fix: don't leak internal class #3024
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ronag
added
the
semver-major
ronag
force-pushed
the
hide-internals
branch
4 times, most recently
from
96b96bd
to
b096245
Compare
|
The messages here are weird, |
ronag
force-pushed
the
hide-internals
branch
5 times, most recently
from
3b69310
to
1d902e9
Compare
ronag
force-pushed
the
hide-internals
branch
4 times, most recently
from
89dfbd7
to
dbc945d
Compare
ronag
force-pushed
the
hide-internals
branch
3 times, most recently
from
7759418
to
5e4bbb0
Compare
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #3024 +/- ##
=======================================
Coverage 93.50% 93.50%
=======================================
Files 89 89
Lines 24220 24239 +19
=======================================
+ Hits 22646 22665 +19
Misses 1574 1574 ☔ View full report in Codecov by Sentry. |
|
Shall we point to |
ronag
commented
Mar 31, 2024
ronag
commented
Mar 31, 2024
mcollina
requested changes
Mar 31, 2024
|
That's a bad idea in my opinion and can lead to all kinds of undefined behaviors and breaking. The internal class has no guarantees to its interface. |
I don't see how this PR would change it. You can still use the passed object as a key. |
metcoder95
approved these changes
Apr 1, 2024
create-app-token-action-releaser bot
pushed a commit
to actions/create-github-app-token
that referenced
this pull request
Apr 4, 2024
## [1.9.3](v1.9.2...v1.9.3) (2024-04-04) ### Bug Fixes * **deps:** bump undici from 6.10.2 to 6.11.1 ([#125](#125)) ([3c223c7](3c223c7)), closes [#3024](https://github.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](nodejs/undici#3044) [#3023](https://github.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](nodejs/undici#3025) [nodejs/undici#3024](nodejs/undici#3024) [nodejs/undici#3034](nodejs/undici#3034) [nodejs/undici#3038](nodejs/undici#3038) [nodejs/undici#2947](nodejs/undici#2947) [nodejs/undici#3040](nodejs/undici#3040) [nodejs/undici#3036](nodejs/undici#3036) [nodejs/undici#3041](nodejs/undici#3041) [#3024](https://github.com/actions/create-github-app-token/issues/3024) [#3041](https://github.com/actions/create-github-app-token/issues/3041) [#3036](https://github.com/actions/create-github-app-token/issues/3036)
bloopy-boi bot
added a commit
to h3mmy/bloopyboi
that referenced
this pull request
Apr 4, 2024
… v1.9.3 ) (#231) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | action | patch | `v1.9.2` -> `v1.9.3` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.9.3`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.3) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3) ##### Bug Fixes - **deps:** bump undici from 6.10.2 to 6.11.1 ([#​125](https://github.com/actions/create-github-app-token/issues/125)) ([3c223c7](https://github.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)), closes [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](https://github.com/nodejs/undici/issues/3044) [#​3023](https://github.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](https://github.com/nodejs/undici/issues/3025) [nodejs/undici#3024](https://github.com/nodejs/undici/issues/3024) [nodejs/undici#3034](https://github.com/nodejs/undici/issues/3034) [nodejs/undici#3038](https://github.com/nodejs/undici/issues/3038) [nodejs/undici#2947](https://github.com/nodejs/undici/issues/2947) [nodejs/undici#3040](https://github.com/nodejs/undici/issues/3040) [nodejs/undici#3036](https://github.com/nodejs/undici/issues/3036) [nodejs/undici#3041](https://github.com/nodejs/undici/issues/3041) [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [#​3041](https://github.com/actions/create-github-app-token/issues/3041) [#​3036](https://github.com/actions/create-github-app-token/issues/3036) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4yNzkuMCIsInVwZGF0ZWRJblZlciI6IjM3LjI3OS4wIiwidGFyZ2V0QnJhbmNoIjoiZGV2IiwibGFiZWxzIjpbInJlbm92YXRlL2dpdGh1Yi1hY3Rpb24iLCJyZW5vdmF0ZS9naXRodWItcmVsZWFzZSIsInR5cGUvcGF0Y2giXX0=--> Co-authored-by: bloopy-boi[bot] <98279278+bloopy-boi[bot]@users.noreply.github.com>
github-merge-queue bot
pushed a commit
to 4m-mazi/gh-test
that referenced
this pull request
May 11, 2024
…o v1.10.0 (#728) This PR contains the following updates: | Package | Type | Update | Change | OpenSSF | |---|---|---|---|---| | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | action | minor | `v1.9.0` -> `v1.10.0` | [](https://securityscorecards.dev/viewer/?uri=github.com/actions/create-github-app-token) | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.10.0`](https://github.com/actions/create-github-app-token/releases/tag/v1.10.0) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0) ##### Features - **`private-key`:** escaped newlines will be replaced ([#​132](https://github.com/actions/create-github-app-token/issues/132)) ([9d23fb9](https://github.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f)) ### [`v1.9.3`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.3) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3) ##### Bug Fixes - **deps:** bump undici from 6.10.2 to 6.11.1 ([#​125](https://github.com/actions/create-github-app-token/issues/125)) ([3c223c7](https://github.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)), closes [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](https://github.com/nodejs/undici/issues/3044) [#​3023](https://github.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](https://github.com/nodejs/undici/issues/3025) [nodejs/undici#3024](https://github.com/nodejs/undici/issues/3024) [nodejs/undici#3034](https://github.com/nodejs/undici/issues/3034) [nodejs/undici#3038](https://github.com/nodejs/undici/issues/3038) [nodejs/undici#2947](https://github.com/nodejs/undici/issues/2947) [nodejs/undici#3040](https://github.com/nodejs/undici/issues/3040) [nodejs/undici#3036](https://github.com/nodejs/undici/issues/3036) [nodejs/undici#3041](https://github.com/nodejs/undici/issues/3041) [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [#​3041](https://github.com/actions/create-github-app-token/issues/3041) [#​3036](https://github.com/actions/create-github-app-token/issues/3036) ### [`v1.9.2`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.2) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2) ##### Bug Fixes - **deps:** bump the production-dependencies group with 1 update ([#​123](https://github.com/actions/create-github-app-token/issues/123)) ([beea7b8](https://github.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)), closes [nodejs/undici#2978](https://github.com/nodejs/undici/issues/2978) [nodejs/undici#2971](https://github.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://github.com/nodejs/undici/issues/2980) [#​2982](https://github.com/actions/create-github-app-token/issues/2982) [nodejs/undici#2983](https://github.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://github.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://github.com/nodejs/undici/issues/2991) [#​2986](https://github.com/actions/create-github-app-token/issues/2986) [nodejs/undici#2992](https://github.com/nodejs/undici/issues/2992) [nodejs/undici#2985](https://github.com/nodejs/undici/issues/2985) [nodejs/undici#2993](https://github.com/nodejs/undici/issues/2993) [nodejs/undici#2995](https://github.com/nodejs/undici/issues/2995) [nodejs/undici#2998](https://github.com/nodejs/undici/issues/2998) [#​2863](https://github.com/actions/create-github-app-token/issues/2863) [nodejs/undici#2999](https://github.com/nodejs/undici/issues/2999) [nodejs/undici#3001](https://github.com/nodejs/undici/issues/3001) [nodejs/undici#2971](https://github.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://github.com/nodejs/undici/issues/2980) [nodejs/undici#2983](https://github.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://github.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://github.com/nodejs/undici/issues/2991) [nodejs/undici#2985](https://github.com/nodejs/undici/issues/2985) [nodejs/undici#2995](https://github.com/nodejs/undici/issues/2995) [nodejs/undici#2960](https://github.com/nodejs/undici/issues/2960) [nodejs/undici#2959](https://github.com/nodejs/undici/issues/2959) [nodejs/undici#2969](https://github.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://github.com/nodejs/undici/issues/2962) [nodejs/undici#2974](https://github.com/nodejs/undici/issues/2974) [nodejs/undici#2967](https://github.com/nodejs/undici/issues/2967) [nodejs/undici#2966](https://github.com/nodejs/undici/issues/2966) [nodejs/undici#2969](https://github.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://github.com/nodejs/undici/issues/2962) [nodejs/undici#2826](https://github.com/nodejs/undici/issues/2826) [nodejs/undici#2952](https://github.com/nodejs/undici/issues/2952) [#​3001](https://github.com/actions/create-github-app-token/issues/3001) [#​2863](https://github.com/actions/create-github-app-token/issues/2863) [#​2999](https://github.com/actions/create-github-app-token/issues/2999) [#​2998](https://github.com/actions/create-github-app-token/issues/2998) [#​2993](https://github.com/actions/create-github-app-token/issues/2993) [#​2986](https://github.com/actions/create-github-app-token/issues/2986) [#​2992](https://github.com/actions/create-github-app-token/issues/2992) [#​2991](https://github.com/actions/create-github-app-token/issues/2991) [#​2987](https://github.com/actions/create-github-app-token/issues/2987) ### [`v1.9.1`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.1) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1) ##### Bug Fixes - clarify `owner` input description ([#​118](https://github.com/actions/create-github-app-token/issues/118)) ([d9bc169](https://github.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjMxMy4xIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJzZW12ZXI6bm9uZSJdfQ==--> Co-authored-by: mazi-renovate[bot] <161091290+mazi-renovate[bot]@users.noreply.github.com>
Racer159
pushed a commit
to defenseunicorns/maru-runner
that referenced
this pull request
May 22, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | action | minor | `v1.9.0` -> `v1.10.0` | | [actions/setup-go](https://github.com/actions/setup-go) | action | patch | `v5.0.0` -> `v5.0.1` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | action | minor | `v0.15.11` -> `v0.16.0` | | [defenseunicorns/zarf](https://github.com/defenseunicorns/zarf) | | minor | `v0.32.5` -> `v0.33.2` | | [github/codeql-action](https://github.com/github/codeql-action) | action | patch | `v3.25.3` -> `v3.25.6` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | action | minor | `v5.0.0` -> `v5.1.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | action | patch | `v2.3.1` -> `v2.3.3` | --- ### Release Notes <details> <summary>actions/create-github-app-token (actions/create-github-app-token)</summary> ### [`v1.10.0`](https://github.com/actions/create-github-app-token/releases/tag/v1.10.0) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0) ##### Features - **`private-key`:** escaped newlines will be replaced ([#​132](https://github.com/actions/create-github-app-token/issues/132)) ([9d23fb9](https://github.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f)) ### [`v1.9.3`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.3) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3) ##### Bug Fixes - **deps:** bump undici from 6.10.2 to 6.11.1 ([#​125](https://github.com/actions/create-github-app-token/issues/125)) ([3c223c7](https://github.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)), closes [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [nodejs/undici#3044](https://github.com/nodejs/undici/issues/3044) [#​3023](https://github.com/actions/create-github-app-token/issues/3023) [nodejs/undici#3025](https://github.com/nodejs/undici/issues/3025) [nodejs/undici#3024](https://github.com/nodejs/undici/issues/3024) [nodejs/undici#3034](https://github.com/nodejs/undici/issues/3034) [nodejs/undici#3038](https://github.com/nodejs/undici/issues/3038) [nodejs/undici#2947](https://github.com/nodejs/undici/issues/2947) [nodejs/undici#3040](https://github.com/nodejs/undici/issues/3040) [nodejs/undici#3036](https://github.com/nodejs/undici/issues/3036) [nodejs/undici#3041](https://github.com/nodejs/undici/issues/3041) [#​3024](https://github.com/actions/create-github-app-token/issues/3024) [#​3041](https://github.com/actions/create-github-app-token/issues/3041) [#​3036](https://github.com/actions/create-github-app-token/issues/3036) ### [`v1.9.2`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.2) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2) ##### Bug Fixes - **deps:** bump the production-dependencies group with 1 update ([#​123](https://github.com/actions/create-github-app-token/issues/123)) ([beea7b8](https://github.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)), closes [nodejs/undici#2978](https://github.com/nodejs/undici/issues/2978) [nodejs/undici#2971](https://github.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://github.com/nodejs/undici/issues/2980) [#​2982](https://github.com/actions/create-github-app-token/issues/2982) [nodejs/undici#2983](https://github.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://github.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://github.com/nodejs/undici/issues/2991) [#​2986](https://github.com/actions/create-github-app-token/issues/2986) [nodejs/undici#2992](https://github.com/nodejs/undici/issues/2992) [nodejs/undici#2985](https://github.com/nodejs/undici/issues/2985) [nodejs/undici#2993](https://github.com/nodejs/undici/issues/2993) [nodejs/undici#2995](https://github.com/nodejs/undici/issues/2995) [nodejs/undici#2998](https://github.com/nodejs/undici/issues/2998) [#​2863](https://github.com/actions/create-github-app-token/issues/2863) [nodejs/undici#2999](https://github.com/nodejs/undici/issues/2999) [nodejs/undici#3001](https://github.com/nodejs/undici/issues/3001) [nodejs/undici#2971](https://github.com/nodejs/undici/issues/2971) [nodejs/undici#2980](https://github.com/nodejs/undici/issues/2980) [nodejs/undici#2983](https://github.com/nodejs/undici/issues/2983) [nodejs/undici#2987](https://github.com/nodejs/undici/issues/2987) [nodejs/undici#2991](https://github.com/nodejs/undici/issues/2991) [nodejs/undici#2985](https://github.com/nodejs/undici/issues/2985) [nodejs/undici#2995](https://github.com/nodejs/undici/issues/2995) [nodejs/undici#2960](https://github.com/nodejs/undici/issues/2960) [nodejs/undici#2959](https://github.com/nodejs/undici/issues/2959) [nodejs/undici#2969](https://github.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://github.com/nodejs/undici/issues/2962) [nodejs/undici#2974](https://github.com/nodejs/undici/issues/2974) [nodejs/undici#2967](https://github.com/nodejs/undici/issues/2967) [nodejs/undici#2966](https://github.com/nodejs/undici/issues/2966) [nodejs/undici#2969](https://github.com/nodejs/undici/issues/2969) [nodejs/undici#2962](https://github.com/nodejs/undici/issues/2962) [nodejs/undici#2826](https://github.com/nodejs/undici/issues/2826) [nodejs/undici#2952](https://github.com/nodejs/undici/issues/2952) [#​3001](https://github.com/actions/create-github-app-token/issues/3001) [#​2863](https://github.com/actions/create-github-app-token/issues/2863) [#​2999](https://github.com/actions/create-github-app-token/issues/2999) [#​2998](https://github.com/actions/create-github-app-token/issues/2998) [#​2993](https://github.com/actions/create-github-app-token/issues/2993) [#​2986](https://github.com/actions/create-github-app-token/issues/2986) [#​2992](https://github.com/actions/create-github-app-token/issues/2992) [#​2991](https://github.com/actions/create-github-app-token/issues/2991) [#​2987](https://github.com/actions/create-github-app-token/issues/2987) ### [`v1.9.1`](https://github.com/actions/create-github-app-token/releases/tag/v1.9.1) [Compare Source](https://github.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1) ##### Bug Fixes - clarify `owner` input description ([#​118](https://github.com/actions/create-github-app-token/issues/118)) ([d9bc169](https://github.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f)) </details> <details> <summary>actions/setup-go (actions/setup-go)</summary> ### [`v5.0.1`](https://github.com/actions/setup-go/releases/tag/v5.0.1) [Compare Source](https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1) #### What's Changed - Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by [@​dependabot](https://github.com/dependabot) , [@​HarithaVattikuti](https://github.com/HarithaVattikuti) in [actions/setup-go#465 - Update documentation with latest V5 release notes by [@​ab](https://github.com/ab) in [actions/setup-go#459 - Update version documentation by [@​178inaba](https://github.com/178inaba) in [actions/setup-go#458 - Documentation update of `actions/setup-go` to v5 by [@​chenrui333](https://github.com/chenrui333) in [actions/setup-go#449 #### New Contributors - [@​ab](https://github.com/ab) made their first contribution in [actions/setup-go#459 **Full Changelog**: actions/setup-go@v5.0.0...v5.0.1 </details> <details> <summary>anchore/sbom-action (anchore/sbom-action)</summary> ### [`v0.16.0`](https://github.com/anchore/sbom-action/releases/tag/v0.16.0): v0.16 [Compare Source](https://github.com/anchore/sbom-action/compare/v0.15.11...v0.16.0) #### Changes in v0.16.0 - Update Syft to v1.4.1 ([#​465](https://github.com/anchore/sbom-action/issues/465)) - Update GitHub artifact client ([#​463](https://github.com/anchore/sbom-action/issues/463)) \[[kzantow](https://github.com/kzantow)] </details> <details> <summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary> ### [`v0.33.2`](https://github.com/defenseunicorns/zarf/releases/tag/v0.33.2) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2) ##### What's Changed - fix: schema integration by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2463 - docs: add contributor covenant code of conduct by [@​salaxander](https://github.com/salaxander) in [defenseunicorns/zarf#2462 - docs: fix casing on code of conduct badge by [@​salaxander](https://github.com/salaxander) in [defenseunicorns/zarf#2466 - fix(deps): update github.com/anchore/clio digest to [`3c4abf8`](https://github.com/defenseunicorns/zarf/commit/3c4abf8) by [@​renovate](https://github.com/renovate) in [defenseunicorns/zarf#2424 - fix: update docker media type in registry by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2476 - fix: adds GetVariableConfig function for packager by [@​decleaver](https://github.com/decleaver) in [defenseunicorns/zarf#2475 - test: add tests for remove copies from components to enable refactoring by [@​phillebaba](https://github.com/phillebaba) in [defenseunicorns/zarf#2473 - fix!: do not uninstall helm chart after failed install or upgrade by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2456 - feat: inspect --list-images by [@​Noxsios](https://github.com/Noxsios) in [defenseunicorns/zarf#2478 - refactor: remove copies from components to a filter by [@​phillebaba](https://github.com/phillebaba) in [defenseunicorns/zarf#2474 - chore: add support.md by [@​schristoff](https://github.com/schristoff) in [defenseunicorns/zarf#2480 - chore: add a check for go mod tidy by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2481 - fix: use correct sha256 checksum for arm64 injector binary by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2483 - fix: simplify go mod tidy check by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2482 ##### New Contributors - [@​salaxander](https://github.com/salaxander) made their first contribution in [defenseunicorns/zarf#2462 - [@​phillebaba](https://github.com/phillebaba) made their first contribution in [defenseunicorns/zarf#2473 - [@​schristoff](https://github.com/schristoff) made their first contribution in [defenseunicorns/zarf#2480 **Full Changelog**: defenseunicorns/zarf@v0.33.1...v0.33.2 ### [`v0.33.1`](https://github.com/defenseunicorns/zarf/releases/tag/v0.33.1) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1) #### What's Changed - fix: add redirect so old zarf base link is compatiable by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2432 - ci: pin third-party gh actions by hash by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2433 - docs: add redirect for examples by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2438 - docs: update contributing and pre-commit by [@​Noxsios](https://github.com/Noxsios) in [defenseunicorns/zarf#2439 - ci: fix revive image ref in lint workflow by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2436 - fix: filter on running pods when finding an image for injector pod by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2415 - fix: readme dead links by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2442 - fix: differential package create with non local sources by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2444 - refactor: move variables into separate package by [@​Racer159](https://github.com/Racer159) in [defenseunicorns/zarf#2414 - ci: add top level workflow permission to commitlint by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2449 - ci: remove unused env var from codeql workflow by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2450 - chore: cleanup root level files and add SPDX check for Go files by [@​Noxsios](https://github.com/Noxsios) in [defenseunicorns/zarf#2431 - feat: config to enable resilient registry by [@​Michael-Kruggel](https://github.com/Michael-Kruggel) in [defenseunicorns/zarf#2440 - docs: init package clarity and cleanup by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2447 - ci: compare cves to main by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2448 - test: unpin version in bigbang extension test by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2459 - fix: broken schema from unexpanded embedded variables by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2458 - fix: error on create if an index sha is used by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2429 #### New Contributors - [@​Michael-Kruggel](https://github.com/Michael-Kruggel) made their first contribution in [defenseunicorns/zarf#2440 **Full Changelog**: defenseunicorns/zarf@v0.33.0...v0.33.1 ### [`v0.33.0`](https://github.com/defenseunicorns/zarf/releases/tag/v0.33.0) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0) #### What's Changed - fix: update deprecated syft packages command to syft scan by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2399 - chore: move helpers to defenseunicorns/pkg by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2402 - fix(deps): update github.com/anchore/clio digest to [`fb5fc4c`](https://github.com/defenseunicorns/zarf/commit/fb5fc4c) by [@​renovate](https://github.com/renovate) in [defenseunicorns/zarf#2366 - feat(tools): add yq by [@​zachariahmiller](https://github.com/zachariahmiller) in [defenseunicorns/zarf#2406 - chore: switch to use oci lib in defenseunicorns/pkg by [@​AustinAbro321](https://github.com/AustinAbro321) in [defenseunicorns/zarf#2404 - fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1 by [@​renovate](https://github.com/renovate) in [defenseunicorns/zarf#2411 - fix: use env var for PR title in commitlint workflow to prevent untrusted script injection by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2418 - fix: use default GITHUB_TOKEN for ossf/scorecard-action by [@​bburky](https://github.com/bburky) in [defenseunicorns/zarf#2416 - fix: remove duplicate logic for writing image layers to disk concurrently by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2409 - feat: add option to skip cosign lookup during find images by [@​Racer159](https://github.com/Racer159) in [defenseunicorns/zarf#2427 - feat: allow chart deploy overrides ALPHA by [@​naveensrinivasan](https://github.com/naveensrinivasan) in [defenseunicorns/zarf#2403 - chore: update pull_request_template.md by [@​Noxsios](https://github.com/Noxsios) in [defenseunicorns/zarf#2428 - ci: pin k3s image version in k3d github action by [@​lucasrod16](https://github.com/lucasrod16) in [defenseunicorns/zarf#2430 - feat(docs): port docs to starlight by [@​Noxsios](https://github.com/Noxsios) in [defenseunicorns/zarf#2315 #### New Contributors - [@​zachariahmiller](https://github.com/zachariahmiller) made their first contribution in [defenseunicorns/zarf#2406 - [@​bburky](https://github.com/bburky) made their first contribution in [defenseunicorns/zarf#2416 **Full Changelog**: defenseunicorns/zarf@v0.32.6...v0.33.0 ### [`v0.32.6`](https://github.com/defenseunicorns/zarf/releases/tag/v0.32.6) [Compare Source](https://github.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6) #### \[0.32.6] - 2024-03-22 > trying out some different release note generators, formatting may vary for a few releases while we figure out what works best ~[@​Noxsios](https://github.com/Noxsios) ##### 🚀 Features - \[**ALPHA**] feat: package generation ALPHA by [@​andrewg-xyz](https://github.com/andrewg-xyz) in [#​2269](https://github.com/defenseunicorns/zarf/pull/2269) - *(lib)* feat(lib): configurable log file location by [@​Noxsios](https://github.com/Noxsios) in [#​2380](https://github.com/defenseunicorns/zarf/pull/2380) - \[**BREAKING**] feat!: filter package components with strategy interface by [@​Noxsios](https://github.com/Noxsios) in [#​2321](https://github.com/defenseunicorns/zarf/pull/2321) ##### 🐛 Bug Fixes - fix: refactor create stages into separate lib by [@​lucasrod16](https://github.com/lucasrod16) in [#​2223](https://github.com/defenseunicorns/zarf/pull/2223) - fix: handle registry caBundle as a multiline string by [@​AbrohamLincoln](https://github.com/AbrohamLincoln) in [#​2381](https://github.com/defenseunicorns/zarf/pull/2381) - *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and `mirror` by [@​lucasrod16](https://github.com/lucasrod16) in [#​2386](https://github.com/defenseunicorns/zarf/pull/2386) - fix: allow absolute paths for differential packages by [@​AustinAbro321](https://github.com/AustinAbro321) in [#​2397](https://github.com/defenseunicorns/zarf/pull/2397) - fix: hotfix skeleton publish by [@​Noxsios](https://github.com/Noxsios) in [#​2398](https://github.com/defenseunicorns/zarf/pull/2398) ##### 🚜 Refactor - refactor: split helpers/exec libs by [@​Racer159](https://github.com/Racer159) in [#​2379](https://github.com/defenseunicorns/zarf/pull/2379) ##### 🧪 Testing - test: data injection flake by [@​lucasrod16](https://github.com/lucasrod16) in [#​2361](https://github.com/defenseunicorns/zarf/pull/2361) ##### ⚙️ Miscellaneous Tasks - ci: add commitlint workflow and update contributing guide by [@​lucasrod16](https://github.com/lucasrod16) in [#​2391](https://github.com/defenseunicorns/zarf/pull/2391) ##### 🛡️ Security - *(release)* build: create PRs on `homebrew-tap` by [@​Noxsios](https://github.com/Noxsios) in [#​2385](https://github.com/defenseunicorns/zarf/pull/2385) **Full Changelog**: defenseunicorns/zarf@v0.32.5...v0.32.6 </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v3.25.6`](https://github.com/github/codeql-action/compare/v3.25.5...v3.25.6) [Compare Source](https://github.com/github/codeql-action/compare/v3.25.5...v3.25.6) ### [`v3.25.5`](https://github.com/github/codeql-action/compare/v3.25.4...v3.25.5) [Compare Source](https://github.com/github/codeql-action/compare/v3.25.4...v3.25.5) ### [`v3.25.4`](https://github.com/github/codeql-action/compare/v3.25.3...v3.25.4) [Compare Source](https://github.com/github/codeql-action/compare/v3.25.3...v3.25.4) </details> <details> <summary>goreleaser/goreleaser-action (goreleaser/goreleaser-action)</summary> ### [`v5.1.0`](https://github.com/goreleaser/goreleaser-action/releases/tag/v5.1.0) [Compare Source](https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0) #### Important This version changes the default behavior of `latest` to `~> v1`. The next major of this action (v6), will change this to `~> v2`, and will be launched together with GoReleaser v2. #### What's Changed - docs: bump actions to latest major by [@​crazy-max](https://github.com/crazy-max) in [goreleaser/goreleaser-action#435 - chore(deps): bump docker/bake-action from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#436 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#437 - chore(deps): bump actions/setup-go from 4 to 5 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#443 - chore(deps): bump actions/upload-artifact from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#444 - Delete .kodiak.toml by [@​vedantmgoyal9](https://github.com/vedantmgoyal9) in [goreleaser/goreleaser-action#446 - chore(deps): bump codecov/codecov-action from 3 to 4 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#448 - chore(deps): bump ip from 2.0.0 to 2.0.1 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#450 - Upgrade setup-go action version in README by [@​kishaningithub](https://github.com/kishaningithub) in [goreleaser/goreleaser-action#455 - chore(deps): bump tar from 6.1.14 to 6.2.1 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#456 - chore: use corepack to install yarn by [@​crazy-max](https://github.com/crazy-max) in [goreleaser/goreleaser-action#458 - feat: lock this major version of the action to use '~> v1' as 'latest' by [@​caarlos0](https://github.com/caarlos0) in [goreleaser/goreleaser-action#461 - chore(deps): bump semver from 7.6.0 to 7.6.2 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#462 - chore(deps): bump [@​actions/http-client](https://github.com/actions/http-client) from 2.2.0 to 2.2.1 by [@​dependabot](https://github.com/dependabot) in [goreleaser/goreleaser-action#451 #### New Contributors - [@​vedantmgoyal9](https://github.com/vedantmgoyal9) made their first contribution in [goreleaser/goreleaser-action#446 **Full Changelog**: goreleaser/goreleaser-action@v5.0.0...v5.1.0 </details> <details> <summary>ossf/scorecard-action (ossf/scorecard-action)</summary> ### [`v2.3.3`](https://github.com/ossf/scorecard-action/releases/tag/v2.3.3) [Compare Source](https://github.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3) > \[!NOTE]\ > There is no v2.3.2 release as a step was skipped in the release process. This was fixed and re-released under the v2.3.3 tag #### What's Changed - 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to github.com/ossf/scorecard/v5 (v5.0.0-rc1) by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1366 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to v5.0.0-rc2 by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1374 - 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0-rc2.0.20240509182734-7ce860946928 by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1377 For a full changelist of what these include, see the [v5.0.0-rc1](https://github.com/ossf/scorecard/releases/tag/v5.0.0-rc1) and [v5.0.0-rc2](https://github.com/ossf/scorecard/releases/tag/v5.0.0-rc2) release notes. ##### Documentation - 📖 Move token discussion out of main README. by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1279 - 📖 link to `ossf/scorecard` workflow instead of maintaining an example by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1352 - 📖 update api links to new scorecard.dev site by [@​spencerschrock](https://github.com/spencerschrock) in [ossf/scorecard-action#1376 **Full Changelog**: ossf/scorecard-action@v2.3.1...v2.3.3 ### [`v2.3.2`](https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) [Compare Source](https://github.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am every weekday" in timezone America/New_York, Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/defenseunicorns/maru-runner). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Don't pass the internal request object, create a "safe" representation. Also don't allow external mutation through
addHeaders.