From 4e5f1d07de138a367ddfc7abe1161f59d811d9e1e2f8c065d3f611a10de5f4a3 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Wed, 1 Mar 2023 10:45:59 +0000 Subject: [PATCH] - Update to version 0.38.0: * fix(cli): pass integer to exit-on-eol (#3716) * feat: add kubernetes pss compliance (#3498) * feat: Adding --module-dir and --enable-modules (#3677) * feat: add special IDs for filtering secrets (#3702) * chore(deps): Update defsec (#3713) * docs(misconf): Add guide on input schema (#3692) * feat(go): support dependency graph and show only direct dependencies in the tree (#3691) * feat: docker multi credential support (#3631) * feat: summarize vulnerabilities in compliance reports (#3651) * feat(python): parse pyproject.toml alongside poetry.lock (#3695) * feat(python): add dependency tree for poetry lock file (#3665) * fix(cyclonedx): incompliant affect ref (#3679) * chore(helm): update skip-db-update environment variable (#3657) * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675) * fix(sbom): export empty dependencies in CycloneDX (#3664) * docs: java-db air-gap doc tweaks (#3561) * feat(go): license support (#3683) * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669) * fix(k8s): k8s label size (#3678) * fix(cyclondx): fix array empty value, null to [] (#3676) * refactor: rewrite gomod analyzer as post-analyzer (#3674) * feat: config outdated-api result filtered by k8s version (#3578) * fix: Update to Alpine 3.17.2 (#3655) * feat: add support for virtual files (#3654) * feat: add post-analyzers (#3640) * chore(deps): updates wazero to 1.0.0-pre.9 (#3653) * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528) * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633) * feat(python): add dependency locations for Pipfile.lock (#3614) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=44 --- _service | 2 +- _servicedata | 2 +- trivy-0.37.3.tar.zst | 3 --- trivy-0.38.0.tar.zst | 3 +++ trivy.changes | 44 ++++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 ++-- 7 files changed, 52 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.37.3.tar.zst create mode 100644 trivy-0.38.0.tar.zst diff --git a/_service b/_service index b36be64..470e9cd 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.37.3 + v0.38.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index a519c45..fec0757 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 85d5d61bc7f69e3bc0eec9d52b6aa47f53797cc3 \ No newline at end of file + bc0836623c6d6bed9fdca4561c6aaacb87e09032 \ No newline at end of file diff --git a/trivy-0.37.3.tar.zst b/trivy-0.37.3.tar.zst deleted file mode 100644 index fb9225b..0000000 --- a/trivy-0.37.3.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:bd80a24159665a4dc0b72508370831e5e02cb65e738dde90425753718956da49 -size 44670009 diff --git a/trivy-0.38.0.tar.zst b/trivy-0.38.0.tar.zst new file mode 100644 index 0000000..a7c021f --- /dev/null +++ b/trivy-0.38.0.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:4d1f2fc05e3092a01a92ab961032c8b87538f1f04d5ca6f0bb21704b37511b07 +size 44704916 diff --git a/trivy.changes b/trivy.changes index d4f2f09..d098bd3 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,47 @@ +------------------------------------------------------------------- +Wed Mar 01 10:38:28 UTC 2023 - dmueller@suse.com + +- Update to version 0.38.0: + * fix(cli): pass integer to exit-on-eol (#3716) + * feat: add kubernetes pss compliance (#3498) + * feat: Adding --module-dir and --enable-modules (#3677) + * feat: add special IDs for filtering secrets (#3702) + * chore(deps): Update defsec (#3713) + * docs(misconf): Add guide on input schema (#3692) + * feat(go): support dependency graph and show only direct dependencies in the tree (#3691) + * feat: docker multi credential support (#3631) + * feat: summarize vulnerabilities in compliance reports (#3651) + * feat(python): parse pyproject.toml alongside poetry.lock (#3695) + * feat(python): add dependency tree for poetry lock file (#3665) + * fix(cyclonedx): incompliant affect ref (#3679) + * chore(helm): update skip-db-update environment variable (#3657) + * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675) + * fix(sbom): export empty dependencies in CycloneDX (#3664) + * docs: java-db air-gap doc tweaks (#3561) + * feat(go): license support (#3683) + * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669) + * fix(k8s): k8s label size (#3678) + * fix(cyclondx): fix array empty value, null to [] (#3676) + * refactor: rewrite gomod analyzer as post-analyzer (#3674) + * feat: config outdated-api result filtered by k8s version (#3578) + * fix: Update to Alpine 3.17.2 (#3655) + * feat: add support for virtual files (#3654) + * feat: add post-analyzers (#3640) + * chore(deps): updates wazero to 1.0.0-pre.9 (#3653) + * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528) + * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633) + * feat(python): add dependency locations for Pipfile.lock (#3614) + * chore(deps): bump golang.org/x/net from 0.5.0 to 0.7.0 (#3648) + * fix(java): fix groupID selection by ArtifactID for jar files. (#3644) + * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.63.1 to 1.85.0 (#3607) + * fix(aws): Adding a fix for update-cache flag that is not applied on AWS scans. (#3619) + * feat(cli): add command completion (#3061) + * docs(misconf): update dockerfile link (#3627) + * feat(flag): add exit-on-eosl option (#3423) + * chore(deps): bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.2 (#3533) + * fix(cli): make java db repository configurable (#3595) + * chore: bump trivy-kubernetes (#3613) + ------------------------------------------------------------------- Wed Feb 15 08:39:40 UTC 2023 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index 5d09b62..69ac67a 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.37.3 +Version: 0.38.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 5f5ddf1..0b9bc79 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:10939084d010846ec0698a21a9f2fbc45114fdea79fde411f59cf30467e4c2c0 -size 41289459 +oid sha256:da191174cd6b9b3183b993ac7dc561037b867b19cab765c08d74ca8fd205ed00 +size 41284935