Releases: wolfi-dev/wolfictl
Releases · wolfi-dev/wolfictl
v0.24.8
What's Changed
- build(deps): bump github.com/go-git/go-billy/v5 from 5.5.0 to 5.6.0 by @dependabot in #1261
- build(deps): bump chainguard.dev/melange from 0.14.1 to 0.14.5 by @dependabot in #1262
- build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #1263
- build(deps): bump github.com/charmbracelet/lipgloss from 0.13.0 to 0.13.1 by @dependabot in #1266
- build(deps): bump actions/checkout from 4.2.1 to 4.2.2 in /.github/actions by @dependabot in #1264
- build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in #1268
- build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 in /.github/actions by @dependabot in #1269
- build(deps): bump github.com/charmbracelet/bubbletea from 1.1.1 to 1.1.2 by @dependabot in #1272
- update apko/melange by @k4leung4 in #1274
Full Changelog: v0.24.7...v0.24.8
v0.24.7
What's Changed
- Move file-risk-increase flag under diff command by @egibs in #1254
- build(deps): bump chainguard.dev/melange from 0.13.6 to 0.13.7 by @dependabot in #1255
- chore(deps): bump melange to v0.14.0 by @luhring in #1256
- build(deps): bump github.com/anchore/grype from 0.82.1 to 0.82.2 by @dependabot in #1257
- build(deps): bump chainguard.dev/melange from 0.14.0 to 0.14.1 by @dependabot in #1259
Full Changelog: v0.24.6...v0.24.7
v0.24.5
What's Changed
- bump melange to latest on main by @rawlingsj in #1246
- build(deps): bump github.com/anchore/syft from 1.14.0 to 1.14.1 by @dependabot in #1244
- build(deps): bump github.com/cli/go-gh/v2 from 2.10.0 to 2.11.0 by @dependabot in #1242
- build(deps): bump github.com/anchore/grype from 0.82.0 to 0.82.1 by @dependabot in #1248
- build(deps): bump chainguard.dev/melange from 0.13.6-0.20241015202724-0900229dc8a4 to 0.13.6 by @dependabot in #1247
Full Changelog: v0.24.3...v0.24.5
v0.24.3
What's Changed
- fix(scan): use correct CPE for GitLab components by @luhring in #1226
- build(deps): bump github.com/chainguard-dev/yam from 0.2.0 to 0.2.1 by @dependabot in #1227
- build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @dependabot in #1229
- build(deps): bump actions/checkout from 4.2.0 to 4.2.1 in /.github/actions by @dependabot in #1230
- build(deps): bump golang.org/x/text from 0.18.0 to 0.19.0 by @dependabot in #1228
- Bump melange to 0.13.1 by @xnox in #1231
- build(deps): bump github.com/anchore/syft from 1.13.0 to 1.14.0 by @dependabot in #1232
- build(deps): bump chainguard.dev/melange from 0.13.1 to 0.13.2 by @dependabot in #1234
- build(deps): bump chainguard.dev/melange from 0.13.2 to 0.13.3 by @dependabot in #1235
- build(deps): bump github.com/anchore/grype from 0.81.0 to 0.82.0 by @dependabot in #1233
- build(deps): bump chainguard.dev/melange from 0.13.3 to 0.13.4 by @dependabot in #1236
- build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.30.0 to 1.31.0 by @dependabot in #1237
- build(deps): bump chainguard.dev/melange from 0.13.4 to 0.13.5 by @dependabot in #1240
Full Changelog: v0.24.2...v0.24.3
v0.24.0
What's Changed
- scan: Search for remote private packages too by @jonjohnsonjr in #1184
- fix(scan): panic on nil cleanup by @luhring in #1189
- wolfictl/lint: add linter to validate
update.schedule.period
by @rawlingsj in #1191 - Report cycles better when calling Targets by @jonjohnsonjr in #1195
- support apk.cgr.dev for enterprise and extras by @imjasonh in #1194
- update fetch apkindex to be able to fetch from apk.cgr.dev by @cpanato in #1197
- fix(adv): validate fixed versions only for new data by @luhring in #1185
- support scanning private apk.cgr.dev package repositories by @philroche in #1196
New Contributors
- @philroche made their first contribution in #1196
Full Changelog: v0.23.6...v0.24.0
v0.23.6
What's Changed
- build(deps): bump chainguard.dev/melange from 0.11.5 to 0.11.6 by @dependabot in #1168
- build(deps): bump github.com/charmbracelet/bubbles from 0.19.0 to 0.20.0 by @dependabot in #1167
- go 1.23.1 by @k4leung4 in #1169
- Consider subpackage runtime deps for graph by @jonjohnsonjr in #1150
- build(deps): bump step-security/harden-runner from 2.9.1 to 2.10.1 by @dependabot in #1170
- build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.29.0 to 1.30.0 by @dependabot in #1171
- build(deps): bump github.com/google/osv-scanner from 1.8.4 to 1.8.5 by @dependabot in #1174
- scan: Set auth for remote packages sometimes by @jonjohnsonjr in #1176
- Improve error message for duplicate package names by @jonjohnsonjr in #1177
- Bump apko, fix breaking change by @jonjohnsonjr in #1178
- build(deps): bump github.com/charmbracelet/bubbletea from 1.1.0 to 1.1.1 by @dependabot in #1180
- pin dep for grype by @k4leung4 in #1182
- Upgrade melange by @xnox in #1183
- build(deps): bump github.com/anchore/grype from 0.80.0 to 0.80.1 by @dependabot in #1179
Full Changelog: v0.23.5...v0.23.6
v0.23.4
What's Changed
- feat(adv): add basic logging to osv data generation by @luhring in #1154
- feat(adv): validate adv ID uniqueness within an index by @luhring in #1155
- feat(adv): command to generate a new CGA ID by @luhring in #1156
- update golang.org/x/vuln to 1.1.3 by @k4leung4 in #1157
- dont flag git updates as errors by @ajayk in #1158
- Removing fixed-version-present-and-first logic and test by @jamie-albert in #1159
- build(deps): bump golang.org/x/text from 0.17.0 to 0.18.0 by @dependabot in #1160
- build(deps): bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 by @dependabot in #1162
- build(deps): bump golang.org/x/term from 0.23.0 to 0.24.0 by @dependabot in #1161
- build(deps): bump github.com/anchore/grype from 0.79.6 to 0.80.0 by @dependabot in #1138
- chore: Bump melange to v0.11.4 by @EyeCantCU in #1163
New Contributors
- @jamie-albert made their first contribution in #1159
Full Changelog: v0.23.3...v0.23.4