This allows to use templates for commit messages in the changelog when
using `github`, `gitea`, or `gitlab` as the changelog implementation.
closes#4800
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
**Depends on #4792**
This adds support for opening pull requests on brew, krew, nix, scoop
and winget changes with Gitlab.
---------
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Creating files on a new branch is only possible with the API if
`start_branch`
is given otherwise the API returns:
> You can only create or edit files when you are on a branch
Fixes https://github.com/goreleaser/goreleaser/issues/4543
---------
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
- Add `strings` package import to `gitea.go`
- Implement `Changelog` function in `gitea.go`
- Update `useGitea` constant in `changelog.go`
- Add test for `useGitea` in `changelog_test.go`
- Update `changelog.md` with information about `gitea` customization
ref:
* Server API: https://github.com/go-gitea/gitea/pull/30349
* SDK: https://gitea.com/gitea/go-sdk/pulls/659
---------
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
If applied, this commit will allow users to create BlueSky posts
(skeets) about their Goreleaser-built projects
<!-- Why is this change being made? -->
Because I wanted to post to BlueSky when projects I work on relating to
BlueSky are built!
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
Example post made during unit testing (requires an account to see):
https://bsky.app/profile/jaygles.bsky.social/post/3kpv573c2pc2k
---------
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
I just improved the verbiage of the `build -p` switch:
from: `Amount tasks to run concurrently (default: number of CPUs)`
to: `Number of tasks to run concurrently (default: number of CPUs)`
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.2
to 4.1.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> by <a
href="https://github.com/jww3"><code>@jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1650">actions/checkout#1650</a></li>
<li>Check git version before attempting to disable
<code>sparse-checkout</code> by <a
href="https://github.com/jww3"><code>@jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1656">actions/checkout#1656</a></li>
<li>Add SSH user parameter by <a
href="https://github.com/cory-miller"><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1685">actions/checkout#1685</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4.1.2...v4.1.3">https://github.com/actions/checkout/compare/v4.1.2...v4.1.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1d96c772d1"><code>1d96c77</code></a>
Add SSH user parameter (<a
href="https://redirect.github.com/actions/checkout/issues/1685">#1685</a>)</li>
<li><a
href="cd7d8d697e"><code>cd7d8d6</code></a>
Check git version before attempting to disable
<code>sparse-checkout</code> (<a
href="https://redirect.github.com/actions/checkout/issues/1656">#1656</a>)</li>
<li><a
href="8410ad0602"><code>8410ad0</code></a>
Update <code>actions/checkout</code> version in
<code>update-main-version.yml</code> (<a
href="https://redirect.github.com/actions/checkout/issues/1650">#1650</a>)</li>
<li>See full diff in <a
href="9bb56186c3...1d96c772d1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
this includes anchore/quill as a pipe to sign and notarize macos
binaries
TODO:
- [x] find a way to test this
- [x] docs
- [x] maybe get someone from anchore to take a look?
---------
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab)
from 0.102.0 to 0.103.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a29d3198a2"><code>a29d319</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1916">#1916</a>
from vntw/access-token-webhook-event</li>
<li><a
href="c187a2d84b"><code>c187a2d</code></a>
Minor tweaks for consistency</li>
<li><a
href="5cf9a2e7f8"><code>5cf9a2e</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1921">#1921</a>
from beekeep/add-missing-attribute-project-push-rules</li>
<li><a
href="62722c4ed0"><code>62722c4</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1920">#1920</a>
from vntw/update-golangci-lint-cfg</li>
<li><a
href="a84a69d8b0"><code>a84a69d</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1918">#1918</a>
from timofurrer/release-assets-links-direct-asset-path</li>
<li><a
href="4224c3d478"><code>4224c3d</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1913">#1913</a>
from Poulpatine/new_events_webhooks</li>
<li><a
href="3c617d4d06"><code>3c617d4</code></a>
Reorder following the ordering in the docs</li>
<li><a
href="43a7d42e2a"><code>43a7d42</code></a>
Merge pull request <a
href="https://redirect.github.com/xanzy/go-gitlab/issues/1912">#1912</a>
from nicolasbrechet/1911_add_missing_epic_options_fo...</li>
<li><a
href="fea7e177d4"><code>fea7e17</code></a>
Add missing attribute to project push rules</li>
<li><a
href="25fa651769"><code>25fa651</code></a>
Fix golangci-lint <code>output.format</code> deprecation</li>
<li>Additional commits viewable in <a
href="https://github.com/xanzy/go-gitlab/compare/v0.102.0...v0.103.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps code.gitea.io/sdk/gitea from 0.17.1 to 0.18.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
if the output is not empty, log it with info.
this prevents potentially hiding warnings et al.
on successful builds usually the output is empty anyway.
closes#4782
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
- add the file type in the end of the sbom generated file
- fix wrong value attribution in the doc example
---------
Signed-off-by: cpanato <ctadeu@gmail.com>
Bumps
[docker/setup-buildx-action](https://github.com/docker/setup-buildx-action)
from 3.2.0 to 3.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.3.0</h2>
<ul>
<li>Bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.20.0 by
<a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in
<a
href="https://redirect.github.com/docker/setup-buildx-action/pull/307">docker/setup-buildx-action#307</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-buildx-action/compare/v3.2.0...v3.3.0">https://github.com/docker/setup-buildx-action/compare/v3.2.0...v3.3.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d70bba72b1"><code>d70bba7</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-buildx-action/issues/307">#307</a>
from crazy-max/bump-toolkit</li>
<li><a
href="7638634cb7"><code>7638634</code></a>
chore: update generated content</li>
<li><a
href="c68420fe0b"><code>c68420f</code></a>
bump <code>@docker/actions-toolkit</code> from 0.19.0 to 0.20.0</li>
<li>See full diff in <a
href="2b51285047...d70bba72b1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
Change `--skip-validate` in a doc file to `--skip=validate`.
<!-- Why is this change being made? -->
Running the command with `--skip-validate` produces the following
warning:
> • DEPRECATED: --skip-validate was deprecated in favor of
--skip=validate, check https://goreleaser.com/deprecations#-skip for
more details
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
