mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-01-08 03:31:59 +02:00
c47315fead
4504 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Maxime Brunet
|
c47315fead
|
feat(ko): support labels and creation times (#3852)
* Add a `labels` key-value map to the `kos` config. My interest is to be able to label the built images: https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-container-registry#labelling-container-images * Add creation times to allow using the commit timestamp as meaningful creation time |
||
dependabot[bot]
|
b96dba0333
|
feat(deps): bump github.com/google/go-containerregistry from 0.13.0 to 0.14.0 (#3878)
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.13.0 to 0.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/go-containerregistry/releases">github.com/google/go-containerregistry's releases</a>.</em></p> <blockquote> <h2>v0.14.0</h2> <h2>Changelog</h2> <ul> <li>9306ebad Allow crane edit to generate non-image artifacts (<a href="https://redirect.github.com/google/go-containerregistry/issues/1545">#1545</a>)</li> <li>de35f0f7 Allow setting Content-Type in crane edit manifest (<a href="https://redirect.github.com/google/go-containerregistry/issues/1551">#1551</a>)</li> <li>4b081f80 Avoid v1.Manifest in crane edit config (<a href="https://redirect.github.com/google/go-containerregistry/issues/1583">#1583</a>)</li> <li>1cfe1fc2 Bump aws-actions/configure-aws-credentials from 1.7.0 to 2.0.0 (<a href="https://redirect.github.com/google/go-containerregistry/issues/1593">#1593</a>)</li> <li>da1008fb Bump golangci/golangci-lint-action from 3.3.1 to 3.4.0 (<a href="https://redirect.github.com/google/go-containerregistry/issues/1548">#1548</a>)</li> <li>86be45fb Bump goreleaser/goreleaser-action from 4.1.0 to 4.1.1 (<a href="https://redirect.github.com/google/go-containerregistry/issues/1547">#1547</a>)</li> <li>62f183e5 Bump goreleaser/goreleaser-action from 4.1.1 to 4.2.0 (<a href="https://redirect.github.com/google/go-containerregistry/issues/1556">#1556</a>)</li> <li>1b8dc2ba Bump slsa-framework/slsa-github-generator from 1.2.2 to 1.5.0 (<a href="https://redirect.github.com/google/go-containerregistry/issues/1580">#1580</a>)</li> <li>11843ba2 Enforce proper sha256 usage (<a href="https://redirect.github.com/google/go-containerregistry/issues/1544">#1544</a>)</li> <li>2ceebaaf Implement crane index subcommand (<a href="https://redirect.github.com/google/go-containerregistry/issues/1561">#1561</a>)</li> <li>9f42e028 Set mediaType for empty.ImageIndex in RawManifest (<a href="https://redirect.github.com/google/go-containerregistry/issues/1562">#1562</a>)</li> <li>759b19f7 Support artifactType, for images whose config.mediaType is not a config (<a href="https://redirect.github.com/google/go-containerregistry/issues/1541">#1541</a>)</li> <li>b3c23b4c Support for OCI 1.1+ referrers via API (<a href="https://redirect.github.com/google/go-containerregistry/issues/1546">#1546</a>)</li> <li>061ee6bf Support for OCI 1.1+ referrers via fallback tag (<a href="https://redirect.github.com/google/go-containerregistry/issues/1543">#1543</a>)</li> <li>67703048 Update descriptor "data" field (when valid) during "crane edit config" (<a href="https://redirect.github.com/google/go-containerregistry/issues/1584">#1584</a>)</li> <li>76bac933 Update release.yml (<a href="https://redirect.github.com/google/go-containerregistry/issues/1540">#1540</a>)</li> <li>eb7d746c authn: also read mount secrets (<a href="https://redirect.github.com/google/go-containerregistry/issues/1560">#1560</a>)</li> <li>e94d4089 bump deps using ./hack/bump-deps.sh (<a href="https://redirect.github.com/google/go-containerregistry/issues/1592">#1592</a>)</li> <li>4e95ae2b crane: add --flatten for index append (<a href="https://redirect.github.com/google/go-containerregistry/issues/1566">#1566</a>)</li> <li>ff810c18 crane: add serve subcommand (<a href="https://redirect.github.com/google/go-containerregistry/issues/1586">#1586</a>)</li> <li>8ea5e0e8 crane: support --omit-digest-tags in crane ls (<a href="https://redirect.github.com/google/go-containerregistry/issues/1528">#1528</a>)</li> <li>824efc77 fix(mutate): also set timestamps only present in some formats (<a href="https://redirect.github.com/google/go-containerregistry/issues/1550">#1550</a>)</li> <li>e04520bc fix: Fix the crane release url and add more steps (<a href="https://redirect.github.com/google/go-containerregistry/issues/1532">#1532</a>)</li> <li>d8722327 hash: use generic instantiation (<a href="https://redirect.github.com/google/go-containerregistry/issues/1538">#1538</a>)</li> <li>57f010d2 replace manual slsa-verifier installation with action (<a href="https://redirect.github.com/google/go-containerregistry/issues/1585">#1585</a>)</li> <li>9cd098e3 skip tls verification if default transport is used with insecure option (<a href="https://redirect.github.com/google/go-containerregistry/issues/1559">#1559</a>)</li> <li>36249683 tarball: pass imageToTags (<a href="https://redirect.github.com/google/go-containerregistry/issues/1563">#1563</a>)</li> </ul> <h3>Container Images</h3> <p><a href="https://gcr.io/go-containerregistry/crane:v0.14.0">https://gcr.io/go-containerregistry/crane:v0.14.0</a> <a href="https://gcr.io/go-containerregistry/gcrane:v0.14.0">https://gcr.io/go-containerregistry/gcrane:v0.14.0</a></p> <p>For example:</p> <pre><code>docker pull gcr.io/go-containerregistry/crane:v0.14.0 docker pull gcr.io/go-containerregistry/gcrane:v0.14.0 </code></pre> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Carlos A Becker
|
98eb6a2e98
|
test: fix gitlab test
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
a66fdd0718
|
test: fix deprecate test
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
actions-user
|
ec8134b500 | chore: docs auto-update | ||
howieyuen
|
1f56d8e088
|
feat: scoop shortcuts (#3846)
close: https://github.com/goreleaser/goreleaser/issues/3845 |
||
|
Carlos A Becker
|
98bb4ba23a
|
chore: schema update
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
88f3aea086
|
refactor: improve tmpl mergeability with pro
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
f62a2e48ce
|
feat(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 (#3877)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.29.0 to 1.29.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/protocolbuffers/protobuf-go/releases">google.golang.org/protobuf's releases</a>.</em></p> <blockquote> <h2>v1.29.1</h2> <ul> <li><a href="https://github.com/protocolbuffers/protobuf-go/blob/HEAD/#v1.29.1-notable-changes">Notable changes</a></li> </ul> <h2>Notable changes <!-- raw HTML omitted --><!-- raw HTML omitted --></h2> <p><strong>Bug fixes</strong></p> <ul> <li><a href="https://go.dev/cl/475995">CL/475995</a>: internal/encoding/text: fix parsing of incomplete numbers</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
dec5fb8e17
|
feat(deps): bump github.com/goreleaser/nfpm/v2 from v2.26.0 to v2.27.1 (#3876)
latest and greatest, just released, nfpm version! --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
12b01f6734
|
feat(deps): bump github.com/caarlos0/log from v0.2.1 to v0.2.2 (#3875)
update caarlos0/log Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
actions-user
|
6bbd71f476 | chore: docs releases json auto-update | ||
|
dependabot[bot]
|
13d92b4f89
|
feat(deps): bump github.com/xanzy/go-gitlab from 0.80.2 to 0.81.0 (#3855)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.80.2 to 0.81.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
9bdfc55e67
|
feat(deps): bump github.com/caarlos0/env/v7 from 7.0.0 to 7.1.0 (#3848)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github.com/caarlos0/env/v7](https://github.com/caarlos0/env) from 7.0.0 to 7.1.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/caarlos0/env/releases">github.com/caarlos0/env/v7's releases</a>.</em></p> <blockquote> <h2>v7.1.0</h2> <h2>Changelog</h2> <h3>New Features</h3> <ul> <li>b135bbd86c4110736a91edf6ac242ef0d4b43bd7: feat: error types (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/240">#240</a>) (<a href="https://github.com/akutuev"><code>@akutuev</code></a>)</li> <li>17f0a63edccb660238923ac0d02ab0432edb100d: feat: implement Is on AggregateError (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/254">#254</a>) (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>266f68b264d486a75ebf4b2371aab58a072b52fc: feat: support map kind env (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/244">#244</a>) (<a href="https://github.com/ken8203"><code>@ken8203</code></a>)</li> <li>c08b0f906b39a1fbc978eeeb262840f9acd735ff: feat: use field name by default (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/253">#253</a>) (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>dfd68b2d5d324ecfe910012fe415a24c64d34e4b: fix: improve map handling, coverage (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>e5472ec015521ddbef81bfa12e752e86ee09fa4a: fix: remove untested behavior (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> </ul> <h3>Documentation updates</h3> <ul> <li>65ba2db37013ed6bc2ebfadbbd2dc251ee528e0e: docs: caveats (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>f434e985558517cce98d345ea72faa1082e50640: docs: document how to handle error (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>2d26ce1cd4c10a7fa055c643cfde3a4a295f8e6d: docs: fix examples (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>91e69e8f885b30466508baca6220fec4e4307338: docs: maps (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>850c2d8068a4e311cf2bd6f65a22dce5a66d5edd: docs: update to v7 (<a href="https://github-redirect.dependabot.com/caarlos0/env/issues/249">#249</a>) (<a href="https://github.com/alexandear"><code>@alexandear</code></a>)</li> </ul> <hr /> <p><em>Released with <a href="https://goreleaser.com/pro">GoReleaser Pro</a>!</em></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
590eff32d2
|
feat: .Now template variable (#3853)
This will allow more customized templates using dates! Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
6e4c0e6abe
|
docs: update git.md
refs #3841 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
Ivan Vandot
|
8877fe1ef4
|
feat: include prerelease suffix in git (#3841)
<!-- Hi, thanks for contributing! Please make sure you read our CONTRIBUTING guide. Also, add tests and the respective documentation changes as well. --> <!-- If applied, this commit will... --> This commit will fix bad version tag sort if there is a prerelease on the same commit as a release tag. Current output is shown below ``` ❯ git tag --points-at HEAD --sort=-version:refname --format='%(creatordate)%09%(refname)' Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0-rc3 Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0 ``` Test is changed to match current default value so it will fail without this fix. Default value `-` is set to the one that is described inside [docs](https://goreleaser.com/how-it-works/?h=prerelease#how-it-works), but people are still allowed to change it. Output with fix applied ``` ❯ git -c versionsort.suffix=- tag --points-at HEAD --sort -version:refname --format='%(creatordate)%09%(refname)' Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0 Thu Mar 2 21:38:51 2023 +0300 refs/tags/v1.13.0-rc3 ``` <!-- # Provide links to any relevant tickets, URLs or other resources --> More info about `versionsort.suffix` can be found [here](https://github.com/git/git/blob/master/Documentation/config/versionsort.txt#L5) Docs as well both schemas are updated as well. I am not sure if users should be allowed to change this option at all. |
||
|
dependabot[bot]
|
dfdbad17f7
|
feat(deps): bump golang.org/x/tools from 0.6.0 to 0.7.0 (#3849)
Bumps [golang.org/x/tools](https://github.com/golang/tools) from 0.6.0 to 0.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/golang/tools/releases">golang.org/x/tools's releases</a>.</em></p> <blockquote> <h1>gopls/v0.7.0</h1> <h2>Features</h2> <h3>Postfix completions</h3> <p>Postfix completions are a new style of completions that can save you time by inserting more complex pieces of commonly-written code. All of the results end with <code>!</code>. This feature was added experimentally in <code>gopls/v0.6.10</code> and is now enabled by default.</p> <p>See this example:</p> <p><img src="https://user-images.githubusercontent.com/5856771/114612163-c5df9800-9c6f-11eb-959c-8fe529018a21.gif" alt="ezgif-3-a82b2077ff38" /></p> <h3>New commands: <a href="https://github.com/golang/tools/blob/master/gopls/doc/commands.md#retrieves-a-list-of-packages">List known packages</a> and <a href="https://github.com/golang/tools/blob/master/gopls/doc/commands.md#asks-the-server-to-add-an-import-path-to-a-given-go-file">add import</a></h3> <p>These commands can be used to manually list available packages to import and then add an import to your file. They are currently not used by any known clients, but they will be made available through the Command Palette in VS Code in the next VS Code Go release.</p> <h2>Improvements</h2> <h3>Memory usage</h3> <p>Improved trimming of the ASTs of dependency packages results in reduced memory usage, especially for projects with many dependencies. This may result in some hard-to-diagnose bugs that we're not yet aware of, so please report any surprising behavior via <a href="https://golang.org/issues/new">https://golang.org/issues/new</a>.</p> <h2>Fixes</h2> <p>A full list of all issues fixed can be found in the <a href="https://github.com/golang/go/milestone/213?closed=1">gopls/v0.7.0 milestone</a>. To report a new problem, please file a new issue at <a href="https://golang.org/issues/new">https://golang.org/issues/new</a>.</p> <h2>Thank you to our contributors!</h2> <p><a href="https://github.com/muirdm"><code>@muirdm</code></a> <a href="https://github.com/marwan-at-work"><code>@marwan-at-work</code></a> <a href="https://github.com/dominikh"><code>@dominikh</code></a> <a href="https://github.com/leitzler"><code>@leitzler</code></a> <a href="https://github.com/OneOfOne"><code>@OneOfOne</code></a> <a href="https://github.com/zyctree"><code>@zyctree</code></a> <a href="https://github.com/ShoshinNikita"><code>@ShoshinNikita</code></a> <a href="https://github.com/KarthikNayak"><code>@KarthikNayak</code></a> <a href="https://github.com/suzmue"><code>@suzmue</code></a> <a href="https://github.com/bcmills"><code>@bcmills</code></a></p> <h1>gopls/v0.6.11</h1> <p>This release contains mainly bug fixes. A full list of all issues fixed can be found in the <a href="https://github.com/golang/go/milestone/211?closed=1">gopls/v0.6.11 milestone</a>. To report a new problem, please file a new issue at <a href="https://golang.org/issues/new">https://golang.org/issues/new</a>.</p> <h2>Thank you to our contributors!</h2> <p><a href="https://github.com/ShoshinNikita"><code>@ShoshinNikita</code></a> <a href="https://github.com/sakateka"><code>@sakateka</code></a> <a href="https://github.com/muirdm"><code>@muirdm</code></a> Will Langford <a href="https://github.com/empire"><code>@empire</code></a> <a href="https://github.com/justplesh"><code>@justplesh</code></a> <a href="https://github.com/suzmue"><code>@suzmue</code></a></p> <h1>gopls/v0.6.10</h1> <h2>Features</h2> <h3><code>t.Fatal</code> snippet</h3> <p>If you trigger completion in a test function, on the line after a call to a function that returns an error, you will be offered a completion snippet for:</p> <pre lang="go"><code>if err != nil { t.Fatal(err) } </tr></table> </code></pre> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos A Becker
|
a459911f45
|
fix: many linting issues
refs #3874 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
c849cfc2a9
|
build: fix golangci-lint failing (#3874)
refs https://github.com/golangci/golangci-lint-action/issues/677 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
52f45d759f
|
docs: remove deprecated note about setup-go-action
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
actions-user
|
9f91bea921 | chore: docs releases json auto-update | ||
|
dependabot[bot]
|
8f4a6929bd
|
chore(deps): bump github/codeql-action from 2.2.6 to 2.2.7 (#3870)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.6 to 2.2.7. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>2.2.7 - 15 Mar 2023</h2> <p>No user facing changes.</p> <h2>2.2.6 - 10 Mar 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.4.</li> </ul> <h2>2.2.5 - 24 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.3. <a href="https://redirect.github.com/github/codeql-action/pull/1543">#1543</a></li> </ul> <h2>2.2.4 - 10 Feb 2023</h2> <p>No user facing changes.</p> <h2>2.2.3 - 08 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.2. <a href="https://redirect.github.com/github/codeql-action/pull/1518">#1518</a></li> </ul> <h2>2.2.2 - 06 Feb 2023</h2> <ul> <li>Fix an issue where customers using the CodeQL Action with the <a href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">CodeQL Action sync tool</a> would not be able to obtain the CodeQL tools. <a href="https://redirect.github.com/github/codeql-action/pull/1517">#1517</a></li> </ul> <h2>2.2.1 - 27 Jan 2023</h2> <p>No user facing changes.</p> <h2>2.2.0 - 26 Jan 2023</h2> <ul> <li>Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/1475">#1475</a> <ul> <li>This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions <a href="https://github.com/actions/runner-images">runner images</a>.</li> <li><strong>No change is required for the majority of workflows</strong>, including: <ul> <li>Workflows on GitHub.com hosted runners using the latest version (<code>v2</code>) of the CodeQL Action.</li> <li>Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li> <li>Workflows on GitHub Enterprise Server.</li> </ul> </li> <li><strong>A change may be required</strong> for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>): <ul> <li>Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.</li> <li>Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (<code>v2</code>).</li> </ul> </li> <li><strong>Internal changes</strong> <ul> <li>These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses <a href="https://github.com/actions/toolkit/tree/main/packages/tool-cache"><code>@actions/tool-cache</code></a> or relies on the precise location of CodeQL within the Actions tool cache.</li> <li>The tool cache now contains <strong>two</strong> recent CodeQL versions (previously <strong>one</strong>).</li> <li>Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under <code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously <code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li> </ul> </li> </ul> </li> <li>The maximum number of <a href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object">SARIF runs</a> per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the <a href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data">GitHub API documentation</a> for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos A Becker
|
b4b6496ea6
|
build: setup-go update | ||
|
dependabot[bot]
|
b623247fb7
|
chore(deps): bump actions/setup-go from 3.5.0 to 4.0.0 (#3871)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-go/releases">actions/setup-go's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <p>In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying <code>cache: false</code>.</p> <pre lang="yaml"><code>steps: - uses: actions/checkout@v3 - uses: actions/setup-go@v4 with: go-version: ‘1.19’ - run: go run hello.go </code></pre> <p>Besides, we introduce such changes as</p> <ul> <li><a href="https://redirect.github.com/actions/setup-go/pull/305">Allow to use only GOCACHE for cache</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/315">Bump json5 from 2.2.1 to 2.2.3</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/323">Use proper version for primary key in cache</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/351">Always add Go bin to the PATH</a></li> <li><a href="https://redirect.github.com/actions/setup-go/pull/350">Add step warning if go-version input is empty</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
5773f1a246
|
chore(deps): bump actions/checkout from 3.3.0 to 3.4.0 (#3872)
Bumps [actions/checkout](https://github.com/actions/checkout) from 3.3.0 to 3.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/releases">actions/checkout's releases</a>.</em></p> <blockquote> <h2>v3.4.0</h2> <h2>What's Changed</h2> <ul> <li>Upgrade codeql actions to v2 by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li> <li>Upgrade dependencies by <a href="https://github.com/Link"><code>@Link</code></a>- in <a href="https://redirect.github.com/actions/checkout/pull/1210">actions/checkout#1210</a></li> <li>Backfill changelog and bump actions/io by <a href="https://github.com/cory-miller"><code>@cory-miller</code></a> in <a href="https://redirect.github.com/actions/checkout/pull/1225">actions/checkout#1225</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/Link"><code>@Link</code></a>- made their first contribution in <a href="https://redirect.github.com/actions/checkout/pull/1209">actions/checkout#1209</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/checkout/compare/v3.3.0...v3.4.0">https://github.com/actions/checkout/compare/v3.3.0...v3.4.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>v3.4.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1209">Upgrade codeql actions to v2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1210">Upgrade dependencies</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1225">Upgrade <code>@actions/io</code></a></li> </ul> <h2>v3.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/1045">Implement branch list using callbacks from exec function</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1050">Add in explicit reference to private checkout options</a></li> <li>[Fix comment typos (that got added in <a href="https://redirect.github.com/actions/checkout/issues/770">#770</a>)](<a href="https://redirect.github.com/actions/checkout/pull/1057">actions/checkout#1057</a>)</li> </ul> <h2>v3.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/942">Add GitHub Action to perform release</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/967">Fix status badge</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1002">Replace datadog/squid with ubuntu/squid Docker image</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/964">Wrap pipeline commands for submoduleForeach in quotes</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1029">Update <code>@actions/io</code> to 1.1.2</a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/1039">Upgrading version to 3.2.0</a></li> </ul> <h2>v3.1.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/939">Use <code>@actions/core</code> <code>saveState</code> and <code>getState</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/922">Add <code>github-server-url</code> input</a></li> </ul> <h2>v3.0.2</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/770">Add input <code>set-safe-directory</code></a></li> </ul> <h2>v3.0.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/762">Fixed an issue where checkout failed to run in container jobs due to the new git setting <code>safe.directory</code></a></li> <li><a href="https://redirect.github.com/actions/checkout/pull/744">Bumped various npm package versions</a></li> </ul> <h2>v3.0.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/689">Update to node 16</a></li> </ul> <h2>v2.3.1</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/284">Fix default branch resolution for .wiki and when using SSH</a></li> </ul> <h2>v2.3.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/278">Fallback to the default branch</a></li> </ul> <h2>v2.2.0</h2> <ul> <li><a href="https://redirect.github.com/actions/checkout/pull/258">Fetch all history for all tags and branches when fetch-depth=0</a></li> </ul> <h2>v2.1.1</h2> <ul> <li>Changes to support GHES (<a href="https://redirect.github.com/actions/checkout/pull/236">here</a> and <a href="https://redirect.github.com/actions/checkout/pull/248">here</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
3345f8c9c5
|
docs: add note about binary archives (#3867)
closes #3844 closes #3843 closes #3862 --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> Co-authored-by: fogfish <dmkolesnikov@gmail.com> |
||
|
dependabot[bot]
|
2c8d128e1c
|
chore(deps): bump actions/cache from 3.3.0 to 3.3.1 (#3866)
Bumps [actions/cache](https://github.com/actions/cache) from 3.3.0 to 3.3.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v3.3.1</h2> <h2>What's Changed</h2> <ul> <li>Reduced download segment size to 128 MB and timeout to 10 minutes by <a href="https://github.com/kotewar"><code>@kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1129">actions/cache#1129</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.1">https://github.com/actions/cache/compare/v3...v3.3.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>3.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -> node 16</li> </ul> <h3>3.0.1</h3> <ul> <li>Added support for caching from GHES 3.5.</li> <li>Fixed download issue for files > 2GB during restore.</li> </ul> <h3>3.0.2</h3> <ul> <li>Added support for dynamic cache size cap on GHES.</li> </ul> <h3>3.0.3</h3> <ul> <li>Fixed avoiding empty cache save when no files are available for caching. (<a href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li> </ul> <h3>3.0.4</h3> <ul> <li>Fixed tar creation error while trying to create tar with path as <code>~/</code> home folder on <code>ubuntu-latest</code>. (<a href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li> </ul> <h3>3.0.5</h3> <ul> <li>Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (<a href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li> </ul> <h3>3.0.6</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/809">#809</a> - zstd -d: no such file or directory error</li> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/833">#833</a> - cache doesn't work with github workspace directory</li> </ul> <h3>3.0.7</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/810">#810</a> - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.</li> </ul> <h3>3.0.8</h3> <ul> <li>Fix zstd not working for windows on gnu tar in issues <a href="https://redirect.github.com/actions/cache/issues/888">#888</a> and <a href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li> <li>Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable <code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li> </ul> <h3>3.0.9</h3> <ul> <li>Enhanced the warning message for cache unavailablity in case of GHES.</li> </ul> <h3>3.0.10</h3> <ul> <li>Fix a bug with sorting inputs.</li> <li>Update definition for restore-keys in README.md</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
f104c143f7
|
chore(deps): bump github/codeql-action from 2.2.5 to 2.2.6 (#3864)
[//]: # (dependabot-start) ⚠️ **Dependabot is rebasing this PR** ⚠️ Rebasing might not happen immediately, so don't worry if this takes some time. Note: if you make any changes to this PR yourself, they will take precedence over the rebase. --- [//]: # (dependabot-end) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.5 to 2.2.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>2.2.6 - 10 Mar 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.4.</li> </ul> <h2>2.2.5 - 24 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.3. <a href="https://redirect.github.com/github/codeql-action/pull/1543">#1543</a></li> </ul> <h2>2.2.4 - 10 Feb 2023</h2> <p>No user facing changes.</p> <h2>2.2.3 - 08 Feb 2023</h2> <ul> <li>Update default CodeQL bundle version to 2.12.2. <a href="https://redirect.github.com/github/codeql-action/pull/1518">#1518</a></li> </ul> <h2>2.2.2 - 06 Feb 2023</h2> <ul> <li>Fix an issue where customers using the CodeQL Action with the <a href="https://docs.github.com/en/enterprise-server@3.7/admin/code-security/managing-github-advanced-security-for-your-enterprise/configuring-code-scanning-for-your-appliance#configuring-codeql-analysis-on-a-server-without-internet-access">CodeQL Action sync tool</a> would not be able to obtain the CodeQL tools. <a href="https://redirect.github.com/github/codeql-action/pull/1517">#1517</a></li> </ul> <h2>2.2.1 - 27 Jan 2023</h2> <p>No user facing changes.</p> <h2>2.2.0 - 26 Jan 2023</h2> <ul> <li>Improve stability when choosing the default version of CodeQL to use in code scanning workflow runs on Actions on GitHub.com. <a href="https://redirect.github.com/github/codeql-action/pull/1475">#1475</a> <ul> <li>This change addresses customer reports of code scanning alerts on GitHub.com being closed and reopened during the rollout of new versions of CodeQL in the GitHub Actions <a href="https://github.com/actions/runner-images">runner images</a>.</li> <li><strong>No change is required for the majority of workflows</strong>, including: <ul> <li>Workflows on GitHub.com hosted runners using the latest version (<code>v2</code>) of the CodeQL Action.</li> <li>Workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action from <code>v2.2.0</code> onwards.</li> <li>Workflows on GitHub Enterprise Server.</li> </ul> </li> <li><strong>A change may be required</strong> for workflows on GitHub.com hosted runners that are pinned to specific versions of the CodeQL Action before <code>v2.2.0</code> (e.g. <code>v2.1.32</code>): <ul> <li>Previously, these workflows would obtain the latest version of CodeQL from the Actions runner image.</li> <li>Now, these workflows will download an older, compatible version of CodeQL from GitHub Releases. To use this older version, no change is required. To use the newest version of CodeQL, please update your workflows to reference the latest version of the CodeQL Action (<code>v2</code>).</li> </ul> </li> <li><strong>Internal changes</strong> <ul> <li>These changes will not affect the majority of code scanning workflows. Continue reading only if your workflow uses <a href="https://github.com/actions/toolkit/tree/main/packages/tool-cache"><code>@actions/tool-cache</code></a> or relies on the precise location of CodeQL within the Actions tool cache.</li> <li>The tool cache now contains <strong>two</strong> recent CodeQL versions (previously <strong>one</strong>).</li> <li>Each CodeQL version is located under a directory named after the release date and version number, e.g. CodeQL 2.11.6 is now located under <code>CodeQL/2.11.6-20221211/x64/codeql</code> (previously <code>CodeQL/0.0.0-20221211/x64/codeql</code>).</li> </ul> </li> </ul> </li> <li>The maximum number of <a href="https://docs.github.com/en/code-security/code-scanning/integrating-with-code-scanning/sarif-support-for-code-scanning#run-object">SARIF runs</a> per file has been increased from 15 to 20 for users uploading SARIF files to GitHub.com. This change will help ensure that Code Scanning can process SARIF files generated by third-party tools that have many runs. See the <a href="https://docs.github.com/en/rest/code-scanning#upload-an-analysis-as-sarif-data">GitHub API documentation</a> for a list of all the limits around uploading SARIF. This change will be released to GitHub Enterprise Server as part of GHES 3.9.</li> <li>Update default CodeQL bundle version to 2.12.1. <a href="https://redirect.github.com/github/codeql-action/pull/1498">#1498</a></li> <li>Fix a bug that forced the <code>init</code> Action to run for at least two minutes on JavaScript. <a href="https://redirect.github.com/github/codeql-action/pull/1494">#1494</a></li> </ul> <h2>2.1.39 - 18 Jan 2023</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
6341c3d0dc
|
chore(deps): bump docker/setup-buildx-action from 2.4.1 to 2.5.0 (#3865)
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.4.1 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/setup-buildx-action/releases">docker/setup-buildx-action's releases</a>.</em></p> <blockquote> <h2>v2.5.0</h2> <ul> <li><code>cleanup</code> input to remove builder and temp files by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/213">docker/setup-buildx-action#213</a></li> <li>do not remove builder using the <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/218">docker/setup-buildx-action#218</a></li> <li>fix current context as builder name for <code>docker</code> driver by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/setup-buildx-action/pull/209">docker/setup-buildx-action#209</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0">https://github.com/docker/setup-buildx-action/compare/v2.4.1...v2.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Maxime Brunet
|
53277590f5
|
fix(ko): disable SBOM when sbom is none (#3861)
|
||
|
actions-user
|
5b9f2a7c0d | chore: docs releases json auto-update | ||
|
actions-user
|
ba2c93bf20 | chore: docs releases json auto-update | ||
|
dependabot[bot]
|
8079a92e39
|
chore(deps): bump actions/cache from 3.2.6 to 3.3.0 (#3858) | ||
|
Carlos A Becker
|
7285e04821
|
docs: clarify divider | ||
|
actions-user
|
1a81111e90 | chore: docs auto-update | ||
|
Carlos Alexandro Becker
|
dd1315b0a7
|
fix(GO-2023-1621): update from go 1.20.1 to 1.20.2 (#3854) | ||
|
actions-user
|
945b5453d9 | chore: docs releases json auto-update | ||
|
dependabot[bot]
|
41bb6dcddf
|
feat(deps): bump gocloud.dev from 0.28.0 to 0.29.0 (#3837)
Bumps [gocloud.dev](https://github.com/google/go-cloud) from 0.28.0 to 0.29.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/google/go-cloud/releases">gocloud.dev's releases</a>.</em></p> <blockquote> <h2>v0.29.0</h2> <p><strong>BREAKING CHANGES</strong></p> <ul> <li>Updated to latest <code>azureblob</code>, which had some non-backward-compatible changes (again).</li> </ul> <p><strong>all</strong></p> <ul> <li>Defaulting to <code>go</code> version <code>1.2</code>.</li> <li><strong>aws</strong>: Added support for custom endpoints for AWS SDK v2.</li> <li><strong>gcp</strong>: Updated imports for <code>credentialspb</code>.</li> </ul> <p><strong>blob</strong></p> <ul> <li><strong>azureblob</strong>: Updated to latest (breaking change).</li> </ul> <p><strong>pubsub</strong></p> <ul> <li><strong>kafkapub</strong>: Fixed nil Options pointer dereference.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
dde6a23590
|
feat(deps): bump golang.org/x/crypto from 0.6.0 to 0.7.0 (#3839)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.6.0 to 0.7.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
e8948e9e2e
|
feat(deps): bump golang.org/x/text from 0.7.0 to 0.8.0 (#3838)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.7.0 to 0.8.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
284574d9f5
|
feat(deps): bump golang.org/x/oauth2 from 0.5.0 to 0.6.0 (#3840)
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.5.0 to 0.6.0. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
a40eb15618
|
feat: add base template function (#3834)
refs #3833 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
82144cb2c0
|
test: improve file not found checkings (#3831)
using `errors.Is` everywhere, as file not found errors have different messages on different OSes. |
||
|
Carlos A Becker
|
29335c84a4
|
docs: updates
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
4c44ecedf8
|
docs: updates
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos A Becker
|
68cd12b506
|
test: use ErrorIs
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
874d698564
|
feat: add healthcheck cmd (#3826)
here's an idea: `goreleaser healthcheck` It'll check if the needed dependencies (docker, git, etc) are available in the path... this way users can preemptively run it before releasing or to debug issues. What do you think? Here's how it looks like: <img width="1007" alt="CleanShot 2023-03-02 at 23 24 26@2x" src="https://user-images.githubusercontent.com/245435/222615682-d9cd0733-d900-43d1-9166-23b2be589b3a.png"> --------- Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
b6dd26c091
|
feat: infer package name from go.mod (#3827)
If all other strategies fail, try to infer the `package_name` property from the `go.mod` file, using its last segment as the actual package name. This is not perfect, but usually this will only be used when running against a new project, with no git url, empty/default config, etc... so, in reality, it'll rarely be used. closes #3825 Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
2920de7cec
|
feat: templateable changelog.skip (#3830)
closes #3828 |
