Skip to content

v4.1.0

Compare
Choose a tag to compare
@github-actions github-actions released this 22 Feb 01:20
· 1654 commits to main since this release

Changelog

  • 33f80c9 Fix golangci-lint issues
  • 53bae3e feat: upgrade to ko v0.10.0
  • 1306b34 🌱 Bump ossf/scorecard-action from 1.0.3 to 1.0.4
  • 33a01f7 🐛 Add custom packaging workflow for Python
  • bba55d4 🌱 Parallelize builds
  • 1aff6db 🌱 Ignore docker builds
  • 674146c Make verbosity levels case insensitive (#1650)
  • db1d568 🌱 Remove building ko to speed up builds
  • e6f6c56 🌱 Bump github.com/onsi/ginkgo/v2 from 2.0.0 to 2.1.3
  • 4ebd8af 🌱 Bump github.com/onsi/ginkgo/v2 from 2.0.0 to 2.1.3 in /tools
  • ba503c3 ✨ githubrepo: Allow providing an already authenticated transport (#1644)
  • cda7a1b Add tests for graphQL costs (#1643)
  • de5224b Update e2e tests (#1641)
  • 2b206dc Remove Version field from LogMessage (#1640)
  • 3551134 🌱 Parallelize the builds
  • e7fd58d ✨ Check for secrets in pull_request_target (#1634)
  • e3637c9 🌱 Bump cloud.google.com/go/bigquery from 1.27.0 to 1.28.0
  • 1e488a8 Fix for repos which do not squash PR commits (#1637)
  • f3332ce Add validation for commit-based APIs (#1635)
  • eb0730a 🌱 Bump github.com/goreleaser/goreleaser in /tools (#1632)
  • 394789c README.md: Add OpenSSF Best Practices badge (#1629)
  • 2e3e505 Simplify DetailLogger interface (#1628)
  • 38be00c Reduce query cost by analysing lesser associatedPR (#1624)
  • 7de151c ✨ Check for secrets in workflows run on pull requests (#1615)
  • 9b921f0 🌱 Bump actions/setup-go from 2.1.5 to 2.2.0 (#1619)
  • 61e52d4 update workflow (#1617)
  • 368c105 🌱 Bump cloud.google.com/go/pubsub from 1.17.0 to 1.18.0 (#1616)
  • 6930c3a Add support for commit-based Scorecard (#1613)
  • 1c95237 Only run allowed checks in different modes (#1579)
  • eac2aec Add support for commit-based lookup to GitHub APIs (#1612)
  • 68bf172 🌱 Unit tests fileparser/listing
  • 30fc06e Fixed the formatting issue
  • aaf7a9f 🌱 Cache builds between runs
  • 049db38 🌱 Unit tests for dependency_update_tool
  • 8733080 checks/packaging.go: ignore workflows/<>/ files (#1591)
  • 95e7c03 Update the biweekly meeting times (#1603)
  • 80cc0dd 🌱 Unit tests checks/ci_tests_test.go
  • f84291d 🐛 Fix Dependabot check to accept .yaml file extension (#1601)
  • 5e1fd52 🌱 Tweaking codecov config
  • 35aad1d 🌱 Unit tests code-review for raw
  • 674f747 🌱 Unit tests for vulnerabilities raw package
  • 28bf341 📖 recommend nix-shell over nix-env
  • 634643e 🌱 Unit test for fileparser/listing
  • 88aa0e8 📖 Add make install to Environment Setup
  • 4581c36 Remove ListMergedPRs API (#1566)
  • 9037444 ✨ Raw data for code review check (#1505)
  • 7032b19 Ignore all files under testdata/ (#1594)
  • 0670b8b pkg/sarif.go: Add score in message (#1593)
  • 009aa85 🌱 Unit tests for Vulnerabilities
  • 05cedd7 🌱 Categorize the Makefile
  • 79b216c checks/security_policy_test.go: updated unit tests (#1590)
  • 24842de 📖 remove inaccurate claim about github rendering emoji
  • 86d8281 Do not parse non-dockerfile (#1583)
  • 2d0e538 Revert Committer.Name change (#1576)
  • e4eb6d2 🌱 Unit tests for security policy
  • 9d38be4 🌱 Bump ossf/scorecard-action from 1.0.2 to 1.0.3
  • cbbfebb ✨ Mention renovatebot's settings (#1575)
  • 3995d31 Refactor some code (#1567)
  • fae5ff3 🌱 Unit tests for fileparser
  • 58865e9 Only return PRs assicated with recent commits (#1562)
  • 53f21cb README: s/Justin/Stephen (#1565)
  • 6962fb4 Use committer name if login isn't available (#1558)
  • 29b14f8 Fix nil-ptr issue in e2e tests (#1561)
  • 70afae8 🌱 Remove dead code
  • 4c266d7 🌱 Unit test for dependency_update_tool
  • b4eec8e 🌱 Bump github.com/onsi/gomega from 1.18.0 to 1.18.1
  • a69e1d9 🌱 Add Dart and Flutter CI systems to CI tests check. (#1548)
  • 40a9d48 Link to responsible disclosure guidelines in Security-Policy remediation doc (#1545)
  • 17467c1 🌱 Unit tests for binary_artifact (#1512)
  • 15a204f 🌱 Bump github.com/goreleaser/goreleaser in /tools
  • 074ba5a 🌱 Bump github.com/onsi/ginkgo from 1.16.4 to 1.16.5 in /tools (#1541)
  • bd2171b 🌱 Bump github.com/golangci/golangci-lint from 1.42.1 to 1.44.0 in /tools (#1540)
  • 10a5c1a 🌱 Bump github.com/goreleaser/goreleaser in /tools
  • d2d9ff4 🌱 Bump golang.org/x/tools from 0.1.8 to 0.1.9
  • 3d5a08d 🌱 Included dependabot setting for tools
  • d50788f Add Slack channel badge (#1536)
  • 5f9fff3 ✨ Separate check from policies for the Vulnerabilities check (#1532)
  • 7a6eb28 Not considering an issue as having activity if closed recently (#1531)
  • 16c0d37 🌱 CODEOWNERS: Add Stephen Augustus (justaugustus) as maintainer (#1530)
  • e774015 🌱 Unit tests for Fuzzing
  • 41adfe7 ⚠️ log: Initial logr/logrusr implementation (#1516)
  • da116d3 🌱 Bump cloud.google.com/go/bigquery from 1.26.0 to 1.27.0
  • 19a73a4 🌱 Bump ossf/scorecard-action from 1.0.1 to 1.0.2
  • d4d81a0 🌱 Unit tests dependency_update_tool
  • b6cba86 🐛 Issue activity only counts if done by a maintainer (#1515)
  • 5b98576 🌱 Bump github.com/onsi/gomega from 1.17.0 to 1.18.0
  • 4122c79 🌱 Unit tests for binary artifacts
  • 8a64075 🌱 Fix the reflect.DeepEqual with google cmp
  • 66a91dd 🌱 Unit tests for branch protection raw
  • ab16cdb 🌱 Fix Vulns for containerd
  • 90a0689 🌱 Unit test for fileparser
  • 062e33b 📖 Dependabot config file link (#1498)
  • 0d76dea go.mod: Update github.com/google/go-containerregistry to v0.8.0 (#1506)
  • 13b78ab ⚠️ Create a dedicated logging package to encapsulate calls to zap (#1502)
  • f4e9dfd 🌱 Unit tests for binaryartifacts
  • 5777826 🌱 Bump github.com/google/go-cmp from 0.5.6 to 0.5.7
  • 026d98e 🌱 Included e2e coverage for codecov
  • c3589e8 📖 Updated codecov badge
  • 2dcdbcd 🌱 Track code coverage
  • 9973bde ✨ Unit tests for dependency update
  • 96ea22e Add and use compressed Scorecard logos (#1492)
  • fc87431 Add exemption to stale issue workflow (#1486)
  • b8e054b 🌱 Bump goreleaser/goreleaser-action from 2.8.0 to 2.8.1
  • 4837262 🌱 Bump ossf/scorecard-action from 1.0.0 to 1.0.1
  • 5d3f198 ✨ Unit test for SAST (#1482)

Thanks for all contributors!