Compare commits
No commits in common. "factory" and "devel" have entirely different histories.
@ -1,4 +1,4 @@
|
|||||||
mtime: 1717765405
|
mtime: 1717679875
|
||||||
commit: 96ac2f27c0ccdd6423580fc28d828483ef3309a85f4741eb93d275b73f7ef52c
|
commit: 579ede4865fcf5783c98eab0446e1c095dd85e84
|
||||||
url: https://src.opensuse.org/pool/trivy.git
|
url: https://src.opensuse.org/dirkmueller/trivy.git
|
||||||
revision: factory
|
revision: 579ede4865fcf5783c98eab0446e1c095dd85e84
|
||||||
|
2
_service
2
_service
@ -2,7 +2,7 @@
|
|||||||
<service name="tar_scm" mode="manual">
|
<service name="tar_scm" mode="manual">
|
||||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||||
<param name="scm">git</param>
|
<param name="scm">git</param>
|
||||||
<param name="revision">v0.56.2</param>
|
<param name="revision">v0.52.0</param>
|
||||||
<param name="versionformat">@PARENT_TAG@</param>
|
<param name="versionformat">@PARENT_TAG@</param>
|
||||||
<param name="versionrewrite-pattern">v(.*)</param>
|
<param name="versionrewrite-pattern">v(.*)</param>
|
||||||
<param name="changesgenerate">enable</param>
|
<param name="changesgenerate">enable</param>
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
<servicedata>
|
<servicedata>
|
||||||
<service name="tar_scm">
|
<service name="tar_scm">
|
||||||
<param name="url">https://github.com/aquasecurity/trivy</param>
|
<param name="url">https://github.com/aquasecurity/trivy</param>
|
||||||
<param name="changesrevision">f2252c833d4dee18546577f0c32ceb83c8bf20ae</param></service></servicedata>
|
<param name="changesrevision">c24dfbab68056a42aff9589b024c6f2d067f9f52</param></service></servicedata>
|
BIN
trivy-0.52.0.tar.zst
(Stored with Git LFS)
Normal file
BIN
trivy-0.52.0.tar.zst
(Stored with Git LFS)
Normal file
Binary file not shown.
BIN
trivy-0.56.2.tar.zst
(Stored with Git LFS)
BIN
trivy-0.56.2.tar.zst
(Stored with Git LFS)
Binary file not shown.
318
trivy.changes
318
trivy.changes
@ -1,321 +1,3 @@
|
|||||||
-------------------------------------------------------------------
|
|
||||||
Wed Oct 23 12:47:45 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.56.2:
|
|
||||||
* release: v0.56.2 [release/v0.56] (#7694)
|
|
||||||
* fix(redhat): include arch in PURL qualifiers [backport: release/v0.56] (#7702)
|
|
||||||
* fix(sbom): add options for DBs in private registries [backport: release/v0.56] (#7691)
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Tue Oct 08 16:43:27 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.56.1:
|
|
||||||
* release: v0.56.1 [release/v0.56] (#7648)
|
|
||||||
* fix(db): fix javadb downloading error handling [backport: release/v0.56] (#7646)
|
|
||||||
* release: v0.56.0 [main] (#7447)
|
|
||||||
* fix(misconf): not to warn about missing selectors of libraries (#7638)
|
|
||||||
* feat: support RPM archives (#7628)
|
|
||||||
* fix(secret): change grafana token regex to find them without unquoted (#7627)
|
|
||||||
* chore(deps): Bump trivy-checks to v1.1.0 (#7631)
|
|
||||||
* fix(misconf): Disable deprecated checks by default (#7632)
|
|
||||||
* chore: add prefixes to log messages (#7625)
|
|
||||||
* feat(misconf): Support `--skip-*` for all included modules (#7579)
|
|
||||||
* feat: support multiple DB repositories for vulnerability and Java DB (#7605)
|
|
||||||
* ci: don't use cache for `setup-go` (#7622)
|
|
||||||
* test: use loaded image names (#7617)
|
|
||||||
* feat(java): add empty versions if `pom.xml` dependency versions can't be detected (#7520)
|
|
||||||
* feat(secret): enhance secret scanning for python binary files (#7223)
|
|
||||||
* refactor: fix auth error handling (#7615)
|
|
||||||
* ci: split `save` and `restore` cache actions (#7614)
|
|
||||||
* fix(misconf): disable DS016 check for image history analyzer (#7540)
|
|
||||||
* feat(suse): added SUSE Linux Enterprise Micro support (#7294)
|
|
||||||
* feat(misconf): add ability to disable checks by ID (#7536)
|
|
||||||
* fix(misconf): escape all special sequences (#7558)
|
|
||||||
* test: use a local registry for remote scanning (#7607)
|
|
||||||
* fix: allow access to '..' in mapfs (#7575)
|
|
||||||
* fix(db): check `DownloadedAt` for `trivy-java-db` (#7592)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 20 updates (#7604)
|
|
||||||
* ci: add `workflow_dispatch` trigger for test workflow. (#7606)
|
|
||||||
* ci: cache test images for `integration`, `VM` and `module` tests (#7599)
|
|
||||||
* chore(deps): remove broken replaces for opa and discovery (#7600)
|
|
||||||
* docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (#7458)
|
|
||||||
* fix(misconf): Fixed scope for China Cloud (#7560)
|
|
||||||
* perf(misconf): use port ranges instead of enumeration (#7549)
|
|
||||||
* fix(sbom): export bom-ref when converting a package to a component (#7340)
|
|
||||||
* refactor(misconf): pass options to Rego scanner as is (#7529)
|
|
||||||
* fix(sbom): parse type `framework` as `library` when unmarshalling `CycloneDX` files (#7527)
|
|
||||||
* chore(deps): bump go-ebs-file (#7513)
|
|
||||||
* fix(misconf): Fix logging typo (#7473)
|
|
||||||
* feat(misconf): Register checks only when needed (#7435)
|
|
||||||
* refactor: split `.egg` and `packaging` analyzers (#7514)
|
|
||||||
* fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents (#7497)
|
|
||||||
* chore(vex): add `CVE-2024-34155`, `CVE-2024-34156` and `CVE-2024-34158` in `trivy.openvex.json` (#7510)
|
|
||||||
* chore(deps): bump alpine from 3.20.0 to 3.20.3 (#7508)
|
|
||||||
* chore(vex): suppress openssl vulnerabilities (#7500)
|
|
||||||
* docs: refine go docs (#7442)
|
|
||||||
* revert(java): stop supporting of `test` scope for `pom.xml` files (#7488)
|
|
||||||
* docs(db): add a manifest example (#7485)
|
|
||||||
* feat(license): improve license normalization (#7131)
|
|
||||||
* docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (#7449)
|
|
||||||
* fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (#7463)
|
|
||||||
* fix(report): change a receiver of MarshalJSON (#7483)
|
|
||||||
* fix(oracle): Update EOL date for Oracle 7 (#7480)
|
|
||||||
* chore(deps): bump the aws group with 6 updates (#7468)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 19 updates (#7436)
|
|
||||||
* chore(helm): bump up Trivy Helm chart (#7441)
|
|
||||||
* refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (#7451)
|
|
||||||
* fix(license): stop spliting a long license text (#7336)
|
|
||||||
* release: v0.55.0 [main] (#7271)
|
|
||||||
* feat(go): use `toolchain` as `stdlib` version for `go.mod` files (#7163)
|
|
||||||
* fix(license): add license handling to JUnit template (#7409)
|
|
||||||
* feat(java): add `test` scope support for `pom.xml` files (#7414)
|
|
||||||
* chore(deps): Bump trivy-checks and pin OPA (#7427)
|
|
||||||
* fix(helm): explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element (#7362)
|
|
||||||
* feat(sbom): set User-Agent header on requests to Rekor (#7396)
|
|
||||||
* test: add integration plugin tests (#7299)
|
|
||||||
* fix(nodejs): check all `importers` to detect dev deps from pnpm-lock.yaml file (#7387)
|
|
||||||
* fix: logger initialization before flags parsing (#7372)
|
|
||||||
* fix(aws): handle ECR repositories in different regions (#6217)
|
|
||||||
* fix(misconf): fix infer type for null value (#7424)
|
|
||||||
* fix(secret): use `.eyJ` keyword for JWT secret (#7410)
|
|
||||||
* fix(misconf): do not recreate filesystem map (#7416)
|
|
||||||
* chore(deps): Bump trivy-checks (#7417)
|
|
||||||
* fix(misconf): do not register Rego libs in checks registry (#7420)
|
|
||||||
* fix(sbom): use `NOASSERTION` for licenses fields in SPDX formats (#7403)
|
|
||||||
* feat(report): export modified findings in JSON (#7383)
|
|
||||||
* feat(server): Make Trivy Server Multiplexer Exported (#7389)
|
|
||||||
* chore: update CODEOWNERS (#7398)
|
|
||||||
* fix(secret): use only line with secret for long secret lines (#7412)
|
|
||||||
* chore: fix allow rule of ignoring test files to make it case insensitive (#7415)
|
|
||||||
* feat(misconf): port and protocol support for EC2 networks (#7146)
|
|
||||||
* fix(misconf): do not filter Terraform plan JSON by name (#7406)
|
|
||||||
* feat(misconf): support for ignore by nested attributes (#7205)
|
|
||||||
* fix(misconf): use module to log when metadata retrieval fails (#7405)
|
|
||||||
* fix(report): escape `Message` field in `asff.tpl` template (#7401)
|
|
||||||
* feat(misconf): Add support for using spec from on-disk bundle (#7179)
|
|
||||||
* docs: add pkg flags to config file page (#7370)
|
|
||||||
* feat(python): use minimum version for pip packages (#7348)
|
|
||||||
* fix(misconf): support deprecating for Go checks (#7377)
|
|
||||||
* fix(misconf): init frameworks before updating them (#7376)
|
|
||||||
* feat(misconf): ignore duplicate checks (#7317)
|
|
||||||
* refactor(misconf): use slog (#7295)
|
|
||||||
* chore(deps): bump trivy-checks (#7350)
|
|
||||||
* feat(server): add internal `--path-prefix` flag for client/server mode (#7321)
|
|
||||||
* chore(deps): bump the aws group across 1 directory with 7 updates (#7358)
|
|
||||||
* fix: safely check if the directory exists (#7353)
|
|
||||||
* feat(misconf): variable support for Terraform Plan (#7228)
|
|
||||||
* feat(misconf): scanning support for YAML and JSON (#7311)
|
|
||||||
* fix(misconf): wrap Azure PortRange in iac types (#7357)
|
|
||||||
* refactor(misconf): highlight only affected rows (#7310)
|
|
||||||
* fix(misconf): change default TLS values for the Azure storage account (#7345)
|
|
||||||
* chore(deps): bump the common group with 9 updates (#7333)
|
|
||||||
* docs(misconf): Update callsites to use correct naming (#7335)
|
|
||||||
* docs: update air-gapped docs (#7160)
|
|
||||||
* refactor: replace ftypes.Gradle with packageurl.TypeGradle (#7323)
|
|
||||||
* perf(misconf): optimize work with context (#6968)
|
|
||||||
* docs: update links to packaging.python.org (#7318)
|
|
||||||
* docs: update client/server docs for misconf and license scanning (#7277)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 7 updates (#7305)
|
|
||||||
* feat(misconf): iterator argument support for dynamic blocks (#7236)
|
|
||||||
* fix(misconf): do not set default value for default_cache_behavior (#7234)
|
|
||||||
* feat(misconf): support for policy and bucket grants (#7284)
|
|
||||||
* fix(misconf): load only submodule if it is specified in source (#7112)
|
|
||||||
* perf(misconf): use json.Valid to check validity of JSON (#7308)
|
|
||||||
* refactor(misconf): remove unused universal scanner (#7293)
|
|
||||||
* perf(misconf): do not convert contents of a YAML file to string (#7292)
|
|
||||||
* fix(terraform): add aws_region name to presets (#7184)
|
|
||||||
* docs: add auto-generated config (#7261)
|
|
||||||
* feat(vuln): Add `--detection-priority` flag for accuracy tuning (#7288)
|
|
||||||
* refactor(misconf): remove file filtering from parsers (#7289)
|
|
||||||
* fix(flag): incorrect behavior for deprected flag `--clear-cache` (#7281)
|
|
||||||
* fix(java): Return error when trying to find a remote pom to avoid segfault (#7275)
|
|
||||||
* fix(plugin): do not call GitHub content API for releases and tags (#7274)
|
|
||||||
* feat(vm): support the Ext2/Ext3 filesystems (#6983)
|
|
||||||
* feat(cli)!: delete deprecated SBOM flags (#7266)
|
|
||||||
* feat(vm): Support direct filesystem (#7058)
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Aug 01 12:24:35 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.54.1:
|
|
||||||
* release: v0.54.1 [release/v0.54] (#7282)
|
|
||||||
* fix(flag): incorrect behavior for deprected flag `--clear-cache` [backport: release/v0.54] (#7285)
|
|
||||||
* fix(java): Return error when trying to find a remote pom to avoid segfault [backport: release/v0.54] (#7283)
|
|
||||||
* fix(plugin): do not call GitHub content API for releases and tags [backport: release/v0.54] (#7279)
|
|
||||||
* release: v0.54.0 [main] (#7075)
|
|
||||||
* docs: update ecosystem page reporting with plopsec.com app (#7262)
|
|
||||||
* chore(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 (#7136)
|
|
||||||
* feat(vex): retrieve VEX attestations from OCI registries (#7249)
|
|
||||||
* feat(sbom): add image labels into `SPDX` and `CycloneDX` reports (#7257)
|
|
||||||
* refactor(flag): return error if both `--download-db-only` and `--download-java-db-only` are specified (#7259)
|
|
||||||
* fix(nodejs): detect direct dependencies when using `latest` version for files `yarn.lock` + `package.json` (#7110)
|
|
||||||
* fix(java): avoid panic if deps from `pom` in `it` dir are not found (#7245)
|
|
||||||
* chore: show VEX notice for OSS maintainers in CI environments (#7246)
|
|
||||||
* feat(vuln): add `--pkg-relationships` (#7237)
|
|
||||||
* docs: show VEX cli pages + update config file page for VEX flags (#7244)
|
|
||||||
* fix(dotnet): show `nuget package dir not found` log only when checking `nuget` packages (#7194)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 17 updates (#7230)
|
|
||||||
* feat(vex): VEX Repository support (#7206)
|
|
||||||
* fix(secret): skip regular strings contain secret patterns (#7182)
|
|
||||||
* feat: share build-in rules (#7207)
|
|
||||||
* fix(report): hide empty table when all secrets/license/misconfigs are ignored (#7171)
|
|
||||||
* fix(cli): error on missing config file (#7154)
|
|
||||||
* fix(secret): update length of `hugging-face-access-token` (#7216)
|
|
||||||
* feat(sbom): add vulnerability support for SPDX formats (#7213)
|
|
||||||
* ci: use free runner for all tests except `build tests` (#7215)
|
|
||||||
* chore(deps): bump the docker group across 1 directory with 2 updates (#7208)
|
|
||||||
* fix(secret): trim excessively long lines (#7192)
|
|
||||||
* chore(vex): update subcomponents for CVE-2023-42363/42364/42365/42366 (#7201)
|
|
||||||
* fix(server): pass license categories to options (#7203)
|
|
||||||
* feat(mariner): Add support for Azure Linux (#7186)
|
|
||||||
* docs: updates config file (#7188)
|
|
||||||
* refactor(fs): remove unused field for CompositeFS (#7195)
|
|
||||||
* fix(dotnet): don't include non-runtime libraries into report for `*.deps.json` files (#7039)
|
|
||||||
* chore(deps): bump goreleaser from `v2.0.0` to `v2.1.0` (#7162)
|
|
||||||
* fix: add missing platform and type to spec (#7149)
|
|
||||||
* chore(deps): bump the aws group with 6 updates (#7166)
|
|
||||||
* feat(misconf): enabled China configuration for ACRs (#7156)
|
|
||||||
* fix: close file when failed to open gzip (#7164)
|
|
||||||
* docs: Fix PR documentation to use GitHub Discussions, not Issues (#7141)
|
|
||||||
* docs(misconf): add info about limitations for terraform plan json (#7143)
|
|
||||||
* chore: add VEX for Trivy images (#7140)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 7 updates (#7125)
|
|
||||||
* chore: add VEX document and generator for Trivy (#7128)
|
|
||||||
* fix(misconf): do not evaluate TF when a load error occurs (#7109)
|
|
||||||
* feat(cli): rename `--vuln-type` flag to `--pkg-types` flag (#7104)
|
|
||||||
* refactor(secret): move warning about file size after `IsBinary` check (#7123)
|
|
||||||
* chore(deps): bump the docker group with 2 updates (#7116)
|
|
||||||
* feat: add openSUSE tumbleweed detection and scanning (#6965)
|
|
||||||
* test: add missing advisory details for integration tests database (#7122)
|
|
||||||
* fix: Add dependencyManagement exclusions to the child exclusions (#6969)
|
|
||||||
* chore(deps): bump the aws group with 4 updates (#7115)
|
|
||||||
* fix: ignore nodes when listing permission is not allowed (#7107)
|
|
||||||
* fix(java): use `go-mvn-version` to remove `Package` duplicates (#7088)
|
|
||||||
* refactor(secret): add warning about large files (#7085)
|
|
||||||
* feat(nodejs): add license parser to pnpm analyser (#7036)
|
|
||||||
* refactor(sbom): add sbom prefix + filepaths for decode log messages (#7074)
|
|
||||||
* feat: add `log.FilePath()` function for logger (#7080)
|
|
||||||
* chore: bump golangci-lint from v1.58 to v1.59 (#7077)
|
|
||||||
* chore(deps): bump the common group across 1 directory with 23 updates (#7066)
|
|
||||||
* perf(debian): use `bytes.Index` in `emptyLineSplit` to cut allocation (#7065)
|
|
||||||
* refactor: pass DB dir to trivy-db (#7057)
|
|
||||||
* docs: navigate to the release highlights and summary (#7072)
|
|
||||||
* chore(deps): bump the github-actions group with 2 updates (#7067)
|
|
||||||
- drop add-opensuse-tumbleweed-db.patch,
|
|
||||||
add-opensuse-tumbleweed-support.patch: merged upstream
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Jul 25 09:40:25 UTC 2024 - Dirk Müller <dmueller@suse.com>
|
|
||||||
|
|
||||||
- refresh add-opensuse-tumbleweed-support.patch
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Thu Jul 11 15:31:03 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.53.0 (bsc#1227022, CVE-2024-6257):
|
|
||||||
* release: v0.53.0 [main] (#6855)
|
|
||||||
* feat(conda): add licenses support for `environment.yml` files (#6953)
|
|
||||||
* fix(sbom): fix panic when scanning SBOM file without root component into SBOM format (#7051)
|
|
||||||
* feat: add memory cache backend (#7048)
|
|
||||||
* fix(sbom): use package UIDs for uniqueness (#7042)
|
|
||||||
* feat(php): add installed.json file support (#4865)
|
|
||||||
* docs: ✨ Updated ecosystem docs with reference to new community app (#7041)
|
|
||||||
* fix: use embedded when command path not found (#7037)
|
|
||||||
* chore(deps): bump trivy-kubernetes version (#7012)
|
|
||||||
* refactor: use google/wire for cache (#7024)
|
|
||||||
* fix(cli): show info message only when --scanners is available (#7032)
|
|
||||||
* chore: enable float-compare rule from testifylint (#6967)
|
|
||||||
* docs: Add sudo on commands, chmod before mv on install docs (#7009)
|
|
||||||
* fix(plugin): respect `--insecure` (#7022)
|
|
||||||
* feat(k8s)!: node-collector dynamic commands support (#6861)
|
|
||||||
* fix(sbom): take pkg name from `purl` for maven pkgs (#7008)
|
|
||||||
* chore(deps): bump github.com/hashicorp/go-getter from 1.7.4 to 1.7.5 (#7018)
|
|
||||||
* feat!: add clean subcommand (#6993)
|
|
||||||
* chore: use `!` for breaking changes (#6994)
|
|
||||||
* feat(aws)!: Remove aws subcommand (#6995)
|
|
||||||
* refactor: replace global cache directory with parameter passing (#6986)
|
|
||||||
* fix(sbom): use `purl` for `bitnami` pkg names (#6982)
|
|
||||||
* chore: bump Go toolchain version (#6984)
|
|
||||||
* refactor: unify cache implementations (#6977)
|
|
||||||
* docs: non-packaged and sbom clarifications (#6975)
|
|
||||||
* BREAKING(aws): Deprecate `trivy aws` as subcmd in favour of a plugin (#6819)
|
|
||||||
* docs: delete unknown URL (#6972)
|
|
||||||
* refactor: use version-specific URLs for documentation references (#6966)
|
|
||||||
* refactor: delete db mock (#6940)
|
|
||||||
* ci: add depguard (#6963)
|
|
||||||
* refactor: add warning if severity not from vendor (or NVD or GH) is used (#6726)
|
|
||||||
* feat: Add local ImageID to SARIF metadata (#6522)
|
|
||||||
* fix(suse): Add SLES 15.6 and Leap 15.6 (#6964)
|
|
||||||
* feat(java): add support for sbt projects using sbt-dependency-lock (#6882)
|
|
||||||
* feat(java): add support for `maven-metadata.xml` files for remote snapshot repositories. (#6950)
|
|
||||||
* fix(purl): add missed os types (#6955)
|
|
||||||
* fix(cyclonedx): trim non-URL info for `advisory.url` (#6952)
|
|
||||||
* fix(c): don't skip conan files from `file-patterns` and scan `.conan2` cache dir (#6949)
|
|
||||||
* ci: correctly handle categories (#6943)
|
|
||||||
* fix(image): parse `image.inspect.Created` field only for non-empty values (#6948)
|
|
||||||
* fix(misconf): handle source prefix to ignore (#6945)
|
|
||||||
* fix(misconf): fix parsing of engine links and frameworks (#6937)
|
|
||||||
* feat(misconf): support of selectors for all providers for Rego (#6905)
|
|
||||||
* ci: don't run `tests` for `release-please` PRs (#6936)
|
|
||||||
* fix(license): return license separation using separators `,`, `or`, etc. (#6916)
|
|
||||||
* ci: use `ubuntu-latest-m` runner (#6918)
|
|
||||||
* feat(misconf): add support for AWS::EC2::SecurityGroupIngress/Egress (#6755)
|
|
||||||
* BREAKING(misconf): flatten recursive types (#6862)
|
|
||||||
* ci: move triage workflow yaml under .github/workflows (#6895)
|
|
||||||
* ci: add `trivy` group for `dependabot` (#6908)
|
|
||||||
* chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 (#6910)
|
|
||||||
* test: bump docker API to 1.45 (#6914)
|
|
||||||
* feat(sbom): migrate to `CycloneDX v1.6` (#6903)
|
|
||||||
* chore(deps): bump the aws group with 8 updates (#6898)
|
|
||||||
* ci: bump `github.com/goreleaser/goreleaser` to `v2.0.0` (#6887)
|
|
||||||
* feat(image): Set User-Agent header for Trivy container registry requests (#6868)
|
|
||||||
* fix(debian): take installed files from the origin layer (#6849)
|
|
||||||
* fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken (#6858)
|
|
||||||
* feat(misconf): API Gateway V1 support for CloudFormation (#6874)
|
|
||||||
* ci: add created release branch to `rulesets` to enable merge queue (#6880)
|
|
||||||
* feat(plugin): add support for nested archives (#6845)
|
|
||||||
* fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files (#6866)
|
|
||||||
* fix(secret): `Asymmetric Private Key` shouldn't start with space (#6867)
|
|
||||||
* ci: use author permission check instead of `author_association` field for backport workflow (#6870)
|
|
||||||
* chore: auto label discussions (#5259)
|
|
||||||
* docs: explain how VEX is applied (#6864)
|
|
||||||
* ci: automate backporting process (#6781)
|
|
||||||
* ci: create release branch (#6859)
|
|
||||||
* fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase (#6852)
|
|
||||||
* fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857)
|
|
||||||
* feat(dart): use first version of constraint for dependencies using SDK version (#6239)
|
|
||||||
* fix(misconf): parsing numbers without fraction as int (#6834)
|
|
||||||
* fix(misconf): fix caching of modules in subdirectories (#6814)
|
|
||||||
* feat(misconf): add metadata to Cloud schema (#6831)
|
|
||||||
* chore(deps): bump the aws group across 1 directory with 7 updates (#6837)
|
|
||||||
* chore(deps): bump the common group with 5 updates (#6842)
|
|
||||||
* test: replace embedded Git repository with dynamically created repository (#6824)
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Wed Jun 19 15:58:20 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.52.2:
|
|
||||||
* release: v0.52.2 [release/v0.52] (#6896)
|
|
||||||
* ci: use `ubuntu-latest-m` runner [backport: release/v0.52] (#6933)
|
|
||||||
* chore(deps): bump github.com/Azure/azure-sdk-for-go/sdk/azidentity from 1.5.2 to 1.6.0 [backport: release/v0.52] (#6919)
|
|
||||||
* test: bump docker API to 1.45 [backport: release/v0.52] (#6922)
|
|
||||||
* ci: bump `github.com/goreleaser/goreleaser` to `v2.0.0` [backport: release/v0.52] (#6893)
|
|
||||||
* fix(debian): take installed files from the origin layer [backport: release/v0.52] (#6892)
|
|
||||||
- add add-opensuse-tumbleweed-db.patch,
|
|
||||||
add-opensuse-tumbleweed-support.patch: patches for tumbleweed
|
|
||||||
support
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
|
||||||
Wed Jun 12 14:19:45 UTC 2024 - dmueller@suse.com
|
|
||||||
|
|
||||||
- Update to version 0.52.1:
|
|
||||||
* release: v0.52.1 [release/v0.52] (#6877)
|
|
||||||
* fix(nodejs): fix infinite loop when package link from `package-lock.json` file is broken [backport: release/v0.52] (#6888)
|
|
||||||
* fix(sbom): don't overwrite `srcEpoch` when decoding SBOM files [backport: release/v0.52] (#6881)
|
|
||||||
* fix(python): compare pkg names from `poetry.lock` and `pyproject.toml` in lowercase [backport: release/v0.52] (#6878)
|
|
||||||
* docs: explain how VEX is applied (#6864)
|
|
||||||
* fix(nodejs): fix infinity loops for `pnpm` with cyclic imports (#6857)
|
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Thu Jun 06 13:09:56 UTC 2024 - dmueller@suse.com
|
Thu Jun 06 13:09:56 UTC 2024 - dmueller@suse.com
|
||||||
|
|
||||||
|
@ -17,7 +17,7 @@
|
|||||||
|
|
||||||
|
|
||||||
Name: trivy
|
Name: trivy
|
||||||
Version: 0.56.2
|
Version: 0.52.0
|
||||||
Release: 0
|
Release: 0
|
||||||
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
|
Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
|
||||||
License: Apache-2.0
|
License: Apache-2.0
|
||||||
@ -43,7 +43,7 @@ scan. All you need to do for scanning is to specify a target such as an image
|
|||||||
name of the container.
|
name of the container.
|
||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -a1
|
%autosetup -p1 -a1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
export CGO_ENABLED=1
|
export CGO_ENABLED=1
|
||||||
|
BIN
vendor.tar.zst
(Stored with Git LFS)
BIN
vendor.tar.zst
(Stored with Git LFS)
Binary file not shown.
Loading…
Reference in New Issue
Block a user