mirror of
https://github.com/goreleaser/goreleaser.git
synced 2025-01-14 03:51:24 +02:00
d2469666b8
5935 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
Carlos Alexandro Becker
|
83ce50237c
|
chore: update nix | ||
|
Carlos Alexandro Becker
|
edaf931ad1
|
docs: improve git semver sorting pro warning
closes #5110 |
||
dependabot[bot]
|
00f237aa6e
|
chore(deps): bump github/codeql-action from 3.26.5 to 3.26.6 (#5108)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.5 to 3.26.6. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.6 - 29 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.3. <a href="https://redirect.github.com/github/codeql-action/pull/2449">#2449</a></li> </ul> <h2>3.26.5 - 23 Aug 2024</h2> <ul> <li>Fix an issue where the <code>csrutil</code> system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li> </ul> <h2>3.26.4 - 21 Aug 2024</h2> <ul> <li><em>Deprecation:</em> The <code>add-snippets</code> input on the <code>analyze</code> Action is deprecated and will be removed in the first release in August 2025. <a href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li> <li>Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. <a href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li> </ul> <h2>3.26.3 - 19 Aug 2024</h2> <ul> <li>Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. <a href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li> </ul> <h2>3.26.2 - 14 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.2. <a href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li> </ul> <h2>3.26.1 - 13 Aug 2024</h2> <p>No user facing changes.</p> <h2>3.26.0 - 06 Aug 2024</h2> <ul> <li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. <a href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li> <li>Bump the minimum CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li> </ul> <h2>3.25.15 - 26 Jul 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.1. <a href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li> </ul> <h2>3.25.14 - 25 Jul 2024</h2> <ul> <li>Experimental: add a new <code>start-proxy</code> action which starts the same HTTP proxy as used by <a href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li> </ul> <h2>3.25.13 - 19 Jul 2024</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Tom Payne
|
3a36a49984
|
chore: fix linter errors (#5111)
If applied, this commit will fix the current linter errors, which are currently causing all Github Actions to fail. See, for example, the latest `main` run: https://github.com/goreleaser/goreleaser/actions/runs/10607661596/job/29400451251. |
||
|
Carlos Alexandro Becker
|
599ce44c74
|
test: do not fail if missing binaries (#5107)
closes #5104 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
Manuel Rüger
|
6272ce0e6d
|
fix: Handle error on failed release (github) (#5106)
When trying to release an artifact to github and it fails, I observed
the following stacktrace:
```
• publishing
• scm releases
• releasing tag=v1.11.0 repo=my-github-repo
• could not check rate limits, hoping for the best...
• could not check rate limits, hoping for the best...
• took: 1m40s
• took: 1m40s
panic: runtime error: invalid memory address or nil pointer dereference
[signal SIGSEGV: segmentation violation code=0x1 addr=0x0 pc=0xe28b72]
goroutine 55 [running]:
github.com/goreleaser/goreleaser/v2/internal/client.(*githubClient).createOrUpdateRelease(0xc0001b24c8, 0xc0002c5108, 0xc000b478, {0xc00039ed00, 0x80e})
github.com/goreleaser/goreleaser/v2@v2.2.0/internal/client/github.go:454 +0x3b2
github.com/goreleaser/goreleaser/v2/internal/client.(*githubClient).CreateRelease(0xc0001b24c8, 0xc0002c5108, {0xc00039ed00, 0x80e})
github.com/goreleaser/goreleaser/v2@v2.2.0/internal/client/github.go:402 +0x339
github.com/goreleaser/goreleaser/v2/internal/pipe/release.doPublish(0xc0002c5108, {0x2ce2d40, 0xc0001b24c8})
...
```
I believe this happens because if the
[CreateRelease](
|
||
|
Carlos Alexandro Becker
|
5a10792f7e
|
chore(deps): update go-github
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
5928b4fb5a
|
chore(deps): bump github.com/Masterminds/semver/v3 from 3.2.1 to 3.3.0 (#5105)
Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver) from 3.2.1 to 3.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/Masterminds/semver/releases">github.com/Masterminds/semver/v3's releases</a>.</em></p> <blockquote> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Fix: bad package in README by <a href="https://github.com/sdelicata"><code>@sdelicata</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/226">Masterminds/semver#226</a></li> <li>Updating the GitHub Actions and versions of Go used by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/229">Masterminds/semver#229</a></li> <li>Fix spelling in README by <a href="https://github.com/robinschneider"><code>@robinschneider</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/222">Masterminds/semver#222</a></li> <li>Adding go build cache to fuzz output by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/232">Masterminds/semver#232</a></li> <li>Add caching to fuzz testing by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/234">Masterminds/semver#234</a></li> <li>updating github actions by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/235">Masterminds/semver#235</a></li> <li>feat: nil version equality by <a href="https://github.com/KnutZuidema"><code>@KnutZuidema</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/213">Masterminds/semver#213</a></li> <li>add >= and <= by <a href="https://github.com/grosser"><code>@grosser</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/238">Masterminds/semver#238</a></li> <li>doc: hyphen range constraint without whitespace by <a href="https://github.com/johnnychen94"><code>@johnnychen94</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/216">Masterminds/semver#216</a></li> <li>Removing reference to vert by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/245">Masterminds/semver#245</a></li> <li>simplify StrictNewVersion by <a href="https://github.com/grosser"><code>@grosser</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/241">Masterminds/semver#241</a></li> <li>Updating the testing version of Go used by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/246">Masterminds/semver#246</a></li> <li>bumping min version in go.mod based on what's tested by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/248">Masterminds/semver#248</a></li> <li>Updating changelog for 3.3.0 by <a href="https://github.com/mattfarina"><code>@mattfarina</code></a> in <a href="https://redirect.github.com/Masterminds/semver/pull/249">Masterminds/semver#249</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/sdelicata"><code>@sdelicata</code></a> made their first contribution in <a href="https://redirect.github.com/Masterminds/semver/pull/226">Masterminds/semver#226</a></li> <li><a href="https://github.com/robinschneider"><code>@robinschneider</code></a> made their first contribution in <a href="https://redirect.github.com/Masterminds/semver/pull/222">Masterminds/semver#222</a></li> <li><a href="https://github.com/KnutZuidema"><code>@KnutZuidema</code></a> made their first contribution in <a href="https://redirect.github.com/Masterminds/semver/pull/213">Masterminds/semver#213</a></li> <li><a href="https://github.com/grosser"><code>@grosser</code></a> made their first contribution in <a href="https://redirect.github.com/Masterminds/semver/pull/238">Masterminds/semver#238</a></li> <li><a href="https://github.com/johnnychen94"><code>@johnnychen94</code></a> made their first contribution in <a href="https://redirect.github.com/Masterminds/semver/pull/216">Masterminds/semver#216</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/Masterminds/semver/compare/v3.2.1...v3.3.0">https://github.com/Masterminds/semver/compare/v3.2.1...v3.3.0</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/Masterminds/semver/blob/master/CHANGELOG.md">github.com/Masterminds/semver/v3's changelog</a>.</em></p> <blockquote> <h2>3.3.0 (2024-08-27)</h2> <h3>Added</h3> <ul> <li><a href="https://redirect.github.com/Masterminds/semver/issues/238">#238</a>: Add LessThanEqual and GreaterThanEqual functions (thanks <a href="https://github.com/grosser"><code>@grosser</code></a>)</li> <li><a href="https://redirect.github.com/Masterminds/semver/issues/213">#213</a>: nil version equality checking (thanks <a href="https://github.com/KnutZuidema"><code>@KnutZuidema</code></a>)</li> </ul> <h3>Changed</h3> <ul> <li><a href="https://redirect.github.com/Masterminds/semver/issues/241">#241</a>: Simplify StrictNewVersion parsing (thanks <a href="https://github.com/grosser"><code>@grosser</code></a>)</li> <li>Testing support up through Go 1.23</li> <li>Minimum version set to 1.21 as this is what's tested now</li> <li>Fuzz testing now supports caching</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
Nicolás Parada
|
a9e0a8f112
|
fix(build): ignore empty flags after templating (#5103)
Ignore empty flags after templating is applied for final Go build line. This caused us some problems since we had an `if` without `else`, resulting in an empty flag, causing the whole build to fail with a misleading error message like: ``` malformed import path "-myflag": leading dash ``` |
||
|
dependabot[bot]
|
69e2d8f45a
|
chore(deps): bump github.com/xanzy/go-gitlab from 0.107.0 to 0.108.0 (#5101)
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.107.0 to 0.108.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/xanzy/go-gitlab/releases">github.com/xanzy/go-gitlab's releases</a>.</em></p> <blockquote> <h2>v0.108.0</h2> <h2>Breaking Changes</h2> <ul> <li>Get scoped group variables by <a href="https://github.com/andersparslov"><code>@andersparslov</code></a> in <a href="https://redirect.github.com/xanzy/go-gitlab/pull/1995">xanzy/go-gitlab#1995</a></li> <li>Rename GroupId to GroupID in the <code>MemberRole</code> and <code>Iteration</code> structs <a href=" |
||
|
dependabot[bot]
|
35c9bdb587
|
chore(deps): bump github/codeql-action from 3.26.4 to 3.26.5 (#5100)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.4 to 3.26.5. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.5 - 23 Aug 2024</h2> <ul> <li>Fix an issue where the <code>csrutil</code> system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled. <a href="https://redirect.github.com/github/codeql-action/pull/2441">#2441</a></li> </ul> <h2>3.26.4 - 21 Aug 2024</h2> <ul> <li><em>Deprecation:</em> The <code>add-snippets</code> input on the <code>analyze</code> Action is deprecated and will be removed in the first release in August 2025. <a href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li> <li>Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. <a href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li> </ul> <h2>3.26.3 - 19 Aug 2024</h2> <ul> <li>Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. <a href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li> </ul> <h2>3.26.2 - 14 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.2. <a href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li> </ul> <h2>3.26.1 - 13 Aug 2024</h2> <p>No user facing changes.</p> <h2>3.26.0 - 06 Aug 2024</h2> <ul> <li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. <a href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li> <li>Bump the minimum CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li> </ul> <h2>3.25.15 - 26 Jul 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.1. <a href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li> </ul> <h2>3.25.14 - 25 Jul 2024</h2> <ul> <li>Experimental: add a new <code>start-proxy</code> action which starts the same HTTP proxy as used by <a href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li> </ul> <h2>3.25.13 - 19 Jul 2024</h2> <ul> <li>Add <code>codeql-version</code> to outputs. <a href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.25.13</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.25.13</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
6445e43a78
|
test(ko): fix chainguard image label update
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
9ac2794aa3
|
chore(deps): bump github/codeql-action from 3.26.3 to 3.26.4 (#5097)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.3 to 3.26.4. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.4 - 21 Aug 2024</h2> <ul> <li><em>Deprecation:</em> The <code>add-snippets</code> input on the <code>analyze</code> Action is deprecated and will be removed in the first release in August 2025. <a href="https://redirect.github.com/github/codeql-action/pull/2436">#2436</a></li> <li>Fix an issue where the disk usage system call used for telemetry would fail on MacOS ARM machines with System Integrity Protection disabled, and then surface a warning. The system call is now disabled for these machines. <a href="https://redirect.github.com/github/codeql-action/pull/2434">#2434</a></li> </ul> <h2>3.26.3 - 19 Aug 2024</h2> <ul> <li>Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. <a href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li> </ul> <h2>3.26.2 - 14 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.2. <a href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li> </ul> <h2>3.26.1 - 13 Aug 2024</h2> <p>No user facing changes.</p> <h2>3.26.0 - 06 Aug 2024</h2> <ul> <li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. <a href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li> <li>Bump the minimum CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li> </ul> <h2>3.25.15 - 26 Jul 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.1. <a href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li> </ul> <h2>3.25.14 - 25 Jul 2024</h2> <ul> <li>Experimental: add a new <code>start-proxy</code> action which starts the same HTTP proxy as used by <a href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li> </ul> <h2>3.25.13 - 19 Jul 2024</h2> <ul> <li>Add <code>codeql-version</code> to outputs. <a href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.25.13</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.25.13</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.25.12 - 12 Jul 2024</h2> <ul> <li>Improve the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a> on GitHub Enterprise Server. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2353">#2353</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
23cd3352f7
|
chore(deps): bump anchore/sbom-action from 0.17.1 to 0.17.2 (#5098)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.17.1 to 0.17.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.17.2</h2>
<h2>Changes in v0.17.2</h2>
<ul>
<li>Update Syft to v1.11.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/485">#485</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="
|
||
Andrew Newdigate
|
e4b91521d0
|
chore(deps): upgrade cosign to 2.4.0 (#5099)
goreleaser currently uses `cosign` `v2.1.1`, this change switches it to `v2.4.0`. While there may be other useful updates, I'd like this update to workaround a bug which I'm experiencing: https://github.com/sigstore/cosign/issues/3614#issuecomment-2012521670, and which is solved by upgrading the `cosign` version. |
||
|
dependabot[bot]
|
498b55bcc4
|
chore(deps): bump github.com/charmbracelet/lipgloss from 0.12.1 to 0.13.0 (#5095)
Bumps [github.com/charmbracelet/lipgloss](https://github.com/charmbracelet/lipgloss) from 0.12.1 to 0.13.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/charmbracelet/lipgloss/releases">github.com/charmbracelet/lipgloss's releases</a>.</em></p> <blockquote> <h2>v0.13.0</h2> <h1>Woodn’t you know, Lip Gloss has trees!</h1> <p>Lip Gloss now ships with a tree rendering sub-package!</p> <pre lang="go"><code>import "github.com/charmbracelet/lipgloss/tree" </code></pre> <p>Define a new tree.</p> <pre lang="go"><code>t := tree.Root("."). Child("A", "B", "C") </code></pre> <p>Print the tree.</p> <pre lang="go"><code>fmt.Println(t) <p>// .<br /> // ├── A<br /> // ├── B<br /> // └── C<br /> </code></pre></p> <p>Trees have the ability to nest.</p> <pre lang="go"><code>t := tree.Root("."). Child("Item 1"). Child( tree.Root("Item 2"). Child("Item 2.1"). Child("Item 2.2"). Child("Item 2.3"), ). Child( tree.Root("Item 3"). Child("Item 3.1"). Child("Item 3.2"), ) </code></pre> <p>Print the tree.</p> <pre lang="go"><code>fmt.Println(t) </code></pre> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
3e6d825c80
|
chore(deps): bump github/codeql-action from 3.26.2 to 3.26.3 (#5094)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.2 to 3.26.3. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's changelog</a>.</em></p> <blockquote> <h1>CodeQL Action Changelog</h1> <p>See the <a href="https://github.com/github/codeql-action/releases">releases page</a> for the relevant changes to the CodeQL CLI and language packs.</p> <p>Note that the only difference between <code>v2</code> and <code>v3</code> of the CodeQL Action is the node version they support, with <code>v3</code> running on node 20 while we continue to release <code>v2</code> to support running on node 16. For example <code>3.22.11</code> was the first <code>v3</code> release and is functionally identical to <code>2.22.11</code>. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.</p> <h2>[UNRELEASED]</h2> <p>No user facing changes.</p> <h2>3.26.3 - 19 Aug 2024</h2> <ul> <li>Fix an issue where the CodeQL Action could not write diagnostic messages on Windows. This issue did not impact analysis quality. <a href="https://redirect.github.com/github/codeql-action/pull/2430">#2430</a></li> </ul> <h2>3.26.2 - 14 Aug 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.2. <a href="https://redirect.github.com/github/codeql-action/pull/2417">#2417</a></li> </ul> <h2>3.26.1 - 13 Aug 2024</h2> <p>No user facing changes.</p> <h2>3.26.0 - 06 Aug 2024</h2> <ul> <li><em>Deprecation:</em> Swift analysis on Ubuntu runner images is no longer supported. Please migrate to a macOS runner if this affects you. <a href="https://redirect.github.com/github/codeql-action/pull/2403">#2403</a></li> <li>Bump the minimum CodeQL bundle version to 2.13.5. <a href="https://redirect.github.com/github/codeql-action/pull/2408">#2408</a></li> </ul> <h2>3.25.15 - 26 Jul 2024</h2> <ul> <li>Update default CodeQL bundle version to 2.18.1. <a href="https://redirect.github.com/github/codeql-action/pull/2385">#2385</a></li> </ul> <h2>3.25.14 - 25 Jul 2024</h2> <ul> <li>Experimental: add a new <code>start-proxy</code> action which starts the same HTTP proxy as used by <a href="https://github.com/github/dependabot-action"><code>github/dependabot-action</code></a>. Do not use this in production as it is part of an internal experiment and subject to change at any time. <a href="https://redirect.github.com/github/codeql-action/pull/2376">#2376</a></li> </ul> <h2>3.25.13 - 19 Jul 2024</h2> <ul> <li>Add <code>codeql-version</code> to outputs. <a href="https://redirect.github.com/github/codeql-action/pull/2368">#2368</a></li> <li>Add a deprecation warning for customers using CodeQL version 2.13.4 and earlier. These versions of CodeQL were discontinued on 9 July 2024 alongside GitHub Enterprise Server 3.9, and will be unsupported by CodeQL Action versions 3.26.0 and later and versions 2.26.0 and later. <a href="https://redirect.github.com/github/codeql-action/pull/2375">#2375</a> <ul> <li>If you are using one of these versions, please update to CodeQL CLI version 2.13.5 or later. For instance, if you have specified a custom version of the CLI using the 'tools' input to the 'init' Action, you can remove this input to use the default version.</li> <li>Alternatively, if you want to continue using a version of the CodeQL CLI between 2.12.6 and 2.13.4, you can replace <code>github/codeql-action/*@v3</code> by <code>github/codeql-action/*@v3.25.13</code> and <code>github/codeql-action/*@v2</code> by <code>github/codeql-action/*@v2.25.13</code> in your code scanning workflow to ensure you continue using this version of the CodeQL Action.</li> </ul> </li> </ul> <h2>3.25.12 - 12 Jul 2024</h2> <ul> <li>Improve the reliability and performance of analyzing code when analyzing a compiled language with the <code>autobuild</code> <a href="https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages#codeql-build-modes">build mode</a> on GitHub Enterprise Server. This feature is already available to GitHub.com users. <a href="https://redirect.github.com/github/codeql-action/pull/2353">#2353</a></li> <li>Update default CodeQL bundle version to 2.18.0. <a href="https://redirect.github.com/github/codeql-action/pull/2364">#2364</a></li> </ul> <h2>3.25.11 - 28 Jun 2024</h2> <ul> <li>Avoid failing the workflow run if there is an error while uploading debug artifacts. <a href="https://redirect.github.com/github/codeql-action/pull/2349">#2349</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
0e971dcbf1
|
chore(deps): bump dario.cat/mergo from 1.0.0 to 1.0.1 (#5093)
Bumps [dario.cat/mergo](https://github.com/imdario/mergo) from 1.0.0 to 1.0.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/imdario/mergo/releases">dario.cat/mergo's releases</a>.</em></p> <blockquote> <h2>v1.0.1</h2> <h2>What's Changed</h2> <ul> <li>fixes issue <a href="https://redirect.github.com/imdario/mergo/issues/187">#187</a> by <a href="https://github.com/vsemichev"><code>@vsemichev</code></a> in <a href="https://redirect.github.com/darccio/mergo/pull/253">darccio/mergo#253</a></li> <li>fix: <code>WithoutDereference</code> should respect non-nil struct pointers by <a href="https://github.com/joshkaplinsky"><code>@joshkaplinsky</code></a> in <a href="https://redirect.github.com/darccio/mergo/pull/251">darccio/mergo#251</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vsemichev"><code>@vsemichev</code></a> made their first contribution in <a href="https://redirect.github.com/darccio/mergo/pull/253">darccio/mergo#253</a></li> <li><a href="https://github.com/joshkaplinsky"><code>@joshkaplinsky</code></a> made their first contribution in <a href="https://redirect.github.com/darccio/mergo/pull/251">darccio/mergo#251</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/darccio/mergo/compare/v1.0.0...v1.0.1">https://github.com/darccio/mergo/compare/v1.0.0...v1.0.1</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
16af0bae82
|
chore(deps): bump github.com/atc0005/go-teams-notify/v2 from 2.11.0 to 2.12.0 (#5092)
Bumps [github.com/atc0005/go-teams-notify/v2](https://github.com/atc0005/go-teams-notify) from 2.11.0 to 2.12.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/atc0005/go-teams-notify/releases">github.com/atc0005/go-teams-notify/v2's releases</a>.</em></p> <blockquote> <h2>v2.12.0</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>New Features or Enhancements 🎉</h3> <ul> <li>Expose <code>TeamsMessage</code> interface to support mocking by <a href="https://github.com/atc0005"><code>@atc0005</code></a> in <a href="https://redirect.github.com/atc0005/go-teams-notify/pull/291">atc0005/go-teams-notify#291</a></li> </ul> <h3>Other Changes</h3> <ul> <li>Update CHANGELOG for v2.12.0 release by <a href="https://github.com/atc0005"><code>@atc0005</code></a> in <a href="https://redirect.github.com/atc0005/go-teams-notify/pull/295">atc0005/go-teams-notify#295</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/atc0005/go-teams-notify/compare/v2.11.0...v2.12.0">https://github.com/atc0005/go-teams-notify/compare/v2.11.0...v2.12.0</a></p> <h2>v2.12.0-rc.1</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>New Features or Enhancements 🎉</h3> <ul> <li>Expose <code>TeamsMessage</code> interface to support mocking by <a href="https://github.com/atc0005"><code>@atc0005</code></a> in <a href="https://redirect.github.com/atc0005/go-teams-notify/pull/291">atc0005/go-teams-notify#291</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/atc0005/go-teams-notify/compare/v2.11.0...v2.12.0-rc.1">https://github.com/atc0005/go-teams-notify/compare/v2.11.0...v2.12.0-rc.1</a></p> <h2>v2.12.0-alpha.1</h2> <!-- raw HTML omitted --> <h2>What's Changed</h2> <h3>New Features or Enhancements 🎉</h3> <ul> <li>Expose <code>TeamsMessage</code> interface to support mocking by <a href="https://github.com/atc0005"><code>@atc0005</code></a> in <a href="https://redirect.github.com/atc0005/go-teams-notify/pull/289">atc0005/go-teams-notify#289</a></li> </ul> <h3>Bug Fixes 🐛</h3> <ul> <li>Update CodeQL workflow to run on dev branch PRs by <a href="https://github.com/atc0005"><code>@atc0005</code></a> in <a href="https://redirect.github.com/atc0005/go-teams-notify/pull/282">atc0005/go-teams-notify#282</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/atc0005/go-teams-notify/compare/v2.11.0-alpha.5...v2.12.0-alpha.1">https://github.com/atc0005/go-teams-notify/compare/v2.11.0-alpha.5...v2.12.0-alpha.1</a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/atc0005/go-teams-notify/blob/master/CHANGELOG.md">github.com/atc0005/go-teams-notify/v2's changelog</a>.</em></p> <blockquote> <h2>[v2.12.0] - 2024-08-16</h2> <h3>Added</h3> <ul> <li>(<a href="https://redirect.github.com/atc0005/go-teams-notify/issues/291">GH-291</a>) Expose <code>TeamsMessage</code> interface to support mocking</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
c95bcdc1c6
|
chore(deps): update gocloud to v0.39.0 (#5091)
forcing `awssdk=v1` for now. will probably need to remove that soon, holding it now only because of https://github.com/google/go-cloud/issues/3472 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
5b87a85ee0
|
feat(nfpm): better support aix (#5075)
building upon the great work done at #4898 closes #4898 --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> Co-authored-by: Dylan Myers <dylan.myers@bluemedora.com> |
||
|
Carlos Alexandro Becker
|
11aa7cfceb
|
feat(build): template skip (#5089)
closes #5071 |
||
|
Carlos Alexandro Becker
|
4e699a4caf
|
build: fix port error with dockertest on blob_minio_test.go (#5090)
This happened locally, doesn't seem to happen in the CI though. Probably related to the Docker version. |
||
|
Carlos Alexandro Becker
|
5b23a9d903
|
Merge remote-tracking branch 'origin/main' | ||
|
Carlos Alexandro Becker
|
94a8de5347
|
build: use go 1.23 (#5082)
update everything to go 1.23 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
84f136202f
|
build: constant archive files owner, group, and mtime (#5088)
before: ```sh $ tar tvzf dist/goreleaser_Linux_x86_64.tar.gz -rw-rw-r-- twp/twp 1085 2024-08-17 09:19 LICENSE.md -rw-rw-r-- twp/twp 12982 2024-08-17 09:19 README.md -rw-rw-r-- twp/twp 11975 2024-08-17 18:10 completions/goreleaser.bash -rw-rw-r-- twp/twp 10061 2024-08-17 18:10 completions/goreleaser.fish -rw-rw-r-- twp/twp 7892 2024-08-17 18:10 completions/goreleaser.zsh -rw-rw-r-- twp/twp 1594 2024-08-17 18:10 manpages/goreleaser.1.gz -rwxrwxr-x root/root 66003096 2024-08-16 19:49 goreleaser ``` after this change: ```sh $ tar tvf dist/goreleaser_Linux_arm64.tar.gz -rw-r--r-- root/root 1085 2024-08-18 15:36 LICENSE.md -rw-r--r-- root/root 12982 2024-08-18 15:36 README.md -rw-r--r-- root/root 11975 2024-08-18 15:36 completions/goreleaser.bash -rw-r--r-- root/root 10061 2024-08-18 15:36 completions/goreleaser.fish -rw-r--r-- root/root 7892 2024-08-18 15:36 completions/goreleaser.zsh -rw-r--r-- root/root 1594 2024-08-18 15:36 manpages/goreleaser.1.gz -rwxr-xr-x root/root 63439000 2024-08-18 15:36 goreleaser ``` closes #5086 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
d3be3b085d
|
build: update golangci-lint | ||
|
Carlos Alexandro Becker
|
28b30e2947
|
chore(deps): update bluesky/indigo (#5073)
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
7572db1d9a
|
chore: use nightly.version_template
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Tom Payne
|
5e6305804e
|
chore: use snapshot.version_template in own config (#5087)
If applied, this commit will fix the self-check failure reported in https://github.com/goreleaser/goreleaser/issues/5086#issue-2471620837. tl;dr goreleaser v2.2 switched from `snapshot.name_template` to `snapshot.version_template`. This PR updates goreleaser's own config to use the new variable. |
||
|
dependabot[bot]
|
17a955458c
|
chore(deps): bump github.com/charmbracelet/keygen from 0.5.0 to 0.5.1 (#5084)
Bumps [github.com/charmbracelet/keygen](https://github.com/charmbracelet/keygen) from 0.5.0 to 0.5.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/charmbracelet/keygen/releases">github.com/charmbracelet/keygen's releases</a>.</em></p> <blockquote> <h2>v0.5.1</h2> <h2>Changelog</h2> <h3>Other work</h3> <ul> <li>11fd3c7e032fc1ac9fa28d2444c3a3a884111091: build: dependabot config (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>ac4889661d14406ece73e713e384b4d7f93ef152: build: fix golangci-lint config (<a href="https://github.com/caarlos0"><code>@caarlos0</code></a>)</li> <li>66abd54ad630168d53f530d6e68598656e6bdc26: refactor: keygen: refactor same expression (<a href="https://redirect.github.com/charmbracelet/keygen/issues/16">#16</a>) (<a href="https://github.com/orangekame3"><code>@orangekame3</code></a>)</li> <li>334fb4fe9fb3035360e421b305ba68e0834487fc: refactor: remove ioutil package (<a href="https://redirect.github.com/charmbracelet/keygen/issues/15">#15</a>) (<a href="https://github.com/orangekame3"><code>@orangekame3</code></a>)</li> </ul> <hr /> <p><!-- raw HTML omitted --><!-- raw HTML omitted --><!-- raw HTML omitted --></p> <p>Thoughts? Questions? We love hearing from you. Feel free to reach out on <a href="https://twitter.com/charmcli">Twitter</a>, <a href="https://mastodon.technology/@charm">The Fediverse</a>, or on <a href="https://charm.sh/chat">Discord</a>.</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1f5b7ee814
|
chore(deps): bump github.com/slack-go/slack from 0.13.1 to 0.14.0 (#5085)
Bumps [github.com/slack-go/slack](https://github.com/slack-go/slack) from 0.13.1 to 0.14.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/slack-go/slack/releases">github.com/slack-go/slack's releases</a>.</em></p> <blockquote> <h2>v0.14.0</h2> <h2>What's Changed</h2> <p>v0.14.0 is now available. It contains <strong>no breaking changes</strong> but does include several pieces of new functionality and long-standing bug fixes.</p> <h3>Enhancements</h3> <ul> <li>Added Support for receiving <code>metadata</code> when receiving a <code>MessageEvent</code> over WebSocket by <a href="https://github.com/rfratto"><code>@rfratto</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1307">slack-go/slack#1307</a></li> <li>Added a new field to expose file data when receiving a <code>File</code> event from a Slack Connect Channel by <a href="https://github.com/zFlabmonsta"><code>@zFlabmonsta</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1312">slack-go/slack#1312</a></li> <li>Added support for the <code>slack_file</code> in the image block by <a href="https://github.com/rhysm"><code>@rhysm</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1311">slack-go/slack#1311</a></li> <li>Added 35 missing Websocket event types by <a href="https://github.com/Aryakoste"><code>@Aryakoste</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1306">slack-go/slack#1306</a></li> <li>Added support for parsing <code>AppRateLimited</code> events in the <code>ParseEvent</code> function by <a href="https://github.com/nemuvski"><code>@nemuvski</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1308">slack-go/slack#1308</a></li> <li>Added newly documented Channel Canvas properties to the <code>conversations.info</code> Web API method by <a href="https://github.com/ku"><code>@ku</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1228">slack-go/slack#1228</a></li> </ul> <h3>Bug Fixes</h3> <ul> <li>Fixed an edge case when using <code>UpdateRemoteFileContext</code> and <code>UpdateRemoteFile</code> and Image Previews would return an <code>invalid_auth</code> error by <a href="https://github.com/EkeMinusYou"><code>@EkeMinusYou</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1117">slack-go/slack#1117</a></li> </ul> <h3>Chores / Code Cleanup</h3> <ul> <li>Replaced deprecated <code>ioutil</code> with <code>io</code> and <code>os</code> packages by <a href="https://github.com/nakamasato"><code>@nakamasato</code></a> in <a href="https://redirect.github.com/slack-go/slack/pull/1310">slack-go/slack#1310</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/rfratto"><code>@rfratto</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1307">slack-go/slack#1307</a></li> <li><a href="https://github.com/nakamasato"><code>@nakamasato</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1310">slack-go/slack#1310</a></li> <li><a href="https://github.com/rhysm"><code>@rhysm</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1311">slack-go/slack#1311</a></li> <li><a href="https://github.com/Aryakoste"><code>@Aryakoste</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1306">slack-go/slack#1306</a></li> <li><a href="https://github.com/nemuvski"><code>@nemuvski</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1308">slack-go/slack#1308</a></li> <li><a href="https://github.com/ku"><code>@ku</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1228">slack-go/slack#1228</a></li> <li><a href="https://github.com/EkeMinusYou"><code>@EkeMinusYou</code></a> made their first contribution in <a href="https://redirect.github.com/slack-go/slack/pull/1117">slack-go/slack#1117</a></li> <li><a href="https://github.com/jjjjeeffff"><code>@jjjjeeffff</code></a> was instrumental in the successful resolution of <a href="https://redirect.github.com/slack-go/slack/pull/1117">slack-go/slack#1117</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/slack-go/slack/compare/v0.13.1...v0.14.0">https://github.com/slack-go/slack/compare/v0.13.1...v0.14.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
64e8ff1716
|
chore: issue template config | ||
|
Carlos Alexandro Becker
|
d8c179352d
|
build(nix): improve flake.nix | ||
|
dependabot[bot]
|
a1b88757b3
|
chore(deps): bump github/codeql-action from 3.26.1 to 3.26.2 (#5081)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.1 to 3.26.2. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
81c5a206a5
|
test: make test pass on go 1.23 (#5079)
not sure if this is the right solution though --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
06e37acae7
|
docs: announce v2.2 | ||
actions-user
|
e50b72b4a8 | chore: auto-update generated files | ||
|
Carlos Alexandro Becker
|
111121bbd9
|
chore(deps): update nfpm
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
242021e912
|
chore(deps): bump golang from 1.22.6-alpine to 1.23.0-alpine (#5076)
Bumps golang from 1.22.6-alpine to 1.23.0-alpine. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
58838fd1d3
|
chore(deps): bump github/codeql-action from 3.26.0 to 3.26.1 (#5077)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.26.0 to 3.26.1. <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
1fc1a45e9e
|
chore(deps): bump anchore/sbom-action from 0.17.0 to 0.17.1 (#5078)
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.17.0 to 0.17.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's releases</a>.</em></p> <blockquote> <h2>v0.17.1</h2> <h2>Changes in v0.17.1</h2> <ul> <li>chore(deps): update Syft to v1.11.0 (<a href="https://redirect.github.com/anchore/sbom-action/issues/483">#483</a>) [<a href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
76d3047763
|
chore(deps): bump dependabot/fetch-metadata from 1.6.0 to 2.2.0 (#5072)
Bumps [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) from 1.6.0 to 2.2.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dependabot/fetch-metadata/releases">dependabot/fetch-metadata's releases</a>.</em></p> <blockquote> <h2>v2.2.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/create-github-app-token from 1.9.0 to 1.10.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/523">dependabot/fetch-metadata#523</a></li> <li>Bump actions/create-github-app-token from 1.10.0 to 1.10.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/534">dependabot/fetch-metadata#534</a></li> <li>Bump braces from 3.0.2 to 3.0.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/532">dependabot/fetch-metadata#532</a></li> <li>v2.2.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/520">dependabot/fetch-metadata#520</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2...v2.2.0">https://github.com/dependabot/fetch-metadata/compare/v2...v2.2.0</a></p> <h2>v2.1.0</h2> <h2>What's Changed</h2> <ul> <li>Relax <code>engine-strict=true</code> by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/510">dependabot/fetch-metadata#510</a></li> <li>Handle branch names containing hyphen separators by <a href="https://github.com/tspencer244"><code>@tspencer244</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/450">dependabot/fetch-metadata#450</a></li> <li>Switch to monthly release cadence by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/509">dependabot/fetch-metadata#509</a></li> <li>v2.1.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/518">dependabot/fetch-metadata#518</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/tspencer244"><code>@tspencer244</code></a> made their first contribution in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/450">dependabot/fetch-metadata#450</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v2.0.0...v2.1.0">https://github.com/dependabot/fetch-metadata/compare/v2.0.0...v2.1.0</a></p> <h2>v2.0.0 - Switch to <code>node20</code></h2> <h2>What's Changed</h2> <ul> <li>Upgrade from node16 to node20 by <a href="https://github.com/Nishnha"><code>@Nishnha</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/443">dependabot/fetch-metadata#443</a> 👈 this is a potentially breaking change for some workflows</li> <li><code>v2</code> is the new tracking tag by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/506">dependabot/fetch-metadata#506</a></li> <li>v2.0.0 by <a href="https://github.com/fetch-metadata-action-automation"><code>@fetch-metadata-action-automation</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/508">dependabot/fetch-metadata#508</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/dependabot/fetch-metadata/compare/v1.7.0...v2.0.0">https://github.com/dependabot/fetch-metadata/compare/v1.7.0...v2.0.0</a></p> <h2>v1.7.0</h2> <h2>What's Changed</h2> <ul> <li>Bump dotenv from 16.0.3 to 16.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/404">dependabot/fetch-metadata#404</a></li> <li>Bump <code>@types/node</code> from 20.2.3 to 20.3.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/407">dependabot/fetch-metadata#407</a></li> <li>Bump the eslint-dependencies group with 4 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/409">dependabot/fetch-metadata#409</a></li> <li>Update dependabot.yml by <a href="https://github.com/bdragon"><code>@bdragon</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/410">dependabot/fetch-metadata#410</a></li> <li>Bump <code>@types/node</code> from 20.3.3 to 20.4.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/411">dependabot/fetch-metadata#411</a></li> <li>Bump yaml from 2.2.1 to 2.3.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/390">dependabot/fetch-metadata#390</a></li> <li>Bump tough-cookie from 4.0.0 to 4.1.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/412">dependabot/fetch-metadata#412</a></li> <li>Bump <code>@types/node</code> from 20.4.0 to 20.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/413">dependabot/fetch-metadata#413</a></li> <li>Generate Dependabot PRs on Sundays weekly by <a href="https://github.com/abdulapopoola"><code>@abdulapopoola</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/417">dependabot/fetch-metadata#417</a></li> <li>Aggressively group prod and dev dependencies for NPM by <a href="https://github.com/abdulapopoola"><code>@abdulapopoola</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/420">dependabot/fetch-metadata#420</a></li> <li>Update .nvmrc to latest node 16 LTS version by <a href="https://github.com/abdulapopoola"><code>@abdulapopoola</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/422">dependabot/fetch-metadata#422</a></li> <li>Bump the dev-dependencies group with 9 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/421">dependabot/fetch-metadata#421</a></li> <li>Bump the dev-dependencies group with 1 update by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/423">dependabot/fetch-metadata#423</a></li> <li>Check for uncommitted files beyond the <code>diff</code> directory by <a href="https://github.com/jeffwidman"><code>@jeffwidman</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/278">dependabot/fetch-metadata#278</a></li> <li>Bump the dev-dependencies group with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/424">dependabot/fetch-metadata#424</a></li> <li>Bump the dev-dependencies group with 3 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/425">dependabot/fetch-metadata#425</a></li> <li>Bump the dev-dependencies group with 6 updates by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/dependabot/fetch-metadata/pull/428">dependabot/fetch-metadata#428</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
dependabot[bot]
|
32e676fbe8
|
chore(deps): bump github.com/ory/dockertest/v3 from 3.10.0 to 3.11.0 (#5070)
Bumps [github.com/ory/dockertest/v3](https://github.com/ory/dockertest) from 3.10.0 to 3.11.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/ory/dockertest/releases">github.com/ory/dockertest/v3's releases</a>.</em></p> <blockquote> <h2>v3.11.0</h2> <h2>What's Changed</h2> <ul> <li>chore(deps): bump github.com/opencontainers/runc from 1.1.5 to 1.1.6 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/435">ory/dockertest#435</a></li> <li>chore(deps): bump github.com/Microsoft/go-winio from 0.6.0 to 0.6.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/437">ory/dockertest#437</a></li> <li>chore(deps): bump github.com/lib/pq from 0.0.0-20180327071824-d34b9ff171c2 to 1.10.8 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/438">ory/dockertest#438</a></li> <li>chore(deps): bump github.com/docker/docker from 20.10.7+incompatible to 20.10.24+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/426">ory/dockertest#426</a></li> <li>chore(deps): bump actions/checkout from 2 to 3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/427">ory/dockertest#427</a></li> <li>chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/450">ory/dockertest#450</a></li> <li>chore(deps): bump github.com/containerd/continuity from 0.3.0 to 0.4.1 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/451">ory/dockertest#451</a></li> <li>chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/449">ory/dockertest#449</a></li> <li>chore(deps): bump github.com/opencontainers/runc from 1.1.6 to 1.1.7 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/442">ory/dockertest#442</a></li> <li>chore(deps): bump golang.org/x/sys from 0.7.0 to 0.8.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/445">ory/dockertest#445</a></li> <li>chore(deps): bump github.com/moby/term from 0.0.0-20201216013528-df9cb8a40635 to 0.5.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/446">ory/dockertest#446</a></li> <li>chore(deps): bump github.com/docker/cli from 20.10.17+incompatible to 24.0.1+incompatible by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/448">ory/dockertest#448</a></li> <li>chore: bump dependencies and fix some lint by <a href="https://github.com/alnr"><code>@alnr</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/499">ory/dockertest#499</a></li> <li>chore(deps): bump golang.org/x/sys from 0.19.0 to 0.21.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/501">ory/dockertest#501</a></li> <li>chore(deps): bump actions/checkout from 2 to 4 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/475">ory/dockertest#475</a></li> <li>feat: fall back to podman if available by <a href="https://github.com/SoMuchForSubtlety"><code>@SoMuchForSubtlety</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/452">ory/dockertest#452</a></li> <li>test: refactor asserts by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/497">ory/dockertest#497</a></li> <li>use defer instead of os.Exit(m.Run()) by <a href="https://github.com/pmenglund"><code>@pmenglund</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/493">ory/dockertest#493</a></li> <li>docs: remove outdated dep install instruction by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/505">ory/dockertest#505</a></li> <li>chore: remove direct dependency on gotest.tools/v3 by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/504">ory/dockertest#504</a></li> <li>chore: replace deprecated ioutil.TempDir with os.MkdirTemp by <a href="https://github.com/alexandear"><code>@alexandear</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/506">ory/dockertest#506</a></li> <li>chore(deps): bump github.com/opencontainers/runc from 1.1.12 to 1.1.13 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/509">ory/dockertest#509</a></li> <li>move tests to dockertest_test package by <a href="https://github.com/siraj-mx51"><code>@siraj-mx51</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/490">ory/dockertest#490</a></li> <li>chore(deps): bump github.com/opencontainers/image-spec from 1.0.2 to 1.1.0 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/510">ory/dockertest#510</a></li> <li>chore(deps): bump actions/setup-node from 2.pre.beta to 4.0.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/503">ory/dockertest#503</a></li> <li>chore(deps): bump actions/setup-go from 4 to 5 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/508">ory/dockertest#508</a></li> <li>chore(deps): bump actions/stale from 4 to 9 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/507">ory/dockertest#507</a></li> <li>feat: introduce cve scanners by <a href="https://github.com/Demonsthere"><code>@Demonsthere</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/500">ory/dockertest#500</a></li> <li>chore: update docker to v27.1.1 by <a href="https://github.com/adamwalach"><code>@adamwalach</code></a> in <a href="https://redirect.github.com/ory/dockertest/pull/522">ory/dockertest#522</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/alnr"><code>@alnr</code></a> made their first contribution in <a href="https://redirect.github.com/ory/dockertest/pull/499">ory/dockertest#499</a></li> <li><a href="https://github.com/SoMuchForSubtlety"><code>@SoMuchForSubtlety</code></a> made their first contribution in <a href="https://redirect.github.com/ory/dockertest/pull/452">ory/dockertest#452</a></li> <li><a href="https://github.com/siraj-mx51"><code>@siraj-mx51</code></a> made their first contribution in <a href="https://redirect.github.com/ory/dockertest/pull/490">ory/dockertest#490</a></li> <li><a href="https://github.com/Demonsthere"><code>@Demonsthere</code></a> made their first contribution in <a href="https://redirect.github.com/ory/dockertest/pull/500">ory/dockertest#500</a></li> <li><a href="https://github.com/adamwalach"><code>@adamwalach</code></a> made their first contribution in <a href="https://redirect.github.com/ory/dockertest/pull/522">ory/dockertest#522</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/ory/dockertest/compare/v3.10.0...v3.11.0">https://github.com/ory/dockertest/compare/v3.10.0...v3.11.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |
||
|
Carlos Alexandro Becker
|
a624fd3e73
|
ci: auto approve dependency prs
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
idebeijer
|
f924466a81
|
docs: use "~> v2" in GitHub actions docs (#5067) | ||
|
Carlos Alexandro Becker
|
f65ff027ae
|
chore(deps): update env and lipgloss (#5066)
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
65195c06ec
|
sec(deps): update docker/docker and google/go-containerregistry (#5065)
CVE-2024-41110 Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
Carlos Alexandro Becker
|
47ff67b252
|
feat(deps): update ko and gocloud.dev (#5063)
cyclonedx and go.version-m were removed from latest ko version https://github.com/ko-build/ko/pull/1333 --------- Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com> |
||
|
dependabot[bot]
|
0a6405b34d
|
chore(deps): bump github.com/docker/docker from 26.1.4+incompatible to 26.1.5+incompatible (#5064)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 26.1.4+incompatible to 26.1.5+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v26.1.5</h2> <h2>26.1.5</h2> <h3>Security</h3> <p>This release contains a fix for <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110">CVE-2024-41110</a> / <a href="https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq">GHSA-v23v-6jw2-98fq</a> that impacted setups using <a href="https://docs.docker.com/engine/extend/plugins_authorization/">authorization plugins (AuthZ)</a> for access control. No other changes are included in this release, and this release is otherwise identical for users not using AuthZ plugins.</p> <p><strong>Full Changelog</strong>: <a href="https://github.com/moby/moby/compare/v26.1.4...v26.1.5">https://github.com/moby/moby/compare/v26.1.4...v26.1.5</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href=" |