diff --git a/_service b/_service
index 51d808a..e8db0c5 100644
--- a/_service
+++ b/_service
@@ -1,18 +1,17 @@
- https://github.com/aquasecurity/trivy.git
+ https://github.com/aquasecurity/trivy
git
- .git
- trivy
- v0.9.2
- @PARENT_TAG@
- v(.*)
+ 0.12.0
+ v0.12.0
enable
-
- *.tar
+ trivy-*.tar
gz
+
+ trivy
+
diff --git a/_servicedata b/_servicedata
deleted file mode 100644
index 9f5bccd..0000000
--- a/_servicedata
+++ /dev/null
@@ -1,4 +0,0 @@
-
-
- https://github.com/aquasecurity/trivy.git
- d9fa353a069bf14e93c88cf6a4ba194c12594374
\ No newline at end of file
diff --git a/trivy-0.12.0.tar.gz b/trivy-0.12.0.tar.gz
new file mode 100644
index 0000000..58d2387
--- /dev/null
+++ b/trivy-0.12.0.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:4fa3333248f89bdf41f9bf572cbb799a1d0cadccc1eaa0767449db663bca99b7
+size 20691158
diff --git a/trivy-0.9.2.tar.gz b/trivy-0.9.2.tar.gz
deleted file mode 100644
index c178d1e..0000000
--- a/trivy-0.9.2.tar.gz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:9a26f12b2ba1fee2cf0838ab4d05732e9b32c8ca30dcd0b54bd6be84f680ae6f
-size 20688249
diff --git a/trivy.changes b/trivy.changes
index 8955ff1..cf51c12 100644
--- a/trivy.changes
+++ b/trivy.changes
@@ -1,3 +1,18 @@
+-------------------------------------------------------------------
+Tue Oct 20 13:13:39 UTC 2020 - msabate@suse.com
+
+- Update to version 0.12.0:
+ * ci(circle): update remote docker version (#683)
+ * suse: update end of life dates for SLES service packs (#676)
+ * update readme for parallel run issue (#660)
+ * fix link for Clear images section in README (#659)
+ * add link to Gitlab CI pipeline in README (#658)
+ * test: add tests for mux (#645)
+ * chore: bump up Go to 1.15 (#646)
+ * Add contrib/ to the release chain for Docker (#638)
+ * Add health check endpoint to trivy server (#644)
+ * fix(cli): show help for subcommands (#629)
+
-------------------------------------------------------------------
Tue Sep 08 18:00:57 UTC 2020 - jsuchome@suse.com
@@ -52,10 +67,10 @@ Tue Jul 28 12:33:21 UTC 2020 - jsuchome@suse.com
-------------------------------------------------------------------
Fri Jul 24 11:34:15 UTC 2020 - jsuchome@suse.com
-- enabled changesgenerate option to automatically generate changes
+- enabled changesgenerate option to automatically generate changes
-------------------------------------------------------------------
Thu Jul 16 15:54:15 CEST 2020 - jsuchome@suse.com
-- initial release of 0.6.0 version, supported by Harbor 2.0
+- initial release of 0.6.0 version, supported by Harbor 2.0
diff --git a/trivy.spec b/trivy.spec
index d61d416..a37d7b8 100644
--- a/trivy.spec
+++ b/trivy.spec
@@ -16,42 +16,53 @@
#
# nodebuginfo
-
-%define goipath github.com/aquasecurity/trivy
-
Name: trivy
-Version: 0.9.2
+Version: 0.12.0
Release: 0
-Summary: Vulnerability Scanner for Containers
+Summary: A Simple and Comprehensive Vulnerability Scanner for Containers
License: Apache-2.0
Group: System/Management
URL: https://github.com/aquasecurity/trivy
-Source0: %{name}-%{version}.tar.gz
+Source: %{name}-%{version}.tar.gz
Source1: vendor.tar.gz
BuildRequires: golang-packaging
-BuildRequires: golang(API) >= 1.13
+BuildRequires: golang(API) = 1.13
+
+# As specified in their documentation. The version of these packages doesn't
+# seem to matter too much.
+Requires: git-core
+Requires: ca-certificates
+Requires: rpm
+%{go_nostrip}
%description
-A Simple and Comprehensive Vulnerability Scanner for Containers and other Artifacts,
-Suitable for CI.
+Trivy (`tri` pronounced like trigger, `vy` pronounced like envy) is a simple and
+comprehensive vulnerability scanner for containers and other artifacts. A
+software vulnerability is a glitch, flaw, or weakness present in the software or
+in an Operating System. Trivy detects vulnerabilities of OS packages (Alpine,
+RHEL, CentOS, etc.) and application dependencies (Bundler, Composer, npm, yarn,
+etc.). Trivy is easy to use. Just install the binary and you're ready to
+scan. All you need to do for scanning is to specify a target such as an image
+name of the container.
%prep
-%setup -q -n %{name}-%{version}
-%setup -q -T -D -a 1
+%setup -q -a1
+
+# Even though this is a bit ugly because it falls outside of the scope of the
+# original intent of the `LDFLAGS` variable, it's useful to do it once just so
+# we don't have to patch both `build` and `install`.
+sed -i -e 's|LDFLAGS=|LDFLAGS=-buildmode=pie -mod vendor |g' Makefile
%build
-%goprep %{goipath}
-
-export CGO_ENABLED=0
-
-%gobuild -mod vendor cmd/trivy
+make build VERSION=%{version}
%install
-%goinstall
+make install VERSION=%{version}
+install -D -m 0755 ~/go/bin/%{name} "%{buildroot}/%{_bindir}/%{name}"
%files
%license LICENSE
%doc README.md
-%{_bindir}/trivy
+%{_bindir}/%{name}
%changelog
diff --git a/vendor.tar.gz b/vendor.tar.gz
index 29f9c36..209e516 100644
--- a/vendor.tar.gz
+++ b/vendor.tar.gz
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:9309b4845bcb26d3820a2f91b339bf919c790eb0dcc6bd1b7e0b1cf291273a7d
-size 4286775
+oid sha256:9314f5fd015bc69d128430a7350c310cc3c1d69c5db8061332cf1aa84c0a3ad7
+size 5323198