dependabot[bot]
9fecf631c9
🌱 Bump github.com/rhysd/actionlint from 1.6.13 to 1.6.15 ( #2012 )
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.13 to 1.6.15.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.13...v1.6.15 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-11 02:43:08 +00:00
dependabot[bot]
6a84f974d5
🌱 Bump cloud.google.com/go/bigquery from 1.32.0 to 1.34.1 ( #2006 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.32.0 to 1.34.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.32.0...bigquery/v1.34.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-06 15:53:29 -05:00
dependabot[bot]
2fb4093a26
🌱 Bump cloud.google.com/go/pubsub from 1.21.1 to 1.23.1 ( #2014 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.21.1 to 1.23.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.21.1...pubsub/v1.23.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-07-05 09:14:11 -05:00
laurentsimon
4bd3391a36
✨ Raw results for Pinned-Dependencies ( #1932 )
...
* backup
* update
* update
* draft
* updates
* updates
* updates
* updates
* fix
* linter
* updates
* updates
* updates
* updates
* updates
* updates
* updates
* linter
* comments
* linter
* linter
* tests
* updates
* updates
* tests
2022-06-06 14:31:22 -07:00
laurentsimon
608da94aaf
✨ Raw results for Packaging check ( #1913 )
...
* update
* update
* update
* update
* update
* update
* update
* updates
* update
* update
* update
* update
* update
* update
* comments
2022-06-01 16:41:20 +00:00
dependabot[bot]
d435e94367
🌱 Bump github.com/caarlos0/env/v6 from 6.9.2 to 6.9.3
...
Bumps [github.com/caarlos0/env/v6](https://github.com/caarlos0/env ) from 6.9.2 to 6.9.3.
- [Release notes](https://github.com/caarlos0/env/releases )
- [Changelog](https://github.com/caarlos0/env/blob/main/.goreleaser.yml )
- [Commits](https://github.com/caarlos0/env/compare/v6.9.2...v6.9.3 )
---
updated-dependencies:
- dependency-name: github.com/caarlos0/env/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-31 11:35:07 +00:00
dependabot[bot]
f8ab8d0282
🌱 Bump github.com/jszwec/csvutil from 1.6.0 to 1.7.0
...
Bumps [github.com/jszwec/csvutil](https://github.com/jszwec/csvutil ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/jszwec/csvutil/releases )
- [Commits](https://github.com/jszwec/csvutil/compare/v1.6.0...v1.7.0 )
---
updated-dependencies:
- dependency-name: github.com/jszwec/csvutil
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-27 15:44:07 +00:00
dependabot[bot]
950ff1f9e8
🌱 Bump mvdan.cc/sh/v3 from 3.5.0 to 3.5.1
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.5.0 to 3.5.1.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.5.0...v3.5.1 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-25 18:50:29 +00:00
dependabot[bot]
2d72623a6c
🌱 Bump github.com/rhysd/actionlint from 1.6.12 to 1.6.13
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.12 to 1.6.13.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.12...v1.6.13 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-22 13:49:42 +00:00
dependabot[bot]
c0178f953c
🌱 Bump github.com/google/go-containerregistry
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.8.0...v0.9.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-19 13:30:10 +00:00
dependabot[bot]
f0481647dd
🌱 Bump github.com/caarlos0/env/v6 from 6.9.1 to 6.9.2
...
Bumps [github.com/caarlos0/env/v6](https://github.com/caarlos0/env ) from 6.9.1 to 6.9.2.
- [Release notes](https://github.com/caarlos0/env/releases )
- [Changelog](https://github.com/caarlos0/env/blob/main/.goreleaser.yml )
- [Commits](https://github.com/caarlos0/env/compare/v6.9.1...v6.9.2 )
---
updated-dependencies:
- dependency-name: github.com/caarlos0/env/v6
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-12 17:13:16 +00:00
dependabot[bot]
74f521fcf2
🌱 Bump mvdan.cc/sh/v3 from 3.4.3 to 3.5.0
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.4.3 to 3.5.0.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.4.3...v3.5.0 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-12 14:43:48 +00:00
dependabot[bot]
2fc6fbb196
🌱 Bump cloud.google.com/go/bigquery from 1.31.0 to 1.32.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.31.0 to 1.32.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.31.0...spanner/v1.32.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-11 08:47:39 -05:00
Romain Dauby
804127f46a
Upgrade to buildkit 0.10.3
2022-05-10 10:55:48 -05:00
dependabot[bot]
f779fb8761
🌱 Bump cloud.google.com/go/pubsub from 1.21.0 to 1.21.1
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.21.0 to 1.21.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.21.0...pubsub/v1.21.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-05-05 08:09:14 -05:00
dependabot[bot]
2b68f38d16
🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.3 to 2.1.4
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.1.3 to 2.1.4.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.1.3...v2.1.4 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-27 15:44:39 +00:00
dependabot[bot]
3a9f011398
🌱 Bump github.com/google/go-cmp from 0.5.7 to 0.5.8
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.7 to 0.5.8.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.7...v0.5.8 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-27 15:20:00 +00:00
dependabot[bot]
a598b2ae78
🌱 Bump cloud.google.com/go/pubsub from 1.20.0 to 1.21.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.20.0 to 1.21.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.20.0...pubsub/v1.21.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-27 14:39:07 +00:00
dependabot[bot]
72e248694d
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.11 to 0.13.12.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.11...v0.13.12 )
---
updated-dependencies:
- dependency-name: contrib.go.opencensus.io/exporter/stackdriver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-20 09:01:35 -05:00
naveensrinivasan
6ed6c9b70e
🌱 Publish images with ko
...
- Publish images with ko
https://github.com/ossf/scorecard/issues/744
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-18 10:40:05 -05:00
laurentsimon
f99e1a1552
✨ Schema for BQ table for raw results ( #1762 )
...
* Fix schemas
* updates
* updates
* Schema for BQ table of raw result
* update
* updates
* create utility function only
* update
* updates
* updates
* manifest
2022-04-15 16:35:01 +00:00
dependabot[bot]
9532e55ee9
🌱 Bump github.com/rhysd/actionlint from 1.6.11 to 1.6.12
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.11 to 1.6.12.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.11...v1.6.12 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-15 09:13:27 -05:00
dependabot[bot]
ebf0d10c33
🌱 Bump cloud.google.com/go/bigquery from 1.30.2 to 1.31.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.30.2 to 1.31.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/bigquery/v1.30.2...spanner/v1.31.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-14 09:00:34 -05:00
dependabot[bot]
a46313ca8a
🌱 Bump cloud.google.com/go/pubsub from 1.19.0 to 1.20.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.19.0 to 1.20.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.19.0...pubsub/v1.20.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-12 08:50:47 -05:00
dependabot[bot]
b6575a2731
🌱 Bump github.com/rhysd/actionlint from 1.6.10 to 1.6.11
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.10 to 1.6.11.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.10...v1.6.11 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-07 14:38:43 +00:00
dependabot[bot]
8bc0fe5e83
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.10 to 0.13.11.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.10...v0.13.11 )
---
updated-dependencies:
- dependency-name: contrib.go.opencensus.io/exporter/stackdriver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-07 13:45:47 +00:00
dependabot[bot]
606f28ad25
🌱 Bump sigs.k8s.io/release-utils from 0.5.0 to 0.6.0
...
Bumps [sigs.k8s.io/release-utils](https://github.com/kubernetes-sigs/release-utils ) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/kubernetes-sigs/release-utils/releases )
- [Commits](https://github.com/kubernetes-sigs/release-utils/compare/v0.5.0...v0.6.0 )
---
updated-dependencies:
- dependency-name: sigs.k8s.io/release-utils
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-05 21:36:00 +00:00
dependabot[bot]
b42a175784
🌱 Bump gocloud.dev from 0.24.0 to 0.25.0
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.24.0 to 0.25.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.24.0...v0.25.0 )
---
updated-dependencies:
- dependency-name: gocloud.dev
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-04-04 09:51:38 -05:00
dependabot[bot]
d10ac0dbb0
🌱 Bump cloud.google.com/go/bigquery from 1.30.1 to 1.30.2
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.30.1 to 1.30.2.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.30.1...bigquery/v1.30.2 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-31 05:02:41 -05:00
dependabot[bot]
389078c5d8
🌱 Bump cloud.google.com/go/bigquery from 1.30.0 to 1.30.1
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.30.0 to 1.30.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.30.0...spanner/v1.30.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-30 08:35:38 -05:00
dependabot[bot]
49564838f9
🌱 Bump github.com/onsi/gomega from 1.18.1 to 1.19.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.18.1 to 1.19.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.18.1...v1.19.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-29 22:15:55 +00:00
dependabot[bot]
0a82d2b425
🌱 Bump google.golang.org/protobuf from 1.27.1 to 1.28.0
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.27.1 to 1.28.0.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.27.1...v1.28.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-23 00:49:24 +00:00
dependabot[bot]
8f6df49de8
🌱 Bump github.com/go-logr/logr from 1.2.2 to 1.2.3
...
Bumps [github.com/go-logr/logr](https://github.com/go-logr/logr ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/go-logr/logr/releases )
- [Changelog](https://github.com/go-logr/logr/blob/master/CHANGELOG.md )
- [Commits](https://github.com/go-logr/logr/compare/v1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: github.com/go-logr/logr
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-18 09:06:22 -05:00
dependabot[bot]
a496d8ca87
🌱 Bump cloud.google.com/go/bigquery from 1.29.0 to 1.30.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.29.0 to 1.30.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.29.0...spanner/v1.30.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-17 12:01:45 -05:00
dependabot[bot]
3f73d69acd
🌱 Bump github.com/rhysd/actionlint from 1.6.9 to 1.6.10
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.9 to 1.6.10.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.9...v1.6.10 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-14 06:32:30 -05:00
dependabot[bot]
f2a132a430
🌱 Bump github.com/spf13/cobra from 1.3.0 to 1.4.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-11 09:29:05 -06:00
dependabot[bot]
eb258163ea
🌱 Bump cloud.google.com/go/pubsub from 1.18.0 to 1.19.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.18.0...pubsub/v1.19.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-08 06:02:44 -05:00
dependabot[bot]
57b4664c71
🌱 Bump cloud.google.com/go/bigquery from 1.28.0 to 1.29.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.28.0 to 1.29.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.28.0...spanner/v1.29.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-03-03 07:10:50 -06:00
Stephen Augustus (he/him)
84cdc8cbec
✨ cmd: Refactor to make importable ( #1696 )
...
* cmd: Refactor to make importable
* options: Add support for parsing via environment variables
* options: Support setting feature flags via option
* cmd: Replace `version` with sigs.k8s.io/release-utils/version
* cmd: Move option validation into pre-run function
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2022-03-01 21:18:44 -08:00
dependabot[bot]
4c82c29552
🌱 Bump github.com/rhysd/actionlint from 1.6.8 to 1.6.9
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.8 to 1.6.9.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.8...v1.6.9 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-02-25 08:25:57 -06:00
Naveen
faeae4121e
🌱 Fixes the vulnerability GHSA-qq97-vm5h-rrhg ( #1672 )
...
- Fixed the vulnerability GHSA-qq97-vm5h-rrhg by using replace
directives.
2022-02-23 07:41:05 -08:00
dependabot[bot]
e5b62b524e
🌱 Bump mvdan.cc/sh/v3 from 3.4.2 to 3.4.3 ( #1665 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.4.2 to 3.4.3.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.4.2...v3.4.3 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-21 04:24:58 -05:00
dependabot[bot]
e6f6c56d34
🌱 Bump github.com/onsi/ginkgo/v2 from 2.0.0 to 2.1.3
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.0.0 to 2.1.3.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.0.0...v2.1.3 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-02-16 08:36:38 -06:00
Azeem Shaikh
de5224bbc5
Update e2e tests ( #1641 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2022-02-15 19:27:45 +00:00
dependabot[bot]
e3637c9e17
🌱 Bump cloud.google.com/go/bigquery from 1.27.0 to 1.28.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.27.0 to 1.28.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.27.0...spanner/v1.28.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-02-15 06:21:45 -06:00
dependabot[bot]
368c105abe
🌱 Bump cloud.google.com/go/pubsub from 1.17.0 to 1.18.0 ( #1616 )
2022-02-09 09:34:53 +00:00
dependabot[bot]
b4eec8ed94
🌱 Bump github.com/onsi/gomega from 1.18.0 to 1.18.1
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.18.0 to 1.18.1.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.18.0...v1.18.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-28 08:42:09 +00:00
dependabot[bot]
d2d9ff4b9d
🌱 Bump golang.org/x/tools from 0.1.8 to 0.1.9
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.8 to 0.1.9.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.8...v0.1.9 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-27 01:06:45 +00:00
Stephen Augustus (he/him)
41adfe7f34
⚠️ log: Initial logr
/logrusr
implementation ( #1516 )
...
* log: Initial logr/logrusr implementation
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* log: Update references to `log.Logger`
Signed-off-by: Stephen Augustus <foo@auggie.dev>
* go.mod: Minor reorganization of `replace`s
...to prevent automatic updates from getting added to the smaller
section.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2022-01-25 11:17:46 -06:00
dependabot[bot]
da116d3b25
🌱 Bump cloud.google.com/go/bigquery from 1.26.0 to 1.27.0
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.26.0...spanner/v1.27.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-25 10:11:08 -06:00
dependabot[bot]
5b9857650f
🌱 Bump github.com/onsi/gomega from 1.17.0 to 1.18.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.17.0 to 1.18.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.17.0...v1.18.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-24 07:03:31 -06:00
Stephen Augustus (he/him)
0d76deace2
go.mod: Update github.com/google/go-containerregistry to v0.8.0 ( #1506 )
...
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2022-01-20 19:44:13 -08:00
dependabot[bot]
5777826e57
🌱 Bump github.com/google/go-cmp from 0.5.6 to 0.5.7
...
Bumps [github.com/google/go-cmp](https://github.com/google/go-cmp ) from 0.5.6 to 0.5.7.
- [Release notes](https://github.com/google/go-cmp/releases )
- [Commits](https://github.com/google/go-cmp/compare/v0.5.6...v0.5.7 )
---
updated-dependencies:
- dependency-name: github.com/google/go-cmp
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-20 11:18:48 -06:00
dependabot[bot]
b1fec4d1fd
🌱 Bump github.com/bradleyfalzon/ghinstallation/v2
...
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation ) from 2.0.3 to 2.0.4.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases )
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.0.3...v2.0.4 )
---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-13 19:15:52 -06:00
dependabot[bot]
cf063194bc
🌱 Bump mvdan.cc/sh/v3 from 3.4.0 to 3.4.2
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.4.0 to 3.4.2.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/v3.4.2/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.4.0...v3.4.2 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 16:19:11 -06:00
dependabot[bot]
a72accca81
🌱 Bump github.com/h2non/filetype from 1.1.1 to 1.1.3
...
Bumps [github.com/h2non/filetype](https://github.com/h2non/filetype ) from 1.1.1 to 1.1.3.
- [Release notes](https://github.com/h2non/filetype/releases )
- [Changelog](https://github.com/h2non/filetype/blob/master/History.md )
- [Commits](https://github.com/h2non/filetype/compare/v1.1.1...v1.1.3 )
---
updated-dependencies:
- dependency-name: github.com/h2non/filetype
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 12:48:03 -06:00
dependabot[bot]
bdeb8e7b5f
🌱 Bump github.com/spf13/cobra from 1.2.1 to 1.3.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.1 to 1.3.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.1...v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 12:21:09 -06:00
dependabot[bot]
17e1541e77
🌱 Bump go.uber.org/zap from 1.19.1 to 1.20.0 ( #1464 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.19.1 to 1.20.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.19.1...v1.20.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2022-01-11 17:55:48 +00:00
dependabot[bot]
98e5aad777
🌱 Bump cloud.google.com/go/bigquery from 1.24.0 to 1.26.0 ( #1459 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.24.0 to 1.26.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.24.0...spanner/v1.26.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-11 09:24:40 -08:00
dependabot[bot]
b3bca5ccb8
🌱 Bump golang.org/x/tools from 0.1.7 to 0.1.8
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.7 to 0.1.8.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.7...v0.1.8 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 10:30:09 -06:00
dependabot[bot]
167f2cfbcc
🌱 Bump github.com/jszwec/csvutil from 1.5.1 to 1.6.0
...
Bumps [github.com/jszwec/csvutil](https://github.com/jszwec/csvutil ) from 1.5.1 to 1.6.0.
- [Release notes](https://github.com/jszwec/csvutil/releases )
- [Commits](https://github.com/jszwec/csvutil/compare/v1.5.1...v1.6.0 )
---
updated-dependencies:
- dependency-name: github.com/jszwec/csvutil
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-01-11 09:35:56 -06:00
dependabot[bot]
f9daa4e3cc
🌱 Bump github.com/rhysd/actionlint from 1.6.7 to 1.6.8 ( #1267 )
...
Bumps [github.com/rhysd/actionlint](https://github.com/rhysd/actionlint ) from 1.6.7 to 1.6.8.
- [Release notes](https://github.com/rhysd/actionlint/releases )
- [Changelog](https://github.com/rhysd/actionlint/blob/main/CHANGELOG.md )
- [Commits](https://github.com/rhysd/actionlint/compare/v1.6.7...v1.6.8 )
---
updated-dependencies:
- dependency-name: github.com/rhysd/actionlint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-12-17 17:24:32 +00:00
dependabot[bot]
870a850cc3
🌱 Bump github.com/onsi/gomega from 1.16.0 to 1.17.0 ( #1225 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.16.0...v1.17.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-12-12 15:25:44 +00:00
naveen
6e7e13ede4
🌱 Fix vulnerabilities in dependencies
2021-11-19 16:49:56 -06:00
Chris McGehee
3dc507b9e1
Using library to parse github workflows
2021-11-08 17:00:40 -06:00
dependabot[bot]
3233e4f5be
🌱 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.4 to 1.16.5.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.4...v1.16.5 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-10-12 07:56:57 -04:00
dependabot[bot]
97ae47564a
🌱 Bump mvdan.cc/sh/v3 from 3.3.1 to 3.4.0 ( #1098 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.3.1 to 3.4.0.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.3.1...v3.4.0 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-10-04 23:58:03 +00:00
naveen
6190be23d8
🌱 Upgrad xz library to FIX CVE-2021-29482
...
This fixes the https://github.com/advisories/GHSA-25xm-hr59-7c27
2021-10-04 14:38:38 -05:00
Naveen
589ceac382
🌱 Update the uuid library to avoid CVE ( #1102 )
...
Fixes OSV GO-2020-0018 https://github.com/satori/go.uuid/issues/73
2021-10-04 18:15:41 +00:00
naveen
f78bc44b94
🌱 Updates the DNS library for CVE
...
Updated the DNS library version to address the CVE
2021-10-04 12:41:15 -05:00
dependabot[bot]
16b0c1c62d
🌱 Bump cloud.google.com/go/bigquery from 1.22.0 to 1.24.0 ( #1087 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.22.0 to 1.24.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.22.0...spanner/v1.24.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-09-30 19:16:23 +00:00
dependabot[bot]
e8ec351cba
🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 ( #1068 )
...
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation ) from 2.0.2 to 2.0.3.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases )
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.0.2...v2.0.3 )
---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-30 18:07:28 +00:00
dependabot[bot]
dde2e935d2
🌱 Bump golang.org/x/tools from 0.1.6 to 0.1.7
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.6 to 0.1.7.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.6...v0.1.7 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-29 16:06:43 -05:00
Naveen
d4caef0f4b
🌱 Fix GO-2020-0020 ( #1047 )
...
Fixes the reference to version of library that has the fix for GO-2020-0020
https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2020-0020.yaml
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-09-22 02:01:01 +00:00
dependabot[bot]
5fb87cb0de
🌱 Bump golang.org/x/tools from 0.1.5 to 0.1.6 ( #1041 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.5 to 0.1.6.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.5...v0.1.6 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-21 22:43:56 +00:00
Naveen
fd6e58d615
🌱 Fixes GO-2020-0017 OSV ( #1045 )
...
Fixes the issue
https://deps.dev/advisory/OSV/GO-2020-0017?from=%2Fgo%2Fk8s.io%252Fclient-go%2Fv0.0.0-20200207030105-473926661c44
2021-09-21 14:31:16 -07:00
naveen
51e11e6637
🌱 Fix GO-2021-0089 vulnerability
...
The github.com/buger/jsonparser has this vulnerability.
"vulns": [
{
"id": "GO-2021-0089",
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"details": "Parsing malformed JSON which contain opening brackets, but not closing brackes,\nleads to an infinite loop. If operating on untrusted user input this can be\nused as a denial of service vector.\n",
"affects": {
"ranges": [
{
"type": "SEMVER",
"fixed": "0.0.0-20200321185410-91ac96899e49"
}
]
},
"aliases": [
"CVE-2020-10675"
],
"modified": "2021-04-14T12:00:00Z",
"published": "2021-04-14T12:00:00Z",
"ecosystem_specific": {
"symbols": [
"findKeyStart"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0089.yaml "
},
"references": [
{
"type": "FIX",
"url": "https://github.com/buger/jsonparser/pull/192 "
},
{
"type": "FIX",
"url": "91ac96899e
"
},
{
"type": "WEB",
"url": "https://github.com/buger/jsonparser/issues/188 "
}
],
"affected": [
{
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20200321185410-91ac96899e49"
}
]
}
],
"ecosystem_specific": {
"symbols": [
"findKeyStart"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0089.yaml "
}
}
]
},
{
"id": "GO-2021-0057",
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"details": "Due to improper bounds checking, maliciously crafted JSON objects\ncan cause an out-of-bounds panic. If parsing user input, this may\nbe used as a denial of service vector.\n",
"affects": {
"ranges": [
{
"type": "SEMVER",
"fixed": "1.1.1"
}
]
},
"aliases": [
"CVE-2020-35381"
],
"modified": "2021-04-14T12:00:00Z",
"published": "2021-04-14T12:00:00Z",
"ecosystem_specific": {
"symbols": [
"searchKeys"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0057.yaml "
},
"references": [
{
"type": "FIX",
"url": "https://github.com/buger/jsonparser/pull/221 "
},
{
"type": "FIX",
"url": "df3ea76ece
"
},
{
"type": "WEB",
"url": "https://github.com/buger/jsonparser/issues/219 "
}
],
"affected": [
{
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1"
}
]
}
],
"ecosystem_specific": {
"symbols": [
"searchKeys"
]
},
"database_specific": {
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0057.yaml ",
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json "
}
}
]
}
]
}
2021-09-21 13:04:08 -05:00
dependabot[bot]
4c4fb61d51
🌱 Bump cloud.google.com/go/pubsub from 1.16.0 to 1.17.0 ( #992 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.16.0...pubsub/v1.17.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-09-13 14:57:32 +00:00
dependabot[bot]
cc044ca05f
🌱 Bump go.uber.org/zap from 1.19.0 to 1.19.1 ( #993 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-12 16:14:20 -04:00
naveen
576447a45b
🌱 Fix the jwt finding
...
* This fixes the JWT finding CVE-2020-26160
2021-09-08 11:17:40 -05:00
naveen
2b15b1353b
🌱 Moving tools dependencies to separate go.mod
...
* Moving the tools dependencies to a separate go.mod to reduce the
dependencies on scorecard.
* This is also increases the security posture by having less dependencies
on the main go.mod
2021-09-07 18:23:41 -05:00
dependabot[bot]
0aa4305c61
🌱 Bump github.com/golangci/golangci-lint from 1.42.0 to 1.42.1 ( #973 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.42.0 to 1.42.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.42.0...v1.42.1 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-07 14:59:22 +00:00
dependabot[bot]
e30d9e5bbc
🌱 Bump gocloud.dev from 0.23.0 to 0.24.0 ( #956 )
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.23.0...v0.24.0 )
---
updated-dependencies:
- dependency-name: gocloud.dev
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-03 15:46:28 +00:00
dependabot[bot]
dcbf7528a7
🌱 Bump cloud.google.com/go/bigquery from 1.21.0 to 1.22.0 ( #939 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.21.0...spanner/v1.22.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-09-01 16:14:12 +00:00
dependabot[bot]
001ba670bb
🌱 Bump github.com/jszwec/csvutil from 1.5.0 to 1.5.1
...
Bumps [github.com/jszwec/csvutil](https://github.com/jszwec/csvutil ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/jszwec/csvutil/releases )
- [Commits](https://github.com/jszwec/csvutil/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: github.com/jszwec/csvutil
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-31 08:06:06 -04:00
dependabot[bot]
51016ea8ae
🌱 Bump cloud.google.com/go/pubsub from 1.15.0 to 1.16.0 ( #904 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.15.0...pubsub/v1.16.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-30 02:00:18 +00:00
Azeem Shaikh
37696aceb3
Create and use MockRepoClient in unit tests ( #922 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-26 19:48:39 +00:00
laurentsimon
788fd33222
✨ Add JSON unit tests ( #915 )
...
* fix
* typo
* draft
* fixes
* typo
* add validator
* comments
* typo
2021-08-26 01:42:34 +00:00
Azeem Shaikh
d8e49e0dba
Remove unwanted dependencies ( #913 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-25 21:21:40 +00:00
dependabot[bot]
77a4160a87
🌱 Bump github.com/onsi/gomega from 1.15.0 to 1.16.0 ( #879 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 16:18:46 +00:00
dependabot[bot]
04e8bcf933
🌱 Bump cloud.google.com/go/bigquery from 1.20.1 to 1.21.0 ( #870 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/bigquery/v1.20.1...spanner/v1.21.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-18 18:48:16 +00:00
dependabot[bot]
fa4e8a43f1
🌱 Bump github.com/golangci/golangci-lint from 1.41.1 to 1.42.0 ( #869 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.41.1 to 1.42.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.41.1...v1.42.0 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-18 13:42:02 +00:00
dependabot[bot]
e7d9ec52fa
🌱 Bump cloud.google.com/go/pubsub from 1.14.0 to 1.15.0 ( #858 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.14.0...pubsub/v1.15.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-17 15:45:27 +00:00
dependabot[bot]
72337426f0
🌱 Bump go.uber.org/zap from 1.18.1 to 1.19.0 ( #834 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.18.1 to 1.19.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.18.1...v1.19.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-08-15 22:55:20 +00:00
Azeem Shaikh
b7ddc9ac93
Update go-github version for consistency ( #852 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-13 00:43:22 +00:00
dependabot[bot]
ee8e4026bc
🌱 Bump github.com/google/go-containerregistry ( #832 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.1.2 to 0.6.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.1.2...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 16:43:35 +00:00
dependabot[bot]
0f6cbc1703
🌱 Bump cloud.google.com/go/pubsub from 1.13.0 to 1.14.0 ( #833 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.13.0...pubsub/v1.14.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 05:01:54 +00:00
dependabot[bot]
bbf99add9e
🌱 Bump cloud.google.com/go/bigquery from 1.19.0 to 1.20.1 ( #820 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.19.0 to 1.20.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.19.0...bigquery/v1.20.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 03:22:00 +00:00
Azeem Shaikh
bc67dd306a
Create a webhook for tagging Docker images ( #828 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 01:45:01 +00:00
naveen
ef9880c7b3
🌱 Implemented ignore for license check
...
The license check was updated with the ignore files.
Fixed the issue https://github.com/ossf/scorecard/issues/767
2021-08-09 16:09:01 -05:00
dependabot[bot]
fc75fd44e8
🌱 Bump github.com/onsi/gomega from 1.14.0 to 1.15.0 ( #816 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-06 17:42:41 -04:00
dependabot[bot]
0a7e1515ef
🌱 Bump mvdan.cc/sh/v3 from 3.3.0 to 3.3.1 ( #797 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.3.0...v3.3.1 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-02 09:19:22 -04:00
dependabot[bot]
fae54a6af4
🌱 Bump cloud.google.com/go/pubsub from 1.12.2 to 1.13.0 ( #723 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.2...pubsub/v1.13.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-07-29 21:28:39 +00:00
Naveen
4d7fb5d748
🌱 Fix the go.mod with v2 upgrade ( #716 )
...
The go.mod and the related files weren't t updated with the v2 upgrade.
https://github.com/ossf/scorecard/issues/711
This fix will address the issue.
2021-07-26 13:01:25 -05:00
dependabot[bot]
9b07526776
🌱 Bump golang.org/x/tools from 0.1.4 to 0.1.5 ( #691 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.4...v0.1.5 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-07-14 14:50:36 +00:00
naveen
219404e0b7
🌱 Removing gitcache
...
Removing gitcache
2021-07-13 01:03:21 -05:00
dependabot[bot]
1e01a270ec
🌱 Bump cloud.google.com/go/pubsub from 1.12.0 to 1.12.2 ( #671 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.12.0 to 1.12.2.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.0...pubsub/v1.12.2 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-07-08 22:25:42 -07:00
dependabot[bot]
2e347ac42b
🌱 Bump github.com/onsi/gomega from 1.13.0 to 1.14.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-08 20:10:34 -05:00
dependabot[bot]
3181aba22b
🌱 Bump github.com/spf13/cobra from 1.2.0 to 1.2.1
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-05 08:52:24 -05:00
dependabot[bot]
c61a744c1b
🌱 Bump github.com/spf13/cobra from 1.1.3 to 1.2.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.3...v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-02 11:27:32 -05:00
dependabot[bot]
ecab8fed52
🌱 Bump cloud.google.com/go/bigquery from 1.18.0 to 1.19.0 ( #635 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.18.0...spanner/v1.19.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-30 11:54:01 -07:00
dependabot[bot]
5dd7f118ae
🌱 Bump github.com/golangci/golangci-lint from 1.40.1 to 1.41.1 ( #627 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.40.1 to 1.41.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.40.1...v1.41.1 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-29 10:26:16 -07:00
dependabot[bot]
6a2a1faa6f
🌱 Bump google.golang.org/protobuf from 1.26.0 to 1.27.1 ( #624 )
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.26.0 to 1.27.1.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.26.0...v1.27.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-29 08:42:40 -07:00
dependabot[bot]
fd0bb46836
🌱 Bump golang.org/x/tools from 0.1.3 to 0.1.4 ( #626 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.3...v0.1.4 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-29 01:23:05 -07:00
dependabot[bot]
c095d6f161
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver ( #579 )
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.6 to 0.13.8.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.6...v0.13.8 )
---
updated-dependencies:
- dependency-name: contrib.go.opencensus.io/exporter/stackdriver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-28 21:21:12 -07:00
dependabot[bot]
18b53076d6
🌱 Bump go.uber.org/zap from 1.17.0 to 1.18.1 ( #625 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.17.0...v1.18.1 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-28 18:49:51 -04:00
dependabot[bot]
bf87a7a00a
🌱 Bump cloud.google.com/go/pubsub from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.11.0...pubsub/v1.12.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-28 17:08:52 -05:00
naveen
6aefe1b6ac
🌱 Fix broken e2e tests
...
* Changed the path for the frozen deps to look for within the
.github/worworkflows path
* Included license check to tools.go
* Removed the hard reference to ginkgo within the integration.yml
* The above fixes will fix the broken tests for scorecard.
Repo: github.com/ossf/scorecard
Frozen-Deps: Fail 10
go modules found: go.mod
!! frozen-deps/fetch-execute - .github/workflows/integration.yml is fetching an non-pinned dependency 'go get github.com/onsi/ginkgo/ginkgo@v1.14.2'
!! frozen-deps/fetch-execute - .github/workflows/main.yml is fetching an non-pinned dependency 'go install github.com/google/addlicense@latest'
2021-06-28 15:28:10 -05:00
laurentsimon
0ca1ace1f2
✨ Check: detect downloads of scripts/binaries in docker's RUN ( #584 )
...
* commit 1
* commit 2
* commit 3
* updates
* linter
* update year
* cleanup
* linter
* fix test files
* linter
* comments
2021-06-21 18:45:15 +00:00
Naveen
3e1890fe35
✨ Binary Artifact check ( #563 )
...
* Implemented binary artifact checks
2021-06-21 15:49:31 +00:00
Azeem Shaikh
09e86518e5
Add all Google-owned repositories to cron job ( #555 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-08 16:55:43 -07:00
dependabot[bot]
a6d7c038af
🌱 Bump github.com/onsi/ginkgo from 1.16.2 to 1.16.4 ( #537 )
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.2 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.2...v1.16.4 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-03 23:02:05 -04:00
dependabot[bot]
b839e0426f
🌱 Bump cloud.google.com/go/pubsub from 1.10.3 to 1.11.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.10.3 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.10.3...pubsub/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-03 12:07:47 -04:00
dependabot[bot]
c056718628
🌱 Bump github.com/onsi/gomega from 1.12.0 to 1.13.0 ( #515 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.12.0...v1.13.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-28 12:00:16 -04:00
dependabot[bot]
b7e1f155fc
🌱 Bump cloud.google.com/go/bigquery from 1.8.0 to 1.18.0 ( #483 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.18.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.8.0...spanner/v1.18.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:58:21 -04:00
dependabot[bot]
44252d64c8
🌱 Bump go.uber.org/zap from 1.16.0 to 1.17.0 ( #509 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.16.0...v1.17.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:11:44 -04:00
dependabot[bot]
7ec85f22ed
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.4 to 0.13.6.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.4...v0.13.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-26 14:55:28 -04:00
dependabot[bot]
0d469a4533
🌱 Bump gocloud.dev from 0.22.0 to 0.23.0 ( #464 )
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.22.0...v0.23.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 13:06:23 -04:00
Azeem Shaikh
4584311fc6
Add monitoring to checks ( #480 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-20 23:47:49 -07:00
Azeem Shaikh
9453765aa0
Use TRUNCATE to load data into BigQuery ( #476 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-19 23:59:40 -07:00
laurentsimon
ee3f290702
✨ Add check for Docker dependency pinning by hash ( #469 )
...
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* update unit tests
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* remove log
* check fix
* comment
* linter
* commments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* check fix
* comment
* commments
* comments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* commments
* comments
* comments
* comments
* update mod
* remove continue keyword
* linter
* linter
* linter
* comments
* cleanup
* linter
* typos
* typos
2021-05-19 09:46:39 -07:00
Abhishek Arya
5f82d2b9c0
✨ Add checks for workflow action pinning ( #466 )
...
Patch by Laurent Simon <laurentsimon@google.com>
Co-authored-by: Laurent Simon <laurentsimon@google.com>
2021-05-17 13:03:39 -07:00
Naveen
9281d1ddd9
🌱 Move tool dependencies into go.mod ( #460 )
...
Moved the tool dependencies into go.mod
2021-05-17 15:20:28 -04:00
Azeem Shaikh
ba3b5c5979
Refactor Makefile and add proto compile support. ( #458 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-15 13:58:01 -07:00
Azeem Shaikh
6437c9324f
Setup PubSub framework code. ( #428 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-14 14:32:23 -07:00
dependabot[bot]
e326db557b
🌱 Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 ( #407 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.11.0...v1.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-09 12:05:53 -04:00
Abhishek Arya
a2d51ead20
🐛 Freeze Makefile deps ( #404 )
...
* Freeze Makefile deps
* trigger ci
* Fix build failure.
2021-05-05 09:55:59 -07:00
dependabot[bot]
9e4ecf0a44
🌱 Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.1 to 1.16.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.1...v1.16.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-05 07:12:09 -05:00
Azeem Shaikh
d3a59eacff
Move Dockerfile.gsutil to inside cron/
2021-04-27 17:21:53 -05:00
Azeem Shaikh
86a46560c8
Rename CheckResults to Checks to match BQ schema.
2021-04-26 17:45:04 -05:00
Azeem Shaikh
bd3eff1fcf
✨ Cron job uses line-delimited JSON ( #344 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Separate out ReposURL nito repos/
* Add TODO in gitcache module.
* Add RepoRequest/Response types.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
* Simplify cmd package.
* Make cron/ a package instead of module.
* Fix TODO.
* Remove binary file.
* go.mod file.
* go.mod updates.
* Refactor cron to use in-memory JSON.
* Fix JSON output.
* Fix go.mod
* Address PR comments.
* Change %w -> %v.
* Address PR comments.
* Fix err.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-19 12:49:51 -07:00
Azeem Shaikh
a58818d258
🌱 : Reduce code duplication for follow-up cron refactoring ( #338 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-10 07:26:56 -05:00
dependabot[bot]
fc0eac922a
Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.0...v1.16.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-08 09:27:08 -05:00
dependabot[bot]
e0cd796b7f
Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.2...v1.16.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 12:12:04 -05:00
dependabot[bot]
8333f1e328
Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.1...v1.15.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-17 15:18:13 -04:00
naveen
6e8018cf8f
chore - Upgrade ginkgo and goomega dependencies
...
Upgrade version for ginkgo and goomega dependencies.
2021-03-10 09:08:31 -05:00
Naveen
b4c2e4fd13
feat - migrate to go 1.16 ( #233 )
...
Upgrade to go version 1.16
2021-03-03 18:56:29 +00:00
Abhishek Arya
a44dd6a758
Add pypi and ruby gems package support. ( #226 )
...
Adds some more package managers to
https://github.com/ossf/scorecard/issues/33
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-03-01 11:21:20 -05:00
naveen
6f2a0f43f4
Fix - Output path for the test runs
2021-02-25 15:59:39 -05:00
naveen
cab29a2747
Feat- Use cloud buckets for caching
...
Use cloud buckets for httpcache.
The implementation uses https://github.com/google/go-cloud for it to be
cloud vendor agnostic.
2021-02-24 11:17:50 -05:00
Naveen
db81680172
Feat-Implement httpcache middleware for GitHub API ( #203 )
...
The GitHub API supports conditional requests
https://docs.github.com/en/rest/overview/resources-in-the-rest-api#conditional-requests
https://github.com/google/go-github supports Conditional requests
https://github.com/google/go-github#conditional-requests
As we are scaling more and more projects this would add a lot of value.
Initial run fetches information using `httpcache` as a middleware,
which caches the HTTP response initially in a large disk (PVC),
probably move to Redis later as a cache instead of disk.
Subsequent `cron runs` will utilize the `httpcache` for checking content modification and
load it from the cache if it isn't modified, which reduces the hitting the
Rate Limit of the GitHub API.
2021-02-22 17:18:28 +00:00
dependabot[bot]
2c23a47857
Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.2...v1.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-11 11:15:34 -05:00
dependabot[bot]
7ef0cf9c55
Bump github.com/spf13/cobra from 1.1.1 to 1.1.2 ( #154 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 22:58:55 -08:00
dependabot[bot]
038e3b65c1
Bump github.com/onsi/gomega from 1.10.4 to 1.10.5
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.10.4...v1.10.5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:18:34 -05:00
dependabot[bot]
717701bd61
Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.14.2 to 1.15.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.14.2...v1.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:13:35 -05:00
Abhishek Arya
b278475af0
Fix CodeQL failure.
2021-01-15 13:44:52 -05:00
Abhishek Arya
5b7ddc55ab
Add e2e test.
2021-01-15 13:44:52 -05:00
Naveen
f77da7783b
feat-e2e tests for signed tags and signed releases ( #115 )
...
Implemented e2e tests using ginkgo for validating signed tags and signed
releases.
ginkgo is utilized as a standard BDD testing framework in other
projects like kubebuilder.
2021-01-01 14:36:31 -06:00
naveen
fd3a2a87b9
fix - URL with trailing slash
...
Fixes the URL with trailing slash.
Changed the URL parsing to net package implementation.
Included tests for URL parsing.
2020-12-21 15:16:32 -05:00
dlorenc
24fa4cca5e
Add support for and hookup app based authentication for higher rate limiting. ( #69 )
...
This also configures it in our nightly cron cluster.
2020-11-13 11:06:46 -06:00
dlorenc
45286f140c
Add a script to output in csv that can be run daily. ( #56 )
2020-11-10 13:25:57 -06:00
Dan Lorenc
a8e06bdefb
Update deps.
2020-11-06 15:29:27 -06:00
dlorenc
fd188f5263
Use the GraphQL API to retrieve the list of tags in signed-tags. ( #45 )
2020-11-06 15:28:26 -06:00
dlorenc
49fba38c8b
Use Cobra CLI library, reorganize a bit. ( #22 )
2020-10-18 18:49:51 -05:00
Dan Lorenc
c9596cd09d
Add better logging.
2020-10-13 11:29:29 -05:00
Dan Lorenc
3ee3c748e9
Initial commit.
2020-10-09 10:08:43 -05:00