From c266b89032cb9650668c008baae2de92ee29cbecc2d9fcc63e5b3fbac7538111 Mon Sep 17 00:00:00 2001 From: Dirk Mueller Date: Fri, 28 Apr 2023 07:52:09 +0000 Subject: [PATCH] - Update to version 0.41.0: * fix(spdx): add workaround for no src packages (#4118) * test(golang): rename broken go.mod (#4129) * feat(sbom): add supplier field (#4122) * test(misconf): skip downloading of policies for tests #4126 * refactor: use debug message for post-analyze errors (#4037) * feat(sbom): add VEX support (#4053) * feat(sbom): add primary package purpose field for SPDX (#4119) * fix(k8s): fix quiet flag (#4120) * fix(python): parse of pip extras (#4103) * feat(java): use full path for nested jars (#3992) * feat(license): add new flag for classifier confidence level (#4073) * feat: config and fs compliance support (#4097) * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952) * feat(spdx): add support for SPDX 2.3 (#4058) * fix: k8s all-namespaces support (#4096) * perf(misconf): replace with post-analyzers (#4090) * fix(helm): update networking API version detection (#4106) * feat(image): custom docker host option (#3599) * style: debug flag is incorrect and needs extra - (#4087) * docs(vuln): Document inline vulnerability filtering comments (#4024) * feat(fs): customize error callback during fs walk (#4038) * fix(ubuntu): skip copyright files from subfolders (#4076) * docs: restructure scanners (#3977) * fix: fix `file does not exist` error for post-analyzers (#4061) OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=59 --- _service | 2 +- _servicedata | 2 +- trivy-0.40.0.tar.zst | 3 --- trivy-0.41.0.tar.zst | 3 +++ trivy.changes | 29 +++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 ++-- 7 files changed, 37 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.40.0.tar.zst create mode 100644 trivy-0.41.0.tar.zst diff --git a/_service b/_service index 147b6ad..6d06835 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.40.0 + v0.41.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 9c9358e..2a2c14d 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - b43b19ba54cbf30adfaf98febccef033701a1df3 \ No newline at end of file + 1be1e2e6380efd9b63913721db1b9d61e3800126 \ No newline at end of file diff --git a/trivy-0.40.0.tar.zst b/trivy-0.40.0.tar.zst deleted file mode 100644 index b5de803..0000000 --- a/trivy-0.40.0.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:26a4295308f2a927f422338b81f42b4287dd08bcd8834814073e97a27f2a467e -size 76945308 diff --git a/trivy-0.41.0.tar.zst b/trivy-0.41.0.tar.zst new file mode 100644 index 0000000..9354e6b --- /dev/null +++ b/trivy-0.41.0.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:349550f75b2f44dc7a85e591a560db41e5533c62dfbc9de19fdff280c52e3192 +size 43405980 diff --git a/trivy.changes b/trivy.changes index 4457f8f..e8b9170 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,32 @@ +------------------------------------------------------------------- +Fri Apr 28 07:31:35 UTC 2023 - dmueller@suse.com + +- Update to version 0.41.0: + * fix(spdx): add workaround for no src packages (#4118) + * test(golang): rename broken go.mod (#4129) + * feat(sbom): add supplier field (#4122) + * test(misconf): skip downloading of policies for tests #4126 + * refactor: use debug message for post-analyze errors (#4037) + * feat(sbom): add VEX support (#4053) + * feat(sbom): add primary package purpose field for SPDX (#4119) + * fix(k8s): fix quiet flag (#4120) + * fix(python): parse of pip extras (#4103) + * feat(java): use full path for nested jars (#3992) + * feat(license): add new flag for classifier confidence level (#4073) + * feat: config and fs compliance support (#4097) + * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952) + * feat(spdx): add support for SPDX 2.3 (#4058) + * fix: k8s all-namespaces support (#4096) + * perf(misconf): replace with post-analyzers (#4090) + * fix(helm): update networking API version detection (#4106) + * feat(image): custom docker host option (#3599) + * style: debug flag is incorrect and needs extra - (#4087) + * docs(vuln): Document inline vulnerability filtering comments (#4024) + * feat(fs): customize error callback during fs walk (#4038) + * fix(ubuntu): skip copyright files from subfolders (#4076) + * docs: restructure scanners (#3977) + * fix: fix `file does not exist` error for post-analyzers (#4061) + ------------------------------------------------------------------- Sun Apr 16 18:05:08 UTC 2023 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index ae69624..c3eb6e3 100644 --- a/trivy.spec +++ b/trivy.spec @@ -17,7 +17,7 @@ Name: trivy -Version: 0.40.0 +Version: 0.41.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 79fa466..8973838 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:d7be343b5d750b8fc7db53aa68733003a06759a25c9e95e7a5ace40ac90425b6 -size 18622680 +oid sha256:33341fb7a275e0a4d6e8bc43ee278bb1332909058ba00069d17d40dea14cefc1 +size 18766997