo in the Security Management section (#3871)
|
||||
* chore(deps): updates wazero to 1.0.0-rc.2 (#3853)
|
||||
* refactor: add pipeline (#3868)
|
||||
* feat(cli): add javadb metadata to version info (#3835)
|
||||
* chore(deps): Move compliance types to defsec (#3842)
|
||||
* feat(sbom): add support for CycloneDX JSON Attestation of the correct specification (#3849)
|
||||
* feat: add node toleration option (#3823)
|
||||
* fix: allow mapfs to open dirs (#3867)
|
||||
* fix(report): update uri only for os class targets (#3846)
|
||||
* feat(nodejs): Add v3 npm lock file support (#3826)
|
||||
* feat(nodejs): parse package.json files alongside package-lock.json (#2916)
|
||||
* docs(misconf): Fix links to built in policies (#3841)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Mar 14 09:56:08 UTC 2023 - dmueller@suse.com
|
||||
|
||||
- Update to version 0.38.3:
|
||||
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
|
||||
* fix(java): skip empty files for jar post analyzer (#3832)
|
||||
* fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
|
||||
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2
|
||||
from 1.86.1 to 1.89.1
|
||||
* fix(java): skip empty files for jar post analyzer
|
||||
* fix(docker): build healthcheck command for line without
|
||||
/bin/sh prefix
|
||||
* refactor(license): use goyacc for license parser (#3824)
|
||||
* chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
|
||||
* fix: populate timeout context to node-collector (#3766)
|
||||
* chore(deps): bump github.com/docker/docker from
|
||||
23.0.0-rc.1+incompatible to 23.0.1+incompatible
|
||||
* fix: populate timeout context to node-collector
|
||||
* fix: exclude node collector scanning (#3771)
|
||||
* fix: display correct flag in error message when skipping java db update #3808
|
||||
* fix: display correct flag in error message when skipping
|
||||
java db update #3808
|
||||
* fix: disable jar analyzer for scanners other than vuln (#3810)
|
||||
* fix(sbom): fix incompliant license format for spdx (#3335)
|
||||
* fix(java): the project props take precedence over the parent's props (#3320)
|
||||
* fix(java): the project props take precedence over the
|
||||
parent's props (#3320)
|
||||
* docs: add canary build info to README.md (#3799)
|
||||
* docs: adding link to gh token generation (#3784)
|
||||
* docs: changing docs in accordance with #3460 (#3787)
|
||||
|
@ -19,7 +19,7 @@
|
||||
|
||||
%global goipath github.com/aquasecurity/trivy
|
||||
Name: trivy
|
||||
Version: 0.38.3
|
||||
Version: 0.39.0
|
||||
Release: 0
|
||||
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
|
||||
License: Apache-2.0
|
||||
|
BIN
vendor.obscpio
(Stored with Git LFS)
Normal file
BIN
vendor.obscpio
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
vendor.tar.zst
(Stored with Git LFS)
BIN
vendor.tar.zst
(Stored with Git LFS)
Binary file not shown.
Loading…
Reference in New Issue
Block a user