dependabot[bot]
77c300d617
chore(deps): bump anchore/sbom-action from 0.16.1 to 0.17.0 ( #3044 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](95b086ac30...d94f46e13c
2024-07-16 06:58:07 -07:00
dependabot[bot]
37245a21cc
chore(deps): bump anchore/sbom-action from 0.16.0 to 0.16.1 ( #3023 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.16.0 to 0.16.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](e8d2a6937e...95b086ac30
2024-07-11 14:50:48 -04:00
dependabot[bot]
273e31e806
chore(deps): bump actions/checkout from 4.1.6 to 4.1.7 ( #2955 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.6 to 4.1.7.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a5ac7e51b4...692973e3d9
2024-06-13 12:28:04 -04:00
Alex Goodman
c43f4fb416
add signature verification to install.sh ( #2941 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-06-10 11:29:53 -04:00
dependabot[bot]
5eb1e7115f
chore(deps): bump docker/login-action from 3.1.0 to 3.2.0 ( #2909 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](e92390c5fb...0d4c9c5ea7
2024-05-28 09:57:32 -04:00
dependabot[bot]
ea50c6153d
--- ( #2889 )
...
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-23 09:26:12 -04:00
dependabot[bot]
2d318cffaa
chore(deps): bump actions/checkout from 4.1.5 to 4.1.6 ( #2879 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.5 to 4.1.6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](44c2b7a8a4...a5ac7e51b4
2024-05-20 13:46:57 -04:00
dependabot[bot]
c0635a77a9
chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 ( #2850 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.4 to 4.1.5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](0ad4b8fada...44c2b7a8a4
2024-05-07 12:05:33 -04:00
Alex Goodman
49e93646eb
Restore version file update on release ( #2844 )
...
* restore version file update on release
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* allow for shallower fetch depth
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-05-06 15:14:43 -04:00
dependabot[bot]
9901ea8fe9
chore(deps): bump anchore/sbom-action from 0.15.10 to 0.15.11 ( #2821 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.10 to 0.15.11.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](ab5d7b5f48...7ccf588e3c
2024-04-29 12:40:43 -04:00
dependabot[bot]
21b22555d2
chore(deps): bump actions/checkout from 4.1.3 to 4.1.4 ( #2809 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.3 to 4.1.4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](1d96c772d1...0ad4b8fada
2024-04-24 15:19:03 -04:00
dependabot[bot]
cf6f92f2c8
chore(deps): bump actions/checkout from 4.1.2 to 4.1.3 ( #2799 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.2 to 4.1.3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](9bb56186c3...1d96c772d1
2024-04-22 13:29:13 -04:00
dependabot[bot]
5a865d0d90
chore(deps): bump anchore/sbom-action from 0.15.9 to 0.15.10 ( #2737 )
2024-03-27 17:52:22 +00:00
Hung Nguyen
059cfd6730
update release token from readonly to write token ( #2735 )
...
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-26 09:06:55 -04:00
dependabot[bot]
8f7305ef78
chore(deps): bump fountainhead/action-wait-for-check from 1.1.0 to 1.2.0 ( #2717 )
...
Bumps [fountainhead/action-wait-for-check](https://github.com/fountainhead/action-wait-for-check ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/fountainhead/action-wait-for-check/releases )
- [Commits](297be350cf...5a908a2481
2024-03-21 12:15:30 -04:00
Hung Nguyen
3ac1cd7a9f
updating credentials to scoped permissions ( #2722 )
...
* updating credentials to scoped permissions
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
---------
Signed-off-by: Hung Nguyen <hung.tran.nguyen.585@gmail.com>
2024-03-20 17:35:07 -04:00
dependabot[bot]
1c8d29d577
chore(deps): bump docker/login-action from 3.0.0 to 3.1.0 ( #2714 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](343f7c4344...e92390c5fb
2024-03-14 11:16:16 -04:00
dependabot[bot]
2e2a9377ea
chore(deps): bump actions/checkout from 4.1.1 to 4.1.2 ( #2703 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](b4ffde65f4...9bb56186c3
2024-03-12 13:18:44 -04:00
dependabot[bot]
5e3fde04a5
chore(deps): bump anchore/sbom-action from 0.15.8 to 0.15.9 ( #2694 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.8 to 0.15.9.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](b6a39da807...9fece9e200
2024-03-06 14:24:56 -05:00
dependabot[bot]
4a98f9fbd3
chore(deps): bump anchore/sbom-action from 0.15.7 to 0.15.8 ( #2578 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.7 to 0.15.8.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](767b08fd88...b6a39da807
2024-02-01 10:26:47 -05:00
dependabot[bot]
e880e6dcd6
chore(deps): bump anchore/sbom-action from 0.15.6 to 0.15.7 ( #2568 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.6 to 0.15.7.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c6aed38a43...767b08fd88
2024-01-31 13:19:50 -05:00
Alex Goodman
6ae5b2904d
re-add cosign signing checksums file ( #2572 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-31 13:19:41 -05:00
dependabot[bot]
b113391638
chore(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 ( #2560 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.5 to 0.15.6.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](24b0d52385...c6aed38a43
2024-01-30 13:15:22 -05:00
dependabot[bot]
2e0149fd9e
chore(deps): bump 8398a7/action-slack from 3.15.1 to 3.16.2 ( #2557 )
...
Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack ) from 3.15.1 to 3.16.2.
- [Release notes](https://github.com/8398a7/action-slack/releases )
- [Commits](fbd6aa58ba...28ba43ae48
2024-01-29 12:32:30 -05:00
dependabot[bot]
8e39ca6dfc
chore(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 ( #2531 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.4 to 0.15.5.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](41f7a6c033...24b0d52385
2024-01-23 10:14:05 -05:00
dependabot[bot]
8845c938ce
chore(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 ( #2514 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.3 to 0.15.4.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c7f031d924...41f7a6c033
2024-01-19 09:28:37 -05:00
dependabot[bot]
aec53bc32d
chore(deps): bump anchore/sbom-action from 0.15.2 to 0.15.3 ( #2481 )
2024-01-10 16:19:02 +00:00
dependabot[bot]
3174a17efb
chore(deps): bump anchore/sbom-action from 0.15.1 to 0.15.2 ( #2464 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.1 to 0.15.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](5ecf649a41...719133684c
2024-01-05 11:26:27 -05:00
dependabot[bot]
23778de112
chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 ( #2392 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](fd74a6fb98...5ecf649a41
2023-12-05 09:48:40 -05:00
dependabot[bot]
1c582f0aa5
chore(deps): bump anchore/sbom-action from 0.14.3 to 0.15.0 ( #2344 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.3 to 0.15.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](78fc58e266...fd74a6fb98
2023-11-21 11:12:43 -05:00
Alex Goodman
7315f83f9d
Upgrade tool management ( #2188 )
...
* migrate to binny and taskfile
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update binny to not require github token
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* added support for automatically building snapshots
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* detect source changes for snapshot builds
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fail workflow explicitly when snapshot cache restoral fails
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* match snapshot restoral paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-25 09:08:43 -04:00
dependabot[bot]
6c7900f5b8
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 ( #2236 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
2023-10-18 09:54:26 -04:00
dependabot[bot]
351c683cb4
chore(deps): bump actions/checkout from 4.0.0 to 4.1.0 ( #2172 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](3df4ab11eb...8ade135a41
2023-09-26 07:49:13 -04:00
Alex Goodman
8314c0d2cb
Correcting behavior based on Syft release v0.91.0 run ( #2162 )
...
* dont show the title in the release notes
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* dont upload assets on the release pipeline
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump action-slack action to v3.15.1
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove custom go mod and build cache
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-09-20 20:18:44 +00:00
Alex Goodman
40899adb87
use annotated tags, update chronicle, fix cache keys ( #2154 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-09-20 10:11:44 -04:00
Christopher Angelo Phillips
094b41b301
chore: pin and update all workflow dependencies; add permission scopes ( #2138 )
...
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-09-15 14:18:42 -04:00
dependabot[bot]
c21b16d924
chore(deps): bump docker/login-action from 2 to 3 ( #2119 )
...
Bumps [docker/login-action](https://github.com/docker/login-action ) from 2 to 3.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](https://github.com/docker/login-action/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-13 10:34:19 -04:00
dlorenc
9f22ab6137
Bump the golang.org/x/exp dependency and fix a build breakage. ( #2088 )
...
* Bump the golang.org/x/exp dependency and fix a build breakage.
---------
Signed-off-by: Dan Lorenc <dlorenc@chainguard.dev>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Co-authored-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-09-07 14:55:52 -04:00
dependabot[bot]
1315cfd787
chore(deps): bump actions/checkout from 3 to 4 ( #2094 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-07 09:57:51 -04:00
Keith Zantow
34ace36a9e
chore: tweak some workflow text ( #1685 )
...
Signed-off-by: Keith Zantow <kzantow@gmail.com>
2023-03-21 11:08:49 -04:00
dependabot[bot]
ff34594284
chore(deps): bump actions/upload-artifact from 2 to 3 ( #1627 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 2 to 3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-27 14:17:29 -05:00
Alex Goodman
88c81d33ed
switch from trigger-release target to release target ( #1560 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-02-09 16:35:11 +00:00
Alex Goodman
8847ba5d0b
Add release trigger ( #1501 )
...
* add release trigger
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* deduplicate version and changelog calls + add gh checks
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add more chronicle verbosity, but not when triggering releases
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* bump chronicle version to get --version-file feature
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* update bootstrap tool workflow to include glow
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* add version prefix check on tags in release quality gate
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
---------
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-02-08 11:38:27 -05:00
Bradley Jones
cdac2245b5
feat: update golang to 1.19 ( #1526 )
...
* feat: update golang to 1.19
Signed-off-by: Bradley Jones <bradley.jones@anchore.com>
* chore: break out json schema drift check into separate script
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
* chore: update git index refresh
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
---------
Signed-off-by: Bradley Jones <bradley.jones@anchore.com>
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
2023-01-31 11:39:57 -05:00
Christopher Angelo Phillips
03971ace43
chore: use checkout v3 with new depth ( #1471 )
2023-01-17 21:26:39 +00:00
Christopher Angelo Phillips
07aee798b0
chore: use checkout v2 for tag depth ( #1470 )
2023-01-17 21:03:29 +00:00
Alex Goodman
05611c283d
bootstrap within composite action ( #1461 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2023-01-17 10:04:22 -05:00
Alex Goodman
e0acfa98c7
add s3 credentials to release ( #1309 )
...
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
Signed-off-by: Alex Goodman <alex.goodman@anchore.com>
2022-11-02 15:48:37 +00:00
Keith Zantow
35f0f2931e
chore: update goreleaser brew token ( #1306 )
2022-11-02 10:05:20 -04:00
Keith Zantow
ba57f3db51
chore: update github token permissions for goreleaser ( #1305 )
2022-11-01 16:28:37 +00:00
