Skip to content

v4.7.0
Compare
Choose a tag to compare
@github-actions github-actions released this 26 Sep 16:29
· 1315 commits to main since this release
v4.7.0
This tag was signed with the committer’s verified signature.
naveensrinivasan Naveen
GPG key ID: F39F847B7B035ADE
Verified
Learn about vigilant mode.
7cd6406
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Changelog

  • 7cd6406 Reduce build target radius (#2293)
  • a7a503a 🌱 cron: pass config as an argument to binaries (4/n) (#2279)
  • 97df43b 🌱 Reduce the number of PR's opened by dependabot (#2297)
  • 88e5ff7 Improve API limiting and cache (#2294)
  • f017e2e Fix typo which was causing index out of range panics (#2284)
  • 08c2ee5 Modify tool installation (#2288)
  • 0f87094 ✨ Gitlab support (#2265)
  • a6983ed Fix failing linters (#2281)
  • 7c24934 🌱 Fix cosign vulnerability (#2283)
  • a298132 🌱 Bump actions/dependency-review-action from 2.1.0 to 2.2.0 (#2282)
  • 9a9a1cb 🐛 Add fix for issue2277 (#2278)
  • d75dea8 🌱 Feature: Group commits into changesets (#2260)
  • 3629fd8 🌱 Bump github/codeql-action from 2.1.22 to 2.1.24
  • 9f67c4e 🌱 Invite @spencerschrock as maintainer (#2269)
  • 482a59e 🌱 Tests: Fix data race failures (#2262)
  • 2231d1f 🌱 cron: make CSV header optional (3/n) (#2261)
  • bde0ae1 🌱 cron: generalize config and create optional values for scorecard and criticality (2/n) (#2254)
  • 9e269b8 🌱 Feature: Add scorecard attestation policy module (#2240)
  • d6bef98 Wrap check errors with distinct error for scorecard-action to ignore. (#2250)
  • 856d2dd 🌱 Bump sigstore/cosign-installer from 2.5.1 to 2.6.0 (#2253)
  • d76ff0d ✨ setup-python not required by pypa/gh-action-pypi-publish (#2206)
  • 11657e4 📖 Remove trailing whitespace (#2241)
  • da785a2 Rename CII->OpenSSF Best Practices badge (#2239)
  • c665f27 🌱 cron: allow controller to read CSVs from cloud storage (1/n) (#2235)
  • 7c66ae8 🌱 Bump imjasonh/setup-ko from 0.5 to 0.6 (#2231)
  • ec15af5 🌱 Bump github/codeql-action from 2.1.21 to 2.1.22 (#2227)
  • dac68a4 🌱 Bump github.com/onsi/gomega from 1.20.1 to 1.20.2 (#2225)
  • bc5a1d6 Enable SAST check in cron by default (#2223)
  • f345807 Detect pyup as an automated dependency update tool (#2226)
  • d13ba3f 📖 Update instructions and other fixes in README (#2212)
  • 7a2c403 🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.4 to 2.1.6 (#2220)
  • 3337b6c 🌱 Bump github.com/onsi/ginkgo/v2 from 2.1.4 to 2.1.6 in /tools (#2221)
  • 758cc39 Add k8s README (#2219)
  • 5ac9f39 🌱 Fix for empty repository (#2207)
  • 33ab335 🌱 Bump github.com/onsi/gomega from 1.20.0 to 1.20.1
  • 621449f ✨ Add CODEOWNERS branch protection check (#2057)
  • 6fc08e7 Allow contents: write for Token-Permissions when doing mvn release (#2202)
  • a8e9050 ✨ Optimize SAST check (#2191)
  • 11ff78e Deduplicate projects by excluding URL fragments (#2201)
  • b40efd2 🌱 Bump cloud.google.com/go/bigquery from 1.38.0 to 1.39.0
  • 9460030 Make the Scalable Scorecards document public. (#2199)
  • fb630a8 🌱 Bump github/codeql-action from 2.1.20 to 2.1.21 (#2200)
  • 64daafb 🌱 Bump cloud.google.com/go/pubsub from 1.24.0 to 1.25.1 (#2197)
  • 32d6ba2 🌱 Bump actions/setup-go from 3.2.1 to 3.3.0 (#2194)
  • 8b3793a 🌱 Bump github/codeql-action from 2.1.19 to 2.1.20 (#2187)
  • 86aa297 🌱 Bump github.com/caarlos0/env/v6 from 6.9.3 to 6.10.0 (#2188)
  • e2813b8 🌱 Bump actions/cache from 3.0.7 to 3.0.8 (#2184)
  • a4d2c01 🌱 Bump distroless/base from 49d2923 to 533c15e (#2185)
  • af2ee3d 🌱 Bump github/codeql-action from 1.0.0 to 2.1.19 (#2178)
  • 77fa781 Check for security polices in RST format at toplevel and .github as well. (#2180)
  • 2920b32 ✨ Improved license check (#2179)
  • 25fd14d 🌱 Bump actions/dependency-review-action from 2.0.4 to 2.1.0 (#2176)
  • 4a15760 Don't error on workflow parse failure in Binary-Artifacts (#2170)

Thanks for all contributors!

Contributors

spencerschrock
Assets 15
Loading