From 3d74fa160ed592b3af8bfb7f46c038f7271a6209b0d3fa8fb4e28da4d21f86f1 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Sun, 29 Nov 2020 11:27:50 +0000 Subject: [PATCH] Accepting request 851108 from devel:kubic - Update to version 0.13.0: * fix(oracle): handle ksplice advisories (#745) * fix: version comparison (#740) * updated Readme.md (#737) * Add suse sles 15.2 to the EOL list as well (#734) * Update README.md (#731) * Warn when a user attempts to use trivy without a detectable lockfile (#729) * Add back support for FreeBSD & OpenBSD (#728) * Add support for ppc64le architecture (#724) * Skip packages from unsupported repository (remi) (#695) * Skip downloading DB if a remote DB is not updated (#717) * Sunsetting VendorVectors (#718) * Add GitHub Container Registry to README (#712) * update BUG_REPORT.md using H2 instead of bold formatting (#714) * fix(ci/deb): do not remove old packages for EOL versions (#706) * Add linter check support (#679) * Optimize images (#696) * Update triage.md (#701) - remove 0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch (merged) OBS-URL: https://build.opensuse.org/request/show/851108 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=5 --- ...se-sles-15.2-to-the-EOL-list-as-well.patch | 36 ------------------- _service | 2 +- _servicedata | 2 +- trivy-0.12.0.tar.gz | 3 -- trivy-0.13.0.tar.gz | 3 ++ trivy.changes | 23 ++++++++++++ trivy.spec | 3 +- vendor.tar.gz | 4 +-- 8 files changed, 31 insertions(+), 45 deletions(-) delete mode 100644 0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch delete mode 100644 trivy-0.12.0.tar.gz create mode 100644 trivy-0.13.0.tar.gz diff --git a/0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch b/0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch deleted file mode 100644 index 6168e1f..0000000 --- a/0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch +++ /dev/null @@ -1,36 +0,0 @@ -From 80efb57cace38e4002b4020a786f988d9e03630d Mon Sep 17 00:00:00 2001 -From: Dirk Mueller -Date: Fri, 30 Oct 2020 15:46:27 +0100 -Subject: [PATCH] Add suse sles 15.2 to the EOL list as well - -without that you get this arning: - WARN This OS version is not on the EOL list: suse linux enterprise server 15.2 - -which is actually misleading because 15.2 is the most current release, -we just don't know when it ends. we can however assume that it runs -for at least another year. - -Signed-off-by: Dirk Mueller -Signed-off-by: Dirk Mueller ---- - pkg/detector/ospkg/suse/suse.go | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/pkg/detector/ospkg/suse/suse.go b/pkg/detector/ospkg/suse/suse.go -index 114eb40..6216840 100644 ---- a/pkg/detector/ospkg/suse/suse.go -+++ b/pkg/detector/ospkg/suse/suse.go -@@ -39,7 +39,9 @@ var ( - "15": time.Date(2019, 12, 31, 23, 59, 59, 0, time.UTC), - "15.1": time.Date(2021, 1, 31, 23, 59, 59, 0, time.UTC), - // 6 months after SLES 15 SP3 release -- // "15.2": time.Date(2028, 7, 31, 23, 59, 59, 0, time.UTC), -+ "15.2": time.Date(2021, 10, 31, 23, 59, 59, 0, time.UTC), -+ // 6 months after SLES 15 SP4 release -+ // "15.3": time.Date(2028, 7, 31, 23, 59, 59, 0, time.UTC), - } - - opensuseEolDates = map[string]time.Time{ --- -2.29.0 - diff --git a/_service b/_service index b1fdd54..93f32e8 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.12.0 + v0.13.0 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 79639e4..bdbe1e4 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 49691ba85e9e0f94546b031b3a8b80b3ba949f0f \ No newline at end of file + 1391b3bf47d99aec25f2cfa04064fe1c2aeafcad \ No newline at end of file diff --git a/trivy-0.12.0.tar.gz b/trivy-0.12.0.tar.gz deleted file mode 100644 index 58d2387..0000000 --- a/trivy-0.12.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:4fa3333248f89bdf41f9bf572cbb799a1d0cadccc1eaa0767449db663bca99b7 -size 20691158 diff --git a/trivy-0.13.0.tar.gz b/trivy-0.13.0.tar.gz new file mode 100644 index 0000000..8091136 --- /dev/null +++ b/trivy-0.13.0.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ad83d410ef59e73e8a3a04b1f716744f7cfea5c0b35c5b355e5b32c9263b8c82 +size 20925638 diff --git a/trivy.changes b/trivy.changes index 4191f73..a57d815 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,26 @@ +------------------------------------------------------------------- +Thu Nov 26 15:23:00 UTC 2020 - dmueller@suse.com + +- Update to version 0.13.0: + * fix(oracle): handle ksplice advisories (#745) + * fix: version comparison (#740) + * updated Readme.md (#737) + * Add suse sles 15.2 to the EOL list as well (#734) + * Update README.md (#731) + * Warn when a user attempts to use trivy without a detectable lockfile (#729) + * Add back support for FreeBSD & OpenBSD (#728) + * Add support for ppc64le architecture (#724) + * Skip packages from unsupported repository (remi) (#695) + * Skip downloading DB if a remote DB is not updated (#717) + * Sunsetting VendorVectors (#718) + * Add GitHub Container Registry to README (#712) + * update BUG_REPORT.md using H2 instead of bold formatting (#714) + * fix(ci/deb): do not remove old packages for EOL versions (#706) + * Add linter check support (#679) + * Optimize images (#696) + * Update triage.md (#701) +- remove 0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch (merged) + ------------------------------------------------------------------- Fri Oct 30 14:52:37 UTC 2020 - Dirk Mueller diff --git a/trivy.spec b/trivy.spec index 88da20f..dfb0df5 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.12.0 +Version: 0.13.0 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 @@ -27,7 +27,6 @@ Group: System/Management URL: https://github.com/aquasecurity/trivy Source: %{name}-%{version}.tar.gz Source1: vendor.tar.gz -Patch1: 0001-Add-suse-sles-15.2-to-the-EOL-list-as-well.patch BuildRequires: golang-packaging BuildRequires: golang(API) >= 1.15 Requires: ca-certificates diff --git a/vendor.tar.gz b/vendor.tar.gz index f497842..0df0eb7 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:56fc71936452023e8561d710c1cf507874fcd62cb0cce6f674997059e62c2b02 -size 4965121 +oid sha256:fb5444e9c287389f770cb587129579dc4adea70bf77124592b43a49a5e8b076c +size 5281592