diff --git a/_scmsync.obsinfo b/_scmsync.obsinfo index 39f229c..b5b286e 100644 --- a/_scmsync.obsinfo +++ b/_scmsync.obsinfo @@ -1,4 +1,4 @@ -mtime: 1699461074 -commit: e7076f0971c7963534b0ad701267258c921d4720 +mtime: 1701858137 +commit: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c url: https://src.opensuse.org/dirkmueller/trivy.git -revision: e7076f0971c7963534b0ad701267258c921d4720 +revision: 9bcf5b04b8e4b8e4ef33271ecf56c252063a907c diff --git a/_service b/_service index 265ddb2..cb11081 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.47.0 + v0.48.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index a3daa66..446f29c 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - d6df5fbcda878e43e5e02484304726ebe7c6c418 \ No newline at end of file + f2aa9bf3eb31468921491a071be60e9de8fd10bf \ No newline at end of file diff --git a/trivy-0.47.0.tar.zst b/trivy-0.47.0.tar.zst deleted file mode 100644 index e1b4529..0000000 --- a/trivy-0.47.0.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1c412452181b149f9dac4ca3f3d3f44080ff5b61306d246039c950973a393c10 -size 43593249 diff --git a/trivy-0.48.0.tar.zst b/trivy-0.48.0.tar.zst new file mode 100644 index 0000000..02e9e2e --- /dev/null +++ b/trivy-0.48.0.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:72e02feddb8e75a4dbf90a720db37a23475a882b1d47c42f45ea980a15a073f1 +size 36627002 diff --git a/trivy.changes b/trivy.changes index dbe0553..b322f34 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,64 @@ +------------------------------------------------------------------- +Wed Dec 06 10:00:18 UTC 2023 - dmueller@suse.com + +- Update to version 0.48.0: + * chore(deps): bump sigstore/cosign-installer from 4a861528be5e691840a69536975ada1d4c30349d to 1fc5bd396d372bee37d608f955b336615edf79c8 (#5696) + * chore(deps): bump helm/chart-testing-action from 2.4.0 to 2.6.1 (#5694) + * feat: filter k8s core components vuln results (#5713) + * feat(vuln): remove duplicates in Fixed Version (#5596) + * feat(report): output plugin (#4863) + * chore(deps): bump alpine from 3.18.4 to 3.18.5 (#5700) + * chore(deps): bump github.com/google/go-containerregistry from 0.16.1 to 0.17.0 (#5704) + * chore(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.10.1 (#5699) + * chore(deps): bump actions/github-script from 6 to 7 (#5697) + * chore(deps): bump easimon/maximize-build-space from 8 to 9 (#5695) + * docs: typo in modules.md (#5712) + * feat: Add flag to configure node-collector image ref (#5710) + * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azcore from 1.7.1 to 1.9.0 (#5702) + * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.4 to 2.31.0 (#5698) + * chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.3.1 to 1.4.0 (#5706) + * feat(misconf): Add `--misconfig-scanners` option (#5670) + * chore: bump Go to 1.21 (#5662) + * feat: Packagesprops support (#5605) + * chore(deps): Bump up trivy misconf deps (#5656) + * docs: update adopters discussion template (#5632) + * docs: terraform tutorial links updated to point to correct loc (#5661) + * fix(secret): add `sec` and space to secret prefix for `aws-secret-access-key` (#5647) + * fix(nodejs): support protocols for dependency section in yarn.lock files (#5612) + * fix(secret): exclude upper case before secret for `alibaba-access-key-id` (#5618) + * docs: Update Arch Linux package URL in installation.md (#5619) + * chore: add prefix to image errors (#5601) + * docs(vuln): fix link anchor (#5606) + * docs: Add Dagger integration section and cleanup Ecosystem CICD docs page (#5608) + * fix: k8s friendly error messages kbom non cluster scans (#5594) + * feat: set InstalledFiles for DEB and RPM packages (#5488) + * fix(report): use time.Time for CreatedAt (#5598) + * test: retry containerd initialization (#5597) + * feat(misconf): Expose misconf engine debug logs with `--debug` option (#5550) + * test: mock VM walker (#5589) + * chore: bump node-collector v0.0.9 (#5591) + * feat(misconf): Add support for `--cf-params` for CFT (#5507) + * feat(flag): replace '--slow' with '--parallel' (#5572) + * fix(report): add escaping for Sarif format (#5568) + * chore: show a deprecation notice for `--scanners config` (#5587) + * feat(report): Add CreatedAt to the JSON report. (#5542) (#5549) + * test: mock RPM DB (#5567) + * feat: add aliases to '--scanners' (#5558) + * refactor: reintroduce output writer (#5564) + * chore(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 (#5543) + * chore: not load plugins for auto-generating docs (#5569) + * chore: sort supported AWS services (#5570) + * fix: no schedule toleration (#5562) + * fix(cli): set correct `scanners` for `k8s` target (#5561) + * fix(sbom): add `FilesAnalyzed` and `PackageVerificationCode` fields for SPDX (#5533) + * refactor(misconf): Update refactored dependencies (#5245) + * feat(secret): add built-in rule for JWT tokens (#5480) + * fix: trivy k8s parse ecr image with arn (#5537) + * fix: fail k8s resource scanning (#5529) + * refactor(misconf): don't remove Highlighted in json format (#5531) + * docs(k8s): fix link in kubernetes.md (#5524) + * docs(k8s): fix whitespace in list syntax (#5525) + ------------------------------------------------------------------- Tue Nov 07 12:24:51 UTC 2023 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index c032dcb..f875be1 100644 --- a/trivy.spec +++ b/trivy.spec @@ -17,7 +17,7 @@ Name: trivy -Version: 0.47.0 +Version: 0.48.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 4f52007..f7ecf78 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:403b5ab1db08965e058289f3c8b341030284dad937919916853fefdd67bc77d4 -size 19662044 +oid sha256:bdb75ad70fa71fa87e5a68235202078338e75c7b17fa531ddbc84a4c079cadc2 +size 19935033