Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: automated PR to main 2024-08-04 #1683

Merged
merged 28 commits into from
Aug 5, 2024
Merged

chore: automated PR to main 2024-08-04 #1683

merged 28 commits into from
Aug 5, 2024

Conversation

github-actions[bot]
Copy link

@github-actions github-actions bot commented Aug 4, 2024

Automated Pull Request to main branch

dependabot bot and others added 26 commits July 29, 2024 06:00
@dependabot
chore: Bump alpine from b89d9c9 to 0a4eaa0
14624cc 
Bumps alpine from `b89d9c9` to `0a4eaa0`.

---
updated-dependencies:
- dependency-name: alpine
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot
chore: Bump k8s.io/client-go from 0.28.11 to 0.28.12 (#1663)
2188f95 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot @susanshi
chore: Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#1664)
7ffb697 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Susan Shi <[email protected]>
@dependabot
chore: Bump github/codeql-action from 3.25.14 to 3.25.15
537c823 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.14 to 3.25.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@5cf07d8...afb54ba)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@binbin-li
Merge pull request #1665 from ratify-project/dependabot/github_action…
3c28fd4 
…s/github/codeql-action-3.25.15
@binbin-li
Merge branch 'dev' into dependabot/docker/alpine-0a4eaa0eecf5f8c050e5…
581be1e 
…bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5
@binbin-li
Merge pull request #1666 from ratify-project/dependabot/docker/alpine…
d442fad 
…-0a4eaa0eecf5f8c050e5bba433f58c052be7587ee8af3e8b3910ef9ab5fbe9f5
@dependabot
chore: Bump golang from 829eff9 to 86a3c48 in /httpserver (#1667)
0bbd60e 
Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
@dependabot
chore: Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0
8f2f716 
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.0.1 to 6.1.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@a4f60bb...aaa42aa)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
@binbin-li
docs: Archive ratify error handling scenario doc
182b567
@binbin-li
Merge pull request #1672 from ratify-project/dependabot/github_action…
b0d8a2d 
…s/golangci/golangci-lint-action-6.1.0
@dependabot
chore: Bump github.com/docker/docker
3578e05 
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 24.0.9+incompatible to 26.1.4+incompatible.
- [Release notes](https://github.com/docker/docker/releases)
- [Commits](moby/moby@v24.0.9...v26.1.4)

---
updated-dependencies:
- dependency-name: github.com/docker/docker
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <[email protected]>
@binbin-li
Merge pull request #1674 from ratify-project/dependabot/go_modules/gi…
bd87979 
…thub.com/docker/docker-26.1.4incompatible
@binbin-li
Merge branch 'dev' into ratify-err-doc
060c5a5
@akashsinghal
docs: add proposal for producing supply chain metadata for all ratify…
bd97bc2 
… assets (#1641)
@akashsinghal
build: add image signing for dev images and add release sbom (#1629)
17f829a
@susanshi
fix: warning message is printed to stdout by CLI (#1650)
7294999 
Signed-off-by: Susan Shi <[email protected]>
@susanshi
Merge branch 'dev' into ratify-err-doc
8549d91
@binbin-li
Merge pull request #1668 from binbin-li/ratify-err-doc
90367de 
doc: Archive ratify error handling scenario doc
@binbin-li
fix: pass CODECOV_TOKEN to reusable workflow
9d5acaf
@binbin-li
Merge pull request #1676 from binbin-li/fix-codecov
ba5638e 
fix: pass CODECOV_TOKEN to reusable workflow
@binbin-li
fix: remove duplicate $
f0cdcfe
@binbin-li
Merge branch 'dev' into fix-codecov
18f071a
@binbin-li
Merge pull request #1677 from binbin-li/fix-codecov
b652e00 
fix: remove duplicate $
@junczhu
fix: fix typo in notation verifier (#1678)
05a8cbe
@junczhu
fix: bump-up docker dependency (#1679)
b12b038
dependabot bot and others added 2 commits August 5, 2024 05:06
@dependabot
chore: Bump actions/upload-artifact from 4.3.4 to 4.3.5
3bb4224 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.4 to 4.3.5.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@0b2256b...89ef406)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
@binbin-li
Merge pull request #1684 from ratify-project/dependabot/github_action…
e222c72 
…s/actions/upload-artifact-4.3.5
@codecov Codecov
Copy link

codecov bot commented Aug 5, 2024
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Files Coverage Δ
cmd/ratify/cmd/discover.go 32.09% <100.00%> (+14.45%) ⬆️
cmd/ratify/cmd/referrer.go 49.15% <100.00%> (+20.01%) ⬆️
cmd/ratify/cmd/verify.go 75.00% <100.00%> (+9.21%) ⬆️
internal/logger/logger.go 100.00% <ø> (ø)
pkg/verifier/notation/notation.go 87.87% <100.00%> (+3.26%) ⬆️

... and 119 files with indirect coverage changes

@binbin-li binbin-li merged commit 98c8513 into main Aug 5, 2024
37 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@binbin-li binbin-li binbin-li approved these changes

@akashsinghal akashsinghal Awaiting requested review from akashsinghal akashsinghal is a code owner

@jimmyraywv jimmyraywv Awaiting requested review from jimmyraywv jimmyraywv is a code owner

@luisdlp luisdlp Awaiting requested review from luisdlp luisdlp is a code owner

@susanshi susanshi Awaiting requested review from susanshi susanshi is a code owner

@toddysm toddysm Awaiting requested review from toddysm toddysm is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@binbin-li @akashsinghal @susanshi @junczhu