docker/attest
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
360 Commits 1 Branch 35 Tags
main
Commit Graph

360 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
de602565c0 feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.4 to 1.28.5 (#223)
Some checks failed
Release Drafter / update_release_draft (push) Has been cancelled
Details
test code / golang (1.22.x, macos-latest) (push) Has been cancelled
Details
test code / golang (1.22.x, ubuntu-latest) (push) Has been cancelled
Details
test code / golang (1.23.x, macos-latest) (push) Has been cancelled
Details
test code / golang (1.23.x, ubuntu-latest) (push) Has been cancelled
Details 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.28.4 to 1.28.5.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="d125de3792"><code>d125de3</code></a>
Release 2024-11-18</li>
<li><a
href="fec51f3fff"><code>fec51f3</code></a>
Regenerated Clients</li>
<li><a
href="fba5997045"><code>fba5997</code></a>
Update API model</li>
<li><a
href="0b8e5c842f"><code>0b8e5c8</code></a>
Bump smithy-go dependency (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2902">#2902</a>)</li>
<li><a
href="50ba45ce16"><code>50ba45c</code></a>
Release 2024-11-15.2</li>
<li><a
href="444bdffccd"><code>444bdff</code></a>
Regenerated Clients</li>
<li><a
href="55ab381b20"><code>55ab381</code></a>
Update endpoints model</li>
<li><a
href="94c083768b"><code>94c0837</code></a>
Update API model</li>
<li><a
href="2398a7903c"><code>2398a79</code></a>
Remove elastictranscoder service's integration test (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2901">#2901</a>)</li>
<li><a
href="93e0f294f6"><code>93e0f29</code></a>
Release 2024-11-15</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.4...config/v1.28.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.28.4&new-version=1.28.5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-19 11:16:04 +00:00
dependabot[bot]
dea2686365 feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.3 to 1.28.4 (#221) 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.28.3 to 1.28.4.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="f0fcf5955d"><code>f0fcf59</code></a>
Release 2024-11-14</li>
<li><a
href="af5e138e30"><code>af5e138</code></a>
Regenerated Clients</li>
<li><a
href="6b6d9d09c4"><code>6b6d9d0</code></a>
Update endpoints model</li>
<li><a
href="6646f21285"><code>6646f21</code></a>
Update API model</li>
<li><a
href="27326538a1"><code>2732653</code></a>
Release 2024-11-13</li>
<li><a
href="91f9f43858"><code>91f9f43</code></a>
Regenerated Clients</li>
<li><a
href="b95013d5d8"><code>b95013d</code></a>
Update endpoints model</li>
<li><a
href="673ae94b2b"><code>673ae94</code></a>
Update API model</li>
<li><a
href="10b8b14449"><code>10b8b14</code></a>
Release 2024-11-12</li>
<li><a
href="c96e678745"><code>c96e678</code></a>
Regenerated Clients</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.3...config/v1.28.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.28.3&new-version=1.28.4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 15:07:33 +00:00
dependabot[bot]
00bc2fa831 chore(deps): bump codecov/codecov-action from 4 to 5 (#220) 
Bumps
[codecov/codecov-action](https://github.com/codecov/codecov-action) from
4 to 5.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/releases">codecov/codecov-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.0</h2>
<h2>v5 Release</h2>
<p><code>v5</code> of the Codecov GitHub Action will use the <a
href="https://github.com/codecov/wrapper">Codecov Wrapper</a> to
encapsulate the <a
href="https://github.com/codecov/codecov-cli">CLI</a>. This will help
ensure that the Action gets updates quicker.</p>
<h3>Migration Guide</h3>
<p>The <code>v5</code> release also coincides with the opt-out feature
for tokens for public repositories. In the <code>Global Upload
Token</code> section of the settings page of an organization in
codecov.io, you can set the ability for Codecov to receive a coverage
reports from any source. This will allow contributors or other members
of a repository to upload without needing access to the Codecov token.
For more details see <a
href="https://docs.codecov.com/docs/codecov-tokens#uploading-without-a-token">how
to upload without a token</a>.</p>
<blockquote>
<p>[!WARNING]<br />
<strong>The following arguments have been changed</strong></p>
<ul>
<li><code>file</code> (this has been deprecated in favor of
<code>files</code>)</li>
<li><code>plugin</code> (this has been deprecated in favor of
<code>plugins</code>)</li>
</ul>
</blockquote>
<p>The following arguments have been added:</p>
<ul>
<li><code>binary</code></li>
<li><code>gcov_args</code></li>
<li><code>gcov_executable</code></li>
<li><code>gcov_ignore</code></li>
<li><code>gcov_include</code></li>
<li><code>report_type</code></li>
<li><code>skip_validation</code></li>
<li><code>swift_project</code></li>
</ul>
<p>You can see their usage in the <code>action.yml</code> <a
href="https://github.com/codecov/codecov-action/blob/main/action.yml">file</a>.</p>
<h2>What's Changed</h2>
<ul>
<li>chore(deps): bump to eslint9+ and remove eslint-config-google by <a
href="https://github.com/thomasrockhu-codecov"><code>@​thomasrockhu-codecov</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1591">codecov/codecov-action#1591</a></li>
<li>build(deps-dev): bump <code>@​octokit/webhooks-types</code> from
7.5.1 to 7.6.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1595">codecov/codecov-action#1595</a></li>
<li>build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1604">codecov/codecov-action#1604</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.8.0 to 8.8.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1601">codecov/codecov-action#1601</a></li>
<li>build(deps): bump <code>@​actions/core</code> from 1.11.0 to 1.11.1
by <a href="https://github.com/dependabot"><code>@​dependabot</code></a>
in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1597">codecov/codecov-action#1597</a></li>
<li>build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1596">codecov/codecov-action#1596</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.8.0 to 8.8.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1600">codecov/codecov-action#1600</a></li>
<li>build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1598">codecov/codecov-action#1598</a></li>
<li>build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1609">codecov/codecov-action#1609</a></li>
<li>build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1608">codecov/codecov-action#1608</a></li>
<li>build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1607">codecov/codecov-action#1607</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.8.1 to 8.9.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1612">codecov/codecov-action#1612</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.8.1 to 8.9.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1611">codecov/codecov-action#1611</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.9.0 to 8.10.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1615">codecov/codecov-action#1615</a></li>
<li>build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1618">codecov/codecov-action#1618</a></li>
<li>build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1617">codecov/codecov-action#1617</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.9.0 to 8.10.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1614">codecov/codecov-action#1614</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.10.0 to 8.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1620">codecov/codecov-action#1620</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.10.0 to 8.11.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1619">codecov/codecov-action#1619</a></li>
<li>build(deps-dev): bump <code>@​types/jest</code> from 29.5.13 to
29.5.14 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1622">codecov/codecov-action#1622</a></li>
<li>build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1625">codecov/codecov-action#1625</a></li>
<li>build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1624">codecov/codecov-action#1624</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.11.0 to 8.12.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1626">codecov/codecov-action#1626</a></li>
<li>build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.12.1 to 8.12.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/codecov/codecov-action/pull/1629">codecov/codecov-action#1629</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md">codecov/codecov-action's
changelog</a>.</em></p>
<blockquote>
<h2>4.0.0-beta.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/1085">#1085</a>
not adding -n if empty to do-upload command</li>
</ul>
<h2>4.0.0-beta.1</h2>
<p><code>v4</code> represents a move from the <a
href="https://github.com/codecov/uploader">universal uploader</a> to the
<a href="https://github.com/codecov/codecov-cli">Codecov CLI</a>.
Although this will unlock new features for our users, the CLI is not yet
at feature parity with the universal uploader.</p>
<h3>Breaking Changes</h3>
<ul>
<li>No current support for <code>aarch64</code> and <code>alpine</code>
architectures.</li>
<li>Tokenless uploading is unsuported</li>
<li>Various arguments to the Action have been removed</li>
</ul>
<h2>3.1.4</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/967">#967</a>
Fix typo in README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/971">#971</a>
fix: add back in working dir</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/969">#969</a>
fix: CLI option names for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/970">#970</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.12 to
18.16.3</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/979">#979</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.0 to
20.1.2</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/981">#981</a>
build(deps-dev): bump <code>@​types/node</code> from 20.1.2 to
20.1.4</li>
</ul>
<h2>3.1.3</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/960">#960</a>
fix: allow for aarch64 build</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/957">#957</a>
build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/958">#958</a>
build(deps): bump openpgp from 5.7.0 to 5.8.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/959">#959</a>
build(deps-dev): bump <code>@​types/node</code> from 18.15.10 to
18.15.12</li>
</ul>
<h2>3.1.2</h2>
<h3>Fixes</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/718">#718</a>
Update README.md</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/851">#851</a>
Remove unsupported path_to_write_report argument</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/898">#898</a>
codeql-analysis.yml</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/901">#901</a>
Update README to contain correct information - inputs and negate
feature</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/955">#955</a>
fix: add in all the extra arguments for uploader</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/819">#819</a>
build(deps): bump openpgp from 5.4.0 to 5.5.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/835">#835</a>
build(deps): bump node-fetch from 3.2.4 to 3.2.10</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/840">#840</a>
build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/841">#841</a>
build(deps): bump <code>@​actions/core</code> from 1.9.1 to 1.10.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/843">#843</a>
build(deps): bump <code>@​actions/github</code> from 5.0.3 to 5.1.1</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/869">#869</a>
build(deps): bump node-fetch from 3.2.10 to 3.3.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/872">#872</a>
build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0</li>
<li><a
href="https://redirect.github.com/codecov/codecov-action/issues/879">#879</a>
build(deps): bump decode-uri-component from 0.2.0 to 0.2.2</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="968872560f"><code>9688725</code></a>
Update README.md</li>
<li><a
href="2112eaec1b"><code>2112eae</code></a>
chore(deps): bump wrapper to 0.0.23 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1644">#1644</a>)</li>
<li><a
href="193421c5b3"><code>193421c</code></a>
fixL use the correct source (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1642">#1642</a>)</li>
<li><a
href="6018df70b0"><code>6018df7</code></a>
fix: update container builds (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1640">#1640</a>)</li>
<li><a
href="eff1a643d6"><code>eff1a64</code></a>
fix: add missing vars (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1638">#1638</a>)</li>
<li><a
href="4582d54fd3"><code>4582d54</code></a>
Update README.md (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1639">#1639</a>)</li>
<li><a
href="bb7467c2bc"><code>bb7467c</code></a>
feat: use wrapper (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1621">#1621</a>)</li>
<li><a
href="1d6059880c"><code>1d60598</code></a>
build(deps-dev): bump <code>@​typescript-eslint/eslint-plugin</code>
from 8.12.2 to 8.13.0 ...</li>
<li><a
href="e587ce276e"><code>e587ce2</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.12.2 to 8.13.0 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1635">#1635</a>)</li>
<li><a
href="e43f28e103"><code>e43f28e</code></a>
build(deps-dev): bump <code>@​typescript-eslint/parser</code> from
8.11.0 to 8.12.2 (<a
href="https://redirect.github.com/codecov/codecov-action/issues/1628">#1628</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/codecov/codecov-action/compare/v4...v5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=codecov/codecov-action&package-manager=github_actions&previous-version=4&new-version=5)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-18 10:25:02 +00:00
dependabot[bot]
32e3d1b480 feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.2 to 1.28.3 (#219) 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.28.2 to 1.28.3.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2f70834c69"><code>2f70834</code></a>
Release 2024-11-07</li>
<li><a
href="ef9a3c319f"><code>ef9a3c3</code></a>
Regenerated Clients</li>
<li><a
href="c054fe7021"><code>c054fe7</code></a>
Update endpoints model</li>
<li><a
href="b68675cf59"><code>b68675c</code></a>
Update API model</li>
<li><a
href="1d989f31b0"><code>1d989f3</code></a>
send opt-in query-compatible header where applicable (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2891">#2891</a>)</li>
<li><a
href="5d0eb2386a"><code>5d0eb23</code></a>
Merge pull request <a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2889">#2889</a>
from aws/customize-identity-store-exception-message</li>
<li><a
href="a39caf38c1"><code>a39caf3</code></a>
adding new line and inline comments</li>
<li><a
href="2ae3246d27"><code>2ae3246</code></a>
refactor logic to use switch case</li>
<li><a
href="7c4bde0ae1"><code>7c4bde0</code></a>
add changelog</li>
<li><a
href="f01c284662"><code>f01c284</code></a>
regenerating clients</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.2...config/v1.28.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.28.2&new-version=1.28.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-08 10:27:01 +00:00
dependabot[bot]
f6db6f56a1 feat(deps): bump google.golang.org/api from 0.204.0 to 0.205.0 (#217) 
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.204.0 to 0.205.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.205.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.204.0...v0.205.0">0.205.0</a>
(2024-11-06)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2852">#2852</a>)
(<a
href="e3868f25db">e3868f2</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2855">#2855</a>)
(<a
href="47ea8e4b72">47ea8e4</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2857">#2857</a>)
(<a
href="78320944b8">7832094</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2858">#2858</a>)
(<a
href="eb00c845e2">eb00c84</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2860">#2860</a>)
(<a
href="3347fa1ef8">3347fa1</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.204.0...v0.205.0">0.205.0</a>
(2024-11-06)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2852">#2852</a>)
(<a
href="e3868f25db">e3868f2</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2855">#2855</a>)
(<a
href="47ea8e4b72">47ea8e4</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2857">#2857</a>)
(<a
href="78320944b8">7832094</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2858">#2858</a>)
(<a
href="eb00c845e2">eb00c84</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2860">#2860</a>)
(<a
href="3347fa1ef8">3347fa1</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="69dcf2750e"><code>69dcf27</code></a>
chore(main): release 0.205.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2853">#2853</a>)</li>
<li><a
href="a01d19843e"><code>a01d198</code></a>
chore(all): upgrade cloud.google.com/go/auth to v0.10.1 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2861">#2861</a>)</li>
<li><a
href="3347fa1ef8"><code>3347fa1</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2860">#2860</a>)</li>
<li><a
href="eb00c845e2"><code>eb00c84</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2858">#2858</a>)</li>
<li><a
href="78320944b8"><code>7832094</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2857">#2857</a>)</li>
<li><a
href="47ea8e4b72"><code>47ea8e4</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2855">#2855</a>)</li>
<li><a
href="e3868f25db"><code>e3868f2</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2852">#2852</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.204.0...v0.205.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.204.0&new-version=0.205.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: James Carnegie <kipz@users.noreply.github.com>
 2024-11-07 11:33:32 +00:00
dependabot[bot]
6727d529ed feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.1 to 1.28.2 (#218) 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.28.1 to 1.28.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="70eb57ac77"><code>70eb57a</code></a>
Release 2024-11-06</li>
<li><a
href="cd2c6b1af3"><code>cd2c6b1</code></a>
Regenerated Clients</li>
<li><a
href="2b2a737b17"><code>2b2a737</code></a>
Update API model</li>
<li><a
href="8c9892f042"><code>8c9892f</code></a>
bump smithy-go codegen to latest (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2890">#2890</a>)</li>
<li><a
href="82897becac"><code>82897be</code></a>
fix potential for user-agent lang value mismatch in tests (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2888">#2888</a>)</li>
<li><a
href="061540b5a7"><code>061540b</code></a>
Cloudfront - add expire time in signed cookie. (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2862">#2862</a>)</li>
<li><a
href="aa3bd1f75d"><code>aa3bd1f</code></a>
fix makefile to not spam releases for feature/dynamodb/attributevalue
(<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2885">#2885</a>)</li>
<li><a
href="eb96051d5b"><code>eb96051</code></a>
Release 2024-11-01</li>
<li><a
href="7f2d000cf7"><code>7f2d000</code></a>
Regenerated Clients</li>
<li><a
href="8542f2f22d"><code>8542f2f</code></a>
Update endpoints model</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/config/v1.28.1...config/v1.28.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.28.1&new-version=1.28.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-07 09:20:05 +00:00
dependabot[bot]
f7f8802e6c feat(deps): bump github.com/containerd/containerd/v2 from 2.0.0-rc.6 to 2.0.0 (#216) 
Bumps
[github.com/containerd/containerd/v2](https://github.com/containerd/containerd)
from 2.0.0-rc.6 to 2.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/containerd/containerd/releases">github.com/containerd/containerd/v2's
releases</a>.</em></p>
<blockquote>
<h2>containerd 2.0.0</h2>
<p>Welcome to the v2.0.0 release of containerd!</p>
<p>The first major release of containerd 2.x focuses on the continued
stability of
containerd's core feature set with an easy upgrade from containerd 1.x.
This
release includes the stabilization of new features added in the last 1.x
release
as well as the removal of features which were deprecated in 1.x. The
goal is to
support the vast community of containerd users well into the future
along with
their ever increasing deployment footprints and variety of use
cases.</p>
<p>See <a
href="https://github.com/containerd/containerd/blob/main/docs/containerd-2.0.md">containerd
2.0</a> documentation for details on what is new and has changed in this
release.</p>
<h3>Highlights</h3>
<ul>
<li>Allow sections of Plugins to be merged, and not overwritten as
entire sections. (<a
href="https://redirect.github.com/containerd/containerd/pull/9982">#9982</a>)</li>
<li>Add Update API for sandbox controller (<a
href="https://redirect.github.com/containerd/containerd/pull/9903">#9903</a>)</li>
<li>Configure otel from env instead of config.toml (<a
href="https://redirect.github.com/containerd/containerd/pull/8970">#8970</a>)</li>
<li>Enable NRI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/9744">#9744</a>)</li>
<li>Add PluginInfo to introspection API (<a
href="https://redirect.github.com/containerd/containerd/pull/9442">#9442</a>)</li>
<li>Remove overlayfs volatile option on temp mounts (<a
href="https://redirect.github.com/containerd/containerd/pull/9555">#9555</a>)</li>
<li>Expose usage of deprecated features (<a
href="https://redirect.github.com/containerd/containerd/pull/9258">#9258</a>)</li>
<li>Use Intel ISA-L's igzip if available (<a
href="https://redirect.github.com/containerd/containerd/pull/9200">#9200</a>)</li>
<li>Introduce top level config migration (<a
href="https://redirect.github.com/containerd/containerd/pull/9223">#9223</a>)</li>
<li>Add image delete target (<a
href="https://redirect.github.com/containerd/containerd/pull/8989">#8989</a>)</li>
<li>Remove <code>LimitNOFILE</code> from <code>containerd.service</code>
(<a
href="https://redirect.github.com/containerd/containerd/pull/8924">#8924</a>)</li>
<li>Add support for image expiration during garbage collection (<a
href="https://redirect.github.com/containerd/containerd/pull/9022">#9022</a>)</li>
<li>Reduce the contention between ref lock and boltdb lock in content
store (<a
href="https://redirect.github.com/containerd/containerd/pull/8792">#8792</a>)</li>
<li>Remove &quot;containerd.io/restart.logpath&quot; label (<a
href="https://redirect.github.com/containerd/containerd/pull/8264">#8264</a>)</li>
<li>Remove <code>aufs</code> snapshotter (<a
href="https://redirect.github.com/containerd/containerd/pull/8263">#8263</a>)</li>
<li>Fix deadlock during NRI plugin registration (<a
href="https://redirect.github.com/containerd/nri/pull/79">containerd/nri#79</a>)</li>
<li>Support arm64/v9 and minor variants (<a
href="https://redirect.github.com/containerd/platforms/pull/8">containerd/platforms#8</a>)</li>
<li>Fix deadlock when writing to pipe blocks (<a
href="https://redirect.github.com/containerd/ttrpc/pull/168">containerd/ttrpc#168</a>)</li>
</ul>
<h4>Build and Release Toolchain</h4>
<ul>
<li>Generate attestation for artifacts during release (<a
href="https://redirect.github.com/containerd/containerd/pull/10543">#10543</a>)</li>
<li>Remove <code>cri-containerd-*.tar.gz</code> release bundles (<a
href="https://redirect.github.com/containerd/containerd/pull/9096">#9096</a>)</li>
</ul>
<h4>Container Runtime Interface (CRI)</h4>
<ul>
<li>Use 'UserSpecifiedImage' from CRI to set the image-name annotation
(<a
href="https://redirect.github.com/containerd/containerd/pull/10747">#10747</a>)</li>
<li>Fine-grained SupplementalGroups control (<a
href="https://redirect.github.com/containerd/containerd/pull/9737">#9737</a>)</li>
<li>Add support to set loopback to up (<a
href="https://redirect.github.com/containerd/containerd/pull/10238">#10238</a>)</li>
<li>KEP-3857: Recursive Read-only (RRO) mounts (<a
href="https://redirect.github.com/containerd/containerd/pull/9787">#9787</a>)</li>
<li>Add support for multiple subscribers to CRI container events (<a
href="https://redirect.github.com/containerd/containerd/pull/9661">#9661</a>)</li>
<li>Enable CDI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/9621">#9621</a>)</li>
<li>Remove non-sandboxed CRI implementation (<a
href="https://redirect.github.com/containerd/containerd/pull/9228">#9228</a>)</li>
<li>Add support for userns in stateless and stateful pods with idmap
mounts (KEP-127, k8s &gt;= 1.27) (<a
href="https://redirect.github.com/containerd/containerd/pull/8287">#8287</a>)</li>
<li>Use sandboxed CRI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/8994">#8994</a>)</li>
<li>Implement RuntimeConfig CRI call (<a
href="https://redirect.github.com/containerd/containerd/pull/8722">#8722</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/containerd/containerd/blob/main/RELEASES.md">github.com/containerd/containerd/v2's
changelog</a>.</em></p>
<blockquote>
<h1>Versioning and Release</h1>
<p>This document details the versioning and release plan for containerd.
Stability
is a top goal for this project, and we hope that this document and the
processes
it entails will help to achieve that. It covers the release process,
versioning
numbering, backporting, API stability and support horizons.</p>
<p>If you rely on containerd, it would be good to spend time
understanding the
areas of the API that are and are not supported and how they impact your
project in the future.</p>
<p>This document will be considered a living document. Supported
timelines,
backport targets and API stability guarantees will be updated here as
they
change.</p>
<p>If there is something that you require or this document leaves out,
please
reach out by <a
href="https://github.com/containerd/containerd/issues">filing an
issue</a>.</p>
<h2>Releases</h2>
<p>Releases of containerd will be versioned using dotted triples,
similar to
<a href="http://semver.org/">Semantic Version</a>. For the purposes of
this document, we
will refer to the respective components of this triple as
<code>&lt;major&gt;.&lt;minor&gt;.&lt;patch&gt;</code>. The version
number may have additional information,
such as alpha, beta and release candidate qualifications. Such releases
will be
considered &quot;pre-releases&quot;.</p>
<h3>Major and Minor Releases</h3>
<p>Major and minor releases of containerd will be made from main.
Releases of
containerd will be marked with GPG signed tags and announced at
<a
href="https://github.com/containerd/containerd/releases">https://github.com/containerd/containerd/releases</a>.
The tag will be of the
format <code>v&lt;major&gt;.&lt;minor&gt;.&lt;patch&gt;</code> and
should be made with the command <code>git tag -s
v&lt;major&gt;.&lt;minor&gt;.&lt;patch&gt;</code>.</p>
<p>After a minor release, a branch will be created, with the format
<code>release/&lt;major&gt;.&lt;minor&gt;</code> from the minor tag. All
further patch releases will
be done from that branch. For example, once we release
<code>v1.0.0</code>, a branch
<code>release/1.0</code> will be created from that tag. All future patch
releases will be
done against that branch.</p>
<h3>Pre-releases</h3>
<p>Pre-releases, such as alphas, betas and release candidates will be
conducted
from their source branch. For major and minor releases, these releases
will be
done from main. For patch releases, these pre-releases should be done
within
the corresponding release branch.</p>
<p>While pre-releases are done to assist in the stabilization process,
no
guarantees are provided.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="207ad711ea"><code>207ad71</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10939">#10939</a>
from dmcgowan/prepare-v2.0.0</li>
<li><a
href="03ba4ce1f7"><code>03ba4ce</code></a>
Update release notes for v2.0.0</li>
<li><a
href="f2da3fd688"><code>f2da3fd</code></a>
Update release docs for v2.0.0</li>
<li><a
href="6369206870"><code>6369206</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10954">#10954</a>
from dmcgowan/update-typeurl-2.2.2</li>
<li><a
href="ff09b428e1"><code>ff09b42</code></a>
Update typeurl to v2.2.2</li>
<li><a
href="18caa33fdc"><code>18caa33</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10944">#10944</a>
from containerd/dependabot/github_actions/softprops...</li>
<li><a
href="545605d5b4"><code>545605d</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10945">#10945</a>
from containerd/dependabot/github_actions/google-gi...</li>
<li><a
href="71c274bb81"><code>71c274b</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10947">#10947</a>
from containerd/dependabot/go_modules/github.com/co...</li>
<li><a
href="e841240997"><code>e841240</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10946">#10946</a>
from containerd/dependabot/go_modules/github.com/co...</li>
<li><a
href="9fe6f7c067"><code>9fe6f7c</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10943">#10943</a>
from containerd/dependabot/github_actions/google-gi...</li>
<li>Additional commits viewable in <a
href="https://github.com/containerd/containerd/compare/v2.0.0-rc.6...v2.0.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/containerd/containerd/v2&package-manager=go_modules&previous-version=2.0.0-rc.6&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-06 12:16:34 +00:00
dependabot[bot]
1fd228fb5c feat(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0 (#215) 
Bumps
[github.com/open-policy-agent/opa](https://github.com/open-policy-agent/opa)
from 0.69.0 to 0.70.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/open-policy-agent/opa/releases">github.com/open-policy-agent/opa's
releases</a>.</em></p>
<blockquote>
<h2>v0.70.0</h2>
<p>This release contains a mix of features, performance improvements,
and bugfixes.</p>
<h3>Optimized read mode for OPA's in-memory store (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7125">#7125</a>)</h3>
<p>A new optimized read mode has been added to the default in-memory
store, where data written to the store is eagerly converted
to AST values (the data format used during evaluation). This removes the
time spent converting raw data values to AST
during policy evaluation, thereby improving performance.</p>
<p>The memory footprint of the store will increase, as processed AST
values generally take up more space in memory than the
corresponding raw data values, but overall memory usage of OPA might
remain more stable over time, as pre-converted data
is shared across evaluations and isn't recomputed for each evaluation,
which can cause spikes in memory usage.</p>
<p>This mode can be enabled for <code>opa run</code>, <code>opa
eval</code>, and <code>opa bench</code> by setting the
<code>--optimize-store-for-read-speed</code> flag.</p>
<p>More information about this feature can be found <a
href="https://www.openpolicyagent.org/docs/v0.70.0/policy-performance/#storage-optimization">here</a>.</p>
<p>Co-authored by <a
href="https://github.com/johanfylling"><code>@​johanfylling</code></a>
and <a
href="https://github.com/ashutosh-narkar"><code>@​ashutosh-narkar</code></a>.</p>
<h3>Topdown and Rego</h3>
<ul>
<li>topdown: Use new Inter-Query Value Cache for
<code>json.match_schema</code> built-in function (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7011">#7011</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a>
reported by <a
href="https://github.com/lcarva"><code>@​lcarva</code></a></li>
<li>ast: Fix location text attribute for multi-value rules with
generated body (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7128">#7128</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
<li>ast: Fix regression in <code>opa check</code> where a file that
referenced non-provided schemas failed validation (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7124">#7124</a>)
authored by <a
href="https://github.com/tjons"><code>@​tjons</code></a></li>
<li>test/cases/testdata: Fix bug in test by replacing unification by
explicit equality check (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7093">#7093</a>)
authored by <a
href="https://github.com/matajoh"><code>@​matajoh</code></a></li>
<li>ast: Replace use of yaml.v2 library with yaml.v3. The earlier
version would parse <code>yes</code>/<code>no</code> values as boolean.
The usage of yaml.v2 in the parser was unintentional and now has been
updated to yaml.v3 (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7090">#7090</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
</ul>
<h3>Runtime, Tooling, SDK</h3>
<ul>
<li>cmd: Make <code>opa check</code> respect <code>--ignore</code> when
<code>--bundle</code> flag is set (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7136">#7136</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
<li>server/writer: Properly handle result encoding errors which earlier
on failure would emit logs such as <code>superfluous call to
WriteHeader()</code> while still returning <code>200</code> HTTP status
code. Now, errors encoding the payload properly lead to <code>500</code>
HTTP status code, without extra logs. Also use Header().Set() not
Header().Add() to avoid duplicate content-type headers (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7114">#7114</a>)
authored by <a
href="https://github.com/srenatus"><code>@​srenatus</code></a></li>
<li>cmd: Support <code>file://</code> format for TLS key material file
flags in <code>opa run</code> (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7094">#7094</a>)
authored by <a
href="https://github.com/alexrohozneanu"><code>@​alexrohozneanu</code></a></li>
<li>plugins/rest/azure: Support managed identity for App Service /
Container Apps (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7085">#7085</a>)
reported and authored by <a
href="https://github.com/apc-kamezaki"><code>@​apc-kamezaki</code></a></li>
<li>debug: Fix step-over behaviour when exiting partial rules (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7096">#7096</a>)
authored by <a
href="https://github.com/johanfylling"><code>@​johanfylling</code></a></li>
<li>util+plugins: Fix potential memory leaks with explicit timer
cancellation (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7089">#7089</a>)
authored by <a
href="https://github.com/philipaconrad"><code>@​philipaconrad</code></a></li>
</ul>
<h3>Docs, Website, Ecosystem</h3>
<ul>
<li>docs: Fix OCI example with updated flag used by the ORAS CLI (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7130">#7130</a>)
authored by <a
href="https://github.com/b3n3d17"><code>@​b3n3d17</code></a></li>
<li>docs: Delete Atom editor from supported editor integrations (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7111">#7111</a>)
authored by <a
href="https://github.com/KaranbirSingh7"><code>@​KaranbirSingh7</code></a></li>
<li>docs/website: Add Styra OPA ASP.NET Core SDK integration (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7073">#7073</a>)
authored by <a
href="https://github.com/philipaconrad"><code>@​philipaconrad</code></a></li>
<li>docs/website: Update compatibility information on the rego-cpp
integration (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7078">#7078</a>)
authored by <a
href="https://github.com/matajoh"><code>@​matajoh</code></a></li>
</ul>
<h3>Miscellaneous</h3>
<ul>
<li>Dependency updates; notably:
<ul>
<li>build(deps): bump github.com/containerd/containerd from 1.7.22 to
1.7.23</li>
<li>build(deps): bump github.com/prometheus/client_golang from 1.20.4 to
1.20.5</li>
<li>build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0</li>
<li>build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0</li>
<li>build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/open-policy-agent/opa/blob/main/CHANGELOG.md">github.com/open-policy-agent/opa's
changelog</a>.</em></p>
<blockquote>
<h2>0.70.0</h2>
<p>This release contains a mix of features, performance improvements,
and bugfixes.</p>
<h3>Optimized read mode for OPA's in-memory store (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7125">#7125</a>)</h3>
<p>A new optimized read mode has been added to the default in-memory
store, where data written to the store is eagerly converted
to AST values (the data format used during evaluation). This removes the
time spent converting raw data values to AST
during policy evaluation, thereby improving performance.</p>
<p>The memory footprint of the store will increase, as processed AST
values generally take up more space in memory than the
corresponding raw data values, but overall memory usage of OPA might
remain more stable over time, as pre-converted data
is shared across evaluations and isn't recomputed for each evaluation,
which can cause spikes in memory usage.</p>
<p>This mode can be enabled for <code>opa run</code>, <code>opa
eval</code>, and <code>opa bench</code> by setting the
<code>--optimize-store-for-read-speed</code> flag.</p>
<p>More information about this feature can be found <a
href="https://www.openpolicyagent.org/docs/v0.70.0/policy-performance/#storage-optimization">here</a>.</p>
<p>Co-authored by <a
href="https://github.com/johanfylling"><code>@​johanfylling</code></a>
and <a
href="https://github.com/ashutosh-narkar"><code>@​ashutosh-narkar</code></a>.</p>
<h3>Topdown and Rego</h3>
<ul>
<li>topdown: Use new Inter-Query Value Cache for
<code>json.match_schema</code> built-in function (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7011">#7011</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a>
reported by <a
href="https://github.com/lcarva"><code>@​lcarva</code></a></li>
<li>ast: Fix location text attribute for multi-value rules with
generated body (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7128">#7128</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
<li>ast: Fix regression in <code>opa check</code> where a file that
referenced non-provided schemas failed validation (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7124">#7124</a>)
authored by <a
href="https://github.com/tjons"><code>@​tjons</code></a></li>
<li>test/cases/testdata: Fix bug in test by replacing unification by
explicit equality check (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7093">#7093</a>)
authored by <a
href="https://github.com/matajoh"><code>@​matajoh</code></a></li>
<li>ast: Replace use of yaml.v2 library with yaml.v3. The earlier
version would parse <code>yes</code>/<code>no</code> values as boolean.
The usage of yaml.v2 in the parser was unintentional and now has been
updated to yaml.v3 (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7090">#7090</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
</ul>
<h3>Runtime, Tooling, SDK</h3>
<ul>
<li>cmd: Make <code>opa check</code> respect <code>--ignore</code> when
<code>--bundle</code> flag is set (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7136">#7136</a>)
authored by <a
href="https://github.com/anderseknert"><code>@​anderseknert</code></a></li>
<li>server/writer: Properly handle result encoding errors which earlier
on failure would emit logs such as <code>superfluous call to
WriteHeader()</code> while still returning <code>200</code> HTTP status
code. Now, errors encoding the payload properly lead to <code>500</code>
HTTP status code, without extra logs. Also use Header().Set() not
Header().Add() to avoid duplicate content-type headers (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7114">#7114</a>)
authored by <a
href="https://github.com/srenatus"><code>@​srenatus</code></a></li>
<li>cmd: Support <code>file://</code> format for TLS key material file
flags in <code>opa run</code> (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7094">#7094</a>)
authored by <a
href="https://github.com/alexrohozneanu"><code>@​alexrohozneanu</code></a></li>
<li>plugins/rest/azure: Support managed identity for App Service /
Container Apps (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7085">#7085</a>)
reported and authored by <a
href="https://github.com/apc-kamezaki"><code>@​apc-kamezaki</code></a></li>
<li>debug: Fix step-over behaviour when exiting partial rules (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7096">#7096</a>)
authored by <a
href="https://github.com/johanfylling"><code>@​johanfylling</code></a></li>
<li>util+plugins: Fix potential memory leaks with explicit timer
cancellation (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7089">#7089</a>)
authored by <a
href="https://github.com/philipaconrad"><code>@​philipaconrad</code></a></li>
</ul>
<h3>Docs, Website, Ecosystem</h3>
<ul>
<li>docs: Fix OCI example with updated flag used by the ORAS CLI (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7130">#7130</a>)
authored by <a
href="https://github.com/b3n3d17"><code>@​b3n3d17</code></a></li>
<li>docs: Delete Atom editor from supported editor integrations (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7111">#7111</a>)
authored by <a
href="https://github.com/KaranbirSingh7"><code>@​KaranbirSingh7</code></a></li>
<li>docs/website: Add Styra OPA ASP.NET Core SDK integration (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7073">#7073</a>)
authored by <a
href="https://github.com/philipaconrad"><code>@​philipaconrad</code></a></li>
<li>docs/website: Update compatibility information on the rego-cpp
integration (<a
href="https://redirect.github.com/open-policy-agent/opa/pull/7078">#7078</a>)
authored by <a
href="https://github.com/matajoh"><code>@​matajoh</code></a></li>
</ul>
<h3>Miscellaneous</h3>
<ul>
<li>Dependency updates; notably:
<ul>
<li>build(deps): bump github.com/containerd/containerd from 1.7.22 to
1.7.23</li>
<li>build(deps): bump github.com/prometheus/client_golang from 1.20.4 to
1.20.5</li>
<li>build(deps): bump golang.org/x/net from 0.29.0 to 0.30.0</li>
<li>build(deps): bump golang.org/x/time from 0.6.0 to 0.7.0</li>
<li>build(deps): bump google.golang.org/grpc from 1.67.0 to 1.67.1</li>
</ul>
</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2ea031ea04"><code>2ea031e</code></a>
Prepare v0.70.0 release</li>
<li><a
href="6af5e79bd9"><code>6af5e79</code></a>
storage: Optimized read mode for default data storage</li>
<li><a
href="1b797d9c1b"><code>1b797d9</code></a>
Make <code>opa check</code> respect <code>--ignore</code> when
<code>--bundle</code> flag is set (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7137">#7137</a>)</li>
<li><a
href="8e44b98993"><code>8e44b98</code></a>
build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7138">#7138</a>)</li>
<li><a
href="ad6ffdae6a"><code>ad6ffda</code></a>
build(deps): bump actions/checkout from 4.2.1 to 4.2.2 (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7135">#7135</a>)</li>
<li><a
href="67fe53bfbe"><code>67fe53b</code></a>
Update Andrew Peabody to emeritus (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7133">#7133</a>)</li>
<li><a
href="30f374713b"><code>30f3747</code></a>
build(deps): bump github/codeql-action from 3.26.13 to 3.27.0</li>
<li><a
href="f7957bdd73"><code>f7957bd</code></a>
🐛 fix: oras cli changed to --config</li>
<li><a
href="58ec50b4b0"><code>58ec50b</code></a>
Fix location for multivalue rules with generated bodies (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7129">#7129</a>)</li>
<li><a
href="555fe84094"><code>555fe84</code></a>
only check schemas when schemas are provided (<a
href="https://redirect.github.com/open-policy-agent/opa/issues/7124">#7124</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/open-policy-agent/opa/compare/v0.69.0...v0.70.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/open-policy-agent/opa&package-manager=go_modules&previous-version=0.69.0&new-version=0.70.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-04 08:46:23 +00:00
dependabot[bot]
d481832f61 feat(deps): bump google.golang.org/api from 0.203.0 to 0.204.0 (#214) 
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.203.0 to 0.204.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.204.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.203.0...v0.204.0">0.204.0</a>
(2024-10-31)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2837">#2837</a>)
(<a
href="343ae0e822">343ae0e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2839">#2839</a>)
(<a
href="37b271e98c">37b271e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2841">#2841</a>)
(<a
href="fb3747b8f9">fb3747b</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2842">#2842</a>)
(<a
href="7221d2c798">7221d2c</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2844">#2844</a>)
(<a
href="56c5ddb8ea">56c5ddb</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2845">#2845</a>)
(<a
href="9d5f008642">9d5f008</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2848">#2848</a>)
(<a
href="5bc448d649">5bc448d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2850">#2850</a>)
(<a
href="7955ec454d">7955ec4</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>transport/grpc:</strong> Pass through cert source to new
auth lib (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2840">#2840</a>)
(<a
href="c67e7c09f9">c67e7c0</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Mark WithUniverseDomain as stable (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2847">#2847</a>)
(<a
href="29e20f6029">29e20f6</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.203.0...v0.204.0">0.204.0</a>
(2024-10-31)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2837">#2837</a>)
(<a
href="343ae0e822">343ae0e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2839">#2839</a>)
(<a
href="37b271e98c">37b271e</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2841">#2841</a>)
(<a
href="fb3747b8f9">fb3747b</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2842">#2842</a>)
(<a
href="7221d2c798">7221d2c</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2844">#2844</a>)
(<a
href="56c5ddb8ea">56c5ddb</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2845">#2845</a>)
(<a
href="9d5f008642">9d5f008</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2848">#2848</a>)
(<a
href="5bc448d649">5bc448d</a>)</li>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2850">#2850</a>)
(<a
href="7955ec454d">7955ec4</a>)</li>
</ul>
<h3>Bug Fixes</h3>
<ul>
<li><strong>transport/grpc:</strong> Pass through cert source to new
auth lib (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2840">#2840</a>)
(<a
href="c67e7c09f9">c67e7c0</a>)</li>
</ul>
<h3>Documentation</h3>
<ul>
<li>Mark WithUniverseDomain as stable (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2847">#2847</a>)
(<a
href="29e20f6029">29e20f6</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="bcf158044a"><code>bcf1580</code></a>
chore(main): release 0.204.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2838">#2838</a>)</li>
<li><a
href="c67e7c09f9"><code>c67e7c0</code></a>
fix(transport/grpc): pass through cert source to new auth lib (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2840">#2840</a>)</li>
<li><a
href="29e20f6029"><code>29e20f6</code></a>
docs: mark WithUniverseDomain as stable (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2847">#2847</a>)</li>
<li><a
href="4b4eacf4f2"><code>4b4eacf</code></a>
chore: bump auth deps (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2851">#2851</a>)</li>
<li><a
href="7955ec454d"><code>7955ec4</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2850">#2850</a>)</li>
<li><a
href="5bc448d649"><code>5bc448d</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2848">#2848</a>)</li>
<li><a
href="9d5f008642"><code>9d5f008</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2845">#2845</a>)</li>
<li><a
href="48dda95162"><code>48dda95</code></a>
chore(all): update all to 324edc3 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2843">#2843</a>)</li>
<li><a
href="56c5ddb8ea"><code>56c5ddb</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2844">#2844</a>)</li>
<li><a
href="7221d2c798"><code>7221d2c</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2842">#2842</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.203.0...v0.204.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.203.0&new-version=0.204.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-04 08:42:08 +00:00
dependabot[bot]
dbac7405c7 feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.0 to 1.28.1 (#213) 
Bumps
[github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2)
from 1.28.0 to 1.28.1.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="6b53348f84"><code>6b53348</code></a>
Release 2024-10-28</li>
<li><a
href="784d2d39b0"><code>784d2d3</code></a>
Regenerated Clients</li>
<li><a
href="7258bd236c"><code>7258bd2</code></a>
Update endpoints model</li>
<li><a
href="f322198c04"><code>f322198</code></a>
Update API model</li>
<li><a
href="b65b80a89b"><code>b65b80a</code></a>
Merge pull request <a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2852">#2852</a>
from RanVaknin/signature-header-parsing-fix</li>
<li><a
href="803614d34f"><code>803614d</code></a>
Fixing changelog description and implementation to use TrimSpace</li>
<li><a
href="b12c8cf885"><code>b12c8cf</code></a>
adding changelog</li>
<li><a
href="f0caa97e86"><code>f0caa97</code></a>
patching GetSignedRequestSignature to cover edge cases with the
signature</li>
<li><a
href="e05890387e"><code>e058903</code></a>
drop service/nimble (<a
href="https://redirect.github.com/aws/aws-sdk-go-v2/issues/2851">#2851</a>)</li>
<li><a
href="896793a682"><code>896793a</code></a>
Release 2024-10-25</li>
<li>Additional commits viewable in <a
href="https://github.com/aws/aws-sdk-go-v2/compare/v1.28.0...config/v1.28.1">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/aws/aws-sdk-go-v2/config&package-manager=go_modules&previous-version=1.28.0&new-version=1.28.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-11-04 08:33:57 +00:00
dependabot[bot]
868e44228e feat(deps): bump github.com/containerd/containerd/v2 from 2.0.0-rc.5 to 2.0.0-rc.6 (#212) 
Bumps
[github.com/containerd/containerd/v2](https://github.com/containerd/containerd)
from 2.0.0-rc.5 to 2.0.0-rc.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/containerd/containerd/releases">github.com/containerd/containerd/v2's
releases</a>.</em></p>
<blockquote>
<h2>containerd 2.0.0-rc.6</h2>
<p>Welcome to the v2.0.0-rc.6 release of containerd!
<em>This is a pre-release of containerd</em></p>
<p>The first major release of containerd 2.x focuses on the continued
stability of
containerd's core feature set with an easy upgrade from containerd 1.x.
This
release includes the stabilization of new features added in the last 1.x
release
as well as the removal of features which were deprecated in 1.x. The
goal is to
support the vast community of containerd users well into the future
along with
their ever increasing deployment footprints and variety of use
cases.</p>
<h3>Highlights</h3>
<ul>
<li>Allow sections of Plugins to be merged, and not overwritten as
entire sections. (<a
href="https://redirect.github.com/containerd/containerd/pull/9982">#9982</a>)</li>
<li>Add Update API for sandbox controller (<a
href="https://redirect.github.com/containerd/containerd/pull/9903">#9903</a>)</li>
<li>Configure otel from env instead of config.toml (<a
href="https://redirect.github.com/containerd/containerd/pull/8970">#8970</a>)</li>
<li>Enable NRI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/9744">#9744</a>)</li>
<li>Add PluginInfo to introspection API (<a
href="https://redirect.github.com/containerd/containerd/pull/9442">#9442</a>)</li>
<li>Remove overlayfs volatile option on temp mounts (<a
href="https://redirect.github.com/containerd/containerd/pull/9555">#9555</a>)</li>
<li>Expose usage of deprecated features (<a
href="https://redirect.github.com/containerd/containerd/pull/9258">#9258</a>)</li>
<li>Use Intel ISA-L's igzip if available (<a
href="https://redirect.github.com/containerd/containerd/pull/9200">#9200</a>)</li>
<li>Introduce top level config migration (<a
href="https://redirect.github.com/containerd/containerd/pull/9223">#9223</a>)</li>
<li>Add image delete target (<a
href="https://redirect.github.com/containerd/containerd/pull/8989">#8989</a>)</li>
<li>Remove <code>LimitNOFILE</code> from <code>containerd.service</code>
(<a
href="https://redirect.github.com/containerd/containerd/pull/8924">#8924</a>)</li>
<li>Add support for image expiration during garbage collection (<a
href="https://redirect.github.com/containerd/containerd/pull/9022">#9022</a>)</li>
<li>Reduce the contention between ref lock and boltdb lock in content
store (<a
href="https://redirect.github.com/containerd/containerd/pull/8792">#8792</a>)</li>
<li>Remove &quot;containerd.io/restart.logpath&quot; label (<a
href="https://redirect.github.com/containerd/containerd/pull/8264">#8264</a>)</li>
<li>Remove <code>aufs</code> snapshotter (<a
href="https://redirect.github.com/containerd/containerd/pull/8263">#8263</a>)</li>
<li>Fix deadlock during NRI plugin registration (<a
href="https://redirect.github.com/containerd/nri/pull/79">containerd/nri#79</a>)</li>
<li>Fix deadlock when writing to pipe blocks (<a
href="https://redirect.github.com/containerd/ttrpc/pull/168">containerd/ttrpc#168</a>)</li>
</ul>
<h4>Build and Release Toolchain</h4>
<ul>
<li>Generate attestation for artifacts during release (<a
href="https://redirect.github.com/containerd/containerd/pull/10543">#10543</a>)</li>
<li>Remove <code>cri-containerd-*.tar.gz</code> release bundles (<a
href="https://redirect.github.com/containerd/containerd/pull/9096">#9096</a>)</li>
</ul>
<h4>Container Runtime Interface (CRI)</h4>
<ul>
<li>Use 'UserSpecifiedImage' from CRI to set the image-name annotation
(<a
href="https://redirect.github.com/containerd/containerd/pull/10747">#10747</a>)</li>
<li>Fine-grained SupplementalGroups control (<a
href="https://redirect.github.com/containerd/containerd/pull/9737">#9737</a>)</li>
<li>Add support to set loopback to up (<a
href="https://redirect.github.com/containerd/containerd/pull/10238">#10238</a>)</li>
<li>Add support for multiple subscribers to CRI container events (<a
href="https://redirect.github.com/containerd/containerd/pull/9661">#9661</a>)</li>
<li>Enable CDI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/9621">#9621</a>)</li>
<li>Remove non-sandboxed CRI implementation (<a
href="https://redirect.github.com/containerd/containerd/pull/9228">#9228</a>)</li>
<li>Add support for userns in stateless and stateful pods with idmap
mounts (KEP-127, k8s &gt;= 1.27) (<a
href="https://redirect.github.com/containerd/containerd/pull/8287">#8287</a>)</li>
<li>Use sandboxed CRI by default (<a
href="https://redirect.github.com/containerd/containerd/pull/8994">#8994</a>)</li>
<li>Implement RuntimeConfig CRI call (<a
href="https://redirect.github.com/containerd/containerd/pull/8722">#8722</a>)</li>
<li>Add support for user namespaces (KEP-127) (<a
href="https://redirect.github.com/containerd/containerd/pull/8803">#8803</a>)</li>
<li>Remove CRI v1alpha2 (<a
href="https://redirect.github.com/containerd/containerd/pull/8276">#8276</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b70cce2085"><code>b70cce2</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10887">#10887</a>
from dmcgowan/prepare-v2.0.0-rc.6</li>
<li><a
href="5c65a3d7b0"><code>5c65a3d</code></a>
Update version to v2.0.0-rc.6</li>
<li><a
href="9aa637b22d"><code>9aa637b</code></a>
Update api vendor to latest</li>
<li><a
href="574f0daa3e"><code>574f0da</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10884">#10884</a>
from samuelkarp/nri-0.7.0</li>
<li><a
href="4b9d6c0144"><code>4b9d6c0</code></a>
deps: bump github.com/containerd/nri</li>
<li><a
href="651757761f"><code>6517577</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10864">#10864</a>
from djdongjin/dedup-cri-util</li>
<li><a
href="deccefc8cf"><code>deccefc</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/9982">#9982</a>
from rayburgemeestre/merge-toml-configurations-for-p...</li>
<li><a
href="e370f0e31c"><code>e370f0e</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10882">#10882</a>
from samuelkarp/containerd-2.0-guide</li>
<li><a
href="bc819bc97a"><code>bc819bc</code></a>
docs: add command for finding schema 1 images</li>
<li><a
href="18654db80a"><code>18654db</code></a>
Merge pull request <a
href="https://redirect.github.com/containerd/containerd/issues/10881">#10881</a>
from samuelkarp/containerd-2.0-guide</li>
<li>Additional commits viewable in <a
href="https://github.com/containerd/containerd/compare/v2.0.0-rc.5...v2.0.0-rc.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/containerd/containerd/v2&package-manager=go_modules&previous-version=2.0.0-rc.5&new-version=2.0.0-rc.6)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-24 09:05:49 +00:00
dependabot[bot]
31d303ff9c feat(deps): bump google.golang.org/api from 0.202.0 to 0.203.0 (#211) 
Bumps
[google.golang.org/api](https://github.com/googleapis/google-api-go-client)
from 0.202.0 to 0.203.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/releases">google.golang.org/api's
releases</a>.</em></p>
<blockquote>
<h2>v0.203.0</h2>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.202.0...v0.203.0">0.203.0</a>
(2024-10-23)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2834">#2834</a>)
(<a
href="c77b5f4cd2">c77b5f4</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md">google.golang.org/api's
changelog</a>.</em></p>
<blockquote>
<h2><a
href="https://github.com/googleapis/google-api-go-client/compare/v0.202.0...v0.203.0">0.203.0</a>
(2024-10-23)</h2>
<h3>Features</h3>
<ul>
<li><strong>all:</strong> Auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2834">#2834</a>)
(<a
href="c77b5f4cd2">c77b5f4</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5ca1495a58"><code>5ca1495</code></a>
chore(main): release 0.203.0 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2835">#2835</a>)</li>
<li><a
href="71d3f5c68e"><code>71d3f5c</code></a>
chore(all): upgrade cloud.google.com/go/auth to v0.9.9 (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2836">#2836</a>)</li>
<li><a
href="c77b5f4cd2"><code>c77b5f4</code></a>
feat(all): auto-regenerate discovery clients (<a
href="https://redirect.github.com/googleapis/google-api-go-client/issues/2834">#2834</a>)</li>
<li>See full diff in <a
href="https://github.com/googleapis/google-api-go-client/compare/v0.202.0...v0.203.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=google.golang.org/api&package-manager=go_modules&previous-version=0.202.0&new-version=0.203.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-24 10:03:31 +01:00
dependabot[bot]
b0d6219e34 feat(deps): bump google.golang.org/api from 0.201.0 to 0.202.0 (#210) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.201.0 to 0.202.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.201.0...v0.202.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
v0.6.8 		2024-10-23 13:37:33 +01:00
Jonny Stoten
b4a9283ec3 Update go git (#209) 2024-10-22 15:31:55 +01:00
Jonny Stoten
ca97a23d07 Skip DCO requirement for org members (#208) 
Signed-off-by: Jonny Stoten <jonny.stoten@docker.com>
 2024-10-22 14:41:44 +01:00
Jonny Stoten
a078fba81d feat: add internal reproducible git checksum builtin (#203) 
Adds a new rego builtin `attest.internals.reproducible_git_checksum`.
This is needed for verifying DOI provenance, see
https://github.com/docker/doi-image-policy/blob/main/slsa.md#doi-build-reproducible-git-checksum.

We use https://github.com/go-git/go-git for as much of this as possible,
but it doesn't support the actual archive operation, so we shell out to
`git` for that.

There is some similar unexported code in bashbrew, and we should
probably be using the same code in the build process as we are here.
I'll create a follow-up ticket to sort that out.
 2024-10-22 14:30:27 +01:00
Joel Kamp
3cf2d929f7 Merge pull request #206 from docker/feat-add-code-of-conduct 
feat: add code of conduct
 2024-10-21 10:09:26 -05:00
mrjoelkamp
c7b2ebefac feat: add code of conduct 
Signed-off-by: mrjoelkamp <joel.kamp@docker.com>
 2024-10-21 10:00:36 -05:00
Joel Kamp
85cf56de49 Merge pull request #205 from docker/feat-add-pr-issue-templates 
feat: add pr and issue templates
 2024-10-18 10:00:53 -05:00
mrjoelkamp
f426fa367c feat: add pr and issue templates 2024-10-18 09:55:27 -05:00
Joel Kamp
c7c3d23717 Merge pull request #204 from docker/chore-apply-license 
chore: apply license headers
 2024-10-18 09:45:31 -05:00
mrjoelkamp
01a6a2ab7d refactor: remove copyright year; add newline 2024-10-18 09:25:31 -05:00
mrjoelkamp
6fd73fe45d chore: add notice 2024-10-17 14:08:33 -05:00
mrjoelkamp
0215b620cd chore: apply license headers 2024-10-17 13:43:30 -05:00
Joel Kamp
79bbc9b55b Merge pull request #198 from docker/dependabot/go_modules/github.com/sigstore/sigstore/pkg/signature/kms/aws-1.8.10 
feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws from 1.8.9 to 1.8.10
v0.6.7 		2024-10-17 08:31:45 -05:00
Joel Kamp
47669993c6 Merge branch 'main' into dependabot/go_modules/github.com/sigstore/sigstore/pkg/signature/kms/aws-1.8.10 2024-10-17 08:25:14 -05:00
Joel Kamp
7414fb7339 Merge pull request #199 from docker/dependabot/go_modules/github.com/sigstore/sigstore/pkg/signature/kms/gcp-1.8.10 
feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp from 1.8.9 to 1.8.10
 2024-10-17 08:24:47 -05:00
dependabot[bot]
0e1005d0f7 feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/aws 
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/aws](https://github.com/sigstore/sigstore) from 1.8.9 to 1.8.10.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.9...v1.8.10)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/aws
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-17 13:18:42 +00:00
dependabot[bot]
94f69c75d2 feat(deps): bump github.com/sigstore/sigstore/pkg/signature/kms/gcp 
Bumps [github.com/sigstore/sigstore/pkg/signature/kms/gcp](https://github.com/sigstore/sigstore) from 1.8.9 to 1.8.10.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.9...v1.8.10)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore/pkg/signature/kms/gcp
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-17 13:18:39 +00:00
Joel Kamp
b2e8166079 Merge pull request #200 from docker/dependabot/go_modules/github.com/sigstore/sigstore-1.8.10 
feat(deps): bump github.com/sigstore/sigstore from 1.8.9 to 1.8.10
 2024-10-17 08:16:22 -05:00
Joel Kamp
8c4ee60f50 Merge branch 'main' into dependabot/go_modules/github.com/sigstore/sigstore-1.8.10 2024-10-17 08:12:39 -05:00
mrjoelkamp
9b6234f0ae chore: go mod tidy 2024-10-17 08:12:10 -05:00
Joel Kamp
17b0978b44 Merge pull request #201 from docker/feat--add-verifier-version-to-vsa 
feat: add verifier version to vsa
 2024-10-17 08:09:17 -05:00
Joel Kamp
7ff20a9328 Merge branch 'main' into feat--add-verifier-version-to-vsa 2024-10-17 08:03:47 -05:00
James Carnegie
273b61ebd6 Merge branch 'main' into dependabot/go_modules/github.com/sigstore/sigstore-1.8.10 2024-10-17 09:36:58 +01:00
dependabot[bot]
eda0b23910 feat(deps): bump github.com/aws/aws-sdk-go-v2/config (#202) 
Bumps [github.com/aws/aws-sdk-go-v2/config](https://github.com/aws/aws-sdk-go-v2) from 1.27.43 to 1.28.0.
- [Release notes](https://github.com/aws/aws-sdk-go-v2/releases)
- [Commits](https://github.com/aws/aws-sdk-go-v2/compare/config/v1.27.43...v1.28.0)

---
updated-dependencies:
- dependency-name: github.com/aws/aws-sdk-go-v2/config
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-17 09:36:43 +01:00
mrjoelkamp
4a82bb9981 feat: add version checker test 2024-10-16 15:18:34 -05:00
mrjoelkamp
84c0b116a7 feat: add verifier version to vsa 2024-10-16 12:01:31 -05:00
James Carnegie
16f65fefeb Merge branch 'main' into dependabot/go_modules/github.com/sigstore/sigstore-1.8.10 2024-10-16 10:13:44 +01:00
dependabot[bot]
e39a4ea9f3 feat(deps): bump google.golang.org/api from 0.200.0 to 0.201.0 (#197) 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.200.0 to 0.201.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.200.0...v0.201.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-10-16 10:13:11 +01:00
dependabot[bot]
2e4f8f79bd feat(deps): bump github.com/sigstore/sigstore from 1.8.9 to 1.8.10 
Bumps [github.com/sigstore/sigstore](https://github.com/sigstore/sigstore) from 1.8.9 to 1.8.10.
- [Release notes](https://github.com/sigstore/sigstore/releases)
- [Commits](https://github.com/sigstore/sigstore/compare/v1.8.9...v1.8.10)

---
updated-dependencies:
- dependency-name: github.com/sigstore/sigstore
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-16 09:03:50 +00:00
James Carnegie
da667de610 feat: support arbitrary rego input parameters (#196) 
* feat: support arbitrary rego input parameters
v0.6.6 		2024-10-15 16:07:26 +01:00
Joel Kamp
7027d2d054 Merge pull request #188 from docker/dependabot/go_modules/github.com/sigstore/cosign/v2-2.4.1 
feat(deps): bump github.com/sigstore/cosign/v2 from 2.4.0 to 2.4.1
 2024-10-15 09:37:02 -05:00
mrjoelkamp
163c1828e3 chore: go mod tidy 2024-10-15 09:28:32 -05:00
dependabot[bot]
168a574c15 feat(deps): bump github.com/sigstore/cosign/v2 from 2.4.0 to 2.4.1 
Bumps [github.com/sigstore/cosign/v2](https://github.com/sigstore/cosign) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/sigstore/cosign/releases)
- [Changelog](https://github.com/sigstore/cosign/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sigstore/cosign/compare/v2.4.0...v2.4.1)

---
updated-dependencies:
- dependency-name: github.com/sigstore/cosign/v2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-15 14:27:14 +00:00
Joel Kamp
ad2f8befa2 Merge pull request #195 from docker/dependabot/go_modules/google.golang.org/api-0.200.0 
feat(deps): bump google.golang.org/api from 0.199.0 to 0.200.0
 2024-10-15 08:53:56 -05:00
dependabot[bot]
8460357880 feat(deps): bump google.golang.org/api from 0.199.0 to 0.200.0 
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.199.0 to 0.200.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.199.0...v0.200.0)

---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2024-10-15 13:44:46 +00:00
Joel Kamp
994240018e Merge pull request #187 from docker/dependabot/go_modules/github.com/containerd/containerd/v2-2.0.0-rc.5 
feat(deps): bump github.com/containerd/containerd/v2 from 2.0.0-rc.4 to 2.0.0-rc.5
 2024-10-15 08:42:03 -05:00
Joel Kamp
5c51ee7c19 Merge pull request #194 from docker/dependabot/go_modules/github.com/aws/aws-sdk-go-v2/config-1.27.43 
feat(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.39 to 1.27.43
 2024-10-15 08:36:49 -05:00
Joel Kamp
8ae43ba5e9 Merge branch 'main' into dependabot/go_modules/github.com/containerd/containerd/v2-2.0.0-rc.5 2024-10-15 08:33:48 -05:00