Skip to content

v0.0.48
Compare
Choose a tag to compare
@rdimitrov rdimitrov released this 07 May 09:41
· 1185 commits to main since this release
v0.0.48
476d161
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Learn about vigilant mode.

What's Changed

  • Update index.md by @eryn-muetzel in #3117
  • Update README.md by @eryn-muetzel in #3118
  • Allow setting log level for mindev ruletype test by @jhrozek in #3119
  • build(deps): bump github.com/openfga/openfga from 1.5.1 to 1.5.3 by @dependabot in #3122
  • build(deps): bump k8s.io/client-go from 0.29.3 to 0.29.4 by @dependabot in #3121
  • Return 500 if Github AppName is empty when enrolling provider by @dmjb in #3124
  • build(deps): bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 by @dependabot in #3127
  • build(deps): bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #3128
  • build(deps): bump k8s.io/apimachinery from 0.29.4 to 0.30.0 by @dependabot in #3126
  • Remove GitHub discussions from README by @eleftherias in #3129
  • build(deps): bump k8s.io/client-go from 0.29.4 to 0.30.0 by @dependabot in #3125
  • Implement CanImplement method for providers by @dmjb in #3115
  • Don't use SELECT * when joining profile tables by @jhrozek in #3130
  • Make provider class mandatory in DB by @dmjb in #3132
  • build(deps): bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in /tools by @dependabot in #3133
  • build(deps): bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible by @dependabot in #3134
  • build(deps): bump github.com/golang-migrate/migrate/v4 from 4.17.0 to 4.17.1 by @dependabot in #3136
  • Skip or error when trying to register an archived repository by @rdimitrov in #3135
  • Address review comments for labels filtering by @jhrozek in #3137
  • Implement ProviderFactory and ProviderClassFactory by @dmjb in #3131
  • Use provider ID instead of name when sending events by @dmjb in #3093
  • Fix repo deletion by @jhrozek in #3140
  • build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #3141
  • Remove provider name from event wrapper by @dmjb in #3139
  • Allow full profile updates through the PATCH handler by @jhrozek in #2990
  • build(deps): bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #3147
  • build(deps): bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 by @dependabot in #3146
  • build(deps): bump clsx from 2.1.0 to 2.1.1 in /docs by @dependabot in #3144
  • Add reminder service with empty sendReminders logic by @Vyom-Yadav in #2638
  • build(deps): bump bufbuild/buf-setup-action from 1.30.1 to 1.31.0 by @dependabot in #3156
  • build(deps): bump github.com/styrainc/regal from 0.20.1 to 0.21.0 by @dependabot in #3157
  • build(deps): bump github.com/bufbuild/buf from 1.30.1 to 1.31.0 in /tools by @dependabot in #3158
  • Use go generate directives for mock generation by @dmjb in #3159
  • Bump sigstore-go to v0.3.0 and add local registry for tests by @puerco in #3154
  • Bump go base images to go 1.22.2 by @dmjb in #3161
  • build(deps): bump go.opentelemetry.io/otel/trace from 1.25.0 to 1.26.0 by @dependabot in #3170
  • build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #3172
  • build(deps): bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.1 by @dependabot in #3166
  • build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #3171
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.50.0 to 0.51.0 by @dependabot in #3169
  • Add ProviderManager, make provider deletion generic by @dmjb in #3162
  • Read the webhook secret from a file by @jhrozek in #3175
  • More descriptive error message when validating secrets with any of the fallback webhooks fails by @jhrozek in #3176
  • build(deps): bump react from 18.2.0 to 18.3.0 in /docs by @dependabot in #3179
  • build(deps): bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #3185
  • build(deps): bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 by @dependabot in #3186
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.50.0 to 0.51.0 by @dependabot in #3184
  • build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.25.0 to 1.26.0 by @dependabot in #3182
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.25.0 to 1.26.0 by @dependabot in #3183
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.47.0 to 0.48.0 by @dependabot in #3181
  • Initial implementation of IDP interface and Keycloak implementation by @evankanderson in #3155
  • Add Helm configuration for feature flags by @evankanderson in #3188
  • build(deps): bump anchore/sbom-action from 0.15.10 to 0.15.11 by @dependabot in #3197
  • build(deps): bump react from 18.3.0 to 18.3.1 in /docs by @dependabot in #3195
  • build(deps): bump github.com/open-feature/go-sdk-contrib/providers/go-feature-flag from 0.1.35 to 0.1.36 by @dependabot in #3192
  • build(deps): bump github.com/styrainc/regal from 0.21.0 to 0.21.3 by @dependabot in #3193
  • build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.15.0 to 1.16.0 by @dependabot in #3190
  • build(deps): bump react-dom from 18.2.0 to 18.3.1 in /docs by @dependabot in #3198
  • build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.1 by @dependabot in #3191
  • Add docs for using feature flags when developing Minder by @evankanderson in #3189
  • Use webhook secrets from files by @jhrozek in #3177
  • Fix webhook secret file names by @jhrozek in #3201
  • Delete docs/docs/how-to/using-minder-with-ghas.md by @meganbruce in #3204
  • build(deps): bump github.com/go-playground/validator/v10 from 10.19.0 to 10.20.0 by @dependabot in #3205
  • build(deps): bump github.com/openfga/cli from 0.3.0 to 0.3.1 in /tools by @dependabot in #3207
  • build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #3206
  • Refactor repo deletion to move db/provider logic behind interface by @dmjb in #3200
  • Warn about empty secret and skip the update in the webhook updater tool by @jhrozek in #3208
  • Use ProviderManager in webhook handler by @dmjb in #3202
  • Implement GitHubClientFactory by @dmjb in #3203
  • build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 in /tools by @dependabot in #3216
  • build(deps): bump styled-components from 6.1.8 to 6.1.9 in /docs by @dependabot in #3215
  • build(deps): bump github.com/openfga/go-sdk from 0.3.5 to 0.3.6 by @dependabot in #3218
  • build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 by @dependabot in #3217
  • Return verified attestation in verification results by @puerco in #3212
  • Fix bug handling images with slashes in ref by @puerco in #3211
  • Bug: Remove impossible condition by @puerco in #3213
  • Don't trim path from builder URI by @puerco in #3214
  • Pass RestClientCache as constructor param by @dmjb in #3222
  • Remove use of ProviderBuilder by repo handler by @dmjb in #3224
  • Make Project Create/Delete a service by @dmjb in #3227
  • Remove OpenFGA CVE ignore from .trivyignore file by @JAORMX in #3228
  • Remove last CVE from .trivyignore by @JAORMX in #3229
  • Refactor application wireup by @dmjb in #3230
  • build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3233
  • Use ProviderManager in reconciler by @dmjb in #3232
  • Allow empty provider in repo reconcile command by @eleftherias in #3231
  • Distinguish between score 0 and missing score in Trusty by @jhrozek in #3234
  • Artifact: Unify signer identity URIs by @puerco in #3238
  • build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.26.0 to 1.27.0 by @dependabot in #3240
  • build(deps): bump golang.org/x/term from 0.19.0 to 0.20.0 by @dependabot in #3241
  • build(deps): bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.0 in /tools by @dependabot in #3243
  • build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #3242
  • build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 by @dependabot in #3239
  • Bump docusaurus from 3.2.1 to 3.3.2 by @eleftherias in #3248
  • Add flag telling if repo from provider is already registered by @blkt in #3209
  • Surface bundle fetch error if gh client is not present by @JAORMX in #3249
  • Update CONTRIBUTING.md by @dussab in #3251
  • Parse correctly github uris, dont use cert ext uri by @puerco in #3250
  • Re-enable go CoverageRedesign by @prezha in #3252
  • Workaround: Remove MINDER_FLAGS_GO_FEATURE_FILE_PATH env variable from helm deployment by @JAORMX in #3260
  • build(deps): bump golang.org/x/tools from 0.20.0 to 0.21.0 in /tools by @dependabot in #3258
  • build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #3256
  • build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in #3253
  • build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #3255
  • build(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 in /tools by @dependabot in #3257
  • build(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 by @dependabot in #3254
  • Fix goreleaser dependencies. by @blkt in #3261

New Contributors

Full Changelog: v0.0.47...v0.0.48

Contributors

JAORMX, blkt, and 12 other contributors
Assets 23
Loading