Accepting request 978633 from Virtualization:containers

- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946):
  * fix: remove Highlighted from json output (#2131)
  * fix: remove trivy-kubernetes replace (#2132)
  * docs: Add Operator docs under Kubernetes section (#2111)
  * fix(k8s): security-checks panic (#2127)
  * ci: added k8s scope (#2130)
  * docs: Update misconfig output in examples (#2128)
  * fix(misconf): Fix coloured output in Goland terminal (#2126)
  * docs(secret): Fix default value of --security-checks in docs (#2107)
  * refactor(report): move colorize function from trivy-db (#2122)
  * feat: k8s resource scanning (#2118)
  * chore: add CODEOWNERS (#2121)
  * feat(image): add `--server` option for remote scans (#1871)
  * refactor: k8s (#2116)
  * refactor: export useful APIs (#2108)
  * docs: fix k8s doc (#2114)
  * feat(kubernetes): Add report flag for summary (#2112)
  * fix: Remove problematic advanced rego policies (#2113)
  * feat(misconf): Add special output format for misconfigurations (#2100)
  * feat:  add k8s subcommand (#2065)
  * chore: fix make lint version (#2102)
  * fix(java): handle relative pom modules (#2101)
  * fix(misconf): Add missing links for non-rego misconfig results (#2094)
  * feat(misconf): Added fs.FS based scanning via latest defsec (#2084)
  * chore(deps): bump trivy-issue-action to v0.0.4 (#2091)
  * chore(deps): bump github.com/twitchtv/twirp (#2077)
  * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074)
  * chore(os): updated fanal version and alpine distroless test (#2086)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075)
  * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)

OBS-URL: https://build.opensuse.org/request/show/978633
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=25

_service

@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.27.1</param>
+    <param name="revision">v0.28.0</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>

_servicedata

@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">55f29b8fb2d18502cfeadfcacd8d8bb38eabb6c6</param></service></servicedata>
+              <param name="changesrevision">afe32928436231e6c05602fd15359c7432520167</param></service></servicedata>

trivy.changes

@@ -1,3 +1,48 @@
+-------------------------------------------------------------------
+Mon May 23 06:14:37 UTC 2022 - dmueller@suse.com
+
+- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946):
+  * fix: remove Highlighted from json output (#2131)
+  * fix: remove trivy-kubernetes replace (#2132)
+  * docs: Add Operator docs under Kubernetes section (#2111)
+  * fix(k8s): security-checks panic (#2127)
+  * ci: added k8s scope (#2130)
+  * docs: Update misconfig output in examples (#2128)
+  * fix(misconf): Fix coloured output in Goland terminal (#2126)
+  * docs(secret): Fix default value of --security-checks in docs (#2107)
+  * refactor(report): move colorize function from trivy-db (#2122)
+  * feat: k8s resource scanning (#2118)
+  * chore: add CODEOWNERS (#2121)
+  * feat(image): add `--server` option for remote scans (#1871)
+  * refactor: k8s (#2116)
+  * refactor: export useful APIs (#2108)
+  * docs: fix k8s doc (#2114)
+  * feat(kubernetes): Add report flag for summary (#2112)
+  * fix: Remove problematic advanced rego policies (#2113)
+  * feat(misconf): Add special output format for misconfigurations (#2100)
+  * feat:  add k8s subcommand (#2065)
+  * chore: fix make lint version (#2102)
+  * fix(java): handle relative pom modules (#2101)
+  * fix(misconf): Add missing links for non-rego misconfig results (#2094)
+  * feat(misconf): Added fs.FS based scanning via latest defsec (#2084)
+  * chore(deps): bump trivy-issue-action to v0.0.4 (#2091)
+  * chore(deps): bump github.com/twitchtv/twirp (#2077)
+  * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074)
+  * chore(os): updated fanal version and alpine distroless test (#2086)
+  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075)
+  * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)
+  * feat(report): add support for SPDX (#2059)
+  * chore(deps): bump actions/setup-go from 2 to 3 (#2073)
+  * chore(deps): bump actions/cache from 3.0.1 to 3.0.2 (#2071)
+  * chore(deps): bump golang from 1.18.0 to 1.18.1 (#2069)
+  * chore(deps): bump actions/stale from 4 to 5 (#2070)
+  * chore(deps): bump sigstore/cosign-installer from 2.0.0 to 2.3.0 (#2072)
+  * chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (#2079)
+  * chore: app version 0.27.0 (#2046)
+  * fix(misconf): added to skip conf files if their scanning is not enabled (#2066)
+  * docs(secret) fix rule path in docs (#2061)
+  * docs: change from go.sum to go.mod (#2056)
+
 -------------------------------------------------------------------
 Wed Apr 27 12:40:06 UTC 2022 - kastl@b1-systems.de
 

trivy.spec

@@ -19,7 +19,7 @@
 
 %global goipath github.com/aquasecurity/trivy
 Name:           trivy
-Version:        0.27.1
+Version:        0.28.0
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0