Gabriel Cipriano
11e5682165
docs: update CONTRIBUTING.md add upx as optional prerequesite ( #4427 )
...
A test failed as I didn't had upx installed:
```
--- FAIL: TestRun (0.58s)
upx_test.go:119:
Error Trace: /home/cipri/git/goreleaser/internal/pipe/upx/upx_test.go:119
Error: Received unexpected error:
upx not found in PATH
Test: TestRun
FAIL
```
<!-- If applied, this commit will... -->
...
<!-- Why is this change being made? -->
...
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
...
2023-11-18 09:49:45 -03:00
dependabot[bot]
57f25324a9
chore(deps): bump actions/github-script from 6.4.1 to 7.0.0 ( #4424 )
...
Bumps [actions/github-script](https://github.com/actions/github-script )
from 6.4.1 to 7.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases ">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Add base-url option by <a
href="https://github.com/robandpdx "><code>@robandpdx</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/429 ">actions/github-script#429</a></li>
<li>Expose async-function argument type by <a
href="https://github.com/viktorlott "><code>@viktorlott</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/402 ">actions/github-script#402</a>,
see for details <a
href="https://github.com/actions/github-script#use-scripts-with-jsdoc-support ">https://github.com/actions/github-script#use-scripts-with-jsdoc-support </a></li>
<li>Update dependencies and use Node 20 by <a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/425 ">actions/github-script#425</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/navarroaxel "><code>@navarroaxel</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/285 ">actions/github-script#285</a></li>
<li><a href="https://github.com/robandpdx "><code>@robandpdx</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/429 ">actions/github-script#429</a></li>
<li><a
href="https://github.com/viktorlott "><code>@viktorlott</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/402 ">actions/github-script#402</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v6.4.1...v7.0.0 ">https://github.com/actions/github-script/compare/v6.4.1...v7.0.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="e69ef5462fhttps://redirect.github.com/actions/github-script/issues/425 ">#425</a>
from actions/joshmgross/node-20</li>
<li><a
href="ee0914b839d6fc56f33b384d6cf58184724927e384903f51825349cf9965ecae9eb535https://redirect.github.com/actions/github-script/issues/402 ">#402</a>
from typed-actions/export-types</li>
<li><a
href="044ebbb9456b5d3eac1fhttps://redirect.github.com/actions/github-script/issues/429 ">#429</a>
from robandpdx/add-base-url-option</li>
<li>Additional commits viewable in <a
href="d7906e4ad0...e69ef5462fhttps://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/github-script&package-manager=github_actions&previous-version=6.4.1&new-version=7.0.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 07:15:57 -03:00
laurentsimon
b149223223
feat(docs): Update command in SLSA verification blog post ( #4420 )
...
Great blog post! I added it to the documentation of the
https://github.com/slsa-framework/slsa-github-generator :)
This PR fixes the command to verify SLSA provenance in the blog post
https://goreleaser.com/blog/slsa-generation-for-your-artifacts/ .
The verification for binary artifacts is correct.
The verification for container images is incorrect:
- The command verifies the identity of the builder only, but it should
also verify the source repository
- The command does not verify the release version, which _may_ allows an
attacker to perform a downgrade attack. (not a super big deal, but still
useful to close this gap if the image was built on a tag trigger)
This follows the same steps on argoCD's documentation
https://argo-cd.readthedocs.io/en/stable/operator-manual/signed-release-assets/#verification-of-container-image-with-slsa-attestations
Thanks!
---------
Signed-off-by: laurentsimon <laurentsimon@google.com>
2023-11-13 12:35:44 -03:00
actions-user
c4a33d5b83
chore: docs auto-update
2023-11-09 00:13:54 +00:00
dependabot[bot]
7d293855e8
fix(deps): bump golang from 1.21.3-alpine to 1.21.4-alpine ( #4414 )
...
Bumps golang from 1.21.3-alpine to 1.21.4-alpine.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-08 08:56:31 -03:00
dependabot[bot]
926760eac1
chore(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 ( #4413 )
...
Bumps
[sigstore/cosign-installer](https://github.com/sigstore/cosign-installer )
from 3.1.2 to 3.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/sigstore/cosign-installer/releases ">sigstore/cosign-installer's
releases</a>.</em></p>
<blockquote>
<h2>v3.2.0</h2>
<p><strong>Note: This release comes with a fix for CVE-2023-46737
described in this <a
href="https://github.com/sigstore/cosign/security/advisories/GHSA-vfp6-jrw2-99g9 ">Github
Security Advisory</a>. Please upgrade to this release ASAP</strong></p>
<p>see <a
href="https://github.com/sigstore/cosign/releases/tag/v2.2.1 ">https://github.com/sigstore/cosign/releases/tag/v2.2.1 </a></p>
<h2>What's Changed</h2>
<ul>
<li>Support the runner context of gitea act by <a
href="https://github.com/josedev-union "><code>@josedev-union</code></a>
in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/147 ">sigstore/cosign-installer#147</a></li>
<li>bump cosign to v2.2.1 by <a
href="https://github.com/cpanato "><code>@cpanato</code></a> in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/148 ">sigstore/cosign-installer#148</a></li>
<li>test with latest go version by <a
href="https://github.com/bobcallaway "><code>@bobcallaway</code></a> in
<a
href="https://redirect.github.com/sigstore/cosign-installer/pull/150 ">sigstore/cosign-installer#150</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/josedev-union "><code>@josedev-union</code></a>
made their first contribution in <a
href="https://redirect.github.com/sigstore/cosign-installer/pull/147 ">sigstore/cosign-installer#147</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0 ">https://github.com/sigstore/cosign-installer/compare/v3...v3.2.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1fc5bd396dhttps://redirect.github.com/sigstore/cosign-installer/issues/150 ">#150</a>)</li>
<li><a
href="9ce7d6069fhttps://redirect.github.com/sigstore/cosign-installer/issues/148 ">#148</a>)</li>
<li><a
href="4b014e3cf1https://redirect.github.com/sigstore/cosign-installer/issues/147 ">#147</a>)</li>
<li><a
href="38ab09d8bfhttps://redirect.github.com/sigstore/cosign-installer/issues/145 ">#145</a>)</li>
<li><a
href="9c520b997ehttps://redirect.github.com/sigstore/cosign-installer/issues/144 ">#144</a>)</li>
<li><a
href="ef6a6b364bhttps://redirect.github.com/sigstore/cosign-installer/issues/143 ">#143</a>)</li>
<li>See full diff in <a
href="https://github.com/sigstore/cosign-installer/compare/v3.1.2...v3.2.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-08 08:55:59 -03:00
Carlos Alexandro Becker
e33d053612
fix: --single-target when no match
...
closes #4412
2023-11-08 02:02:49 +00:00
Carlos Alexandro Becker
c0b2be344f
fix: handle configs with no explicit targets on --single-target
...
closes #4411
2023-11-07 11:40:31 +00:00
actions-user
17393af9fa
chore: docs auto-update
2023-11-07 01:07:54 +00:00
Carlos Alexandro Becker
4f17fba173
build: fix setup-task rate limit
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-07 01:05:02 +00:00
Carlos Alexandro Becker
be9ad4d47d
build: update workflow
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-07 01:03:44 +00:00
Carlos Alexandro Becker
6b65ea5ca1
docs: update
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-07 00:39:45 +00:00
dependabot[bot]
3a552a9df5
feat(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 ( #4408 )
...
Bumps [golang.org/x/sync](https://github.com/golang/sync ) from 0.4.0 to
0.5.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="10739b037dhttps://github.com/golang/sync/compare/v0.4.0...v0.5.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 12:51:07 -03:00
dependabot[bot]
f20320b9e6
feat(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 ( #4410 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from
1.7.0 to 1.8.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spf13/cobra/releases ">github.com/spf13/cobra's
releases</a>.</em></p>
<blockquote>
<h2>v1.8.0</h2>
<h2>✨ Features</h2>
<ul>
<li>Support usage as plugin for tools like kubectl by <a
href="https://github.com/nirs "><code>@nirs</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2018 ">spf13/cobra#2018</a>
- this means that programs that utilize a "plugin-like"
structure have much better support and usage (like for completions,
command paths, etc.)</li>
<li>Move documentation sources to site/content by <a
href="https://github.com/umarcor "><code>@umarcor</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1428 ">spf13/cobra#1428</a></li>
<li>Add 'one required flag' group by <a
href="https://github.com/marevers "><code>@marevers</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1952 ">spf13/cobra#1952</a>
- this includes a new <code>MarkFlagsOneRequired</code> API for flags
which can be used to mark a flag group as required and cause command
failure if at least one is not used when invoked.</li>
<li>Customizable error message prefix by <a
href="https://github.com/5ouma "><code>@5ouma</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2023 ">spf13/cobra#2023</a>
- This adds the <code>SetErrPrefix</code> and <code>ErrPrefix</code>
APIs on the <code>Command</code> struct to allow for setting a custom
prefix for errors</li>
<li>feat: add getters for flag completions by <a
href="https://github.com/avirtopeanu-ionos "><code>@avirtopeanu-ionos</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/1943 ">spf13/cobra#1943</a></li>
<li>Feature: allow running persistent run hooks of all parents by <a
href="https://github.com/vkhoroz "><code>@vkhoroz</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2044 ">spf13/cobra#2044</a></li>
<li>Improve API to get flag completion function by <a
href="https://github.com/marckhouzam "><code>@marckhouzam</code></a> in
<a
href="https://redirect.github.com/spf13/cobra/pull/2063 ">spf13/cobra#2063</a></li>
</ul>
<h2>🐛 Bug fixes</h2>
<ul>
<li>Fix typo in fish completions by <a
href="https://github.com/twpayne "><code>@twpayne</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1945 ">spf13/cobra#1945</a></li>
<li>Fix grammar: 'allows to' by <a
href="https://github.com/supertassu "><code>@supertassu</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1978 ">spf13/cobra#1978</a></li>
<li>powershell: escape variable with curly brackets by <a
href="https://github.com/Luap99 "><code>@Luap99</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1960 ">spf13/cobra#1960</a></li>
<li>Don't complete --help flag when flag parsing disabled by <a
href="https://github.com/marckhouzam "><code>@marckhouzam</code></a> in
<a
href="https://redirect.github.com/spf13/cobra/pull/2061 ">spf13/cobra#2061</a></li>
<li>Replace all non-alphanumerics in active help env var program prefix
by <a href="https://github.com/scop "><code>@scop</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1940 ">spf13/cobra#1940</a></li>
</ul>
<h2>🔧 Maintenance</h2>
<ul>
<li>build(deps): bump golangci/golangci-lint-action from 3.4.0 to 3.5.0
by <a href="https://github.com/dependabot "><code>@dependabot</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/1971 ">spf13/cobra#1971</a></li>
<li>build(deps): bump golangci/golangci-lint-action from 3.5.0 to 3.6.0
by <a href="https://github.com/dependabot "><code>@dependabot</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/1976 ">spf13/cobra#1976</a></li>
<li>build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0
by <a href="https://github.com/dependabot "><code>@dependabot</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/2021 ">spf13/cobra#2021</a></li>
<li>build(deps): bump actions/setup-go from 3 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1934 ">spf13/cobra#1934</a></li>
<li>build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.2 to
2.0.3 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2047 ">spf13/cobra#2047</a></li>
<li>build(deps): bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2028 ">spf13/cobra#2028</a></li>
<li>command: temporarily disable G602 due to <a
href="https://redirect.github.com/securego/gosec/issues/1005 ">securego/gosec#1005</a>
by <a href="https://github.com/umarcor "><code>@umarcor</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2022 ">spf13/cobra#2022</a></li>
</ul>
<h2>🧪 Testing & CI/CD</h2>
<ul>
<li>test: make fish_completions_test more robust by <a
href="https://github.com/branchvincent "><code>@branchvincent</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/1980 ">spf13/cobra#1980</a></li>
<li>golangci: enable 'unused' and disable deprecated replaced by it by
<a href="https://github.com/umarcor "><code>@umarcor</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/1983 ">spf13/cobra#1983</a></li>
<li>cleanup: minor corrections to unit tests by <a
href="https://github.com/JunNishimura "><code>@JunNishimura</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/2003 ">spf13/cobra#2003</a></li>
<li>ci: test golang 1.21 by <a
href="https://github.com/nunoadrego "><code>@nunoadrego</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2024 ">spf13/cobra#2024</a></li>
<li>Fix linter errors by <a
href="https://github.com/marckhouzam "><code>@marckhouzam</code></a> in
<a
href="https://redirect.github.com/spf13/cobra/pull/2052 ">spf13/cobra#2052</a></li>
<li>Add tests for flag completion registration by <a
href="https://github.com/marckhouzam "><code>@marckhouzam</code></a> in
<a
href="https://redirect.github.com/spf13/cobra/pull/2053 ">spf13/cobra#2053</a></li>
</ul>
<h2>✏️ Documentation</h2>
<ul>
<li>doc: fix typo, Deperecated -> Deprecated by <a
href="https://github.com/callthingsoff "><code>@callthingsoff</code></a>
in <a
href="https://redirect.github.com/spf13/cobra/pull/2000 ">spf13/cobra#2000</a></li>
<li>Add notes to doc about the execution condition of *PreRun and
*PostRun functions by <a
href="https://github.com/haoming29 "><code>@haoming29</code></a> in <a
href="https://redirect.github.com/spf13/cobra/pull/2041 ">spf13/cobra#2041</a></li>
</ul>
<hr />
<p>Thank you everyone who contributed to this release and all your hard
work! Cobra and this community would never be possible without all of
you!!!! 🐍 </p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0 ">https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a0a6ae020bhttps://redirect.github.com/spf13/cobra/issues/2063 ">#2063</a>)</li>
<li><a
href="890302a35fhttps://redirect.github.com/spf13/cobra/issues/2018 ">#2018</a>)</li>
<li><a
href="48cea5c87bhttps://redirect.github.com/spf13/cobra/issues/2028 ">#2028</a>)</li>
<li><a
href="22953d8845https://redirect.github.com/spf13/cobra/issues/1940 ">#1940</a>)</li>
<li><a
href="00b68a1c26https://redirect.github.com/spf13/cobra/issues/2053 ">#2053</a>)</li>
<li><a
href="b711e8760bhttps://redirect.github.com/spf13/cobra/issues/2061 ">#2061</a>)</li>
<li><a
href="8b1eba4761https://redirect.github.com/spf13/cobra/issues/2052 ">#2052</a>)</li>
<li><a
href="4cafa37bc4https://redirect.github.com/spf13/cobra/issues/2044 ">#2044</a>)</li>
<li><a
href="5c962a221ehttps://redirect.github.com/spf13/cobra/issues/2047 ">#2047</a>)</li>
<li><a
href="efe8fa3e44https://redirect.github.com/spf13/cobra/issues/1934 ">#1934</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/spf13/cobra/compare/v1.7.0...v1.8.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 12:44:28 -03:00
dependabot[bot]
a9b3d49e59
feat(deps): bump golang.org/x/text from 0.13.0 to 0.14.0 ( #4409 )
...
Bumps [golang.org/x/text](https://github.com/golang/text ) from 0.13.0 to
0.14.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6c97a165ddhttps://github.com/golang/text/compare/v0.13.0...v0.14.0 ">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-06 12:44:16 -03:00
Ernst Widerberg
d2d910f54f
docs: fix typos ( #4406 )
2023-11-06 09:14:07 -03:00
Carlos Alexandro Becker
bc4523d4fe
docs: fix discord link
...
closes #4357
2023-11-04 02:42:53 +00:00
Carlos Alexandro Becker
b9cca21b7a
chore: simplify test
2023-11-03 23:40:07 -03:00
Carlos Alexandro Becker
74a9317c83
fix: properly handle multi-module projects with a go.work file
...
closes #4379
2023-11-03 23:40:07 -03:00
Carlos Alexandro Becker
63f2f0a18d
fix(docker): improve error msg
2023-11-04 01:01:17 +00:00
Torsten Curdt
1bd8190b9e
adjusted the string to search for in the error message
...
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-03 22:00:17 -03:00
Torsten Curdt
bd149aca5d
switched to double quotes
...
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-03 22:00:17 -03:00
Torsten Curdt
49f39736ef
more explicit error message for docker buildx context error
2023-11-03 22:00:17 -03:00
Torsten Curdt
cb656a35ec
spelling fix
2023-11-03 22:00:17 -03:00
Carlos Alexandro Becker
e9dda51607
test: fix
2023-11-03 21:47:09 -03:00
Carlos Alexandro Becker
422c46daff
test: improve some tests
2023-11-03 21:47:09 -03:00
Carlos Alexandro Becker
0fbc447fe1
feat: --skip=homebrew
2023-11-03 21:47:09 -03:00
Carlos Alexandro Becker
954121ffb1
feat: --skip-nix
2023-11-03 21:47:09 -03:00
Carlos Alexandro Becker
53071b6642
feat: --skip=aur
2023-11-03 21:47:09 -03:00
dependabot[bot]
9fb281bd7a
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 ( #4376 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0
to 4.1.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases ">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update CODEOWNERS to Launch team by <a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1510 ">actions/checkout#1510</a></li>
<li>Correct link to GitHub Docs by <a
href="https://github.com/peterbe "><code>@peterbe</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1511 ">actions/checkout#1511</a></li>
<li>Link to release page from what's new section by <a
href="https://github.com/cory-miller "><code>@cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1514 ">actions/checkout#1514</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a
href="https://github.com/joshmgross "><code>@joshmgross</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1510 ">actions/checkout#1510</a></li>
<li><a href="https://github.com/peterbe "><code>@peterbe</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/checkout/pull/1511 ">actions/checkout#1511</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v4...v4.1.1 ">https://github.com/actions/checkout/compare/v4...v4.1.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b4ffde65f4https://redirect.github.com/actions/checkout/issues/1514 ">#1514</a>)</li>
<li><a
href="8530928916https://redirect.github.com/actions/checkout/issues/1511 ">#1511</a>)</li>
<li><a
href="7cdaf2fbc0https://redirect.github.com/actions/checkout/issues/1510 ">#1510</a>)</li>
<li>See full diff in <a
href="8ade135a41...b4ffde65f4https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/checkout&package-manager=github_actions&previous-version=4.1.0&new-version=4.1.1 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
Dependabot will merge this PR once CI passes on it, as requested by
@caarlos0.
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-03 21:42:31 -03:00
Carlos Alexandro Becker
2223c93b8c
feat: check if go.mod has replace directives ( #4398 )
...
closes #4395
2023-11-03 21:42:09 -03:00
Carlos Alexandro Becker
45839c13c3
fix(jsonschema): version is not required on v1.x
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-04 00:38:55 +00:00
Carlos Alexandro Becker
780fcc7163
Merge remote-tracking branch 'origin/main'
2023-11-04 00:38:23 +00:00
Carlos Alexandro Becker
178ce2af58
build: only update docs, schema, after a release
...
closes #4402
2023-11-03 21:37:39 -03:00
Carlos Alexandro Becker
1a8702f140
feat: --skip=snapcraft
2023-11-03 23:24:04 +00:00
Carlos Alexandro Becker
c6cb980c4f
feat: --skip=winget
2023-11-03 23:23:25 +00:00
Carlos Alexandro Becker
8ce439972a
feat: --skip=scoop
2023-11-03 23:22:50 +00:00
Carlos Alexandro Becker
8cd3104f1c
chore: update schema
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-11-02 20:38:07 +00:00
Carlos Alexandro Becker
b8cc16d4ac
fix: .Amd64 in build hooks
...
closes #4399
2023-11-02 12:47:00 +00:00
dependabot[bot]
69a1fb3ad4
feat(deps): bump golang from 926f7f7 to 96a8a70
...
Bumps golang from `926f7f7` to `96a8a70`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-11-02 09:33:41 -03:00
Carlos Alexandro Becker
3a3cf610f8
docs: conventional file name on armv6
...
refs https://github.com/charmbracelet/meta/pull/116
2023-11-02 12:32:31 +00:00
actions-user
9c54dda3ba
chore: docs auto-update
2023-10-31 21:36:51 +00:00
Hervé Le Meur
1e06244363
Add updatecli.io to USERS.md
2023-10-31 18:34:33 -03:00
actions-user
c5de7c54ee
chore: docs auto-update
2023-10-31 18:12:45 +00:00
Carlos Alexandro Becker
896366f3dc
feat: version in the yaml file
...
Signed-off-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
2023-10-31 15:10:16 -03:00
dependabot[bot]
3009ac1989
feat(deps): bump github.com/docker/docker
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 24.0.6+incompatible to 24.0.7+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v24.0.6...v24.0.7 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-30 13:42:51 -03:00
Carlos Alexandro Becker
d4540f884f
test: fix unstable test
2023-10-30 15:50:30 +00:00
Gabriel F Cipriano
cf008d3ed7
fix: sort checksum lines by filename
2023-10-30 12:49:39 -03:00
Raito Bezarius
1a5d3ffa02
feat(nix): mark all Nix packages with the right source provenance
...
As GoReleaser focuses on binary packages wrapped in Nix, it is important
to mark their right source provenance, i.e. binary native code.
2023-10-30 12:23:14 -03:00
dependabot[bot]
8cb018bc42
feat(deps): bump github.com/goreleaser/nfpm/v2 from 2.33.1 to 2.34.0
...
Bumps [github.com/goreleaser/nfpm/v2](https://github.com/goreleaser/nfpm ) from 2.33.1 to 2.34.0.
- [Release notes](https://github.com/goreleaser/nfpm/releases )
- [Changelog](https://github.com/goreleaser/nfpm/blob/main/.goreleaser.yml )
- [Commits](https://github.com/goreleaser/nfpm/compare/v2.33.1...v2.34.0 )
---
updated-dependencies:
- dependency-name: github.com/goreleaser/nfpm/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-10-30 11:49:56 -03:00
