Kynan Ware
35828f44cd
Add manual dispatch to bump-go workflow
...
Enable manual runs of the Bump Go workflow by adding the workflow_dispatch trigger alongside the existing scheduled cron. This allows maintainers to trigger the bump process on-demand while keeping the daily 3 AM UTC schedule intact.
2026-02-06 11:52:24 -07:00
dependabot[bot]
fdc72751a7
chore(deps): bump actions/attest-build-provenance from 3.1.0 to 3.2.0
...
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](00014ed6ed...96278af6ca
2026-01-27 14:01:36 +00:00
dependabot[bot]
09e66252fd
chore(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.4.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 6.0.0 to 6.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](286f3b13b1...e435ccd777
2026-01-23 18:22:34 +00:00
Kynan Ware
c8335e3f55
Merge pull request #12315 from cli/dependabot/github_actions/actions/upload-artifact-6
...
chore(deps): bump actions/upload-artifact from 5 to 6
2026-01-23 11:18:50 -07:00
Kynan Ware
970a1ebbc1
Merge pull request #12314 from cli/dependabot/github_actions/actions/download-artifact-7
...
chore(deps): bump actions/download-artifact from 6 to 7
2026-01-23 11:18:19 -07:00
Kynan Ware
fe729082ad
Update contributing guidelines for clarity
2026-01-20 15:21:23 -07:00
William Martin
249de236bd
Update go-licenses for 1.25
2026-01-07 15:38:58 +00:00
Kynan Ware
1d76eae5aa
Add shell specification for temporary tag creation
2026-01-06 10:37:12 -07:00
Babak K. Shandiz
f47a230eda
ci: shorten run block
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2026-01-06 17:04:02 +00:00
Babak K. Shandiz
d02341d5a3
ci: improve step name
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2026-01-06 17:02:54 +00:00
Babak K. Shandiz
fa871ffa67
ci: tag per build job
...
We need to tag the HEAD commit to make sure the right version is baked
into the built binaries.
See for more details:
- https://github.com/cli/cli/issues/12263
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2026-01-06 16:59:08 +00:00
Kynan Ware
c9ba3793ee
Update Azure Code Signing endpoint URL
2026-01-05 13:43:55 -07:00
Kynan Ware
319567c2cf
Update Azure Code Signing client to 1.0.95
...
Also updates the source URL
2026-01-05 11:49:16 -07:00
Babak K. Shandiz
aed52d5ee1
ci: disable create storage record for artifacts
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-12-19 19:17:44 +00:00
dependabot[bot]
4f5e755c24
chore(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0
...
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](977bb373ed...00014ed6ed
2025-12-19 19:13:50 +00:00
Babak K. Shandiz
146e886761
Merge pull request #12318 from cli/babakks/upgrade-to-goreleaser-v2
...
ci: upgrade to GoReleaser `v2`
2025-12-19 19:12:19 +00:00
Babak K. Shandiz
dd6783868b
ci: fix binary artifact dir paths used in Windows job
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-12-15 18:56:07 +00:00
Babak K. Shandiz
a777a95e9a
ci: upgrade to GoReleaser v2
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-12-15 18:44:25 +00:00
dependabot[bot]
aba49aab39
chore(deps): bump actions/upload-artifact from 5 to 6
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 5 to 6.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-12-15 14:03:27 +00:00
dependabot[bot]
58534228a9
chore(deps): bump actions/download-artifact from 6 to 7
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 6 to 7.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v6...v7 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '7'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-12-15 14:03:19 +00:00
dependabot[bot]
67559b67a4
chore(deps): bump golangci/golangci-lint-action from 9.1.0 to 9.2.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 9.1.0 to 9.2.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](e7fa5ac41e...1e7e51e771
2025-12-12 12:05:50 +00:00
dependabot[bot]
9af5c5f95c
chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 9.0.0 to 9.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](0a35821d5c...e7fa5ac41e
2025-12-01 16:43:26 +01:00
dependabot[bot]
13d9ab631d
chore(deps): bump actions/checkout from 5 to 6
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-12-01 16:24:05 +01:00
dependabot[bot]
1a06438f91
chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 8.0.0 to 9.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](4afd733a84...0a35821d5c
2025-11-13 11:57:15 +00:00
Kynan Ware
cc178cf5e4
Update .github/workflows/lint.yml
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-11-07 09:31:36 -07:00
Kynan Ware
b917c4cd50
Annotate go-licenses install with version tag
...
Added a comment specifying the installed go-licenses commit corresponds to v2.0.1 for clarity in the lint workflow.
2025-11-07 09:27:40 -07:00
Kynan Ware
9eb019ae56
Integrate license checks back into lint workflow
...
Reverts https://github.com/cli/cli/pull/11370
2025-11-06 11:57:51 -07:00
Kynan Ware
c0d5f164f2
Merge pull request #12089 from cli/kw/use-source-govulncheck-scan-lint
...
CI: Update lint govulncheck to use source mode
2025-11-03 13:18:27 -07:00
Kynan Ware
52391ff0f8
Apply suggestions from code review
...
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
2025-11-03 13:08:16 -07:00
Kynan Ware
b151f53d02
Add note on govulncheck source mode for Go 1.25
2025-11-03 13:05:33 -07:00
Kynan Ware
6c1d1c4f49
Update lint govulncheck to use source mode
...
Replaces binary mode scan of 'bin/gh' with source mode scan of all packages using govulncheck.
2025-11-03 12:55:13 -07:00
Babak K. Shandiz
eaddf5baf9
chore: add workflow_dispatch to govulncheck triggers
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-11-03 19:43:01 +00:00
Babak K. Shandiz
38c280ec8a
docs: update go version 1.25
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-10-31 12:22:48 +00:00
Babak K. Shandiz
594e210581
ci: bump Golangci-lint to v2.6.0
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-10-30 12:27:12 +00:00
Kynan Ware
eb79e4a2f2
Merge pull request #12032 from cli/dependabot/github_actions/actions/download-artifact-6
...
chore(deps): bump actions/download-artifact from 5 to 6
2025-10-27 09:33:52 -06:00
dependabot[bot]
ac8eafd51e
chore(deps): bump actions/download-artifact from 5 to 6
...
Bumps [actions/download-artifact](https://github.com/actions/download-artifact ) from 5 to 6.
- [Release notes](https://github.com/actions/download-artifact/releases )
- [Commits](https://github.com/actions/download-artifact/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/download-artifact
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-27 15:10:59 +00:00
dependabot[bot]
366169500f
chore(deps): bump actions/upload-artifact from 4 to 5
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4 to 5.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-27 15:01:02 +00:00
Kynan Ware
a30277b9d0
Merge pull request #11750 from cli/dependabot/github_actions/mislav/bump-homebrew-formula-action-3.6
...
chore(deps): bump mislav/bump-homebrew-formula-action from 3.4 to 3.6
2025-10-22 10:17:14 -06:00
dependabot[bot]
3b4d6e9f1e
chore(deps): bump mislav/bump-homebrew-formula-action from 3.4 to 3.6
...
Bumps [mislav/bump-homebrew-formula-action](https://github.com/mislav/bump-homebrew-formula-action ) from 3.4 to 3.6.
- [Release notes](https://github.com/mislav/bump-homebrew-formula-action/releases )
- [Commits](8e2baa47da...56a283fa15
2025-10-22 16:06:26 +00:00
dependabot[bot]
c7bf1b0a18
chore(deps): bump goreleaser/goreleaser-action from 6.3.0 to 6.4.0
...
Bumps [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action ) from 6.3.0 to 6.4.0.
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases )
- [Commits](9c156ee8a1...e435ccd777
2025-10-22 16:01:40 +00:00
Kynan Ware
e627f0132e
Merge pull request #11612 from cli/dependabot/github_actions/actions/attest-build-provenance-3.0.0
...
chore(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0
2025-10-17 14:51:03 -06:00
Kynan Ware
fd651e9adc
Update .github/workflows/govulncheck.yml
2025-10-17 11:29:37 -06:00
dependabot[bot]
af0905efeb
chore(deps): bump github/codeql-action from 3 to 4
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Commits](https://github.com/github/codeql-action/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: '4'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-10-08 14:03:20 +00:00
Babak K. Shandiz
986b952aaa
ci: pin release runner to Windows 2022
...
Signed-off-by: Babak K. Shandiz <babakks@github.com>
2025-09-23 17:31:35 +01:00
Kynan Ware
aecbf992ee
Merge pull request #11662 from cli/dependabot/github_actions/actions/setup-go-6
...
chore(deps): bump actions/setup-go from 5 to 6
2025-09-04 11:17:16 -06:00
dependabot[bot]
615b3ccb6c
chore(deps): bump actions/stale from 9 to 10
...
Bumps [actions/stale](https://github.com/actions/stale ) from 9 to 10.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/stale/compare/v9...v10 )
---
updated-dependencies:
- dependency-name: actions/stale
dependency-version: '10'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-09-04 14:52:56 +00:00
dependabot[bot]
4f37579efa
chore(deps): bump actions/setup-go from 5 to 6
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5 to 6.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v5...v6 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-version: '6'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-09-04 14:48:13 +00:00
dependabot[bot]
325743e78b
chore(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0
...
Bumps [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ) from 2.4.0 to 3.0.0.
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](e8998f9491...977bb373ed
2025-08-29 14:02:11 +00:00
dependabot[bot]
6710bbc2be
chore(deps): bump actions/checkout from 4 to 5
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: '5'
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2025-08-14 15:35:09 +00:00
Kynan Ware
245484cc51
Merge pull request #11458 from cli/dependabot/github_actions/actions/download-artifact-5
...
chore(deps): bump actions/download-artifact from 4 to 5
2025-08-14 09:33:54 -06:00
