Skip to content

v0.0.3
Compare
Choose a tag to compare
@JAORMX JAORMX released this 19 Sep 13:42
· 3359 commits to main since this release
v0.0.3
2e90ef4
This commit was created on github.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What's Changed

  • build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by @dependabot in #879
  • medic: print policies as tables by @JAORMX in #880
  • rule: Add new rule type that checks if folks are using the latest tag in their Dockerfiles by @JAORMX in #884
  • Auto-generated cli documentation update - 2023-09-07 12:07:37 by @github-actions in #882
  • reconcilers: Add an initial concept of a dedicated reconcilers object in mediator by @JAORMX in #872
  • medic: print rule types as tables by @JAORMX in #881
  • EntityInfoWrapper: Add utility function to build+publish by @JAORMX in #886
  • Auto-generated cli documentation update - 2023-09-07 14:17:14 by @github-actions in #887
  • EntityInfoWrapper.BuildMessage: Return nil, error by @JAORMX in #885
  • Create new context for OAuth callback to prevent timeout by @eleftherias in #883
  • Auto-generated cli documentation update - 2023-09-07 15:01:35 by @github-actions in #889
  • Organize docs in more suitable layout by @lukehinds in #856
  • cli: Add table output for policy_status sub-command by @JAORMX in #888
  • fix watermill error loop by @JAORMX in #890
  • Auto-generated cli documentation update - 2023-09-07 15:56:42 by @github-actions in #891
  • Fix broken documentation link and extra package-lock.json by @evankanderson in #892
  • dockerfile_no_latest_tag rule: Use main branch, not master by @JAORMX in #893
  • chore: add guidance notes for rule_types by @rdimitrov in #895
  • Add Stacklok logo to enrollment complete html page by @eleftherias in #896
  • new rule: Add rule that verifies that the trivy action is used in a github workflow by @JAORMX in #900
  • Adjust getting started documentation by @eleftherias in #897
  • rego: Add option to skip for deny-by-default evaluator by @JAORMX in #903
  • medev fix: ensure we pass auth token to evaluator by @JAORMX in #901
  • docs: Update documentation with reference to detailed status by @JAORMX in #904
  • medev rule_type test: enable rego print statements when testing by @JAORMX in #902
  • rule_type create: Print one table instead of many by @JAORMX in #906
  • Fix OAuthService endpoint that got fixed manually by @evankanderson in #909
  • Auto-generated cli documentation update - 2023-09-08 13:10:53 by @github-actions in #907
  • db: Add pull_request as an allowed value of entities by @jhrozek in #910
  • Sort CSV list of known entities to prevent needless doc updates by @jhrozek in #911
  • Allow matching on any artifact name by @jhrozek in #917
  • Add basic support for PR vulnerability scanning by @jhrozek in #899
  • Auto-generated cli documentation update - 2023-09-08 16:52:44 by @github-actions in #918
  • Expose custom error message for 'must change password' by @evankanderson in #916
  • webhooks: Handle the case where a signature arrives after an unsigned artifact had been stored by @jhrozek in #919
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.1 to 2.18.0 in /tools by @dependabot in #922
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.1 to 2.18.0 by @dependabot in #921
  • eventer: Add extra logging and retriable events by @JAORMX in #926
  • eventer: Add logging to publisher as well by @JAORMX in #927
  • pipeline_policy: Also validate pull requests by @jhrozek in #929
  • webhook: Don't process events from repositories that are not registered by @JAORMX in #928
  • fix: resolve tag conflicts for versioned artifacts by @rdimitrov in #920
  • Move database golang code to internal package by @JAORMX in #931
  • golangci-lint: Turn on exhaustive linter by @JAORMX in #933
  • fix/refactor: Move auth.token_key and other parameters to AuthConfig structure by @JAORMX in #925
  • Use proto options to store auth config by @evankanderson in #894
  • fix: race condition for signed versioned artifacts by @rdimitrov in #932
  • Add token_key_passphrase to file location overrides following #925 by @evankanderson in #937
  • Dismiss stale reviews when reviewing PRs with vulnerable dependencies by @jhrozek in #934
  • build(deps): bump docker/setup-buildx-action from 2 to 3 by @dependabot in #940
  • build(deps): bump docker/build-push-action from 4 to 5 by @dependabot in #939
  • Move most packages to the internal package by @JAORMX in #941
  • build(deps): bump go.opentelemetry.io/otel from 1.17.0 to 1.18.0 by @dependabot in #942
  • build(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 by @dependabot in #946
  • build(deps): bump go.opentelemetry.io/otel/sdk from 1.17.0 to 1.18.0 by @dependabot in #943
  • chore: hide and gitignore docker volumes for github client id and secret by @rdimitrov in #948
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.40.0 to 0.41.0 by @dependabot in #944
  • Simplify policy structure and rename by @JAORMX in #947
  • Fix the link to apache license by @jhrozek in #950
  • vulndb evaluator: Cleanups and unit tests for the package database lookups by @jhrozek in #949
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.17.0 to 1.18.0 by @dependabot in #956
  • build(deps): bump github.com/go-playground/validator/v10 from 10.15.3 to 10.15.4 by @dependabot in #959
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.43.0 to 0.44.0 by @dependabot in #957
  • Manually bump k8s deps by @jhrozek in #960
  • vulnerability evaluator: Submit reviews with just comment if the author is the same as the mediator identity by @jhrozek in #952
  • build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by @dependabot in #964
  • Enable environment overrides and built-in configuration defaults by @evankanderson in #963
  • Remove GetCryptoConfigWithDefaults, use DefaultConfigForTest by @evankanderson in #969
  • Fix auth.token_key variable for helm charts by @evankanderson in #970
  • Sequentially tag helm charts, rather than re-using the 0.1.0 version by @evankanderson in #971
  • build(deps): bump github.com/daixiang0/gci from 0.11.1 to 0.11.2 in /tools by @dependabot in #973
  • Forgot to actually update the actuon to set HELM_PACKAGE_VERSION by @evankanderson in #972
  • Fix chart publish workflow by @evankanderson in #974
  • Add docker dependabot configuration by @JAORMX in #978
  • Extend PR vulnerability checks with a configurable action to set commit status by @jhrozek in #966
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.39 to 1.18.40 by @dependabot in #980
  • Allow users to change their profile info and password by @evankanderson in #983

Full Changelog: v0.0.2...v0.0.3

Contributors

JAORMX, jhrozek, and 5 other contributors
Assets 14
Loading