Extract the digest (sha256) of docker images from the `docker push`
command for dockers published to the docker registry.
Outputting the digest is required to avoid a race condition when
referencing the image, where the image tag is being modified before the
reference is done.
See this [blog
post](https://github.com/goreleaser/goreleaser/issues/3496) for more
info.
This PR fixes https://github.com/goreleaser/goreleaser/issues/3496.
Note that the 'publish' pipe now must run before the 'metadata' pipe, so
that the information extracted during the 'publish' pipe would appear in
the metadata.
Previously, the published docker images metadata wasn't printed (because
of the order). It made sense because the content of the published image
was just a subset of the local one.
Now that it is printed to the metadata, it should have a different name
to avoid confusion.
As I mentioned, it wasn't printed before - so there shouldn't be any
backward-compatibility issues.
---
Local tests:
```
go test -v .
=== RUN TestVersion
=== RUN TestVersion/only_version
=== RUN TestVersion/version_and_date
=== RUN TestVersion/version,_date,_built_by
=== RUN TestVersion/all_empty
=== RUN TestVersion/complete
--- PASS: TestVersion (0.00s)
--- PASS: TestVersion/only_version (0.00s)
--- PASS: TestVersion/version_and_date (0.00s)
--- PASS: TestVersion/version,_date,_built_by (0.00s)
--- PASS: TestVersion/all_empty (0.00s)
--- PASS: TestVersion/complete (0.00s)
PASS
ok github.com/goreleaser/goreleaser 0.764s
```
Output example:
```
{
"name": "gallegit/hello-world:latest",
"path": "gallegit/hello-world:latest",
"goos": "linux",
"goarch": "amd64",
"internal_type": 10,
"type": "Published Docker Image",
"extra": {
"digest": "sha256:c3f7dd196a046dc061236d3c6ae1e2946269e90da30b0a959240ca799750e632"
}
}
```
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
This PR adds support for generating the structure used to pack and push
Chocolatey Packages. And will solve the #3154
Is not ready for merge yet, but has the main structure, and ready for
comments.
Accordingly to Chocolatey, in order to build a package, it's necessary a
`.nuspec` and `chocolateyinstall.ps1` files at least, having these ones,
we could pack and distribute without adding the binary inside the final
package and that was implemented here.
To complete, will be necessary to define the package build and
distribute, however will be required to have Chocolatey installed
(Windows Only). One of alternatives that I thought was, publish the
files like Scoop and Brew in a separate repository, and there we could
use `chocolatey` through
[crazy-max/ghaction-chocolatey](https://github.com/crazy-max/ghaction-chocolatey).
Chocolatey has a lot of good examples of repositories:
https://github.com/chocolatey-community/chocolatey-packages/tree/master/automatic/curl
A final compilation of the missing parts:
- [x] How to pack and push (chocolatey)
- [x] Documentation
Sorry for the long description😄
All feedback very welcome!
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
This PR improves the handling of shared or static libraries by
GoReleaser. It uses the default behaviour of the Go compiler by
appending the right extension to libraries.
* `.so` and `.a` for Linux shared libraries and static libraries
respectively
* `.dylib` and `.a.` on Darwin
* `.dll` and `.lib` on Windows (pre-existent)
It does not add any configuration option to `.goreleaser.yml`, since it
leverages the existing `buildmode` flag.
Additionally, this PR takes care of adding the generated header file
into the archive.
<!-- Why is this change being made? -->
Personally I would leverage this change to release some software both as
a CLI and as a shared library. I believe others who use CGo or need
interoperability with Go from other languages could benefit from this.
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
This was previously discussed in #3497.
I couldn't quite think of a proper way to add some tests to the header
archiving feature. Any recommendation?
Bumps golang from `8558ae6` to `dc4f475`.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
Fixes wording in the docs page about Git being in a dirty state.
<!-- Why is this change being made? -->
The goal is to improve the end-user reading of the instructions.
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
...
Bumps
[github.com/invopop/jsonschema](https://github.com/invopop/jsonschema)
from 0.6.0 to 0.7.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9f28aff529"><code>9f28aff</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/invopop/jsonschema/issues/53">#53</a>
from webdestroya/feat/schema-post</li>
<li><a
href="ea9462d7d8"><code>ea9462d</code></a>
fixes</li>
<li><a
href="7ebaf5956b"><code>7ebaf59</code></a>
Merge branch 'main' into feat/schema-post</li>
<li><a
href="b32bc839da"><code>b32bc83</code></a>
Renaming JSONSchemaPost to JSONSchemaExtend</li>
<li><a
href="a7e97159f1"><code>a7e9715</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/invopop/jsonschema/issues/57">#57</a>
from PeterNovotney/allow-equals</li>
<li><a
href="fb292e4c0a"><code>fb292e4</code></a>
Allow for = character in extra property values</li>
<li><a
href="55c890f449"><code>55c890f</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/invopop/jsonschema/issues/46">#46</a>
from deepjyoti30/feat/add-anyof-support</li>
<li><a
href="bd9a931546"><code>bd9a931</code></a>
feat(reflect): Add method to modify the schema after processing</li>
<li><a
href="679d2ebe09"><code>679d2eb</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/invopop/jsonschema/issues/47">#47</a>
from paulcacheux/paulcacheux/inline-ptr</li>
<li><a
href="48f39d6372"><code>48f39d6</code></a>
fix <code>Pointer</code> issue because of recent go version</li>
<li>Additional commits viewable in <a
href="https://github.com/invopop/jsonschema/compare/v0.6.0...v0.7.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Fix the regular expressions used in changelog group processing to valid
golang (RE2) regexps. These previously used PCRE character class `\w`
which is not supported in RE2 which is what golang regexp uses.
Also document that format matches not just title as some may thing but
the format `<abbrev-commit> <title-commit>`.
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2.1.30 to 2.1.31.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c3b6fce4ee"><code>c3b6fce</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1345">#1345</a>
from github/update-v2.1.31-a8cabafa</li>
<li><a
href="8aa42f1f11"><code>8aa42f1</code></a>
Update CHANGELOG.md</li>
<li><a
href="29a5553722"><code>29a5553</code></a>
Update CHANGELOG.md</li>
<li><a
href="e260194d76"><code>e260194</code></a>
Update changelog for v2.1.31</li>
<li><a
href="a8cabafa56"><code>a8cabaf</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1344">#1344</a>
from github/edoardo/prune-ruby</li>
<li><a
href="862a512899"><code>862a512</code></a>
Prune results of Ruby query from SARIF</li>
<li><a
href="71510779c2"><code>7151077</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1342">#1342</a>
from github/mergeback/v2.1.30-to-main-18fe527f</li>
<li><a
href="81a1ec0fb3"><code>81a1ec0</code></a>
Update checked-in dependencies</li>
<li><a
href="60c8cda203"><code>60c8cda</code></a>
Update changelog and version after v2.1.30</li>
<li>See full diff in <a
href="18fe527fa8...c3b6fce4ee">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
add warning about gitlab-ci protected variables for both CI/gitlab and
SCM/gitlab.
Failing to run the pipelines on a protected ref will cause goreleaser to
fail with `401: unauthorized` if for example, GITLAB_TOKEN is a
protected variable and the CI Job is running on a tag that is not
protected.
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
Add a warning about Gitlab CI and protected variables
<!-- Why is this change being made? -->
To prevent future users from running into issues with protected
variables.
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
[Discord
Convo](https://discord.com/channels/890434333251362866/890434334803247126/1038130560293412955)
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2.1.29 to 2.1.30.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.1.30 - 02 Nov 2022</h2>
<ul>
<li>Improve the error message when using CodeQL bundle version 2.7.2 and
earlier in a workflow that runs on a runner image such as
<code>ubuntu-22.04</code> that uses glibc version 2.34 and later. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1334">#1334</a></li>
</ul>
<h2>2.1.29 - 26 Oct 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.2. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1320">#1320</a></li>
</ul>
<h2>2.1.28 - 18 Oct 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.1. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1294">#1294</a></li>
<li>Replace uses of GitHub Actions command <code>set-output</code>
because it is now deprecated. See more information in the <a
href="https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/">GitHub
Changelog</a>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1301">#1301</a></li>
</ul>
<h2>2.1.27 - 06 Oct 2022</h2>
<ul>
<li>We are rolling out a feature of the CodeQL Action in October 2022
that changes the way that Go code is analyzed to be more consistent with
other compiled languages like C/C++, C#, and Java. You do not need to
alter your code scanning workflows. If you encounter any problems,
please <a href="https://github.com/github/codeql-action/issues">file an
issue</a> or open a private ticket with GitHub Support and request an
escalation to engineering.</li>
</ul>
<h2>2.1.26 - 29 Sep 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.0. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1267">#1267</a></li>
</ul>
<h2>2.1.25 - 21 Sep 2022</h2>
<ul>
<li>We will soon be rolling out a feature of the CodeQL Action that
stores some information used to make future runs faster in the GitHub
Actions cache. Initially, this will only be enabled on JavaScript
repositories, but we plan to add more languages to this soon. The new
feature can be disabled by passing the <code>trap-caching: false</code>
option to your workflow's <code>init</code> step, for example if you are
already using the GitHub Actions cache for a different purpose and are
near the storage limit for it.</li>
<li>Add support for Python automatic dependency installation with Poetry
1.2 <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1258">#1258</a>.</li>
</ul>
<h2>2.1.24 - 16 Sep 2022</h2>
<p>No user facing changes.</p>
<h2>2.1.23 - 14 Sep 2022</h2>
<ul>
<li>Allow CodeQL packs to be downloaded from GitHub Enterprise Server
instances, using the new <code>registries</code> input for the
<code>init</code> action. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1221">#1221</a></li>
<li>Update default CodeQL bundle version to 2.10.5. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1240">#1240</a></li>
</ul>
<h2>2.1.22 - 01 Sep 2022</h2>
<ul>
<li>Downloading CodeQL packs has been moved to the <code>init</code>
step. Previously, CodeQL packs were downloaded during the
<code>analyze</code> step. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1218">#1218</a></li>
<li>Update default CodeQL bundle version to 2.10.4. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1224">#1224</a></li>
<li>The newly released <a
href="https://python-poetry.org/blog/announcing-poetry-1.2.0">Poetry
1.2</a> is not yet supported. In the most common case where the CodeQL
Action is automatically installing Python dependencies, it will continue
to install and use Poetry 1.1 on its own. However, in certain cases such
as with self-hosted runners, you may need to ensure Poetry 1.1 is
installed yourself.</li>
</ul>
<h2>2.1.21 - 25 Aug 2022</h2>
<ul>
<li>Improve error messages when the code scanning configuration file
includes an invalid <code>queries</code> block or an invalid
<code>query-filters</code> block. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1208">#1208</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="18fe527fa8"><code>18fe527</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1341">#1341</a>
from github/update-v2.1.30-cd983e71</li>
<li><a
href="f04ca7c11c"><code>f04ca7c</code></a>
Update changelog for v2.1.30</li>
<li><a
href="cd983e71c6"><code>cd983e7</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1334">#1334</a>
from github/henrymercer/better-error-for-glibc</li>
<li><a
href="2ec046b5ac"><code>2ec046b</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1328">#1328</a>
from github/angelapwen/add-go-autobuild-comment</li>
<li><a
href="72bd9cbe62"><code>72bd9cb</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1321">#1321</a>
from github/criemen/datadog-tag</li>
<li><a
href="ac0112f7f1"><code>ac0112f</code></a>
Add Go to list of supported languages</li>
<li><a
href="77b1f7e44c"><code>77b1f7e</code></a>
Merge remote-tracking branch 'origin/main' into criemen/datadog-tag</li>
<li><a
href="aa07b3894b"><code>aa07b38</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1340">#1340</a>
from github/henrymercer/fix-proxy-check</li>
<li><a
href="c44e6c6096"><code>c44e6c6</code></a>
Fix missing Docker image in proxy test</li>
<li><a
href="ae0a2603c1"><code>ae0a260</code></a>
Update src/actions-util.ts</li>
<li>Additional commits viewable in <a
href="ec3cf9c605...18fe527fa8">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
<!--
Hi, thanks for contributing!
Please make sure you read our CONTRIBUTING guide.
Also, add tests and the respective documentation changes as well.
-->
<!-- If applied, this commit will... -->
This PR implements the Archlinux packages that were added in nfpm
v2.20.0, as well as tests and documentation for them.
<!-- Why is this change being made? -->
<!-- # Provide links to any relevant tickets, URLs or other resources
-->
goreleaser/nfpm#133
goreleaser/nfpm#543
Fixes#3469
Co-authored-by: Carlos Alexandro Becker <caarlos0@users.noreply.github.com>
closes#3508
- adds template support for krew and scoop repo refs
- template branch on reporef on brew as well
Signed-off-by: Carlos A Becker <caarlos0@users.noreply.github.com>
Bumps golang from 1.19.2-alpine to 1.19.3-alpine.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/disgoorg/disgo](https://github.com/disgoorg/disgo)
from 0.13.20 to 0.13.21.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/disgoorg/disgo/releases">github.com/disgoorg/disgo's
releases</a>.</em></p>
<blockquote>
<h2>v0.13.21</h2>
<h2>What's Changed</h2>
<ul>
<li>add PremiumTypeNitroBasic by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="903df646b4</a></li>
<li>update guild features by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="5f832114b8</a></li>
<li>update <a
href="https://github.com/disgoorg/snowflake"><code>snowflake</code></a>
module to fix issues with decoding some <code>GuildCreate</code> events
by <a href="https://github.com/TopiSenpai"><code>@TopiSenpai</code></a>
in <a
href="2e94ec627a</a></li>
<li>add <code>SetFooterIconf</code>, <code>SetImagef</code>,
<code>SetThumbnailf</code> and <code>SetURLf</code> by <a
href="https://github.com/itasli"><code>@itasli</code></a> in <a
href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/204">disgoorg/disgo#204</a></li>
<li>add more automod audit log types + fields by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/189">disgoorg/disgo#189</a></li>
<li>update oauth2 connections by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="9910965d4b</a></li>
<li>add default sort order to forums by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="0f47660bb9</a></li>
<li>add missing fields to <code>GuildForumChannelCreate</code> by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="d5b5254c4f</a></li>
<li>fix missing <code>guild_id</code> in GuildForumChannels by <a
href="https://github.com/TopiSenpai"><code>@TopiSenpai</code></a> in <a
href="16246893ae</a></li>
<li>add <code>Flags</code> to <code>GuildForumChannelUpdate</code> by <a
href="https://github.com/caneleex"><code>@caneleex</code></a> in <a
href="bdac2ebafb</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/itasli"><code>@itasli</code></a> made
their first contribution in <a
href="https://github-redirect.dependabot.com/disgoorg/disgo/pull/204">disgoorg/disgo#204</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/disgoorg/disgo/compare/v0.13.20...v0.13.21">https://github.com/disgoorg/disgo/compare/v0.13.20...v0.13.21</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="903df646b4"><code>903df64</code></a>
add PremiumTypeNitroBasic</li>
<li><a
href="5f832114b8"><code>5f83211</code></a>
update feature list</li>
<li><a
href="2e94ec627a"><code>2e94ec6</code></a>
update snowflake module to v2.0.1 to fix snowlfake decoding error &
move gate...</li>
<li><a
href="17ccdf302f"><code>17ccdf3</code></a>
add SetFooterIconf, SetImagef, SetThumbnailf and SetURLf (<a
href="https://github-redirect.dependabot.com/disgoorg/disgo/issues/204">#204</a>)</li>
<li><a
href="5cad8df785"><code>5cad8df</code></a>
fix incorrect json field name for ExpiresAt</li>
<li><a
href="0f47660bb9"><code>0f47660</code></a>
add default sort order to forums (again)</li>
<li><a
href="bdac2ebafb"><code>bdac2eb</code></a>
add Flags to GuildForumChannelUpdate</li>
<li><a
href="e1e6eb2de9"><code>e1e6eb2</code></a>
add missing methods on flag types</li>
<li><a
href="9910965d4b"><code>9910965</code></a>
update connections</li>
<li><a
href="1e34b93709"><code>1e34b93</code></a>
Revert "add default sort order to forums"</li>
<li>Additional commits viewable in <a
href="https://github.com/disgoorg/disgo/compare/v0.13.20...v0.13.21">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab)
from 0.73.1 to 0.74.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="4ec1dc623e"><code>4ec1dc6</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1540">#1540</a>
from weirdian2k3/master</li>
<li><a
href="26519c9ab7"><code>26519c9</code></a>
Fixup the PR</li>
<li><a
href="d3d6dcfe3c"><code>d3d6dcf</code></a>
Fixup the PR</li>
<li><a
href="15530cae1b"><code>15530ca</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1528">#1528</a>
from weavedev/add-feature-flag-support</li>
<li><a
href="24edab0c8f"><code>24edab0</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1559">#1559</a>
from epropulsion-tech/master</li>
<li><a
href="f56f2462b6"><code>f56f246</code></a>
Added missing fields</li>
<li><a
href="eff633c2a2"><code>eff633c</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1567">#1567</a>
from christian-sahlmann/emails-on-push</li>
<li><a
href="cc0d6de381"><code>cc0d6de</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1566">#1566</a>
from Veres72/add_resource_weight_events</li>
<li><a
href="d160433066"><code>d160433</code></a>
Super minor tweak</li>
<li><a
href="1114045cc6"><code>1114045</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/xanzy/go-gitlab/issues/1565">#1565</a>
from vntw/deploy-hook-ref</li>
<li>Additional commits viewable in <a
href="https://github.com/xanzy/go-gitlab/compare/v0.73.1...v0.74.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2.1.28 to 2.1.29.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.1.29 - 26 Oct 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.2. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1320">#1320</a></li>
</ul>
<h2>2.1.28 - 18 Oct 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.1. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1294">#1294</a></li>
<li>Replace uses of GitHub Actions command <code>set-output</code>
because it is now deprecated. See more information in the <a
href="https://github.blog/changelog/2022-10-11-github-actions-deprecating-save-state-and-set-output-commands/">GitHub
Changelog</a>. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1301">#1301</a></li>
</ul>
<h2>2.1.27 - 06 Oct 2022</h2>
<ul>
<li>We are rolling out a feature of the CodeQL Action in October 2022
that changes the way that Go code is analyzed to be more consistent with
other compiled languages like C/C++, C#, and Java. You do not need to
alter your code scanning workflows. If you encounter any problems,
please <a href="https://github.com/github/codeql-action/issues">file an
issue</a> or open a private ticket with GitHub Support and request an
escalation to engineering.</li>
</ul>
<h2>2.1.26 - 29 Sep 2022</h2>
<ul>
<li>Update default CodeQL bundle version to 2.11.0. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1267">#1267</a></li>
</ul>
<h2>2.1.25 - 21 Sep 2022</h2>
<ul>
<li>We will soon be rolling out a feature of the CodeQL Action that
stores some information used to make future runs faster in the GitHub
Actions cache. Initially, this will only be enabled on JavaScript
repositories, but we plan to add more languages to this soon. The new
feature can be disabled by passing the <code>trap-caching: false</code>
option to your workflow's <code>init</code> step, for example if you are
already using the GitHub Actions cache for a different purpose and are
near the storage limit for it.</li>
<li>Add support for Python automatic dependency installation with Poetry
1.2 <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1258">#1258</a>.</li>
</ul>
<h2>2.1.24 - 16 Sep 2022</h2>
<p>No user facing changes.</p>
<h2>2.1.23 - 14 Sep 2022</h2>
<ul>
<li>Allow CodeQL packs to be downloaded from GitHub Enterprise Server
instances, using the new <code>registries</code> input for the
<code>init</code> action. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1221">#1221</a></li>
<li>Update default CodeQL bundle version to 2.10.5. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1240">#1240</a></li>
</ul>
<h2>2.1.22 - 01 Sep 2022</h2>
<ul>
<li>Downloading CodeQL packs has been moved to the <code>init</code>
step. Previously, CodeQL packs were downloaded during the
<code>analyze</code> step. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1218">#1218</a></li>
<li>Update default CodeQL bundle version to 2.10.4. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1224">#1224</a></li>
<li>The newly released <a
href="https://python-poetry.org/blog/announcing-poetry-1.2.0">Poetry
1.2</a> is not yet supported. In the most common case where the CodeQL
Action is automatically installing Python dependencies, it will continue
to install and use Poetry 1.1 on its own. However, in certain cases such
as with self-hosted runners, you may need to ensure Poetry 1.1 is
installed yourself.</li>
</ul>
<h2>2.1.21 - 25 Aug 2022</h2>
<ul>
<li>Improve error messages when the code scanning configuration file
includes an invalid <code>queries</code> block or an invalid
<code>query-filters</code> block. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1208">#1208</a></li>
<li>Fix a bug where Go build tracing could fail on Windows. <a
href="https://github-redirect.dependabot.com/github/codeql-action/pull/1209">#1209</a></li>
</ul>
<h2>2.1.20 - 22 Aug 2022</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec3cf9c605"><code>ec3cf9c</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1323">#1323</a>
from github/update-v2.1.29-4b53723d</li>
<li><a
href="f246f20ec4"><code>f246f20</code></a>
Update changelog for v2.1.29</li>
<li><a
href="4b53723d6b"><code>4b53723</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1320">#1320</a>
from github/edoardo/2.11.2-bump</li>
<li><a
href="de9f112cd1"><code>de9f112</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1318">#1318</a>
from github/aeisenberg/bump-min-version</li>
<li><a
href="f1a4ff53b4"><code>f1a4ff5</code></a>
Bumps the min version for code scanning config in the cli</li>
<li><a
href="624418cb40"><code>624418c</code></a>
Bump default CodeQL version to 2.11.2</li>
<li><a
href="f0a1281661"><code>f0a1281</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1315">#1315</a>
from github/mergeback/v2.1.28-to-main-cc7986c0</li>
<li><a
href="f0b3ef9e9c"><code>f0b3ef9</code></a>
Update checked-in dependencies</li>
<li><a
href="3920e2d8ae"><code>3920e2d</code></a>
Merge pull request <a
href="https://github-redirect.dependabot.com/github/codeql-action/issues/1313">#1313</a>
from github/criemen/ghes-31-deprecation</li>
<li><a
href="be55631a21"><code>be55631</code></a>
Update changelog and version after v2.1.28</li>
<li>Additional commits viewable in <a
href="cc7986c02b...ec3cf9c605">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps golang from `f3e6836` to `e4dcdac`.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from
1.6.0 to 1.6.1.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/spf13/cobra/releases">github.com/spf13/cobra's
releases</a>.</em></p>
<blockquote>
<h2>v1.6.1</h2>
<h3>Bug fixes 🐛</h3>
<ul>
<li>Fixes a panic when <code>AddGroup</code> isn't called before
<code>AddCommand(my-sub-command)</code> is executed. This can happen
within more complex cobra file structures that have many different
<code>init</code>s to be executed. Now, the check for groups has been
moved to <code>ExecuteC</code> and provides more flexibility when
working with grouped commands - <a
href="https://github.com/marckhouzam"><code>@marckhouzam</code></a>
(and shout out to <a
href="https://github.com/aawsome"><code>@aawsome</code></a>, <a
href="https://github.com/andig"><code>@andig</code></a> and <a
href="https://github.com/KINGSABRI"><code>@KINGSABRI</code></a> for a
deep investigation into this! 👏🏼)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b43be995eb"><code>b43be99</code></a>
Check for group presence after full initialization (<a
href="https://github-redirect.dependabot.com/spf13/cobra/issues/1839">#1839</a>)
(<a
href="https://github-redirect.dependabot.com/spf13/cobra/issues/1841">#1841</a>)</li>
<li>See full diff in <a
href="https://github.com/spf13/cobra/compare/v1.6.0...v1.6.1">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
