dependabot[bot]
e123f4c4dc
🌱 Bump tj-actions/changed-files from 39.2.3 to 40.1.1 ( #3657 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.2.3 to 40.1.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](95690f9ece...25ef3926d1
2023-11-09 00:35:13 +00:00
dependabot[bot]
6de7eba753
🌱 Bump kubernetes-sigs/kubebuilder-release-tools ( #3637 )
...
Bumps [kubernetes-sigs/kubebuilder-release-tools](https://github.com/kubernetes-sigs/kubebuilder-release-tools ) from 0.4.0 to 0.4.2.
- [Release notes](https://github.com/kubernetes-sigs/kubebuilder-release-tools/releases )
- [Changelog](https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/RELEASE.md )
- [Commits](d8367c29de...3c3411345e
2023-11-08 15:46:20 -08:00
dependabot[bot]
e12e5376a6
🌱 Bump actions/dependency-review-action from 3.1.0 to 3.1.2 ( #3653 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.1.0 to 3.1.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](6c5ccdad46...fde92acd08
2023-11-08 21:52:02 +00:00
afmarcum
c52a1702de
🌱 Update stale workflow to exempt Structured Results milestone ( #3634 )
...
* 🌱 Update stale workflow to exempt Structured Results milestone
* Removed duplicate line, updated stale-pr-message, and removed custom stale labels
2023-11-01 10:02:20 -07:00
dependabot[bot]
50d246696e
🌱 Bump ossf/scorecard-action from 2.3.0 to 2.3.1 ( #3599 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.3.0 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](483ef80eb9...0864cf1902
2023-10-27 23:44:15 +00:00
Stephen Augustus
b15b47aec3
CODEOWNERS: Support distribution of code reviews via team assignments ( #3620 )
...
Individual maintainer assignments within CODEOWNERS mean that we
cannot take advantage of GitHub code review distribution schemes
for team review assignments.
In this commit, we switch to team assignments within CODEOWNERS.
A common complaint with this approach is that unless you are a part
of the GitHub organization, you will not be able to view a team's
membership/understand who the maintainers of a project are.
To provide visibility into the maintainer list, we've added a
MAINTAINERS.md here as well.
Signed-off-by: Stephen Augustus <foo@auggie.dev>
2023-10-27 13:41:58 -07:00
dependabot[bot]
4b8066a3c7
🌱 Bump actions/checkout from 4.1.0 to 4.1.1 ( #3580 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
2023-10-19 22:28:54 +00:00
dependabot[bot]
159c6c8723
🌱 Bump tj-actions/changed-files from 39.2.1 to 39.2.3 ( #3577 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.2.1 to 39.2.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](db153baf73...95690f9ece
2023-10-19 21:16:50 +00:00
dependabot[bot]
16ace558ad
🌱 Bump kubernetes-sigs/kubebuilder-release-tools ( #3553 )
...
Bumps [kubernetes-sigs/kubebuilder-release-tools](https://github.com/kubernetes-sigs/kubebuilder-release-tools ) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/kubernetes-sigs/kubebuilder-release-tools/releases )
- [Changelog](https://github.com/kubernetes-sigs/kubebuilder-release-tools/blob/master/RELEASE.md )
- [Commits](4f3d1085b4...d8367c29de
2023-10-12 06:23:36 +00:00
dependabot[bot]
51870877a5
🌱 Bump ossf/scorecard-action from 2.2.0 to 2.3.0 ( #3544 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](08b4669551...483ef80eb9
2023-10-09 10:19:38 -07:00
dependabot[bot]
7a1c8fe25b
🌱 Bump nick-invision/retry from 2.8.3 to 2.9.0 ( #3519 )
...
Bumps [nick-invision/retry](https://github.com/nick-invision/retry ) from 2.8.3 to 2.9.0.
- [Release notes](https://github.com/nick-invision/retry/releases )
- [Changelog](https://github.com/nick-fields/retry/blob/master/.releaserc.js )
- [Commits](943e742917...14672906e6
2023-10-03 18:46:27 -07:00
dependabot[bot]
2c25c46ef1
🌱 Bump tj-actions/changed-files from 39.1.2 to 39.2.1 ( #3531 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.1.2 to 39.2.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](4196030939...db153baf73
2023-10-03 21:33:01 +00:00
dependabot[bot]
7161ec1d58
🌱 Bump step-security/harden-runner from 2.5.1 to 2.6.0 ( #3532 )
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](8ca2b8b2ec...1b05615854
2023-10-03 21:17:51 +00:00
Spencer Schrock
6aa3bcc7f5
🌱 Don't close stale issues explicitly ( #3513 )
...
Issues are still getting closed after https://github.com/ossf/scorecard/pull/3493 .
I assume there's a default value being used somewhere.
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-09-25 16:21:30 +00:00
dependabot[bot]
fa31d56694
🌱 Bump actions/checkout from 4.0.0 to 4.1.0 ( #3511 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-25 09:47:00 -04:00
dependabot[bot]
5a5a6561d6
🌱 Bump tj-actions/changed-files from 39.1.0 to 39.1.2 ( #3504 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.1.0 to 39.1.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](8e79ba7ab9...4196030939
2023-09-21 13:31:55 -04:00
afmarcum
893a472548
🌱 workflows/stale: Remove issue auto-close ( #3493 )
2023-09-19 12:32:37 -07:00
dependabot[bot]
ac13ac7c01
🌱 Bump tj-actions/changed-files from 39.0.2 to 39.1.0 ( #3488 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.0.2 to 39.1.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](6ee9cdc581...8e79ba7ab9
2023-09-19 01:54:57 +00:00
dependabot[bot]
84b53a9f65
🌱 Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 ( #3478 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.6.0 to 5.0.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](5fdedb94ab...7ec5c2b0c6
2023-09-18 23:06:45 +00:00
afmarcum
4a0e3fffff
🌱 workflows/stale: Update workflow to increase operations-per-run to process more issues ( #3483 )
...
* Update workflow to increase operations per run to process more issues
* 🌱 workflows/stale: Increased operations-per-run from default and reduced days to close stale issues
2023-09-16 01:08:46 +00:00
dependabot[bot]
0fcf4d9ee1
🌱 Bump tj-actions/changed-files from 39.0.0 to 39.0.2 ( #3470 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 39.0.0 to 39.0.2.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](48566bbcc2...6ee9cdc581
2023-09-13 02:23:21 +00:00
dependabot[bot]
8a5467249e
🌱 Bump actions/dependency-review-action from 3.0.8 to 3.1.0 ( #3461 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.8 to 3.1.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](f6fff72a32...6c5ccdad46
2023-09-13 02:09:36 +00:00
dependabot[bot]
1bd5b42bb3
🌱 Bump actions/upload-artifact from 3.1.2 to 3.1.3 ( #3459 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](0b7f8abb15...a8a3f3ad30
2023-09-13 01:57:54 +00:00
dependabot[bot]
d03ca5c9f1
🌱 Bump actions/cache from 3.3.1 to 3.3.2 ( #3463 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.1 to 3.3.2.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](88522ab9f3...704facf57e
2023-09-12 18:49:06 -07:00
afmarcum
ac6ea1101c
🌱 workflows/stale: Update workflow to include issue close action ( #3474 )
...
* Update workflow to include issue close action
* Added message about closing stale issue
2023-09-12 15:22:38 -07:00
dependabot[bot]
11c48cdce0
🌱 Bump goreleaser/goreleaser-action from 4.4.0 to 4.6.0 ( #3457 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.4.0 to 4.6.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](3fa32b8bb5...5fdedb94ab
2023-09-06 09:15:28 -07:00
afmarcum
418a5e57c3
Removed exempt labels ( #3455 )
...
Co-authored-by: Stephen Augustus <justaugustus@users.noreply.github.com>
2023-09-05 19:19:14 +00:00
dependabot[bot]
afce7626d5
🌱 Bump actions/checkout from 3.6.0 to 4.0.0 ( #3453 )
...
* 🌱 Bump actions/checkout from 3.6.0 to 4.0.0
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.6.0 to 4.0.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](f43a0e5ff2...3df4ab11eb
2023-09-05 09:54:22 -07:00
dependabot[bot]
a2495ea865
🌱 Bump tj-actions/changed-files from 38.1.3 to 39.0.0 ( #3452 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 38.1.3 to 39.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](c860b5c47f...48566bbcc2
2023-09-05 03:00:57 +00:00
dependabot[bot]
4186f161d0
🌱 Bump sigstore/cosign-installer from 3.1.1 to 3.1.2 ( #3446 )
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](6e04d228eb...11086d2504
2023-09-04 18:27:45 -07:00
dependabot[bot]
b68ef18c96
🌱 Bump tj-actions/changed-files from 38.0.0 to 38.1.3 ( #3432 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 38.0.0 to 38.1.3.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](17f3fec1ed...c860b5c47f
2023-08-30 10:50:07 -07:00
dependabot[bot]
df077fdba0
🌱 Bump slsa-framework/slsa-verifier from 2.3.0 to 2.4.0 ( #3431 )
...
Bumps [slsa-framework/slsa-verifier](https://github.com/slsa-framework/slsa-verifier ) from 2.3.0 to 2.4.0.
- [Release notes](https://github.com/slsa-framework/slsa-verifier/releases )
- [Changelog](https://github.com/slsa-framework/slsa-verifier/blob/main/RELEASE.md )
- [Commits](https://github.com/slsa-framework/slsa-verifier/compare/v2.3.0...v2.4.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-verifier
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-28 18:46:37 -07:00
dependabot[bot]
730d649ec4
🌱 Bump actions/checkout from 3.5.3 to 3.6.0 ( #3425 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.5.3 to 3.6.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](c85c95e3d7...f43a0e5ff2
2023-08-25 09:31:09 -05:00
dependabot[bot]
d6ed8105df
🌱 Bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.8.0 to 1.9.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2023-08-23 19:21:12 +00:00
dependabot[bot]
7c97e6445d
🌱 Bump tj-actions/changed-files from 37.6.1 to 38.0.0 ( #3416 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.6.1 to 38.0.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](a0585ff990...17f3fec1ed
2023-08-23 12:11:55 -07:00
dependabot[bot]
73d4eedc20
🌱 Bump tj-actions/changed-files from 37.6.0 to 37.6.1
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.6.0 to 37.6.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](87697c0dca...a0585ff990
2023-08-17 13:01:28 +00:00
dependabot[bot]
7106d7834f
🌱 Bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 ( #3391 )
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.6.0 to 3.7.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](639cd343e1...3a91952989
2023-08-17 07:48:14 -05:00
dependabot[bot]
454dcc5808
🌱 Bump actions/dependency-review-action from 3.0.7 to 3.0.8 ( #3390 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.7 to 3.0.8.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](7d90b4f05f...f6fff72a32
2023-08-16 05:34:03 -05:00
Spencer Schrock
5ec66fa906
🌱 Migrate to go 1.21 ( #3387 )
...
* Bump dockerfiles to 1.21
* Go minimum version should match our go.mod
* Bump GitHub action go version to 1.21 and ensure all workflows use env variable.
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-08-14 14:32:42 -04:00
dependabot[bot]
72d262b6ef
🌱 Bump actions/dependency-review-action from 3.0.6 to 3.0.7
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3.0.6 to 3.0.7.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1360a344cc...7d90b4f05f
2023-08-11 19:42:45 +00:00
dependabot[bot]
1acccbf86b
🌱 Bump goreleaser/goreleaser-action from 4.3.0 to 4.4.0 ( #3369 )
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](336e29918d...3fa32b8bb5
2023-08-11 12:32:16 -07:00
dependabot[bot]
b699c0980a
🌱 Bump step-security/harden-runner from 2.5.0 to 2.5.1 ( #3372 )
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](cba0d00b1f...8ca2b8b2ec
2023-08-11 12:11:10 -07:00
dependabot[bot]
22fb10ccb9
🌱 Bump actions/setup-go from 4.0.1 to 4.1.0 ( #3365 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fac708d667...93397bea11
2023-08-09 08:33:20 -05:00
dependabot[bot]
719770cb5b
🌱 Bump tj-actions/changed-files from 37.5.1 to 37.6.0 ( #3355 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.5.1 to 37.6.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](a96679dfee...87697c0dca
2023-08-08 17:53:25 +00:00
dependabot[bot]
f9b8d82363
🌱 Bump slsa-framework/slsa-github-generator from 1.7.0 to 1.8.0 ( #3351 )
...
Bumps [slsa-framework/slsa-github-generator](https://github.com/slsa-framework/slsa-github-generator ) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/slsa-framework/slsa-github-generator/releases )
- [Changelog](https://github.com/slsa-framework/slsa-github-generator/blob/main/CHANGELOG.md )
- [Commits](https://github.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0 )
---
updated-dependencies:
- dependency-name: slsa-framework/slsa-github-generator
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-08-07 12:52:53 -05:00
dependabot[bot]
633b0fdc83
🌱 Bump tj-actions/changed-files from 37.5.0 to 37.5.1 ( #3331 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.5.0 to 37.5.1.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](920e7b9ae1...a96679dfee
2023-08-01 08:59:13 -07:00
dependabot[bot]
81717d87b8
🌱 Bump step-security/harden-runner from 2.4.1 to 2.5.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.4.1 to 2.5.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](55d479fb1c...cba0d00b1f
2023-07-25 12:54:45 +00:00
dependabot[bot]
85d5aa2d77
🌱 Bump tj-actions/changed-files from 37.4.0 to 37.5.0 ( #3303 )
...
Bumps [tj-actions/changed-files](https://github.com/tj-actions/changed-files ) from 37.4.0 to 37.5.0.
- [Release notes](https://github.com/tj-actions/changed-files/releases )
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md )
- [Commits](de0eba3279...920e7b9ae1
2023-07-25 07:46:24 -05:00
Spencer Schrock
4ac9999462
🌱 Ensure check markdown is kept in sync with source yaml. ( #3300 )
...
* Ensure check markdown is kept in sync with check yaml.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* change generate-docs target to detect changes to docs/checks.md directly.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-24 14:10:13 -07:00
Spencer Schrock
a779588f35
🌱 Add separate cache for long-running tests ( #3293 )
...
* Add separate cache for unit tests.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* share cache with gitlab tests too.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* share cache with github integration tests.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* explicitly download modules in unit test job
Signed-off-by: Spencer Schrock <sschrock@google.com>
* checkout needs to be before the go.mod is read.
Signed-off-by: Spencer Schrock <sschrock@google.com>
* checkout needs to be before the go.sum files are hashed.
Signed-off-by: Spencer Schrock <sschrock@google.com>
---------
Signed-off-by: Spencer Schrock <sschrock@google.com>
2023-07-21 14:46:49 -07:00
