goreleaser

mirror of https://github.com/goreleaser/goreleaser.git synced 2025-01-20 03:59:26 +02:00

Go to file

dependabot[bot] d371145f89

chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 (#3983 )

Bumps [github/codeql-action](https://github.com/github/codeql-action)
from 2.3.2 to 2.3.3.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>2.3.3 - 04 May 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.1. <a
href="https://redirect.github.com/github/codeql-action/pull/1664">#1664</a></li>
<li>You can now configure CodeQL within your code scanning workflow by
passing a <code>config</code> input to the <code>init</code> Action. See
<a href="https://aka.ms/code-scanning-docs/config-file">Using a custom
configuration file</a> for more information about configuring code
scanning. <a
href="https://redirect.github.com/github/codeql-action/pull/1590">#1590</a></li>
</ul>
<h2>2.3.2 - 27 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.1 - 26 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.3.0 - 21 Apr 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.13.0. <a
href="https://redirect.github.com/github/codeql-action/pull/1649">#1649</a></li>
<li>Bump the minimum CodeQL bundle version to 2.8.5. <a
href="https://redirect.github.com/github/codeql-action/pull/1618">#1618</a></li>
</ul>
<h2>2.2.12 - 13 Apr 2023</h2>
<ul>
<li>Include the value of the <code>GITHUB_RUN_ATTEMPT</code> environment
variable in the telemetry sent to GitHub. <a
href="https://redirect.github.com/github/codeql-action/pull/1640">#1640</a></li>
<li>Improve the ease of debugging failed runs configured using <a
href="https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning-for-a-repository#configuring-code-scanning-automatically">default
setup</a>. The CodeQL Action will now upload diagnostic information to
Code Scanning from failed runs configured using default setup. You can
view this diagnostic information on the <a
href="https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-the-tool-status-page">tool
status page</a>. <a
href="https://redirect.github.com/github/codeql-action/pull/1619">#1619</a></li>
</ul>
<h2>2.2.11 - 06 Apr 2023</h2>
<p>No user facing changes.</p>
<h2>2.2.10 - 05 Apr 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.6. <a
href="https://redirect.github.com/github/codeql-action/pull/1629">#1629</a></li>
</ul>
<h2>2.2.9 - 27 Mar 2023</h2>
<ul>
<li>Customers post-processing the SARIF output of the
<code>analyze</code> Action before uploading it to Code Scanning will
benefit from an improved debugging experience. <a
href="https://redirect.github.com/github/codeql-action/pull/1598">#1598</a>
<ul>
<li>The CodeQL Action will now upload a SARIF file with debugging
information to Code Scanning on failed runs for customers using
<code>upload: false</code>. Previously, this was only available for
customers using the default value of the <code>upload</code> input.</li>
<li>The <code>upload</code> input to the <code>analyze</code> Action now
accepts the following values:
<ul>
<li><code>always</code> is the default value, which uploads the SARIF
file to Code Scanning for successful and failed runs.</li>
<li><code>failure-only</code> is recommended for customers
post-processing the SARIF file before uploading it to Code Scanning.
This option uploads debugging information to Code Scanning for failed
runs to improve the debugging experience.</li>
<li><code>never</code> avoids uploading the SARIF file to Code Scanning
even if the code scanning run fails. This is not recommended for
external users since it complicates debugging.</li>
<li>The legacy <code>true</code> and <code>false</code> options will be
interpreted as <code>always</code> and <code>failure-only</code>
respectively.</li>
</ul>
</li>
</ul>
</li>
</ul>
<h2>2.2.8 - 22 Mar 2023</h2>
<ul>
<li>Update default CodeQL bundle version to 2.12.5. <a
href="https://redirect.github.com/github/codeql-action/pull/1585">#1585</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="29b1f65c5e"><code>29b1f65</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1669">#1669</a>
from github/update-v2.3.3-318bcc7f8</li>
<li><a
href="140500d80a"><code>140500d</code></a>
Update changelog for v2.3.3</li>
<li><a
href="318bcc7f84"><code>318bcc7</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1664">#1664</a>
from github/update-bundle/codeql-bundle-20230428</li>
<li><a
href="f72bf5dfb3"><code>f72bf5d</code></a>
Fix workflow formatting</li>
<li><a
href="33461954a5"><code>3346195</code></a>
Merge branch 'main' into update-bundle/codeql-bundle-20230428</li>
<li><a
href="8ca5570701"><code>8ca5570</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1666">#1666</a>
from github/aeisenberg/readme-update</li>
<li><a
href="b1b3d00b62"><code>b1b3d00</code></a>
Add link to changenote for custom config</li>
<li><a
href="d2f6dfd52d"><code>d2f6dfd</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/1665">#1665</a>
from github/aeisenberg/config-param</li>
<li><a
href="cba5616040"><code>cba5616</code></a>
Update CHANGELOG.md</li>
<li><a
href="40c95932fe"><code>40c9593</code></a>
Add changelog note</li>
<li>Additional commits viewable in <a
href="f3feb00acb...29b1f65c5e">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github/codeql-action&package-manager=github_actions&previous-version=2.3.2&new-version=2.3.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

2023-05-05 10:10:43 -03:00

.github

chore(deps): bump github/codeql-action from 2.3.2 to 2.3.3 (#3983 )

2023-05-05 10:10:43 -03:00

cmd

feat: allow to goreleaser check multiple files (#3980 )

2023-05-03 23:28:55 -03:00

internal

fix: typo in a brew error message

2023-05-02 12:18:36 +00:00

pkg

feat: IsGitDirty template variable (#3967 )

2023-05-02 01:04:18 -03:00

scripts

docs: fix releases.json

2023-01-02 15:16:33 -03:00

testdata/TestVersion

feat: new --version output (#3962 )

2023-04-30 14:19:55 -03:00

www

chore: docs releases json auto-update

2023-05-05 04:52:44 +00:00

.editorconfig

feat: arch user repository integration (#2838 )

2022-01-20 14:59:39 -03:00

.gitattributes

docs: improve build (#3674 )

2022-12-29 14:55:45 -03:00

.gitignore

docs: improve build (#3674 )

2022-12-29 14:55:45 -03:00

.gitleaks.toml

fix: run gitleaks and grype on prs (#3332 )

2022-08-21 15:20:31 -03:00

.golangci.yaml

build: use go1.20 (#3757 )

2023-02-05 13:39:39 -03:00

.goreleaser.yaml

fix: disable upx for now

2023-05-05 04:26:12 +00:00

.grype.yaml

fix(grype): ignore unfixed vulns

2022-08-21 15:36:37 -03:00

.mailmap

chore: update mailmap

2022-10-31 16:06:50 -03:00

art.txt

feat: new --version output (#3962 )

2023-04-30 14:19:55 -03:00

CONTRIBUTING.md

build: use go1.20 (#3757 )

2023-02-05 13:39:39 -03:00

Dockerfile

feat(deps): bump golang from 1.20.3-alpine to 1.20.4-alpine (#3976 )

2023-05-03 09:53:08 -03:00

EULA.md

docs: make co-marketing more strict on eula (#3583 )

2022-11-22 23:54:11 -03:00

go.mod

chore: go mod tidy

2023-05-04 02:33:35 +00:00

go.sum

feat(deps): bump github.com/sigstore/rekor from 1.0.1 to 1.1.1 (#3979 )

2023-05-03 23:11:29 -03:00

LICENSE.md

docs: update license year

2022-02-08 14:21:36 -03:00

main_test.go

test: force constant goversion et al on tests

2023-05-03 18:00:13 +00:00

main.go

fix: pass tree state as ldflag (#3968 )

2023-05-02 01:04:48 -03:00

README.md

docs: fix README badge (#3652 )

2022-12-20 16:09:19 -03:00

SECURITY.md

docs: update email addresses

2022-05-18 12:12:42 -03:00

Taskfile.yml

build: increase release timeout (#3734 )

2023-01-30 23:07:12 -03:00

USERS.md

docs: update USERS.md (#3921 )

2023-04-10 08:54:26 -03:00

README.md

GoReleaser Logo

GoReleaser

Deliver Go binaries as fast and easily as possible.

GoReleaser builds Go binaries for several platforms, creates a GitHub release and then pushes a Homebrew formula to a tap repository. All that wrapped in your favorite CI.

Get GoReleaser

Documentation

Documentation is hosted live at https://goreleaser.com

Community

You have questions, need support and or just want to talk about GoReleaser?

Here are ways to get in touch with the GoReleaser community:

You can find the links above and all others here.

Code of Conduct

This project adheres to the Contributor Covenant code of conduct. By participating, you are expected to uphold this code. We appreciate your contribution. Please refer to our contributing guidelines for further information.