Spencer Schrock
934f17049c
🌱 configure dependabot to group (most) GitHub actions weekly ( #3655 )
...
actions which influence the build/release process are excluded.
dependabot will send individual updates for those.
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-11-10 01:22:29 +00:00
dependabot[bot]
694d563fe3
🌱 Bump slsa-framework/slsa-verifier from 2.4.0 to 2.4.1 ( #3652 )
...
Bumps [slsa-framework/slsa-verifier](https://github.com/slsa-framework/slsa-verifier ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/slsa-framework/slsa-verifier/releases )
- [Changelog](https://github.com/slsa-framework/slsa-verifier/blob/main/RELEASE.md )
- [Commits](https://github.com/slsa-framework/slsa-verifier/compare/v2.4.0...v2.4.1 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-verifier
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-09 01:34:39 +00:00
dependabot[bot]
5bfe68dbc6
🌱 Bump sigstore/cosign-installer from 3.1.2 to 3.2.0 ( #3651 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.2 to 3.2.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](11086d2504...1fc5bd396d
2023-11-08 17:11:15 -08:00
dependabot[bot]
e123f4c4dc
🌱 Bump tj-actions/changed-files from 39.2.3 to 40.1.1 ( #3657 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.2.3 to 40.1.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](95690f9ece...25ef3926d1
2023-11-09 00:35:13 +00:00
dependabot[bot]
6de7eba753
🌱 Bump kubernetes-sigs/kubebuilder-release-tools ( #3637 )
...
Bumps [kubernetes-sigs/kubebuilder-release-tools](https://github.com/kubernetes-sigs/kubebuilder-release-tools ) from 0.4.0 to 0.4.2.
- [Release notes](https://github.com/kubernetes-sigs/kubebuilder-release-tools/releases )
- [Changelog](https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/RELEASE.md )
- [Commits](d8367c29de...3c3411345e
2023-11-08 15:46:20 -08:00
dependabot[bot]
e12e5376a6
🌱 Bump actions/dependency-review-action from 3.1.0 to 3.1.2 ( #3653 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](6c5ccdad46...fde92acd08
2023-11-08 21:52:02 +00:00
afmarcum
c52a1702de
🌱 Update stale workflow to exempt Structured Results milestone ( #3634 )
...
* 🌱 Update stale workflow to exempt Structured Results milestone
* Removed duplicate line, updated stale-pr-message, and removed custom stale labels
2023-11-01 10:02:20 -07:00
dependabot[bot]
50d246696e
🌱 Bump ossf/scorecard-action from 2.3.0 to 2.3.1 ( #3599 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](483ef80eb9...0864cf1902
2023-10-27 23:44:15 +00:00
Stephen Augustus
b15b47aec3
CODEOWNERS: Support distribution of code reviews via team assignments ( #3620 )
...
Individual maintainer assignments within CODEOWNERS mean that we
cannot take advantage of GitHub code review distribution schemes
for team review assignments.
In this commit, we switch to team assignments within CODEOWNERS.
A common complaint with this approach is that unless you are a part
of the GitHub organization, you will not be able to view a team's
membership/understand who the maintainers of a project are.
To provide visibility into the maintainer list, we've added a
MAINTAINERS.md here as well.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2023-10-27 13:41:58 -07:00
dependabot[bot]
4b8066a3c7
🌱 Bump actions/checkout from 4.1.0 to 4.1.1 ( #3580 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
2023-10-19 22:28:54 +00:00
dependabot[bot]
159c6c8723
🌱 Bump tj-actions/changed-files from 39.2.1 to 39.2.3 ( #3577 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.2.1 to 39.2.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](db153baf73...95690f9ece
2023-10-19 21:16:50 +00:00
dependabot[bot]
16ace558ad
🌱 Bump kubernetes-sigs/kubebuilder-release-tools ( #3553 )
...
Bumps [kubernetes-sigs/kubebuilder-release-tools](https://github.com/kubernetes-sigs/kubebuilder-release-tools ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/kubernetes-sigs/kubebuilder-release-tools/releases )
- [Changelog](https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/RELEASE.md )
- [Commits](4f3d1085b4...d8367c29de
2023-10-12 06:23:36 +00:00
dependabot[bot]
51870877a5
🌱 Bump ossf/scorecard-action from 2.2.0 to 2.3.0 ( #3544 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](08b4669551...483ef80eb9
2023-10-09 10:19:38 -07:00
dependabot[bot]
7a1c8fe25b
🌱 Bump nick-invision/retry from 2.8.3 to 2.9.0 ( #3519 )
...
Bumps [nick-invision/retry](https://github.com/nick-invision/retry ) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/nick-invision/retry/releases )
- [Changelog](https://github.com/nick-fields/retry/blob/master/.releaserc.js )
- [Commits](943e742917...14672906e6
2023-10-03 18:46:27 -07:00
dependabot[bot]
2c25c46ef1
🌱 Bump tj-actions/changed-files from 39.1.2 to 39.2.1 ( #3531 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.1.2 to 39.2.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](4196030939...db153baf73
2023-10-03 21:33:01 +00:00
dependabot[bot]
7161ec1d58
🌱 Bump step-security/harden-runner from 2.5.1 to 2.6.0 ( #3532 )
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](8ca2b8b2ec...1b05615854
2023-10-03 21:17:51 +00:00
Spencer Schrock
6aa3bcc7f5
🌱 Don't close stale issues explicitly ( #3513 )
...
Issues are still getting closed after https://github.com/ossf/scorecard/pull/3493 .
I assume there's a default value being used somewhere.
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-09-25 16:21:30 +00:00
dependabot[bot]
fa31d56694
🌱 Bump actions/checkout from 4.0.0 to 4.1.0 ( #3511 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-25 09:47:00 -04:00
dependabot[bot]
5a5a6561d6
🌱 Bump tj-actions/changed-files from 39.1.0 to 39.1.2 ( #3504 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.1.0 to 39.1.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](8e79ba7ab9...4196030939
2023-09-21 13:31:55 -04:00
afmarcum
893a472548
🌱 workflows/stale: Remove issue auto-close ( #3493 )
2023-09-19 12:32:37 -07:00
dependabot[bot]
ac13ac7c01
🌱 Bump tj-actions/changed-files from 39.0.2 to 39.1.0 ( #3488 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.0.2 to 39.1.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](6ee9cdc581...8e79ba7ab9
2023-09-19 01:54:57 +00:00
dependabot[bot]
84b53a9f65
🌱 Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 ( #3478 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](5fdedb94ab...7ec5c2b0c6
2023-09-18 23:06:45 +00:00
afmarcum
4a0e3fffff
🌱 workflows/stale: Update workflow to increase operations-per-run to process more issues ( #3483 )
...
* Update workflow to increase operations per run to process more issues
* 🌱 workflows/stale: Increased operations-per-run from default and reduced days to close stale issues
2023-09-16 01:08:46 +00:00
dependabot[bot]
0fcf4d9ee1
🌱 Bump tj-actions/changed-files from 39.0.0 to 39.0.2 ( #3470 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.0.0 to 39.0.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](48566bbcc2...6ee9cdc581
2023-09-13 02:23:21 +00:00
dependabot[bot]
8a5467249e
🌱 Bump actions/dependency-review-action from 3.0.8 to 3.1.0 ( #3461 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](f6fff72a32...6c5ccdad46
2023-09-13 02:09:36 +00:00
dependabot[bot]
1bd5b42bb3
🌱 Bump actions/upload-artifact from 3.1.2 to 3.1.3 ( #3459 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b7f8abb15...a8a3f3ad30
2023-09-13 01:57:54 +00:00
dependabot[bot]
d03ca5c9f1
🌱 Bump actions/cache from 3.3.1 to 3.3.2 ( #3463 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](88522ab9f3...704facf57e
2023-09-12 18:49:06 -07:00
afmarcum
ac6ea1101c
🌱 workflows/stale: Update workflow to include issue close action ( #3474 )
...
* Update workflow to include issue close action
* Added message about closing stale issue
2023-09-12 15:22:38 -07:00
dependabot[bot]
11c48cdce0
🌱 Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 ( #3457 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.4.0 to 4.6.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](3fa32b8bb5...5fdedb94ab
2023-09-06 09:15:28 -07:00
afmarcum
418a5e57c3
Removed exempt labels ( #3455 )
...
Co-authored-by: Stephen Augustus <justaugustus@users.noreply.github.com>
2023-09-05 19:19:14 +00:00
dependabot[bot]
afce7626d5
🌱 Bump actions/checkout from 3.6.0 to 4.0.0 ( #3453 )
...
* 🌱 Bump actions/checkout from 3.6.0 to 4.0.0
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...3df4ab11eb
2023-09-05 09:54:22 -07:00
dependabot[bot]
a2495ea865
🌱 Bump tj-actions/changed-files from 38.1.3 to 39.0.0 ( #3452 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 38.1.3 to 39.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](c860b5c47f...48566bbcc2
2023-09-05 03:00:57 +00:00
dependabot[bot]
4186f161d0
🌱 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 ( #3446 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](6e04d228eb...11086d2504
2023-09-04 18:27:45 -07:00
dependabot[bot]
b68ef18c96
🌱 Bump tj-actions/changed-files from 38.0.0 to 38.1.3 ( #3432 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 38.0.0 to 38.1.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](17f3fec1ed...c860b5c47f
2023-08-30 10:50:07 -07:00
dependabot[bot]
df077fdba0
🌱 Bump slsa-framework/slsa-verifier from 2.3.0 to 2.4.0 ( #3431 )
...
Bumps [slsa-framework/slsa-verifier](https://github.com/slsa-framework/slsa-verifier ) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/slsa-framework/slsa-verifier/releases )
- [Changelog](https://github.com/slsa-framework/slsa-verifier/blob/main/RELEASE.md )
- [Commits](https://github.com/slsa-framework/slsa-verifier/compare/v2.3.0...v2.4.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-verifier
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-28 18:46:37 -07:00
dependabot[bot]
730d649ec4
🌱 Bump actions/checkout from 3.5.3 to 3.6.0 ( #3425 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
2023-08-25 09:31:09 -05:00
dependabot[bot]
d6ed8105df
🌱 Bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-23 19:21:12 +00:00
dependabot[bot]
7c97e6445d
🌱 Bump tj-actions/changed-files from 37.6.1 to 38.0.0 ( #3416 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.6.1 to 38.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](a0585ff990...17f3fec1ed
2023-08-23 12:11:55 -07:00
dependabot[bot]
73d4eedc20
🌱 Bump tj-actions/changed-files from 37.6.0 to 37.6.1
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.6.0 to 37.6.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](87697c0dca...a0585ff990
2023-08-17 13:01:28 +00:00
dependabot[bot]
7106d7834f
🌱 Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 ( #3391 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](639cd343e1...3a91952989
2023-08-17 07:48:14 -05:00
dependabot[bot]
454dcc5808
🌱 Bump actions/dependency-review-action from 3.0.7 to 3.0.8 ( #3390 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](7d90b4f05f...f6fff72a32
2023-08-16 05:34:03 -05:00
Spencer Schrock
5ec66fa906
🌱 Migrate to go 1.21 ( #3387 )
...
* Bump dockerfiles to 1.21
* Go minimum version should match our go.mod
* Bump GitHub action go version to 1.21 and ensure all workflows use env variable.
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-08-14 14:32:42 -04:00
dependabot[bot]
72d262b6ef
🌱 Bump actions/dependency-review-action from 3.0.6 to 3.0.7
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1360a344cc...7d90b4f05f
2023-08-11 19:42:45 +00:00
dependabot[bot]
1acccbf86b
🌱 Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 ( #3369 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](336e29918d...3fa32b8bb5
2023-08-11 12:32:16 -07:00
dependabot[bot]
b699c0980a
🌱 Bump step-security/harden-runner from 2.5.0 to 2.5.1 ( #3372 )
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](cba0d00b1f...8ca2b8b2ec
2023-08-11 12:11:10 -07:00
dependabot[bot]
22fb10ccb9
🌱 Bump actions/setup-go from 4.0.1 to 4.1.0 ( #3365 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11
2023-08-09 08:33:20 -05:00
dependabot[bot]
719770cb5b
🌱 Bump tj-actions/changed-files from 37.5.1 to 37.6.0 ( #3355 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.5.1 to 37.6.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](a96679dfee...87697c0dca
2023-08-08 17:53:25 +00:00
dependabot[bot]
f9b8d82363
🌱 Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0 ( #3351 )
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-07 12:52:53 -05:00
dependabot[bot]
633b0fdc83
🌱 Bump tj-actions/changed-files from 37.5.0 to 37.5.1 ( #3331 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.5.0 to 37.5.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](920e7b9ae1...a96679dfee
2023-08-01 08:59:13 -07:00
dependabot[bot]
81717d87b8
🌱 Bump step-security/harden-runner from 2.4.1 to 2.5.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](55d479fb1c...cba0d00b1f
2023-07-25 12:54:45 +00:00
dependabot[bot]
85d5aa2d77
🌱 Bump tj-actions/changed-files from 37.4.0 to 37.5.0 ( #3303 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.4.0 to 37.5.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](de0eba3279...920e7b9ae1
2023-07-25 07:46:24 -05:00
Spencer Schrock
4ac9999462
🌱 Ensure check markdown is kept in sync with source yaml. ( #3300 )
...
* Ensure check markdown is kept in sync with check yaml.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* change generate-docs target to detect changes to docs/checks.md directly.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-24 14:10:13 -07:00
Spencer Schrock
a779588f35
🌱 Add separate cache for long-running tests ( #3293 )
...
* Add separate cache for unit tests.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* share cache with gitlab tests too.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* share cache with github integration tests.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* explicitly download modules in unit test job
Signed-off-by: Spencer Schrock <sschrock@google.com>
* checkout needs to be before the go.mod is read.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* checkout needs to be before the go.sum files are hashed.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-21 14:46:49 -07:00
Spencer Schrock
67e3f7567f
🌱 Consolidate GitLab e2e workflows. ( #3278 )
...
* Move gitlab to different workflow to parallelize.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Add missing versions.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-21 11:13:33 -07:00
Spencer Schrock
d52897036f
🌱 Fix hanging docker jobs for doc only changes. ( #3292 )
...
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-21 17:20:51 +00:00
Spencer Schrock
2255c88656
🌱 Use a matrix for when building binaries in main.yml ( #3291 )
...
* Use matrix for build jobs.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* These build targets dont seem to need protoc.
This lets us save the API quota.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-21 09:32:54 -07:00
Spencer Schrock
be7c032020
🌱 Use a matrix for docker image building ( #3290 )
...
* working matrix.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Remove unneeded env vars. Add comments.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* minor syntax change.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-20 19:03:18 -07:00
dependabot[bot]
f83d2ec396
🌱 Bump tj-actions/changed-files from 37.3.0 to 37.4.0
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.3.0 to 37.4.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](39283171ce...de0eba3279
2023-07-20 20:22:10 +00:00
Spencer Schrock
2a7344bce3
🌱 Include attestor Dockerfile in CI and dependabot updates ( #3285 )
...
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-20 13:00:51 -07:00
dependabot[bot]
c299c00ea5
🌱 Bump tj-actions/changed-files from 37.1.2 to 37.3.0 ( #3280 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.1.2 to 37.3.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](2a968ff601...39283171ce
2023-07-19 10:37:45 -05:00
Spencer Schrock
7cc6482680
🌱 Delete unused project-update functionality. ( #3269 )
...
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-18 21:58:19 +00:00
Naveen
4d85d8f1cc
🌱 Excluded dependabot from codecov ( #3272 )
...
- Exclude dependabot from codecov job in main.yml
[.github/workflows/main.yml]
- Exclude dependabot from codecov job
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-07-17 17:09:15 +00:00
dependabot[bot]
9545d797fc
🌱 Bump tj-actions/changed-files from 37.1.1 to 37.1.2 ( #3266 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.1.1 to 37.1.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](1f20fb83f0...2a968ff601
2023-07-16 17:46:25 +00:00
dependabot[bot]
7753d7d8c3
🌱 Bump tj-actions/changed-files from 37.1.0 to 37.1.1 ( #3259 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.1.0 to 37.1.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](87e23c4c79...1f20fb83f0
2023-07-11 08:13:42 -05:00
dependabot[bot]
abcf148cb9
🌱 Bump tj-actions/changed-files from 37.0.5 to 37.1.0 ( #3253 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.0.5 to 37.1.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](54849deb96...87e23c4c79
2023-07-10 12:07:18 -05:00
Spencer Schrock
271f0f2a27
🌱 Linter workflow cleanup ( #3247 )
...
* Fix linter timeout by renaming deprecated deadline.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Disable depguard linter.
As of golangci-lint v3.5.0, the depguard linter is complaining. We don't use a .depguard.yml file, so just disabling the linter.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Move linter into own workflow.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Fix bash command substitution.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Add harden runner.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* switch names to existing linter job
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Update golangci-lint to v1.53.3
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-07 16:03:29 -04:00
dependabot[bot]
15b9046188
🌱 Bump tj-actions/changed-files from 37.0.4 to 37.0.5 ( #3239 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.0.4 to 37.0.5.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](bb3376162b...54849deb96
2023-06-30 08:10:26 -05:00
dependabot[bot]
b2bc681a00
🌱 Bump sigstore/cosign-installer from 3.0.5 to 3.1.1
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.5 to 3.1.1.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](dd6b2e2b61...6e04d228eb
2023-06-28 17:05:18 +00:00
dependabot[bot]
0a39e0b352
🌱 Bump tj-actions/changed-files from 37.0.3 to 37.0.4 ( #3228 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.0.3 to 37.0.4.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](ec1e14cf27...bb3376162b
2023-06-28 11:53:59 -05:00
dependabot[bot]
cf2e0667af
🌱 Bump tj-actions/changed-files from 36.4.1 to 37.0.3
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.4.1 to 37.0.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](54479c37f5...ec1e14cf27
2023-06-26 16:37:27 +00:00
dependabot[bot]
a912722ae9
🌱 Bump ossf/scorecard-action from 2.1.3 to 2.2.0 ( #3212 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.1.3 to 2.2.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](80e868c13c...08b4669551
2023-06-26 11:14:24 -05:00
dependabot[bot]
8788f114a0
🌱 Bump tj-actions/changed-files from 36.4.0 to 36.4.1
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.4.0 to 36.4.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](e1754a427f...54479c37f5
2023-06-21 09:20:04 +00:00
dependabot[bot]
119acffec7
🌱 Bump step-security/harden-runner from 2.4.0 to 2.4.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](128a63446a...55d479fb1c
2023-06-21 09:07:21 +00:00
dependabot[bot]
77919b0418
🌱 Bump tj-actions/changed-files from 36.2.1 to 36.4.0 ( #3175 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.2.1 to 36.4.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](c9124514c3...e1754a427f
2023-06-18 14:50:58 +00:00
dependabot[bot]
f928748c0e
🌱 Bump tj-actions/changed-files from 36.1.0 to 36.2.1 ( #3169 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.1.0 to 36.2.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](fb20f4d248...c9124514c3
2023-06-15 15:02:13 +00:00
dependabot[bot]
1336d9481c
🌱 Bump goreleaser/goreleaser-action from 4.2.0 to 4.3.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](f82d6c1c34...336e29918d
2023-06-13 22:20:55 +00:00
dependabot[bot]
d5ed41db02
🌱 Bump actions/checkout from 3.5.2 to 3.5.3 ( #3148 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.2 to 3.5.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e5e7e5ab8...c85c95e3d7
2023-06-13 18:06:39 +00:00
dependabot[bot]
9dee205a3c
🌱 Bump github/codeql-action from 2.3.6 to 2.13.4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.6 to 2.13.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](83f0fe6c49...cdcdbb5797
2023-06-13 09:07:07 +00:00
dependabot[bot]
0d84edf76a
🌱 Bump tj-actions/changed-files from 36.0.18 to 36.1.0 ( #3143 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.0.18 to 36.1.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](07e0177b72...fb20f4d248
2023-06-09 10:54:18 -05:00
dependabot[bot]
2734a0c841
🌱 Bump slsa-framework/slsa-github-generator from 1.6.0 to 1.7.0 ( #3139 )
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-08 18:02:42 +00:00
dependabot[bot]
cf103dea9e
🌱 Bump tj-actions/changed-files from 36.0.15 to 36.0.18
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.0.15 to 36.0.18.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](5d2fcdb4cb...07e0177b72
2023-06-08 09:07:58 +00:00
Raghav Kaul
fdfe2b9b9e
Don't run pat e2e on dependabot merges ( #3119 )
...
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2023-06-03 17:42:08 -05:00
dependabot[bot]
7772314743
🌱 Bump tj-actions/changed-files from 36.0.12 to 36.0.15 ( #3116 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.0.12 to 36.0.15.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](5978e5a2df...5d2fcdb4cb
2023-06-02 11:45:25 -05:00
dependabot[bot]
14c8ade533
🌱 Bump github/codeql-action from 2.3.5 to 2.3.6 ( #3112 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.5 to 2.3.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0225834cc5...83f0fe6c49
2023-06-02 11:31:52 -05:00
dependabot[bot]
3c400c7dd6
🌱 Bump tj-actions/changed-files from 36.0.9 to 36.0.12 ( #3108 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.0.9 to 36.0.12.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](cf4fe8759a...5978e5a2df
2023-06-01 12:24:28 -05:00
dependabot[bot]
d5c80c933f
🌱 Bump actions/dependency-review-action from 3.0.4 to 3.0.6 ( #3104 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.4 to 3.0.6.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](f46c48ed6d...1360a344cc
2023-06-01 11:13:10 -05:00
dependabot[bot]
dc7350546e
🌱 Bump tj-actions/changed-files from 36.0.3 to 36.0.9 ( #3088 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 36.0.3 to 36.0.9.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](25eaddf37a...cf4fe8759a
2023-05-30 16:15:44 +00:00
dependabot[bot]
7406bcb85e
🌱 Bump arduino/setup-protoc from 1.2.0 to 1.3.0 ( #3089 )
...
Bumps [arduino/setup-protoc](https://github.com/arduino/setup-protoc ) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/arduino/setup-protoc/releases )
- [Commits](4b3578161e...149f6c87b9
2023-05-30 11:00:09 -05:00
dependabot[bot]
e82a1aea5c
🌱 Bump tj-actions/changed-files from 35.9.2 to 36.0.3 ( #3071 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 35.9.2 to 36.0.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](b2d17f5124...25eaddf37a
2023-05-26 11:02:36 +00:00
dependabot[bot]
17cf8d0dd8
🌱 Bump github/codeql-action from 2.3.4 to 2.3.5 ( #3072 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.4 to 2.3.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f0e3dfb303...0225834cc5
2023-05-26 05:48:23 -05:00
dependabot[bot]
e0ac01d9ec
🌱 Bump github/codeql-action from 2.3.3 to 2.3.4 ( #3064 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.3.3 to 2.3.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](29b1f65c5e...f0e3dfb303
2023-05-25 09:05:06 -05:00
Spencer Schrock
68c23e166d
🌱 Simplify caching in docker workflow ( #3061 )
...
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-05-24 22:46:04 +00:00
Spencer Schrock
30fd0ca413
only run e2e pat on push ( #3056 )
...
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-05-24 10:00:49 -05:00
Naveen
e0a6d1544b
Update main.yml ( #3054 )
...
-Fixed the YAML indenting issue.
Signed-off-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2023-05-23 18:36:26 +00:00
Naveen
c631ebd7fb
🌱 Run E2E PAT test for push to main ( #3046 )
...
- Add E2E PAT tests for push to main.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-05-23 12:53:57 -05:00
dependabot[bot]
73c145c5e8
🌱 Bump arduino/setup-protoc from 1.1.2 to 1.2.0
...
Bumps [arduino/setup-protoc](https://github.com/arduino/setup-protoc ) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/arduino/setup-protoc/releases )
- [Commits](64c0c85d18...4b3578161e
2023-05-18 19:47:41 +00:00
dependabot[bot]
682f274d53
🌱 Bump sigstore/cosign-installer from 3.0.4 to 3.0.5 ( #3029 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.4 to 3.0.5.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](03d0fecf17...dd6b2e2b61
2023-05-18 19:32:37 +00:00
Naveen
a3a133181a
🌱 Included e2e tests for push to main ( #2951 )
...
- Update trigger for integration tests to enable running on `push` and `pull_request` on the `main` branch
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-05-17 16:27:22 +00:00
dependabot[bot]
2113975043
🌱 Bump sigstore/cosign-installer from 3.0.3 to 3.0.4
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.0.3 to 3.0.4.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](204a51a57a...03d0fecf17
2023-05-17 15:02:24 +00:00
dependabot[bot]
4048d22622
🌱 Bump codecov/codecov-action from 3.1.3 to 3.1.4
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md )
- [Commits](894ff025c7...eaaf4bedf3
2023-05-16 15:45:44 +00:00
