STACKITGit/cli
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
7942 commits 87 branches 0 tags 160 MiB
Commit graph

295 commits

Author SHA1 Message Date
William Martin
d7465bdf3c Initial testscript introduction 2024-10-11 16:31:16 +02:00
William Martin
f47af31c46 Bump cli/oauth to 1.1.1 2024-10-09 13:30:37 +02:00
bagtoad
ca01bb8f9c Handle errors from parsing hostname in auth flow 2024-10-08 16:12:40 -06:00
dependabot[bot]
29192daa23
build(deps): bump github.com/theupdateframework/go-tuf/v2 
Bumps [github.com/theupdateframework/go-tuf/v2](https://github.com/theupdateframework/go-tuf) from 2.0.0 to 2.0.1.
- [Release notes](https://github.com/theupdateframework/go-tuf/releases)
- [Changelog](https://github.com/theupdateframework/go-tuf/blob/master/.goreleaser.yaml)
- [Commits](https://github.com/theupdateframework/go-tuf/compare/v2.0.0...v2.0.1)

---
updated-dependencies:
- dependency-name: github.com/theupdateframework/go-tuf/v2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-01 18:15:14 +00:00
Kynan Ware
be7631c7c8
Merge branch 'trunk' into dependabot/go_modules/github.com/cpuguy83/go-md2man/v2-2.0.5 2024-09-23 12:27:49 -06:00
dependabot[bot]
1ef71409f3
build(deps): bump github.com/henvic/httpretty from 0.1.3 to 0.1.4 
Bumps [github.com/henvic/httpretty](https://github.com/henvic/httpretty) from 0.1.3 to 0.1.4.
- [Commits](https://github.com/henvic/httpretty/compare/v0.1.3...v0.1.4)

---
updated-dependencies:
- dependency-name: github.com/henvic/httpretty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-20 14:11:28 +00:00
dependabot[bot]
1511c9f225
build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.4 to 2.0.5 
Bumps [github.com/cpuguy83/go-md2man/v2](https://github.com/cpuguy83/go-md2man) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/cpuguy83/go-md2man/releases)
- [Commits](https://github.com/cpuguy83/go-md2man/compare/v2.0.4...v2.0.5)

---
updated-dependencies:
- dependency-name: github.com/cpuguy83/go-md2man/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-17 14:28:48 +00:00
William Martin
420d80b498 Update go-gh to use api subdomains 2024-09-16 15:21:42 +02:00
dependabot[bot]
fbdf0ccb75
build(deps): bump github.com/sigstore/sigstore-go from 0.6.1 to 0.6.2 
Bumps [github.com/sigstore/sigstore-go](https://github.com/sigstore/sigstore-go) from 0.6.1 to 0.6.2.
- [Release notes](https://github.com/sigstore/sigstore-go/releases)
- [Commits](https://github.com/sigstore/sigstore-go/compare/v0.6.1...v0.6.2)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore-go
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-09-11 14:39:44 +00:00
Cody Soyland
8446079656
Upgrade to sigstore-go v0.6.1 
Signed-off-by: Cody Soyland <codysoyland@github.com>
 2024-09-04 16:38:13 -04:00
dependabot[bot]
0835642d3f
build(deps): bump github.com/creack/pty from 1.1.21 to 1.1.23 (#9459) 
Bumps [github.com/creack/pty](https://github.com/creack/pty) from 1.1.21 to 1.1.23.
- [Release notes](https://github.com/creack/pty/releases)
- [Commits](https://github.com/creack/pty/compare/v1.1.21...v1.1.23)

---
updated-dependencies:
- dependency-name: github.com/creack/pty
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-08-14 11:35:19 -07:00
dependabot[bot]
8356df0188
build(deps): bump github.com/google/go-containerregistry 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.20.1 to 0.20.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.1...v0.20.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-08-07 14:25:20 +00:00
dependabot[bot]
fbae0e223e
build(deps): bump github.com/google/go-containerregistry 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.20.0 to 0.20.1.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.20.0...v0.20.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-29 19:59:50 +00:00
dependabot[bot]
1fb6df6008
build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.4 to 1.4.5 
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.4 to 1.4.5.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.4...v1.4.5)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-07-26 14:56:47 +00:00
Zach Steindler
658f125ab3
Update sigstore-go in gh CLI to v0.5.1 (#9366) 
Signed-off-by: Zach Steindler <steiza@github.com>
 2024-07-25 20:59:39 +02:00
Babak K. Shandiz
a994edda93
Merge branch 'trunk' into 8426-add-pr-update-cmd-no-local-update 2024-06-27 22:36:36 +01:00
dependabot[bot]
ee7bca679b
build(deps): bump github.com/hashicorp/go-retryablehttp 
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.5 to 0.7.7.
- [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md)
- [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.5...v0.7.7)

---
updated-dependencies:
- dependency-name: github.com/hashicorp/go-retryablehttp
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-24 22:16:58 +00:00
William Martin
ba2d32b5f2
Merge pull request #9217 from cli/dependabot/go_modules/github.com/google/go-containerregistry-0.19.2 
build(deps): bump github.com/google/go-containerregistry from 0.19.1 to 0.19.2
 2024-06-24 16:08:25 +02:00
William Martin
f6032319a8
Merge pull request #9218 from cli/dependabot/go_modules/github.com/spf13/cobra-1.8.1 
build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1
 2024-06-24 15:54:41 +02:00
dependabot[bot]
31b424a1d2
build(deps): bump github.com/google/go-containerregistry 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.1 to 0.19.2.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.1...v0.19.2)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-24 13:52:48 +00:00
dependabot[bot]
6e77b2d685
build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1 
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Commits](https://github.com/spf13/cobra/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-17 14:16:51 +00:00
Babak K. Shandiz
f8e1271132
Merge branch 'trunk' into 8426-add-pr-update-cmd-no-local-update 2024-06-16 14:01:29 +01:00
dependabot[bot]
59fae5b4a8
build(deps): bump github.com/gorilla/websocket from 1.5.2 to 1.5.3 
Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.5.2 to 1.5.3.
- [Release notes](https://github.com/gorilla/websocket/releases)
- [Commits](https://github.com/gorilla/websocket/compare/v1.5.2...v1.5.3)

---
updated-dependencies:
- dependency-name: github.com/gorilla/websocket
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-14 14:33:37 +00:00
Andy Feller
04d0ec0e8c
Merge pull request #9197 from cli/dependabot/go_modules/google.golang.org/protobuf-1.34.2 
build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2
 2024-06-12 11:18:23 -04:00
dependabot[bot]
945b6682c8
build(deps): bump google.golang.org/protobuf from 1.34.1 to 1.34.2 
Bumps google.golang.org/protobuf from 1.34.1 to 1.34.2.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-11 14:22:24 +00:00
dependabot[bot]
1a470b3df8
build(deps): bump github.com/gorilla/websocket from 1.5.1 to 1.5.2 
Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.5.1 to 1.5.2.
- [Release notes](https://github.com/gorilla/websocket/releases)
- [Commits](https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.2)

---
updated-dependencies:
- dependency-name: github.com/gorilla/websocket
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-06-10 14:55:11 +00:00
Babak K. Shandiz
8ac5ad7244
Merge branch 'trunk' into 8426-add-pr-update-cmd-no-local-update 2024-06-07 15:40:28 +01:00
AlanD20
e91860d3e9
Bump go-keyring to fix keepassxc prompt confirmation 2024-06-07 09:07:53 +02:00
dependabot[bot]
b2fead7dff
build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.3 to 1.4.4 
Bumps [github.com/gabriel-vasile/mimetype](https://github.com/gabriel-vasile/mimetype) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/gabriel-vasile/mimetype/releases)
- [Commits](https://github.com/gabriel-vasile/mimetype/compare/v1.4.3...v1.4.4)

---
updated-dependencies:
- dependency-name: github.com/gabriel-vasile/mimetype
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-24 14:47:29 +00:00
dependabot[bot]
b918967bf5
build(deps): bump github.com/sigstore/protobuf-specs from 0.3.1 to 0.3.2 
Bumps [github.com/sigstore/protobuf-specs](https://github.com/sigstore/protobuf-specs) from 0.3.1 to 0.3.2.
- [Release notes](https://github.com/sigstore/protobuf-specs/releases)
- [Changelog](https://github.com/sigstore/protobuf-specs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/protobuf-specs/compare/v0.3.1...v0.3.2)

---
updated-dependencies:
- dependency-name: github.com/sigstore/protobuf-specs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-13 14:53:11 +00:00
Babak K. Shandiz
8f8c775cee
Merge branch 'trunk' into 8426-add-pr-update-cmd-no-local-update 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-05-07 00:20:32 +01:00
dependabot[bot]
fea08d194c
build(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-05-01 15:04:39 +00:00
Andy Feller
2ef8232b9c Update cli/go-gh to v2.9.0 
This change updates the GitHub CLI extension library with fixes for calculating display width and exporting tenancy and enterprising logic.
 2024-04-29 14:14:59 -04:00
dependabot[bot]
6e400aecdd
build(deps): bump google.golang.org/grpc from 1.62.1 to 1.62.2 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.62.1 to 1.62.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.62.1...v1.62.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-23 14:35:56 +00:00
Meredith Lancaster
c465d465a5
Update sigstore-go dependency to v0.3.0 (#8977) 
* update sigstore-go dep to v0.3.0

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add integration test to verify newer sigstore bundle versions

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Fix shellcheck issues

Signed-off-by: Meredith Lancaster <malancas@github.com>

* Give the cli/package-security team ownership over gh attestation cmd integration tests

Signed-off-by: Meredith Lancaster <malancas@github.com>

* fetch attestation file

Signed-off-by: Meredith Lancaster <malancas@github.com>

* clean up new integration test

Signed-off-by: Meredith Lancaster <malancas@github.com>

* try pulling other attestation file

Signed-off-by: Meredith Lancaster <malancas@github.com>

* cleanup new attestation verify integration test

Signed-off-by: Meredith Lancaster <malancas@github.com>

* add new gh atestation integration test to workflow

Signed-off-by: Meredith Lancaster <malancas@github.com>

* mark script as executable

Signed-off-by: Meredith Lancaster <malancas@github.com>

* rename the integration test file

Signed-off-by: Meredith Lancaster <malancas@github.com>

---------

Signed-off-by: Meredith Lancaster <malancas@github.com>
 2024-04-23 07:07:23 -06:00
dependabot[bot]
159ce961b0
build(deps): bump golang.org/x/net from 0.21.0 to 0.23.0 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.21.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-19 13:16:58 +00:00
Babak K. Shandiz
6856d0fcef
Run go mod tidy 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-10 20:40:24 +01:00
Babak K. Shandiz
b3c6d39c66
Upgrade shurcooL/githubv4 
Signed-off-by: Babak K. Shandiz <babak.k.shandiz@gmail.com>
 2024-04-10 19:19:57 +01:00
dependabot[bot]
dd0a827ce5
build(deps): bump google.golang.org/grpc from 1.61.1 to 1.61.2 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.1 to 1.61.2.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.1...v1.61.2)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-04 14:38:42 +00:00
William Martin
9744489510
Merge pull request #8920 from cli/wm/bump-glam-glam 2024-04-03 18:45:08 +02:00
William Martin
32882db3e2 Bump go-gh to v2.8.0 and go mod tidy 2024-04-03 17:12:06 +02:00
dependabot[bot]
eb24a5b241
build(deps): bump github.com/sigstore/protobuf-specs from 0.3.0 to 0.3.1 
Bumps [github.com/sigstore/protobuf-specs](https://github.com/sigstore/protobuf-specs) from 0.3.0 to 0.3.1.
- [Release notes](https://github.com/sigstore/protobuf-specs/releases)
- [Changelog](https://github.com/sigstore/protobuf-specs/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/protobuf-specs/compare/v0.3.0...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/protobuf-specs
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-03 14:20:03 +00:00
William Martin
83f200d91f Bump glamour to v0.7.0 and go mod tidy 2024-04-02 20:08:19 +02:00
dependabot[bot]
47f190f2b5
build(deps): bump github.com/google/go-containerregistry 
Bumps [github.com/google/go-containerregistry](https://github.com/google/go-containerregistry) from 0.19.0 to 0.19.1.
- [Release notes](https://github.com/google/go-containerregistry/releases)
- [Changelog](https://github.com/google/go-containerregistry/blob/main/.goreleaser.yml)
- [Commits](https://github.com/google/go-containerregistry/compare/v0.19.0...v0.19.1)

---
updated-dependencies:
- dependency-name: github.com/google/go-containerregistry
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-02 15:30:53 +00:00
William Martin
5150eb0001
Merge pull request #8913 from cli/dependabot/go_modules/github.com/gorilla/websocket-1.5.1 
build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1
 2024-04-02 17:29:55 +02:00
dependabot[bot]
f66b2fc6eb
build(deps): bump github.com/gorilla/websocket from 1.5.0 to 1.5.1 
Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.5.0 to 1.5.1.
- [Release notes](https://github.com/gorilla/websocket/releases)
- [Commits](https://github.com/gorilla/websocket/compare/v1.5.0...v1.5.1)

---
updated-dependencies:
- dependency-name: github.com/gorilla/websocket
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-02 14:11:31 +00:00
dependabot[bot]
228c31f205
build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 
Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.61.0 to 1.61.1.
- [Release notes](https://github.com/grpc/grpc-go/releases)
- [Commits](https://github.com/grpc/grpc-go/compare/v1.61.0...v1.61.1)

---
updated-dependencies:
- dependency-name: google.golang.org/grpc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-02 14:11:27 +00:00
William Martin
4ea4ed85ec
Merge pull request #8903 from cli/dependabot/go_modules/github.com/docker/docker-24.0.9incompatible 
build(deps): bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible
 2024-04-02 15:46:09 +02:00
dependabot[bot]
82254f7d49
build(deps): bump github.com/docker/docker 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.7+incompatible to 24.0.9+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](https://github.com/docker/docker/compare/v24.0.7...v24.0.9)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-01 17:15:19 +00:00
dependabot[bot]
acb5b9bd42
build(deps): bump gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3 
Bumps gopkg.in/go-jose/go-jose.v2 from 2.6.1 to 2.6.3.

---
updated-dependencies:
- dependency-name: gopkg.in/go-jose/go-jose.v2
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-04-01 17:14:59 +00:00