STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
11279 commits 87 branches 0 tags 160 MiB
Commit graph

63 commits

Author SHA1 Message Date
Kynan Ware
7fa453e467 Update Go version requirement to 1.26+ 2026-03-07 10:10:01 -07:00
Kynan Ware
b18358b754 Bump golangci-lint from v2.6.0 to v2.11.0 for Go 1.26 support 
golangci-lint v2.6.0 was built with Go 1.25 and cannot lint code targeting
Go 1.26.1. Go 1.26 support was added in golangci-lint v2.9.0.

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
 2026-03-06 21:24:41 -07:00
William Martin
7ea88b1c4d
Bundle licenses at release time (#12625) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
 2026-02-18 17:59:27 +01:00
William Martin
249de236bd
Update go-licenses for 1.25 2026-01-07 15:38:58 +00:00
dependabot[bot]
67559b67a4
chore(deps): bump golangci/golangci-lint-action from 9.1.0 to 9.2.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 9.1.0 to 9.2.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](e7fa5ac41e...1e7e51e771)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-12 12:05:50 +00:00
dependabot[bot]
9af5c5f95c chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](0a35821d5c...e7fa5ac41e)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:43:26 +01:00
dependabot[bot]
13d9ab631d chore(deps): bump actions/checkout from 5 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-01 16:24:05 +01:00
dependabot[bot]
1a06438f91
chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](4afd733a84...0a35821d5c)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-11-13 11:57:15 +00:00
Kynan Ware
cc178cf5e4
Update .github/workflows/lint.yml 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-07 09:31:36 -07:00
Kynan Ware
b917c4cd50 Annotate go-licenses install with version tag 
Added a comment specifying the installed go-licenses commit corresponds to v2.0.1 for clarity in the lint workflow.
 2025-11-07 09:27:40 -07:00
Kynan Ware
9eb019ae56 Integrate license checks back into lint workflow 
Reverts https://github.com/cli/cli/pull/11370
 2025-11-06 11:57:51 -07:00
Kynan Ware
52391ff0f8
Apply suggestions from code review 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2025-11-03 13:08:16 -07:00
Kynan Ware
b151f53d02 Add note on govulncheck source mode for Go 1.25 2025-11-03 13:05:33 -07:00
Kynan Ware
6c1d1c4f49 Update lint govulncheck to use source mode 
Replaces binary mode scan of 'bin/gh' with source mode scan of all packages using govulncheck.
 2025-11-03 12:55:13 -07:00
Babak K. Shandiz
594e210581
ci: bump Golangci-lint to v2.6.0 
Signed-off-by: Babak K. Shandiz <babakks@github.com>
 2025-10-30 12:27:12 +00:00
dependabot[bot]
4f37579efa
chore(deps): bump actions/setup-go from 5 to 6 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-04 14:48:13 +00:00
dependabot[bot]
6710bbc2be
chore(deps): bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-08-14 15:35:09 +00:00
Andy Feller
99516d64ba Regenerate third-party licenses on trunk pushes 
Fixes #11270

This commit refactors the work done in #11047 of blocking pull requests for manual `third-party` license updates to having GitHub Actions automatically update it on pushes to `trunk`.

This will allow maintainers to streamline Dependabot PR reviews while reducing contributor friction when changing dependencies.
 2025-07-23 15:29:32 -04:00
Andy Feller
4da24b8a0c Limit permissions of govulncheck workflow 2025-07-21 08:44:58 -04:00
Andy Feller
bd6b862b63 Incorporate govulncheck into workflows 2025-07-18 17:03:39 -04:00
Andy Feller
db24646e70 Run Lint and Tests on push to trunk branch 
This change causes the "Lint" and "Unit and Integration Tests" workflows to only run on `push` events on the default branch (`trunk`).

This should avoid running redundant set of jobs on pull requests.
 2025-07-17 15:18:31 -04:00
Andy Feller
728e973a20 Ensure automation uses pinned go-licenses version 2025-06-23 13:22:27 -04:00
Andy Feller
11e8a8127d Use make for license generation and checks 2025-06-20 16:53:11 -04:00
Andy Feller
98ea250ede Merge branch 'trunk' into andyfeller/9422-license-compliance 2025-06-20 16:23:00 -04:00
William Martin
86c251154e
Merge pull request #11121 from cli/11101-use-golangci-lint-version-2 
Bump golangci-lint to v2
 2025-06-17 11:43:14 +02:00
Andy Feller
bd24865076 Adopt license compliance scripts into workflows, docs 
This commit introduces the use of `go-licenses` within CI/CD and manual processes for generating / updating the license information used by GitHub CLI including the code required by license to be redistributed.

During GitHub CLI pull requests, the `lint` workflow will notify users if this information is not updated.
 2025-05-30 12:46:51 -04:00
William Martin
0ead3398a7 Bump golang ci lint to work with go 1.24 2025-01-21 17:55:39 +01:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Matthew Hughes
0d6bd6d53c Fix cache contention in Go CI jobs 
Fix the `Set up go` and `Restore Go modules cache` steps both trying to
read/write the same contents. Since the `setup-go` step runs first this
results in the "restore cache" step trying to write the same contents
under `~/go/pkg/mod` which results in errors like (e.g. random
example[1]):

    /usr/bin/tar -xf /home/runner/work/_temp/6d12957f-f226-455e-b99c-fa7ee8c962cb/cache.tzst -P -C /home/runner/work/cli/cli --use-compress-program unzstd
    /usr/bin/tar: ../../../go/pkg/mod/golang.org/x/net@v0.21.0/go.sum: Cannot open: File exists
    Error: /usr/bin/tar: ../../../go/pkg/mod/golang.org/x/net@v0.21.0/proxy/proxy.go: Cannot open: File exists
    Error: /usr/bin/tar: ../../../go/pkg/mod/golang.org/x/net@v0.21.0/proxy/socks5.go: Cannot open: File exists
    Error: /usr/bin/tar: ../../../go/pkg/mod/golang.org/x/net@v0.21.0/proxy/dial_test.go: Cannot open: File exists

Since restoring fails, the cache job thinks no cache hit was made and
proceeds to try and save, but since it may well have fetched a valid
cache this can also error (again, see[1]):

    Post job cleanup.
    /usr/bin/tar --posix -cf cache.tzst --exclude cache.tzst -P -C /home/runner/work/cli/cli --files-from manifest.txt --use-compress-program zstdmt
    Failed to save: Unable to reserve cache with key go-Linux-1b4ae53bfd76c3b70f62d419e17f36544d0a1331f04b13d2a942e7752e3789c3, another job may be creating this cache. More details: Cache already exists. Scope: refs/heads/trunk, Key: go-Linux-1b4ae53bfd76c3b70f62d419e17f36544d0a1331f04b13d2a942e7752e3789c3, Version: 2a8d0f2be1a88abb057cd9fcea9832bd16e7ab71798dbf93cd890eb9add83cf6

To avoid this, just rely on the caching functionality of the `seutp-go`
action.

For some context, It appears this cache behaviour was added with
cb7315c85d when these workflows were still
run with `setup-go@v2`:

    $ git show cb7315c85d3c0e010ba117ca7e692ed6f18f16c5:{.github/workflows/go.yml,.github/workflows/lint.yml} | grep 'actions/setup-go'
            uses: actions/setup-go@v2
            uses: actions/setup-go@v2

which is before caching behaviour was added (with `v3.2.0`[2]).

[1] https://github.com/cli/cli/actions/runs/8654869114/job/23732868571
[2] https://github.com/actions/setup-go/releases/tag/v3.2.0
 2024-04-12 17:36:45 +01:00
William Martin
200c95e5b2
Rely on go.mod go version in all workflows (#8911) 2024-04-02 13:22:31 +00:00
Naoya Yasuda
5d79a95a32
Upgrade to Go 1.22 (#8836) 2024-04-02 14:34:59 +02:00
dependabot[bot]
32ab65fd77
build(deps): bump actions/cache from 3 to 4 (#8594) 
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-18 07:37:49 -08:00
dependabot[bot]
5d780dabf1
build(deps): bump actions/setup-go from 4 to 5 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-12-07 14:29:50 +00:00
dependabot[bot]
f9df89da0f
build(deps): bump actions/checkout from 3 to 4 (#7937) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-05 04:06:24 +02:00
Sam Coe
4a57a812f5
Upgrade to Go 1.21 (#7843) 2023-08-16 10:37:58 -07:00
dependabot[bot]
d905165875
Bump actions/setup-go from 3 to 4 (#7177) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-16 09:22:02 +11:00
Mislav Marohnić
684a4c5c8c
bump golangci-lint 2022-12-12 16:49:19 +01:00
Mislav Marohnić
ba4d50452d
Update to Go 1.19 
With this upgrade our codebase adopts the stricter handling of `os/exec` command lookup in it that it doesn't allow shelling out to a command in the current directory.
 2022-12-12 15:50:13 +01:00
Sam Coe
06fb78aa26
Re-enable linters now that golangci-lint has been updated (#5615) 2022-05-11 16:57:57 +02:00
Sam Coe
597eb16a83
Upgrade to go 1.18 (#5542) 2022-05-09 18:46:19 +02:00
dependabot[bot]
3427d17401
Bump actions/setup-go from 2 to 3 (#5425) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-04-14 09:39:05 +02:00
dependabot[bot]
b090ef0578
Bump actions/cache from 2 to 3 
Bumps [actions/cache](https://github.com/actions/cache) from 2 to 3.
- [Release notes](https://github.com/actions/cache/releases)
- [Commits](https://github.com/actions/cache/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-21 14:27:30 +00:00
Mislav Marohnić
d4ead71d06
Merge pull request #5298 from cli/bump-golangci-lint 
Bump golangci-lint version
 2022-03-14 15:27:37 +01:00
neilnaveen
07e0e52edd
Fixed permission for workflow (#5279) 
https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

Co-authored-by: Mislav Marohnić <mislav@github.com>
 2022-03-14 14:18:21 +01:00
Mislav Marohnić
9278f51aa8 Bump golangci-lint version 2022-03-11 14:58:15 +01:00
Mislav Marohnić
cb7315c85d Re-initialize modules cache in CI 2022-03-10 18:29:42 +01:00
dependabot[bot]
0cce0e1543
Bump actions/checkout from 2 to 3 
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2022-03-02 14:29:49 +00:00
Mislav Marohnić
eb78ac0dcb Require Go 1.16+ 2021-08-23 18:08:09 +02:00
Mislav Marohnić
f18929cf3d Increase linter timeout from 1min to 3min 
Hopefully avoids CI failures like https://github.com/cli/cli/runs/2379956774
 2021-04-19 12:53:52 +02:00
Mislav Marohnić
19ee0eff08 Simplify linter output setup 
`golangci-lint` now supports an output formatter for GitHub Actions, so
we don't need to manually reformat the failure output anymore.
 2021-01-07 16:16:44 +01:00