STACKITGit/cli - Git hosting by STACKIT

Author	SHA1	Message	Date
Pavel Dostál	20e4d25147	Add missing //go:build integration tag to verify_integration_test.go The four tests in this file (TestVerifyIntegration, TestVerifyIntegrationCustomIssuer, TestVerifyIntegrationReusableWorkflow, TestVerifyIntegrationReusableWorkflowSignerWorkflow) call NewLiveSigstoreVerifier which requires network access to Sigstore and GitHub TUF servers. Unlike the other integration test files in this package (attestation_integration_test.go, sigstore_integration_test.go, inspect_integration_test.go), this file was missing the //go:build integration tag, causing these tests to run during a regular 'go test ./...' and fail in network-isolated build environments.	2026-04-28 18:20:23 +02:00
William Martin	17776cafc1	Apply review feedback - Harden SpawnSendTelemetry against relative executable paths - Use io.Copy for telemetry subprocess stdin write - Clean up GH_TELEMETRY/DO_NOT_TRACK help text - Fall back to built-in defaults (NoOp telemetry) on config load failure Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>	2026-04-17 12:28:52 +02:00
William Martin	3ed389d664	Disable telemetry for GHES	2026-04-17 11:50:24 +02:00
William Martin	c51769c977	Record agentic invocations in User-Agent header Detect which AI coding agent is invoking gh by checking well-known environment variables and include the agent name in the User-Agent header sent to GitHub APIs. Supported agents: Codex, Gemini CLI, Copilot CLI, OpenCode, Claude Code, and Amp. Generic AI_AGENT env var is also supported with validation to prevent header injection. Fixes github/cli#1111 Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>	2026-03-24 19:58:37 +01:00
ejahnGithub	3ba03e3200	add initiator_type for attestations	2025-09-23 10:59:07 -04:00
Meredith Lancaster	3637f5aa26	add missing http client field in sigstoreConfig Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-05-07 17:11:18 -06:00
Meredith Lancaster	456e641679	alphabetize fields Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-05-07 16:43:28 -06:00
Meredith Lancaster	050c68c13b	Merge branch 'trunk' into move-predicate-type-filtering	2025-04-30 14:14:42 -06:00
Meredith Lancaster	139e82c68c	Revert "temporarily skip non-failing tests" This reverts commit `de8778797f`.	2025-04-09 07:23:17 -06:00
Meredith Lancaster	de8778797f	temporarily skip non-failing tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-08 19:09:52 -06:00
Meredith Lancaster	366485155e	initiate custom verifiers when the sgistore verifier is created Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-08 16:23:37 -06:00
Meredith Lancaster	69507282d2	restore deleted file Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-03 11:07:06 -06:00
Meredith Lancaster	164a56cb66	move filterAttestations function Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-03 11:02:45 -06:00
Meredith Lancaster	56d924d25b	getAttestations unit tests Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-01 12:58:37 -06:00
Meredith Lancaster	13dafefcb5	add missing nil struct checks and udpate error messages Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-04-01 11:23:25 -06:00
Meredith Lancaster	a04be55092	Merge branch 'trunk' into move-predicate-type-filtering	2025-04-01 10:48:13 -06:00
Phill MV	0427f26884	Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Meredith Lancaster <malancas@users.noreply.github.com>	2025-03-31 11:05:23 -04:00
Phill MV	f099a54243	updated test	2025-03-27 09:57:00 -04:00
Phill MV	9c9b158d12	added minor caveat	2025-03-27 09:55:14 -04:00
Phill MV	33ab0b8f3b	Tweaked language a bit, improved error message.	2025-03-27 09:47:11 -04:00
Phill MV	321e5687a6	Rewrote the gh at verify --help text to a) clarify and b) document the verificationResult object.	2025-03-26 17:40:35 -04:00
Meredith Lancaster	d1c4bf7dd9	comment Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-25 08:24:52 -06:00
Meredith Lancaster	a856a796f0	remove duplicate predicate filtering code Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 18:34:54 -06:00
Meredith Lancaster	a9cc7b481e	create single fetch by digest client method Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 18:28:27 -06:00
Meredith Lancaster	5a895b9d72	dedpulicate if else logic Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 18:12:41 -06:00
Meredith Lancaster	95a61974bf	pass params object to api client methods Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 18:01:57 -06:00
Meredith Lancaster	ad20ef35d9	move local and oci registry attestation filtering Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 17:35:52 -06:00
Meredith Lancaster	faef81f4bc	reorganize getAttestations func to check for remote gh api fetching first Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-03-24 17:28:50 -06:00
Meredith Lancaster	ba5cf8e1ce	Merge branch 'trunk' into attestation-verify-ref-commit-policy-opts	2025-02-24 10:59:58 -07:00
Meredith Lancaster	343d9babeb	fix expected test output Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-02-24 10:51:34 -07:00
Meredith Lancaster	37a91ebfdb	undo regex changes Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-02-24 10:47:39 -07:00
Meredith Lancaster	ce87c746b2	remove signer-ref option Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-02-24 10:44:29 -07:00
William Martin	db823c18b8	Allow injection of TUFMetadataDir in tests This avoids multiple tests using the same dir for metadata, which was causing flakes	2025-02-20 17:04:30 +01:00
Fredrik Skogman	bf3a40aef3	Exit with error if no matching predicate type exists Signed-off-by: Fredrik Skogman <kommendorkapten@github.com>	2025-02-11 09:07:51 +01:00
Meredith Lancaster	e10010c4cf	fix option ordering Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-30 08:03:36 -07:00
Meredith Lancaster	c6b5928ddc	fix issues causing tests to fail Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-30 07:58:42 -07:00
Meredith Lancaster	313faf9cd0	add signer and source ref, commit options Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-30 07:43:13 -07:00
Meredith Lancaster	728aa3d83f	set new options in enforcement criteria Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-24 13:20:01 -07:00
Meredith Lancaster	11dc8d48f5	reorder fields Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-24 13:19:47 -07:00
Meredith Lancaster	6c0cdca554	Merge remote-tracking branch 'upstream/trunk' into attestation-verify-ref-commit-policy-opts	2025-01-24 09:32:18 -07:00
Meredith Lancaster	2f81a33e95	add new signing options Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-24 09:28:55 -07:00
Meredith Lancaster	840fe2198c	Merge branch 'trunk' into attestation-bundle-fetch-improvements	2025-01-23 12:46:22 -07:00
Meredith Lancaster	2ec70a5dc3	bold bullet point list header text Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-22 13:22:45 -07:00
Meredith Lancaster	5d26f0b767	skip check Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-15 14:39:22 -07:00
Meredith Lancaster	4fb265c597	formatting Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-15 14:22:05 -07:00
Meredith Lancaster	6d2f71d0f4	delete unused function Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-15 14:17:49 -07:00
Meredith Lancaster	2ffce8ae9f	print attestation output info as bullet points instead of table Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-15 14:11:54 -07:00
Meredith Lancaster	2ddfe865f4	Update pkg/cmd/attestation/verify/verify.go Co-authored-by: Phill MV <phillmv@github.com>	2025-01-13 13:02:05 -07:00
Meredith Lancaster	b7f6af03b5	update no attestations found err Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-13 12:42:10 -07:00
Meredith Lancaster	c2fdac272c	update table column headers Signed-off-by: Meredith Lancaster <malancas@github.com>	2025-01-08 13:27:38 -07:00

1 2 3 4

178 commits