Skip to content

v0.5.0

Choose a tag to compare

View all tags
@github-actions github-actions released this 05 Dec 23:57
· 1845 commits to main since this release
v0.5.0
ee7c481
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Changelog

  • ee7c481 Merge pull request #399 from hectorj2f/source_secrets

Thanks to all contributors!

What's Changed

  • chore(deps): Bump anchore/sbom-action from 0.13.0 to 0.13.1 by @dependabot in #365
  • chore(deps): Bump github/codeql-action from 2.1.30 to 2.1.31 by @dependabot in #366
  • chore(deps): Bump golang.org/x/sys from 0.1.0 to 0.2.0 by @dependabot in #367
  • chore(deps): Bump golang.org/x/time from 0.1.0 to 0.2.0 by @dependabot in #368
  • chore(deps): Bump golang.org/x/crypto from 0.1.0 to 0.2.0 by @dependabot in #373
  • chore(deps): Bump google-github-actions/auth from 0.8.3 to 1.0.0 by @dependabot in #371
  • chore(deps): Bump google-github-actions/setup-gcloud from 0.6.2 to 1.0.0 by @dependabot in #370
  • CI: bump scaffolding version by @hectorj2f in #377
  • chore(deps): Bump google-github-actions/setup-gcloud from 1.0.0 to 1.0.1 by @dependabot in #376
  • chore(deps): Bump github.com/hashicorp/go-plugin from 1.4.5 to 1.4.6 by @dependabot in #374
  • chore(deps): Bump mikefarah/yq from 4.28.2 to 4.30.1 by @dependabot in #378
  • chore(deps): Bump golangci/golangci-lint-action from 3.3.0 to 3.3.1 by @dependabot in #379
  • chore(deps): Bump github.com/google/go-containerregistry from 0.12.0 to 0.12.1 by @dependabot in #381
  • chore(deps): Bump github.com/sigstore/rekor from 1.0.0 to 1.0.1 by @dependabot in #380
  • chore(deps): Bump github/codeql-action from 2.1.31 to 2.1.32 by @dependabot in #384
  • chore(deps): Bump mikefarah/yq from 4.30.1 to 4.30.2 by @dependabot in #383
  • chore(deps): Bump golang.org/x/crypto from 0.2.0 to 0.3.0 by @dependabot in #390
  • chore(deps): Bump google.golang.org/grpc from 1.50.1 to 1.51.0 by @dependabot in #392
  • fix: v1beta1 version converter that ignored the field spec.policy by @hectorj2f in #393
  • Drop service account lookups when signaturePullSecrets are specified by @hectorj2f in #388
  • Add FetchConfigFile to Policy that allows you to fetch and evaluate policy against container image configfile. by @vaikas in #389
  • add gh actions to verify docs by @hectorj2f in #395
  • chore(deps): Bump github.com/hashicorp/golang-lru from 0.5.4 to 1.0.1 by @dependabot in #387
  • chore(deps): Bump github.com/sigstore/sigstore from 1.4.5 to 1.4.6 by @dependabot in #397
  • chore(deps): Bump github/codeql-action from 2.1.32 to 2.1.35 by @dependabot in #402
  • chore(deps): Bump actions/setup-go from 3.3.1 to 3.4.0 by @dependabot in #403
  • chore(deps): Bump go.uber.org/zap from 1.23.0 to 1.24.0 by @dependabot in #404
  • Attach highest level resource spec to PolicyResult if so desired. by @vaikas in #406
  • chore(deps): Bump mikefarah/yq from 4.30.2 to 4.30.5 by @dependabot in #405
  • Add includeObjectMetadata for including objectMeta in CIP policy eval. by @vaikas in #407
  • feat: configurable ClusterImagePolicy resync period by @DennyHoang in #398
  • feat: accept source without setting any oci repository by @hectorj2f in #399

New Contributors

Full Changelog: v0.4.2...v0.5.0

Contributors

hectorj2f, DennyHoang, and 2 other contributors
Assets 30
Loading