v4.1.0
Changelog
- 33f80c9 Fix golangci-lint issues
- 53bae3e feat: upgrade to ko v0.10.0
- 1306b34 🌱 Bump ossf/scorecard-action from 1.0.3 to 1.0.4
- 33a01f7 🐛 Add custom packaging workflow for Python
- bba55d4 🌱 Parallelize builds
- 1aff6db 🌱 Ignore docker builds
- 674146c Make verbosity levels case insensitive (#1650)
- db1d568 🌱 Remove building ko to speed up builds
- e6f6c56 🌱 Bump github.com/onsi/ginkgo/v2 from 2.0.0 to 2.1.3
- 4ebd8af 🌱 Bump github.com/onsi/ginkgo/v2 from 2.0.0 to 2.1.3 in /tools
- ba503c3 ✨ githubrepo: Allow providing an already authenticated transport (#1644)
- cda7a1b Add tests for graphQL costs (#1643)
- de5224b Update e2e tests (#1641)
- 2b206dc Remove
Version
field from LogMessage (#1640) - 3551134 🌱 Parallelize the builds
- e7fd58d ✨ Check for secrets in pull_request_target (#1634)
- e3637c9 🌱 Bump cloud.google.com/go/bigquery from 1.27.0 to 1.28.0
- 1e488a8 Fix for repos which do not squash PR commits (#1637)
- f3332ce Add validation for commit-based APIs (#1635)
- eb0730a 🌱 Bump github.com/goreleaser/goreleaser in /tools (#1632)
- 394789c README.md: Add OpenSSF Best Practices badge (#1629)
- 2e3e505 Simplify DetailLogger interface (#1628)
- 38be00c Reduce query cost by analysing lesser associatedPR (#1624)
- 7de151c ✨ Check for secrets in workflows run on pull requests (#1615)
- 9b921f0 🌱 Bump actions/setup-go from 2.1.5 to 2.2.0 (#1619)
- 61e52d4 update workflow (#1617)
- 368c105 🌱 Bump cloud.google.com/go/pubsub from 1.17.0 to 1.18.0 (#1616)
- 6930c3a Add support for commit-based Scorecard (#1613)
- 1c95237 Only run allowed checks in different modes (#1579)
- eac2aec Add support for commit-based lookup to GitHub APIs (#1612)
- 68bf172 🌱 Unit tests fileparser/listing
- 30fc06e Fixed the formatting issue
- aaf7a9f 🌱 Cache builds between runs
- 049db38 🌱 Unit tests for dependency_update_tool
- 8733080 checks/packaging.go: ignore workflows/<>/ files (#1591)
- 95e7c03 Update the biweekly meeting times (#1603)
- 80cc0dd 🌱 Unit tests checks/ci_tests_test.go
- f84291d 🐛 Fix Dependabot check to accept .yaml file extension (#1601)
- 5e1fd52 🌱 Tweaking codecov config
- 35aad1d 🌱 Unit tests code-review for raw
- 674f747 🌱 Unit tests for vulnerabilities raw package
- 28bf341 📖 recommend
nix-shell
overnix-env
- 634643e 🌱 Unit test for fileparser/listing
- 88aa0e8 📖 Add make install to Environment Setup
- 4581c36 Remove ListMergedPRs API (#1566)
- 9037444 ✨ Raw data for code review check (#1505)
- 7032b19 Ignore all files under testdata/ (#1594)
- 0670b8b pkg/sarif.go: Add score in message (#1593)
- 009aa85 🌱 Unit tests for Vulnerabilities
- 05cedd7 🌱 Categorize the Makefile
- 79b216c checks/security_policy_test.go: updated unit tests (#1590)
- 24842de 📖 remove inaccurate claim about github rendering emoji
- 86d8281 Do not parse non-dockerfile (#1583)
- 2d0e538 Revert
Committer.Name
change (#1576) - e4eb6d2 🌱 Unit tests for security policy
- 9d38be4 🌱 Bump ossf/scorecard-action from 1.0.2 to 1.0.3
- cbbfebb ✨ Mention renovatebot's settings (#1575)
- 3995d31 Refactor some code (#1567)
- fae5ff3 🌱 Unit tests for fileparser
- 58865e9 Only return PRs assicated with recent commits (#1562)
- 53f21cb README: s/Justin/Stephen (#1565)
- 6962fb4 Use committer name if login isn't available (#1558)
- 29b14f8 Fix nil-ptr issue in e2e tests (#1561)
- 70afae8 🌱 Remove dead code
- 4c266d7 🌱 Unit test for dependency_update_tool
- b4eec8e 🌱 Bump github.com/onsi/gomega from 1.18.0 to 1.18.1
- a69e1d9 🌱 Add Dart and Flutter CI systems to CI tests check. (#1548)
- 40a9d48 Link to responsible disclosure guidelines in Security-Policy remediation doc (#1545)
- 17467c1 🌱 Unit tests for binary_artifact (#1512)
- 15a204f 🌱 Bump github.com/goreleaser/goreleaser in /tools
- 074ba5a 🌱 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 in /tools (#1541)
- bd2171b 🌱 Bump github.com/golangci/golangci-lint from 1.42.1 to 1.44.0 in /tools (#1540)
- 10a5c1a 🌱 Bump github.com/goreleaser/goreleaser in /tools
- d2d9ff4 🌱 Bump golang.org/x/tools from 0.1.8 to 0.1.9
- 3d5a08d 🌱 Included dependabot setting for tools
- d50788f Add Slack channel badge (#1536)
- 5f9fff3 ✨ Separate check from policies for the Vulnerabilities check (#1532)
- 7a6eb28 Not considering an issue as having activity if closed recently (#1531)
- 16c0d37 🌱 CODEOWNERS: Add Stephen Augustus (justaugustus) as maintainer (#1530)
- e774015 🌱 Unit tests for Fuzzing
- 41adfe7
⚠️ log: Initiallogr
/logrusr
implementation (#1516) - da116d3 🌱 Bump cloud.google.com/go/bigquery from 1.26.0 to 1.27.0
- 19a73a4 🌱 Bump ossf/scorecard-action from 1.0.1 to 1.0.2
- d4d81a0 🌱 Unit tests dependency_update_tool
- b6cba86 🐛 Issue activity only counts if done by a maintainer (#1515)
- 5b98576 🌱 Bump github.com/onsi/gomega from 1.17.0 to 1.18.0
- 4122c79 🌱 Unit tests for binary artifacts
- 8a64075 🌱 Fix the reflect.DeepEqual with google cmp
- 66a91dd 🌱 Unit tests for branch protection raw
- ab16cdb 🌱 Fix Vulns for containerd
- 90a0689 🌱 Unit test for fileparser
- 062e33b 📖 Dependabot config file link (#1498)
- 0d76dea go.mod: Update github.com/google/go-containerregistry to v0.8.0 (#1506)
- 13b78ab
⚠️ Create a dedicated logging package to encapsulate calls tozap
(#1502) - f4e9dfd 🌱 Unit tests for binaryartifacts
- 5777826 🌱 Bump github.com/google/go-cmp from 0.5.6 to 0.5.7
- 026d98e 🌱 Included e2e coverage for codecov
- c3589e8 📖 Updated codecov badge
- 2dcdbcd 🌱 Track code coverage
- 9973bde ✨ Unit tests for dependency update
- 96ea22e Add and use compressed Scorecard logos (#1492)
- fc87431 Add exemption to stale issue workflow (#1486)
- b8e054b 🌱 Bump goreleaser/goreleaser-action from 2.8.0 to 2.8.1
- 4837262 🌱 Bump ossf/scorecard-action from 1.0.0 to 1.0.1
- 5d3f198 ✨ Unit test for SAST (#1482)