Alex Goodman
fd3844853a
labeler should ignore latest version ( #2588 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-02 18:08:15 -05:00
Alex Goodman
3023a5a7bc
Detect ELF security features ( #2443 )
...
* add detection of ELF security features
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix linting
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update json schema with file executable data
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update expected fixure when no tty present
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* more detailed differ
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* use json differ
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* remove json schema addition
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* regenerate json schema
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix mimtype set ref
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-02-02 16:51:18 +00:00
dependabot[bot]
4a98f9fbd3
chore(deps): bump anchore/sbom-action from 0.15.7 to 0.15.8 ( #2578 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.7 to 0.15.8.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](767b08fd88...b6a39da807
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 10:26:47 -05:00
dependabot[bot]
db49c145f0
chore(deps): bump marocchino/sticky-pull-request-comment ( #2579 )
...
Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment ) from 2.8.0 to 2.9.0.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases )
- [Commits](efaaab3fd4...331f8f5b42
)
---
updated-dependencies:
- dependency-name: marocchino/sticky-pull-request-comment
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-01 10:26:37 -05:00
dependabot[bot]
43837f47f5
chore(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 ( #2567 )
...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request ) from 5.0.2 to 6.0.0.
- [Release notes](https://github.com/peter-evans/create-pull-request/releases )
- [Commits](153407881e...b1ddad2c99
)
---
updated-dependencies:
- dependency-name: peter-evans/create-pull-request
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 13:20:17 -05:00
dependabot[bot]
e880e6dcd6
chore(deps): bump anchore/sbom-action from 0.15.6 to 0.15.7 ( #2568 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.6 to 0.15.7.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c6aed38a43...767b08fd88
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-31 13:19:50 -05:00
Alex Goodman
6ae5b2904d
re-add cosign signing checksums file ( #2572 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-31 13:19:41 -05:00
dependabot[bot]
b113391638
chore(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 ( #2560 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.5 to 0.15.6.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](24b0d52385...c6aed38a43
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-30 13:15:22 -05:00
dependabot[bot]
2e0149fd9e
chore(deps): bump 8398a7/action-slack from 3.15.1 to 3.16.2 ( #2557 )
...
Bumps [8398a7/action-slack](https://github.com/8398a7/action-slack ) from 3.15.1 to 3.16.2.
- [Release notes](https://github.com/8398a7/action-slack/releases )
- [Commits](fbd6aa58ba...28ba43ae48
)
---
updated-dependencies:
- dependency-name: 8398a7/action-slack
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 12:32:30 -05:00
dependabot[bot]
87bbc507ee
chore(deps): bump github/codeql-action from 3.23.1 to 3.23.2 ( #2558 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.1 to 3.23.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0b21cf2492...b7bf0a3ed3
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-29 12:32:22 -05:00
Alex Goodman
e0e1c4ba0a
Internalize majority of cmd package ( #2533 )
...
* internalize majority of cmd package and migrate integration tests
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add internal api encoder
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* create internal representation of all formats
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* export capability to get default encoders
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* restore test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-24 13:29:51 -05:00
dependabot[bot]
ad2843bf50
chore(deps): bump actions/upload-artifact from 4.2.0 to 4.3.0 ( #2536 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](694cdabd8b...26f96dfa69
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-24 10:11:43 -05:00
dependabot[bot]
8e39ca6dfc
chore(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 ( #2531 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.4 to 0.15.5.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](41f7a6c033...24b0d52385
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-23 10:14:05 -05:00
dependabot[bot]
ec802dfc80
chore(deps): bump actions/upload-artifact from 4.1.0 to 4.2.0 ( #2513 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.1.0 to 4.2.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1eb3cb2b3e...694cdabd8b
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:31:12 -05:00
dependabot[bot]
8845c938ce
chore(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 ( #2514 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.3 to 0.15.4.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](c7f031d924...41f7a6c033
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-19 09:28:37 -05:00
dependabot[bot]
308dc6f9b8
chore(deps): bump github/codeql-action from 3.23.0 to 3.23.1 ( #2506 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.23.0 to 3.23.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](e5f05b81d5...0b21cf2492
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-18 09:45:04 -05:00
William Murphy
c816c73341
chore: enable automatic approval of dependabot PRs ( #2505 )
...
To reduce toil in this repo, enable dependabot PRs to be automatically
approved, but not merged. They are not automatically merged because if
the default GitHub token is used to automatically merge a PR, the
resulting commit will not trigger workflows on main. Rather than
generate a more potent token, just automatically review them, which
reduces toil by eliminating several clicks and page loads for
maintainers who are trying to merge dependabot PRs.
Signed-off-by: Will Murphy <will.murphy@anchore.com>
2024-01-18 08:35:23 -05:00
dependabot[bot]
0409eef615
chore(deps): bump actions/cache from 3.3.3 to 4.0.0 ( #2503 )
...
Bumps [actions/cache](https://github.com/actions/cache ) from 3.3.3 to 4.0.0.
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](e12d46a63a...13aacd865c
)
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-17 10:07:41 -05:00
dependabot[bot]
3de5e98db1
chore(deps): bump actions/upload-artifact from 4.0.0 to 4.1.0 ( #2495 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.0.0 to 4.1.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](c7d193f32e...1eb3cb2b3e
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 14:40:41 -05:00
dependabot[bot]
f9a862d268
chore(deps): bump actions/cache from 3.3.2 to 3.3.3 ( #2489 )
2024-01-12 13:52:50 +00:00
dependabot[bot]
aec53bc32d
chore(deps): bump anchore/sbom-action from 0.15.2 to 0.15.3 ( #2481 )
2024-01-10 16:19:02 +00:00
dependabot[bot]
1ca8ee2a8d
chore(deps): bump github/codeql-action from 3.22.12 to 3.23.0 ( #2477 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.22.12 to 3.23.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](012739e508...e5f05b81d5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-08 08:33:13 -05:00
Christopher Angelo Phillips
7182f5b519
Upgrade binary test fixtures management ( #2444 )
...
* test: strip fixtures of any execution permissions
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* chore: add lint check for large files
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* add helper script to capture binary snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* chore: update scripts and add new dir output for snippets
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update erlang test to new generated format
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update memcached to new generator pattern
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update openjdk to named version
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: move openjdk lts to versioned folder
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: rename unversioned java to versioned folders
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: migrate bash fixture to new snippet workflow
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update script to size 600 bytes
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update go classifier to new snippet workflow
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: move haproxy new new snippet
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: add flatter haproxy example
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: update tests to new pattern
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* test: final version of snippet script
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* [wip] download bin helpers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add manager for binary cataloger test fixtures
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add remaining binary cataloger patterns and snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* adjust gitignore to be more permissive to snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add rust darwin snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* skip tests that are missing full binaries
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* address PR feedback
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add tests for binary test fixture manager
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* highlight rows that do not have binaries or snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* bump fixture limit to 1K (found exceptions when adding snippets)
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* add redis and postgres snippets
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* improve formating of fixture listing
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2024-01-05 21:40:03 +00:00
dependabot[bot]
3174a17efb
chore(deps): bump anchore/sbom-action from 0.15.1 to 0.15.2 ( #2464 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.1 to 0.15.2.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](5ecf649a41...719133684c
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-05 11:26:27 -05:00
dependabot[bot]
51a1bad159
chore(deps): bump github/codeql-action from 3.22.11 to 3.22.12 ( #2455 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.22.11 to 3.22.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](b374143c11...012739e508
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-22 09:01:16 -05:00
dependabot[bot]
6030a69b17
chore(deps): bump actions/upload-artifact from 3.1.3 to 4.0.0 ( #2433 )
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 3.1.3 to 4.0.0.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](a8a3f3ad30...c7d193f32e
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-18 11:17:07 -05:00
dependabot[bot]
f5d5892434
chore(deps): bump github/codeql-action from 2.22.10 to 3.22.11 ( #2430 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.10 to 3.22.11.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](305f654631...b374143c11
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-14 12:40:39 -05:00
dependabot[bot]
2bcf825857
chore(deps): bump github/codeql-action from 2.22.9 to 2.22.10 ( #2426 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.9 to 2.22.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](c0d1daa7f7...305f654631
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-13 11:44:41 -05:00
dependabot[bot]
9cb7c3d350
chore(deps): bump dawidd6/action-homebrew-bump-formula ( #2420 )
...
Bumps [dawidd6/action-homebrew-bump-formula](https://github.com/dawidd6/action-homebrew-bump-formula ) from 3.10.0 to 3.10.1.
- [Release notes](https://github.com/dawidd6/action-homebrew-bump-formula/releases )
- [Commits](d3667e5ae1...75ed025ff3
)
---
updated-dependencies:
- dependency-name: dawidd6/action-homebrew-bump-formula
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-12 14:43:43 -05:00
dependabot[bot]
790ecc6f28
chore(deps): bump github/codeql-action from 2.22.8 to 2.22.9 ( #2400 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.8 to 2.22.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](407ffafae6...c0d1daa7f7
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-12 13:59:39 -05:00
dependabot[bot]
b345752f49
chore(deps): bump actions/setup-go from 4.1.0 to 5.0.0 ( #2401 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4.1.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](93397bea11...0c52d547c9
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-11 06:38:05 -05:00
dependabot[bot]
23778de112
chore(deps): bump anchore/sbom-action from 0.15.0 to 0.15.1 ( #2392 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.15.0 to 0.15.1.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](fd74a6fb98...5ecf649a41
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-05 09:48:40 -05:00
Alex Goodman
c379d21e9a
only remove breaking-change label when there are schema changes ( #2371 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-11-28 17:59:04 -05:00
dependabot[bot]
c08b0990ca
chore(deps): bump github/codeql-action from 2.22.7 to 2.22.8 ( #2351 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.7 to 2.22.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](66b90a5db1...407ffafae6
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-24 06:42:30 -05:00
dependabot[bot]
1c582f0aa5
chore(deps): bump anchore/sbom-action from 0.14.3 to 0.15.0 ( #2344 )
...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action ) from 0.14.3 to 0.15.0.
- [Release notes](https://github.com/anchore/sbom-action/releases )
- [Commits](78fc58e266...fd74a6fb98
)
---
updated-dependencies:
- dependency-name: anchore/sbom-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-21 11:12:43 -05:00
dependabot[bot]
c7eb3f4c93
chore(deps): bump github/codeql-action from 2.22.6 to 2.22.7 ( #2332 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.6 to 2.22.7.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](689fdc5193...66b90a5db1
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-16 09:22:23 -05:00
dependabot[bot]
43bdf6e1b2
chore(deps): bump github/codeql-action from 2.22.5 to 2.22.6 ( #2321 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.5 to 2.22.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](74483a38d3...689fdc5193
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-11-14 11:35:59 -05:00
Alex Goodman
b2f4d7eda2
Follow convention for naming catalogers ( #2277 )
...
* follow convention for naming catalogers
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fix cataloger name example
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-11-02 12:39:42 +00:00
dependabot[bot]
2428d704e1
chore(deps): bump github/codeql-action from 2.22.4 to 2.22.5 ( #2261 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.4 to 2.22.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](49abf0ba24...74483a38d3
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-27 09:54:23 -04:00
Alex Goodman
7315f83f9d
Upgrade tool management ( #2188 )
...
* migrate to binny and taskfile
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* update binny to not require github token
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* added support for automatically building snapshots
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* detect source changes for snapshot builds
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* fail workflow explicitly when snapshot cache restoral fails
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* match snapshot restoral paths
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-25 09:08:43 -04:00
Alex Goodman
c4b464e616
fix CPE workflow ( #2252 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-24 15:07:49 +00:00
dependabot[bot]
bdbf927847
chore(deps): bump github/codeql-action from 2.22.3 to 2.22.4 ( #2249 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.3 to 2.22.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0116bc2df5...49abf0ba24
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-23 10:41:54 -04:00
Alex Goodman
f3d95aa3a9
fill version info from release and git directly ( #2244 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-23 09:05:43 -04:00
Alex Goodman
263be01faa
change homebrew release trigger ( #2242 )
...
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-20 18:31:41 +00:00
Alex Goodman
8f6bdde666
Label PRs when the json schema changes ( #2240 )
...
* label PRs when the json schema changes
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* moderate pr comments
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
* be more strict about processing file names
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-20 13:00:15 -04:00
dependabot[bot]
6c7900f5b8
chore(deps): bump actions/checkout from 4.1.0 to 4.1.1 ( #2236 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8ade135a41...b4ffde65f4
)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-18 09:54:26 -04:00
dependabot[bot]
dcec2bc352
chore(deps): bump github/codeql-action from 2.22.2 to 2.22.3 ( #2229 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.2 to 2.22.3.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](d90b8d79de...0116bc2df5
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-16 08:59:39 -04:00
dependabot[bot]
538fe5ee1d
chore(deps): bump github/codeql-action from 2.22.1 to 2.22.2 ( #2224 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.1 to 2.22.2.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](fdcae64e14...d90b8d79de
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 11:10:45 -04:00
Christopher Angelo Phillips
d1120ad56e
chore: add automated homebrew action ( #2164 )
...
* chore: add automated homebrew action
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
* migrate homebrew publish step to separate post-release workflow
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---------
Signed-off-by: Christopher Phillips <christopher.phillips@anchore.com>
Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
Co-authored-by: Alex Goodman <wagoodman@users.noreply.github.com>
2023-10-11 09:52:22 -04:00
dependabot[bot]
68cf57ed03
chore(deps): bump github/codeql-action from 2.22.0 to 2.22.1 ( #2208 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.22.0 to 2.22.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](2cb752a87e...fdcae64e14
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-09 13:05:57 -04:00