dependabot[bot]
07ebdfd05e
chore(deps): bump github/codeql-action from 2.1.6 to 2.1.7 ( #3021 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.6 to 2.1.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28eead2408...0182a2c78c
2022-04-06 09:41:08 -03:00
dependabot[bot]
796c4f209e
chore(deps): bump codecov/codecov-action from 2.1.0 to 3 ( #3022 )
...
* chore(deps): bump codecov/codecov-action from 2.1.0 to 3
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 2.1.0 to 3.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](f32b3a3741...e3c560433a
2022-04-06 09:40:50 -03:00
dependabot[bot]
0402dd371a
chore(deps): bump anchore/sbom-action from 0.8.0 to 0.9.0 ( #3023 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](2ad7824629...f6c3d0fe42
2022-04-06 09:40:06 -03:00
dependabot[bot]
71eb7a541a
chore(deps): bump github/codeql-action from 1.1.5 to 2.1.6 ( #3013 )
...
* chore(deps): bump github/codeql-action from 1.1.5 to 2.1.6
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8834766498...28eead2408
2022-03-31 09:05:51 -03:00
dependabot[bot]
dd26ed4d79
chore(deps): bump arduino/setup-task from 1.0.0 to 1.0.1 ( #3008 )
...
Bumps [arduino/setup-task](https://github.com/arduino/setup-task ) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/arduino/setup-task/releases )
- [Commits](accf38bba9...ca745e1891
2022-03-28 09:36:15 -03:00
dependabot[bot]
74f48c3a96
chore(deps): bump anchore/sbom-action from 0.7.0 to 0.8.0 ( #3001 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.7.0 to 0.8.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](ce4a7cf05d...2ad7824629
2022-03-22 19:52:17 -03:00
dependabot[bot]
1c3bc7fe8d
chore(deps): bump stefanzweifel/git-auto-commit-action ( #2995 )
2022-03-22 09:14:35 -03:00
dependabot[bot]
617cd81746
chore(deps): bump actions/setup-go from 2.2.0 to 3 ( #2987 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce...f6164bd8c8
2022-03-17 08:47:57 -03:00
Carlos Alexandro Becker
0a66b3dc85
feat: deprecate buildpacks ( #2982 )
2022-03-17 07:55:17 -03:00
Carlos Alexandro Becker
077ce16174
feat: more go 1.18 ( #2984 )
...
* feat: more go 1.18
moved more workflows to go 1.18, switched some code to strings.Cut
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* revert unwanted change
2022-03-16 23:28:13 -03:00
Naveen
1be9ede767
fix(ci): pinned workflow by hash ( #2977 )
...
* Pinned workflow by hash
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for some of the actions. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
* Fixed conflicts
2022-03-17 01:29:18 +00:00
Carlos Alexandro Becker
3c4e797150
feat: upgrade to go 1.18 ( #2978 )
...
* feat: upgrade to go 1.18
* chore: go mod tidy
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* test: fix
* fix: more updates
* test: fix test
2022-03-16 21:51:48 -03:00
dependabot[bot]
2d9acf65b5
chore(deps): bump sigstore/cosign-installer from 2.0.1 to 2.1.0 ( #2961 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 2.0.1 to 2.1.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.0.1...v2.1.0 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 09:18:18 -03:00
dependabot[bot]
b0b982f162
chore(deps): bump anchore/sbom-action from 0.6.0 to 0.7.0 ( #2960 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](https://github.com/anchore/sbom-action/compare/v0.6.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 09:16:00 -03:00
dependabot[bot]
6e08c72ba4
chore(deps): bump actions/checkout from 2 to 3 ( #2949 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-02 09:15:04 -03:00
dependabot[bot]
395ee0ae5b
chore(deps): bump golangci/golangci-lint-action from 2 to 3 ( #2936 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 2 to 3.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](https://github.com/golangci/golangci-lint-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-25 08:44:24 -03:00
dependabot[bot]
f75f6feeee
chore(deps): bump sigstore/cosign-installer from 2.0.0 to 2.0.1 ( #2928 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v2.0.0...v2.0.1 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-22 13:12:22 -03:00
dependabot[bot]
0b3106b9f0
chore(deps): bump actions/github-script from 5 to 6 ( #2907 )
...
Bumps [actions/github-script](https://github.com/actions/github-script ) from 5 to 6.
- [Release notes](https://github.com/actions/github-script/releases )
- [Commits](https://github.com/actions/github-script/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/github-script
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-14 08:45:48 -03:00
Carlos Alexandro Becker
9d49c50a70
docs: use the orgs code of conduct ( #2889 )
...
* chore: code of conduct links
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: use the orgs code of conduct
we dont need to keep a copy of it in every project, a single one should do.
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2022-02-08 14:20:50 -03:00
Carlos A Becker
482cc6479c
chore: do not run schedule action on forks
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2022-02-05 10:11:38 -03:00
dependabot[bot]
f695286db9
chore(deps): bump sigstore/cosign-installer from 1.4.1 to 2.0.0 ( #2866 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 1.4.1 to 2.0.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v1.4.1...v2.0.0 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-01 11:12:54 -03:00
Carlos A Becker
9aa00c7f3f
chore(ci): pass down AUR_KEY
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2022-01-26 22:15:05 -03:00
Tom Payne
87151f8575
chore(ci): remove stale trigger paths ( #2836 )
...
.github/workflows/htmltest.yml no longer exists, and the www/* path
catches changes to www/htmltest.yml.
2022-01-17 08:45:30 -03:00
Carlos A Becker
3a04e75bd3
docs: uneeded prefix
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-23 17:32:10 -03:00
Carlos A Becker
bd10528ab7
docs: new feature template
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-23 17:31:42 -03:00
dependabot[bot]
18272c80e0
chore(deps): bump anchore/sbom-action from 0.5.0 to 0.6.0 ( #2772 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](https://github.com/anchore/sbom-action/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-12-17 10:34:00 -03:00
Carlos Alexandro Becker
7c8185047a
chore(ci): use download syft action ( #2767 )
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-16 21:04:52 -03:00
Carlos Alexandro Becker
505888f41b
feat: keyless signing ( #2716 )
...
* feat: keyless signing
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: perms
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: rm old pubkey
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: missing experimental flag
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: true keyless
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improve install
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: simplifying
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improvements
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: improvements
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* docs: trying to improve docs
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: config
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
* fix: package write
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-16 13:43:11 -03:00
Carlos A Becker
edc8edc1ca
chore(ci): update syft
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-15 23:34:46 -03:00
Alex Goodman
bfdec808ab
feat: add sbom generation pipe ( #2648 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2021-12-12 00:21:51 -03:00
Carlos A Becker
c26921886b
feat: update cosign to v1.4.1
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-12 00:02:41 -03:00
Carlos A Becker
5025a363ff
chore(ci): commit author on generated code
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-06 23:18:20 -03:00
Carlos Alexandro Becker
55613db262
chore(ci): run codeql analysis ( #2740 )
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-06 09:45:28 -03:00
Carlos Alexandro Becker
0e0c558bc8
chore(deps): update milestone and dependabot config ( #2739 )
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-06 09:24:11 -03:00
Carlos Alexandro Becker
55cd895698
chore(ci): auto-assign milestone ( #2729 )
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-12-04 14:04:10 -03:00
Carlos A Becker
f545feea91
chore(ci): auto-gen schema
...
refs https://github.com/goreleaser/goreleaser/pull/2673#issuecomment-972839504
2021-11-18 10:01:51 -03:00
Carlos A Becker
4bd0b73e95
chore(ci): fix test pkgs
2021-11-14 12:27:43 -03:00
Carlos Alexandro Becker
c631b910ee
feat: update nfpm to 2.9.2 ( #2668 )
...
* feat: update nfpm to 2.9.2
* chore(ci): test packages on main
2021-11-14 11:54:31 -03:00
dependabot[bot]
9aeb2f3f5a
feat(deps): bump sigstore/cosign-installer from 1.3.0 to 1.3.1 ( #2665 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 1.3.0 to 1.3.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v1.3.0...v1.3.1 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-12 17:25:31 -03:00
Carlos A Becker
416d76eec4
feat: rename main branch
...
refs #2645
2021-11-12 17:23:32 -03:00
Carlos Alexandro Becker
52cf951c30
feat: krew support ( #2639 )
...
* feat: krew support
* fix: adds it to the pipe
* chore: fmt
* test: improvements
* fix: rm unused code
* fix: stringer
* fix: tmpl
* test: improvements
* fix: lint issues
* fix: only allow 1 binary per archive
* fix: validate
* chore: comment
* fix: renamed to manifest
* fix: krew plugin manifest
* fix: name
* fix: godoc
* fix: install validate-krew-manifest on ci
* fix: helper
* fix: ensure order
* fix: testing
* docs: guidelines
* fix: flag
2021-11-11 09:37:58 -03:00
Carlos Alexandro Becker
9af17a49ad
docs: fix link to CoC
...
res #2654
2021-11-09 22:35:04 -03:00
dependabot[bot]
1dae601df5
feat(deps): bump sigstore/cosign-installer from 1.2.1 to 1.3.0 ( #2629 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v1.2.1...v1.3.0 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-04 09:26:43 -03:00
Carlos A Becker
d7c79d0827
chore: use PAT
2021-11-02 21:31:53 -03:00
Carlos A Becker
f68ddf2261
chore(ci): auto-update docs
2021-11-02 21:21:46 -03:00
Carlos A Becker
cb29c1ea27
chore(ci): run docs build only when changing docs
2021-10-30 09:27:05 -03:00
Carlos Alexandro Becker
bc89397672
chore(ci): remove auto-assign
...
this mostly doesn't work anyway
2021-10-30 09:22:05 -03:00
dependabot[bot]
69f8927970
feat(deps): bump sigstore/cosign-installer from 1.2.0 to 1.2.1 ( #2602 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](https://github.com/sigstore/cosign-installer/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-10-25 10:16:02 -03:00
Carlos A Becker
0ccc79f099
chore(ci): fix docs action
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-10-12 22:29:14 -03:00
Carlos A Becker
d097f474ac
chore(ci): dependabot config
...
Signed-off-by: Carlos A Becker <caarlos0@gmail.com>
2021-10-12 22:18:56 -03:00
