📖 link to ossf/scorecard workflow instead of maintaining an example
#1352
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This way dependabot will keep the workflow updated for us, and we don't need to remember to update anything here. Signed-off-by: Spencer Schrock <sschrock@google.com>
spencerschrock
requested review from
naveensrinivasan,
raghavkaul and
laurentsimon
2 tasks
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1352 +/- ##
=======================================
Coverage 63.17% 63.17%
=======================================
Files 4 4
Lines 296 296
=======================================
Hits 187 187
Misses 94 94
Partials 15 15 |
laurentsimon
approved these changes
Mar 22, 2024
Closed
ianlewis
pushed a commit
to slsa-framework/slsa-github-generator
that referenced
this pull request
May 17, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | actions/checkout | action | digest | `b4ffde6` -> `a5ac7e5` | | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.1` -> `v4.1.6` | | [actions/download-artifact](https://togithub.com/actions/download-artifact) | action | patch | `v4.1.4` -> `v4.1.7` | | [actions/upload-artifact](https://togithub.com/actions/upload-artifact) | action | patch | `v4.3.1` -> `v4.3.3` | | [ianlewis/todo-issue-reopener](https://togithub.com/ianlewis/todo-issue-reopener) | action | patch | `v1.2.0` -> `v1.2.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.0` -> `v2.3.3` | | [sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer) | action | minor | `v3.4.0` -> `v3.5.0` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 ### [`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4) - Disable `extensions.worktreeConfig` when disabling `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [actions/checkout#1692 - Add dependabot config by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1688 - Bump the minor-actions-dependencies group with 2 updates by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1693 - Bump word-wrap from 1.2.3 to 1.2.5 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1643 ### [`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3) #### What's Changed - Update `actions/checkout` version in `update-main-version.yml` by [@​jww3](https://togithub.com/jww3) in [actions/checkout#1650 - Check git version before attempting to disable `sparse-checkout` by [@​jww3](https://togithub.com/jww3) in [actions/checkout#1656 - Add SSH user parameter by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1685 **Full Changelog**: actions/checkout@v4.1.2...v4.1.3 ### [`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2) - Fix: Disable sparse checkout whenever `sparse-checkout` option is not present [@​dscho](https://togithub.com/dscho) in [actions/checkout#1598 </details> <details> <summary>actions/download-artifact (actions/download-artifact)</summary> ### [`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7) #### What's Changed - Update [@​actions/artifact](https://togithub.com/actions/artifact) dependency by [@​bethanyj28](https://togithub.com/bethanyj28) in [actions/download-artifact#325 **Full Changelog**: actions/download-artifact@v4.1.6...v4.1.7 ### [`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6) #### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [actions/download-artifact#324 **Full Changelog**: actions/download-artifact@v4.1.5...v4.1.6 ### [`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5) #### What's Changed - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [actions/download-artifact#322 - Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact` to v2.1.5 **Full Changelog**: actions/download-artifact@v4.1.4...v4.1.5 </details> <details> <summary>actions/upload-artifact (actions/upload-artifact)</summary> ### [`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3) ##### What's Changed - updating `@actions/artifact` dependency to v2.1.6 by [@​eggyhead](https://togithub.com/eggyhead) in [actions/upload-artifact#565 **Full Changelog**: actions/upload-artifact@v4.3.2...v4.3.3 ### [`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2) #### What's Changed - Update release-new-action-version.yml by [@​konradpabjan](https://togithub.com/konradpabjan) in [actions/upload-artifact#516 - Minor fix to the migration readme by [@​andrewakim](https://togithub.com/andrewakim) in [actions/upload-artifact#523 - Update readme with v3/v2/v1 deprecation notice by [@​robherley](https://togithub.com/robherley) in [actions/upload-artifact#561 - updating `@actions/artifact` dependency to v2.1.5 and `@actions/core` to v1.0.1 by [@​eggyhead](https://togithub.com/eggyhead) in [actions/upload-artifact#562 #### New Contributors - [@​andrewakim](https://togithub.com/andrewakim) made their first contribution in [actions/upload-artifact#523 **Full Changelog**: actions/upload-artifact@v4.3.1...v4.3.2 </details> <details> <summary>ianlewis/todo-issue-reopener (ianlewis/todo-issue-reopener)</summary> ### [`v1.2.1`](https://togithub.com/ianlewis/todo-issue-reopener/releases/tag/v1.2.1) [Compare Source](https://togithub.com/ianlewis/todo-issue-reopener/compare/v1.2.0...v1.2.1) ##### Fixed in 1.2.1 - Fixed the "error updating to TUF remote mirror: invalid key" error ([#​688](https://togithub.com/ianlewis/todo-issue-reopener/issues/688)). #### All changes - fix: Update slsa-verifier version by [@​ianlewis](https://togithub.com/ianlewis) in [ianlewis/todo-issue-reopener#689 - chore(deps): Bump github/codeql-action from 3.23.2 to 3.25.5 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#711 - chore(deps): Bump codecov/codecov-action from 4.0.1 to 4.4.0 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#705 - chore(deps): Bump actions/upload-artifact from 4.3.0 to 4.3.3 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#670 - chore(deps-dev): Bump [@​types/jest](https://togithub.com/types/jest) from 29.5.11 to 29.5.12 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#664 - chore(deps): Bump actions/setup-node from 4.0.1 to 4.0.2 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#605 - chore(deps): Bump yamllint from 1.33.0 to 1.35.1 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#598 - chore(deps-dev): Bump eslint-plugin-github from 4.9.1 to 4.10.2 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#592 - chore(deps): Bump thehanimo/pr-title-checker from 1.4.1 to 1.4.2 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#604 - chore(deps): Bump yaml from 2.3.4 to 2.4.2 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#727 - chore(deps-dev): Bump [@​vercel/ncc](https://togithub.com/vercel/ncc) from 0.36.1 to 0.38.1 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#635 - chore(deps-dev): Bump eslint from 8.56.0 to 8.57.0 by [@​dependabot](https://togithub.com/dependabot) in [ianlewis/todo-issue-reopener#634 - chore(release): v1.2.1 by [@​ianlewis](https://togithub.com/ianlewis) in [ianlewis/todo-issue-reopener#833 **Full Changelog**: ianlewis/todo-issue-reopener@v1.2.0...v1.2.1 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) ### [`v2.3.1`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.1) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.0...v2.3.1) #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1282 - Adds additional Fuzzing detection and fixes a SAST bug related to detecting CodeQL. For a full changelist of what this includes, see the [v4.13.1](https://togithub.com/ossf/scorecard/releases/tag/v4.13.1) release notes **Full Changelog**: ossf/scorecard-action@v2.3.0...v2.3.1 </details> <details> <summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary> ### [`v3.5.0`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.5.0) [Compare Source](https://togithub.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0) #### What's Changed - Bump actions/checkout from 4.1.1 to 4.1.2 by [@​dependabot](https://togithub.com/dependabot) in [sigstore/cosign-installer#157 - use go 1.22 now by [@​bobcallaway](https://togithub.com/bobcallaway) in [sigstore/cosign-installer#160 - bump default version to v2.2.4, prep for v3.5.0 release by [@​bobcallaway](https://togithub.com/bobcallaway) in [sigstore/cosign-installer#159 **Full Changelog**: sigstore/cosign-installer@v3.4.0...v3.5.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/slsa-framework/slsa-github-generator). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjMuNSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Signed-off-by: Mend Renovate <bot@renovateapp.com>
Darkflame72
pushed a commit
to Tuhura-Tech/wiki
that referenced
this pull request
May 19, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/Tuhura-Tech/wiki). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
pushed a commit
to defenseunicorns/maru-runner
that referenced
this pull request
May 22, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://togithub.com/actions/create-github-app-token) | action | minor | `v1.9.0` -> `v1.10.0` | | [actions/setup-go](https://togithub.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [anchore/sbom-action](https://togithub.com/anchore/sbom-action) | action | minor | `v0.15.11` -> `v0.16.0` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.32.5` -> `v0.33.2` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.10.0`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.0) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0) ##### Features - **`private-key`:** escaped newlines will be replaced ([#​132](https://togithub.com/actions/create-github-app-token/issues/132)) ([9d23fb9](https://togithub.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f)) ### [`v1.9.3`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.3) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3) ##### Bug Fixes - **deps:** bump undici from 6.10.2 to 6.11.1 ([#​125](https://togithub.com/actions/create-github-app-token/issues/125)) ([3c223c7](https://togithub.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)), closes [#​3024](https://togithub.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](https://togithub.com/nodejs/undici/issues/3044) [#​3023](https://togithub.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](https://togithub.com/nodejs/undici/issues/3025) [nodejs/undici#3024](https://togithub.com/nodejs/undici/issues/3024) [nodejs/undici#3034](https://togithub.com/nodejs/undici/issues/3034) [nodejs/undici#3038](https://togithub.com/nodejs/undici/issues/3038) [nodejs/undici#2947](https://togithub.com/nodejs/undici/issues/2947) [nodejs/undici#3040](https://togithub.com/nodejs/undici/issues/3040) [nodejs/undici#3036](https://togithub.com/nodejs/undici/issues/3036) [nodejs/undici#3041](https://togithub.com/nodejs/undici/issues/3041) [#​3024](https://togithub.com/actions/create-github-app-token/issues/3024) [#​3041](https://togithub.com/actions/create-github-app-token/issues/3041) [#​3036](https://togithub.com/actions/create-github-app-token/issues/3036) ### [`v1.9.2`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.2) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2) ##### Bug Fixes - **deps:** bump the production-dependencies group with 1 update ([#​123](https://togithub.com/actions/create-github-app-token/issues/123)) ([beea7b8](https://togithub.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)), closes [nodejs/undici#2978](https://togithub.com/nodejs/undici/issues/2978) [nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980) [#​2982](https://togithub.com/actions/create-github-app-token/issues/2982) [nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991) [#​2986](https://togithub.com/actions/create-github-app-token/issues/2986) [nodejs/undici#2992](https://togithub.com/nodejs/undici/issues/2992) [nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985) [nodejs/undici#2993](https://togithub.com/nodejs/undici/issues/2993) [nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995) [nodejs/undici#2998](https://togithub.com/nodejs/undici/issues/2998) [#​2863](https://togithub.com/actions/create-github-app-token/issues/2863) [nodejs/undici#2999](https://togithub.com/nodejs/undici/issues/2999) [nodejs/undici#3001](https://togithub.com/nodejs/undici/issues/3001) [nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980) [nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991) [nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985) [nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995) [nodejs/undici#2960](https://togithub.com/nodejs/undici/issues/2960) [nodejs/undici#2959](https://togithub.com/nodejs/undici/issues/2959) [nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962) [nodejs/undici#2974](https://togithub.com/nodejs/undici/issues/2974) [nodejs/undici#2967](https://togithub.com/nodejs/undici/issues/2967) [nodejs/undici#2966](https://togithub.com/nodejs/undici/issues/2966) [nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962) [nodejs/undici#2826](https://togithub.com/nodejs/undici/issues/2826) [nodejs/undici#2952](https://togithub.com/nodejs/undici/issues/2952) [#​3001](https://togithub.com/actions/create-github-app-token/issues/3001) [#​2863](https://togithub.com/actions/create-github-app-token/issues/2863) [#​2999](https://togithub.com/actions/create-github-app-token/issues/2999) [#​2998](https://togithub.com/actions/create-github-app-token/issues/2998) [#​2993](https://togithub.com/actions/create-github-app-token/issues/2993) [#​2986](https://togithub.com/actions/create-github-app-token/issues/2986) [#​2992](https://togithub.com/actions/create-github-app-token/issues/2992) [#​2991](https://togithub.com/actions/create-github-app-token/issues/2991) [#​2987](https://togithub.com/actions/create-github-app-token/issues/2987) ### [`v1.9.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.1) [Compare Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1) ##### Bug Fixes - clarify `owner` input description ([#​118](https://togithub.com/actions/create-github-app-token/issues/118)) ([d9bc169](https://togithub.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f)) </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://togithub.com/dependabot) , [@​HarithaVattikuti](https://togithub.com/HarithaVattikuti) in [actions/setup-go#465 - Update documentation with latest V5 release notes by [@​ab](https://togithub.com/ab) in [actions/setup-go#459 - Update version documentation by [@​178inaba](https://togithub.com/178inaba) in [actions/setup-go#458 - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://togithub.com/chenrui333) in [actions/setup-go#449 #### New Contributors - [@​ab](https://togithub.com/ab) made their first contribution in [actions/setup-go#459 **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>anchore/sbom-action (anchore/sbom-action)</summary> ### [`v0.16.0`](https://togithub.com/anchore/sbom-action/releases/tag/v0.16.0): v0.16 [Compare Source](https://togithub.com/anchore/sbom-action/compare/v0.15.11...v0.16.0) #### Changes in v0.16.0 - Update Syft to v1.4.1 ([#​465](https://togithub.com/anchore/sbom-action/issues/465)) - Update GitHub artifact client ([#​463](https://togithub.com/anchore/sbom-action/issues/463)) \[[kzantow](https://togithub.com/kzantow)] </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2463 - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2462 - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2466 - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2424 - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2476 - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/zarf#2475 - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2473 - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2456 - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2478 - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2474 - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [defenseunicorns/zarf#2480 - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2481 - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2483 - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2482 ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [defenseunicorns/zarf#2462 - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [defenseunicorns/zarf#2473 - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [defenseunicorns/zarf#2480 **Full Changelog**: defenseunicorns/zarf@v0.33.1...v0.33.2 ### [`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2432 - ci: pin third-party gh actions by hash by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2433 - docs: add redirect for examples by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2438 - docs: update contributing and pre-commit by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2439 - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2436 - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2415 - fix: readme dead links by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2442 - fix: differential package create with non local sources by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2444 - refactor: move variables into separate package by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2414 - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2449 - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2450 - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2431 - feat: config to enable resilient registry by [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) in [defenseunicorns/zarf#2440 - docs: init package clarity and cleanup by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2447 - ci: compare cves to main by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2448 - test: unpin version in bigbang extension test by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2459 - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2458 - fix: error on create if an index sha is used by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2429 #### New Contributors - [@​Michael-Kruggel](https://togithub.com/Michael-Kruggel) made their first contribution in [defenseunicorns/zarf#2440 **Full Changelog**: defenseunicorns/zarf@v0.33.0...v0.33.1 ### [`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) #### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2399 - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2402 - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2366 - feat(tools): add yq by [@​zachariahmiller](https://togithub.com/zachariahmiller) in [defenseunicorns/zarf#2406 - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2404 - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2411 - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2418 - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://togithub.com/bburky) in [defenseunicorns/zarf#2416 - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2409 - feat: add option to skip cosign lookup during find images by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/zarf#2427 - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [defenseunicorns/zarf#2403 - chore: update pull_request_template.md by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2428 - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2430 - feat(docs): port docs to starlight by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2315 #### New Contributors - [@​zachariahmiller](https://togithub.com/zachariahmiller) made their first contribution in [defenseunicorns/zarf#2406 - [@​bburky](https://togithub.com/bburky) made their first contribution in [defenseunicorns/zarf#2416 **Full Changelog**: defenseunicorns/zarf@v0.32.6...v0.33.0 ### [`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) #### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://togithub.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://togithub.com/andrewg-xyz) in [#​2269](https://togithub.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://togithub.com/Noxsios) in [#​2380](https://togithub.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://togithub.com/Noxsios) in [#​2321](https://togithub.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2223](https://togithub.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://togithub.com/AbrohamLincoln) in [#​2381](https://togithub.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2386](https://togithub.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [#​2397](https://togithub.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://togithub.com/Noxsios) in [#​2398](https://togithub.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://togithub.com/Racer159) in [#​2379](https://togithub.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2361](https://togithub.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://togithub.com/lucasrod16) in [#​2391](https://togithub.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://togithub.com/Noxsios) in [#​2385](https://togithub.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: defenseunicorns/zarf@v0.32.5...v0.32.6 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@​crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@​kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@​crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@​caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/maru-runner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
pushed a commit
to defenseunicorns/uds-package-mattermost
that referenced
this pull request
May 22, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | patch | `v0.33.1` -> `v0.33.2` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | repository | patch | `v1.58.0` -> `v1.58.2` | | [google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action) | action | patch | `v4.1.0` -> `v4.1.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | | [python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema) | repository | patch | `0.28.2` -> `0.28.4` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.342.1` -> `37.374.3` | | [step-security/harden-runner](https://togithub.com/step-security/harden-runner) | action | minor | `v2.7.1` -> `v2.8.0` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2463 - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2462 - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2466 - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2424 - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2476 - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/zarf#2475 - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2473 - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2456 - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2478 - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2474 - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [defenseunicorns/zarf#2480 - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2481 - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2483 - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2482 ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [defenseunicorns/zarf#2462 - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [defenseunicorns/zarf#2473 - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [defenseunicorns/zarf#2480 **Full Changelog**: defenseunicorns/zarf@v0.33.1...v0.33.2 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>golangci/golangci-lint (golangci/golangci-lint)</summary> ### [`v1.58.2`](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) ### [`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) </details> <details> <summary>google-github-actions/release-please-action (google-github-actions/release-please-action)</summary> ### [`v4.1.1`](https://togithub.com/google-github-actions/release-please-action/releases/tag/v4.1.1) [Compare Source](https://togithub.com/google-github-actions/release-please-action/compare/v4.1.0...v4.1.1) ##### Bug Fixes - add deprecation warning to workflow run ([#​1](https://togithub.com/google-github-actions/release-please-action/issues/1)) ([edb78cf](https://togithub.com/google-github-actions/release-please-action/commit/edb78cf884d22d5d991d94144d031fce49cadbea)) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> <details> <summary>python-jsonschema/check-jsonschema (python-jsonschema/check-jsonschema)</summary> ### [`v0.28.4`](https://togithub.com/python-jsonschema/check-jsonschema/blob/HEAD/CHANGELOG.rst#0284) [Compare Source](https://togithub.com/python-jsonschema/check-jsonschema/compare/0.28.3...0.28.4) - Update vendored schemas: buildkite, github-workflows, gitlab-ci, renovate, taskfile, woodpecker-ci (2024-05-19) ### [`v0.28.3`](https://togithub.com/python-jsonschema/check-jsonschema/blob/HEAD/CHANGELOG.rst#0283) [Compare Source](https://togithub.com/python-jsonschema/check-jsonschema/compare/0.28.2...0.28.3) - Update vendored schemas: dependabot, github-workflows, gitlab-ci, renovate, woodpecker-ci (2024-05-05) - Update Cloud Build pre-commit hook to support JSON Cloud Build config. Thanks :user:`jrdnbradford`! (:pr:`427`) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.374.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.374.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.374.0...37.374.3) See https://github.com/renovatebot/renovate/releases/tag/37.374.3 for more changes ### [`v37.374.0`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.373.0...37.374.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.373.0...37.374.0) ### [`v37.373.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.373.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.371.1...37.373.0) See https://github.com/renovatebot/renovate/releases/tag/37.373.0 for more changes ### [`v37.371.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.371.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.371.0...37.371.1) See https://github.com/renovatebot/renovate/releases/tag/37.371.1 for more changes ### [`v37.371.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.371.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.10...37.371.0) See https://github.com/renovatebot/renovate/releases/tag/37.371.0 for more changes ### [`v37.368.10`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.10) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.9...37.368.10) See https://github.com/renovatebot/renovate/releases/tag/37.368.10 for more changes ### [`v37.368.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.8...37.368.9) See https://github.com/renovatebot/renovate/releases/tag/37.368.9 for more changes ### [`v37.368.8`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.8) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.7...37.368.8) See https://github.com/renovatebot/renovate/releases/tag/37.368.8 for more changes ### [`v37.368.7`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.7) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.6...37.368.7) See https://github.com/renovatebot/renovate/releases/tag/37.368.7 for more changes ### [`v37.368.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.5...37.368.6) See https://github.com/renovatebot/renovate/releases/tag/37.368.6 for more changes ### [`v37.368.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.4...37.368.5) See https://github.com/renovatebot/renovate/releases/tag/37.368.5 for more changes ### [`v37.368.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.3...37.368.4) See https://github.com/renovatebot/renovate/releases/tag/37.368.4 for more changes ### [`v37.368.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.2...37.368.3) See https://github.com/renovatebot/renovate/releases/tag/37.368.3 for more changes ### [`v37.368.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.0...37.368.2) See https://github.com/renovatebot/renovate/releases/tag/37.368.2 for more changes ### [`v37.368.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.366.1...37.368.0) See https://github.com/renovatebot/renovate/releases/tag/37.368.0 for more changes ### [`v37.366.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.366.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.9...37.366.1) See https://github.com/renovatebot/renovate/releases/tag/37.366.1 for more changes ### [`v37.363.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.6...37.363.9) See https://github.com/renovatebot/renovate/releases/tag/37.363.9 for more changes ### [`v37.363.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.4...37.363.6) See https://github.com/renovatebot/renovate/releases/tag/37.363.6 for more changes ### [`v37.363.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.3...37.363.4) See https://github.com/renovatebot/renovate/releases/tag/37.363.4 for more changes ### [`v37.363.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.1...37.363.3) See https://github.com/renovatebot/renovate/releases/tag/37.363.3 for more changes ### [`v37.363.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.359.0...37.363.1) See https://github.com/renovatebot/renovate/releases/tag/37.363.1 for more changes ### [`v37.359.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.359.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.2...37.359.0) See https://github.com/renovatebot/renovate/releases/tag/37.359.0 for more changes ### [`v37.358.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.1...37.358.2) See https://github.com/renovatebot/renovate/releases/tag/37.358.2 for more changes ### [`v37.358.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.0...37.358.1) See https://github.com/renovatebot/renovate/releases/tag/37.358.1 for more changes ### [`v37.358.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.356.1...37.358.0) See https://github.com/renovatebot/renovate/releases/tag/37.358.0 for more changes ### [`v37.356.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.356.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.356.0...37.356.1) See https://github.com/renovatebot/renovate/releases/tag/37.356.1 for more changes ### [`v37.356.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.356.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.355.1...37.356.0) See https://github.com/renovatebot/renovate/releases/tag/37.356.0 for more changes ### [`v37.355.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.355.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.6...37.355.1) See https://github.com/renovatebot/renovate/releases/tag/37.355.1 for more changes ### [`v37.354.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.5...37.354.6) See https://github.com/renovatebot/renovate/releases/tag/37.354.6 for more changes ### [`v37.354.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.4...37.354.5) See https://github.com/renovatebot/renovate/releases/tag/37.354.5 for more changes ### [`v37.354.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.3...37.354.4) See https://github.com/renovatebot/renovate/releases/tag/37.354.4 for more changes ### [`v37.354.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.2...37.354.3) See https://github.com/renovatebot/renovate/releases/tag/37.354.3 for more changes ### [`v37.354.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.1...37.354.2) See https://github.com/renovatebot/renovate/releases/tag/37.354.2 for more changes ### [`v37.354.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.1...37.354.1) See https://github.com/renovatebot/renovate/releases/tag/37.354.1 for more changes ### [`v37.353.1`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) ### [`v37.353.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.353.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.352.0...37.353.0) See https://github.com/renovatebot/renovate/releases/tag/37.353.0 for more changes ### [`v37.352.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.352.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.4...37.352.0) See https://github.com/renovatebot/renovate/releases/tag/37.352.0 for more changes ### [`v37.351.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.2...37.351.4) See https://github.com/renovatebot/renovate/releases/tag/37.351.4 for more changes ### [`v37.351.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.1...37.351.2) See https://github.com/renovatebot/renovate/releases/tag/37.351.2 for more changes ### [`v37.351.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.0...37.351.1) See https://github.com/renovatebot/renovate/releases/tag/37.351.1 for more changes ### [`v37.351.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.3...37.351.0) See https://github.com/renovatebot/renovate/releases/tag/37.351.0 for more changes ### [`v37.349.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.2...37.349.3) See https://github.com/renovatebot/renovate/releases/tag/37.349.3 for more changes ### [`v37.349.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.0...37.349.2) See https://github.com/renovatebot/renovate/releases/tag/37.349.2 for more changes ### [`v37.349.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.2...37.349.0) See https://github.com/renovatebot/renovate/releases/tag/37.349.0 for more changes ### [`v37.347.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.0...37.347.2) See https://github.com/renovatebot/renovate/releases/tag/37.347.2 for more changes ### [`v37.347.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.345.0...37.347.0) See https://github.com/renovatebot/renovate/releases/tag/37.347.0 for more changes ### [`v37.345.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.345.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.344.0...37.345.0) See https://github.com/renovatebot/renovate/releases/tag/37.345.0 for more changes ### [`v37.344.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.344.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.342.1...37.344.0) See https://github.com/renovatebot/renovate/releases/tag/37.344.0 for more changes </details> <details> <summary>step-security/harden-runner (step-security/harden-runner)</summary> ### [`v2.8.0`](https://togithub.com/step-security/harden-runner/releases/tag/v2.8.0) [Compare Source](https://togithub.com/step-security/harden-runner/compare/v2.7.1...v2.8.0) #### What's Changed Release v2.8.0 by [@​h0x0er](https://togithub.com/h0x0er) and [@​varunsh-coder](https://togithub.com/varunsh-coder) in [step-security/harden-runner#416 This release includes: - File Monitoring Enhancements: Adds the capability to view the name and path of every file written during the build process. - Process Tracking Enhancements: Adds the capability to view process names and arguments of processes run during the build process. These enhancements are based on insights from the XZ Utils incident, aimed at improving observability and detections during the build process. **Full Changelog**: step-security/harden-runner@v2...v2.8.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Release-As: v9.8.0-uds.0
cuixq
added a commit
to google/osv-scanner
that referenced
this pull request
May 23, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [codecov/codecov-action](https://togithub.com/codecov/codecov-action) | action | minor | `v4.3.1` -> `v4.4.1` | | gaurav-nelson/github-action-markdown-link-check | action | digest | `25b2c43` -> `7d83e59` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>codecov/codecov-action (codecov/codecov-action)</summary> ### [`v4.4.1`](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.4.0...v4.4.1) ### [`v4.4.0`](https://togithub.com/codecov/codecov-action/releases/tag/v4.4.0) [Compare Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0) #### What's Changed - chore: Clarify isPullRequestFromFork by [@​jsoref](https://togithub.com/jsoref) in [codecov/codecov-action#1411 - build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by [@​dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1423 - build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by [@​dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1421 - build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by [@​dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1420 - feat: remove GPG and run on spawn by [@​thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1426 - build(deps-dev): bump [@​typescript-eslint/parser](https://togithub.com/typescript-eslint/parser) from 7.8.0 to 7.9.0 by [@​dependabot](https://togithub.com/dependabot) in [codecov/codecov-action#1428 - chore(release): 4.4.0 by [@​thomasrockhu-codecov](https://togithub.com/thomasrockhu-codecov) in [codecov/codecov-action#1430 **Full Changelog**: codecov/codecov-action@v4.3.1...v4.4.0 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@​crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@​kishaningithub](https://togithub.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@​crazy-max](https://togithub.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@​caarlos0](https://togithub.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@​actions/http-client](https://togithub.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://togithub.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@​vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 6am on monday" in timezone Australia/Sydney, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/google/osv-scanner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=--> Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
Racer159
pushed a commit
to defenseunicorns/uds-package-gitlab
that referenced
this pull request
May 24, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.4` -> `v4.1.6` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | patch | `v0.4.2` -> `v0.4.3` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | patch | `v0.4.2` -> `v0.4.3` | | [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | | minor | `v0.33.1` -> `v0.34.0` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint) | repository | minor | `v1.57.2` -> `v1.58.2` | | [google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action) | action | patch | `v4.1.0` -> `v4.1.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | | [python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema) | repository | patch | `0.28.2` -> `0.28.4` | | [renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks) | repository | minor | `37.338.0` -> `37.377.0` | Note: The `pre-commit` manager in Renovate is not supported by the `pre-commit` maintainers or community. Please do not report any problems there, instead [create a Discussion in the Renovate repository](https://togithub.com/renovatebot/renovate/discussions/new) if you have any questions. --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 ### [`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5) #### What's Changed - Update NPM dependencies by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1703 - Bump github/codeql-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1694 - Bump actions/setup-node from 1 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1696 - Bump actions/upload-artifact from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [actions/checkout#1695 - README: Suggest `user.email` to be `41898282+github-actions[bot]@​users.noreply.github.com` by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1707 **Full Changelog**: actions/checkout@v4.1.4...v4.1.5 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.3`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.3) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.2...v0.4.3) ##### Bug Fixes - update renovate config to use docker versioning for zarf images ([#​128](https://togithub.com/defenseunicorns/uds-common/issues/128)) ([c18e125](https://togithub.com/defenseunicorns/uds-common/commit/c18e12507384328bb53b81c096bc9827f96ba114)) ##### Miscellaneous - add an airgap note to UDS Package Practices (clarity is kindness) ([#​126](https://togithub.com/defenseunicorns/uds-common/issues/126)) ([b70e1fe](https://togithub.com/defenseunicorns/uds-common/commit/b70e1fe165a521a33789298a7e69aa6a59d54968)) - adjust UDS package practice formatting ([#​123](https://togithub.com/defenseunicorns/uds-common/issues/123)) ([f351d04](https://togithub.com/defenseunicorns/uds-common/commit/f351d04732a6e6e6fc2c62eff13f625a613effcc)) - **deps:** update uds common package dependencies to v6.6.3 ([#​132](https://togithub.com/defenseunicorns/uds-common/issues/132)) ([0ebdd1f](https://togithub.com/defenseunicorns/uds-common/commit/0ebdd1f5f2aa32720c88347027215305573bc716)) - **deps:** update uds common support dependencies ([#​125](https://togithub.com/defenseunicorns/uds-common/issues/125)) ([e014724](https://togithub.com/defenseunicorns/uds-common/commit/e01472454d2b3ef9665546fbb24c9980f090d238)) - **deps:** update uds common support dependencies to v0.22.0 ([#​133](https://togithub.com/defenseunicorns/uds-common/issues/133)) ([2cf903d](https://togithub.com/defenseunicorns/uds-common/commit/2cf903d41d0dbfda1baaa9629d1fa3c5d1a88110)) - initial package practices ([#​117](https://togithub.com/defenseunicorns/uds-common/issues/117)) ([d292b21](https://togithub.com/defenseunicorns/uds-common/commit/d292b216da73493743cd0a67b9763549c87c1819)) - update package practices with a bit more feedback ([#​129](https://togithub.com/defenseunicorns/uds-common/issues/129)) ([af34fc9](https://togithub.com/defenseunicorns/uds-common/commit/af34fc90104c57d11a08678186b8b2aeaaac135d)) </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.34.0`](https://togithub.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0) ### [`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2463 - docs: add contributor covenant code of conduct by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2462 - docs: fix casing on code of conduct badge by [@​salaxander](https://togithub.com/salaxander) in [defenseunicorns/zarf#2466 - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/zarf#2424 - fix: update docker media type in registry by [@​AustinAbro321](https://togithub.com/AustinAbro321) in [defenseunicorns/zarf#2476 - fix: adds GetVariableConfig function for packager by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/zarf#2475 - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2473 - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2456 - feat: inspect --list-images by [@​Noxsios](https://togithub.com/Noxsios) in [defenseunicorns/zarf#2478 - refactor: remove copies from components to a filter by [@​phillebaba](https://togithub.com/phillebaba) in [defenseunicorns/zarf#2474 - chore: add support.md by [@​schristoff](https://togithub.com/schristoff) in [defenseunicorns/zarf#2480 - chore: add a check for go mod tidy by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2481 - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2483 - fix: simplify go mod tidy check by [@​lucasrod16](https://togithub.com/lucasrod16) in [defenseunicorns/zarf#2482 ##### New Contributors - [@​salaxander](https://togithub.com/salaxander) made their first contribution in [defenseunicorns/zarf#2462 - [@​phillebaba](https://togithub.com/phillebaba) made their first contribution in [defenseunicorns/zarf#2473 - [@​schristoff](https://togithub.com/schristoff) made their first contribution in [defenseunicorns/zarf#2480 **Full Changelog**: defenseunicorns/zarf@v0.33.1...v0.33.2 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>golangci/golangci-lint (golangci/golangci-lint)</summary> ### [`v1.58.2`](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2) ### [`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1) ### [`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) [Compare Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0) </details> <details> <summary>google-github-actions/release-please-action (google-github-actions/release-please-action)</summary> ### [`v4.1.1`](https://togithub.com/google-github-actions/release-please-action/releases/tag/v4.1.1) [Compare Source](https://togithub.com/google-github-actions/release-please-action/compare/v4.1.0...v4.1.1) ##### Bug Fixes - add deprecation warning to workflow run ([#​1](https://togithub.com/google-github-actions/release-please-action/issues/1)) ([edb78cf](https://togithub.com/google-github-actions/release-please-action/commit/edb78cf884d22d5d991d94144d031fce49cadbea)) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> <details> <summary>python-jsonschema/check-jsonschema (python-jsonschema/check-jsonschema)</summary> ### [`v0.28.4`](https://togithub.com/python-jsonschema/check-jsonschema/blob/HEAD/CHANGELOG.rst#0284) [Compare Source](https://togithub.com/python-jsonschema/check-jsonschema/compare/0.28.3...0.28.4) - Update vendored schemas: buildkite, github-workflows, gitlab-ci, renovate, taskfile, woodpecker-ci (2024-05-19) ### [`v0.28.3`](https://togithub.com/python-jsonschema/check-jsonschema/blob/HEAD/CHANGELOG.rst#0283) [Compare Source](https://togithub.com/python-jsonschema/check-jsonschema/compare/0.28.2...0.28.3) - Update vendored schemas: dependabot, github-workflows, gitlab-ci, renovate, woodpecker-ci (2024-05-05) - Update Cloud Build pre-commit hook to support JSON Cloud Build config. Thanks :user:`jrdnbradford`! (:pr:`427`) </details> <details> <summary>renovatebot/pre-commit-hooks (renovatebot/pre-commit-hooks)</summary> ### [`v37.377.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.377.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.376.0...37.377.0) See https://github.com/renovatebot/renovate/releases/tag/37.377.0 for more changes ### [`v37.376.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.376.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.375.2...37.376.0) See https://github.com/renovatebot/renovate/releases/tag/37.376.0 for more changes ### [`v37.375.2`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.375.1...37.375.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.375.1...37.375.2) ### [`v37.375.1`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.375.0...37.375.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.375.0...37.375.1) ### [`v37.375.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.375.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.374.3...37.375.0) See https://github.com/renovatebot/renovate/releases/tag/37.375.0 for more changes ### [`v37.374.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.374.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.374.0...37.374.3) See https://github.com/renovatebot/renovate/releases/tag/37.374.3 for more changes ### [`v37.374.0`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.373.0...37.374.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.373.0...37.374.0) ### [`v37.373.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.373.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.371.1...37.373.0) See https://github.com/renovatebot/renovate/releases/tag/37.373.0 for more changes ### [`v37.371.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.371.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.371.0...37.371.1) See https://github.com/renovatebot/renovate/releases/tag/37.371.1 for more changes ### [`v37.371.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.371.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.10...37.371.0) See https://github.com/renovatebot/renovate/releases/tag/37.371.0 for more changes ### [`v37.368.10`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.10) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.9...37.368.10) See https://github.com/renovatebot/renovate/releases/tag/37.368.10 for more changes ### [`v37.368.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.8...37.368.9) See https://github.com/renovatebot/renovate/releases/tag/37.368.9 for more changes ### [`v37.368.8`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.8) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.7...37.368.8) See https://github.com/renovatebot/renovate/releases/tag/37.368.8 for more changes ### [`v37.368.7`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.7) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.6...37.368.7) See https://github.com/renovatebot/renovate/releases/tag/37.368.7 for more changes ### [`v37.368.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.5...37.368.6) See https://github.com/renovatebot/renovate/releases/tag/37.368.6 for more changes ### [`v37.368.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.4...37.368.5) See https://github.com/renovatebot/renovate/releases/tag/37.368.5 for more changes ### [`v37.368.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.3...37.368.4) See https://github.com/renovatebot/renovate/releases/tag/37.368.4 for more changes ### [`v37.368.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.2...37.368.3) See https://github.com/renovatebot/renovate/releases/tag/37.368.3 for more changes ### [`v37.368.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.368.0...37.368.2) See https://github.com/renovatebot/renovate/releases/tag/37.368.2 for more changes ### [`v37.368.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.368.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.366.1...37.368.0) See https://github.com/renovatebot/renovate/releases/tag/37.368.0 for more changes ### [`v37.366.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.366.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.9...37.366.1) See https://github.com/renovatebot/renovate/releases/tag/37.366.1 for more changes ### [`v37.363.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.6...37.363.9) See https://github.com/renovatebot/renovate/releases/tag/37.363.9 for more changes ### [`v37.363.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.4...37.363.6) See https://github.com/renovatebot/renovate/releases/tag/37.363.6 for more changes ### [`v37.363.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.3...37.363.4) See https://github.com/renovatebot/renovate/releases/tag/37.363.4 for more changes ### [`v37.363.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.363.1...37.363.3) See https://github.com/renovatebot/renovate/releases/tag/37.363.3 for more changes ### [`v37.363.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.363.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.359.0...37.363.1) See https://github.com/renovatebot/renovate/releases/tag/37.363.1 for more changes ### [`v37.359.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.359.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.2...37.359.0) See https://github.com/renovatebot/renovate/releases/tag/37.359.0 for more changes ### [`v37.358.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.1...37.358.2) See https://github.com/renovatebot/renovate/releases/tag/37.358.2 for more changes ### [`v37.358.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.358.0...37.358.1) See https://github.com/renovatebot/renovate/releases/tag/37.358.1 for more changes ### [`v37.358.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.358.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.356.1...37.358.0) See https://github.com/renovatebot/renovate/releases/tag/37.358.0 for more changes ### [`v37.356.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.356.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.356.0...37.356.1) See https://github.com/renovatebot/renovate/releases/tag/37.356.1 for more changes ### [`v37.356.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.356.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.355.1...37.356.0) See https://github.com/renovatebot/renovate/releases/tag/37.356.0 for more changes ### [`v37.355.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.355.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.6...37.355.1) See https://github.com/renovatebot/renovate/releases/tag/37.355.1 for more changes ### [`v37.354.6`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.6) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.5...37.354.6) See https://github.com/renovatebot/renovate/releases/tag/37.354.6 for more changes ### [`v37.354.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.4...37.354.5) See https://github.com/renovatebot/renovate/releases/tag/37.354.5 for more changes ### [`v37.354.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.3...37.354.4) See https://github.com/renovatebot/renovate/releases/tag/37.354.4 for more changes ### [`v37.354.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.2...37.354.3) See https://github.com/renovatebot/renovate/releases/tag/37.354.3 for more changes ### [`v37.354.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.354.1...37.354.2) See https://github.com/renovatebot/renovate/releases/tag/37.354.2 for more changes ### [`v37.354.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.354.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.1...37.354.1) See https://github.com/renovatebot/renovate/releases/tag/37.354.1 for more changes ### [`v37.353.1`](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.353.0...37.353.1) ### [`v37.353.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.353.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.352.0...37.353.0) See https://github.com/renovatebot/renovate/releases/tag/37.353.0 for more changes ### [`v37.352.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.352.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.4...37.352.0) See https://github.com/renovatebot/renovate/releases/tag/37.352.0 for more changes ### [`v37.351.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.2...37.351.4) See https://github.com/renovatebot/renovate/releases/tag/37.351.4 for more changes ### [`v37.351.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.1...37.351.2) See https://github.com/renovatebot/renovate/releases/tag/37.351.2 for more changes ### [`v37.351.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.351.0...37.351.1) See https://github.com/renovatebot/renovate/releases/tag/37.351.1 for more changes ### [`v37.351.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.351.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.3...37.351.0) See https://github.com/renovatebot/renovate/releases/tag/37.351.0 for more changes ### [`v37.349.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.3) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.2...37.349.3) See https://github.com/renovatebot/renovate/releases/tag/37.349.3 for more changes ### [`v37.349.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.349.0...37.349.2) See https://github.com/renovatebot/renovate/releases/tag/37.349.2 for more changes ### [`v37.349.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.349.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.2...37.349.0) See https://github.com/renovatebot/renovate/releases/tag/37.349.0 for more changes ### [`v37.347.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.2) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.347.0...37.347.2) See https://github.com/renovatebot/renovate/releases/tag/37.347.2 for more changes ### [`v37.347.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.347.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.345.0...37.347.0) See https://github.com/renovatebot/renovate/releases/tag/37.347.0 for more changes ### [`v37.345.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.345.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.344.0...37.345.0) See https://github.com/renovatebot/renovate/releases/tag/37.345.0 for more changes ### [`v37.344.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.344.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.342.1...37.344.0) See https://github.com/renovatebot/renovate/releases/tag/37.344.0 for more changes ### [`v37.342.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.342.1) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.341.0...37.342.1) See https://github.com/renovatebot/renovate/releases/tag/37.342.1 for more changes ### [`v37.341.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.341.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.10...37.341.0) See https://github.com/renovatebot/renovate/releases/tag/37.341.0 for more changes ### [`v37.340.10`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.10) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.9...37.340.10) See https://github.com/renovatebot/renovate/releases/tag/37.340.10 for more changes ### [`v37.340.9`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.9) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.8...37.340.9) See https://github.com/renovatebot/renovate/releases/tag/37.340.9 for more changes ### [`v37.340.8`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.8) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.5...37.340.8) See https://github.com/renovatebot/renovate/releases/tag/37.340.8 for more changes ### [`v37.340.5`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.5) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.4...37.340.5) See https://github.com/renovatebot/renovate/releases/tag/37.340.5 for more changes ### [`v37.340.4`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.4) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.340.0...37.340.4) See https://github.com/renovatebot/renovate/releases/tag/37.340.4 for more changes ### [`v37.340.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.340.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.339.0...37.340.0) See https://github.com/renovatebot/renovate/releases/tag/37.340.0 for more changes ### [`v37.339.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.339.0) [Compare Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.338.0...37.339.0) See https://github.com/renovatebot/renovate/releases/tag/37.339.0 for more changes </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-package-gitlab). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Racer159
added a commit
to defenseunicorns/uds-software-factory
that referenced
this pull request
May 30, 2024
](https://renovatebot.com){kind=link}
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://togithub.com/actions/checkout) | action | patch | `v4.1.5` -> `v4.1.6` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | | patch | `v0.4.2` -> `v0.4.4` | | [defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common) | action | patch | `v0.4.2` -> `v0.4.4` | | [defenseunicorns/uds-core](https://togithub.com/defenseunicorns/uds-core) | | minor | `0.21.1` -> `0.22.0` | | [docker/login-action](https://togithub.com/docker/login-action) | action | digest | `e92390c` -> `0d4c9c5` | | ghcr.io/defenseunicorns/packages/init | | minor | `v0.33.1` -> `v0.34.0` | | ghcr.io/defenseunicorns/packages/uds-k3d | | minor | `0.6.0` -> `0.7.0` | | ghcr.io/defenseunicorns/packages/uds/core | | minor | `0.21.1-upstream` -> `0.22.0-upstream` | | ghcr.io/defenseunicorns/packages/uds/gitlab | | major | `16.11.1-uds.1-upstream` -> `17.0.1-uds.1-upstream` | | ghcr.io/defenseunicorns/packages/uds/gitlab-runner | | major | `16.11.0-uds.0-upstream` -> `17.0.0-uds.0-upstream` | | ghcr.io/defenseunicorns/packages/uds/sonarqube | | patch | `9.9.2-uds.0-upstream` -> `9.9.5-uds.0-upstream` | | [github/codeql-action](https://togithub.com/github/codeql-action) | action | patch | `v3.25.4` -> `v3.25.6` | | [google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action) | action | patch | `v4.1.0` -> `v4.1.1` | | [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416) [Compare Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6) - Check platform to set archive extension appropriately by [@​cory-miller](https://togithub.com/cory-miller) in [actions/checkout#1732 </details> <details> <summary>defenseunicorns/uds-cli (defenseunicorns/uds-cli)</summary> ### [`v0.11.0`](https://togithub.com/defenseunicorns/uds-cli/releases/tag/v0.11.0) [Compare Source](https://togithub.com/defenseunicorns/uds-cli/compare/v0.10.4...v0.11.0) ##### What's Changed - chore(deps): update actions/upload-artifact action to v4.3.2 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#574 - fix(deps): update golang.org/x/exp digest to [`fe59bbe`](https://togithub.com/defenseunicorns/uds-cli/commit/fe59bbe) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#571 - chore(deps): update github/codeql-action action to v3.25.1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#570 - fix(deps): update module github.com/defenseunicorns/pkg/oci to v0.0.2 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#576 - fix: permit absolute paths for bundle create by [@​ZachGallagher](https://togithub.com/ZachGallagher) in [defenseunicorns/uds-cli#554 - fix: ensure we handle paths correctly in dev deploy by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#582 - chore(deps): update actions/download-artifact action to v4.1.7 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#573 - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1.1.1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#575 - chore(deps): update actions/checkout action to v4.1.4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#578 - chore(deps): update actions/upload-artifact action to v4.3.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#579 - chore(deps): update github/codeql-action action to v3.25.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#580 - chore(deps): update anchore/sbom-action action to v0.15.11 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#587 - chore: ensure vendored tools versions print out by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [defenseunicorns/uds-cli#586 - chore(deps): update actions/checkout action to v4.1.5 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#597 - chore(deps): update github/codeql-action action to v3.25.4 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#595 - fix(deps): update module golang.org/x/exp to v0.0.0-20240506185415-9bf2ced13842 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#593 - chore(deps): update actions/setup-go action to v5.0.1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#590 - chore: update contributing doc by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#598 - chore: swap Makefile for Maru by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#602 - chore(deps): update github/codeql-action action to v3.25.5 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#606 - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1.1.2 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#605 - chore(deps): update ossf/scorecard-action action to v2.3.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#601 - chore(deps): update goreleaser/goreleaser-action action to v5.1.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#604 - chore: bump Go version to 1.21.10 by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#609 - feat: remove q for canceling deploy by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#603 - chore: remove dead end code by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#611 - chore: test getArch by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [defenseunicorns/uds-cli#621 - chore(deps): update actions/checkout action to v4.1.6 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#619 - chore(deps): update homebrew/actions digest to [`677db44`](https://togithub.com/defenseunicorns/uds-cli/commit/677db44) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#620 - chore(deps): update github/codeql-action action to v3.25.6 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#625 - chore(deps): update anchore/sbom-action action to v0.16.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#623 - feat: allow helm overrides from valuesfile by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#594 - chore: removes bubbletea tui by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#626 - chore: update linting configuration by [@​TristanHoladay](https://togithub.com/TristanHoladay) in [defenseunicorns/uds-cli#627 - docs: dev deploy ADR by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#560 - fix(deps): update module helm.sh/helm/v3 to v3.15.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#612 - feat: strict bundle yaml validation by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#596 - feat: dev deploy remote bundles by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#629 - chore: update to de-zarfed Maru by [@​Racer159](https://togithub.com/Racer159) in [defenseunicorns/uds-cli#636 - fix(deps): update module helm.sh/helm/v3 to v3.15.1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#634 - chore(deps): update docker/login-action action to v3.2.0 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#640 - chore(deps): update homebrew/actions digest to [`a618804`](https://togithub.com/defenseunicorns/uds-cli/commit/a618804) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#632 - fix(deps): update golang.org/x/exp digest to [`4c93da0`](https://togithub.com/defenseunicorns/uds-cli/commit/4c93da0) by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#639 - chore(deps): update podinfo to v6.6.3 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#633 - chore(deps): update zarf to v0.33.1 by [@​renovate](https://togithub.com/renovate) in [defenseunicorns/uds-cli#585 - feat: remove unnecessary bundle layers and refactor verification by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#622 - feat: uds config validation by [@​decleaver](https://togithub.com/decleaver) in [defenseunicorns/uds-cli#618 - fix: ensures partial pkgs are correct and adds smoke test to workflows by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#643 - fix: typo in Zarf pkg name and refactor smoke test workflow by [@​UncleGedd](https://togithub.com/UncleGedd) in [defenseunicorns/uds-cli#644 **Full Changelog**: defenseunicorns/uds-cli@v0.10.4...v0.11.0 </details> <details> <summary>defenseunicorns/uds-common (defenseunicorns/uds-common)</summary> ### [`v0.4.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.4) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.3...v0.4.4) ##### Miscellaneous - pull debug / log actions from uds-core ([#​135](https://togithub.com/defenseunicorns/uds-common/issues/135)) ([b3c9928](https://togithub.com/defenseunicorns/uds-common/commit/b3c99286e4200c98a61d86484030f2be5ebb5c70)) ### [`v0.4.3`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.3) [Compare Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.4.2...v0.4.3) ##### Bug Fixes - update renovate config to use docker versioning for zarf images ([#​128](https://togithub.com/defenseunicorns/uds-common/issues/128)) ([c18e125](https://togithub.com/defenseunicorns/uds-common/commit/c18e12507384328bb53b81c096bc9827f96ba114)) ##### Miscellaneous - add an airgap note to UDS Package Practices (clarity is kindness) ([#​126](https://togithub.com/defenseunicorns/uds-common/issues/126)) ([b70e1fe](https://togithub.com/defenseunicorns/uds-common/commit/b70e1fe165a521a33789298a7e69aa6a59d54968)) - adjust UDS package practice formatting ([#​123](https://togithub.com/defenseunicorns/uds-common/issues/123)) ([f351d04](https://togithub.com/defenseunicorns/uds-common/commit/f351d04732a6e6e6fc2c62eff13f625a613effcc)) - **deps:** update uds common package dependencies to v6.6.3 ([#​132](https://togithub.com/defenseunicorns/uds-common/issues/132)) ([0ebdd1f](https://togithub.com/defenseunicorns/uds-common/commit/0ebdd1f5f2aa32720c88347027215305573bc716)) - **deps:** update uds common support dependencies ([#​125](https://togithub.com/defenseunicorns/uds-common/issues/125)) ([e014724](https://togithub.com/defenseunicorns/uds-common/commit/e01472454d2b3ef9665546fbb24c9980f090d238)) - **deps:** update uds common support dependencies to v0.22.0 ([#​133](https://togithub.com/defenseunicorns/uds-common/issues/133)) ([2cf903d](https://togithub.com/defenseunicorns/uds-common/commit/2cf903d41d0dbfda1baaa9629d1fa3c5d1a88110)) - initial package practices ([#​117](https://togithub.com/defenseunicorns/uds-common/issues/117)) ([d292b21](https://togithub.com/defenseunicorns/uds-common/commit/d292b216da73493743cd0a67b9763549c87c1819)) - update package practices with a bit more feedback ([#​129](https://togithub.com/defenseunicorns/uds-common/issues/129)) ([af34fc9](https://togithub.com/defenseunicorns/uds-common/commit/af34fc90104c57d11a08678186b8b2aeaaac135d)) </details> <details> <summary>defenseunicorns/uds-core (defenseunicorns/uds-core)</summary> ### [`v0.22.0`](https://togithub.com/defenseunicorns/uds-core/blob/HEAD/CHANGELOG.md#0220-2024-05-22) [Compare Source](https://togithub.com/defenseunicorns/uds-core/compare/v0.21.1...v0.22.0) ##### Features - add `expose` service entry for internal cluster traffic ([#​356](https://togithub.com/defenseunicorns/uds-core/issues/356)) ([1bde4cc](https://togithub.com/defenseunicorns/uds-core/commit/1bde4ccf302864b0c38d093742ca683b96cebe89)) - add reconciliation retries for CRs ([#​423](https://togithub.com/defenseunicorns/uds-core/issues/423)) ([424b57b](https://togithub.com/defenseunicorns/uds-core/commit/424b57ba91906e1c60e6e92927e37b34d657ad01)) - uds common renovate config ([#​391](https://togithub.com/defenseunicorns/uds-core/issues/391)) ([035786c](https://togithub.com/defenseunicorns/uds-core/commit/035786cadcd9c1fbaf7e0a798f9c13104a1a9a14)) - uds core docs ([#​414](https://togithub.com/defenseunicorns/uds-core/issues/414)) ([a35ca7b](https://togithub.com/defenseunicorns/uds-core/commit/a35ca7b484ab59572d8205a625db5447a8771e44)) ##### Bug Fixes - mismatched exemption/policy for DropAllCapabilities ([#​384](https://togithub.com/defenseunicorns/uds-core/issues/384)) ([d8ec278](https://togithub.com/defenseunicorns/uds-core/commit/d8ec27827e2e2e7d85b4eba6b738f4b126264dd9)) - pepr mutation annotation overwrite ([#​385](https://togithub.com/defenseunicorns/uds-core/issues/385)) ([6e56b2a](https://togithub.com/defenseunicorns/uds-core/commit/6e56b2afec8f54f8c0a4aa4b89fef1d1c754b627)) - renovate config grouping, test-infra ([#​411](https://togithub.com/defenseunicorns/uds-core/issues/411)) ([05fd407](https://togithub.com/defenseunicorns/uds-core/commit/05fd407e9c3bf6a0bac33de64e892ce2a63275ac)) - renovate pepr comment ([#​410](https://togithub.com/defenseunicorns/uds-core/issues/410)) ([a825388](https://togithub.com/defenseunicorns/uds-core/commit/a82538817765ad21adb5f6bba283951bf4c23272)) ##### Miscellaneous - **deps:** update keycloak ([#​390](https://togithub.com/defenseunicorns/uds-core/issues/390)) ([3e82c4e](https://togithub.com/defenseunicorns/uds-core/commit/3e82c4ece470a5eea81d937b2b38c455934212e1)) - **deps:** update keycloak to v24.0.4 ([#​397](https://togithub.com/defenseunicorns/uds-core/issues/397)) ([c0420ea](https://togithub.com/defenseunicorns/uds-core/commit/c0420ea750b3a7dfc8ea6adab5225f76178ef953)) - **deps:** update keycloak to v24.0.4 ([#​402](https://togithub.com/defenseunicorns/uds-core/issues/402)) ([e454576](https://togithub.com/defenseunicorns/uds-core/commit/e454576a6de53e833d6b925308f09d6007166dde)) - **deps:** update neuvector to v9.4 ([#​381](https://togithub.com/defenseunicorns/uds-core/issues/381)) ([20d4170](https://togithub.com/defenseunicorns/uds-core/commit/20d4170386d2437826abafc68d87d91dc457022a)) - **deps:** update pepr to 0.31.0 ([#​360](https://togithub.com/defenseunicorns/uds-core/issues/360)) ([fbd61ea](https://togithub.com/defenseunicorns/uds-core/commit/fbd61ea9665133619aec81726b189449226d8459)) - **deps:** update prometheus-stack ([#​348](https://togithub.com/defenseunicorns/uds-core/issues/348)) ([49cb11a](https://togithub.com/defenseunicorns/uds-core/commit/49cb11a058a9209cee7019fa552b8c0b2ef73368)) - **deps:** update prometheus-stack ([#​392](https://togithub.com/defenseunicorns/uds-core/issues/392)) ([2e656f5](https://togithub.com/defenseunicorns/uds-core/commit/2e656f5dc3de2e6561ac313cb1bae478635b86b3)) - **deps:** update uds to v0.10.4 ([#​228](https://togithub.com/defenseunicorns/uds-core/issues/228)) ([1750b23](https://togithub.com/defenseunicorns/uds-core/commit/1750b2304e3c6f0ce6a60f1ef2873ce8a6ce1502)) - **deps:** update uds-k3d to v0.6.0 ([#​398](https://togithub.com/defenseunicorns/uds-core/issues/398)) ([288f009](https://togithub.com/defenseunicorns/uds-core/commit/288f00990a715087c9bf1fffd0a63ecf33125a5a)) - **deps:** update velero ([#​350](https://togithub.com/defenseunicorns/uds-core/issues/350)) ([e7cb33e](https://togithub.com/defenseunicorns/uds-core/commit/e7cb33ea9a13ab9550aab45d8ee437a1ba595d38)) - **deps:** update zarf to v0.33.2 ([#​394](https://togithub.com/defenseunicorns/uds-core/issues/394)) ([201a37b](https://togithub.com/defenseunicorns/uds-core/commit/201a37b12277880058c14fc05b3c0d4aecbf31e0)) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5) </details> <details> <summary>google-github-actions/release-please-action (google-github-actions/release-please-action)</summary> ### [`v4.1.1`](https://togithub.com/google-github-actions/release-please-action/releases/tag/v4.1.1) [Compare Source](https://togithub.com/google-github-actions/release-please-action/compare/v4.1.0...v4.1.1) ##### Bug Fixes - add deprecation warning to workflow run ([#​1](https://togithub.com/google-github-actions/release-please-action/issues/1)) ([edb78cf](https://togithub.com/google-github-actions/release-please-action/commit/edb78cf884d22d5d991d94144d031fce49cadbea)) </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://togithub.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 7am and before 9am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/uds-software-factory). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM3Ny44IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJidW5kbGUtZGVwcyJdfQ==--> --------- Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Wayne Starr <me@racer159.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This way dependabot will keep the workflow updated for us, and we don't need to remember to update anything here.
Fixes ossf/scorecard#3968