v0.0.31
What's Changed
- Fix CLI invocations in first_profile.md by @puerco in #2328
- Run "make gen" for main by @rdimitrov in #2333
- Add Homoglyphs detection in Minder by @teodor-yanev in #2312
- Unname unused params and bump golangci-lint by @puerco in #2335
- build(deps): bump github.com/go-playground/validator/v10 from 10.17.0 to 10.18.0 by @dependabot in #2336
- build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.12.0 to 1.13.0 by @dependabot in #2337
- build(deps): bump redocusaurus from 2.0.0 to 2.0.1 in /docs by @dependabot in #2339
- Update docs for getting started and how to by @rdimitrov in #2331
- Fix a few Trusty issues that enable support for Go in Minder by @rdimitrov in #2332
- build(deps): bump golang.org/x/tools from 0.17.0 to 0.18.0 in /tools by @dependabot in #2340
- Use MINDER_CONFIG to simplify selection of local / staging / prod by @evankanderson in #2329
- Enable Coveralls for coverage reporting by @evankanderson in #2342
- Revert "Enable Coveralls for coverage reporting" by @evankanderson in #2344
- build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @dependabot in #2347
- build(deps): bump github.com/openfga/go-sdk from 0.3.4 to 0.3.5 by @dependabot in #2346
- build(deps): bump github/codeql-action from 3.24.0 to 3.24.1 by @dependabot in #2345
- build(deps): bump github.com/sigstore/protobuf-specs from 0.2.1 to 0.3.0 by @dependabot in #2341
- build(deps): bump golang from
ef61a20
tocefea7f
by @dependabot in #2349 - Re-enable coverage reporting to coveralls by @evankanderson in #2351
- Replace unpinned actions with pinned action by @stacklokbot in #2352
- build(deps): bump coverallsapp/github-action from e5e2507fa218d2031f39816cd7d078ebd1f1a6c6 to 3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 by @dependabot in #2356
- build(deps): bump golang from
cefea7f
to7b297d9
by @dependabot in #2353 - build(deps): bump k8s.io/apimachinery from 0.29.1 to 0.29.2 by @dependabot in #2354
- build(deps): bump github.com/go-critic/go-critic from 0.11.0 to 0.11.1 in /tools by @dependabot in #2361
- build(deps): bump github/codeql-action from 3.24.1 to 3.24.3 by @dependabot in #2359
- Add coveralls badge, reduce debugging spew by @evankanderson in #2357
- build(deps): bump github.com/golangci/golangci-lint from 1.56.1 to 1.56.2 in /tools by @dependabot in #2360
- build(deps): bump github.com/daixiang0/gci from 0.12.1 to 0.12.3 in /tools by @dependabot in #2362
- build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.2 by @dependabot in #2355
- Add test coverage for
internal/util/statuses
by @JAORMX in #2364 - Add test coverage for
internal/util/rest
by @JAORMX in #2363 - Remove unused functions from
internal/util/rand
by @JAORMX in #2366 - Remove
internal/smoke
package by @JAORMX in #2367 - Use latest golangci-lint in CI by @JAORMX in #2365
- Drop the artifact_versions table by @jhrozek in #2372
- Auto-generated DB schema update - 2024-02-19 13:19:33 by @github-actions in #2374
- tweak test coverage behaviour by @dmjb in #2373
- Add test coverage for
internal/eea
FlushAll
by @JAORMX in #2375 - Allow golangci-lint to comment on PRs by @JAORMX in #2378
- Elevate the permissions on the linting job in main.yml by @rdimitrov in #2379
- When the
context
of a request is nil, return InvalidArgument/400 by @dmjb in #2377 - Fix linting permissions for pr.yml and tags.yml workflows by @rdimitrov in #2380
- build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.19 to 2.0.20 by @dependabot in #2382
- Add more coverage to
internal/eea
package by @JAORMX in #2383 - Deprecate the Trusty options from the protobuf by @rdimitrov in #2381
- Handle rate limiting errors for GitHub API by @Vyom-Yadav in #2271
- Deduplicate configuration reading from viper instance by @JAORMX in #2384
- Fix infinite wait for ratecache using non blocking Close() func by @Vyom-Yadav in #2385
- Change the yarn serve port for docs to 3001 by @jhrozek in #2387
- Update artifact provenance documentation by @jhrozek in #2389
- Clean up some JWT code by @evankanderson in #2390
- Revert proto changes from #2381, as they invalidated JSON stored in the Minder database by @evankanderson in #2395
- build(deps): bump github.com/styrainc/regal from 0.16.0 to 0.17.0 by @dependabot in #2398
- build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 by @dependabot in #2397
- Mischief managed, return buf breaking checks to normal. by @evankanderson in #2396
- Standard PR template for Minder and a workflow check by @teodor-yanev in #2399
- Stacklokbot shouldn't run the PR validate workflow by @teodor-yanev in #2401
- add new type of PR for refactoring by @dmjb in #2403
- Replace unpinned actions with pinned action by @stacklokbot in #2400
- Replace unpinned actions with pinned action by @stacklokbot in #2406
- update: stacklokbot without [bot] by @teodor-yanev in #2405
- build(deps): bump github/codeql-action from 3.24.3 to 3.24.4 by @dependabot in #2408
- build(deps): bump actions/github-script from 5c56fde4671bc2d3592fb0f2c5b5bab9ddae03b1 to 60a0d83039c74a4aee543508d2ffcb1c3799cdea by @dependabot in #2407
- Fix TUF root init to bump to sigstore-go to v0.2.0 by @puerco in #2358
- Fix the PR check workflow to take into account the refactoring change type by @rdimitrov in #2410
- Refactor project structure: Move cursor file to utils package and migrate common config struct to common.go by @Vyom-Yadav in #2394
- move profile validation logic out of
controlplane
by @dmjb in #2402 - Updated Makefile to handle command failure within loops by @Vyom-Yadav in #2416
- Verify the signer identity upon evaluation by @rdimitrov in #2409
- Fix OSV support for Go to properly identify go.mod packages by @rdimitrov in #2417
- Upgrade repoID to int64, because that's the size from GitHub by @evankanderson in #2415
- build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.48.0 to 0.49.0 by @dependabot in #2425
- build(deps): bump github/codeql-action from 3.24.4 to 3.24.5 by @dependabot in #2420
- Hyperlink to trusty page for lower scored packages by @rdimitrov in #2419
- build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.48.0 to 0.49.0 by @dependabot in #2422
- build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.23.1 to 1.24.0 by @dependabot in #2423
- Bump helm-docs to v1.13.0 by @rdimitrov in #2427
- Fix trusty API URL by @rdimitrov in #2428
New Contributors
Full Changelog: v0.0.30...v0.0.31