dependabot[bot]
727d7e8d27
🌱 Bump github.com/moby/buildkit from 0.11.4 to 0.11.5 ( #2809 )
...
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit ) from 0.11.4 to 0.11.5.
- [Release notes](https://github.com/moby/buildkit/releases )
- [Commits](https://github.com/moby/buildkit/compare/v0.11.4...v0.11.5 )
---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-30 16:47:31 -07:00
dependabot[bot]
ef16fd8ae0
🌱 Bump cloud.google.com/go/pubsub from 1.28.0 to 1.30.0 ( #2804 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.28.0 to 1.30.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.28.0...pubsub/v1.30.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-29 19:15:39 -07:00
dependabot[bot]
4626c278de
🌱 Bump github.com/bradleyfalzon/ghinstallation/v2 ( #2805 )
...
Bumps [github.com/bradleyfalzon/ghinstallation/v2](https://github.com/bradleyfalzon/ghinstallation ) from 2.1.0 to 2.2.0.
- [Release notes](https://github.com/bradleyfalzon/ghinstallation/releases )
- [Commits](https://github.com/bradleyfalzon/ghinstallation/compare/v2.1.0...v2.2.0 )
---
updated-dependencies:
- dependency-name: github.com/bradleyfalzon/ghinstallation/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-29 18:37:45 -07:00
dependabot[bot]
92a07f5513
🌱 Bump github.com/google/osv-scanner ( #2803 )
...
Bumps [github.com/google/osv-scanner](https://github.com/google/osv-scanner ) from 1.2.1-0.20230302232134-592acbc2539b to 1.3.0.
- [Release notes](https://github.com/google/osv-scanner/releases )
- [Changelog](https://github.com/google/osv-scanner/blob/main/CHANGELOG.md )
- [Commits](https://github.com/google/osv-scanner/commits/v1.3.0 )
---
updated-dependencies:
- dependency-name: github.com/google/osv-scanner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-29 11:41:56 -07:00
dependabot[bot]
d2a3caa3d8
🌱 Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.81.0 ( #2737 )
...
* 🌱 Bump github.com/xanzy/go-gitlab from 0.78.0 to 0.81.0
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.78.0 to 0.81.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.78.0...v0.81.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Bump google.golang.org/protobuf to v1.30.0 to satisfy dependency analysis.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
2023-03-28 19:41:09 -07:00
dependabot[bot]
dd86ce8df8
🌱 Bump golang.org/x/tools from 0.6.0 to 0.7.0 ( #2769 )
2023-03-29 00:22:33 +00:00
Spencer Schrock
27cfe92ed3
🌱 Bump golangci-lint and fix configuration file. ( #2783 )
...
* Bump golangci-lint to v1.52.1
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Remove deprecated linters.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* Configure errorlint to ignore wrapping multiple errors.
We don't use golang 1.20 yet.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* extra go mod tidy to hide linter.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-03-23 10:25:44 -07:00
dependabot[bot]
1f3f9ef318
🌱 Bump gocloud.dev from 0.26.0 to 0.29.0 ( #2722 )
...
* 🌱 Bump gocloud.dev from 0.26.0 to 0.29.0
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.26.0 to 0.29.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.26.0...v0.29.0 )
---
updated-dependencies:
- dependency-name: gocloud.dev
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* Switch pubsubpb import path.
See cf7063dc4d/migration.md
2023-03-17 10:16:29 -07:00
Azeem Shaikh
8966abdceb
Initial implementation of go-git client ( #2720 )
...
Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2023-03-15 21:28:09 +00:00
dependabot[bot]
2e6347f133
🌱 Bump github.com/moby/buildkit from 0.10.3 to 0.11.4 ( #2735 )
...
Bumps [github.com/moby/buildkit](https://github.com/moby/buildkit ) from 0.10.3 to 0.11.4.
- [Release notes](https://github.com/moby/buildkit/releases )
- [Commits](https://github.com/moby/buildkit/compare/v0.10.3...v0.11.4 )
---
updated-dependencies:
- dependency-name: github.com/moby/buildkit
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-08 19:03:26 -06:00
Rex P
170af75618
🐛 Updates osv-scanner dependency to 1.2.0. ( #2704 )
...
* Updates osv-scanner dependency to 1.2.0.
The 1.0 release changed the return value for osv-scanner to output an error
when vulnerabilities are found, modified to handle this error correctly.
Signed-off-by: Rex Pan <rexpan@google.com>
* Add some additional comments
Signed-off-by: Rex Pan <rexpan@google.com>
* Update osv-scanner to include SBOM and logging fixes
Signed-off-by: Rex Pan <rexpan@google.com>
---------
Signed-off-by: Rex Pan <rexpan@google.com>
2023-03-09 00:04:11 +00:00
dependabot[bot]
0bed3da7f1
🌱 Bump github.com/jszwec/csvutil from 1.7.1 to 1.8.0 ( #2698 )
...
Bumps [github.com/jszwec/csvutil](https://github.com/jszwec/csvutil ) from 1.7.1 to 1.8.0.
- [Release notes](https://github.com/jszwec/csvutil/releases )
- [Commits](https://github.com/jszwec/csvutil/compare/v1.7.1...v1.8.0 )
---
updated-dependencies:
- dependency-name: github.com/jszwec/csvutil
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-06 12:48:08 -06:00
dependabot[bot]
034add12c1
🌱 Bump k8s.io/client-go from 0.18.8 to 0.20.0
...
Bumps [k8s.io/client-go](https://github.com/kubernetes/client-go ) from 0.18.8 to 0.20.0.
- [Release notes](https://github.com/kubernetes/client-go/releases )
- [Changelog](https://github.com/kubernetes/client-go/blob/master/CHANGELOG.md )
- [Commits](https://github.com/kubernetes/client-go/compare/v0.18.8...v0.20.0 )
---
updated-dependencies:
- dependency-name: k8s.io/client-go
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-02-23 19:11:51 +00:00
dependabot[bot]
24b779f7e2
🌱 Bump mvdan.cc/sh/v3 from 3.5.1 to 3.6.0 ( #2615 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.5.1 to 3.6.0.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.5.1...v3.6.0 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-22 10:35:24 -06:00
dependabot[bot]
48813a3c38
🌱 Bump golang.org/x/net from 0.5.0 to 0.7.0 ( #2680 )
...
Bumps [golang.org/x/net](https://github.com/golang/net ) from 0.5.0 to 0.7.0.
- [Release notes](https://github.com/golang/net/releases )
- [Commits](https://github.com/golang/net/compare/v0.5.0...v0.7.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/net
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-20 07:55:55 -06:00
Naveen
5e6a5212f4
🌱 Update deps for fixing GHSA-r48q-9g5r-8q2h ( #2675 )
...
- Update dependencies `github.com/emicklei/go-restful` to fix this https://osv.dev/vulnerability/GHSA-r48q-9g5r-8q2h
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2023-02-16 15:38:44 -08:00
dependabot[bot]
1c6ab16e45
🌱 Bump github.com/go-git/go-git/v5 from 5.4.2 to 5.5.2 ( #2600 )
...
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git ) from 5.4.2 to 5.5.2.
- [Release notes](https://github.com/go-git/go-git/releases )
- [Commits](https://github.com/go-git/go-git/compare/v5.4.2...v5.5.2 )
---
updated-dependencies:
- dependency-name: github.com/go-git/go-git/v5
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-25 18:00:44 +00:00
dependabot[bot]
2704fc5de9
🌱 Bump github.com/xanzy/go-gitlab from 0.77.0 to 0.78.0 ( #2591 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.77.0 to 0.78.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.77.0...v0.78.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-15 14:15:09 -06:00
dependabot[bot]
b30bc79e80
🌱 Bump golang.org/x/tools from 0.4.0 to 0.5.0 ( #2592 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.4.0...v0.5.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-11 09:44:04 -08:00
dependabot[bot]
75adffeb6d
🌱 Bump github.com/onsi/gomega from 1.24.1 to 1.24.2 ( #2562 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.24.1 to 1.24.2.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.24.1...v1.24.2 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-10 22:47:58 -08:00
dependabot[bot]
63ffde8505
🌱 Bump github.com/onsi/ginkgo/v2 from 2.5.1 to 2.7.0 ( #2590 )
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.5.1 to 2.7.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.5.1...v2.7.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-11 05:54:06 +00:00
dependabot[bot]
c6d76807b7
🌱 Bump github.com/xanzy/go-gitlab from 0.76.0 to 0.77.0 ( #2563 )
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.76.0 to 0.77.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.76.0...v0.77.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-22 08:31:50 -08:00
dependabot[bot]
7e64b3654e
🌱 Bump golang.org/x/tools from 0.3.0 to 0.4.0 ( #2525 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.3.0...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-21 22:50:11 -08:00
Rex P
f983480ba2
⚠️ OSV scanner integration ( #2509 )
...
* Improve OSV scanning integration (squashed)
Signed-off-by: Rex P <rexpan@google.com>
* Add support for grouping vulnerabilities and aliases
Signed-off-by: Rex P <rexpan@google.com>
* Updated documentation, spit vulnerability output to multiple warnings
Signed-off-by: Rex P <rexpan@google.com>
* Updated documentation, spit vulnerability output to multiple warnings
Signed-off-by: Rex P <rexpan@google.com>
* Add its own codebase into docs
Signed-off-by: Rex P <rexpan@google.com>
* Update scorecard test to not prevent known vulns
Signed-off-by: Rex P <rexpan@google.com>
Signed-off-by: Rex P <rexpan@google.com>
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2022-12-12 16:46:43 -08:00
dependabot[bot]
d11772da53
🌱 Bump cloud.google.com/go/bigquery from 1.43.0 to 1.44.0 ( #2504 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.43.0 to 1.44.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/bigquery/v1.43.0...bigquery/v1.44.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 12:29:44 -08:00
dependabot[bot]
6fe248c97b
🌱 Bump cloud.google.com/go/pubsub from 1.26.0 to 1.27.0 ( #2503 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.26.0 to 1.27.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.26.0...pubsub/v1.27.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-01 11:37:37 -08:00
dependabot[bot]
c61f6bc297
🌱 Bump github.com/Masterminds/semver/v3 from 3.1.1 to 3.2.0 ( #2498 )
...
Bumps [github.com/Masterminds/semver/v3](https://github.com/Masterminds/semver ) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/Masterminds/semver/releases )
- [Changelog](https://github.com/Masterminds/semver/blob/master/CHANGELOG.md )
- [Commits](https://github.com/Masterminds/semver/compare/v3.1.1...v3.2.0 )
---
updated-dependencies:
- dependency-name: github.com/Masterminds/semver/v3
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-30 10:54:05 -08:00
raghavkaul
4c7066e3b6
🌱 attestor: module -> subpackage ( #2464 )
...
* Enable cilint checking on attestor and fix cilint errors
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Make attestor a subpackage of scorecard
* Move e2e test
* Use scorecard logger
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
2022-11-30 10:22:00 -08:00
dependabot[bot]
4926241f69
🌱 Bump github.com/xanzy/go-gitlab from 0.74.0 to 0.76.0
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.74.0 to 0.76.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.74.0...v0.76.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-21 16:34:39 +00:00
dependabot[bot]
a3255e353a
🌱 Bump github.com/onsi/ginkgo/v2 from 2.5.0 to 2.5.1 ( #2467 )
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.5.0...v2.5.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-11-21 09:59:32 -06:00
dependabot[bot]
469216299a
🌱 Bump github.com/onsi/gomega from 1.24.0 to 1.24.1 ( #2449 )
...
* 🌱 Bump github.com/onsi/gomega from 1.24.0 to 1.24.1
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.24.0 to 1.24.1.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.24.0...v1.24.1 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
* go mod tidy
Signed-off-by: Spencer Schrock <sschrock@google.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
2022-11-17 23:06:34 -08:00
dependabot[bot]
d7543170e1
🌱 Bump github.com/google/go-containerregistry
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.12.0 to 0.12.1.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.12.0...v0.12.1 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-16 21:04:08 +00:00
dependabot[bot]
52640d5eab
🌱 Bump golang.org/x/tools from 0.2.0 to 0.3.0 ( #2448 )
...
* 🌱 Bump golang.org/x/tools from 0.2.0 to 0.3.0
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.2.0 to 0.3.0.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.2.0...v0.3.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* bump attestor modules
Signed-off-by: Spencer Schrock <sschrock@google.com>
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Spencer Schrock <sschrock@google.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Spencer Schrock <sschrock@google.com>
2022-11-12 14:23:03 +00:00
dependabot[bot]
556405dc46
🌱 Bump github.com/onsi/ginkgo/v2 from 2.4.0 to 2.5.0
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.4.0...v2.5.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-08 13:59:16 +00:00
dependabot[bot]
9fc35358a2
🌱 Bump github.com/onsi/gomega from 1.23.0 to 1.24.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.23.0 to 1.24.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.23.0...v1.24.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-11-03 13:25:47 +00:00
dependabot[bot]
b90b5f024b
🌱 Bump github.com/onsi/gomega from 1.20.2 to 1.23.0 ( #2409 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.20.2 to 1.23.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.20.2...v1.23.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-29 18:44:49 +00:00
dependabot[bot]
93b59720c4
🌱 Bump github.com/xanzy/go-gitlab from 0.73.1 to 0.74.0
...
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab ) from 0.73.1 to 0.74.0.
- [Release notes](https://github.com/xanzy/go-gitlab/releases )
- [Changelog](https://github.com/xanzy/go-gitlab/blob/master/releases_test.go )
- [Commits](https://github.com/xanzy/go-gitlab/compare/v0.73.1...v0.74.0 )
---
updated-dependencies:
- dependency-name: github.com/xanzy/go-gitlab
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-29 17:33:03 +00:00
dependabot[bot]
8220f0f23b
🌱 Bump cloud.google.com/go/pubsub from 1.25.1 to 1.26.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.25.1 to 1.26.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.25.1...pubsub/v1.26.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-29 14:00:56 +00:00
dependabot[bot]
038e84e7f5
🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.6 to 2.4.0
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.1.6 to 2.4.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.1.6...v2.4.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2022-10-28 19:51:29 +00:00
dependabot[bot]
f9f0c0aa70
🌱 Bump github.com/spf13/cobra from 1.6.0 to 1.6.1 ( #2397 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.6.0 to 1.6.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Commits](https://github.com/spf13/cobra/compare/v1.6.0...v1.6.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-27 09:38:53 -05:00
dependabot[bot]
ca5972ab56
🌱 Bump cloud.google.com/go/bigquery from 1.39.0 to 1.43.0 ( #2395 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.39.0 to 1.43.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.39.0...bigquery/v1.43.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-24 21:40:07 -07:00
dependabot[bot]
b0c3d04098
🌱 Bump golang.org/x/tools from 0.1.12 to 0.2.0 ( #2377 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.12 to 0.2.0.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.12...v0.2.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-21 08:37:53 -05:00
dependabot[bot]
bd0de45a90
🌱 Bump github.com/google/go-containerregistry ( #2371 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.11.0 to 0.12.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.11.0...v0.12.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-20 09:19:34 -05:00
dependabot[bot]
d76bcb664b
🌱 Bump golang.org/x/text from 0.3.8 to 0.4.0 ( #2364 )
...
Bumps [golang.org/x/text](https://github.com/golang/text ) from 0.3.8 to 0.4.0.
- [Release notes](https://github.com/golang/text/releases )
- [Commits](https://github.com/golang/text/compare/v0.3.8...v0.4.0 )
---
updated-dependencies:
- dependency-name: golang.org/x/text
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-18 17:29:56 +00:00
dependabot[bot]
78c7e83b54
🌱 Bump golang.org/x/text from 0.3.7 to 0.3.8 ( #2358 )
...
Bumps [golang.org/x/text](https://github.com/golang/text ) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/golang/text/releases )
- [Commits](https://github.com/golang/text/compare/v0.3.7...v0.3.8 )
---
updated-dependencies:
- dependency-name: golang.org/x/text
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-10-17 11:01:50 -05:00
Naveen
53e9246681
🌱 Migrate to go 1.19 ( #2332 )
...
- Migrate to go 1.19
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-10-06 21:09:38 -04:00
Nathaniel Wert
0f87094997
✨ Gitlab support ( #2265 )
...
* updated readme to reflect gitlab usage
* bugfixes after a good deal of testing
* removed unnecessary files from branch
* cleaning up my mess
* requested changes + unit tests
* style fixes
* updated readme to reflect gitlab usage
* bugfixes after a good deal of testing
* removed unnecessary files from branch
* cleaning up my mess
* requested changes + unit tests
* style fixes
* merge main into gitlab_support
* check-linter fixes
Signed-off-by: Nathaniel Wert <N8.Wert.B@gmail.com>
Co-authored-by: nathaniel.wert <nathaniel.wert@kudelskisecurity.com>
2022-09-21 16:20:20 -04:00
raghavkaul
d75dea8a58
🌱 Feature: Group commits into changesets ( #2260 )
...
* Group raw commits into changesets
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Add tests, fix golint
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Fix lint
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Address PR comments
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Fix test failures, remove unneeded fields from raw results
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Fix lint
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Fix tests
* Handle randomized order
* e2e
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Accept code reviews on any commit, not just HEAD
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
* Address PR comments
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Signed-off-by: Raghav Kaul <raghavkaul@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2022-09-20 17:53:11 +00:00
dependabot[bot]
dac68a4773
🌱 Bump github.com/onsi/gomega from 1.20.1 to 1.20.2 ( #2225 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.20.1 to 1.20.2.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.20.1...v1.20.2 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-02 09:01:02 -05:00
dependabot[bot]
7a2c403312
🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.4 to 2.1.6 ( #2220 )
...
Bumps [github.com/onsi/ginkgo/v2](https://github.com/onsi/ginkgo ) from 2.1.4 to 2.1.6.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v2.1.4...v2.1.6 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo/v2
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-31 12:08:21 +00:00
