Releases: mindersec/minder
Releases · mindersec/minder
v0.0.15
What's Changed
- Update README with info about our release provenance by @rdimitrov in #1530
- Add Minder instance info in README. by @JAORMX in #1531
- Clean up docs by @eleftherias in #1529
- update logo by @dussab in #1534
- Update install_cli.md by @eryn-muetzel in #1535
- Update branch_protection.md by @eryn-muetzel in #1536
- Refine getting started docs to remove duplication by @evankanderson in #1537
- Update activity.md by @eryn-muetzel in #1538
- Update vulnerabilities.md by @eryn-muetzel in #1539
- Update README.md by @ninfriendos1 in #1540
- Update license.md by @eryn-muetzel in #1541
- Re-arrange how-to docs under 'Using Minder', including profile docs by @evankanderson in #1542
- Update roadmap.md by @dussab in #1543
- Move Roadmap to 'About', move FAQ to commercial site by @evankanderson in #1544
- Rename category file to match docusaurus pattern by @evankanderson in #1545
- Update header with new stacklok image by @dussab in #1547
- Show the JSON output of profile_status list in docs by @jhrozek in #1546
- Combine profile introduction and concept by @evankanderson in #1548
- Remove one level of nesting on CLI docs. by @evankanderson in #1549
- Update register_repos.md by @craigmcl in #1550
- Update profiles.md by @dussab in #1554
- Update setup-alerts.md by @eryn-muetzel in #1553
- Update setup-autoremediation.md by @eryn-muetzel in #1552
- Update manage_profiles.md by @eryn-muetzel in #1551
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.22.0 to 1.22.1 by @dependabot in #1558
- build(deps): bump styled-components from 5.3.11 to 6.1.0 in /docs by @dependabot in #1557
- build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.0 to 2.18.1 by @dependabot in #1559
- build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.0 to 2.18.1 in /tools by @dependabot in #1556
- Update login instructions in docs by @eleftherias in #1560
- Improve getting started documentation by @eleftherias in #1561
- Update README.md by @dussab in #1563
- PathEscape artifact name to process artifacts with slash in the name by @jhrozek in #1564
- OSS: Installing Minder docs by @teodor-yanev in #1567
- Add artifact_signature reference by @jhrozek in #1568
- Add sigstore signing for minder-server and helm/minder by @rdimitrov in #1569
- Install cosign in chart-publish.yaml by @rdimitrov in #1570
- Use latest cosign and fix cosign helm chart reference for chart-publish.yaml by @rdimitrov in #1572
- Remove optional parameters from
GoTestTools/gotestfmt-action@v2
action instantiation by @JAORMX in #1571 - Update Minder Helm Installation by @teodor-yanev in #1573
- Replace plus to underscore for signing the helm chart by @rdimitrov in #1574
- Organise make targets into separate makefiles by @rdimitrov in #1565
- docs: fixes broken link to CLI docs on the readme by @andresgalante in #1575
- Docs: adds a link to the API to the readme by @andresgalante in #1576
- build(deps): bump slsa-framework/slsa-verifier from 2.4.0 to 2.4.1 by @dependabot in #1580
- Instantiate mock client for each test in branch protection remediations test by @JAORMX in #1587
- build(deps): bump sigstore/cosign-installer from 3.1.2 to 3.2.0 by @dependabot in #1581
- Fix flaky database tests by @JAORMX in #1588
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.22.1 to 1.22.2 by @dependabot in #1584
- build(deps): bump golang from 1.21.3 to 1.21.4 by @dependabot in #1579
- build(deps): bump golang.org/x/term from 0.13.0 to 0.14.0 by @dependabot in #1586
- build(deps): bump styled-components from 6.1.0 to 6.1.1 in /docs by @dependabot in #1583
- Hook up minder healthcheck to database health by @JAORMX in #1590
- Enable skipping teardown when using the
run-docker
Makefile target by @JAORMX in #1591 - Fix resolving of KO_DOCKER_REPO for run-docker by @rdimitrov in #1592
- Make repo deletion message consistent with similar commands by @eleftherias in #1593
- Improve login success page by @eleftherias in #1597
- build(deps): bump golang.org/x/oauth2 from 0.13.0 to 0.14.0 by @dependabot in #1601
- build(deps): bump github.com/fergusstrange/embedded-postgres from 1.24.0 to 1.25.0 by @dependabot in #1604
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.22.2 to 1.22.3 by @dependabot in #1603
- build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.3.1 to 1.3.2 by @dependabot in #1602
- build(deps): bump golang.org/x/tools from 0.14.0 to 0.15.0 in /tools by @dependabot in #1605
- Add enhanced user agent informtion to CLI by @JAORMX in #1600
New Contributors
- @ninfriendos1 made their first contribution in #1540
- @craigmcl made their first contribution in #1550
- @andresgalante made their first contribution in #1575
Full Changelog: v0.0.14...v0.0.15
v0.0.14
What's Changed
- Add documentation for Trusty PR check rule by @eleftherias in #1508
- Rename docs chapter from policies to rules by @rdimitrov in #1511
- Make --provider/-p consistent across the cli and docs by @rdimitrov in #1514
- Add the ArtifactService to ingress by @jhrozek in #1513
- Change CLI prompt message and type by @rdimitrov in #1516
- Add reference docs for secret scanning rule by @eleftherias in #1523
- Run PR CI on all PRS by @JAORMX in #1525
- Return errNotHandled silently by @jhrozek in #1517
- Add reference docs for branch protection rules by @eleftherias in #1520
- A nicer error message in case someone forgets to run provider enroll by @jhrozek in #1515
- Fix linter failure by @JAORMX in #1527
- Release minder to microsoft/winget-pkgs and remove private setting for SLSA by @rdimitrov in #1464
- Remove examples and use the official repo instead by @rdimitrov in #1528
Full Changelog: v0.0.13...v0.0.14
v0.0.13
What's Changed
- Add how-to for pull request remediations by @rdimitrov in #1470
- Update remediations.md by @eryn-muetzel in #1477
- Update minder-docs references to https://minder-docs.stacklok.dev by @rdimitrov in #1475
- Update login.md by @eryn-muetzel in #1479
- Update remediation.md by @eryn-muetzel in #1481
- Update profiles.md by @eryn-muetzel in #1482
- Update remediate-pullrequest.md by @eryn-muetzel in #1483
- Add how-tos for alerts and auto-remediation by @rdimitrov in #1478
- Switch some more hardcoded strings from using staging + generate CLI docs to point to prod by @jhrozek in #1476
- Auto-generated cli documentation update - 2023-11-05 23:08:51 by @github-actions in #1485
- Add reference for rule_types that pertain to github actions by @jhrozek in #1484
- Add minder-cli install docs by @rdimitrov in #1486
- Add info to how-to PR remediations by @rdimitrov in #1489
- Remove group-id references from docs by @rdimitrov in #1480
- Add back the trusty rule_type and an example to profile.yaml by @jhrozek in #1488
- Add pypi OSV check to vulnerabilities.md by @jhrozek in #1487
- Add license rule type to profile.yaml by @rdimitrov in #1490
- login docs.md by @evankanderson in #1492
- build(deps): bump redocusaurus from 1.6.4 to 2.0.0 in /docs by @dependabot in #1493
- build(deps): bump github.com/gorilla/securecookie from 1.1.1 to 1.1.2 by @dependabot in #1494
- build(deps): bump github.com/go-playground/validator/v10 from 10.15.5 to 10.16.0 by @dependabot in #1495
- build(deps): bump golang.org/x/sync from 0.4.0 to 0.5.0 by @dependabot in #1496
- build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.0 by @dependabot in #1497
- build(deps): bump github.com/golangci/golangci-lint from 1.55.1 to 1.55.2 in /tools by @dependabot in #1498
- Add refs for codeql, dependabot and presence of a license file by @rdimitrov in #1491
- Remove duplicate section from docs by @eleftherias in #1500
- Remove
apply
subcommand from CLI by @JAORMX in #1499 - Auto-generated cli documentation update - 2023-11-06 10:00:50 by @github-actions in #1502
- Add version information for minder CLI by @JAORMX in #1501
- Auto-generated cli documentation update - 2023-11-06 11:21:48 by @github-actions in #1504
- Confirm enrolling a provider org by @rdimitrov in #1503
- Enable secret scanning doc to "Creating your first profile" by @JAORMX in #1505
- Make getProviderAccessToken private by @rdimitrov in #1506
- Don't require superadmin on ListArtifacts by @jhrozek in #1507
- Link contributing guidelines in documentation by @eleftherias in #1509
Full Changelog: v0.0.12...v0.0.13
v0.0.12
What's Changed
- Fix GitHub Actions deprecated warnings by @rdimitrov in #1463
- Point CLI to production by default by @JAORMX in #1460
- Make ingress annotations configurable by @JAORMX in #1467
- Update README.md and other docs by @rdimitrov in #1468
- Pass the staging/prod build tag through a Makefile env variable by @jhrozek in #1466
- Reference the minder docs from a SA minder alert by @rdimitrov in #1469
- Don't print informational values to stdout by @jhrozek in #1472
- Don't reuse the configured Trusty http endpoint for the PR reply, use a constant instead by @jhrozek in #1473
- Add pypi vulnerability check configuration to the example profile by @jhrozek in #1471
Full Changelog: v0.0.11...v0.0.12
v0.0.11
What's Changed
- update to image by @dussab in #1445
- Update providers.md by @eryn-muetzel in #1446
- Update register_repo_create_profile.md by @eryn-muetzel in #1448
- Update pr_reviews.md by @eryn-muetzel in #1450
- Fix .goreleaser.yaml by @rdimitrov in #1449
- Part 1 - Rename stacklok.com/mediator to stacklok.com/minder by @rdimitrov in #1447
- Improve docs for profiles and providers by @eleftherias in #1451
- Add documentation for explaining alerts and remediation by @eleftherias in #1452
- Update vulnerabilities.md by @eryn-muetzel in #1454
- Part 2 - The rest of the minder renaming by @rdimitrov in #1457
- Fix deprecated msg for docs build by @rdimitrov in #1455
- Filter when to run compose-migrate.yml by @rdimitrov in #1456
- Update index.md by @eryn-muetzel in #1413
- Make secret names configurable in helm chart by @JAORMX in #1458
- Fix db schema job by @rdimitrov in #1459
- Change default reference to keycloak in docker-compose file by @JAORMX in #1461
- Add caching to goreleaser setup by @JAORMX in #1462
Full Changelog: v0.0.10...v0.0.11
v0.0.10
What's Changed
- build(deps): bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible in /tools by @dependabot in #1328
- build(deps): bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in #1327
- Use stacklokbot for commit author at homebrew-tap by @rdimitrov in #1330
- Add watermill event histogram by @jhrozek in #1329
- Read the Pi hostname from config instead of rule_type by @jhrozek in #1313
- remove unused Vulncheck protobuf message contents by @jhrozek in #1331
- Remove Go ecosystem config from the Pi rule-type by @jhrozek in #1332
- Update CONTRIBUTING.md by @dussab in #1334
- Update SECURITY.md by @dussab in #1335
- Delete .github/ISSUE_TEMPLATE/epic.md by @dussab in #1336
- Update user_story.md by @dussab in #1337
- Update README.md by @dussab in #1338
- Update CONTRIBUTING.md by @dussab in #1339
- Rename mediator.proto to minder.proto, implement bridge by @evankanderson in #1340
- Great client-side rename by @evankanderson in #1341
- build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.15 to 2.0.16 by @dependabot in #1345
- build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 by @dependabot in #1346
- cli: Remove
mediatorv1
from rule type commands by @JAORMX in #1342 - Add a bunch of skeleton docs by @evankanderson in #1344
- chore: Move rego eval to use minder instead of mediator by @JAORMX in #1343
- fix: helpers: use viper instance instead of global by @JAORMX in #1348
- fix: config: Fix usage of global viper instance by @JAORMX in #1349
- chore: Add
-race
flag to test invocation by @JAORMX in #1347 - Rename keycloak clients to minder by @eleftherias in #1350
- Adjust Pi evaluator reply structure to the API response by @jhrozek in #1353
- Fix vulncheck's repo cache to be concurrency-friendly by @JAORMX in #1351
- Rename the package_intelligence evaluator to trusty evaluator by @jhrozek in #1354
- Add support for publishing minder to winget (Windows) by @rdimitrov in #1333
- Add
read_only
flag to docker-compose by @JAORMX in #1355 - Close publisher and subsriber when closing eventer by @JAORMX in #1359
- Update CODE_OF_CONDUCT.md by @dussab in #1361
- Update README.md by @dussab in #1363
- build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.21 to 1.3.0 by @dependabot in #1365
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.19.1 to 1.20.0 by @dependabot in #1364
- build(deps-dev): bump @docusaurus/module-type-aliases from 2.4.3 to 3.0.0 in /docs by @dependabot in #1366
- Setup go before building with ko and update go.mod by @rdimitrov in #1362
- Restructure minder CLI docs by @eleftherias in #1367
- Fix Stacklok logo in staging by @eleftherias in #1358
- Print debug message if a particular project has private repos enabled by @JAORMX in #1368
- Add
setup-go
step to helm chart publish job by @JAORMX in #1369 - Add more debugging when registering private repos by @jhrozek in #1372
- Rename
mediator
tominder
in service health check by @JAORMX in #1375 - Stop logging health checks again by @JAORMX in #1376
- Fix credentials path to use minder by @eleftherias in #1377
- Update contact mail for published packages by @rdimitrov in #1379
- Implement whoami command for minder by @rdimitrov in #1378
- Auto-generated cli documentation update - 2023-11-01 15:20:14 by @github-actions in #1380
- Double the client timeout by @jhrozek in #1382
- Use the context in rule_type create for each rule_type by @jhrozek in #1384
- Implement repo delete for minder by @rdimitrov in #1371
- Auto-generated cli documentation update - 2023-11-01 16:17:00 by @github-actions in #1386
- rule_type list had confused -oyaml and -ojson by @jhrozek in #1385
- Show which server minder is connecting to by @rdimitrov in #1387
- Add how-to for enabling PR reviews by @eleftherias in #1388
- Add tutorial for registering repos and profiles by @eleftherias in #1381
- Update index.md by @dussab in #1390
- Update category.yml by @dussab in #1392
- Update index.md by @dussab in #1395
- Expose several errors in handlers_repositories to the user by @jhrozek in #1394
- Allow ServiceAccounts to be passed in to the chart by @evankanderson in #1396
- build(deps): bump golang from
24a0937
to5206873
by @dependabot in #1397 - build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.3.0 to 1.3.1 by @dependabot in #1398
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.20.0 to 1.21.0 by @dependabot in #1399
- Point to Trusty instance via an environment variable by @jhrozek in #1401
- Add metrics for outbound API calls by @jhrozek in #1360
- Rename mediator to minder in engine/actions by @rdimitrov in #1400
- Add a tutorial on automatic remediations by @jhrozek in #1391
- Show minder server on new user register table by @rdimitrov in #1402
- Skip 404 when listing handlers; add several log messages by @jhrozek in #1403
- Return nicer erorr messages if a token or a profile already exist by @jhrozek in #1406
- Don't report fatal error if there are no tokens for the provider during token revocation by @jhrozek in #1407
- The migrate container is now called minder_migrate_1 by @jhrozek in #1410
- Remove old token key secrets since we're using Keycloak by @evankanderson in #1411
- Update docs with minder logo by @dussab in #1412
- Add docs for profiles by @rdimitrov in #1405
- Add docs for alerts by @rdimitrov in #1404
- Add a document describing how to enroll an org by @jhrozek in #1408
- Extend the PR vuln check docs with commit status by @jhrozek in #1409
- Fixes to the OSV rule_type and profile by @jhrozek in #1416
- Implement a LICENSE rule type by @rdimitrov in #1419
- Add a reference about the pr_vulnerability_check type by @jhrozek in #1418
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.21.0 to 1.22.0 by @dependabot in #1421
- build(deps): bump golang from
5206873
tob113af1
by @dependabot in #1420 - Run minder in a read-only filesystem by @JAORMX in #1422
- Only append the status code label in http telemetry if we get a reply by @jhrozek in #1426
- Fix newline in auth login by @JAORMX in #1427
- Don't fail provider enroll if browser wasn't opened by @JAORMX in #1425
- change register repository calls to use one call per repo by @JAORMX in #1429
- Skip non JSON or YAML files when doing rule type create by @JAORMX in #1430
- Add how-to create a profile by @eleftherias in https://gi...
v0.0.9
What's Changed
- feat: implement an actions engine by @rdimitrov in #1192
- Add remediation capability for GH branch protections by @jhrozek in #1174
- Add option to fetch server secret from file by @eleftherias in #1199
- Pull request remediations engine + codeQL + dependabot remediations by @jhrozek in #1200
- Update deployment to enable account deletion by @eleftherias in #1212
- PR vulnerability evaluation: Display summary of vulnerabilities found by @jhrozek in #1204
- Update docs with identity config for mediator server by @eleftherias in #1195
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.19.0 by @dependabot in #1216
- build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.13 to 2.0.14 by @dependabot in #1217
- build(deps): bump @babel/traverse from 7.22.10 to 7.23.2 in /docs by @dependabot in #1220
- Split mediator and db-update roles by @eleftherias in #1223
- vulncheck: Don't try to render an empty summary table if no CVEs are found by @jhrozek in #1215
- helm: Add
extra_config_migrate
to helm values by @JAORMX in #1224 - Reduce cardinality of GRPC metrics from mediator. by @evankanderson in #1227
- build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #1230
- fix: Fix migration CI job by @JAORMX in #1229
- ci: Add healthceck for keycloak container by @JAORMX in #1231
- Support Python requirements.txt scanning for pull requests by @jhrozek in #1225
- build(deps): bump github.com/open-policy-agent/opa from 0.57.0 to 0.57.1 by @dependabot in #1234
- build(deps): bump k8s.io/apimachinery from 0.28.2 to 0.28.3 by @dependabot in #1235
- Add postgres connection pool instrumentation by @evankanderson in #1246
- feat: implement the rest of alerts by @rdimitrov in #1228
- build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.14 to 2.0.15 by @dependabot in #1247
- Don't error CLI on a lack of config by @lukehinds in #1245
- Pi Evaluator that provides a summary of dependencies and their alternatives by @jhrozek in #1232
- engine: Also traverse PullRequest rules when validating profiles by @jhrozek in #1260
- Fix debug message argument by @jhrozek in #1261
- build(deps): bump github.com/golangci/golangci-lint from 1.54.2 to 1.55.0 in /tools by @dependabot in #1263
- Fix artifact_signature rule schema by @JAORMX in #1265
- build(deps): bump actions/setup-node from 3 to 4 by @dependabot in #1272
- ci: Fix database migration touch job by @JAORMX in #1271
- Intial smoke tests by @lukehinds in #1268
- feat: Implement ingester cache by @JAORMX in #1273
- Add telemetry for counting number of users by @eleftherias in #1275
- fix: update rule type descriptions to be consistent by @rdimitrov in #1277
- Don't retry all handler errors by @jhrozek in #1281
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.19.0 to 1.19.1 by @dependabot in #1283
- Makefile: leverage podman compose plugin instead of
podman-compose
by @JAORMX in #1282 - Store PRs in the database to avoid special-casing them during evaluation by @jhrozek in #1270
- feat: add stalebot to ci by @rdimitrov in #1284
- Skip non-relevant webhook events by @jhrozek in #1280
- build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.3 in /tools by @dependabot in #1286
- fix: update permissions for stalebot.yml by @rdimitrov in #1287
- build(deps): bump github.com/golangci/golangci-lint from 1.55.0 to 1.55.1 in /tools by @dependabot in #1288
- build(deps): bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 by @dependabot in #1289
- chore: use interfaces for actions and evaluation params by @rdimitrov in #1290
- chore: ensure evalStatusParams implement eval and action interfaces by @rdimitrov in #1293
- chore: prefix viper env vars with mediator by @rdimitrov in #1291
- docs: update CONTRIBUTING.md by @rdimitrov in #1294
- chore: explicitly declare the default actions settings by @rdimitrov in #1295
- build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #1300
- build(deps): bump github.com/open-policy-agent/opa from 0.57.1 to 0.58.0 by @dependabot in #1301
- build(deps): bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 by @dependabot in #1302
- ci: Detect
IF NOT EXISTS
in migration scripts by @JAORMX in #1303 - Remove user details from mediator database by @eleftherias in #1304
- helm: Add deployment-specific settings by @JAORMX in #1299
- fix: actually render values.yaml in helm job by @JAORMX in #1305
- Use stable version of schemaspy by @eleftherias in #1307
- chore: update evaluation logs for easier debugging by @rdimitrov in #1306
- feat: Make watermill settings configurable by @JAORMX in #1297
- cleanup: Make mediator wait for keycloak's health in compose file by @JAORMX in #1308
- Fix link in CONTRIBUTING.md by @eleftherias in #1309
- Add several metrics for mediator control plane by @jhrozek in #1298
- Reconcile the PiReply struct with recent changes to Pi by @jhrozek in #1311
- Update LICENSE by @rdimitrov in #1314
- Make keycloak setup script compatible with DB by @eleftherias in #1320
- fix: Make event persistence configurable and set to false by @JAORMX in #1323
- feat: Add possibility for entitlements by @JAORMX in #1319
- Remove obsolete token expiry check by @rdimitrov in #1321
- Auto-generated DB schema update - 2023-10-30 14:28:37 by @github-actions in #1324
- Refactor Mediator docs for inclusion in commercial by @evankanderson in #1318
- Fix go.mod for tools and update go to 1.21 by @rdimitrov in #1322
- Allow registering private repos specified in github.allowed_private_repos by @jhrozek in #1316
- Add goreleaser, sboms, slsa3, sigstore and homebrew support by @rdimitrov in #1315
Full Changelog: v0.0.8...v0.0.9
v0.0.8
What's Changed
- Auto-generated cli documentation update - 2023-10-12 14:55:37 by @github-actions in #1184
- Create CONTRIBUTING.md by @dussab in #1186
- build(deps): bump golang from
02d7116
to24a0937
by @dependabot in #1189 - build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.44 to 1.18.45 by @dependabot in #1188
- build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.20 to 1.2.21 by @dependabot in #1187
- User account deletion in mediator by @eleftherias in #1185
- Auto-generated cli documentation update - 2023-10-13 14:52:23 by @github-actions in #1193
- build(deps): bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 by @dependabot in #1194
- ux: subscribe to all events by default instead of allowing it to be configurable by @JAORMX in #1197
Full Changelog: v0.0.7...v0.0.8
v0.0.7
What's Changed
- fix: Track rule type instantiations in profiles by @JAORMX in #1113
- Make logout flow work with new login mechanism by @eleftherias in #1115
- build(deps): bump golang.org/x/term from 0.12.0 to 0.13.0 by @dependabot in #1122
- build(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0 by @dependabot in #1121
- build(deps): bump golang from 1.21.1 to 1.21.2 by @dependabot in #1119
- New email address added to CODE_OF_CONDUCT.md by @dussab in #1118
- build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0 by @dependabot in #1120
- testing: Use in-memory postgres for tests by @JAORMX in #1123
- tests: enable configuring an external database for tests by @rdimitrov in #1127
- profiles: Allow deleting rule_types if no profiles exist anymore by @jhrozek in #1131
- rule_type: Check the right error by @jhrozek in #1130
- db: update the database layer to support alerts by @rdimitrov in #1116
- db: remove obsolete trigger - delete_eval_statuses by @rdimitrov in #1128
- fix: get repositories in an ordered list by @rdimitrov in #1132
- Add more rest remediations by @jhrozek in #1129
- cli: add scrolling to repo register, fix --repo and update the cli docs by @rdimitrov in #1133
- Remove domain model (part 1 CLI) by @lukehinds in #1137
- Auto-generated cli documentation update - 2023-10-09 06:40:44 by @github-actions in #1143
- build(deps): bump golang.org/x/tools from 0.13.0 to 0.14.0 in /tools by @dependabot in #1148
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.43 to 1.18.44 by @dependabot in #1147
- build(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0 by @dependabot in #1146
- cleanup: remove APIs we won't be exposing soon by @JAORMX in #1149
- build(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 by @dependabot in #1145
- build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.19 to 1.2.20 by @dependabot in #1144
- Refresh access token before it expires by @eleftherias in #1150
- Auto-generated cli documentation update - 2023-10-09 19:03:06 by @github-actions in #1156
- ci: Add database migration freeze CI job by @JAORMX in #1124
- harden: Only store registered repositories by @JAORMX in #1155
- Remove unused auth commands and endpoints by @eleftherias in #1160
- Auto-generated cli documentation update - 2023-10-10 13:03:12 by @github-actions in #1161
- Move Keycloak configuration to script by @eleftherias in #1157
- chore: disable registering private repositories by @rdimitrov in #1159
- build(deps): bump github.com/charmbracelet/lipgloss from 0.8.0 to 0.9.0 by @dependabot in #1167
- build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #1166
- build(deps): bump golang from 1.21.2 to 1.21.3 by @dependabot in #1165
- Add capability for users to delete their account in IdP by @eleftherias in #1163
- alerts: update rule type and profile definitions by @rdimitrov in #1164
- Fix rule_type templates to align with the recent refactoring by @jhrozek in #1169
- rule_type: print remediation error even if evaluation fails by @jhrozek in #1170
- chore: do not process webhook events for private repos by @rdimitrov in #1162
- engine: Pass params to the remediate interface, too by @jhrozek in #1171
- Fix deleting rule_types..again.. by @jhrozek in #1168
- ingestor: Return fallback body on certain HTTP status types by @jhrozek in #1172
- rest remediator: body should be optional by @jhrozek in #1173
- build(deps): bump github.com/charmbracelet/lipgloss from 0.9.0 to 0.9.1 by @dependabot in #1181
- build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 by @dependabot in #1180
- build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 in /tools by @dependabot in #1179
- alerts: add create and close github calls for security advisories by @rdimitrov in #1178
- feat: Default to staging keycloak for identity configuration by @JAORMX in #1183
Full Changelog: v0.0.6...v0.0.7
v0.0.6
What's Changed
- Auto-generated cli documentation update - 2023-10-04 15:51:33 by @github-actions in #1104
- usability: Print login information when logging in by @JAORMX in #1106
- Annotate Pods for Prometheus Metrics Collection by @teodor-yanev in #1098
- cleanup: Use policy name to fetch status by @JAORMX in #1105
- Auto-generated cli documentation update - 2023-10-05 08:20:02 by @github-actions in #1107
- cleanup: Rename policy to profile by @JAORMX in #1108
Full Changelog: v0.0.5...v0.0.6