SHA256
1
0
forked from pool/trivy
Commit Graph

96 Commits

Author SHA256 Message Date
Ana Guerrero
0c9ec3d1b9 Accepting request 1104218 from devel:Factory:git-workflow:staging:dirkmueller:trivy:9
Update to 0.44.1



(🤖: Submission of trivy via pool/trivy#9 by dirkmueller)

OBS-URL: https://build.opensuse.org/request/show/1104218
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=58
2023-08-17 17:43:59 +00:00
d7aa926f1c [info=fe5cccdebe8c3f80a50568289bbf4e65174e54d1]
OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:9/trivy?expand=0&rev=1
2023-08-16 16:34:28 +00:00
Dominique Leuenberger
3025a61e7c Accepting request 1102156 from devel:Factory:git-workflow:staging:dirkmueller:trivy:5
Update Trivy to 0.44.0



(🤖: Submission of trivy via pool/trivy#5 by dirkmueller)

OBS-URL: https://build.opensuse.org/request/show/1102156
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=57
2023-08-03 15:30:44 +00:00
2b9122f8ac [info=3b8b301ce3e352f21ca0c2faef2ca1bc9b104ec7]
OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:5/trivy?expand=0&rev=1
2023-08-03 11:27:23 +00:00
Dominique Leuenberger
b405a96c4b Accepting request 1099718 from devel:Factory:git-workflow:staging:dirkmueller:trivy:4
Update to 0.43.1



(🤖: Submission of trivy via pool/trivy#4 by dirkmueller)

OBS-URL: https://build.opensuse.org/request/show/1099718
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=56
2023-07-25 09:50:00 +00:00
b25074f6e0 [info=6fda4ae520211599a57cefcb305a98c83f616b89]
OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:4/trivy?expand=0&rev=3
2023-07-20 11:20:15 +00:00
94f89a0b8c [info=dffe82d98424aa573d09cebce1464cef636da228]
OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:4/trivy?expand=0&rev=2
2023-07-20 10:38:52 +00:00
901d7de560 [info=46b4e36452c73989d1e9f6536ae754cc7a61d32e]
OBS-URL: https://build.opensuse.org/package/show/devel:Factory:git-workflow:staging:dirkmueller:trivy:4/trivy?expand=0&rev=1
2023-07-13 09:18:42 +00:00
Dominique Leuenberger
076cb03c4a Accepting request 1096591 from devel:Factory:git-workflow:staging:SCM_STAGING:trivy:3
🤖: Submission of trivy via pool/trivy#3 by dirkmueller

OBS-URL: https://build.opensuse.org/request/show/1096591
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=55
2023-07-04 13:21:56 +00:00
Dominique Leuenberger
1443f0bae4 Accepting request 1095924 from devel:Factory:git-workflow:staging:SCM_STAGING:trivy:1
🤖: Submission of trivy via pool/trivy#1 by dirkmueller

OBS-URL: https://build.opensuse.org/request/show/1095924
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=54
2023-06-29 15:29:13 +00:00
Dominique Leuenberger
5388dde51a Accepting request 1092482 from Virtualization:containers
- Update to version 0.42.1:
  * ci: remove 32bit packages (#4585)
  * fix(misconf): deduplicate misconf results (#4588)
  * fix(vm): support sector size of 4096 (#4564)
  * fix(misconf): terraform relative paths (#4571)
  * fix(purl): skip unsupported library type (#4577)
  * fix(terraform): recursively detect all Root Modules (#4457)
  * fix(vm): support post analyzer for vm command (#4544)
  * fix(nodejs): change the type of the devDependencies field (#4560)
  * fix(sbom): export empty dependencies in CycloneDX (#4568)
  * refactor: add composite fs for post-analyzers (#4556)
  * chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#4554)
  * chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#4526)
  * chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 (#4528)
  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to 2.30.3 (#4529)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 (#4536)
  * chore(deps): bump github.com/tetratelabs/wazero from 1.0.0 to 1.2.0 (#4549)
  * chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 (#4532)
  * chore(deps): bump github.com/testcontainers/testcontainers-go (#4537)
  * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#4530)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4534)
  * chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
  * chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
  * feat: add SBOM analyzer (#4210)
  * fix(sbom): update logic for work with files in spdx format (#4513)
  * feat: azure workload identity support (#4489)
  * feat(ubuntu): add eol date for 18.04 ESM (#4524)
  * fix(misconf): Update required extensions for terraformplan (#4523)
  * refactor(cyclonedx): add intermediate representation (#4490)
  * fix(misconf): Remove debug print while scanning (#4521)

OBS-URL: https://build.opensuse.org/request/show/1092482
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=53
2023-06-12 13:27:28 +00:00
3e2167aa9b - Update to version 0.42.1:
* ci: remove 32bit packages (#4585)
  * fix(misconf): deduplicate misconf results (#4588)
  * fix(vm): support sector size of 4096 (#4564)
  * fix(misconf): terraform relative paths (#4571)
  * fix(purl): skip unsupported library type (#4577)
  * fix(terraform): recursively detect all Root Modules (#4457)
  * fix(vm): support post analyzer for vm command (#4544)
  * fix(nodejs): change the type of the devDependencies field (#4560)
  * fix(sbom): export empty dependencies in CycloneDX (#4568)
  * refactor: add composite fs for post-analyzers (#4556)
  * chore(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0 (#4554)
  * chore(deps): bump helm/kind-action from 1.5.0 to 1.7.0 (#4526)
  * chore(deps): bump github.com/BurntSushi/toml from 1.2.1 to 1.3.0 (#4528)
  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.30.2 to 2.30.3 (#4529)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 (#4536)
  * chore(deps): bump github.com/tetratelabs/wazero from 1.0.0 to 1.2.0 (#4549)
  * chore(deps): bump github.com/spf13/cast from 1.5.0 to 1.5.1 (#4532)
  * chore(deps): bump github.com/testcontainers/testcontainers-go (#4537)
  * chore(deps): bump github.com/go-git/go-git/v5 from 5.6.1 to 5.7.0 (#4530)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/config (#4534)
  * chore(deps): bump github.com/sigstore/rekor from 1.2.0 to 1.2.1 (#4533)
  * chore(deps): bump alpine from 3.17.3 to 3.18.0 (#4525)
  * feat: add SBOM analyzer (#4210)
  * fix(sbom): update logic for work with files in spdx format (#4513)
  * feat: azure workload identity support (#4489)
  * feat(ubuntu): add eol date for 18.04 ESM (#4524)
  * fix(misconf): Update required extensions for terraformplan (#4523)
  * refactor(cyclonedx): add intermediate representation (#4490)
  * fix(misconf): Remove debug print while scanning (#4521)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=63
2023-06-12 08:17:18 +00:00
Dominique Leuenberger
32822cf39a Accepting request 1086593 from Virtualization:containers
- actually create a PIE binary

OBS-URL: https://build.opensuse.org/request/show/1086593
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=52
2023-05-12 18:37:44 +00:00
fa6666214b - actually create a PIE binary
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=61
2023-05-11 17:05:19 +00:00
Dominique Leuenberger
eb585e3918 Accepting request 1083465 from Virtualization:containers
- Update to version 0.41.0:
  * fix(spdx): add workaround for no src packages (#4118)
  * test(golang): rename broken go.mod (#4129)
  * feat(sbom): add supplier field (#4122)
  * test(misconf): skip downloading of policies for tests #4126
  * refactor: use debug message for post-analyze errors (#4037)
  * feat(sbom): add VEX support (#4053)
  * feat(sbom): add primary package purpose field for SPDX (#4119)
  * fix(k8s): fix quiet flag (#4120)
  * fix(python): parse of pip extras (#4103)
  * feat(java): use full path for nested jars (#3992)
  * feat(license): add new flag for classifier confidence level (#4073)
  * feat: config and fs compliance support (#4097)
  * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952)
  * feat(spdx): add support for SPDX 2.3 (#4058)
  * fix: k8s all-namespaces support (#4096)
  * perf(misconf): replace with post-analyzers (#4090)
  * fix(helm): update networking API version detection (#4106)
  * feat(image): custom docker host option (#3599)
  * style: debug flag is incorrect and needs extra - (#4087)
  * docs(vuln): Document inline vulnerability filtering comments (#4024)
  * feat(fs): customize error callback during fs walk (#4038)
  * fix(ubuntu): skip copyright files from subfolders (#4076)
  * docs: restructure scanners (#3977)
  * fix: fix `file does not exist` error for post-analyzers (#4061)

OBS-URL: https://build.opensuse.org/request/show/1083465
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=51
2023-04-28 14:23:54 +00:00
c266b89032 - Update to version 0.41.0:
* fix(spdx): add workaround for no src packages (#4118)
  * test(golang): rename broken go.mod (#4129)
  * feat(sbom): add supplier field (#4122)
  * test(misconf): skip downloading of policies for tests #4126
  * refactor: use debug message for post-analyze errors (#4037)
  * feat(sbom): add VEX support (#4053)
  * feat(sbom): add primary package purpose field for SPDX (#4119)
  * fix(k8s): fix quiet flag (#4120)
  * fix(python): parse of pip extras (#4103)
  * feat(java): use full path for nested jars (#3992)
  * feat(license): add new flag for classifier confidence level (#4073)
  * feat: config and fs compliance support (#4097)
  * chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3952)
  * feat(spdx): add support for SPDX 2.3 (#4058)
  * fix: k8s all-namespaces support (#4096)
  * perf(misconf): replace with post-analyzers (#4090)
  * fix(helm): update networking API version detection (#4106)
  * feat(image): custom docker host option (#3599)
  * style: debug flag is incorrect and needs extra - (#4087)
  * docs(vuln): Document inline vulnerability filtering comments (#4024)
  * feat(fs): customize error callback during fs walk (#4038)
  * fix(ubuntu): skip copyright files from subfolders (#4076)
  * docs: restructure scanners (#3977)
  * fix: fix `file does not exist` error for post-analyzers (#4061)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=59
2023-04-28 07:52:09 +00:00
Dominique Leuenberger
6041e60ad2 Accepting request 1079785 from Virtualization:containers
- Update to version 0.40.0:
  * feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026)
  * chore(deps): bump actions/stale from 7 to 8 (#3955)
  * fix: return insecure option to download javadb (#4064)
  * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052)
  * ci: add gpg signing for RPM packages (#4056)
  * fix(k8s): current context title (#4055)
  * fix(k8s): quit support on k8s progress bar (#4021)
  * chore: add a note about Dockerfile.canary (#4050)
  * ci: fix path to canary binaries (#4045)
  * fix(vuln): report architecture for debian packages (#4032)
  * feat: add support for Chainguard's commercial distro (#3641)
  * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979)
  * fix(vuln): fix error message for remote scanners (#4031)
  * feat(report): add image metadata to SARIF (#4020)
  * docs: fix broken cache link on Installation page (#3999)
  * fix: lock downloading policies and database (#4017)
  * fix: avoid concurrent access to the global map (#4014)
  * feat(rust): add Cargo.lock v3 support (#4012)
  * feat: auth support oci download server subcommand (#4008)
  * chore(deps): bump github.com/docker/docker (#4009)
  * chore: install.sh support for armv7 (#3985)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961)

- Update to version 0.39.1:
  * fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997)
  * fix(sbom): fix infinite loop for cyclonedx (#3998)
  * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954)
  * fix: use warning for errors from enrichment files for post-analyzers (#3972)
  * chore(deps): bump github.com/docker/docker (#3963)

OBS-URL: https://build.opensuse.org/request/show/1079785
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=50
2023-04-17 15:41:01 +00:00
b634bc69af OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=57 2023-04-16 19:13:49 +00:00
1c04f09b2d - Update to version 0.40.0:
* feat(flag): Support globstar for `--skip-files` and `--skip-directories` (#4026)
  * chore(deps): bump actions/stale from 7 to 8 (#3955)
  * fix: return insecure option to download javadb (#4064)
  * fix(nodejs): don't stop parsing when unsupported yarn.lock protocols are found (#4052)
  * ci: add gpg signing for RPM packages (#4056)
  * fix(k8s): current context title (#4055)
  * fix(k8s): quit support on k8s progress bar (#4021)
  * chore: add a note about Dockerfile.canary (#4050)
  * ci: fix path to canary binaries (#4045)
  * fix(vuln): report architecture for debian packages (#4032)
  * feat: add support for Chainguard's commercial distro (#3641)
  * ci: bump goreleaser for Github Action from 1.4.1 to 1.16.2 (#3979)
  * fix(vuln): fix error message for remote scanners (#4031)
  * feat(report): add image metadata to SARIF (#4020)
  * docs: fix broken cache link on Installation page (#3999)
  * fix: lock downloading policies and database (#4017)
  * fix: avoid concurrent access to the global map (#4014)
  * feat(rust): add Cargo.lock v3 support (#4012)
  * feat: auth support oci download server subcommand (#4008)
  * chore(deps): bump github.com/docker/docker (#4009)
  * chore: install.sh support for armv7 (#3985)
  * chore(deps): bump github.com/Azure/go-autorest/autorest/adal (#3961)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=56
2023-04-16 18:11:29 +00:00
a9593f7bd8 - Update to version 0.39.1:
* fix(rust): fix panic when 'dependencies' field is not used in cargo.toml (#3997)
  * fix(sbom): fix infinite loop for cyclonedx (#3998)
  * chore(deps): bump helm/chart-testing-action from 2.3.1 to 2.4.0 (#3954)
  * fix: use warning for errors from enrichment files for post-analyzers (#3972)
  * chore(deps): bump github.com/docker/docker (#3963)
  * fix(helm): added annotation to psp configurable from values (#3893)
  * chore(deps): bump github.com/go-git/go-git/v5 from 5.5.2 to 5.6.1 (#3962)
  * fix(secret): update built-in rule `tests`  (#3855)
  * chore(deps): bump github.com/alicebob/miniredis/v2 from 2.23.0 to 2.30.1 (#3957)
  * test: rewrite scripts in Go (#3968)
  * docs(cli): Improve glob documentation (#3945)
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/sts (#3959)
  * ci: check CLI references (#3967)
  * chore(deps): bump alpine from 3.17.2 to 3.17.3 (#3951)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.212 to 1.44.234 (#3956)
  * chore(deps): bump github.com/moby/buildkit from 0.11.4 to 0.11.5 (#3958)
  * chore(deps): bump actions/setup-go from 3 to 4 (#3953)
  * chore(deps): bump actions/cache from 3.2.6 to 3.3.1 (#3950)
  * chore(deps): bump github.com/containerd/containerd from 1.6.19 to 1.7.0 (#3965)
  * chore(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.0 (#3964)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=55
2023-04-13 09:17:33 +00:00
Dominique Leuenberger
6ce1e32625 Accepting request 1077009 from Virtualization:containers
- Update to version 0.39.0:
  * docs(cli): added makefile and go file to create docs (#3930)
  * chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  * chore: ignore gpg key (#3943)
  * feat(cyclonedx): support dependency graph (#3177)
  * chore(deps): Bump defsec to v0.85.0 (#3940)
  * feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  * feat(server): redis with public TLS certs support (#3783)
  * feat(flag): Add glob support to `--skip-dirs` and `--skip-files`  (#3866)
  * chore: replace make with mage (#3932)
  * fix(sbom): add checksum to files (#3888)
  * chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  * chore: remove unused mount volumes (#3927)
  * feat: add auth support for downloading OCI artifacts (#3915)
  * refactor(purl): use epoch in qualifier (#3913)
  * chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  * feat(image): add registry options (#3906)
  * feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  * chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  * feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  * chore(deps): updates wazero to 1.0.0 (#3904)
  * feat(image): discover SBOM in OCI referrers (#3768)
  * docs: change cache-dir key in config file (#3897)
  * fix(sbom): use release and epoch for SPDX package version (#3896)
  * ci: add gpg signing for RPM packages (#3612)
  * docs: Update incorrect comment for skip-update flag (#3878)
  * refactor(misconf): simplify policy filesystem (#3875)
  * feat(nodejs): parse package.json alongside yarn.lock (#3757)
  * fix(spdx): add PkgDownloadLocation field (#3879)
  * fix(report): try to guess direct deps for dependency tree (#3852)

OBS-URL: https://build.opensuse.org/request/show/1077009
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=49
2023-04-03 16:11:13 +00:00
062c4c4519 - Update to version 0.39.0:
* docs(cli): added makefile and go file to create docs (#3930)
  * chore: Revert "ci: add gpg signing for RPM packages (#3612)" (#3946)
  * chore: ignore gpg key (#3943)
  * feat(cyclonedx): support dependency graph (#3177)
  * chore(deps): Bump defsec to v0.85.0 (#3940)
  * feat(rust): remove dev deps and find direct deps for Cargo.lock (#3919)
  * feat(server): redis with public TLS certs support (#3783)
  * feat(flag): Add glob support to `--skip-dirs` and `--skip-files`  (#3866)
  * chore: replace make with mage (#3932)
  * fix(sbom): add checksum to files (#3888)
  * chore(deps): bump github.com/opencontainers/runc from 1.1.4 to 1.1.5 (#3928)
  * chore: remove unused mount volumes (#3927)
  * feat: add auth support for downloading OCI artifacts (#3915)
  * refactor(purl): use epoch in qualifier (#3913)
  * chore(deps): bump github.com/in-toto/in-toto-golang from 0.5.0 to 0.7.0 (#3727)
  * feat(image): add registry options (#3906)
  * feat(rust): dependency tree and line numbers support for cargo lock file (#3746)
  * chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3905)
  * feat(php): add support for location, licenses and graph for composer.lock files (#3873)
  * chore(deps): updates wazero to 1.0.0 (#3904)
  * feat(image): discover SBOM in OCI referrers (#3768)
  * docs: change cache-dir key in config file (#3897)
  * fix(sbom): use release and epoch for SPDX package version (#3896)
  * ci: add gpg signing for RPM packages (#3612)
  * docs: Update incorrect comment for skip-update flag (#3878)
  * refactor(misconf): simplify policy filesystem (#3875)
  * feat(nodejs): parse package.json alongside yarn.lock (#3757)
  * fix(spdx): add PkgDownloadLocation field (#3879)
  * fix(report): try to guess direct deps for dependency tree (#3852)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=53
2023-04-03 12:32:29 +00:00
Dominique Leuenberger
f3ea202720 Accepting request 1071463 from Virtualization:containers
- Update to version 0.38.3:
  * chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
  * fix(java): skip empty files for jar post analyzer (#3832)
  * fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
  * refactor(license): use goyacc for license parser (#3824)
  * chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
  * fix: populate timeout context to node-collector (#3766)
  * fix: exclude node collector scanning (#3771)
  * fix: display correct flag in error message when skipping java db update #3808
  * fix: disable jar analyzer for scanners other than vuln (#3810)
  * fix(sbom): fix incompliant license format for spdx (#3335)
  * fix(java): the project props take precedence over the parent's props (#3320)
  * docs: add canary build info to README.md (#3799)
  * docs: adding link to gh token generation (#3784)
  * docs: changing docs in accordance with #3460 (#3787)

OBS-URL: https://build.opensuse.org/request/show/1071463
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=48
2023-03-14 17:17:29 +00:00
12518195d5 OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=51 2023-03-14 10:01:30 +00:00
b319fb593e - Update to version 0.38.3:
* chore(deps): bump github.com/aws/aws-sdk-go-v2/service/ec2 from 1.86.1 to 1.89.1 (#3827)
  * fix(java): skip empty files for jar post analyzer (#3832)
  * fix(docker): build healthcheck command for line without /bin/sh prefix (#3831)
  * refactor(license): use goyacc for license parser (#3824)
  * chore(deps): bump github.com/docker/docker from 23.0.0-rc.1+incompatible to 23.0.1+incompatible (#3586)
  * fix: populate timeout context to node-collector (#3766)
  * fix: exclude node collector scanning (#3771)
  * fix: display correct flag in error message when skipping java db update #3808
  * fix: disable jar analyzer for scanners other than vuln (#3810)
  * fix(sbom): fix incompliant license format for spdx (#3335)
  * fix(java): the project props take precedence over the parent's props (#3320)
  * docs: add canary build info to README.md (#3799)
  * docs: adding link to gh token generation (#3784)
  * docs: changing docs in accordance with #3460 (#3787)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=50
2023-03-14 09:57:08 +00:00
Dominique Leuenberger
df40ca50c6 Accepting request 1070155 from Virtualization:containers
- Update to version 0.38.2:
  * chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
  * chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
  * fix(license): disable jar analyzer for licence scan only (#3780)
  * bump trivy-issue-action to v0.0.0; skip `pkg` dir (#3781)
  * fix: skip checking dirs for required post-analyzers (#3773)
  * docs: add information about plugin format (#3749)
  * fix(sbom): add trivy version to spdx creators tool field (#3756)

OBS-URL: https://build.opensuse.org/request/show/1070155
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=47
2023-03-08 13:54:13 +00:00
18a2b0893a - Update to version 0.38.2:
* chore(deps): bump github.com/moby/buildkit from 0.11.0 to 0.11.4 (#3789)
  * chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#3724)
  * fix(license): disable jar analyzer for licence scan only (#3780)
  * bump trivy-issue-action to v0.0.0; skip `pkg` dir (#3781)
  * fix: skip checking dirs for required post-analyzers (#3773)
  * docs: add information about plugin format (#3749)
  * fix(sbom): add trivy version to spdx creators tool field (#3756)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=48
2023-03-08 11:07:56 +00:00
Dominique Leuenberger
344e252b74 Accepting request 1069011 from Virtualization:containers
- Update to version 0.38.1:
  * feat(misconf): Add support to show policy bundle version (#3743)
  * fix(python): fix error with optional dependencies in pyproject.toml (#3741)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.212 (#3740)
  * add id for package.json files (#3750)
  * chore(deps): bump github.com/containerd/containerd from 1.6.18 to 1.6.19 (#3738)
  * chore(deps): bump actions/cache from 3.2.4 to 3.2.6 (#3725)
  * chore(deps): bump github.com/google/go-containerregistry (#3731)
  * chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 (#3732)
  * chore(deps): bump alpine from 3.17.1 to 3.17.2 (#3723)

OBS-URL: https://build.opensuse.org/request/show/1069011
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=46
2023-03-02 22:04:42 +00:00
a65dfd33d7 - Update to version 0.38.1:
* feat(misconf): Add support to show policy bundle version (#3743)
  * fix(python): fix error with optional dependencies in pyproject.toml (#3741)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.210 to 1.44.212 (#3740)
  * add id for package.json files (#3750)
  * chore(deps): bump github.com/containerd/containerd from 1.6.18 to 1.6.19 (#3738)
  * chore(deps): bump actions/cache from 3.2.4 to 3.2.6 (#3725)
  * chore(deps): bump github.com/google/go-containerregistry (#3731)
  * chore(deps): bump go.etcd.io/bbolt from 1.3.6 to 1.3.7 (#3732)
  * chore(deps): bump alpine from 3.17.1 to 3.17.2 (#3723)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=46
2023-03-02 17:38:57 +00:00
Dominique Leuenberger
a92041049c Accepting request 1068414 from Virtualization:containers
- Update to version 0.38.0:
  * fix(cli): pass integer to exit-on-eol (#3716)
  * feat: add kubernetes pss compliance (#3498)
  * feat: Adding --module-dir and --enable-modules (#3677)
  * feat: add special IDs for filtering secrets (#3702)
  * chore(deps): Update defsec (#3713)
  * docs(misconf): Add guide on input schema (#3692)
  * feat(go): support dependency graph and show only direct dependencies in the tree (#3691)
  * feat: docker multi credential support (#3631)
  * feat: summarize vulnerabilities in compliance reports (#3651)
  * feat(python): parse pyproject.toml alongside poetry.lock (#3695)
  * feat(python): add dependency tree for poetry lock file (#3665)
  * fix(cyclonedx): incompliant affect ref (#3679)
  * chore(helm): update skip-db-update environment variable (#3657)
  * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675)
  * fix(sbom): export empty dependencies in CycloneDX (#3664)
  * docs: java-db air-gap doc tweaks (#3561)
  * feat(go): license support (#3683)
  * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669)
  * fix(k8s): k8s label size (#3678)
  * fix(cyclondx): fix array empty value, null to [] (#3676)
  * refactor: rewrite gomod analyzer as post-analyzer (#3674)
  * feat: config outdated-api result filtered by k8s version (#3578)
  * fix: Update to Alpine 3.17.2 (#3655)
  * feat: add support for virtual files (#3654)
  * feat: add post-analyzers (#3640)
  * chore(deps): updates wazero to 1.0.0-pre.9 (#3653)
  * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528)
  * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633)
  * feat(python): add dependency locations for Pipfile.lock (#3614)

OBS-URL: https://build.opensuse.org/request/show/1068414
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=45
2023-03-01 15:14:41 +00:00
4e5f1d07de - Update to version 0.38.0:
* fix(cli): pass integer to exit-on-eol (#3716)
  * feat: add kubernetes pss compliance (#3498)
  * feat: Adding --module-dir and --enable-modules (#3677)
  * feat: add special IDs for filtering secrets (#3702)
  * chore(deps): Update defsec (#3713)
  * docs(misconf): Add guide on input schema (#3692)
  * feat(go): support dependency graph and show only direct dependencies in the tree (#3691)
  * feat: docker multi credential support (#3631)
  * feat: summarize vulnerabilities in compliance reports (#3651)
  * feat(python): parse pyproject.toml alongside poetry.lock (#3695)
  * feat(python): add dependency tree for poetry lock file (#3665)
  * fix(cyclonedx): incompliant affect ref (#3679)
  * chore(helm): update skip-db-update environment variable (#3657)
  * fix(spdx): change CreationInfo timestamp format RFC3336Nano to RFC3336 (#3675)
  * fix(sbom): export empty dependencies in CycloneDX (#3664)
  * docs: java-db air-gap doc tweaks (#3561)
  * feat(go): license support (#3683)
  * feat(ruby): add dependency tree/location support for Gemfile.lock (#3669)
  * fix(k8s): k8s label size (#3678)
  * fix(cyclondx): fix array empty value, null to [] (#3676)
  * refactor: rewrite gomod analyzer as post-analyzer (#3674)
  * feat: config outdated-api result filtered by k8s version (#3578)
  * fix: Update to Alpine 3.17.2 (#3655)
  * feat: add support for virtual files (#3654)
  * feat: add post-analyzers (#3640)
  * chore(deps): updates wazero to 1.0.0-pre.9 (#3653)
  * chore(deps): bump github.com/go-openapi/runtime from 0.24.2 to 0.25.0 (#3528)
  * chore(deps): bump github.com/containerd/containerd from 1.6.15 to 1.6.18 (#3633)
  * feat(python): add dependency locations for Pipfile.lock (#3614)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=44
2023-03-01 10:45:59 +00:00
Dominique Leuenberger
4cbfab8f24 Accepting request 1065886 from Virtualization:containers
- Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
  * chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/request/show/1065886
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=44
2023-02-15 12:40:59 +00:00
d2c9e8e17e - Update to version 0.37.3 (bsc#1208091, CVE-2023-25165):
* chore(helm): update Trivy from v0.36.1 to v0.37.2 (#3574)
  * chore(deps): bump github.com/spf13/viper from 1.14.0 to 1.15.0 (#3536)
  * chore(deps): bump golang/x/mod to v0.8.0 (#3606)
  * chore(deps): bump golang.org/x/crypto from 0.3.0 to 0.5.0 (#3529)
  * chore(deps): bump helm.sh/helm/v3 from 3.10.3 to 3.11.1 (#3580)
  * ci: quote pros in c++ for semantic pr (#3605)
  * fix(image): check proxy settings from env for remote images (#3604)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=42
2023-02-15 08:41:42 +00:00
Dominique Leuenberger
dc4d8d93e4 Accepting request 1064170 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1064170
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=43
2023-02-10 13:35:48 +00:00
2ec944171e Accepting request 1064149 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.37.2

OBS-URL: https://build.opensuse.org/request/show/1064149
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=40
2023-02-10 08:08:46 +00:00
Dominique Leuenberger
9cc6d7280d Accepting request 1062489 from Virtualization:containers
- Update to version 0.37.1:
  * fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/request/show/1062489
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=42
2023-02-02 17:08:30 +00:00
d95d3d3fa3 - Update to version 0.37.1:
* fix(sbom): download the Java DB when generating SBOM (#3539)
  * fix: use cgo free sqlite driver (#3521)
  * ci: fix path to dist folder (#3527)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=38
2023-02-01 16:22:25 +00:00
Dominique Leuenberger
12108ca998 Accepting request 1062442 from Virtualization:containers
- Update to version 0.37.0:
  * fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/request/show/1062442
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=41
2023-02-01 15:40:02 +00:00
672c04bdc6 - Update to version 0.37.0:
* fix(image): close layers (#3517)
  * refactor: db client changed (#3515)
  * feat(java): use trivy-java-db to get GAV (#3484)
  * docs: add note about the limitation in Rekor (#3494)
  * docs: aggregate targets (#3503)
  * deps: updates wazero to 1.0.0-pre.8 (#3510)
  * docs: add alma 9 and rocky 9 to supported os (#3513)
  * chore(deps): bump defsec to v0.82.9 (#3512)
  * chore: add missing target labels (#3504)
  * docs: add java vulnerability page (#3429)
  * feat(image): add support for Docker CIS Benchmark (#3496)
  * feat(image): secret scanning on container image config (#3495)
  * chore(deps): Upgrade defsec to v0.82.8 (#3488)
  * feat(image): scan misconfigurations in image config (#3437)
  * chore(helm): update Trivy from v0.30.4 to v0.36.1 (#3489)
  * feat(k8s): add node info resource (#3482)
  * perf(secret): optimize secret scanning memory usage (#3453)
  * feat: support aliases in CLI flag, env and config (#3481)
  * fix(k8s): migrate rbac k8s (#3459)
  * feat(java): add implementationVendor and specificationVendor fields to detect GroupID from MANIFEST.MF (#3480)
  * refactor: rename security-checks to scanners (#3467)
  * chore: display the troubleshooting URL for the DB denial error (#3474)
  * docs: yaml tabs to spaces, auto create namespace (#3469)
  * docs: adding show-and-tell template to GH discussions (#3391)
  * fix: Fix a temporary file leak in case of error (#3465)
  * fix(test): sort cyclonedx components (#3468)
  * docs: fixing spelling mistakes (#3462)
  * ci: set paths triggering VM tests in PR (#3438)
  * docs: typo in --skip-files (#3454)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=36
2023-02-01 12:11:50 +00:00
Dominique Leuenberger
e17d52e94b Accepting request 1056176 from Virtualization:containers
- Update to version 0.36.1:
  * fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/request/show/1056176
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=40
2023-01-05 14:01:38 +00:00
8feee24f2e - Update to version 0.36.1:
* fix(deps): fix errors on yarn.lock files that contain local file reference (#3384)
  * feat(flag): early fail when the format is invalid (#3370)
  * chore(deps): bump github.com/aws/aws-sdk-go from 1.44.136 to 1.44.171 (#3366)
  * docs(aws): fix broken links (#3374)
  * chore(deps): bump actions/stale from 6 to 7 (#3360)
  * chore(deps): bump helm/kind-action from 1.4.0 to 1.5.0 (#3359)
  * chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.6.0 to 0.7.0 (#2974)
  * chore(deps): bump azure/setup-helm from 3.4 to 3.5 (#3358)
  * chore(deps): bump github.com/moby/buildkit from 0.10.4 to 0.10.6 (#3173)
  * chore(deps): bump goreleaser/goreleaser-action from 3 to 4 (#3357)
  * chore(deps): bump github.com/containerd/containerd from 1.6.8 to 1.6.14 (#3367)
  * chore(go): updates wazero to v1.0.0-pre.7 (#3355)
  * chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#3362)
  * chore(deps): bump actions/cache from 3.0.11 to 3.2.2 (#3356)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=34
2023-01-05 12:15:28 +00:00
Dominique Leuenberger
dd42ed5832 Accepting request 1046089 from Virtualization:containers
- Update to version 0.36.0:
  * docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/request/show/1046089
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=39
2023-01-02 14:02:13 +00:00
4e05e2e98d - Update to version 0.36.0:
* docs: improve compliance docs (#3340)
  * feat(deps): add yarn lock dependency tree (#3348)
  * fix: compliance change id and title naming (#3349)
  * feat: add support for mix.lock files for elixir language (#3328)
  * feat: add k8s cis bench (#3315)
  * test: disable SearchLocalStoreByNameOrDigest test for non-amd64 arch (#3322)
  * revert: cache merged layers (#3334)
  * feat(cyclonedx): add recommendation (#3336)
  * feat(ubuntu): added support ubuntu ESM versions (#1893)
  * fix: change logic to build relative paths for skip-dirs and skip-files (#3331)
  * chore(deps): bump github.com/hashicorp/golang-lru from 0.5.4 to 2.0.1 (#3265)
  * feat: Adding support for Windows testing (#3037)
  * feat: add support for Alpine 3.17 (#3319)
  * docs: change PodFile.lock to Podfile.lock (#3318)
  * fix(sbom): support for the detection of old CycloneDX predicate type (#3316)
  * feat(secret): Use .trivyignore for filtering secret scanning result (#3312)
  * chore(go): remove experimental FS API usage in Wasm (#3299)
  * ci: add workflow to add issues to roadmap project (#3292)
  * fix(vuln): include duplicate vulnerabilities with different package paths in the final report (#3275)
  * chore(deps): bump github.com/spf13/viper from 1.13.0 to 1.14.0 (#3250)
  * feat(sbom): better support for third-party SBOMs (#3262)
  * docs: add information about languages with support for dependency locations (#3306)
  * feat(vm): add `region` option to vm scan to be able to scan any region's ami and ebs snapshots (#3284)
  * chore(deps): bump github.com/Azure/azure-sdk-for-go from 66.0.0+incompatible to 67.1.0+incompatible (#3251)
  * fix(vuln): change severity vendor priority for ghsa-ids and vulns from govuln (#3255)
  * docs: remove comparisons (#3289)
  * feat: add support for Wolfi Linux (#3215)
  * ci: add go.mod to canary workflow (#3288)
  * feat(python): skip dev dependencies (#3282)

OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=32
2023-01-02 08:37:03 +00:00
Dominique Leuenberger
f211ec832b Accepting request 1038587 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1038587
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=38
2022-11-28 10:07:24 +00:00
83b7bc68d6 Accepting request 1038580 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.35.0

OBS-URL: https://build.opensuse.org/request/show/1038580
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=30
2022-11-28 08:09:58 +00:00
Dominique Leuenberger
d33073e8fe Accepting request 1034128 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1034128
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=37
2022-11-07 12:51:58 +00:00
2f67d2596c Accepting request 1032484 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.34.0

OBS-URL: https://build.opensuse.org/request/show/1032484
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=28
2022-11-07 10:10:13 +00:00
Dominique Leuenberger
7e3a352f9b Accepting request 1031258 from Virtualization:containers
OBS-URL: https://build.opensuse.org/request/show/1031258
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=36
2022-10-26 10:31:55 +00:00
1afcdaafd3 Accepting request 1031236 from home:ojkastl_buildservice:Branch_Virtualization_containers
update to 0.33.0

OBS-URL: https://build.opensuse.org/request/show/1031236
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/trivy?expand=0&rev=26
2022-10-26 06:33:34 +00:00
Richard Brown
4fdf8b2cf9 Accepting request 1006699 from Virtualization:containers
- Update to version 0.32.1:
  * fix(java): use fields of dependency from dependencyManagement from upper pom.xml to parse deps (#2943)
  * chore: expat lib and go binary deps vulns (#2940)
  * wasm: Removes accidentally exported memory (#2950)
  * fix(sbom): fix package name separation for gradle (#2906)
  * docs(readme.md): fix broken integrations link (#2931)
  * fix(image): handle images with single layer in rescan mergedLayers cache (#2927)
  * fix(cli): split env values with ',' for slice flags (#2926)
  * fix(cli): config/helm: also take into account files with `.yml` (#2928)
  * fix(flag): add file-patterns flag for config subcommand (#2925)
  * chore(deps): bump github.com/open-policy-agent/opa from 0.43.0 to 0.43.1 (#2902)

OBS-URL: https://build.opensuse.org/request/show/1006699
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/trivy?expand=0&rev=35
2022-09-29 16:13:00 +00:00