v0.0.48
What's Changed
- Update index.md by @eryn-muetzel in #3117
- Update README.md by @eryn-muetzel in #3118
- Allow setting log level for mindev ruletype test by @jhrozek in #3119
- build(deps): bump github.com/openfga/openfga from 1.5.1 to 1.5.3 by @dependabot in #3122
- build(deps): bump k8s.io/client-go from 0.29.3 to 0.29.4 by @dependabot in #3121
- Return 500 if Github AppName is empty when enrolling provider by @dmjb in #3124
- build(deps): bump peter-evans/create-pull-request from 6.0.3 to 6.0.4 by @dependabot in #3127
- build(deps): bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #3128
- build(deps): bump k8s.io/apimachinery from 0.29.4 to 0.30.0 by @dependabot in #3126
- Remove GitHub discussions from README by @eleftherias in #3129
- build(deps): bump k8s.io/client-go from 0.29.4 to 0.30.0 by @dependabot in #3125
- Implement
CanImplement
method for providers by @dmjb in #3115 - Don't use SELECT * when joining profile tables by @jhrozek in #3130
- Make provider class mandatory in DB by @dmjb in #3132
- build(deps): bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in /tools by @dependabot in #3133
- build(deps): bump github.com/docker/docker from 26.0.1+incompatible to 26.0.2+incompatible by @dependabot in #3134
- build(deps): bump github.com/golang-migrate/migrate/v4 from 4.17.0 to 4.17.1 by @dependabot in #3136
- Skip or error when trying to register an archived repository by @rdimitrov in #3135
- Address review comments for labels filtering by @jhrozek in #3137
- Implement ProviderFactory and ProviderClassFactory by @dmjb in #3131
- Use provider ID instead of name when sending events by @dmjb in #3093
- Fix repo deletion by @jhrozek in #3140
- build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #3141
- Remove provider name from event wrapper by @dmjb in #3139
- Allow full profile updates through the PATCH handler by @jhrozek in #2990
- build(deps): bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #3147
- build(deps): bump slsa-framework/slsa-github-generator from 1.10.0 to 2.0.0 by @dependabot in #3146
- build(deps): bump clsx from 2.1.0 to 2.1.1 in /docs by @dependabot in #3144
- Add
reminder
service with empty sendReminders logic by @Vyom-Yadav in #2638 - build(deps): bump bufbuild/buf-setup-action from 1.30.1 to 1.31.0 by @dependabot in #3156
- build(deps): bump github.com/styrainc/regal from 0.20.1 to 0.21.0 by @dependabot in #3157
- build(deps): bump github.com/bufbuild/buf from 1.30.1 to 1.31.0 in /tools by @dependabot in #3158
- Use
go generate
directives for mock generation by @dmjb in #3159 - Bump sigstore-go to v0.3.0 and add local registry for tests by @puerco in #3154
- Bump go base images to go 1.22.2 by @dmjb in #3161
- build(deps): bump go.opentelemetry.io/otel/trace from 1.25.0 to 1.26.0 by @dependabot in #3170
- build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #3172
- build(deps): bump sigs.k8s.io/release-utils from 0.7.7 to 0.8.1 by @dependabot in #3166
- build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #3171
- build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.50.0 to 0.51.0 by @dependabot in #3169
- Add ProviderManager, make provider deletion generic by @dmjb in #3162
- Read the webhook secret from a file by @jhrozek in #3175
- More descriptive error message when validating secrets with any of the fallback webhooks fails by @jhrozek in #3176
- build(deps): bump react from 18.2.0 to 18.3.0 in /docs by @dependabot in #3179
- build(deps): bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #3185
- build(deps): bump peter-evans/create-pull-request from 6.0.4 to 6.0.5 by @dependabot in #3186
- build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.50.0 to 0.51.0 by @dependabot in #3184
- build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.25.0 to 1.26.0 by @dependabot in #3182
- build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.25.0 to 1.26.0 by @dependabot in #3183
- build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.47.0 to 0.48.0 by @dependabot in #3181
- Initial implementation of IDP interface and Keycloak implementation by @evankanderson in #3155
- Add Helm configuration for feature flags by @evankanderson in #3188
- build(deps): bump anchore/sbom-action from 0.15.10 to 0.15.11 by @dependabot in #3197
- build(deps): bump react from 18.3.0 to 18.3.1 in /docs by @dependabot in #3195
- build(deps): bump github.com/open-feature/go-sdk-contrib/providers/go-feature-flag from 0.1.35 to 0.1.36 by @dependabot in #3192
- build(deps): bump github.com/styrainc/regal from 0.21.0 to 0.21.3 by @dependabot in #3193
- build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.15.0 to 1.16.0 by @dependabot in #3190
- build(deps): bump react-dom from 18.2.0 to 18.3.1 in /docs by @dependabot in #3198
- build(deps): bump github.com/open-policy-agent/opa from 0.63.0 to 0.64.1 by @dependabot in #3191
- Add docs for using feature flags when developing Minder by @evankanderson in #3189
- Use webhook secrets from files by @jhrozek in #3177
- Fix webhook secret file names by @jhrozek in #3201
- Delete docs/docs/how-to/using-minder-with-ghas.md by @meganbruce in #3204
- build(deps): bump github.com/go-playground/validator/v10 from 10.19.0 to 10.20.0 by @dependabot in #3205
- build(deps): bump github.com/openfga/cli from 0.3.0 to 0.3.1 in /tools by @dependabot in #3207
- build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #3206
- Refactor repo deletion to move db/provider logic behind interface by @dmjb in #3200
- Warn about empty secret and skip the update in the webhook updater tool by @jhrozek in #3208
- Use ProviderManager in webhook handler by @dmjb in #3202
- Implement GitHubClientFactory by @dmjb in #3203
- build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 in /tools by @dependabot in #3216
- build(deps): bump styled-components from 6.1.8 to 6.1.9 in /docs by @dependabot in #3215
- build(deps): bump github.com/openfga/go-sdk from 0.3.5 to 0.3.6 by @dependabot in #3218
- build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.34.0 by @dependabot in #3217
- Return verified attestation in verification results by @puerco in #3212
- Fix bug handling images with slashes in ref by @puerco in #3211
- Bug: Remove impossible condition by @puerco in #3213
- Don't trim path from builder URI by @puerco in #3214
- Pass RestClientCache as constructor param by @dmjb in #3222
- Remove use of ProviderBuilder by repo handler by @dmjb in #3224
- Make Project Create/Delete a service by @dmjb in #3227
- Remove OpenFGA CVE ignore from
.trivyignore
file by @JAORMX in #3228 - Remove last CVE from
.trivyignore
by @JAORMX in #3229 - Refactor application wireup by @dmjb in #3230
- build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #3233
- Use ProviderManager in reconciler by @dmjb in #3232
- Allow empty provider in repo reconcile command by @eleftherias in #3231
- Distinguish between score 0 and missing score in Trusty by @jhrozek in #3234
- Artifact: Unify signer identity URIs by @puerco in #3238
- build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.26.0 to 1.27.0 by @dependabot in #3240
- build(deps): bump golang.org/x/term from 0.19.0 to 0.20.0 by @dependabot in #3241
- build(deps): bump github.com/golangci/golangci-lint from 1.57.2 to 1.58.0 in /tools by @dependabot in #3243
- build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #3242
- build(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 by @dependabot in #3239
- Bump docusaurus from 3.2.1 to 3.3.2 by @eleftherias in #3248
- Add flag telling if repo from provider is already registered by @blkt in #3209
- Surface bundle fetch error if gh client is not present by @JAORMX in #3249
- Update CONTRIBUTING.md by @dussab in #3251
- Parse correctly github uris, dont use cert ext uri by @puerco in #3250
- Re-enable go CoverageRedesign by @prezha in #3252
- Workaround: Remove
MINDER_FLAGS_GO_FEATURE_FILE_PATH
env variable from helm deployment by @JAORMX in #3260 - build(deps): bump golang.org/x/tools from 0.20.0 to 0.21.0 in /tools by @dependabot in #3258
- build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #3256
- build(deps): bump golang.org/x/crypto from 0.22.0 to 0.23.0 by @dependabot in #3253
- build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #3255
- build(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 in /tools by @dependabot in #3257
- build(deps): bump google.golang.org/protobuf from 1.34.0 to 1.34.1 by @dependabot in #3254
- Fix goreleaser dependencies. by @blkt in #3261
New Contributors
Full Changelog: v0.0.47...v0.0.48