trivy/trivy.spec

61 lines
2.0 KiB
RPMSpec
Raw Normal View History

#
# spec file for package trivy
#
- Update to version 0.36.0: * docs: improve compliance docs (#3340) * feat(deps): add yarn lock dependency tree (#3348) * fix: compliance change id and title naming (#3349) * feat: add support for mix.lock files for elixir language (#3328) * feat: add k8s cis bench (#3315) * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322) * revert: cache merged layers (#3334) * feat(cyclonedx): add recommendation (#3336) * feat(ubuntu): added support ubuntu ESM versions (#1893) * fix: change logic to build relative paths for skip-dirs and skip-files (#3331) * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265) * feat: Adding support for Windows testing (#3037) * feat: add support for Alpine 3.17 (#3319) * docs: change PodFile.lock to Podfile.lock (#3318) * fix(sbom): support for the detection of old CycloneDX predicate type (#3316) * feat(secret): Use .trivyignore for filtering secret scanning result (#3312) * chore(go): remove experimental FS API usage in Wasm (#3299) * ci: add workflow to add issues to roadmap project (#3292) * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275) * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250) * feat(sbom): better support for third-party SBOMs (#3262) * docs: add information about languages with support for dependency locations (#3306) * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284) * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251) * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255) * docs: remove comparisons (#3289) * feat: add support for Wolfi Linux (#3215) * ci: add go.mod to canary workflow (#3288) * feat(python): skip dev dependencies (#3282) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 09:37:03 +01:00
# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
# upon. The license for this file, and modifications and additions to the
# file, is the same license as for the pristine package itself (unless the
# license for the pristine package is not an Open Source License, in which
# case the license is the MIT License). An "Open Source License" is a
# license that conforms to the Open Source Definition (Version 1.9)
# published by the Open Source Initiative.
# Please submit bugfixes or comments via https://bugs.opensuse.org/
#
Name: trivy
Version: 0.41.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
Group: System/Management
URL: https://github.com/aquasecurity/trivy
- Update to version 0.36.0: * docs: improve compliance docs (#3340) * feat(deps): add yarn lock dependency tree (#3348) * fix: compliance change id and title naming (#3349) * feat: add support for mix.lock files for elixir language (#3328) * feat: add k8s cis bench (#3315) * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322) * revert: cache merged layers (#3334) * feat(cyclonedx): add recommendation (#3336) * feat(ubuntu): added support ubuntu ESM versions (#1893) * fix: change logic to build relative paths for skip-dirs and skip-files (#3331) * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265) * feat: Adding support for Windows testing (#3037) * feat: add support for Alpine 3.17 (#3319) * docs: change PodFile.lock to Podfile.lock (#3318) * fix(sbom): support for the detection of old CycloneDX predicate type (#3316) * feat(secret): Use .trivyignore for filtering secret scanning result (#3312) * chore(go): remove experimental FS API usage in Wasm (#3299) * ci: add workflow to add issues to roadmap project (#3292) * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275) * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250) * feat(sbom): better support for third-party SBOMs (#3262) * docs: add information about languages with support for dependency locations (#3306) * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284) * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251) * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255) * docs: remove comparisons (#3289) * feat: add support for Wolfi Linux (#3215) * ci: add go.mod to canary workflow (#3288) * feat(python): skip dev dependencies (#3282) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 09:37:03 +01:00
Source: %{name}-%{version}.tar.zst
Source1: vendor.tar.zst
BuildRequires: golang-packaging
BuildRequires: zstd
- Update to version 0.32.0: * docs: add Rekor SBOM attestation scanning (#2893) * chore: narrow the owner scope (#2894) * fix: remove a patch number from the recommendation link (#2891) * fix: enable parsing of UUID-only rekor entry ID (#2887) * docs(sbom): add SPDX scanning (#2885) * docs: restructure docs and add tutorials (#2883) * feat(sbom): scan sbom attestation in the rekor record (#2699) * feat(k8s): support outdated-api (#2877) * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815) * fix(c): support revisions in Conan parser (#2878) * feat: dynamic links support for scan results (#2838) * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818) * docs: update archlinux commands (#2876) * feat(secret): add line from dockerfile where secret was added to secret result (#2780) * feat(sbom): Add unmarshal for spdx (#2868) * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827) * fix: revert asff arn and add documentation (#2852) * docs: batch-import-findings limit (#2851) * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872) * feat(sbom): Add marshal for spdx (#2867) * build: checkout before setting up Go (#2873) * chore: bump Go to 1.19 (#2861) * docs: azure doc and trivy (#2869) * fix: Scan tarr'd dependencies (#2857) * chore(helm): helm test with ingress (#2630) * feat(report): add secrets to sarif format (#2820) * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807) * refactor: add a new interface for initializing analyzers (#2835) * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=22
2022-09-19 09:30:12 +02:00
BuildRequires: golang(API) = 1.19
Requires: ca-certificates
Requires: git-core
Requires: rpm
%description
Trivy (`tri` pronounced like trigger, `vy` pronounced like envy) is a simple and
comprehensive vulnerability scanner for containers and other artifacts. A
software vulnerability is a glitch, flaw, or weakness present in the software or
in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
etc.). Trivy is easy to use. Just install the binary and you're ready to
scan. All you need to do for scanning is to specify a target such as an image
name of the container.
%prep
%setup -qa1
%build
export CGO_ENABLED=1
go build -o trivy -mod=vendor -buildmode=pie -trimpath -ldflags "-s -w -X=main.version=%{version}" cmd/trivy/main.go
%install
install -D -m 755 trivy %{buildroot}/%{_bindir}/%{name}
%files
%license LICENSE
%doc README.md
%{_bindir}/%{name}
%changelog