From a0ae104f7036d9ecf349669f2374caef96242c7389e8ca917042c608db6d59cc Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Thu, 23 Jun 2022 06:02:26 +0000 Subject: [PATCH] Accepting request 984475 from home:ojkastl_buildservice:Branch_Virtualization_containers update to 0.29.1 OBS-URL: https://build.opensuse.org/request/show/984475 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=4 --- _service | 2 +- _servicedata | 2 +- trivy-0.28.0.tar.gz | 3 -- trivy-0.29.1.tar.gz | 3 ++ trivy.changes | 94 +++++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.gz | 4 +- 7 files changed, 102 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.28.0.tar.gz create mode 100644 trivy-0.29.1.tar.gz diff --git a/_service b/_service index 95f0992..2336fd5 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.28.0 + v0.29.1 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 99abbf4..764c945 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - afe32928436231e6c05602fd15359c7432520167 \ No newline at end of file + 6ce9404c167963e3a1581df96b889995994cfdac \ No newline at end of file diff --git a/trivy-0.28.0.tar.gz b/trivy-0.28.0.tar.gz deleted file mode 100644 index 41f1d12..0000000 --- a/trivy-0.28.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:f6de9b4ca074827f7a4fac71e244e4e47e7f3e9c038f7e95d443e10c4b479643 -size 14530285 diff --git a/trivy-0.29.1.tar.gz b/trivy-0.29.1.tar.gz new file mode 100644 index 0000000..c09c42d --- /dev/null +++ b/trivy-0.29.1.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:7b6620b6be17d60a46b2e086b62fda62ae951f08386ca2f3dd128eae0776cd79 +size 12678023 diff --git a/trivy.changes b/trivy.changes index 227144a..9d55b37 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,97 @@ +------------------------------------------------------------------- +Wed Jun 22 11:15:35 UTC 2022 - kastl@b1-systems.de + +- Update to version 0.29.1: + * fix(report): add required fields to the SARIF template (#2341) + * chore: fix spelling errors (#2352) + * Omit Remediation if PrimaryURL is empty (#2006) + * docs(repo): Link to installation documentation in readme shows 404 (#2348) + * feat(alma): support for scanning of modular packages for AlmaLinux (#2347) + +------------------------------------------------------------------- +Wed Jun 22 08:31:01 UTC 2022 - kastl@b1-systems.de + +- Update to version 0.29.0: + * fix(lang): fix dependency graph in client server mode (#2336) + * feat: allow expiration date for .trivyignore entries (#2332) + * feat(lang): add dependency origin graph (#1970) + * docs: update nix installation info (#2331) + * feat: add rbac scanning support (#2328) + * refactor: move WordPress module to another repository (#2329) + * ci: add support for ppc64le (#2281) + * feat: add support for WASM modules (#2195) + * feat(secret): show recommendation for slow scanning (#2051) + * fix(flag): remove --clear-cache flag client mode (#2301) + * fix(java): added check for looping for variable evaluation in pom file (#2322) + * BREAKING(k8s): change CLI API (#2186) + * feat(alpine): add Alpine Linux 3.16 (#2319) + * docs: bump trivy-operator to v0.0.7 (#2320) + * ci: add `go mod tidy` check (#2314) + * chore: run `go mod tidy` (#2313) + * fix: do not exit if one resource is not found (#2311) + * feat(cli): use stderr for all log messages (resolve #381) (#2289) + * test: replace deprecated subcommand client in integration tests (#2308) + * feat: add support for containerd (#2305) + * fix(kubernetes): Support floats in manifest yaml (#2297) + * docs(kubernetes): dead links (#2307) + * chore: add license label (#2304) + * feat(mariner): added support for CBL-Mariner Distroless v2.0 (#2293) + * feat(helm): add pod annotations (#2272) + * refactor: do not import defsec in fanal types package (#2292) + * feat(report): Add misconfiguration support to ASFF report template (#2285) + * test: use images in GHCR (#2275) + * feat(helm): support pod annotations (#2265) + * feat(misconf): Helm chart scanning (#2269) + * docs: Update custom rego policy docs to reflect latest defsec/fanal changes (#2267) + * fix: mask redis credentials when logging (#2264) + * refactor: extract commands Runner interface (#2147) + * chore(deps): bump alpine from 3.15.4 to 3.16.0 (#2234) + * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.5.2 to 0.6.0 (#2245) + * docs: update operator release (#2263) + * chore(deps): bump github.com/urfave/cli/v2 from 2.6.0 to 2.8.1 (#2243) + * feat(redhat): added architecture check (#2172) + * docs: updating links in the docs to work again (#2256) + * docs: fix readme (#2251) + * fix: fixed incorrect CycloneDX output format (#2255) + * chore(deps): bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.3 (#2241) + * chore(deps): bump github.com/samber/lo from 1.19.0 to 1.21.0 (#2242) + * chore(deps): bump goreleaser/goreleaser-action from 2 to 3 (#2240) + * chore(deps): bump docker/setup-buildx-action from 1 to 2 (#2238) + * chore(deps): bump docker/setup-qemu-action from 1 to 2 (#2236) + * chore(deps): bump golang from 1.18.1 to 1.18.2 (#2235) + * chore(deps): bump golangci/golangci-lint-action from 3.1.0 to 3.2.0 (#2237) + * chore(deps): bump docker/login-action from 1 to 2 (#2239) + * chore(deps): bump github.com/hashicorp/go-getter from 1.5.11 to 1.6.1 (#2246) + * refactor(deps): move dependencies to package (#2189) + * fix(report): change github format version to required (#2229) + * docs: update readme (#2110) + * docs: added information about choosing advisory database (#2212) + * chore: update trivy-kubernetes (#2224) + * docs: clarifying parts of the k8s docs and updating links (#2222) + * fix(k8s): timeout error logging (#2179) + * chore(deps): updated fanal after fix AsymmetricPrivateKeys (#2214) + * feat(k8s): add --context flag (#2171) + * fix(k8s): properly instantiate TableWriter (#2175) + * test: fixed integration tests after updating testcontainers to v0.13.0 (#2208) + * chore: update labels (#2197) + * fix(report): fixed panic if all misconf reports were removed in filter (#2188) + * feat(k8s): scan secrets (#2178) + * feat(report): GitHub Dependency Snapshots support (#1522) + * feat(db): added insecure skip tls verify to download trivy db (#2140) + * fix(redhat): always use vulns with fixed version if there is one (#2165) + * chore(redhat): Add support for Red Hat UBI 9. (#2183) + * fix(k8s): update trivy-kubernetes (#2163) + * fix misconfig start line for code quality tpl (#2181) + * fix: update docker/distribution from 2.8.0 to 2.8.1 (#2176) + * docs(vuln): Include GitLab 15.0 integration (#2153) + * docs: fix the operator version (#2167) + * fix(k8s): summary report when when only vulns exit (#2146) + * chore(deps): Update fanal to get defsec v0.58.2 (fixes false positives in ksv038) (#2156) + * perf(misconf): Improve performance when scanning very large files (#2152) + * docs(misconf): Update examples and docs to refer to builtin/defsec instead of appshield (#2150) + * chore(deps): Update fanal (for less verbose code in misconf results) (#2151) + * docs: fixed installation instruction for rhel/centos (#2143) + ------------------------------------------------------------------- Mon May 23 06:14:37 UTC 2022 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index 19b92f1..1362de0 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.28.0 +Version: 0.29.1 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.gz b/vendor.tar.gz index a79aba8..78fbdb1 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:ba16ab00fffd9552ee8213cf3bcb9f76c0c9eefb407c2fb85bccb382120fb85d -size 38537843 +oid sha256:38735b83c20a36f2453d3b2bf42b908b7aa767b1ba54cfe4570d8cbe6a8a48a6 +size 51559020