From 0946c88ce3275267d1b2b580c7b5197cd05eb6a2 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Fri, 29 Mar 2024 17:04:51 -0600
Subject: [PATCH] chore(deps): update mattermost support dependencies (#43)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
major | `v3.6.0` -> `v4.1.1` |
|
[actions/dependency-review-action](https://togithub.com/actions/dependency-review-action)
| action | major | `v2.5.1` -> `v4.2.5` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | minor | `v4.0.0` -> `v4.3.1` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| | patch | `v0.3.3` -> `v0.3.9` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| action | patch | `v0.3.3` -> `v0.3.9` |
|
[defenseunicorns/uds-common-tasks](https://togithub.com/defenseunicorns/uds-common-tasks)
| | patch | `v0.3.3` -> `v0.3.9` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
minor | `v0.29.1` -> `v0.32.6` |
| [docker/login-action](https://togithub.com/docker/login-action) |
action | digest | `343f7c4` -> `e92390c` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.22.12` -> `v3.24.9` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | major | `v2.24.5` -> `v3.24.9` |
| [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| repository | minor | `v1.55.2` -> `v1.57.2` |
|
[google-github-actions/release-please-action](https://togithub.com/google-github-actions/release-please-action)
| action | minor | `v4.0.2` -> `v4.1.0` |
|
[python-jsonschema/check-jsonschema](https://togithub.com/python-jsonschema/check-jsonschema)
| repository | minor | `0.27.4` -> `0.28.0` |
|
[renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks)
| repository | minor | `37.165.5` -> `37.275.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
Note: The `pre-commit` manager in Renovate is not supported by the
`pre-commit` maintainers or community. Please do not report any problems
there, instead [create a Discussion in the Renovate
repository](https://togithub.com/renovatebot/renovate/discussions/new)
if you have any questions.
---
### Release Notes
actions/checkout (actions/checkout)
###
[`v4.1.1`](https://togithub.com/actions/checkout/releases/tag/v4.1.1)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.0...v4.1.1)
##### What's Changed
- Update CODEOWNERS to Launch team by
[@joshmgross](https://togithub.com/joshmgross) in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- Correct link to GitHub Docs by
[@peterbe](https://togithub.com/peterbe) in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
- Link to release page from what's new section by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1514](https://togithub.com/actions/checkout/pull/1514)
##### New Contributors
- [@joshmgross](https://togithub.com/joshmgross) made their first
contribution in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- [@peterbe](https://togithub.com/peterbe) made their first
contribution in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.0...v4.1.1
###
[`v4.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.0.0...v4.1.0)
- [Add support for partial checkout
filters](https://togithub.com/actions/checkout/pull/1396)
###
[`v4.0.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400)
[Compare
Source](https://togithub.com/actions/checkout/compare/v3.6.0...v4.0.0)
- [Support fetching without the --progress
option](https://togithub.com/actions/checkout/pull/1067)
- [Update to node20](https://togithub.com/actions/checkout/pull/1436)
actions/dependency-review-action
(actions/dependency-review-action)
###
[`v4.2.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.5):
4.2.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5)
#### What's Changed
- Fixed a bug where some configuration options in external files were
not being properly picked up --
[https://github.com/actions/dependency-review-action/pull/722](https://togithub.com/actions/dependency-review-action/pull/722)
- Bump eslint from 8.56.0 to 8.57.0
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5
###
[`v4.2.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.4)
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4)
#### What's Changed
Fixed a bug in the output of OpenSSF cards for GitHub Actions.
#### New Contributors
- [@sporkmonger](https://togithub.com/sporkmonger) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/721](https://togithub.com/actions/dependency-review-action/pull/721)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4
###
[`v4.2.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.2.3):
4.2.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3)
#### What's Changed
- Set comment as output by [@jsoref](https://togithub.com/jsoref)
in
[https://github.com/actions/dependency-review-action/pull/698](https://togithub.com/actions/dependency-review-action/pull/698)
- Add support for calculating OpenSSF Scorecards by
[@jhutchings1](https://togithub.com/jhutchings1) in
[https://github.com/actions/dependency-review-action/pull/709](https://togithub.com/actions/dependency-review-action/pull/709)
- Add outputs for the changes data by
[@laughedelic](https://togithub.com/laughedelic) in
[https://github.com/actions/dependency-review-action/pull/707](https://togithub.com/actions/dependency-review-action/pull/707)
#### New Contributors
- [@jhutchings1](https://togithub.com/jhutchings1) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/709](https://togithub.com/actions/dependency-review-action/pull/709)
- [@laughedelic](https://togithub.com/laughedelic) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/707](https://togithub.com/actions/dependency-review-action/pull/707)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3
###
[`v4.1.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.3):
4.1.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3)
Fixes a bug in 4.1.2 that would introduce comments in every pull
request, regardless of the user's configuration (see
[https://github.com/actions/dependency-review-action/issues/697](https://togithub.com/actions/dependency-review-action/issues/697)).
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3
###
[`v4.1.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.2):
4.1.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2)
#### What's Changed
- Expose dependency comment content by
[@jsoref](https://togithub.com/jsoref) in
[https://github.com/actions/dependency-review-action/pull/696](https://togithub.com/actions/dependency-review-action/pull/696)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2
###
[`v4.1.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.1):
4.1.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1)
#### What's Changed
- Bump `undici` to fix
[GHSA-wqq4-5wpv-mx2g](https://togithub.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g)
- Bump [@types/node](https://togithub.com/types/node) from
20.11.17 to 20.11.19 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/693](https://togithub.com/actions/dependency-review-action/pull/693)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1
###
[`v4.1.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.1.0):
4.1.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.0.0...v4.1.0)
#### What's Changed
- Add `warn-only` by [@tgrall](https://togithub.com/tgrall) in
[https://github.com/actions/dependency-review-action/pull/432](https://togithub.com/actions/dependency-review-action/pull/432)
Added a new configuration option (`warn-only`, boolean) that makes the
action always succeed while still displaying found vulnerabilities in
the log.
- Create stale.yaml by
[@jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/671](https://togithub.com/actions/dependency-review-action/pull/671)
- Use manual codeql config by
[@juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/678](https://togithub.com/actions/dependency-review-action/pull/678)
- Multiple dependency updates (see the changelog below for more
information)
#### New Contributors
- [@jonjanego](https://togithub.com/jonjanego) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/671](https://togithub.com/actions/dependency-review-action/pull/671)
- [@tgrall](https://togithub.com/tgrall) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/432](https://togithub.com/actions/dependency-review-action/pull/432)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v4...v4.1.0
###
[`v4.0.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.0.0)
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0)
- Update action to Node 20 by
[@takost](https://togithub.com/takost) in
[https://github.com/actions/dependency-review-action/pull/639](https://togithub.com/actions/dependency-review-action/pull/639)
- Dependabot updates, see the full changelog for more details.
#### New Contributors
- [@takost](https://togithub.com/takost) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/639](https://togithub.com/actions/dependency-review-action/pull/639)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0
###
[`v3.1.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.5):
3.1.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5)
#### What's Changed
- Smaller `per_page` when requesting diff by
[@hmaurer](https://togithub.com/hmaurer) in
[https://github.com/actions/dependency-review-action/pull/649](https://togithub.com/actions/dependency-review-action/pull/649)
- Update dependencies:
- Bump
[@typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.10.0 to 6.13.1 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/630](https://togithub.com/actions/dependency-review-action/pull/630)
- Bump prettier from 3.0.3 to 3.1.0 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/629](https://togithub.com/actions/dependency-review-action/pull/629)
- Bump [@types/jest](https://togithub.com/types/jest) from 29.5.8
to 29.5.11 by [@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/637](https://togithub.com/actions/dependency-review-action/pull/637)
- Bump nodemon from 3.0.1 to 3.0.2 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/636](https://togithub.com/actions/dependency-review-action/pull/636)
- Replace pip -> pypi in PURL examples by
[@febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/638](https://togithub.com/actions/dependency-review-action/pull/638)
- Bump
[@typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.12.0 to 6.15.0 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/644](https://togithub.com/actions/dependency-review-action/pull/644)
- Bump eslint from 8.53.0 to 8.56.0 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/640](https://togithub.com/actions/dependency-review-action/pull/640)
- Bump
[@typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.13.1 to 6.16.0 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/645](https://togithub.com/actions/dependency-review-action/pull/645)
- Bump prettier from 3.1.0 to 3.1.1 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/646](https://togithub.com/actions/dependency-review-action/pull/646)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.4...v3.1.5
###
[`v3.1.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.4):
3.1.4
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.3...v3.1.4)
#### What's Changed
- Fixed a
[bug](https://togithub.com/actions/dependency-review-action/issues/618)
with severity filtering when using the `allow_ghsas` option:
[https://github.com/actions/dependency-review-action/pull/623](https://togithub.com/actions/dependency-review-action/pull/623).
- Updates dependencies:
- Bump [@types/node](https://togithub.com/types/node) from
16.18.61 to 16.18.62 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/619](https://togithub.com/actions/dependency-review-action/pull/619)
action/pull/620
- Bump
[@typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.11.0 to 6.12.0 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/625](https://togithub.com/actions/dependency-review-action/pull/625)
- Bump typescript from 5.2.2 to 5.3.2 by
[@dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/624](https://togithub.com/actions/dependency-review-action/pull/624)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.4
###
[`v3.1.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.3):
3.1.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.2...v3.1.3)
#### What's Changed
- Fixes purl "version must be percent-encoded" by
[@theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/617](https://togithub.com/actions/dependency-review-action/pull/617)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.3
###
[`v3.1.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.2):
3.1.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.1...v3.1.2)
#### What's Changed
- Fix a regression for setups using self-hosted runners behind HTTP
proxies:[@febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/611](https://togithub.com/actions/dependency-review-action/pull/611)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.2
###
[`v3.1.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.1):
3.1.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1)
#### What's Changed
- Update a bunch of dependencies, including major version upgrades for
`octokit`, `@actions/github` and `typescript`.
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3.1.0...v3.1.1
###
[`v3.1.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.1.0):
3.1.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.8...v3.1.0)
#### What's New
Added support for dependencies submitted through the [dependency
submission
API](https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#best-practices-for-using-the-dependency-review-api-and-the-dependency-submission-api-together).
This includes two new configuration parameters:
`retry-on-snapshot-warnings` and `retry-on-snapshot-warnings-timeout`.
#### What's Changed
- Fix(docs): Correct action input name by
[@oerd](https://togithub.com/oerd) in
[https://github.com/actions/dependency-review-action/pull/551](https://togithub.com/actions/dependency-review-action/pull/551)
#### New Contributors
- [@oerd](https://togithub.com/oerd) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/551](https://togithub.com/actions/dependency-review-action/pull/551)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.1.0
###
[`v3.0.8`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.8):
3.0.8
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.7...v3.0.8)
#### What's Changed
Added `on-failure` option to `comment-summary-in-pr` setting by
[@sgmurphy](https://togithub.com/sgmurphy) in
[https://github.com/actions/dependency-review-action/pull/540](https://togithub.com/actions/dependency-review-action/pull/540)
Previous configuration files using `true`/`false` for
`comment-summary-in-pr` will be mapped automatically to the new values,
but we encourage you to update to `always`/`on-failure`/`never`.
#### New Contributors
- [@sgmurphy](https://togithub.com/sgmurphy) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/540](https://togithub.com/actions/dependency-review-action/pull/540)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.8
###
[`v3.0.7`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.7):
3.0.7
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.6...v3.0.7)
#### What's Changed
- Make GHES support / setup more clear by
[@rajbos](https://togithub.com/rajbos) in
[https://github.com/actions/dependency-review-action/pull/534](https://togithub.com/actions/dependency-review-action/pull/534)
- Add an option to deny packages or groups of packages by
[@adrienpessu](https://togithub.com/adrienpessu) in
[https://github.com/actions/dependency-review-action/pull/544](https://togithub.com/actions/dependency-review-action/pull/544)
#### New Contributors
- [@rajbos](https://togithub.com/rajbos) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/534](https://togithub.com/actions/dependency-review-action/pull/534)
- [@adrienpessu](https://togithub.com/adrienpessu) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/544](https://togithub.com/actions/dependency-review-action/pull/544)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.7
###
[`v3.0.6`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.6):
3.0.6
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.5...v3.0.6)
Fixes a bug introduced in 3.0.5 where we raised PURL errors when
Dependency Graph returns an empty `package_url`.
###
[`v3.0.5`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.5):
3.0.5
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.4...v3.0.5)
#### What's Changed
Thanks to [@theztefan](https://togithub.com/theztefan), we now
have a new `allow-dependencies-licenses` option that takes a list of
dependencies that will be excluded from license checks. See the
[configuration
options](https://togithub.com/actions/dependency-review-action#configuration-options)
for more information on how to use it.
- Exclude dependencies from license checks by
[@theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
- Documentation examples by
[@theztefan](https://togithub.com/theztefan) in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
- Show snapshot warnings in the summary by
[@juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/439](https://togithub.com/actions/dependency-review-action/pull/439)
- Fix default values for fail-on-severity by
[@febuiles](https://togithub.com/febuiles) in
[https://github.com/actions/dependency-review-action/pull/451](https://togithub.com/actions/dependency-review-action/pull/451)
- Updated dependencies.
#### New Contributors
- [@juxtin](https://togithub.com/juxtin) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/439](https://togithub.com/actions/dependency-review-action/pull/439)
- [@theztefan](https://togithub.com/theztefan) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/423](https://togithub.com/actions/dependency-review-action/pull/423)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.5
###
[`v3.0.4`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.4):
3.0.4
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.3...v3.0.4)
#### What's New?
The Action can now publish a comment in the pull request if the
`comment-summary-in-pr` option is set. More information can be found in
the
[README](https://togithub.com/actions/dependency-review-action#configuration-options).
#### New Contributors
- [@davelosert](https://togithub.com/davelosert) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/393](https://togithub.com/actions/dependency-review-action/pull/393)
#### Changelog
- Write Summary as comment to the pull request by
[@davelosert](https://togithub.com/davelosert) in
[https://github.com/actions/dependency-review-action/pull/393](https://togithub.com/actions/dependency-review-action/pull/393)
- Adjust summary format by
[@davelosert](https://togithub.com/davelosert) in
[https://github.com/actions/dependency-review-action/pull/416](https://togithub.com/actions/dependency-review-action/pull/416)
- Security updates.
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.4
###
[`v3.0.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.3):
3.0.3
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.2...v3.0.3)
#### What's Changed
- Use cache in check-dist.yml by
[@jongwooo](https://togithub.com/jongwooo) in
[https://github.com/actions/dependency-review-action/pull/359](https://togithub.com/actions/dependency-review-action/pull/359)
- Fix Dependency Review API response error handling by
[@felickz](https://togithub.com/felickz) in
[https://github.com/actions/dependency-review-action/pull/370](https://togithub.com/actions/dependency-review-action/pull/370)
- Security updates
#### New Contributors
- [@jongwooo](https://togithub.com/jongwooo) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/359](https://togithub.com/actions/dependency-review-action/pull/359)
- [@felickz](https://togithub.com/felickz) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/370](https://togithub.com/actions/dependency-review-action/pull/370)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.3
###
[`v3.0.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.2):
3.0.2
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.1...v3.0.2)
This release fixes spelling errors
[https://github.com/actions/dependency-review-action/pull/348](https://togithub.com/actions/dependency-review-action/pull/348)
and upgrades dependencies to fix known vulnerabilities
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.2
###
[`v3.0.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.1):
3.0.1
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v3.0.0...v3.0.1)
This release contains the following bugfixes:
- Fixing API URL for GHES:
[https://github.com/actions/dependency-review-action/pull/331](https://togithub.com/actions/dependency-review-action/pull/331)
- Improve list handling for external config files:
[https://github.com/actions/dependency-review-action/pull/330](https://togithub.com/actions/dependency-review-action/pull/330)
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v3...v3.0.1
###
[`v3.0.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v3.0.0):
3.0.0
[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v2.5.1...v3.0.0)
#### Breaking Changes
By default the action now expects [SPDX-compliant
licenses](https://spdx.org/licenses/) everywhere. If you were previously
using license names in the allow or deny lists make sure they're valid!
#### What's Changed
##### Support for external configuration files
You can now specify a [configuration file external to your
repository](https://togithub.com/actions/dependency-review-action/#configuration-file).
This allows organizations to have a single configuration file for all
their repos.
##### Broader license support
We've added support for a much broader set of project licenses by using
GitHub's [Licenses API](https://docs.github.com/en/rest/licenses).
##### SPDX Compliance
All of our license-related code now expects [SPDX-compliant licenses or
expressions](https://spdx.org/licenses/). This allows us to standardize
on a license naming scheme that already supports `OR`/`AND` expressions.
##### Disable individual checks
You can now use the boolean options `license-check` and
`vulnerability-check` to disable either one of the checks. More
information in [our configuration
options](https://togithub.com/actions/dependency-review-action/#configuration-options).
#### Thanks
Contributors for this release include:
- [@cnagadya](https://togithub.com/cnagadya)
- [@courtneycl](https://togithub.com/courtneycl)
- [@ericcornelissen](https://togithub.com/ericcornelissen)
- [@elireisman](https://togithub.com/elireisman)
- [@hmaurer](https://togithub.com/hmaurer)
Thanks everyone!
**Full Changelog**:
https://github.com/actions/dependency-review-action/compare/v2...v3.0.0
actions/upload-artifact (actions/upload-artifact)
###
[`v4.3.1`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.1)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.0...v4.3.1)
- Bump
[@actions/artifacts](https://togithub.com/actions/artifacts) to
latest version to include [updated GHES host
check](https://togithub.com/actions/toolkit/pull/1648)
###
[`v4.3.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.2.0...v4.3.0)
##### What's Changed
- Reorganize upload code in prep for merge logic & add more tests by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/504](https://togithub.com/actions/upload-artifact/pull/504)
- Add sub-action to merge artifacts by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/505](https://togithub.com/actions/upload-artifact/pull/505)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.3.0
###
[`v4.2.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.2.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.1.0...v4.2.0)
##### What's Changed
- Ability to overwrite an Artifact by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/501](https://togithub.com/actions/upload-artifact/pull/501)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.2.0
###
[`v4.1.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.1.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.0.0...v4.1.0)
#### What's Changed
- Add migrations docs by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/482](https://togithub.com/actions/upload-artifact/pull/482)
- Update README.md by
[@samuelwine](https://togithub.com/samuelwine) in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
- Support artifact-url output by
[@konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/496](https://togithub.com/actions/upload-artifact/pull/496)
- Update readme to reflect new 500 artifact per job limit by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/497](https://togithub.com/actions/upload-artifact/pull/497)
#### New Contributors
- [@samuelwine](https://togithub.com/samuelwine) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.1.0
defenseunicorns/uds-common
(defenseunicorns/uds-common)
###
[`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.8...v0.3.9)
##### Miscellaneous
- fix missing keys in setup actions
([#93](https://togithub.com/defenseunicorns/uds-common/issues/93))
([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a))
###
[`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.7...v0.3.8)
##### Miscellaneous
- add upgrade tests to common
([#91](https://togithub.com/defenseunicorns/uds-common/issues/91))
([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d))
- **deps:** update dependency defenseunicorns/uds-cli to v0.10.1
([#84](https://togithub.com/defenseunicorns/uds-common/issues/84))
([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7))
- **deps:** update dependency defenseunicorns/uds-core to v0.17.0
([#83](https://togithub.com/defenseunicorns/uds-common/issues/83))
([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c))
- **deps:** update uds common package dependencies to v6.6.1
([#92](https://togithub.com/defenseunicorns/uds-common/issues/92))
([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3))
- update registry login to happen in the common env setup action
([#88](https://togithub.com/defenseunicorns/uds-common/issues/88))
([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae))
###
[`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.6...v0.3.7)
##### Miscellaneous
- remove schedule on renovate
([#85](https://togithub.com/defenseunicorns/uds-common/issues/85))
([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27))
- update k3d-core-istio-dev to k3d-core-slim-dev
([#86](https://togithub.com/defenseunicorns/uds-common/issues/86))
([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493))
###
[`v0.3.6`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.6)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.5...v0.3.6)
##### Miscellaneous
- hotfix the spoof containing a dash in the input and add a publish step
([#81](https://togithub.com/defenseunicorns/uds-common/issues/81))
([f9c7aac](https://togithub.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39))
###
[`v0.3.5`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.5)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.4...v0.3.5)
##### Miscellaneous
- fix spoof to not include a dash
([#79](https://togithub.com/defenseunicorns/uds-common/issues/79))
([5d1738b](https://togithub.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb))
###
[`v0.3.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.4)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.3...v0.3.4)
##### Miscellaneous
- add the ability to spoof to common
([#77](https://togithub.com/defenseunicorns/uds-common/issues/77))
([49634e1](https://togithub.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38))
- **deps:** update dependency defenseunicorns/uds-core to v0.16.1
([#72](https://togithub.com/defenseunicorns/uds-common/issues/72))
([32d1ad6](https://togithub.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855))
defenseunicorns/uds-common-tasks
(defenseunicorns/uds-common-tasks)
###
[`v0.3.9`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.9)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.8...v0.3.9)
##### Miscellaneous
- fix missing keys in setup actions
([#93](https://togithub.com/defenseunicorns/uds-common/issues/93))
([39d7395](https://togithub.com/defenseunicorns/uds-common/commit/39d73955ebb35f4e844a45fe23a7acf7d65d239a))
###
[`v0.3.8`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.8)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.7...v0.3.8)
##### Miscellaneous
- add upgrade tests to common
([#91](https://togithub.com/defenseunicorns/uds-common/issues/91))
([bb2e590](https://togithub.com/defenseunicorns/uds-common/commit/bb2e59021355172db2cfcca7dbf5a2434ce41b6d))
- **deps:** update dependency defenseunicorns/uds-cli to v0.10.1
([#84](https://togithub.com/defenseunicorns/uds-common/issues/84))
([6b455b7](https://togithub.com/defenseunicorns/uds-common/commit/6b455b7cef8ddab022c758a6309d8993f0a564b7))
- **deps:** update dependency defenseunicorns/uds-core to v0.17.0
([#83](https://togithub.com/defenseunicorns/uds-common/issues/83))
([b8d8181](https://togithub.com/defenseunicorns/uds-common/commit/b8d818165c7c676f56898c2d15ae14a2f7ff5f0c))
- **deps:** update uds common package dependencies to v6.6.1
([#92](https://togithub.com/defenseunicorns/uds-common/issues/92))
([862b635](https://togithub.com/defenseunicorns/uds-common/commit/862b63512b4b53ff963b85e25e8011818bb8e4e3))
- update registry login to happen in the common env setup action
([#88](https://togithub.com/defenseunicorns/uds-common/issues/88))
([b7bce88](https://togithub.com/defenseunicorns/uds-common/commit/b7bce888d1d62c5d382d7d88a54e59da72e0d3ae))
###
[`v0.3.7`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.7)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.6...v0.3.7)
##### Miscellaneous
- remove schedule on renovate
([#85](https://togithub.com/defenseunicorns/uds-common/issues/85))
([fda7e57](https://togithub.com/defenseunicorns/uds-common/commit/fda7e57ad878cc70bf3905948911daa84c67db27))
- update k3d-core-istio-dev to k3d-core-slim-dev
([#86](https://togithub.com/defenseunicorns/uds-common/issues/86))
([aa0e6da](https://togithub.com/defenseunicorns/uds-common/commit/aa0e6dad40126ead465b102ea28a3ac961883493))
###
[`v0.3.6`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.6)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.5...v0.3.6)
##### Miscellaneous
- hotfix the spoof containing a dash in the input and add a publish step
([#81](https://togithub.com/defenseunicorns/uds-common/issues/81))
([f9c7aac](https://togithub.com/defenseunicorns/uds-common/commit/f9c7aac4a30e5c3e627c44946f2f212af1573b39))
###
[`v0.3.5`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.5)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.4...v0.3.5)
##### Miscellaneous
- fix spoof to not include a dash
([#79](https://togithub.com/defenseunicorns/uds-common/issues/79))
([5d1738b](https://togithub.com/defenseunicorns/uds-common/commit/5d1738ba0ca2cd19c7fdf6dfe6873339e129c3bb))
###
[`v0.3.4`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.3.4)
[Compare
Source](https://togithub.com/defenseunicorns/uds-common-tasks/compare/v0.3.3...v0.3.4)
##### Miscellaneous
- add the ability to spoof to common
([#77](https://togithub.com/defenseunicorns/uds-common/issues/77))
([49634e1](https://togithub.com/defenseunicorns/uds-common/commit/49634e1b69c6b2eadcc2497f6baba8bd349f3d38))
- **deps:** update dependency defenseunicorns/uds-core to v0.16.1
([#72](https://togithub.com/defenseunicorns/uds-common/issues/72))
([32d1ad6](https://togithub.com/defenseunicorns/uds-common/commit/32d1ad6812a3ef6ad750447296f5644b14ff2855))
defenseunicorns/zarf (defenseunicorns/zarf)
###
[`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6)
##### \[0.32.6] - 2024-03-22
> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@Noxsios](https://togithub.com/Noxsios)
##### ๐ Features
- \[**ALPHA**] feat: package generation ALPHA by
[@andrewg-xyz](https://togithub.com/andrewg-xyz) in
[#2269](https://togithub.com/defenseunicorns/zarf/pull/2269)
- *(lib)* feat(lib): configurable log file location by
[@Noxsios](https://togithub.com/Noxsios) in
[#2380](https://togithub.com/defenseunicorns/zarf/pull/2380)
- \[**BREAKING**] feat!: filter package components with strategy
interface by [@Noxsios](https://togithub.com/Noxsios) in
[#2321](https://togithub.com/defenseunicorns/zarf/pull/2321)
##### ๐ Bug Fixes
- fix: refactor create stages into separate lib by
[@lucasrod16](https://togithub.com/lucasrod16) in
[#2223](https://togithub.com/defenseunicorns/zarf/pull/2223)
- fix: handle registry caBundle as a multiline string by
[@AbrohamLincoln](https://togithub.com/AbrohamLincoln) in
[#2381](https://togithub.com/defenseunicorns/zarf/pull/2381)
- *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and
`mirror` by [@lucasrod16](https://togithub.com/lucasrod16) in
[#2386](https://togithub.com/defenseunicorns/zarf/pull/2386)
- fix: allow absolute paths for differential packages by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2397](https://togithub.com/defenseunicorns/zarf/pull/2397)
- fix: hotfix skeleton publish by
[@Noxsios](https://togithub.com/Noxsios) in
[#2398](https://togithub.com/defenseunicorns/zarf/pull/2398)
##### ๐ Refactor
- refactor: split helpers/exec libs by
[@Racer159](https://togithub.com/Racer159) in
[#2379](https://togithub.com/defenseunicorns/zarf/pull/2379)
##### ๐งช Testing
- test: data injection flake by
[@lucasrod16](https://togithub.com/lucasrod16) in
[#2361](https://togithub.com/defenseunicorns/zarf/pull/2361)
##### โ๏ธ Miscellaneous Tasks
- ci: add commitlint workflow and update contributing guide by
[@lucasrod16](https://togithub.com/lucasrod16) in
[#2391](https://togithub.com/defenseunicorns/zarf/pull/2391)
##### ๐ก๏ธ Security
- *(release)* build: create PRs on `homebrew-tap` by
[@Noxsios](https://togithub.com/Noxsios) in
[#2385](https://togithub.com/defenseunicorns/zarf/pull/2385)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6
###
[`v0.32.5`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.5)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5)
##### \[0.32.5] - 2024-03-11
> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@Noxsios](https://togithub.com/Noxsios)
##### ๐ Features
- feat: add missing vendored tool version commands by
[@eddiezane](https://togithub.com/eddiezane) in
[#2232](https://togithub.com/defenseunicorns/zarf/pull/2232)
- feat: add `--why` flag for `zarf dev find-images` by
[@waveywaves](https://togithub.com/waveywaves) in
[#2309](https://togithub.com/defenseunicorns/zarf/pull/2309)
- feat: set variables on find images by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2282](https://togithub.com/defenseunicorns/zarf/pull/2282)
- feat: add configurable backoff and retries for Zarf operations by
[@Racer159](https://togithub.com/Racer159) in
[#2345](https://togithub.com/defenseunicorns/zarf/pull/2345)
##### ๐ Bug Fixes
- *(deps)*: update github.com/anchore/clio digest to
[`abcb719`](https://togithub.com/defenseunicorns/zarf/commit/abcb719) by
[@renovate](https://togithub.com/renovate)\[bot] in
[#2347](https://togithub.com/defenseunicorns/zarf/pull/2347)
- *(ci)*: change ECR image to docker.io image by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2353](https://togithub.com/defenseunicorns/zarf/pull/2353)
- fix: added OCI Image Index mediaType by
[@mdaizcorbe](https://togithub.com/mdaizcorbe) in
[#2352](https://togithub.com/defenseunicorns/zarf/pull/2352)
- fix: package publish progress bar frozen at zero by
[@Noxsios](https://togithub.com/Noxsios) in
[#2367](https://togithub.com/defenseunicorns/zarf/pull/2367)
- *(release)* hotfix `publish` not respecting source package
architecture by [@Noxsios](https://togithub.com/Noxsios) in
[#2376](https://togithub.com/defenseunicorns/zarf/pull/2376)
##### ๐ Documentation
- chore: fix spelling by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2333](https://togithub.com/defenseunicorns/zarf/pull/2333)
- docs: formatting and grammar by
[@beholdenkey](https://togithub.com/beholdenkey) in
[#2350](https://togithub.com/defenseunicorns/zarf/pull/2350)
##### โ๏ธ Miscellaneous Tasks
- chore: sorted go imports by
[@naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#2349](https://togithub.com/defenseunicorns/zarf/pull/2349)
- chore: fix bb test by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2340](https://togithub.com/defenseunicorns/zarf/pull/2340)
- chore: update CODEOWNERS with
[@AustinAbro321](https://togithub.com/AustinAbro321) by
[@Racer159](https://togithub.com/Racer159) in
[#2354](https://togithub.com/defenseunicorns/zarf/pull/2354)
- chore: refactor and purify the OCI library within Zarf by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2235](https://togithub.com/defenseunicorns/zarf/pull/2235)
- chore: default to temp zarf cache in e2e tests by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[#2355](https://togithub.com/defenseunicorns/zarf/pull/2355)
##### ๐ก๏ธ Security
- chore: configure agent server to avoid slowloris attack by
[@naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#2342](https://togithub.com/defenseunicorns/zarf/pull/2342)
- chore: fix implicit memory aliasing in for loop by
[@naveensrinivasan](https://togithub.com/naveensrinivasan) in
[#2341](https://togithub.com/defenseunicorns/zarf/pull/2341)
- *(release)*: update release workflow to use token from gh app by
[@Noxsios](https://togithub.com/Noxsios) in
[#2368](https://togithub.com/defenseunicorns/zarf/pull/2368)
- *(release)*: use release environment secrets by
[@Noxsios](https://togithub.com/Noxsios) in
[#2374](https://togithub.com/defenseunicorns/zarf/pull/2374)
##### First Time Contributors
- [@eddiezane](https://togithub.com/eddiezane) made their first
contribution in
[#2232](https://togithub.com/defenseunicorns/zarf/issues/2232)
- [@beholdenkey](https://togithub.com/beholdenkey) made their
first contribution in
[#2350](https://togithub.com/defenseunicorns/zarf/issues/2350)
- [@mdaizcorbe](https://togithub.com/mdaizcorbe) made their first
contribution in
[#2352](https://togithub.com/defenseunicorns/zarf/issues/2352)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.4...v0.32.5
###
[`v0.32.4`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.4)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4)
##### What's Changed
##### Fixes
- Improve `cmd` failure messaging when no timeout or retries are given
by [@docandrew](https://togithub.com/docandrew) in
[https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- Revert init package storageclass checks for git server and seed
registry by [@lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2311](https://togithub.com/defenseunicorns/zarf/pull/2311)
- Fix multi-part tarballs being mismatched sizes by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2314](https://togithub.com/defenseunicorns/zarf/pull/2314)
- Change text template detection to check first *and* last 512 bytes by
[@WeaponX314](https://togithub.com/WeaponX314) in
[https://github.com/defenseunicorns/zarf/pull/2310](https://togithub.com/defenseunicorns/zarf/pull/2310)
- Improve `zarf tools registry prune` messaging by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2323](https://togithub.com/defenseunicorns/zarf/pull/2323)
- Add http request header timeout to mitigate stalling image push by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2319](https://togithub.com/defenseunicorns/zarf/pull/2319)
- Allow host+subpath as the source registry for `--registry-override` in
package create by [@waveywaves](https://togithub.com/waveywaves)
in
[https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
##### Dependencies
- Update github.com/anchore/clio digest to
[`cb94e40`](https://togithub.com/defenseunicorns/zarf/commit/cb94e40) by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2294](https://togithub.com/defenseunicorns/zarf/pull/2294),
[https://github.com/defenseunicorns/zarf/pull/2297](https://togithub.com/defenseunicorns/zarf/pull/2297)
and
[https://github.com/defenseunicorns/zarf/pull/2300](https://togithub.com/defenseunicorns/zarf/pull/2300)
- **\[security]** Update module helm.sh/helm/v3 to v3.14.2 by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2307](https://togithub.com/defenseunicorns/zarf/pull/2307)
and
[https://github.com/defenseunicorns/zarf/pull/2329](https://togithub.com/defenseunicorns/zarf/pull/2329)
- Update actions/checkout action to v4 by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2317](https://togithub.com/defenseunicorns/zarf/pull/2317)
- Update actions/dependency-review-action action to v4 by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2318](https://togithub.com/defenseunicorns/zarf/pull/2318)
##### Docs
- Update [Zarf roadmap](https://docs.zarf.dev/docs/roadmap) per 2024
goals by [@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2305](https://togithub.com/defenseunicorns/zarf/pull/2305)
##### Development
- Included Dependency Review action for PR reviews by
[@naveensrinivasan](https://togithub.com/naveensrinivasan) in
[https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- Resolve CodeQL linting issues across Zarf by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2322](https://togithub.com/defenseunicorns/zarf/pull/2322)
##### New Contributors
- [@docandrew](https://togithub.com/docandrew) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2301](https://togithub.com/defenseunicorns/zarf/pull/2301)
- [@naveensrinivasan](https://togithub.com/naveensrinivasan) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2298](https://togithub.com/defenseunicorns/zarf/pull/2298)
- [@waveywaves](https://togithub.com/waveywaves) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2306](https://togithub.com/defenseunicorns/zarf/pull/2306)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.3...v0.32.4
###
[`v0.32.3`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.3)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3)
##### What's Changed
##### Fixes
- Properly handle panic that could occur during checksum validation by
[@mjnagel](https://togithub.com/mjnagel) in
[https://github.com/defenseunicorns/zarf/pull/2262](https://togithub.com/defenseunicorns/zarf/pull/2262)
- Add the `--key` flag to the init cmd to properly allow for signed init
packages by [@dgershman](https://togithub.com/dgershman) in
[https://github.com/defenseunicorns/zarf/pull/2259](https://togithub.com/defenseunicorns/zarf/pull/2259)
- Restore destroy script functionality during `zarf destroy` by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2274](https://togithub.com/defenseunicorns/zarf/pull/2274)
- Fix symlink inclusion within component resources by
[@dgershman](https://togithub.com/dgershman) in
[https://github.com/defenseunicorns/zarf/pull/2256](https://togithub.com/defenseunicorns/zarf/pull/2256)
- Use memory friendly file split logic for partial packages by
[@daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) in
[https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264)
- Fix reproducible tarball creation on Windows systems by
[@Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2293](https://togithub.com/defenseunicorns/zarf/pull/2293)
##### Docs
- Make branding more consistent and add community meetup references to
docs by [@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2258](https://togithub.com/defenseunicorns/zarf/pull/2258)
##### Dependencies
- Update github.com/anchore/clio digest by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2277](https://togithub.com/defenseunicorns/zarf/pull/2277)
and
[https://github.com/defenseunicorns/zarf/pull/2283](https://togithub.com/defenseunicorns/zarf/pull/2283)
- Update all non-major dependencies (including Gitea v1.21.5, Syft
v0.100.0, K9s v0.31.7 and Crane v0.19.0) by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2187](https://togithub.com/defenseunicorns/zarf/pull/2187)
##### Development
- Add a more robust chart search regexManager by
[@Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2278](https://togithub.com/defenseunicorns/zarf/pull/2278)
and
[https://github.com/defenseunicorns/zarf/pull/2284](https://togithub.com/defenseunicorns/zarf/pull/2284)
- Partial refactor of injector logic in `k8s`, and `cluster` packages by
[@chrishorton](https://togithub.com/chrishorton) in
[https://github.com/defenseunicorns/zarf/pull/2271](https://togithub.com/defenseunicorns/zarf/pull/2271)
##### New Contributors
- [@daniel-palmer-gu](https://togithub.com/daniel-palmer-gu) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2264](https://togithub.com/defenseunicorns/zarf/pull/2264)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.2...v0.32.3
###
[`v0.32.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.2)
[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2)
#### What's Changed
#### Features
- Support authenticated Helm repositories that have been configured with
`helm repo add` by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2196](https://togithub.com/defenseunicorns/zarf/pull/2196)
- Verify that the specified storage class exists during `zarf init` by
[@lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2180](https://togithub.com/defenseunicorns/zarf/pull/2180)
- Check for available node resources before building injector pod by
[@chrishorton](https://togithub.com/chrishorton) in
[https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220)
- Officially support yaml extensions within the `zarf.yaml` using `x-`
keys by [@AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2217](https://togithub.com/defenseunicorns/zarf/pull/2217)
#### Fixes
- Fix the inclusion of helm sub commands when rendering `zarf tools
help` by [@jbrewer3](https://togithub.com/jbrewer3) in
[https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216)
#### Docs
- Fix typos in the extension `README.md` by
[@mjnagel](https://togithub.com/mjnagel) in
[https://github.com/defenseunicorns/zarf/pull/2227](https://togithub.com/defenseunicorns/zarf/pull/2227)
- Fix a small grammatical error in the base `README.md` by
[@cmwylie19](https://togithub.com/cmwylie19) in
[https://github.com/defenseunicorns/zarf/pull/2219](https://togithub.com/defenseunicorns/zarf/pull/2219)
#### Dependencies
- Update github.com/anchore/clio digest to
[`89e2fe8`](https://togithub.com/defenseunicorns/zarf/commit/89e2fe8) by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2214](https://togithub.com/defenseunicorns/zarf/pull/2214)
- Update github.com/anchore/clio digest to
[`a5e93b6`](https://togithub.com/defenseunicorns/zarf/commit/a5e93b6) by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2229](https://togithub.com/defenseunicorns/zarf/pull/2229)
- Update github.com/anchore/stereoscope digest to
[`eb656fc`](https://togithub.com/defenseunicorns/zarf/commit/eb656fc) by
[@renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2230](https://togithub.com/defenseunicorns/zarf/pull/2230)
#### Development
- Remove workflow for automatically adding issues to the zarf project by
[@YrrepNoj](https://togithub.com/YrrepNoj) in
[https://github.com/defenseunicorns/zarf/pull/2239](https://togithub.com/defenseunicorns/zarf/pull/2239)
- Delete unnecessary waitgroup from concurrencyTools by
[@AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2244](https://togithub.com/defenseunicorns/zarf/pull/2244)
- Update `NewOrasRemote` to take `ocispec.Platform` as an argument by
[@decleaver](https://togithub.com/decleaver) in
[https://github.com/defenseunicorns/zarf/pull/2241](https://togithub.com/defenseunicorns/zarf/pull/2241)
#### New Contributors
- [@jbrewer3](https://togithub.com/jbrewer3) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2216](https://togithub.com/defenseunicorns/zarf/pull/2216)
- [@chrishorton](https://togithub.com/chrishorton) made their
first contribution in
[https://github.com/defenseunicorns/zarf/pull/2220](https://togithub.com/defenseunicorns/zarf/pull/2220)
**Full Changelog**:
https://github.com/defenseunicorns/zarf/compare/v0.32.1...v0.32.2
###
[`v0.32.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32
---
### Configuration
๐
**Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
๐ฆ **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
โป **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
๐ป **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost).
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Wayne Starr
---
.github/workflows/ci-docs-shim.yaml | 19 ++-----------------
.github/workflows/codeql.yaml | 8 ++++----
.github/workflows/commitlint.yaml | 2 +-
.github/workflows/dependencyreview.yaml | 4 ++--
.github/workflows/lint.yaml | 7 ++++---
.github/workflows/scorecard.yaml | 4 ++--
.github/workflows/tag-and-release.yaml | 18 ++++++------------
.github/workflows/test.yaml | 11 ++++++-----
.pre-commit-config.yaml | 8 ++++----
tasks.yaml | 19 +++++++------------
tasks/publish.yaml | 2 +-
11 files changed, 39 insertions(+), 63 deletions(-)
diff --git a/.github/workflows/ci-docs-shim.yaml b/.github/workflows/ci-docs-shim.yaml
index ad8e133..0c62b88 100644
--- a/.github/workflows/ci-docs-shim.yaml
+++ b/.github/workflows/ci-docs-shim.yaml
@@ -2,23 +2,8 @@ name: CI Docs Shim
on:
pull_request:
- paths:
- - "**.md"
- - "**.jpg"
- - "**.png"
- - "**.gif"
- - "**.svg"
- - "adr/**"
- - "docs/**"
- - ".gitignore"
- - "renovate.json"
- - ".release-please-config.json"
- - "release-please-config.json"
- - "oscal-component.yaml"
- - "CODEOWNERS"
- - "LICENSE"
- - "CONTRIBUTING.md"
- - "SECURITY.md"
+ branches: [main]
+ types: [milestoned, opened, synchronize]
jobs:
run-test:
diff --git a/.github/workflows/codeql.yaml b/.github/workflows/codeql.yaml
index 78a0685..7215822 100644
--- a/.github/workflows/codeql.yaml
+++ b/.github/workflows/codeql.yaml
@@ -29,17 +29,17 @@ jobs:
steps:
- name: Checkout repository
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
# Initializes the CodeQL tools for scanning.
- name: Initialize CodeQL
- uses: github/codeql-action/init@a56a03b370b87b26fde6d680755f818cfda0372b # v2.24.5
+ uses: github/codeql-action/init@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
with:
languages: ${{ matrix.language }}
- name: Autobuild
- uses: github/codeql-action/autobuild@a56a03b370b87b26fde6d680755f818cfda0372b # v2.24.5
+ uses: github/codeql-action/autobuild@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
- name: Perform CodeQL Analysis
- uses: github/codeql-action/analyze@a56a03b370b87b26fde6d680755f818cfda0372b # v2.24.5
+ uses: github/codeql-action/analyze@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
with:
category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/commitlint.yaml b/.github/workflows/commitlint.yaml
index d02d0eb..12a6380 100644
--- a/.github/workflows/commitlint.yaml
+++ b/.github/workflows/commitlint.yaml
@@ -8,4 +8,4 @@ on:
jobs:
validate:
name: Validate
- uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
diff --git a/.github/workflows/dependencyreview.yaml b/.github/workflows/dependencyreview.yaml
index 3f34562..d0ef365 100644
--- a/.github/workflows/dependencyreview.yaml
+++ b/.github/workflows/dependencyreview.yaml
@@ -22,6 +22,6 @@ jobs:
egress-policy: audit
- name: 'Checkout Repository'
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: 'Dependency Review'
- uses: actions/dependency-review-action@0efb1d1d84fc9633afcdaad14c485cbbc90ef46c # v2.5.1
+ uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5
diff --git a/.github/workflows/lint.yaml b/.github/workflows/lint.yaml
index c563852..502a3bd 100644
--- a/.github/workflows/lint.yaml
+++ b/.github/workflows/lint.yaml
@@ -20,10 +20,11 @@ jobs:
fetch-depth: 0
- name: Environment setup
- uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
- username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
- password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
+ registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
+ registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
+ ghToken: ${{ secrets.GITHUB_TOKEN }}
- name: Install lint deps
run: |
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 23a9619..06efcfe 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -37,7 +37,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
- uses: actions/upload-artifact@c7d193f32edcb7bfad88892161225aeda64e9392 # v4.0.0
+ uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: SARIF file
path: results.sarif
@@ -45,6 +45,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@012739e5082ff0c22ca6d6ab32e07c36df03c4a4 # v3.22.12
+ uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
with:
sarif_file: results.sarif
diff --git a/.github/workflows/tag-and-release.yaml b/.github/workflows/tag-and-release.yaml
index cd7eef2..949992d 100644
--- a/.github/workflows/tag-and-release.yaml
+++ b/.github/workflows/tag-and-release.yaml
@@ -18,7 +18,7 @@ jobs:
steps:
- name: Create release tag
id: tag
- uses: google-github-actions/release-please-action@cc61a07e2da466bebbc19b3a7dd01d6aecb20d1e # v4.0.2
+ uses: google-github-actions/release-please-action@a37ac6e4f6449ce8b3f7607e4d97d0146028dc0b # v4.1.0
- id: release-flag
run: echo "release_created=${{ steps.tag.outputs.release_created || false }}" >> $GITHUB_OUTPUT
@@ -39,23 +39,17 @@ jobs:
- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Environment setup
- uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
- username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
- password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
-
- - name: Login to GHCR
- uses: docker/login-action@343f7c4344506bcbf9b4de18042ae17996df046d # v3
- with:
- registry: ghcr.io
- username: dummy
- password: ${{ secrets.GITHUB_TOKEN }}
+ registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
+ registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
+ ghToken: ${{ secrets.GITHUB_TOKEN }}
- name: Publish Package
run: uds run -f tasks/publish.yaml package --set FLAVOR=${{ matrix.flavor }}
- name: Save logs
if: always()
- uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/save-logs@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index 6c59c83..533f07b 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -46,19 +46,20 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Environment setup
- uses: defenseunicorns/uds-common/.github/actions/setup@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/setup@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
- username: ${{secrets.IRON_BANK_ROBOT_USERNAME}}
- password: ${{secrets.IRON_BANK_ROBOT_PASSWORD}}
+ registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
+ registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
+ ghToken: ${{ secrets.GITHUB_TOKEN }}
- name: Test
- uses: defenseunicorns/uds-common/.github/actions/test@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/test@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
flavor: ${{ matrix.flavor }}
type: ${{ matrix.type }}
- name: Save logs
if: always()
- uses: defenseunicorns/uds-common/.github/actions/save-logs@e2ad99f7caba1b0d08856918db9385a431cfdbca # v0.3.3
+ uses: defenseunicorns/uds-common/.github/actions/save-logs@264ec430c4079129870820e70c4439f3f3d57cbc # v0.3.9
with:
suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 0f22b9a..e9444ef 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -31,7 +31,7 @@ repos:
hooks:
- id: fix-smartquotes
- repo: https://github.com/python-jsonschema/check-jsonschema
- rev: 0.27.4
+ rev: 0.28.0
hooks:
- id: check-jsonschema
name: "Validate Zarf Configs Against Schema"
@@ -40,14 +40,14 @@ repos:
args:
[
"--schemafile",
- "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.29.1/zarf.schema.json",
+ "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.32.6/zarf.schema.json",
"--no-cache"
]
- repo: https://github.com/golangci/golangci-lint
- rev: v1.55.2
+ rev: v1.57.2
hooks:
- id: golangci-lint
- repo: https://github.com/renovatebot/pre-commit-hooks
- rev: 37.165.5
+ rev: 37.275.0
hooks:
- id: renovate-config-validator
diff --git a/tasks.yaml b/tasks.yaml
index 44f2449..ca5a333 100644
--- a/tasks.yaml
+++ b/tasks.yaml
@@ -2,11 +2,11 @@ includes:
- cleanup: ./tasks/cleanup.yaml
- dependencies: ./tasks/dependencies.yaml
- test: ./tasks/test.yaml
- - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/create.yaml
- - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/lint.yaml
- - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/pull.yaml
- - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.3/tasks/deploy.yaml
- - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.3.3/tasks/setup.yaml
+ - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/create.yaml
+ - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/lint.yaml
+ - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/pull.yaml
+ - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/deploy.yaml
+ - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/setup.yaml
tasks:
- name: default
@@ -34,13 +34,8 @@ tasks:
description: Create UDS Mattermost bundle based on the latest release
actions:
- task: pull:latest-package-release
- # TODO (@WSTARR): This is currently needed to get around the chicken+egg condition when release please updates the version in GH
- - description: Get the current Zarf package name
- cmd: cat zarf.yaml | yq .metadata.version
- setVariables:
- - name: CURRENT_VERSION
- - description: Move the latest to the current (needed to make this work on release-please PRs)
- cmd: test -f zarf-package-mattermost-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst || mv zarf-package-mattermost-${UDS_ARCH}-*.tar.zst zarf-package-mattermost-${UDS_ARCH}-${CURRENT_VERSION}.tar.zst
+ with:
+ spoof_release: "true"
- task: dependencies:create
- task: create:test-bundle
diff --git a/tasks/publish.yaml b/tasks/publish.yaml
index 5bfbf61..ca71ff4 100644
--- a/tasks/publish.yaml
+++ b/tasks/publish.yaml
@@ -1,5 +1,5 @@
includes:
- - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common-tasks/v0.3.3/tasks/publish.yaml
+ - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.9/tasks/publish.yaml
tasks:
- name: package