From 7d9d718b33d38e5374b6cf2905ebd9e5f58f652ad805357d83ced644e522df3a Mon Sep 17 00:00:00 2001
From: Dominique Leuenberger <dleuenberger@suse.com>
Date: Mon, 23 May 2022 13:51:56 +0000
Subject: [PATCH] Accepting request 978633 from Virtualization:containers

- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946):
  * fix: remove Highlighted from json output (#2131)
  * fix: remove trivy-kubernetes replace (#2132)
  * docs: Add Operator docs under Kubernetes section (#2111)
  * fix(k8s): security-checks panic (#2127)
  * ci: added k8s scope (#2130)
  * docs: Update misconfig output in examples (#2128)
  * fix(misconf): Fix coloured output in Goland terminal (#2126)
  * docs(secret): Fix default value of --security-checks in docs (#2107)
  * refactor(report): move colorize function from trivy-db (#2122)
  * feat: k8s resource scanning (#2118)
  * chore: add CODEOWNERS (#2121)
  * feat(image): add `--server` option for remote scans (#1871)
  * refactor: k8s (#2116)
  * refactor: export useful APIs (#2108)
  * docs: fix k8s doc (#2114)
  * feat(kubernetes): Add report flag for summary (#2112)
  * fix: Remove problematic advanced rego policies (#2113)
  * feat(misconf): Add special output format for misconfigurations (#2100)
  * feat:  add k8s subcommand (#2065)
  * chore: fix make lint version (#2102)
  * fix(java): handle relative pom modules (#2101)
  * fix(misconf): Add missing links for non-rego misconfig results (#2094)
  * feat(misconf): Added fs.FS based scanning via latest defsec (#2084)
  * chore(deps): bump trivy-issue-action to v0.0.4 (#2091)
  * chore(deps): bump github.com/twitchtv/twirp (#2077)
  * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074)
  * chore(os): updated fanal version and alpine distroless test (#2086)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075)
  * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)

OBS-URL: https://build.opensuse.org/request/show/978633
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=25
---
 _service            |  2 +-
 _servicedata        |  2 +-
 trivy-0.27.1.tar.gz |  3 ---
 trivy-0.28.0.tar.gz |  3 +++
 trivy.changes       | 45 +++++++++++++++++++++++++++++++++++++++++++++
 trivy.spec          |  2 +-
 vendor.tar.gz       |  4 ++--
 7 files changed, 53 insertions(+), 8 deletions(-)
 delete mode 100644 trivy-0.27.1.tar.gz
 create mode 100644 trivy-0.28.0.tar.gz

diff --git a/_service b/_service
index c3eac55..95f0992 100644
--- a/_service
+++ b/_service
@@ -2,7 +2,7 @@
   <service name="tar_scm" mode="disabled">
     <param name="url">https://github.com/aquasecurity/trivy</param>
     <param name="scm">git</param>
-    <param name="revision">v0.27.1</param>
+    <param name="revision">v0.28.0</param>
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="changesgenerate">enable</param>
diff --git a/_servicedata b/_servicedata
index 9e5ffea..99abbf4 100644
--- a/_servicedata
+++ b/_servicedata
@@ -1,4 +1,4 @@
 <servicedata>
 <service name="tar_scm">
                 <param name="url">https://github.com/aquasecurity/trivy</param>
-              <param name="changesrevision">55f29b8fb2d18502cfeadfcacd8d8bb38eabb6c6</param></service></servicedata>
\ No newline at end of file
+              <param name="changesrevision">afe32928436231e6c05602fd15359c7432520167</param></service></servicedata>
\ No newline at end of file
diff --git a/trivy-0.27.1.tar.gz b/trivy-0.27.1.tar.gz
deleted file mode 100644
index c37fd91..0000000
--- a/trivy-0.27.1.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:60f38d3dd8a909623895e7925915f67fcf6afd86a7859abda50eadcbbd7820d2
-size 11306313
diff --git a/trivy-0.28.0.tar.gz b/trivy-0.28.0.tar.gz
new file mode 100644
index 0000000..41f1d12
--- /dev/null
+++ b/trivy-0.28.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f6de9b4ca074827f7a4fac71e244e4e47e7f3e9c038f7e95d443e10c4b479643
+size 14530285
diff --git a/trivy.changes b/trivy.changes
index fb2e5bc..227144a 100644
--- a/trivy.changes
+++ b/trivy.changes
@@ -1,3 +1,48 @@
+-------------------------------------------------------------------
+Mon May 23 06:14:37 UTC 2022 - dmueller@suse.com
+
+- Update to version 0.28.0 (bsc#1199760, CVE-2022-28946):
+  * fix: remove Highlighted from json output (#2131)
+  * fix: remove trivy-kubernetes replace (#2132)
+  * docs: Add Operator docs under Kubernetes section (#2111)
+  * fix(k8s): security-checks panic (#2127)
+  * ci: added k8s scope (#2130)
+  * docs: Update misconfig output in examples (#2128)
+  * fix(misconf): Fix coloured output in Goland terminal (#2126)
+  * docs(secret): Fix default value of --security-checks in docs (#2107)
+  * refactor(report): move colorize function from trivy-db (#2122)
+  * feat: k8s resource scanning (#2118)
+  * chore: add CODEOWNERS (#2121)
+  * feat(image): add `--server` option for remote scans (#1871)
+  * refactor: k8s (#2116)
+  * refactor: export useful APIs (#2108)
+  * docs: fix k8s doc (#2114)
+  * feat(kubernetes): Add report flag for summary (#2112)
+  * fix: Remove problematic advanced rego policies (#2113)
+  * feat(misconf): Add special output format for misconfigurations (#2100)
+  * feat:  add k8s subcommand (#2065)
+  * chore: fix make lint version (#2102)
+  * fix(java): handle relative pom modules (#2101)
+  * fix(misconf): Add missing links for non-rego misconfig results (#2094)
+  * feat(misconf): Added fs.FS based scanning via latest defsec (#2084)
+  * chore(deps): bump trivy-issue-action to v0.0.4 (#2091)
+  * chore(deps): bump github.com/twitchtv/twirp (#2077)
+  * chore(deps): bump github.com/urfave/cli/v2 from 2.4.0 to 2.5.1 (#2074)
+  * chore(os): updated fanal version and alpine distroless test (#2086)
+  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.1 to 0.5.2 (#2075)
+  * chore(deps): bump github.com/samber/lo from 1.16.0 to 1.19.0 (#2076)
+  * feat(report): add support for SPDX (#2059)
+  * chore(deps): bump actions/setup-go from 2 to 3 (#2073)
+  * chore(deps): bump actions/cache from 3.0.1 to 3.0.2 (#2071)
+  * chore(deps): bump golang from 1.18.0 to 1.18.1 (#2069)
+  * chore(deps): bump actions/stale from 4 to 5 (#2070)
+  * chore(deps): bump sigstore/cosign-installer from 2.0.0 to 2.3.0 (#2072)
+  * chore(deps): bump github.com/open-policy-agent/opa from 0.39.0 to 0.40.0 (#2079)
+  * chore: app version 0.27.0 (#2046)
+  * fix(misconf): added to skip conf files if their scanning is not enabled (#2066)
+  * docs(secret) fix rule path in docs (#2061)
+  * docs: change from go.sum to go.mod (#2056)
+
 -------------------------------------------------------------------
 Wed Apr 27 12:40:06 UTC 2022 - kastl@b1-systems.de
 
diff --git a/trivy.spec b/trivy.spec
index bfa2e2b..19b92f1 100644
--- a/trivy.spec
+++ b/trivy.spec
@@ -19,7 +19,7 @@
 
 %global goipath github.com/aquasecurity/trivy
 Name:           trivy
-Version:        0.27.1
+Version:        0.28.0
 Release:        0
 Summary:        A Simple and Comprehensive Vulnerability Scanner for Containers
 License:        Apache-2.0
diff --git a/vendor.tar.gz b/vendor.tar.gz
index 35528fc..a79aba8 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:647114a17ce80a2da0b83fd765c76bca4fbd284f72cb9a877d755a9682ffa7b0
-size 34460802
+oid sha256:ba16ab00fffd9552ee8213cf3bcb9f76c0c9eefb407c2fb85bccb382120fb85d
+size 38537843