naveen
51e11e6637
🌱 Fix GO-2021-0089 vulnerability
...
The github.com/buger/jsonparser has this vulnerability.
"vulns": [
{
"id": "GO-2021-0089",
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"details": "Parsing malformed JSON which contain opening brackets, but not closing brackes,\nleads to an infinite loop. If operating on untrusted user input this can be\nused as a denial of service vector.\n",
"affects": {
"ranges": [
{
"type": "SEMVER",
"fixed": "0.0.0-20200321185410-91ac96899e49"
}
]
},
"aliases": [
"CVE-2020-10675"
],
"modified": "2021-04-14T12:00:00Z",
"published": "2021-04-14T12:00:00Z",
"ecosystem_specific": {
"symbols": [
"findKeyStart"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0089.yaml "
},
"references": [
{
"type": "FIX",
"url": "https://github.com/buger/jsonparser/pull/192 "
},
{
"type": "FIX",
"url": "91ac96899e
"
},
{
"type": "WEB",
"url": "https://github.com/buger/jsonparser/issues/188 "
}
],
"affected": [
{
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "0.0.0-20200321185410-91ac96899e49"
}
]
}
],
"ecosystem_specific": {
"symbols": [
"findKeyStart"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0089.yaml "
}
}
]
},
{
"id": "GO-2021-0057",
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"details": "Due to improper bounds checking, maliciously crafted JSON objects\ncan cause an out-of-bounds panic. If parsing user input, this may\nbe used as a denial of service vector.\n",
"affects": {
"ranges": [
{
"type": "SEMVER",
"fixed": "1.1.1"
}
]
},
"aliases": [
"CVE-2020-35381"
],
"modified": "2021-04-14T12:00:00Z",
"published": "2021-04-14T12:00:00Z",
"ecosystem_specific": {
"symbols": [
"searchKeys"
]
},
"database_specific": {
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json ",
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0057.yaml "
},
"references": [
{
"type": "FIX",
"url": "https://github.com/buger/jsonparser/pull/221 "
},
{
"type": "FIX",
"url": "df3ea76ece
"
},
{
"type": "WEB",
"url": "https://github.com/buger/jsonparser/issues/219 "
}
],
"affected": [
{
"package": {
"name": "github.com/buger/jsonparser",
"ecosystem": "Go"
},
"ranges": [
{
"type": "SEMVER",
"events": [
{
"introduced": "0"
},
{
"fixed": "1.1.1"
}
]
}
],
"ecosystem_specific": {
"symbols": [
"searchKeys"
]
},
"database_specific": {
"url": "https://go.googlesource.com/vulndb/+/refs/heads/master/reports/GO-2021-0057.yaml ",
"source": "https://storage.googleapis.com/go-vulndb/github.com/buger/jsonparser.json "
}
}
]
}
]
}
2021-09-21 13:04:08 -05:00
dependabot[bot]
4c4fb61d51
🌱 Bump cloud.google.com/go/pubsub from 1.16.0 to 1.17.0 ( #992 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.16.0...pubsub/v1.17.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-09-13 14:57:32 +00:00
dependabot[bot]
cc044ca05f
🌱 Bump go.uber.org/zap from 1.19.0 to 1.19.1 ( #993 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.19.0 to 1.19.1.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.19.0...v1.19.1 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-12 16:14:20 -04:00
naveen
576447a45b
🌱 Fix the jwt finding
...
* This fixes the JWT finding CVE-2020-26160
2021-09-08 11:17:40 -05:00
naveen
2b15b1353b
🌱 Moving tools dependencies to separate go.mod
...
* Moving the tools dependencies to a separate go.mod to reduce the
dependencies on scorecard.
* This is also increases the security posture by having less dependencies
on the main go.mod
2021-09-07 18:23:41 -05:00
dependabot[bot]
0aa4305c61
🌱 Bump github.com/golangci/golangci-lint from 1.42.0 to 1.42.1 ( #973 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.42.0 to 1.42.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.42.0...v1.42.1 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-09-07 14:59:22 +00:00
dependabot[bot]
e30d9e5bbc
🌱 Bump gocloud.dev from 0.23.0 to 0.24.0 ( #956 )
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.23.0 to 0.24.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.23.0...v0.24.0 )
---
updated-dependencies:
- dependency-name: gocloud.dev
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-09-03 15:46:28 +00:00
flying-cow
1434977ac0
:sparkling: Upgraded to go 1.17
2021-09-01 18:31:44 -04:00
dependabot[bot]
dcbf7528a7
🌱 Bump cloud.google.com/go/bigquery from 1.21.0 to 1.22.0 ( #939 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.21.0...spanner/v1.22.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-09-01 16:14:12 +00:00
dependabot[bot]
001ba670bb
🌱 Bump github.com/jszwec/csvutil from 1.5.0 to 1.5.1
...
Bumps [github.com/jszwec/csvutil](https://github.com/jszwec/csvutil ) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/jszwec/csvutil/releases )
- [Commits](https://github.com/jszwec/csvutil/compare/v1.5.0...v1.5.1 )
---
updated-dependencies:
- dependency-name: github.com/jszwec/csvutil
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-31 08:06:06 -04:00
Chris McGehee
dbb23450e5
✨ Add line number to unpinned dependency: GitHub workflow "uses" field ( #821 )
...
* Display line number for github workflow "uses" field
* Adding test for line numbers
* Updating comment
* Updating this log message to use SARIF format
Co-authored-by: laurentsimon <64505099+laurentsimon@users.noreply.github.com>
2021-08-30 17:03:45 +00:00
dependabot[bot]
51016ea8ae
🌱 Bump cloud.google.com/go/pubsub from 1.15.0 to 1.16.0 ( #904 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.15.0...pubsub/v1.16.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-30 02:00:18 +00:00
Azeem Shaikh
37696aceb3
Create and use MockRepoClient in unit tests ( #922 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-26 19:48:39 +00:00
laurentsimon
788fd33222
✨ Add JSON unit tests ( #915 )
...
* fix
* typo
* draft
* fixes
* typo
* add validator
* comments
* typo
2021-08-26 01:42:34 +00:00
Azeem Shaikh
d8e49e0dba
Remove unwanted dependencies ( #913 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-25 21:21:40 +00:00
dependabot[bot]
77a4160a87
🌱 Bump github.com/onsi/gomega from 1.15.0 to 1.16.0 ( #879 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.15.0 to 1.16.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.15.0...v1.16.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-23 16:18:46 +00:00
dependabot[bot]
04e8bcf933
🌱 Bump cloud.google.com/go/bigquery from 1.20.1 to 1.21.0 ( #870 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.20.1 to 1.21.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/bigquery/v1.20.1...spanner/v1.21.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-18 18:48:16 +00:00
dependabot[bot]
fa4e8a43f1
🌱 Bump github.com/golangci/golangci-lint from 1.41.1 to 1.42.0 ( #869 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.41.1 to 1.42.0.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.41.1...v1.42.0 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-18 13:42:02 +00:00
dependabot[bot]
e7d9ec52fa
🌱 Bump cloud.google.com/go/pubsub from 1.14.0 to 1.15.0 ( #858 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.14.0...pubsub/v1.15.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-17 15:45:27 +00:00
dependabot[bot]
72337426f0
🌱 Bump go.uber.org/zap from 1.18.1 to 1.19.0 ( #834 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.18.1 to 1.19.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.18.1...v1.19.0 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-08-15 22:55:20 +00:00
Azeem Shaikh
b7ddc9ac93
Update go-github version for consistency ( #852 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-13 00:43:22 +00:00
dependabot[bot]
ee8e4026bc
🌱 Bump github.com/google/go-containerregistry ( #832 )
...
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry ) from 0.1.2 to 0.6.0.
- [Release notes](https://github.com/google/go-containerregistry/releases )
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml )
- [Commits](https://github.com/google/go-containerregistry/compare/v0.1.2...v0.6.0 )
---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 16:43:35 +00:00
dependabot[bot]
0f6cbc1703
🌱 Bump cloud.google.com/go/pubsub from 1.13.0 to 1.14.0 ( #833 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.13.0...pubsub/v1.14.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 05:01:54 +00:00
dependabot[bot]
bbf99add9e
🌱 Bump cloud.google.com/go/bigquery from 1.19.0 to 1.20.1 ( #820 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.19.0 to 1.20.1.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.19.0...bigquery/v1.20.1 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-08-11 03:22:00 +00:00
Azeem Shaikh
bc67dd306a
Create a webhook for tagging Docker images ( #828 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-08-11 01:45:01 +00:00
naveen
ef9880c7b3
🌱 Implemented ignore for license check
...
The license check was updated with the ignore files.
Fixed the issue https://github.com/ossf/scorecard/issues/767
2021-08-09 16:09:01 -05:00
dependabot[bot]
fc75fd44e8
🌱 Bump github.com/onsi/gomega from 1.14.0 to 1.15.0 ( #816 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.14.0 to 1.15.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.14.0...v1.15.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-06 17:42:41 -04:00
laurentsimon
6718939a08
✨ Cleanup errors and log ( #782 )
...
* cleanup
* text
* add errors
* fixes
* more
* fixes
* linnter
* comments
* name
2021-08-02 22:38:42 +00:00
dependabot[bot]
0a7e1515ef
🌱 Bump mvdan.cc/sh/v3 from 3.3.0 to 3.3.1 ( #797 )
...
Bumps [mvdan.cc/sh/v3](https://github.com/mvdan/sh ) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/mvdan/sh/releases )
- [Changelog](https://github.com/mvdan/sh/blob/master/CHANGELOG.md )
- [Commits](https://github.com/mvdan/sh/compare/v3.3.0...v3.3.1 )
---
updated-dependencies:
- dependency-name: mvdan.cc/sh/v3
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-08-02 09:19:22 -04:00
dependabot[bot]
fae54a6af4
🌱 Bump cloud.google.com/go/pubsub from 1.12.2 to 1.13.0 ( #723 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.12.2 to 1.13.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.2...pubsub/v1.13.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-07-29 21:28:39 +00:00
Naveen
4d7fb5d748
🌱 Fix the go.mod with v2 upgrade ( #716 )
...
The go.mod and the related files weren't t updated with the v2 upgrade.
https://github.com/ossf/scorecard/issues/711
This fix will address the issue.
2021-07-26 13:01:25 -05:00
dependabot[bot]
9b07526776
🌱 Bump golang.org/x/tools from 0.1.4 to 0.1.5 ( #691 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.4 to 0.1.5.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.4...v0.1.5 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-07-14 14:50:36 +00:00
naveen
219404e0b7
🌱 Removing gitcache
...
Removing gitcache
2021-07-13 01:03:21 -05:00
dependabot[bot]
1e01a270ec
🌱 Bump cloud.google.com/go/pubsub from 1.12.0 to 1.12.2 ( #671 )
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.12.0 to 1.12.2.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.12.0...pubsub/v1.12.2 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-07-08 22:25:42 -07:00
dependabot[bot]
2e347ac42b
🌱 Bump github.com/onsi/gomega from 1.13.0 to 1.14.0
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.13.0 to 1.14.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.13.0...v1.14.0 )
---
updated-dependencies:
- dependency-name: github.com/onsi/gomega
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-08 20:10:34 -05:00
naveen
7afc0918e2
✨ Table output for the results
...
* Included the table output in the default results
2021-07-08 20:00:13 -05:00
dependabot[bot]
3181aba22b
🌱 Bump github.com/spf13/cobra from 1.2.0 to 1.2.1
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.2.0...v1.2.1 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-05 08:52:24 -05:00
dependabot[bot]
c61a744c1b
🌱 Bump github.com/spf13/cobra from 1.1.3 to 1.2.0
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.3 to 1.2.0.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.3...v1.2.0 )
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-07-02 11:27:32 -05:00
dependabot[bot]
ecab8fed52
🌱 Bump cloud.google.com/go/bigquery from 1.18.0 to 1.19.0 ( #635 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.18.0 to 1.19.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/spanner/v1.18.0...spanner/v1.19.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/bigquery
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-30 11:54:01 -07:00
dependabot[bot]
5dd7f118ae
🌱 Bump github.com/golangci/golangci-lint from 1.40.1 to 1.41.1 ( #627 )
...
Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint ) from 1.40.1 to 1.41.1.
- [Release notes](https://github.com/golangci/golangci-lint/releases )
- [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/golangci/golangci-lint/compare/v1.40.1...v1.41.1 )
---
updated-dependencies:
- dependency-name: github.com/golangci/golangci-lint
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Azeem Shaikh <azeems@google.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-29 10:26:16 -07:00
dependabot[bot]
6a2a1faa6f
🌱 Bump google.golang.org/protobuf from 1.26.0 to 1.27.1 ( #624 )
...
Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go ) from 1.26.0 to 1.27.1.
- [Release notes](https://github.com/protocolbuffers/protobuf-go/releases )
- [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash )
- [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.26.0...v1.27.1 )
---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-29 08:42:40 -07:00
dependabot[bot]
fd0bb46836
🌱 Bump golang.org/x/tools from 0.1.3 to 0.1.4 ( #626 )
...
Bumps [golang.org/x/tools](https://github.com/golang/tools ) from 0.1.3 to 0.1.4.
- [Release notes](https://github.com/golang/tools/releases )
- [Commits](https://github.com/golang/tools/compare/v0.1.3...v0.1.4 )
---
updated-dependencies:
- dependency-name: golang.org/x/tools
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-29 01:23:05 -07:00
dependabot[bot]
c095d6f161
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver ( #579 )
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.6 to 0.13.8.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.6...v0.13.8 )
---
updated-dependencies:
- dependency-name: contrib.go.opencensus.io/exporter/stackdriver
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Azeem Shaikh <azeemshaikh38@gmail.com>
2021-06-28 21:21:12 -07:00
dependabot[bot]
18b53076d6
🌱 Bump go.uber.org/zap from 1.17.0 to 1.18.1 ( #625 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.17.0 to 1.18.1.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.17.0...v1.18.1 )
---
updated-dependencies:
- dependency-name: go.uber.org/zap
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-28 18:49:51 -04:00
dependabot[bot]
bf87a7a00a
🌱 Bump cloud.google.com/go/pubsub from 1.11.0 to 1.12.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.11.0...pubsub/v1.12.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-28 17:08:52 -05:00
naveen
6aefe1b6ac
🌱 Fix broken e2e tests
...
* Changed the path for the frozen deps to look for within the
.github/worworkflows path
* Included license check to tools.go
* Removed the hard reference to ginkgo within the integration.yml
* The above fixes will fix the broken tests for scorecard.
Repo: github.com/ossf/scorecard
Frozen-Deps: Fail 10
go modules found: go.mod
!! frozen-deps/fetch-execute - .github/workflows/integration.yml is fetching an non-pinned dependency 'go get github.com/onsi/ginkgo/ginkgo@v1.14.2'
!! frozen-deps/fetch-execute - .github/workflows/main.yml is fetching an non-pinned dependency 'go install github.com/google/addlicense@latest'
2021-06-28 15:28:10 -05:00
Azeem Shaikh
1f1e05b22c
Add metadata Google
for Google-owned repos ( #616 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-27 09:04:00 -07:00
laurentsimon
0ca1ace1f2
✨ Check: detect downloads of scripts/binaries in docker's RUN ( #584 )
...
* commit 1
* commit 2
* commit 3
* updates
* linter
* update year
* cleanup
* linter
* fix test files
* linter
* comments
2021-06-21 18:45:15 +00:00
Naveen
3e1890fe35
✨ Binary Artifact check ( #563 )
...
* Implemented binary artifact checks
2021-06-21 15:49:31 +00:00
Azeem Shaikh
09e86518e5
Add all Google-owned repositories to cron job ( #555 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-08 16:55:43 -07:00
dependabot[bot]
a6d7c038af
🌱 Bump github.com/onsi/ginkgo from 1.16.2 to 1.16.4 ( #537 )
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.2 to 1.16.4.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.2...v1.16.4 )
---
updated-dependencies:
- dependency-name: github.com/onsi/ginkgo
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-06-03 23:02:05 -04:00
dependabot[bot]
b839e0426f
🌱 Bump cloud.google.com/go/pubsub from 1.10.3 to 1.11.0
...
Bumps [cloud.google.com/go/pubsub](https://github.com/googleapis/google-cloud-go ) from 1.10.3 to 1.11.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.10.3...pubsub/v1.11.0 )
---
updated-dependencies:
- dependency-name: cloud.google.com/go/pubsub
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-06-03 12:07:47 -04:00
Azeem Shaikh
3b86d57217
Use lease extension for PubSub worker ( #533 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-06-02 17:59:42 -07:00
dependabot[bot]
c056718628
🌱 Bump github.com/onsi/gomega from 1.12.0 to 1.13.0 ( #515 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.12.0 to 1.13.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.12.0...v1.13.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-28 12:00:16 -04:00
dependabot[bot]
b7e1f155fc
🌱 Bump cloud.google.com/go/bigquery from 1.8.0 to 1.18.0 ( #483 )
...
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go ) from 1.8.0 to 1.18.0.
- [Release notes](https://github.com/googleapis/google-cloud-go/releases )
- [Changelog](https://github.com/googleapis/google-cloud-go/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-cloud-go/compare/pubsub/v1.8.0...spanner/v1.18.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:58:21 -04:00
dependabot[bot]
44252d64c8
🌱 Bump go.uber.org/zap from 1.16.0 to 1.17.0 ( #509 )
...
Bumps [go.uber.org/zap](https://github.com/uber-go/zap ) from 1.16.0 to 1.17.0.
- [Release notes](https://github.com/uber-go/zap/releases )
- [Changelog](https://github.com/uber-go/zap/blob/master/CHANGELOG.md )
- [Commits](https://github.com/uber-go/zap/compare/v1.16.0...v1.17.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 15:11:44 -04:00
dependabot[bot]
7ec85f22ed
🌱 Bump contrib.go.opencensus.io/exporter/stackdriver
...
Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver ) from 0.13.4 to 0.13.6.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases )
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.4...v0.13.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-26 14:55:28 -04:00
dependabot[bot]
0d469a4533
🌱 Bump gocloud.dev from 0.22.0 to 0.23.0 ( #464 )
...
Bumps [gocloud.dev](https://github.com/google/go-cloud ) from 0.22.0 to 0.23.0.
- [Release notes](https://github.com/google/go-cloud/releases )
- [Commits](https://github.com/google/go-cloud/compare/v0.22.0...v0.23.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-26 13:06:23 -04:00
Azeem Shaikh
0c636b0f5f
Fix bug in GitHub token access ( #490 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-22 11:24:53 -07:00
Azeem Shaikh
4584311fc6
Add monitoring to checks ( #480 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-20 23:47:49 -07:00
Azeem Shaikh
9453765aa0
Use TRUNCATE to load data into BigQuery ( #476 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-19 23:59:40 -07:00
laurentsimon
ee3f290702
✨ Add check for Docker dependency pinning by hash ( #469 )
...
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* update unit tests
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* remove log
* check fix
* comment
* linter
* commments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* remove log
* check fix
* comment
* commments
* comments
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check pinning in docker files
* Revert "check pinning in docker files"
This reverts commit c05a5007b1
.
* check dependencies pinning in docker files
* check docker files hash pinning
* remove logging
* make keyword matches case-insensitive
* check fix
* check dependencies pinning in docker files
* check docker files hash pinning
* check fix
* commments
* comments
* comments
* comments
* update mod
* remove continue keyword
* linter
* linter
* linter
* comments
* cleanup
* linter
* typos
* typos
2021-05-19 09:46:39 -07:00
Abhishek Arya
5f82d2b9c0
✨ Add checks for workflow action pinning ( #466 )
...
Patch by Laurent Simon <laurentsimon@google.com>
Co-authored-by: Laurent Simon <laurentsimon@google.com>
2021-05-17 13:03:39 -07:00
Naveen
9281d1ddd9
🌱 Move tool dependencies into go.mod ( #460 )
...
Moved the tool dependencies into go.mod
2021-05-17 15:20:28 -04:00
Azeem Shaikh
ba3b5c5979
Refactor Makefile and add proto compile support. ( #458 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-15 13:58:01 -07:00
Azeem Shaikh
6437c9324f
Setup PubSub framework code. ( #428 )
...
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-05-14 14:32:23 -07:00
dependabot[bot]
e326db557b
🌱 Bump github.com/onsi/gomega from 1.11.0 to 1.12.0 ( #407 )
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.11.0 to 1.12.0.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.11.0...v1.12.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-05-09 12:05:53 -04:00
Abhishek Arya
a2d51ead20
🐛 Freeze Makefile deps ( #404 )
...
* Freeze Makefile deps
* trigger ci
* Fix build failure.
2021-05-05 09:55:59 -07:00
dependabot[bot]
9e4ecf0a44
🌱 Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.1 to 1.16.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.1...v1.16.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-05 07:12:09 -05:00
naveen
09af32a993
✨ Generate docs using go instead of python
...
* Implemented the doc generation from python to go
* Removed the need for json
* Sorted the output of the generated markdown
2021-05-02 19:46:07 -05:00
Azeem Shaikh
d3a59eacff
Move Dockerfile.gsutil to inside cron/
2021-04-27 17:21:53 -05:00
Azeem Shaikh
86a46560c8
Rename CheckResults to Checks to match BQ schema.
2021-04-26 17:45:04 -05:00
Azeem Shaikh
bd3eff1fcf
✨ Cron job uses line-delimited JSON ( #344 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Separate out ReposURL nito repos/
* Add TODO in gitcache module.
* Add RepoRequest/Response types.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
* Simplify cmd package.
* Make cron/ a package instead of module.
* Fix TODO.
* Remove binary file.
* go.mod file.
* go.mod updates.
* Refactor cron to use in-memory JSON.
* Fix JSON output.
* Fix go.mod
* Address PR comments.
* Change %w -> %v.
* Address PR comments.
* Fix err.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-19 12:49:51 -07:00
Azeem Shaikh
a58818d258
🌱 : Reduce code duplication for follow-up cron refactoring ( #338 )
...
* ✨ Refactor to reduce code duplication
* ✨
* Move lib/ back to checker/
* Move lib/ back to checker/
* Move lib/ back to checker/
* Address PR comments.
* Addressing PR comments.
* Avoid printing `ShouldRetry` and `Error` in output JSON.
* Fix JSON output.
Co-authored-by: Azeem Shaikh <azeems@google.com>
2021-04-10 07:26:56 -05:00
dependabot[bot]
fc0eac922a
Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.16.0 to 1.16.1.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.16.0...v1.16.1 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-08 09:27:08 -05:00
dependabot[bot]
e0cd796b7f
Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.2 to 1.16.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.2...v1.16.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-05 12:12:04 -05:00
dependabot[bot]
8333f1e328
Bump github.com/onsi/ginkgo from 1.15.1 to 1.15.2
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.15.1 to 1.15.2.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.15.1...v1.15.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-17 15:18:13 -04:00
naveen
6e8018cf8f
chore - Upgrade ginkgo and goomega dependencies
...
Upgrade version for ginkgo and goomega dependencies.
2021-03-10 09:08:31 -05:00
Naveen
b4c2e4fd13
feat - migrate to go 1.16 ( #233 )
...
Upgrade to go version 1.16
2021-03-03 18:56:29 +00:00
Abhishek Arya
a44dd6a758
Add pypi and ruby gems package support. ( #226 )
...
Adds some more package managers to
https://github.com/ossf/scorecard/issues/33
Co-authored-by: Naveen <172697+naveensrinivasan@users.noreply.github.com>
2021-03-01 11:21:20 -05:00
naveen
cab29a2747
Feat- Use cloud buckets for caching
...
Use cloud buckets for httpcache.
The implementation uses https://github.com/google/go-cloud for it to be
cloud vendor agnostic.
2021-02-24 11:17:50 -05:00
naveen
9510d3e0d7
Fix - default disk cache size
...
The default disk cache size is 100mb. Changed the default disk cache to
10gb.
2021-02-22 18:19:56 -05:00
Naveen
db81680172
Feat-Implement httpcache middleware for GitHub API ( #203 )
...
The GitHub API supports conditional requests
https://docs.github.com/en/rest/overview/resources-in-the-rest-api#conditional-requests
https://github.com/google/go-github supports Conditional requests
https://github.com/google/go-github#conditional-requests
As we are scaling more and more projects this would add a lot of value.
Initial run fetches information using `httpcache` as a middleware,
which caches the HTTP response initially in a large disk (PVC),
probably move to Redis later as a cache instead of disk.
Subsequent `cron runs` will utilize the `httpcache` for checking content modification and
load it from the cache if it isn't modified, which reduces the hitting the
Rate Limit of the GitHub API.
2021-02-22 17:18:28 +00:00
dependabot[bot]
2c23a47857
Bump github.com/spf13/cobra from 1.1.2 to 1.1.3
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.2 to 1.1.3.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.2...v1.1.3 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-11 11:15:34 -05:00
dependabot[bot]
7ef0cf9c55
Bump github.com/spf13/cobra from 1.1.1 to 1.1.2 ( #154 )
...
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra ) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/spf13/cobra/releases )
- [Changelog](https://github.com/spf13/cobra/blob/master/CHANGELOG.md )
- [Commits](https://github.com/spf13/cobra/compare/v1.1.1...v1.1.2 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-02-09 22:58:55 -08:00
dependabot[bot]
038e3b65c1
Bump github.com/onsi/gomega from 1.10.4 to 1.10.5
...
Bumps [github.com/onsi/gomega](https://github.com/onsi/gomega ) from 1.10.4 to 1.10.5.
- [Release notes](https://github.com/onsi/gomega/releases )
- [Changelog](https://github.com/onsi/gomega/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/gomega/compare/v1.10.4...v1.10.5 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:18:34 -05:00
dependabot[bot]
717701bd61
Bump github.com/onsi/ginkgo from 1.14.2 to 1.15.0
...
Bumps [github.com/onsi/ginkgo](https://github.com/onsi/ginkgo ) from 1.14.2 to 1.15.0.
- [Release notes](https://github.com/onsi/ginkgo/releases )
- [Changelog](https://github.com/onsi/ginkgo/blob/master/CHANGELOG.md )
- [Commits](https://github.com/onsi/ginkgo/compare/v1.14.2...v1.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-02-02 09:13:35 -05:00
Abhishek Arya
b278475af0
Fix CodeQL failure.
2021-01-15 13:44:52 -05:00
Abhishek Arya
5b7ddc55ab
Add e2e test.
2021-01-15 13:44:52 -05:00
Naveen
f77da7783b
feat-e2e tests for signed tags and signed releases ( #115 )
...
Implemented e2e tests using ginkgo for validating signed tags and signed
releases.
ginkgo is utilized as a standard BDD testing framework in other
projects like kubebuilder.
2021-01-01 14:36:31 -06:00
naveen
fd3a2a87b9
fix - URL with trailing slash
...
Fixes the URL with trailing slash.
Changed the URL parsing to net package implementation.
Included tests for URL parsing.
2020-12-21 15:16:32 -05:00
dlorenc
24fa4cca5e
Add support for and hookup app based authentication for higher rate limiting. ( #69 )
...
This also configures it in our nightly cron cluster.
2020-11-13 11:06:46 -06:00
dlorenc
45286f140c
Add a script to output in csv that can be run daily. ( #56 )
2020-11-10 13:25:57 -06:00
Dan Lorenc
a8e06bdefb
Update deps.
2020-11-06 15:29:27 -06:00
dlorenc
fd188f5263
Use the GraphQL API to retrieve the list of tags in signed-tags. ( #45 )
2020-11-06 15:28:26 -06:00
Dan Lorenc
9f686dc707
Rename repo/modules.
2020-10-27 14:23:48 -05:00
dlorenc
49fba38c8b
Use Cobra CLI library, reorganize a bit. ( #22 )
2020-10-18 18:49:51 -05:00
Dan Lorenc
c9596cd09d
Add better logging.
2020-10-13 11:29:29 -05:00
Dan Lorenc
3ee3c748e9
Initial commit.
2020-10-09 10:08:43 -05:00