From 9b5c03e298c4c058d6eee3ae4d434f5c728c5981a97a5a134a50523eec2234dc Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Dirk=20M=C3=BCller?= Date: Tue, 8 Oct 2024 18:51:25 +0200 Subject: [PATCH] Update to 0.56.1 --- _service | 2 +- _servicedata | 2 +- trivy-0.54.1.tar.zst | 3 - trivy-0.56.1.tar.zst | 3 + trivy.changes | 128 +++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 2 +- vendor.tar.zst | 4 +- 7 files changed, 136 insertions(+), 8 deletions(-) delete mode 100644 trivy-0.54.1.tar.zst create mode 100644 trivy-0.56.1.tar.zst diff --git a/_service b/_service index 70a7254..fea4d82 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.54.1 + v0.56.1 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 8d3392d..11a71b6 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 854c61d34a550a9fcbab3bc59e55b868c15d1962 \ No newline at end of file + 95dbf1152b2049a6ae2ae90a507630df01798bf1 \ No newline at end of file diff --git a/trivy-0.54.1.tar.zst b/trivy-0.54.1.tar.zst deleted file mode 100644 index 5b59e16..0000000 --- a/trivy-0.54.1.tar.zst +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:c68d0a1009298629f033ed4b6736755dff2ccd133ed372d4f9c1524e721d5dd4 -size 52033231 diff --git a/trivy-0.56.1.tar.zst b/trivy-0.56.1.tar.zst new file mode 100644 index 0000000..da764e5 --- /dev/null +++ b/trivy-0.56.1.tar.zst @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:2f16460619d1044365e1315fbe0e09963c4ae54d437566c842c1f3524d0e4e4f +size 52070532 diff --git a/trivy.changes b/trivy.changes index 2e2259f..789562a 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,131 @@ +------------------------------------------------------------------- +Tue Oct 08 16:43:27 UTC 2024 - dmueller@suse.com + +- Update to version 0.56.1: + * release: v0.56.1 [release/v0.56] (#7648) + * fix(db): fix javadb downloading error handling [backport: release/v0.56] (#7646) + * release: v0.56.0 [main] (#7447) + * fix(misconf): not to warn about missing selectors of libraries (#7638) + * feat: support RPM archives (#7628) + * fix(secret): change grafana token regex to find them without unquoted (#7627) + * chore(deps): Bump trivy-checks to v1.1.0 (#7631) + * fix(misconf): Disable deprecated checks by default (#7632) + * chore: add prefixes to log messages (#7625) + * feat(misconf): Support `--skip-*` for all included modules (#7579) + * feat: support multiple DB repositories for vulnerability and Java DB (#7605) + * ci: don't use cache for `setup-go` (#7622) + * test: use loaded image names (#7617) + * feat(java): add empty versions if `pom.xml` dependency versions can't be detected (#7520) + * feat(secret): enhance secret scanning for python binary files (#7223) + * refactor: fix auth error handling (#7615) + * ci: split `save` and `restore` cache actions (#7614) + * fix(misconf): disable DS016 check for image history analyzer (#7540) + * feat(suse): added SUSE Linux Enterprise Micro support (#7294) + * feat(misconf): add ability to disable checks by ID (#7536) + * fix(misconf): escape all special sequences (#7558) + * test: use a local registry for remote scanning (#7607) + * fix: allow access to '..' in mapfs (#7575) + * fix(db): check `DownloadedAt` for `trivy-java-db` (#7592) + * chore(deps): bump the common group across 1 directory with 20 updates (#7604) + * ci: add `workflow_dispatch` trigger for test workflow. (#7606) + * ci: cache test images for `integration`, `VM` and `module` tests (#7599) + * chore(deps): remove broken replaces for opa and discovery (#7600) + * docs(misconf): Add more info on how to use arbitrary JSON/YAML scan feat (#7458) + * fix(misconf): Fixed scope for China Cloud (#7560) + * perf(misconf): use port ranges instead of enumeration (#7549) + * fix(sbom): export bom-ref when converting a package to a component (#7340) + * refactor(misconf): pass options to Rego scanner as is (#7529) + * fix(sbom): parse type `framework` as `library` when unmarshalling `CycloneDX` files (#7527) + * chore(deps): bump go-ebs-file (#7513) + * fix(misconf): Fix logging typo (#7473) + * feat(misconf): Register checks only when needed (#7435) + * refactor: split `.egg` and `packaging` analyzers (#7514) + * fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents (#7497) + * chore(vex): add `CVE-2024-34155`, `CVE-2024-34156` and `CVE-2024-34158` in `trivy.openvex.json` (#7510) + * chore(deps): bump alpine from 3.20.0 to 3.20.3 (#7508) + * chore(vex): suppress openssl vulnerabilities (#7500) + * docs: refine go docs (#7442) + * revert(java): stop supporting of `test` scope for `pom.xml` files (#7488) + * docs(db): add a manifest example (#7485) + * feat(license): improve license normalization (#7131) + * docs(oci): Add a note About the expected Media Type for the Trivy-DB OCI Artifact (#7449) + * fix(report): fix error with unmarshal of `ExperimentalModifiedFindings` (#7463) + * fix(report): change a receiver of MarshalJSON (#7483) + * fix(oracle): Update EOL date for Oracle 7 (#7480) + * chore(deps): bump the aws group with 6 updates (#7468) + * chore(deps): bump the common group across 1 directory with 19 updates (#7436) + * chore(helm): bump up Trivy Helm chart (#7441) + * refactor(java): add error/statusCode for logs when we can't get pom.xml/maven-metadata.xml from remote repo (#7451) + * fix(license): stop spliting a long license text (#7336) + * release: v0.55.0 [main] (#7271) + * feat(go): use `toolchain` as `stdlib` version for `go.mod` files (#7163) + * fix(license): add license handling to JUnit template (#7409) + * feat(java): add `test` scope support for `pom.xml` files (#7414) + * chore(deps): Bump trivy-checks and pin OPA (#7427) + * fix(helm): explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element (#7362) + * feat(sbom): set User-Agent header on requests to Rekor (#7396) + * test: add integration plugin tests (#7299) + * fix(nodejs): check all `importers` to detect dev deps from pnpm-lock.yaml file (#7387) + * fix: logger initialization before flags parsing (#7372) + * fix(aws): handle ECR repositories in different regions (#6217) + * fix(misconf): fix infer type for null value (#7424) + * fix(secret): use `.eyJ` keyword for JWT secret (#7410) + * fix(misconf): do not recreate filesystem map (#7416) + * chore(deps): Bump trivy-checks (#7417) + * fix(misconf): do not register Rego libs in checks registry (#7420) + * fix(sbom): use `NOASSERTION` for licenses fields in SPDX formats (#7403) + * feat(report): export modified findings in JSON (#7383) + * feat(server): Make Trivy Server Multiplexer Exported (#7389) + * chore: update CODEOWNERS (#7398) + * fix(secret): use only line with secret for long secret lines (#7412) + * chore: fix allow rule of ignoring test files to make it case insensitive (#7415) + * feat(misconf): port and protocol support for EC2 networks (#7146) + * fix(misconf): do not filter Terraform plan JSON by name (#7406) + * feat(misconf): support for ignore by nested attributes (#7205) + * fix(misconf): use module to log when metadata retrieval fails (#7405) + * fix(report): escape `Message` field in `asff.tpl` template (#7401) + * feat(misconf): Add support for using spec from on-disk bundle (#7179) + * docs: add pkg flags to config file page (#7370) + * feat(python): use minimum version for pip packages (#7348) + * fix(misconf): support deprecating for Go checks (#7377) + * fix(misconf): init frameworks before updating them (#7376) + * feat(misconf): ignore duplicate checks (#7317) + * refactor(misconf): use slog (#7295) + * chore(deps): bump trivy-checks (#7350) + * feat(server): add internal `--path-prefix` flag for client/server mode (#7321) + * chore(deps): bump the aws group across 1 directory with 7 updates (#7358) + * fix: safely check if the directory exists (#7353) + * feat(misconf): variable support for Terraform Plan (#7228) + * feat(misconf): scanning support for YAML and JSON (#7311) + * fix(misconf): wrap Azure PortRange in iac types (#7357) + * refactor(misconf): highlight only affected rows (#7310) + * fix(misconf): change default TLS values for the Azure storage account (#7345) + * chore(deps): bump the common group with 9 updates (#7333) + * docs(misconf): Update callsites to use correct naming (#7335) + * docs: update air-gapped docs (#7160) + * refactor: replace ftypes.Gradle with packageurl.TypeGradle (#7323) + * perf(misconf): optimize work with context (#6968) + * docs: update links to packaging.python.org (#7318) + * docs: update client/server docs for misconf and license scanning (#7277) + * chore(deps): bump the common group across 1 directory with 7 updates (#7305) + * feat(misconf): iterator argument support for dynamic blocks (#7236) + * fix(misconf): do not set default value for default_cache_behavior (#7234) + * feat(misconf): support for policy and bucket grants (#7284) + * fix(misconf): load only submodule if it is specified in source (#7112) + * perf(misconf): use json.Valid to check validity of JSON (#7308) + * refactor(misconf): remove unused universal scanner (#7293) + * perf(misconf): do not convert contents of a YAML file to string (#7292) + * fix(terraform): add aws_region name to presets (#7184) + * docs: add auto-generated config (#7261) + * feat(vuln): Add `--detection-priority` flag for accuracy tuning (#7288) + * refactor(misconf): remove file filtering from parsers (#7289) + * fix(flag): incorrect behavior for deprected flag `--clear-cache` (#7281) + * fix(java): Return error when trying to find a remote pom to avoid segfault (#7275) + * fix(plugin): do not call GitHub content API for releases and tags (#7274) + * feat(vm): support the Ext2/Ext3 filesystems (#6983) + * feat(cli)!: delete deprecated SBOM flags (#7266) + * feat(vm): Support direct filesystem (#7058) + ------------------------------------------------------------------- Thu Aug 01 12:24:35 UTC 2024 - dmueller@suse.com diff --git a/trivy.spec b/trivy.spec index dab03f5..b97897a 100644 --- a/trivy.spec +++ b/trivy.spec @@ -17,7 +17,7 @@ Name: trivy -Version: 0.54.1 +Version: 0.56.1 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 diff --git a/vendor.tar.zst b/vendor.tar.zst index 2b68f45..2e20ad3 100644 --- a/vendor.tar.zst +++ b/vendor.tar.zst @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:e22b823b4ae141a34fbbd8c49b47f5330752a02d304621ab83a1b099591ac6de -size 36555328 +oid sha256:d506ab311adcf20d71cfdea01036414928cce58dd3f72dd6dea48638e0fabea5 +size 37216429 -- 2.45.2