Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

🐛 Parse Gitlab Status fields to align w/Github Status and Conclusion #3706

Merged
merged 5 commits into from
Dec 4, 2023
Merged

🐛 Parse Gitlab Status fields to align w/Github Status and Conclusion #3706

merged 5 commits into from
Dec 4, 2023

Commits on Dec 4, 2023

  1. fix: parse gitlab pipeline status to their GitHub equivalent 

    Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
    @ashearin
    ashearin committed Dec 4, 2023
    Configuration menu
    Copy the full SHA
    dcbfa3c View commit details
    Browse the repository at this point in the history

  2. 🐛 Trust pinned GitHub download URLs (ossf#3694) 

    * Trust pinned GitHub download URLs

 Trust files that are downloaded from `raw.githubusercontent.com` where the file's ref is a Git SHA and therefore immutable.
Resolves ossf#3339.
Signed-off-by: martincostello <martin@martincostello.com>

* Move logic to function

- Add `hasUnpinnedURLs` function.
- Add test cases for different URLs.
Signed-off-by: martincostello <martin@martincostello.com>

* Fix formatting

Appease the linter.
Signed-off-by: martincostello <martin@martincostello.com>

* Suppress lint warnings

Suppress warning on three long URLs.
Signed-off-by: martincostello <martin@martincostello.com>

* Address peer review

Address peer review feedback.
Signed-off-by: martincostello <martin@martincostello.com>

* Fix lint warning

Fix lint warning.
Signed-off-by: martincostello <martin@martincostello.com>
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
    @martincostello @ashearin
    martincostello authored and ashearin committed Dec 4, 2023
    Configuration menu
    Copy the full SHA
    794b7ef View commit details
    Browse the repository at this point in the history

  3. 🌱 Bump github.com/google/go-containerregistry (ossf#3708) 

    Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.16.1 to 0.17.0.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](google/go-containerregistry@v0.16.1...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
    @dependabot @ashearin
    dependabot[bot] authored and ashearin committed Dec 4, 2023
    Configuration menu
    Copy the full SHA
    177f4a6 View commit details
    Browse the repository at this point in the history

  4. change completed string to const 

    Signed-off-by: Allen Shearin <allen.p.shearin@gmail.com>
    @ashearin
    ashearin committed Dec 4, 2023
    Configuration menu
    Copy the full SHA
    7632aa9 View commit details
    Browse the repository at this point in the history

  5. Merge branch 'main' into gitlab-conclusion-fields

    @ashearin
    ashearin committed Dec 4, 2023
    Configuration menu
    Copy the full SHA
    9fec5e3 View commit details
    Browse the repository at this point in the history