From a448c6217662252ef1f2a7cda1eeef1b9f9119bb1a4deaa493f8eb378b8833f2 Mon Sep 17 00:00:00 2001 From: Dominique Leuenberger Date: Mon, 17 May 2021 16:45:04 +0000 Subject: [PATCH] Accepting request 893510 from devel:kubic - Update to version 0.17.2: * Upgrade fanal dependency (#976) * docs: mention upx binaries (#974) * Upgrade alpine to fix git and libcurl vulnerabilities in trivy docker image scan (#971) * fix(fs): skip dirs (#969) * chore(ci): replace GITHUB_TOKEN with ORG_GITHUB_TOKEN (#965) * chore(ci): clone trivy-repo after releasing binaries (#963) * docs: add golang support (#962) * fix(table): skip zero vulnerabilities on java (#961) * chore(ci): create a release discussion (#959) * feat(go): support binary scan (#948) * feat(java): support GitLab Advisory Database (#917) * feat: show help message when the context's deadline passes (#955) * chore(mkdocs): replace github token (#954) * Update SARIF report template (#935) * Update install docs to make commands consistent (#933) * Docker multi-platform image build with `buildx`, using Goreleaser (#915) * Fix JUnit template for AWS CodeBuild compatibility (#904) * break(cli): use StringSliceFlag for skip-dirs/files (#916) * docs: add white logo (#914) * add package name in ruleID (#913) * feat: gh-action for stale issues (#908) * chore(triage): add lifecycle/active label (#909) * feat: publish helm repository (#888) * Fix Documentation Typo (#901) * docs: migrate README to MkDocs (#884) * refactor(internal): export internal packages (#887) * feat: support plugins (#878) * chore(ci): deploy dev docs only for the main branch (#882) * add MkDocs implementation (#870) OBS-URL: https://build.opensuse.org/request/show/893510 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=7 --- _service | 2 +- _servicedata | 2 +- trivy-0.15.0.tar.gz | 3 -- trivy-0.17.2.tar.gz | 3 ++ trivy.changes | 72 +++++++++++++++++++++++++++++++++++++++++++++ trivy.spec | 4 +-- vendor.tar.gz | 4 +-- 7 files changed, 81 insertions(+), 9 deletions(-) delete mode 100644 trivy-0.15.0.tar.gz create mode 100644 trivy-0.17.2.tar.gz diff --git a/_service b/_service index 8085465..de11236 100644 --- a/_service +++ b/_service @@ -2,7 +2,7 @@ https://github.com/aquasecurity/trivy git - v0.15.0 + v0.17.2 @PARENT_TAG@ v(.*) enable diff --git a/_servicedata b/_servicedata index 8bf5465..c8c4ef2 100644 --- a/_servicedata +++ b/_servicedata @@ -1,4 +1,4 @@ https://github.com/aquasecurity/trivy - 08ca1b00b729b2a83c0e9f2f6e8d1a9f0110c455 \ No newline at end of file + 415e1d8ea3832b3f1807884b7c969b4d030d8098 \ No newline at end of file diff --git a/trivy-0.15.0.tar.gz b/trivy-0.15.0.tar.gz deleted file mode 100644 index c0f702b..0000000 --- a/trivy-0.15.0.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:1fde76ce68e2618edab731f5eb8d93efa0af14a80af140682dc5eb6bb7d50b5f -size 21553348 diff --git a/trivy-0.17.2.tar.gz b/trivy-0.17.2.tar.gz new file mode 100644 index 0000000..1307ca5 --- /dev/null +++ b/trivy-0.17.2.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:335be031765d2c9bc6c13f80a21df9ef1c52aa2e662890efb0ab51069adefcb0 +size 23042775 diff --git a/trivy.changes b/trivy.changes index fcad74d..587583f 100644 --- a/trivy.changes +++ b/trivy.changes @@ -1,3 +1,75 @@ +------------------------------------------------------------------- +Mon May 03 10:04:22 UTC 2021 - dmueller@suse.com + +- Update to version 0.17.2: + * Upgrade fanal dependency (#976) + * docs: mention upx binaries (#974) + * Upgrade alpine to fix git and libcurl vulnerabilities in trivy docker image scan (#971) + * fix(fs): skip dirs (#969) + * chore(ci): replace GITHUB_TOKEN with ORG_GITHUB_TOKEN (#965) + * chore(ci): clone trivy-repo after releasing binaries (#963) + * docs: add golang support (#962) + * fix(table): skip zero vulnerabilities on java (#961) + * chore(ci): create a release discussion (#959) + * feat(go): support binary scan (#948) + * feat(java): support GitLab Advisory Database (#917) + * feat: show help message when the context's deadline passes (#955) + * chore(mkdocs): replace github token (#954) + * Update SARIF report template (#935) + * Update install docs to make commands consistent (#933) + * Docker multi-platform image build with `buildx`, using Goreleaser (#915) + * Fix JUnit template for AWS CodeBuild compatibility (#904) + * break(cli): use StringSliceFlag for skip-dirs/files (#916) + * docs: add white logo (#914) + * add package name in ruleID (#913) + * feat: gh-action for stale issues (#908) + * chore(triage): add lifecycle/active label (#909) + * feat: publish helm repository (#888) + * Fix Documentation Typo (#901) + * docs: migrate README to MkDocs (#884) + * refactor(internal): export internal packages (#887) + * feat: support plugins (#878) + * chore(ci): deploy dev docs only for the main branch (#882) + * add MkDocs implementation (#870) + * docs(README): update ubuntu versions (#877) + * support Ubuntu 20.10 (#876) + * feat(cache): introduce versioned cache (#865) + * chore: bump up Go to 1.16 (#861) + * fix: allow the latest tag (#864) + * feat: disable analyzers (#846) + * chore(ci): push the official image to public ECR (#855) + * chore(ci): migrate CircleCI to GitHub Actions (#850) + * adds example with multistage build (#853) + * remove SARIF helpUri if empty (#841) (#845) + * Add Sprig to Template Engine (#832) + * Fix "GitLab CI using Trivy container" usage example (fixes #843) (#844) + * feat(java): support jar/war/ear (#837) + * fix(app): increase the default value of timeout (#842) + * Update README.md (#838) + * Fix compatibility for Jenkins xunit plugin (#820) + * README: add Gitlab job that uses a container with trivy (#823) + * feat: support Podman (#825) + * fix(eol): update EOL dates (#824) + * fix(python): follow PEP 440 (#816) + * Support alpine 3.13 (#819) + * Changed the output string to "Using your github token". (#814) + * Align comment with code (#812) + * Parse redis backend url (#804) + * Update README.md (#810) + * Added nodeSelector, affinity and tolerations to helm chart (#803) + * Fix readme typo in policy flag (#805) + * Fix errors in SARIF format (#801) + * Fix env variable for github token (#796) + * fix(vulnerability): set unknown severity for empty values (#793) + * Remove global flags from filesystem command (#772) + * Add imagePullSecrets to helm Chart (#789) + * Add redis cache backend configuration options (#784) + * Update README.md (#735) + * feat(redhat): support modular packages (#790) + * Fix formatting of log message (#785) + * chore(ci): migrate unit tests to GitHub Actions (#779) + * shifted: brews.github to brews.tap (#780) + ------------------------------------------------------------------- Fri Jan 08 13:31:54 UTC 2021 - rbrown@suse.com diff --git a/trivy.spec b/trivy.spec index 822dde6..6aac656 100644 --- a/trivy.spec +++ b/trivy.spec @@ -19,7 +19,7 @@ %global goipath github.com/aquasecurity/trivy Name: trivy -Version: 0.15.0 +Version: 0.17.2 Release: 0 Summary: A Simple and Comprehensive Vulnerability Scanner for Containers License: Apache-2.0 @@ -28,7 +28,7 @@ URL: https://github.com/aquasecurity/trivy Source: %{name}-%{version}.tar.gz Source1: vendor.tar.gz BuildRequires: golang-packaging -BuildRequires: golang(API) >= 1.15 +BuildRequires: golang(API) >= 1.16 Requires: ca-certificates Requires: git-core Requires: rpm diff --git a/vendor.tar.gz b/vendor.tar.gz index 869080c..4523c0b 100644 --- a/vendor.tar.gz +++ b/vendor.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:1799754ef5dd1a38f6a3f542b767075e3828c65fa1310d29f67be60b6d3e6b54 -size 5536667 +oid sha256:1a73c4c7c3a4c6da9474c43f76273a706d8a04acbfd2e225b0d08d3d1ad30dba +size 12101744