Merge pull request 'Update to 0.53.0' (#3) from dirkmueller/trivy:factory into factory
This commit is contained in:
commit
412b62b3f0
2
_service
2
_service
@ -2,7 +2,7 @@
|
||||
<service name="tar_scm" mode="manual">
|
||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||
<param name="scm">git</param>
|
||||
<param name="revision">v0.52.2</param>
|
||||
<param name="revision">v0.53.0</param>
|
||||
<param name="versionformat">@PARENT_TAG@</param>
|
||||
<param name="versionrewrite-pattern">v(.*)</param>
|
||||
<param name="changesgenerate">enable</param>
|
||||
|
@ -1,4 +1,4 @@
|
||||
<servicedata>
|
||||
<service name="tar_scm">
|
||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||
<param name="changesrevision">8709d4f9c8ae29df1ff2e0d45b414cc075d3ea0b</param></service></servicedata>
|
||||
<param name="changesrevision">c55b0e6cac49c5d30abe6c0d4ccbb56932a0a45d</param></service></servicedata>
|
BIN
trivy-0.52.2.tar.zst
(Stored with Git LFS)
BIN
trivy-0.52.2.tar.zst
(Stored with Git LFS)
Binary file not shown.
BIN
trivy-0.53.0.tar.zst
(Stored with Git LFS)
Normal file
BIN
trivy-0.53.0.tar.zst
(Stored with Git LFS)
Normal file
Binary file not shown.
@ -1,3 +1,85 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Jul 11 15:31:03 UTC 2024 - dmueller@suse.com
|
||||
|
||||
- Update to version 0.53.0 (bsc#1227022, CVE-2024-6257):
|
||||
* release: v0.53.0 [main] (#6855)
|
||||
* feat(conda): add licenses support for `environment.yml` files (#6953)
|
||||
* fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051)
|
||||
* feat: add memory cache backend (#7048)
|
||||
* fix(sbom): use package UIDs for uniqueness (#7042)
|
||||
* feat(php): add installed.json file support (#4865)
|
||||
* docs: ✨ Updated ecosystem docs with reference to new community app (#7041)
|
||||
* fix: use embedded when command path not found (#7037)
|
||||
* chore(deps): bump trivy-kubernetes version (#7012)
|
||||
* refactor: use google/wire for cache (#7024)
|
||||
* fix(cli): show info message only when --scanners is available (#7032)
|
||||
* chore: enable float-compare rule from testifylint (#6967)
|
||||
* docs: Add sudo on commands, chmod before mv on install docs (#7009)
|
||||
* fix(plugin): respect `--insecure` (#7022)
|
||||
* feat(k8s)!: node-collector dynamic commands support (#6861)
|
||||
* fix(sbom): take pkg name from `purl` for maven pkgs (#7008)
|
||||
* chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 (#7018)
|
||||
* feat!: add clean subcommand (#6993)
|
||||
* chore: use `!` for breaking changes (#6994)
|
||||
* feat(aws)!: Remove aws subcommand (#6995)
|
||||
* refactor: replace global cache directory with parameter passing (#6986)
|
||||
* fix(sbom): use `purl` for `bitnami` pkg names (#6982)
|
||||
* chore: bump Go toolchain version (#6984)
|
||||
* refactor: unify cache implementations (#6977)
|
||||
* docs: non-packaged and sbom clarifications (#6975)
|
||||
* BREAKING(aws): Deprecate `trivy aws` as subcmd in favour of a plugin (#6819)
|
||||
* docs: delete unknown URL (#6972)
|
||||
* refactor: use version-specific URLs for documentation references (#6966)
|
||||
* refactor: delete db mock (#6940)
|
||||
* ci: add depguard (#6963)
|
||||
* refactor: add warning if severity not from vendor (or NVD or GH) is used (#6726)
|
||||
* feat: Add local ImageID to SARIF metadata (#6522)
|
||||
* fix(suse): Add SLES 15.6 and Leap 15.6 (#6964)
|
||||
* feat(java): add support for sbt projects using sbt-dependency-lock (#6882)
|
||||
* feat(java): add support for `maven-metadata.xml` files for remote snapshot repositories. (#6950)
|
||||
* fix(purl): add missed os types (#6955)
|
||||
* fix(cyclonedx): trim non-URL info for `advisory.url` (#6952)
|
||||
* fix(c): don't skip conan files from `file-patterns` and scan `.conan2` cache dir (#6949)
|
||||
* ci: correctly handle categories (#6943)
|
||||
* fix(image): parse `image.inspect.Created` field only for non-empty values (#6948)
|
||||
* fix(misconf): handle source prefix to ignore (#6945)
|
||||
* fix(misconf): fix parsing of engine links and frameworks (#6937)
|
||||
* feat(misconf): support of selectors for all providers for Rego (#6905)
|
||||
* ci: don't run `tests` for `release-please` PRs (#6936)
|
||||
* fix(license): return license separation using separators `,`, `or`, etc. (#6916)
|
||||
* ci: use `ubuntu-latest-m` runner (#6918)
|
||||
* feat(misconf): add support for AWS::EC2::SecurityGroupIngress/Egress (#6755)
|
||||
* BREAKING(misconf): flatten recursive types (#6862)
|
||||
* ci: move triage workflow yaml under .github/workflows (#6895)
|
||||
* ci: add `trivy` group for `dependabot` (#6908)
|
||||
* chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 (#6910)
|
||||
* test: bump docker API to 1.45 (#6914)
|
||||
* feat(sbom): migrate to `CycloneDX v1.6` (#6903)
|
||||
* chore(deps): bump the aws group with 8 updates (#6898)
|
||||
* ci: bump `github.com/goreleaser/goreleaser` to `v2.0.0` (#6887)
|
||||
* feat(image): Set User-Agent header for Trivy container registry requests (#6868)
|
||||
* fix(debian): take installed files from the origin layer (#6849)
|
||||
* fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken (#6858)
|
||||
* feat(misconf): API Gateway V1 support for CloudFormation (#6874)
|
||||
* ci: add created release branch to `rulesets` to enable merge queue (#6880)
|
||||
* feat(plugin): add support for nested archives (#6845)
|
||||
* fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files (#6866)
|
||||
* fix(secret): `Asymmetric Private Key` shouldn't start with space (#6867)
|
||||
* ci: use author permission check instead of `author_association` field for backport workflow (#6870)
|
||||
* chore: auto label discussions (#5259)
|
||||
* docs: explain how VEX is applied (#6864)
|
||||
* ci: automate backporting process (#6781)
|
||||
* ci: create release branch (#6859)
|
||||
* fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase (#6852)
|
||||
* fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857)
|
||||
* feat(dart): use first version of constraint for dependencies using SDK version (#6239)
|
||||
* fix(misconf): parsing numbers without fraction as int (#6834)
|
||||
* fix(misconf): fix caching of modules in subdirectories (#6814)
|
||||
* feat(misconf): add metadata to Cloud schema (#6831)
|
||||
* chore(deps): bump the aws group across 1 directory with 7 updates (#6837)
|
||||
* chore(deps): bump the common group with 5 updates (#6842)
|
||||
* test: replace embedded Git repository with dynamically created repository (#6824)
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Jun 19 15:58:20 UTC 2024 - dmueller@suse.com
|
||||
|
||||
|
@ -17,7 +17,7 @@
|
||||
|
||||
|
||||
Name: trivy
|
||||
Version: 0.52.2
|
||||
Version: 0.53.0
|
||||
Release: 0
|
||||
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
|
||||
License: Apache-2.0
|
||||
|
BIN
vendor.tar.zst
(Stored with Git LFS)
BIN
vendor.tar.zst
(Stored with Git LFS)
Binary file not shown.
Loading…
Reference in New Issue
Block a user