- Update to version 0.32.0:

* docs: add Rekor SBOM attestation scanning (#2893)
  * chore: narrow the owner scope (#2894)
  * fix: remove a patch number from the recommendation link (#2891)
  * fix: enable parsing of UUID-only rekor entry ID (#2887)
  * docs(sbom): add SPDX scanning (#2885)
  * docs: restructure docs and add tutorials (#2883)
  * feat(sbom): scan sbom attestation in the rekor record (#2699)
  * feat(k8s): support outdated-api (#2877)
  * chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
  * fix(c): support revisions in Conan parser (#2878)
  * feat: dynamic links support for scan results (#2838)
  * chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
  * docs: update archlinux commands (#2876)
  * feat(secret): add line from dockerfile where secret was added to secret result (#2780)
  * feat(sbom): Add unmarshal for spdx (#2868)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
  * fix: revert asff arn and add documentation (#2852)
  * docs: batch-import-findings limit (#2851)
  * chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
  * feat(sbom): Add marshal for spdx (#2867)
  * build: checkout before setting up Go (#2873)
  * chore: bump Go to 1.19 (#2861)
  * docs: azure doc and trivy (#2869)
  * fix: Scan tarr'd dependencies (#2857)
  * chore(helm): helm test with ingress (#2630)
  * feat(report): add secrets to sarif format (#2820)
  * chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
  * refactor: add a new interface for initializing analyzers (#2835)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=22
This commit is contained in:
Dirk Mueller 2022-09-19 07:30:12 +00:00 committed by Git OBS Bridge
parent aede81fb2f
commit c7371b4a31
7 changed files with 64 additions and 9 deletions

View File

@ -2,7 +2,7 @@
<service name="tar_scm" mode="disabled">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="scm">git</param>
<param name="revision">v0.31.3</param>
<param name="revision">v0.32.0</param>
<param name="versionformat">@PARENT_TAG@</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="changesgenerate">enable</param>

View File

@ -1,4 +1,4 @@
<servicedata>
<service name="tar_scm">
<param name="url">https://github.com/aquasecurity/trivy</param>
<param name="changesrevision">db67f16ac6a8a1b880c29b5ef0ac9ec49da5c566</param></service></servicedata>
<param name="changesrevision">585985edb30fcd2ff60a90ad31c0aeb7ea4d445f</param></service></servicedata>

BIN
trivy-0.31.3.tar.gz (Stored with Git LFS)

Binary file not shown.

BIN
trivy-0.32.0.tar.gz (Stored with Git LFS) Normal file

Binary file not shown.

View File

@ -1,3 +1,58 @@
-------------------------------------------------------------------
Mon Sep 19 07:17:00 UTC 2022 - dmueller@suse.com
- Update to version 0.32.0:
* docs: add Rekor SBOM attestation scanning (#2893)
* chore: narrow the owner scope (#2894)
* fix: remove a patch number from the recommendation link (#2891)
* fix: enable parsing of UUID-only rekor entry ID (#2887)
* docs(sbom): add SPDX scanning (#2885)
* docs: restructure docs and add tutorials (#2883)
* feat(sbom): scan sbom attestation in the rekor record (#2699)
* feat(k8s): support outdated-api (#2877)
* chore(deps): bump github.com/moby/buildkit from 0.10.3 to 0.10.4 (#2815)
* fix(c): support revisions in Conan parser (#2878)
* feat: dynamic links support for scan results (#2838)
* chore(deps): bump go.uber.org/zap from 1.22.0 to 1.23.0 (#2818)
* docs: update archlinux commands (#2876)
* feat(secret): add line from dockerfile where secret was added to secret result (#2780)
* feat(sbom): Add unmarshal for spdx (#2868)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#2827)
* fix: revert asff arn and add documentation (#2852)
* docs: batch-import-findings limit (#2851)
* chore(deps): bump golang from 1.19.0 to 1.19.1 (#2872)
* feat(sbom): Add marshal for spdx (#2867)
* build: checkout before setting up Go (#2873)
* chore: bump Go to 1.19 (#2861)
* docs: azure doc and trivy (#2869)
* fix: Scan tarr'd dependencies (#2857)
* chore(helm): helm test with ingress (#2630)
* feat(report): add secrets to sarif format (#2820)
* chore(deps): bump azure/setup-helm from 1.1 to 3.3 (#2807)
* refactor: add a new interface for initializing analyzers (#2835)
* chore(deps): bump github.com/aws/aws-sdk-go from 1.44.77 to 1.44.92 (#2840)
* fix: update ProductArn with account id (#2782)
* feat(helm): make cache TTL configurable (#2798)
* build(): Sign releaser artifacts, not only container manifests (#2789)
* chore: improve doc about azure devops (#2795)
* chore(deps): bump sigstore/cosign-installer from 2.5.0 to 2.5.1 (#2804)
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#2825)
* docs: don't push patch versions (#2824)
* feat: add support for conan.lock file (#2779)
* feat: cache merged layers
* chore(deps): bump helm/chart-testing-action from 2.2.1 to 2.3.0 (#2805)
* chore(deps): bump actions/cache from 3.0.5 to 3.0.8 (#2806)
* chore(deps): bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 (#2811)
* chore(deps): bump github.com/aquasecurity/table from 1.7.2 to 1.8.0 (#2810)
* chore(deps): bump github.com/samber/lo from 1.27.0 to 1.27.1 (#2808)
* chore(deps): bump github.com/alicebob/miniredis/v2 from 2.22.0 to 2.23.0 (#2814)
* feat: add support for gradle.lockfile (#2759)
* chore(mod): updates wazero to 1.0.0-pre.1 #2791
* feat: move file patterns to a global level to be able to use it on any analyzer (#2539)
* Fix url validaton failures (#2783)
* fix(image): add logic to detect empty layers (#2790)
* feat(rust): add dependency graph from Rust binaries (#2771)
-------------------------------------------------------------------
Mon Sep 05 12:12:16 UTC 2022 - dmueller@suse.com

View File

@ -19,7 +19,7 @@
%global goipath github.com/aquasecurity/trivy
Name: trivy
Version: 0.31.3
Version: 0.32.0
Release: 0
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
@ -28,7 +28,7 @@ URL: https://github.com/aquasecurity/trivy
Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang-packaging
BuildRequires: golang(API) = 1.18
BuildRequires: golang(API) = 1.19
Requires: ca-certificates
Requires: git-core
Requires: rpm

BIN
vendor.tar.gz (Stored with Git LFS)

Binary file not shown.