mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-01-08 03:31:59 +02:00
008d43d72b
4450 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
dependabot[bot]
|
008d43d72b
|
chore(deps): bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#3818)
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 2.8.1 to 3.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.0.1</h2> <h2>What's Changed</h2> <ul> <li>make cosign v2.0.0 default version by <a href="https://github.com/developer-guy"><code>@developer-guy</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/109">sigstore/cosign-installer#109</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1">https://github.com/sigstore/cosign-installer/compare/v3.0.0...v3.0.1</a></p> <h2>v3.0.0</h2> <h1>Breaking change</h1> <p>Cosign v2 has some breaking changes. Please check those: <a href="https://blog.sigstore.dev/cosign-2-0-released/">https://blog.sigstore.dev/cosign-2-0-released/</a></p> <h2>What's Changed</h2> <ul> <li>test: add logs when downloading the public keys by <a href="https://github.com/hectorj2f"><code>@hectorj2f</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li> <li>Add support to install v2 and any other cosign release candidate by <a href="https://github.com/hectorj2f"><code>@hectorj2f</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/105">sigstore/cosign-installer#105</a></li> <li>v2.0.0 release by <a href="https://github.com/sabre1041"><code>@sabre1041</code></a> in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/hectorj2f"><code>@hectorj2f</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/106">sigstore/cosign-installer#106</a></li> <li><a href="https://github.com/sabre1041"><code>@sabre1041</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/sigstore/cosign-installer/pull/108">sigstore/cosign-installer#108</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0">https://github.com/sigstore/cosign-installer/compare/v2...v3.0.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
4ea080ce49
|
feat(deps): bump github.com/disgoorg/disgo from 0.15.1 to 0.15.2 (#3819)
Bumps [github.com/disgoorg/disgo](https://github.com/disgoorg/disgo) from 0.15.1 to 0.15.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/disgoorg/disgo/releases">github.com/disgoorg/disgo's releases</a>.</em></p> <blockquote> <h2>v0.15.2</h2> <h2>What's Changed</h2> <ul> <li>fix voice by <a href="https://github.com/TopiSenpai"><code>@TopiSenpai</code></a> in <a href=" |
||
|
dependabot[bot]
|
763340c2df
|
feat(deps): bump golang from 48f336e to 87d0a33 (#3820)
Bumps golang from `48f336e` to `87d0a33`. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
Carlos Alexandro Becker
|
f544c5ce69
|
test: testctx pkg (#3807)
alternative to #3806 the idea is that both `context.New` and `context.Context{}` are never used in tests. not sure yet how much I like it, so far code does look a bit more readable though. --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
e6159a1283
|
fix: remove unused field (#3817)
this is not being used, so... let's delete Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
CC11001100
|
b4a4ca1716
|
docs: fix list item count (#3816)
Hello, I found a number error in the document when I consulted the document, so I propose a pr to fix it |
||
|
Carlos A Becker
|
17782b1f7b
|
docs: ordering | ||
|
Carlos A Becker
|
b18339c5c6
|
docs: pro features
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
26cdc63b7e
|
docs: add missing file
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
adc279a15c
|
docs: update
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
53838da8ac
|
fix: smtp mixup of env and yaml opts (#3815)
it was forcing to provide the same information as env and yaml. this should fix it. --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
acc9eea154
|
feat(deps): update env to v7 (#3814)
env v7! Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
Jamie Tanna
|
6eff3857a1
|
docs: add cross-compilation article (#3811) | ||
|
Carlos Alexandro Becker
|
2634fbdad4
|
fix: race condition on artifacts.List (#3813)
I have no idea why this never happened before... the lock was ineffective in `artifacts.List`, which should have caused at least some race condition at some point. Anyway, got it once locally while working on another feature, and couldn't believe my eyes. Fixed, thank goodness! Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
6fc205a93b
|
chore(deps): bump github/codeql-action from 2.2.4 to 2.2.5 (#3808)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 2.2.5. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
d658b04ad7
|
feat(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#3809)
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos A Becker
|
a5f2302fd9
|
chore: update docs/schema for pro
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
4f7475eee1
|
fix: meta archives make the other archives be ignored (#3804) | ||
|
dependabot[bot]
|
2b454c283f
|
feat(deps): bump github.com/google/go-github/v50 from 50.0.0 to 50.1.0 (#3802) | ||
|
Carlos Alexandro Becker
|
702164076d
|
fix: skip publish on exec (#3800) | ||
|
Carlos Alexandro Becker
|
1aa984d006
|
fix: convert to forward slashes inside gio.Copy (#3794)
closes #3776 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
9dfa94cbb3
|
feat: scoop depends (#3797)
closes #3796 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
4790e2fe3d
|
chore(deps): bump actions/cache from 3.2.5 to 3.2.6 (#3798)
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.5 to 3.2.6. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v3.2.6</h2> <h2>What's Changed</h2> <ul> <li>Updated branch in Force deletion of caches by <a href="https://github.com/t-dedah"><code>@t-dedah</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1108">actions/cache#1108</a></li> <li>Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners by <a href="https://github.com/pdotl"><code>@pdotl</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1118">actions/cache#1118</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.2.6">https://github.com/actions/cache/compare/v3...v3.2.6</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>3.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 16</li> </ul> <h3>3.0.1</h3> <ul> <li>Added support for caching from GHES 3.5.</li> <li>Fixed download issue for files > 2GB during restore.</li> </ul> <h3>3.0.2</h3> <ul> <li>Added support for dynamic cache size cap on GHES.</li> </ul> <h3>3.0.3</h3> <ul> <li>Fixed avoiding empty cache save when no files are available for caching. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/624">issue</a>)</li> </ul> <h3>3.0.4</h3> <ul> <li>Fixed tar creation error while trying to create tar with path as <code>~/</code> home folder on <code>ubuntu-latest</code>. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/689">issue</a>)</li> </ul> <h3>3.0.5</h3> <ul> <li>Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (<a href="https://github-redirect.dependabot.com/actions/cache/pull/834">PR</a>)</li> </ul> <h3>3.0.6</h3> <ul> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/809">#809</a> - zstd -d: no such file or directory error</li> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/833">#833</a> - cache doesn't work with github workspace directory</li> </ul> <h3>3.0.7</h3> <ul> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/810">#810</a> - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.</li> </ul> <h3>3.0.8</h3> <ul> <li>Fix zstd not working for windows on gnu tar in issues <a href="https://github-redirect.dependabot.com/actions/cache/issues/888">#888</a> and <a href="https://github-redirect.dependabot.com/actions/cache/issues/891">#891</a>.</li> <li>Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable <code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li> </ul> <h3>3.0.9</h3> <ul> <li>Enhanced the warning message for cache unavailablity in case of GHES.</li> </ul> <h3>3.0.10</h3> <ul> <li>Fix a bug with sorting inputs.</li> <li>Update definition for restore-keys in README.md</li> </ul> <h3>3.0.11</h3> <ul> <li>Update toolkit version to 3.0.5 to include <code>@actions/core@^1.10.0</code></li> <li>Update <code>@actions/cache</code> to use updated <code>saveState</code> and <code>setOutput</code> functions from <code>@actions/core@^1.10.0</code></li> </ul> <h3>3.1.0-beta.1</h3> <ul> <li>Update <code>@actions/cache</code> on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/984">issue</a>)</li> </ul> <h3>3.1.0-beta.2</h3> <ul> <li>Added support for fallback to gzip to restore old caches on windows.</li> </ul> <h3>3.1.0-beta.3</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
1858bace7e
|
fix: nfpm replacements deprecation (#3793)
closes #3792 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
2c80588251
|
fix: better handle password protected keys (#3788)
password-protected keys would give path errors, which was simply not right. Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
970fad38b0
|
feat(deps): bump github.com/disgoorg/disgo from 0.15.0 to 0.15.1 (#3785)
Bumps [github.com/disgoorg/disgo](https://github.com/disgoorg/disgo) from 0.15.0 to 0.15.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/disgoorg/disgo/releases">github.com/disgoorg/disgo's releases</a>.</em></p> <blockquote> <h2>v0.15.1</h2> <h2>What's Changed</h2> <ul> <li><code>handler</code> package improvements by <a href="https://github.com/Thunder33345"><code>@Thunder33345</code></a> in <a href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/240">disgoorg/disgo#240</a></li> <li>add noop ratelimiter by <a href="https://github.com/TopiSenpai"><code>@TopiSenpai</code></a> in <a href=" |
||
|
dependabot[bot]
|
3f34afcecc
|
feat(deps): bump github.com/xanzy/go-gitlab from 0.80.0 to 0.80.2 (#3786)
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.80.0 to 0.80.2. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
db5a305fee
|
feat(deps): bump golang from 1.20.0-alpine to 1.20.1-alpine (#3783)
Bumps golang from 1.20.0-alpine to 1.20.1-alpine. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Carlos A Becker
|
8b41864109
|
fix: GO-2023-1571
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
6d3eb57c7a
|
fix: update to go 1.20.1 | ||
|
Carlos A Becker
|
76796e679d
|
chore: update schema
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
Mohammad Abbasi
|
7f445e9f8d
|
docs: update snap ref links (#3775)
update snapcraft doc supported interfaces ref link |
||
|
dependabot[bot]
|
019364be32
|
chore(deps): bump github/codeql-action from 2.2.3 to 2.2.4 (#3777)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.3 to 2.2.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>2.2.4 - 10 Feb 2023</h2> <p>No user facing changes.</p> <h2>2.2.3 - 08 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.2. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1518">#1518</a></li> </ul> <h2>2.2.2 - 06 Feb 2023</h2> <ul> <li>Fix an issue where customers using the CodeQL Action with the <a href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">CodeQL Action sync tool</a> would not be able to obtain the CodeQL tools. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1517">#1517</a></li> </ul> <h2>2.2.1 - 27 Jan 2023</h2> <p>No user facing changes.</p> <h2>2.2.0 - 26 Jan 2023</h2> <ul> <li>Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1475">#1475</a> <ul> <li>This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions <a href="https://github.com/actions/runner-images">runner images</a>.</li> <li><strong>No change is required for the majority of workflows</strong>, including: <ul> <li>Workflows on GitHub.com hosted runners using the latest version (<code>v2</code>) of the CodeQL Action.</li> <li>Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li> <li>Workflows on GitHub Enterprise Server.</li> </ul> </li> <li><strong>A change may be required</strong> for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>): <ul> <li>Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.</li> <li>Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (<code>v2</code>).</li> </ul> </li> <li><strong>Internal changes</strong> <ul> <li>These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses <a href="https://github.com/actions/toolkit/tree/main/packages/tool-cache"><code>@actions/tool-cache</code></a> or relies on the precise location of CodeQL within the Actions tool cache.</li> <li>The tool cache now contains <strong>two</strong> recent CodeQL versions (previously <strong>one</strong>).</li> <li>Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under <code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously <code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li> </ul> </li> </ul> </li> <li>The maximum number of <a href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object">SARIF runs</a> per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the <a href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data">GitHub API documentation</a> for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.</li> <li>Update default CodeQL bundle version to 2.12.1. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1498">#1498</a></li> <li>Fix a bug that forced the <code>init</code> Action to run for at least two minutes on JavaScript. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1494">#1494</a></li> </ul> <h2>2.1.39 - 18 Jan 2023</h2> <ul> <li>CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see <a href="https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/">this changelog post</a>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1466">#1467</a></li> <li>Python automatic dependency installation will no longer fail for projects using Poetry that specify <code>virtualenvs.options.no-pip = true</code> in their <code>poetry.toml</code>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1431">#1431</a></li> <li>Avoid printing a stack trace and error message when the action fails to find the SHA at the current directory. This will happen in several non-error states and so we now avoid cluttering the log with this message. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1485">#1485</a></li> </ul> <h2>2.1.38 - 12 Jan 2023</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f3f6d94a5c
|
feat(deps): bump github.com/goreleaser/nfpm/v2 from 2.25.1 to 2.26.0 (#3779)
Bumps [github.com/goreleaser/nfpm/v2](https://github.com/goreleaser/nfpm) from 2.25.1 to 2.26.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/goreleaser/nfpm/releases">github.com/goreleaser/nfpm/v2's releases</a>.</em></p> <blockquote> <h2>v2.26.0</h2> <h2>Changelog</h2> <h3>New Features</h3> <ul> <li>34276432d6614e28108b2851b298c86342c41e4c: feat(deps): bump github.com/goreleaser/chglog from 0.4.0 to 0.4.1 (<a href="https://github-redirect.dependabot.com/goreleaser/nfpm/issues/616">#616</a>) (<a href="https://github.com/dependabot"><code>@dependabot</code></a>[bot])</li> </ul> <h3>Bug fixes</h3> <ul> <li>4d89ab846ee135cbcf3085316bf15c739e8f1cc8: fix: use --clean instead of --rm-dist (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/goreleaser/nfpm/compare/v2.25.1...v2.26.0">https://github.com/goreleaser/nfpm/compare/v2.25.1...v2.26.0</a></p> <hr /> <ul> <li>Check out <a href="https://goreleaser.com">GoReleaser</a>: it integrates nFPM to the release pipeline of your Go projects.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
b572e8a834
|
feat(deps): bump golang.org/x/tools from 0.5.0 to 0.6.0 (#3778)
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.5.0 to 0.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/golang/tools/releases">golang.org/x/tools's releases</a>.</em></p> <blockquote> <h1>gopls/v0.6.0</h1> <h2>Features</h2> <h3>Default to <code>-mod=readonly</code></h3> <p>In Go 1.16, the Go command will no longer modify user's <code>go.mod</code> and <code>go.sum</code> files automatically (<a href="https://tip.golang.org/doc/go1.16#tools">https://tip.golang.org/doc/go1.16#tools</a>). In order to match this behavior, <code>gopls</code> now also uses <code>-mod=readonly</code> when running the <code>go</code> command. Any errors reported by the <code>go</code> command will be presented with a suggested fix to make the necessary fixes to your <code>go.mod</code> or <code>go.sum</code> files. As a consequence, your workspace may be in a partially broken state while you have errors in your <code>go.mod</code> or <code>go.sum</code> file. <a href="https://github-redirect.dependabot.com/golang/go/issues/42266">golang/go#42266</a> will mitigate this, but it will likely not be resolved until February.</p> <p><strong>Not recommended</strong>: If you must opt out of this behavior, you can set the <a href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#allowmodfilemodifications-bool"><code>allowModfileModifications</code></a> configuration to <code>true</code>.</p> <h3>Default to <code>GOPROXY=off</code></h3> <p><code>gopls</code> no longer accesses the network implicitly. This should improve latency in all cases, but it also means that <code>gopls</code> will no longer automatically download modules that are not found in your local module cache. The one exception is that <code>gopls</code> will still download dependencies on start-up, so it will continue to work as expected if you have cloned a repository for the first time. If <code>gopls</code> detects a missing module, it will offer you a suggested fix that downloads it.</p> <p><strong>Not recommended</strong>: If you must opt out of this behavior, you can set the <a href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#allowimplicitnetworkaccess-bool"><code>allowImplicitNetworkaccess</code></a> configuration to <code>true</code>.</p> <h3>Inclusion/exclusion filters for directories</h3> <p><code>gopls</code> now supports excluding certain directories in your workspace from analysis. This may be useful if you are only working on a subset of a large repository. Note that these filters are not propagated to the <code>go</code> command, so <code>gopls</code> will still load metadata for these directories, which may be expensive. <strong>Configure the included/excluded directories through the <a href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#directoryfilters-string"><code>directoryFilters</code></a> setting.</strong></p> <h3>Debouncing for diagnostics</h3> <p>Diagnostics are now reported instantly only for the packages currently being edited. Diagnostics for other packages in the workspace will now only be computed after 250 milliseconds, meaning that, if you are actively typing, <code>gopls</code> will not start these more costly operations. This should significantly reduce CPU utilization. This debounce delay can be optionally configured via the <a href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#experimentaldiagnosticsdelay-timeduration"><code>experimentalDiagnosticsDelay</code></a> setting.</p> <h3>"Upgrade direct dependencies" code lens</h3> <p>In <a href="https://github.com/golang/tools/releases/tag/gopls%2Fv0.5.4"><code>gopls/v0.5.4</code></a>, we removed the per-require "Upgrade dependency" code lens, as it was very high latency, and its UX did not meet user needs. Some users have expressed disappointment about this, so, to bridge the gap, we have separated the existing "Upgrade all dependencies" code lens into two: "Upgrade transitive dependencies" and "Upgrade direct dependencies". The first is the equivalent of running <code>go get -u all</code>, while the second <code>go get</code>s each of your module's requires independently. We are continuing to work on improving these features and will likely bring back the "Upgrade dependency" code lens as a suggested fix (learn more: <a href="https://github-redirect.dependabot.com/golang/go/issues/38339">golang/go#38339</a>).</p> <h3>Support for filling a partially-populated struct</h3> <p>The "Fill struct" suggested fix will now be suggested for structs that have some, but not all, fields set.</p> <h3>Experimental</h3> <h4>Field alignment analyzer</h4> <p>A new analyzer has been added to suggest reordering fields in a struct in order to achieve the optimal alignment in memory. It is still off by default, but can be enabled by adding the following to your <code>gopls</code> settings:</p> <pre lang="json5"><code>"analyses": { "fieldalignment": true } </code></pre> <h2>Fixes</h2> <h3>Improvements to diagnostics tracking</h3> <p>Diagnostic messages were not being updated correctly when the <a href="https://github.com/golang/tools/blob/master/gopls/doc/settings.md#codelenses-mapstringbool"><code>GC details</code></a> code lens was toggled on. New handling to differentiate diagnostics by sources should have resolved this issue.</p> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1e46e00899
|
chore(deps): bump actions/cache from 3.2.4 to 3.2.5 (#3773)
Bumps [actions/cache](https://github.com/actions/cache) from 3.2.4 to 3.2.5. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v3.2.5</h2> <h2>What's Changed</h2> <ul> <li>Rewrite readmes by <a href="https://github.com/jsoref"><code>@jsoref</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1085">actions/cache#1085</a></li> <li>Fixed typos and formatting in docs by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1076">actions/cache#1076</a></li> <li>Fixing paths for OSes by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1101">actions/cache#1101</a></li> <li>Release patch version update by <a href="https://github.com/Phantsure"><code>@Phantsure</code></a> in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1105">actions/cache#1105</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/jsoref"><code>@jsoref</code></a> made their first contribution in <a href="https://github-redirect.dependabot.com/actions/cache/pull/1085">actions/cache#1085</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.2.5">https://github.com/actions/cache/compare/v3...v3.2.5</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>3.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 16</li> </ul> <h3>3.0.1</h3> <ul> <li>Added support for caching from GHES 3.5.</li> <li>Fixed download issue for files > 2GB during restore.</li> </ul> <h3>3.0.2</h3> <ul> <li>Added support for dynamic cache size cap on GHES.</li> </ul> <h3>3.0.3</h3> <ul> <li>Fixed avoiding empty cache save when no files are available for caching. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/624">issue</a>)</li> </ul> <h3>3.0.4</h3> <ul> <li>Fixed tar creation error while trying to create tar with path as <code>~/</code> home folder on <code>ubuntu-latest</code>. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/689">issue</a>)</li> </ul> <h3>3.0.5</h3> <ul> <li>Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (<a href="https://github-redirect.dependabot.com/actions/cache/pull/834">PR</a>)</li> </ul> <h3>3.0.6</h3> <ul> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/809">#809</a> - zstd -d: no such file or directory error</li> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/833">#833</a> - cache doesn't work with github workspace directory</li> </ul> <h3>3.0.7</h3> <ul> <li>Fixed <a href="https://github-redirect.dependabot.com/actions/cache/issues/810">#810</a> - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.</li> </ul> <h3>3.0.8</h3> <ul> <li>Fix zstd not working for windows on gnu tar in issues <a href="https://github-redirect.dependabot.com/actions/cache/issues/888">#888</a> and <a href="https://github-redirect.dependabot.com/actions/cache/issues/891">#891</a>.</li> <li>Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable <code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li> </ul> <h3>3.0.9</h3> <ul> <li>Enhanced the warning message for cache unavailablity in case of GHES.</li> </ul> <h3>3.0.10</h3> <ul> <li>Fix a bug with sorting inputs.</li> <li>Update definition for restore-keys in README.md</li> </ul> <h3>3.0.11</h3> <ul> <li>Update toolkit version to 3.0.5 to include <code>@actions/core@^1.10.0</code></li> <li>Update <code>@actions/cache</code> to use updated <code>saveState</code> and <code>setOutput</code> functions from <code>@actions/core@^1.10.0</code></li> </ul> <h3>3.1.0-beta.1</h3> <ul> <li>Update <code>@actions/cache</code> on windows to use gnu tar and zstd by default and fallback to bsdtar and zstd if gnu tar is not available. (<a href="https://github-redirect.dependabot.com/actions/cache/issues/984">issue</a>)</li> </ul> <h3>3.1.0-beta.2</h3> <ul> <li>Added support for fallback to gzip to restore old caches on windows.</li> </ul> <h3>3.1.0-beta.3</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
c903398719
|
feat(deps): bump github.com/xanzy/go-gitlab from 0.79.1 to 0.80.0 (#3774)
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.79.1 to 0.80.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
actions-user
|
9d91b5576a | chore: docs auto-update | ||
John Olheiser
|
6c21b01586
|
feat: add OpenCollective (#3753)
This PR adds [OpenCollective](https://opencollective.com) as an announcement pipeline.  --------- Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
fee166d02f
|
build: do not release for windows arm7 (#3735)
no one uses it anyway Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
99ae082237
|
feat: finally deprecate the single build option (#3758)
This option was still being supported, even though undocumented, for many years now. I think it's finally time to sunset it for good, in 6 months :) --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
5fa826eb7f
|
feat(deps): bump golang.org/x/crypto from 0.5.0 to 0.6.0 (#3768)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.5.0 to 0.6.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
8c763ceca7
|
feat(deps): bump golang.org/x/text from 0.6.0 to 0.7.0 (#3770)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.6.0 to
0.7.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
|
dependabot[bot]
|
9d6d85855d
|
chore(deps): bump github/codeql-action from 2.2.2 to 2.2.3 (#3767)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.2 to 2.2.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>2.2.3 - 08 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.2. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1518">#1518</a></li> </ul> <h2>2.2.2 - 06 Feb 2023</h2> <ul> <li>Fix an issue where customers using the CodeQL Action with the <a href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">CodeQL Action sync tool</a> would not be able to obtain the CodeQL tools. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1517">#1517</a></li> </ul> <h2>2.2.1 - 27 Jan 2023</h2> <p>No user facing changes.</p> <h2>2.2.0 - 26 Jan 2023</h2> <ul> <li>Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1475">#1475</a> <ul> <li>This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions <a href="https://github.com/actions/runner-images">runner images</a>.</li> <li><strong>No change is required for the majority of workflows</strong>, including: <ul> <li>Workflows on GitHub.com hosted runners using the latest version (<code>v2</code>) of the CodeQL Action.</li> <li>Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li> <li>Workflows on GitHub Enterprise Server.</li> </ul> </li> <li><strong>A change may be required</strong> for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>): <ul> <li>Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.</li> <li>Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (<code>v2</code>).</li> </ul> </li> <li><strong>Internal changes</strong> <ul> <li>These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses <a href="https://github.com/actions/toolkit/tree/main/packages/tool-cache"><code>@actions/tool-cache</code></a> or relies on the precise location of CodeQL within the Actions tool cache.</li> <li>The tool cache now contains <strong>two</strong> recent CodeQL versions (previously <strong>one</strong>).</li> <li>Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under <code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously <code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li> </ul> </li> </ul> </li> <li>The maximum number of <a href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object">SARIF runs</a> per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the <a href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data">GitHub API documentation</a> for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.</li> <li>Update default CodeQL bundle version to 2.12.1. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1498">#1498</a></li> <li>Fix a bug that forced the <code>init</code> Action to run for at least two minutes on JavaScript. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1494">#1494</a></li> </ul> <h2>2.1.39 - 18 Jan 2023</h2> <ul> <li>CodeQL Action v1 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v2. For more information, see <a href="https://github.blog/changelog/2023-01-18-code-scanning-codeql-action-v1-is-now-deprecated/">this changelog post</a>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1466">#1467</a></li> <li>Python automatic dependency installation will no longer fail for projects using Poetry that specify <code>virtualenvs.options.no-pip = true</code> in their <code>poetry.toml</code>. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1431">#1431</a></li> <li>Avoid printing a stack trace and error message when the action fails to find the SHA at the current directory. This will happen in several non-error states and so we now avoid cluttering the log with this message. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1485">#1485</a></li> </ul> <h2>2.1.38 - 12 Jan 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.0. <a href="https://github-redirect.dependabot.com/github/codeql-action/pull/1466">#1466</a></li> </ul> <h2>2.1.37 - 14 Dec 2022</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
3e63d739f8
|
feat(deps): bump golang.org/x/oauth2 from 0.4.0 to 0.5.0 (#3769)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.4.0 to 0.5.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
actions-user
|
3142c99c7a | chore: docs releases json auto-update | ||
|
actions-user
|
90531fc879 | chore: docs releases json auto-update | ||
Christoph Witzko
|
90d8324971
|
fix(gitlab): correctly prepend/append/keep releases notes (#3765)
Hi, I found a bug in the GitLab client that leads to not correctly prepend/append/keep releases notes. This will use the original `Description` instead of the pre-rendered `DescriptionHTML`. Furthermore, as `include_html_description` is not enabled, the `DescriptionHTML` field is always empty. [GitLab documentation](https://docs.gitlab.com/ee/api/releases/index.html#get-a-release-by-a-tag-name) |
||
|
dependabot[bot]
|
9da9f78537
|
chore(deps): bump docker/setup-buildx-action from 2.4.0 to 2.4.1 (#3762) | ||
|
dependabot[bot]
|
6ab9fd15e1
|
chore(deps): bump github/codeql-action from 2.2.1 to 2.2.2 (#3763) |
