1
0
forked from pool/trivy
Commit Graph

82 Commits

Author SHA256 Message Date
Dominique Leuenberger
eb585e3918 Accepting request 1083465 from Virtualization:containers
- Update to version 0.41.0:
  * fix(spdx): add workaround for no src packages (#4118)
  * test(golang): rename broken go.mod (#4129)
  * feat(sbom): add supplier field (#4122)
  * test(misconf): skip downloading of policies for tests #4126
  * refactor: use debug message for post-analyze errors (#4037)
  * feat(sbom): add VEX support (#4053)
  * feat(sbom): add primary package purpose field for SPDX (#4119)
  * fix(k8s): fix quiet flag (#4120)
  * fix(python): parse of pip extras (#4103)
  * feat(java): use full path for nested jars (#3992)
  * feat(license): add new flag for classifier confidence level (#4073)
  * feat: config and fs compliance support (#4097)
  * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952)
  * feat(spdx): add support for SPDX 2.3 (#4058)
  * fix: k8s all-namespaces support (#4096)
  * perf(misconf): replace with post-analyzers (#4090)
  * fix(helm): update networking API version detection (#4106)
  * feat(image): custom docker host option (#3599)
  * style: debug flag is incorrect and needs extra - (#4087)
  * docs(vuln): Document inline vulnerability filtering comments (#4024)
  * feat(fs): customize error callback during fs walk (#4038)
  * fix(ubuntu): skip copyright files from subfolders (#4076)
  * docs: restructure scanners (#3977)
  * fix: fix `file does not exist` error for post-analyzers (#4061)

OBS-URL: https://build.opensuse.org/request/show/1083465
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=51
2023-04-28 14:23:54 +00:00
c266b89032 - Update to version 0.41.0:
* fix(spdx): add workaround for no src packages (#4118)
  * test(golang): rename broken go.mod (#4129)
  * feat(sbom): add supplier field (#4122)
  * test(misconf): skip downloading of policies for tests #4126
  * refactor: use debug message for post-analyze errors (#4037)
  * feat(sbom): add VEX support (#4053)
  * feat(sbom): add primary package purpose field for SPDX (#4119)
  * fix(k8s): fix quiet flag (#4120)
  * fix(python): parse of pip extras (#4103)
  * feat(java): use full path for nested jars (#3992)
  * feat(license): add new flag for classifier confidence level (#4073)
  * feat: config and fs compliance support (#4097)
  * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952)
  * feat(spdx): add support for SPDX 2.3 (#4058)
  * fix: k8s all-namespaces support (#4096)
  * perf(misconf): replace with post-analyzers (#4090)
  * fix(helm): update networking API version detection (#4106)
  * feat(image): custom docker host option (#3599)
  * style: debug flag is incorrect and needs extra - (#4087)
  * docs(vuln): Document inline vulnerability filtering comments (#4024)
  * feat(fs): customize error callback during fs walk (#4038)
  * fix(ubuntu): skip copyright files from subfolders (#4076)
  * docs: restructure scanners (#3977)
  * fix: fix `file does not exist` error for post-analyzers (#4061)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=59
2023-04-28 07:52:09 +00:00
Dominique Leuenberger
6041e60ad2 Accepting request 1079785 from Virtualization:containers
- Update to version 0.40.0:
  * feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026)
  * chore(deps): bump actions/stale from 7 to 8 (#3955)
  * fix: return insecure option to download javadb (#4064)
  * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052)
  * ci: add gpg signing for RPM packages (#4056)
  * fix(k8s): current context title (#4055)
  * fix(k8s): quit support on k8s progress bar (#4021)
  * chore: add a note about Dockerfile.canary (#4050)
  * ci: fix path to canary binaries (#4045)
  * fix(vuln): report architecture for debian packages (#4032)
  * feat: add support for Chainguard's commercial distro (#3641)
  * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979)
  * fix(vuln): fix error message for remote scanners (#4031)
  * feat(report): add image metadata to SARIF (#4020)
  * docs: fix broken cache link on Installation page (#3999)
  * fix: lock downloading policies and database (#4017)
  * fix: avoid concurrent access to the global map (#4014)
  * feat(rust): add Cargo.lock v3 support (#4012)
  * feat: auth support oci download server subcommand (#4008)
  * chore(deps): bump github.com/docker/docker (#4009)
  * chore: install.sh support for armv7 (#3985)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961)

- Update to version 0.39.1:
  * fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997)
  * fix(sbom): fix infinite loop for cyclonedx (#3998)
  * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954)
  * fix: use warning for errors from enrichment files for post-analyzers (#3972)
  * chore(deps): bump github.com/docker/docker (#3963)

OBS-URL: https://build.opensuse.org/request/show/1079785
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=50
2023-04-17 15:41:01 +00:00
b634bc69af OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=57 2023-04-16 19:13:49 +00:00
1c04f09b2d - Update to version 0.40.0:
* feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026)
  * chore(deps): bump actions/stale from 7 to 8 (#3955)
  * fix: return insecure option to download javadb (#4064)
  * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052)
  * ci: add gpg signing for RPM packages (#4056)
  * fix(k8s): current context title (#4055)
  * fix(k8s): quit support on k8s progress bar (#4021)
  * chore: add a note about Dockerfile.canary (#4050)
  * ci: fix path to canary binaries (#4045)
  * fix(vuln): report architecture for debian packages (#4032)
  * feat: add support for Chainguard's commercial distro (#3641)
  * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979)
  * fix(vuln): fix error message for remote scanners (#4031)
  * feat(report): add image metadata to SARIF (#4020)
  * docs: fix broken cache link on Installation page (#3999)
  * fix: lock downloading policies and database (#4017)
  * fix: avoid concurrent access to the global map (#4014)
  * feat(rust): add Cargo.lock v3 support (#4012)
  * feat: auth support oci download server subcommand (#4008)
  * chore(deps): bump github.com/docker/docker (#4009)
  * chore: install.sh support for armv7 (#3985)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=56
2023-04-16 18:11:29 +00:00
a9593f7bd8 - Update to version 0.39.1:
* fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997)
  * fix(sbom): fix infinite loop for cyclonedx (#3998)
  * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954)
  * fix: use warning for errors from enrichment files for post-analyzers (#3972)
  * chore(deps): bump github.com/docker/docker (#3963)
  * fix(helm): added annotation to psp configurable from values (#3893)
  * chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962)
  * fix(secret): update built-in rule `tests`  (#3855)
  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957)
  * test: rewrite scripts in Go (#3968)
  * docs(cli): Improve glob documentation (#3945)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959)
  * ci: check CLI references (#3967)
  * chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956)
  * chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958)
  * chore(deps): bump actions/setup-go from 3 to 4 (#3953)
  * chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950)
  * chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965)
  * chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=55
2023-04-13 09:17:33 +00:00
Dominique Leuenberger
6ce1e32625 Accepting request 1077009 from Virtualization:containers
- Update to version 0.39.0:
  * docs(cli): added makefile and go file to create docs (#3930)
  * chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  * chore: ignore gpg key (#3943)
  * feat(cyclonedx): support dependency graph (#3177)
  * chore(deps): Bump defsec to v0.85.0 (#3940)
  * feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  * feat(server): redis with public TLS certs support (#3783)
  * feat(flag): Add glob support to `--skip-dirs` and `--skip-files`  (#3866)
  * chore: replace make with mage (#3932)
  * fix(sbom): add checksum to files (#3888)
  * chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  * chore: remove unused mount volumes (#3927)
  * feat: add auth support for downloading OCI artifacts (#3915)
  * refactor(purl): use epoch in qualifier (#3913)
  * chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  * feat(image): add registry options (#3906)
  * feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  * chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  * feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  * chore(deps): updates wazero to 1.0.0 (#3904)
  * feat(image): discover SBOM in OCI referrers (#3768)
  * docs: change cache-dir key in config file (#3897)
  * fix(sbom): use release and epoch for SPDX package version (#3896)
  * ci: add gpg signing for RPM packages (#3612)
  * docs: Update incorrect comment for skip-update flag (#3878)
  * refactor(misconf): simplify policy filesystem (#3875)
  * feat(nodejs): parse package.json alongside yarn.lock (#3757)
  * fix(spdx): add PkgDownloadLocation field (#3879)
  * fix(report): try to guess direct deps for dependency tree (#3852)

OBS-URL: https://build.opensuse.org/request/show/1077009
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=49
2023-04-03 16:11:13 +00:00
062c4c4519 - Update to version 0.39.0:
* docs(cli): added makefile and go file to create docs (#3930)
  * chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  * chore: ignore gpg key (#3943)
  * feat(cyclonedx): support dependency graph (#3177)
  * chore(deps): Bump defsec to v0.85.0 (#3940)
  * feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  * feat(server): redis with public TLS certs support (#3783)
  * feat(flag): Add glob support to `--skip-dirs` and `--skip-files`  (#3866)
  * chore: replace make with mage (#3932)
  * fix(sbom): add checksum to files (#3888)
  * chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  * chore: remove unused mount volumes (#3927)
  * feat: add auth support for downloading OCI artifacts (#3915)
  * refactor(purl): use epoch in qualifier (#3913)
  * chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  * feat(image): add registry options (#3906)
  * feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  * chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  * feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  * chore(deps): updates wazero to 1.0.0 (#3904)
  * feat(image): discover SBOM in OCI referrers (#3768)
  * docs: change cache-dir key in config file (#3897)
  * fix(sbom): use release and epoch for SPDX package version (#3896)
  * ci: add gpg signing for RPM packages (#3612)
  * docs: Update incorrect comment for skip-update flag (#3878)
  * refactor(misconf): simplify policy filesystem (#3875)
  * feat(nodejs): parse package.json alongside yarn.lock (#3757)
  * fix(spdx): add PkgDownloadLocation field (#3879)
  * fix(report): try to guess direct deps for dependency tree (#3852)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=53
2023-04-03 12:32:29 +00:00
Dominique Leuenberger
f3ea202720 Accepting request 1071463 from Virtualization:containers
- Update to version 0.38.3:
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
  * fix(java): skip empty files for jar post analyzer (#3832)
  * fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
  * refactor(license): use goyacc for license parser (#3824)
  * chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
  * fix: populate timeout context to node-collector (#3766)
  * fix: exclude node collector scanning (#3771)
  * fix: display correct flag in error message when skipping java db update #3808
  * fix: disable jar analyzer for scanners other than vuln (#3810)
  * fix(sbom): fix incompliant license format for spdx (#3335)
  * fix(java): the project props take precedence over the parent's props (#3320)
  * docs: add canary build info to README.md (#3799)
  * docs: adding link to gh token generation (#3784)
  * docs: changing docs in accordance with #3460 (#3787)

OBS-URL: https://build.opensuse.org/request/show/1071463
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=48
2023-03-14 17:17:29 +00:00
12518195d5 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=51 2023-03-14 10:01:30 +00:00
b319fb593e - Update to version 0.38.3:
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
  * fix(java): skip empty files for jar post analyzer (#3832)
  * fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
  * refactor(license): use goyacc for license parser (#3824)
  * chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
  * fix: populate timeout context to node-collector (#3766)
  * fix: exclude node collector scanning (#3771)
  * fix: display correct flag in error message when skipping java db update #3808
  * fix: disable jar analyzer for scanners other than vuln (#3810)
  * fix(sbom): fix incompliant license format for spdx (#3335)
  * fix(java): the project props take precedence over the parent's props (#3320)
  * docs: add canary build info to README.md (#3799)
  * docs: adding link to gh token generation (#3784)
  * docs: changing docs in accordance with #3460 (#3787)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=50
2023-03-14 09:57:08 +00:00
Dominique Leuenberger
df40ca50c6 Accepting request 1070155 from Virtualization:containers
- Update to version 0.38.2:
  * chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
  * chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
  * fix(license): disable jar analyzer for licence scan only (#3780)
  * bump trivy-issue-action to v0.0.0; skip `pkg` dir (#3781)
  * fix: skip checking dirs for required post-analyzers (#3773)
  * docs: add information about plugin format (#3749)
  * fix(sbom): add trivy version to spdx creators tool field (#3756)

OBS-URL: https://build.opensuse.org/request/show/1070155
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=47
2023-03-08 13:54:13 +00:00
18a2b0893a - Update to version 0.38.2:
* chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
  * chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
  * fix(license): disable jar analyzer for licence scan only (#3780)
  * bump trivy-issue-action to v0.0.0; skip `pkg` dir (#3781)
  * fix: skip checking dirs for required post-analyzers (#3773)
  * docs: add information about plugin format (#3749)
  * fix(sbom): add trivy version to spdx creators tool field (#3756)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=48
2023-03-08 11:07:56 +00:00
Dominique Leuenberger
344e252b74 Accepting request 1069011 from Virtualization:containers
- Update to version 0.38.1:
  * feat(misconf): Add support to show policy bundle version (#3743)
  * fix(python): fix error with optional dependencies in pyproject.toml (#3741)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.212 (#3740)
  * add id for package.json files (#3750)
  * chore(deps): bump github.com/containerd/containerd from 1.6.18 to 1.6.19 (#3738)
  * chore(deps): bump actions/cache from 3.2.4 to 3.2.6 (#3725)
  * chore(deps): bump github.com/google/go-containerregistry (#3731)
  * chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 (#3732)
  * chore(deps): bump alpine from 3.17.1 to 3.17.2 (#3723)

OBS-URL: https://build.opensuse.org/request/show/1069011
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=46
2023-03-02 22:04:42 +00:00
a65dfd33d7 - Update to version 0.38.1:
* feat(misconf): Add support to show policy bundle version (#3743)
  * fix(python): fix error with optional dependencies in pyproject.toml (#3741)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.212 (#3740)
  * add id for package.json files (#3750)
  * chore(deps): bump github.com/containerd/containerd from 1.6.18 to 1.6.19 (#3738)
  * chore(deps): bump actions/cache from 3.2.4 to 3.2.6 (#3725)
  * chore(deps): bump github.com/google/go-containerregistry (#3731)
  * chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 (#3732)
  * chore(deps): bump alpine from 3.17.1 to 3.17.2 (#3723)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=46
2023-03-02 17:38:57 +00:00
Dominique Leuenberger
a92041049c Accepting request 1068414 from Virtualization:containers
- Update to version 0.38.0:
  * fix(cli): pass integer to exit-on-eol (#3716)
  * feat: add kubernetes pss compliance (#3498)
  * feat: Adding --module-dir and --enable-modules (#3677)
  * feat: add special IDs for filtering secrets (#3702)
  * chore(deps): Update defsec (#3713)
  * docs(misconf): Add guide on input schema (#3692)
  * feat(go): support dependency graph and show only direct dependencies in the tree (#3691)
  * feat: docker multi credential support (#3631)
  * feat: summarize vulnerabilities in compliance reports (#3651)
  * feat(python): parse pyproject.toml alongside poetry.lock (#3695)
  * feat(python): add dependency tree for poetry lock file (#3665)
  * fix(cyclonedx): incompliant affect ref (#3679)
  * chore(helm): update skip-db-update environment variable (#3657)
  * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675)
  * fix(sbom): export empty dependencies in CycloneDX (#3664)
  * docs: java-db air-gap doc tweaks (#3561)
  * feat(go): license support (#3683)
  * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669)
  * fix(k8s): k8s label size (#3678)
  * fix(cyclondx): fix array empty value, null to [] (#3676)
  * refactor: rewrite gomod analyzer as post-analyzer (#3674)
  * feat: config outdated-api result filtered by k8s version (#3578)
  * fix: Update to Alpine 3.17.2 (#3655)
  * feat: add support for virtual files (#3654)
  * feat: add post-analyzers (#3640)
  * chore(deps): updates wazero to 1.0.0-pre.9 (#3653)
  * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528)
  * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633)
  * feat(python): add dependency locations for Pipfile.lock (#3614)

OBS-URL: https://build.opensuse.org/request/show/1068414
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=45
2023-03-01 15:14:41 +00:00
4e5f1d07de - Update to version 0.38.0:
* fix(cli): pass integer to exit-on-eol (#3716)
  * feat: add kubernetes pss compliance (#3498)
  * feat: Adding --module-dir and --enable-modules (#3677)
  * feat: add special IDs for filtering secrets (#3702)
  * chore(deps): Update defsec (#3713)
  * docs(misconf): Add guide on input schema (#3692)
  * feat(go): support dependency graph and show only direct dependencies in the tree (#3691)
  * feat: docker multi credential support (#3631)
  * feat: summarize vulnerabilities in compliance reports (#3651)
  * feat(python): parse pyproject.toml alongside poetry.lock (#3695)
  * feat(python): add dependency tree for poetry lock file (#3665)
  * fix(cyclonedx): incompliant affect ref (#3679)
  * chore(helm): update skip-db-update environment variable (#3657)
  * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675)
  * fix(sbom): export empty dependencies in CycloneDX (#3664)
  * docs: java-db air-gap doc tweaks (#3561)
  * feat(go): license support (#3683)
  * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669)
  * fix(k8s): k8s label size (#3678)
  * fix(cyclondx): fix array empty value, null to [] (#3676)
  * refactor: rewrite gomod analyzer as post-analyzer (#3674)
  * feat: config outdated-api result filtered by k8s version (#3578)
  * fix: Update to Alpine 3.17.2 (#3655)
  * feat: add support for virtual files (#3654)
  * feat: add post-analyzers (#3640)
  * chore(deps): updates wazero to 1.0.0-pre.9 (#3653)
  * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528)
  * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633)
  * feat(python): add dependency locations for Pipfile.lock (#3614)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=44
2023-03-01 10:45:59 +00:00
Dominique Leuenberger
4cbfab8f24 Accepting request 1065886 from Virtualization:containers
- Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
  * chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/request/show/1065886
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=44
2023-02-15 12:40:59 +00:00
d2c9e8e17e - Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
* chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=42
2023-02-15 08:41:42 +00:00
Dominique Leuenberger
dc4d8d93e4 Accepting request 1064170 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1064170
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=43
2023-02-10 13:35:48 +00:00
2ec944171e Accepting request 1064149 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.37.2

OBS-URL: https://build.opensuse.org/request/show/1064149
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=40
2023-02-10 08:08:46 +00:00
Dominique Leuenberger
9cc6d7280d Accepting request 1062489 from Virtualization:containers
- Update to version 0.37.1:
  * fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/request/show/1062489
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=42
2023-02-02 17:08:30 +00:00
d95d3d3fa3 - Update to version 0.37.1:
* fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=38
2023-02-01 16:22:25 +00:00
Dominique Leuenberger
12108ca998 Accepting request 1062442 from Virtualization:containers
- Update to version 0.37.0:
  * fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/request/show/1062442
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=41
2023-02-01 15:40:02 +00:00
672c04bdc6 - Update to version 0.37.0:
* fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=36
2023-02-01 12:11:50 +00:00
Dominique Leuenberger
e17d52e94b Accepting request 1056176 from Virtualization:containers
- Update to version 0.36.1:
  * fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/request/show/1056176
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=40
2023-01-05 14:01:38 +00:00
8feee24f2e - Update to version 0.36.1:
* fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=34
2023-01-05 12:15:28 +00:00
Dominique Leuenberger
dd42ed5832 Accepting request 1046089 from Virtualization:containers
- Update to version 0.36.0:
  * docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/request/show/1046089
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=39
2023-01-02 14:02:13 +00:00
4e05e2e98d - Update to version 0.36.0:
* docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 08:37:03 +00:00
Dominique Leuenberger
f211ec832b Accepting request 1038587 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1038587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=38
2022-11-28 10:07:24 +00:00
83b7bc68d6 Accepting request 1038580 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.35.0

OBS-URL: https://build.opensuse.org/request/show/1038580
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=30
2022-11-28 08:09:58 +00:00
Dominique Leuenberger
d33073e8fe Accepting request 1034128 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1034128
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=37
2022-11-07 12:51:58 +00:00
2f67d2596c Accepting request 1032484 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.34.0

OBS-URL: https://build.opensuse.org/request/show/1032484
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=28
2022-11-07 10:10:13 +00:00
Dominique Leuenberger
7e3a352f9b Accepting request 1031258 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1031258
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=36
2022-10-26 10:31:55 +00:00
1afcdaafd3 Accepting request 1031236 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.33.0

OBS-URL: https://build.opensuse.org/request/show/1031236
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=26
2022-10-26 06:33:34 +00:00
Richard Brown
4fdf8b2cf9 Accepting request 1006699 from Virtualization:containers
- Update to version 0.32.1:
  * fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
  * chore: expat lib and go binary deps vulns (#2940)
  * wasm: Removes accidentally exported memory (#2950)
  * fix(sbom): fix package name separation for gradle (#2906)
  * docs(readme.md): fix broken integrations link (#2931)
  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
  * fix(cli): split env values with ',' for slice flags (#2926)
  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
  * fix(flag): add file-patterns flag for config subcommand (#2925)
  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)

OBS-URL: https://build.opensuse.org/request/show/1006699
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=35
2022-09-29 16:13:00 +00:00
a79a01c42a - Update to version 0.32.1:
* fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
  * chore: expat lib and go binary deps vulns (#2940)
  * wasm: Removes accidentally exported memory (#2950)
  * fix(sbom): fix package name separation for gradle (#2906)
  * docs(readme.md): fix broken integrations link (#2931)
  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
  * fix(cli): split env values with ',' for slice flags (#2926)
  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
  * fix(flag): add file-patterns flag for config subcommand (#2925)
  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=24
2022-09-28 14:07:00 +00:00
Dominique Leuenberger
5b94be79db Accepting request 1004582 from Virtualization:containers
- Update to version 0.32.0:
  * docs: add Rekor SBOM attestation scanning (#2893)
  * chore: narrow the owner scope (#2894)
  * fix: remove a patch number from the recommendation link (#2891)
  * fix: enable parsing of UUID-only rekor entry ID (#2887)
  * docs(sbom): add SPDX scanning (#2885)
  * docs: restructure docs and add tutorials (#2883)
  * feat(sbom): scan sbom attestation in the rekor record (#2699)
  * feat(k8s): support outdated-api (#2877)
  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
  * fix(c): support revisions in Conan parser (#2878)
  * feat: dynamic links support for scan results (#2838)
  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
  * docs: update archlinux commands (#2876)
  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
  * feat(sbom): Add unmarshal for spdx (#2868)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
  * fix: revert asff arn and add documentation (#2852)
  * docs: batch-import-findings limit (#2851)
  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
  * feat(sbom): Add marshal for spdx (#2867)
  * build: checkout before setting up Go (#2873)
  * chore: bump Go to 1.19 (#2861)
  * docs: azure doc and trivy (#2869)
  * fix: Scan tarr'd dependencies (#2857)
  * chore(helm): helm test with ingress (#2630)
  * feat(report): add secrets to sarif format (#2820)
  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
  * refactor: add a new interface for initializing analyzers (#2835)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)

OBS-URL: https://build.opensuse.org/request/show/1004582
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=34
2022-09-19 14:03:24 +00:00
c7371b4a31 - Update to version 0.32.0:
* docs: add Rekor SBOM attestation scanning (#2893)
  * chore: narrow the owner scope (#2894)
  * fix: remove a patch number from the recommendation link (#2891)
  * fix: enable parsing of UUID-only rekor entry ID (#2887)
  * docs(sbom): add SPDX scanning (#2885)
  * docs: restructure docs and add tutorials (#2883)
  * feat(sbom): scan sbom attestation in the rekor record (#2699)
  * feat(k8s): support outdated-api (#2877)
  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
  * fix(c): support revisions in Conan parser (#2878)
  * feat: dynamic links support for scan results (#2838)
  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
  * docs: update archlinux commands (#2876)
  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
  * feat(sbom): Add unmarshal for spdx (#2868)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
  * fix: revert asff arn and add documentation (#2852)
  * docs: batch-import-findings limit (#2851)
  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
  * feat(sbom): Add marshal for spdx (#2867)
  * build: checkout before setting up Go (#2873)
  * chore: bump Go to 1.19 (#2861)
  * docs: azure doc and trivy (#2869)
  * fix: Scan tarr'd dependencies (#2857)
  * chore(helm): helm test with ingress (#2630)
  * feat(report): add secrets to sarif format (#2820)
  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
  * refactor: add a new interface for initializing analyzers (#2835)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=22
2022-09-19 07:30:12 +00:00
Dominique Leuenberger
1f66325805 Accepting request 1001263 from Virtualization:containers
- Update to version 0.31.3:
  * fix: handle empty OS family (#2768)
  * fix: fix k8s summary report (#2777)
  * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767)
  * chore: bump trivy-kubernetes (#2770)
  * fix(secret): Consider secrets in rpc calls (#2753)
  * fix(java): check depManagement from upper pom's (#2747)
  * fix(php): skip `composer.lock` inside `vendor` folder (#2718)
  * fix: fix k8s rbac filter (#2765)
  * feat(misconf): skipping misconfigurations by AVD ID (#2743)
  * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741)
  * docs: add MacPorts install instructions (#2727)
  * docs: typo (#2730)

OBS-URL: https://build.opensuse.org/request/show/1001263
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=33
2022-09-05 19:22:17 +00:00
aede81fb2f - Update to version 0.31.3:
* fix: handle empty OS family (#2768)
  * fix: fix k8s summary report (#2777)
  * fix: don't skip packages that don't contain vulns, when using --list-all-pkgs flag (#2767)
  * chore: bump trivy-kubernetes (#2770)
  * fix(secret): Consider secrets in rpc calls (#2753)
  * fix(java): check depManagement from upper pom's (#2747)
  * fix(php): skip `composer.lock` inside `vendor` folder (#2718)
  * fix: fix k8s rbac filter (#2765)
  * feat(misconf): skipping misconfigurations by AVD ID (#2743)
  * chore(deps): Upgrade Alpine to 3.16.2 to fix zlib issue (#2741)
  * docs: add MacPorts install instructions (#2727)
  * docs: typo (#2730)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=20
2022-09-05 12:17:06 +00:00
Richard Brown
e79e15f419 Accepting request 997437 from Virtualization:containers
- Update to version 0.31.2:
  * fix: Correctly handle recoverable AWS scanning errors (#2726)
  * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721)

- Update to version 0.31.1:
  * fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)

OBS-URL: https://build.opensuse.org/request/show/997437
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=32
2022-08-17 16:16:48 +00:00
777f4f2773 - Update to version 0.31.2:
* fix: Correctly handle recoverable AWS scanning errors (#2726)
  * docs: Remove reference to SecurityAudit policy for AWS scanning (#2721)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=18
2022-08-16 19:37:39 +00:00
Dominique Leuenberger
03700ff45e Accepting request 997334 from Virtualization:containers
- Update to version 0.31.0:
  * fix(flag): add error when there are no supported security checks (#2713)
  * fix(vuln): continue scanning when no vuln found in the first application (#2712)
  * revert: add new classes for vulnerabilities (#2701)
  * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
  * fix(cli): secret scanning perf link fix (#2607)
  * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
  * feat: Add AWS Cloud scanning (#2493)
  * docs: specify the type when verifying an attestation (#2697)
  * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
  * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
  * feat(rust): Add support for cargo-auditable (#2675)
  * feat: Support passing value overrides for configuration checks (#2679)
  * feat(sbom): add support for scanning a sbom attestation (#2652)
  * chore(image): skip symlinks and hardlinks from tar scan (#2634)
  * fix(report): Update junit.tpl (#2677)
  * fix(cyclonedx): add nil check to metadata.component (#2673)
  * docs(secret): fix missing and broken links (#2674)
  * refactor(cyclonedx): implement json.Unmarshaler (#2662)
  * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
  * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
  * feat(kubernetes): add option to specify kubeconfig file path (#2576)
  * docs:  follow Debian's "instructions to connect to a third-party repository" (#2511)
  * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
  * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
  * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
  * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
  * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
  * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)

OBS-URL: https://build.opensuse.org/request/show/997334
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=31
2022-08-16 15:08:19 +00:00
481673a33f - Update to version 0.31.1:
* fix: upgrade defsec to v0.71.7 for elb scan panic (#2720)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=16
2022-08-16 13:34:38 +00:00
c72c54c5e4 - Update to version 0.31.0:
* fix(flag): add error when there are no supported security checks (#2713)
  * fix(vuln): continue scanning when no vuln found in the first application (#2712)
  * revert: add new classes for vulnerabilities (#2701)
  * feat(secret): detect secrets removed or overwritten in upper layer (#2611)
  * fix(cli): secret scanning perf link fix (#2607)
  * chore(deps): bump github.com/spf13/viper from 1.8.1 to 1.12.0 (#2650)
  * feat: Add AWS Cloud scanning (#2493)
  * docs: specify the type when verifying an attestation (#2697)
  * docs(sbom): improve SBOM docs by adding a description for scanning SBOM attestation (#2690)
  * fix(rpc): scanResponse rpc conversion for custom resources (#2692)
  * feat(rust): Add support for cargo-auditable (#2675)
  * feat: Support passing value overrides for configuration checks (#2679)
  * feat(sbom): add support for scanning a sbom attestation (#2652)
  * chore(image): skip symlinks and hardlinks from tar scan (#2634)
  * fix(report): Update junit.tpl (#2677)
  * fix(cyclonedx): add nil check to metadata.component (#2673)
  * docs(secret): fix missing and broken links (#2674)
  * refactor(cyclonedx): implement json.Unmarshaler (#2662)
  * chore(deps): bump github.com/aquasecurity/table from 1.6.0 to 1.7.2 (#2643)
  * chore(deps): bump github.com/Azure/go-autorest/autorest (#2642)
  * feat(kubernetes): add option to specify kubeconfig file path (#2576)
  * docs:  follow Debian's "instructions to connect to a third-party repository" (#2511)
  * chore(deps): bump github.com/google/licenseclassifier/v2 (#2644)
  * chore(deps): bump github.com/samber/lo from 1.24.0 to 1.27.0 (#2645)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#2647)
  * chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.8 to 3.1.0 (#2646)
  * chore(deps): bump sigstore/cosign-installer from 2.4.1 to 2.5.0 (#2641)
  * chore(deps): bump actions/cache from 3.0.4 to 3.0.5 (#2640)
  * chore(deps): bump alpine from 3.16.0 to 3.16.1 (#2639)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=15
2022-08-16 12:09:06 +00:00
Richard Brown
3722eed277 Accepting request 991385 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/991385
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=30
2022-07-28 18:58:33 +00:00
7a3aec4740 Accepting request 991366 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.4

OBS-URL: https://build.opensuse.org/request/show/991366
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=13
2022-07-27 13:15:36 +00:00
Richard Brown
5bf22dde6a Accepting request 990668 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/990668
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=29
2022-07-22 17:20:31 +00:00
2625ca5f8f Accepting request 990661 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.30.2

OBS-URL: https://build.opensuse.org/request/show/990661
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=11
2022-07-22 11:25:22 +00:00