c2041130c5
- Update to version 2.86.0: * refactor: address review comments * Update contributing guidelines for clarity * test(copilot): fix windows asset URL * fix(cache delete): add unit tests and expand help doc * feat(cache delete): allow for delete all caches for a ref * Fix OS name in test archive filename to 'win32' * fix(copilot): replace windows with win32 to match asset names * fix(root): avoid command name collision when registering extensions * chore(root): register copilot command * feat: add copilot command * refactor(run download): extract zip extraction func into a separate package * fix: error when head and base refs are identical in pr create
Pavel Dostál2026-01-26 15:33:38 +00:00
29d11ce040
Accepting request 1328529 from devel:tools:scm
Ana Guerrero2026-01-22 14:14:23 +00:00
cb6b71eca9
- Update to version 2.85.0: * fix: simplify set-default remote parsing * Handle repo argument before remote name * chore: update licenses * chore(deps): bump github.com/yuin/goldmark from 1.7.13 to 1.7.16 * chore: update licenses using go-licenses@v2 * chore: install go-licenses@v2 in scripts * Update go-licenses for 1.25 * chore: update licenses * chore: bump github.com/sigstore/sigstore-go to v1.1.4 * chore: remove redundant comment * ci: enable noop linters * Add shell specification for temporary tag creation * ci: shorten run block * ci: improve step name * ci: tag per build job * Update Azure Code Signing endpoint URL * Update Azure Code Signing client to 1.0.95 * Update actions/checkout to v6 in extension workflow templates * feat: allow git remote names in gh repo set-default * Add test to ensure null values are skipped * ci: disable create storage record for artifacts * chore(deps): bump actions/attest-build-provenance from 3.0.0 to 3.1.0 * chore: run go mod tidy * chore: update licenses * chore: upgrade github.com/cli/oauth to v1.2.1 * fix: prevent panic when processing null project items * ci: fix binary artficat dirs used in macos job * ci: fix binary artifact dir paths used in Windows job * ci: upgrade to GoReleaser v2 CLI syntax for --skipPavel Dostál2026-01-21 14:04:52 +00:00
b880237781
Accepting request 1322993 from devel:tools:scm
Ana Guerrero2025-12-16 14:55:49 +00:00
5a780039e5
- Update to version 2.83.2: * Update licences * Bump dev-tunnels SDK 0.1.13 to 0.1.19 * Bump Go to 1.25.5 * Update licenses for go-containerregistry-0.20.7 bump * chore(deps): bump github.com/google/go-containerregistry * Update licenses for go-version-1.8.0 bump * chore(deps): bump github.com/hashicorp/go-version from 1.7.0 to 1.8.0 * Update licenses for tcell-2.13.1 bump * chore(deps): bump github.com/gdamore/tcell/v2 from 2.9.0 to 2.13.1 * chore: make licenses * refactor: drop multierror in favor of std * Bump Go to 1.25.4 * Update licenses for huh 0.8.0 bump * Fix accessible prompter tests with huh 0.8.0 upgrade * chore(deps): bump github.com/charmbracelet/huh from 0.7.0 to 0.8.0 * Update licenses with grpc-1.76.0 bump * chore(deps): bump google.golang.org/grpc from 1.75.0 to 1.76.0 * Update licenses for mimetype 1.4.11 bump * chore(deps): bump github.com/gabriel-vasile/mimetype * chore(deps): bump github.com/theupdateframework/go-tuf/v2 * chore(deps): bump golangci/golangci-lint-action from 9.0.0 to 9.1.0 * Update licenses for protobuf 1.36.10 bump * chore(deps): bump google.golang.org/protobuf from 1.36.9 to 1.36.10 * Error if go-licenses is not on the PATH * chore(deps): bump actions/checkout from 5 to 6 * Update licenses for crypto-0.45.0 bump * chore(deps): bump golang.org/x/crypto from 0.43.0 to 0.45.0 * Alphabetize Ubuntu section * Add Debian/Ubuntu to unofficial packages
Pavel Dostál2025-12-15 16:38:55 +00:00
7eb94865ea
Accepting request 1317943 from devel:tools:scm
Ana Guerrero2025-11-17 11:15:01 +00:00
8847d1f1ab
- Update to version 2.83.1: * chore(deps): bump golangci/golangci-lint-action from 8.0.0 to 9.0.0 * Check user and teams nil state instead of length * Update third-party licenses and dependencies * Ensure empty arrays for reviewers in PR API calls * Update .github/workflows/lint.yml * Annotate go-licenses install with version tag * Integrate license checks back into lint workflow
Pavel Dostál2025-11-14 22:01:43 +00:00
0501325c60
Accepting request 1317375 from devel:tools:scm
Ana Guerrero2025-11-12 20:16:43 +00:00
49a67743c0
- Bump go from 1.24 to 1.25 - Update to version 2.83.0: * chore(deps): bump github.com/cli/go-gh/v2 from 2.12.2 to 2.13.0 * Apply suggestions from code review * Add note on govulncheck source mode for Go 1.25 * docs(pkg/search): fix typo * docs(repo garden): improve func godoc * fix: ignore nilerr on intentionally swallowed error * fix: resolve nilerr issues * fix: resolve copyloopvar issues * fix: resolve gocritic issue * test(pkg/httpmock): ignore bodyclose on mock response value * refactor(repo garden): return pagination link instead of resp * fix: close resp body (bodyclose) * refactor: remove returned resp from api.EndpointNeedsScopes * refactor(pkg/search): remove passing resp for pagination * ci: enable basic linters * Update lint govulncheck to use source mode * chore: add workflow_dispatch to govulncheck triggers * Add example for --custom-agent usage * Update error messages in job creation tests * Update pkg/cmd/agent-task/capi/job.go * Add shorthand flag for custom-agent option * Fix: do not swallow job creation error * Clarify custom agent flag description * Add custom agent support to job creation * docs(release list): fix typo * docs(release list): reword comment * feat(release list): add isImmutable JSON field * fix(featuredetection): add ReleaseFeatures method
Pavel Dostál2025-11-12 15:13:57 +00:00
0d886d1548
Accepting request 1313357 from devel:tools:scm
Ana Guerrero2025-10-24 15:24:09 +00:00
a511264fa4
- Update to version 2.82.1: * Add test for non-interactive projects v1 unsupported * Inject Detector mock in edit command tests * Pass ProjectsV1Support to FetchOptions functions * chore(deps): bump github.com/gabriel-vasile/mimetype * Update .github/workflows/govulncheck.yml * chore(deps): bump github/codeql-action from 3 to 4 * chore(deps): Bump github.com/sigstore/sigstore-go from 1.1.0 to 1.1.3 * chore(deps): bump actions/attest-build-provenance from 2.4.0 to 3.0.0
Pavel Dostál2025-10-24 07:49:24 +00:00
41ebef1d5c
Accepting request 1311678 from devel:tools:scm
Ana Guerrero2025-10-16 15:39:28 +00:00
3cb40d50cb
- Update to version 2.82.0: * chore: run go mod tidy * refactor(auth refresh): use PlainHttpClient instead of zero http.Client * refactor(auth login): use PlainHttpClient for OAuth flow * refactor(authflow): receive HTTP client via args * fix(factory): add PlainHttpClient to factory * test(api): assert SkipDefaultHeaders is honoured * fix(api): expose SkipDefaultHeaders option * test(api): improve NewHTTPClient test assertions * Fix agentTaskCmd to use repoResolvingCmdFactory * Add new displaying message to test expectation * Fix --follow not killing the progress indicator * Apply suggestion from @babakks * Apply suggestion from @babakks * Fix argument order in httpStubs test functions * docs(cache delete): remove redundant comment * docs(cache delete): add godoc for deleteCacheByKey * Remove default empty slices in RemovePullRequestReviews * Fix typo in error message for required flags * Refactor reviewer partitioning in PR edit command * Escape repo owner and name in PR reviewer API paths * Remove unused ghIds function and githubv4 import * fix(cache): report correct deleted count for key and key+ref deletions * Refactor PR reviewer editing to use REST API and optimize team fetch
Martin Pluskal2025-10-16 11:24:42 +00:00
c9684f7e13
Accepting request 1308644 from devel:tools:scm
Ana Guerrero2025-10-02 17:22:37 +00:00
611d03423b
- Update to version 2.81.0: * test(auth status): correctly replace JSON-escaped paths * update the description * refactor: use strings.FieldsFuncSeq to reduce memory allocations * fix(pr checkout): add alias co * remove hidden value for release verify cmd * fix latest tag for relase verify asset * docs(auth status): explain --json will always exit with zero * fix(auth status): return JSON entries under hosts * fixup! examples * fix error missing in json output * examples * remove showToken from authEntry * address copilot comment on parameter order * add examples * simplify exporter usage * remove includeScope * do not mutate opts.ShowToken * move displayToken to String method * move flag validation to RunE * refactor without VisitAll * introduce AddJSONFlagsWithoutShorthand * fix show token when using json * fix exit code * mutually exclusive flags * flag duplicate check * add ExpectCommandToSupportJSONFields - Packaging improvements: * Update to BuildRequires: golang(API) >= 1.24 matching go.mod
Pavel Dostál2025-10-02 13:33:16 +00:00
f65c0bac51
Accepting request 1302930 from devel:tools:scm
Ana Guerrero2025-09-05 19:44:26 +00:00
76bed33eae
- Update to version 2.78.0: * Add --force flag to gh run cancel (#11513) * Update third-party license versions (#11557) * chore(deps): bump github.com/go-viper/mapstructure/v2 (#11556) * Merge pull request #11536 from cli/copilot/fix-11535 * chore(deps): bump github.com/cli/go-gh/v2 from 2.12.1 to 2.12.2 * Update pkg/cmd/release/verify/verify.go * Update pkg/cmd/release/verify-asset/verify_asset.go * Hidden trusted root flag for release verify * Update Go dependencies to latest versions * chore(deps): bump actions/checkout from 4 to 5 * udpate the test * replace /git/refs/tags/ to /git/ref/tags/ * Update feature_detection.go * Update PR tests for v2 projects * Base changes for PR project items * Update gh issue view to show v2 projects * PR feedback from @bagtoad * Update v1 project detection logic * Update govulncheck workflow to scan source code * add test for FetchRefSHA * Apply suggestion from @Copilot * Update docs/install_windows.md * Consolidate repo profile, fix headings * chore(deps): bump google.golang.org/grpc from 1.73.0 to 1.74.2 * chore(deps): bump github.com/yuin/goldmark from 1.7.12 to 1.7.13 * Update docs on contributing new install methods * markdown lint fixes * Formatting * Initial installation doc refactor
Pavel Dostál2025-09-05 11:37:45 +00:00
d73c26d6f5
- Update to version 2.76.2: * Refactor tab completion test * Test gh pr create --reviewer tab completion * Include org teams for PR reviewers * docs(ci): delete obsolete comment
Pavel Dostál2025-08-05 06:01:34 +00:00
5d72bb405c
- Update to version 2.76.1: * Updated third-party license compliance content * Add tests for reviewer team handling in PR creation * Refactor and improve RepoMetadata teams test * Refactor error assertion in Test_RepoMetadataTeams * FIX: conditionally fetching team reviewers * Add TeamReviewers flag to RepoMetadataInput * Update .github/workflows/scripts/spam-detection/generate-sys-prompt.sh * Use gh go templating for user prompt * Update eval script comments * Remove unnecessary file for heredoc * First pass to optimize and improve * Limit permissions of govulncheck workflow * Incorporate govulncheck into workflows * update ownership of pkg/cmd/release/shared/ * Run Lint and Tests on push to trunk branch * ci: echo spam detection result * ci: add models: read permission * ci: correct sed usage to remove Markdown front matter * docs: fix typo in script docs * ci: fix potentially confusing typo in system prompt * ci: use issue.html_url instead of issue.url * ci: remove unused env vars * ci: add spam issue detection workflow * ci: add spam issue detection scripts * chore(deps): bump github.com/sigstore/sigstore-go from 1.0.0 to 1.1.0 * chore(deps): bump advanced-security/filter-sarif from 1.0.0 to 1.0.1 * Improve api--preview docs * add tenancy aware for san matcher
Pavel Dostál2025-07-28 08:08:20 +00:00
fa9723543d
Accepting request 1291699 from devel:tools:scm
Ana Guerrero2025-07-10 20:13:58 +00:00
afd8b0dba3
- Update to version 2.75.0: * Quote Windows rsyso script global hook * test(search): verify URL returns quoted query * test(search): test pagination with multi-word quoted queries * fix(search): fix mutating query state fields * Add setup-go to bump-go * Update contribution design link * test(pr merge): always assert stderr * test(pr merge): verify deleteRemoteBranch behaviour when API returns error * fix(pr merge): ignore 404 as error when deleting remote branch * Ensure go mod tidy is run in bump-go * Inject token into bump-go workflow * Reformat gh run view help * docs(run view): explain restrictions of fallback API calls * test(run view): delete unused ZIP archive * refactor(run view): remove Log field from DTO types * test(run view): update tests * refactor(run view): use API as fallback to fetch job logs * test: add BinaryResponse helper function * Ensure bump go script has git user configured * Support --no-repos-selected on secret set * docs: consistently use apt in installation instructions * Consume dependabot minor versions for go modules * test: add test for ParseURL * Update microsoft dev-tunnels to v0.1.13 * Bump all dependencies except dev-tunnels * Fix inconsistent use of tabs and spaces * docs: explain PR URL parsing reason * test: improve test case to highlight host name override * test: remove references to AssignedActorsUsed field
Pavel Dostál2025-07-10 13:19:22 +00:00
f828900e59
Accepting request 1288344 from devel:tools:scm
Ana Guerrero2025-06-24 18:50:51 +00:00
77f102912d
- Update to version 2.74.2: * Update docs/install_linux.md * Fix step order for CodeQL workflow * docs: update install command for Debian * chore(deps): bump github.com/google/go-containerregistry * Use t.Chdir in tests * Bump to Go 1.24 * Merge pull request #11121 from cli/11101-use-golangci-lint-version-2 * Apply suggestion from @Copilot * Improve help wanted check skipping logic * Ensure gh executes in workflow check script * Fix repo checkout in help-wanted check * Fixes#11126 * Fix script path for help-wanted check * Quote filenames suggested at the end of worklow run * chore(deps): bump github.com/in-toto/attestation from 1.1.1 to 1.1.2 * Quote workflow conditional * Add workflow to check help wanted labelling (#11105) * chore(deps): bump actions/attest-build-provenance from 2.3.0 to 2.4.0 * Add accurate context when run rerun fails (#10774) * Avoid requesting PR reviewer twice * chore(deps): bump github.com/sigstore/protobuf-specs from 0.4.2 to 0.4.3 * chore(deps): bump mislav/bump-homebrew-formula-action from 3.2 to 3.4 * test(pr): Add tests for actor assignees * Fix test, remove partial standalone test * Iterate on pr edit problems with existing assignees * chore(deps): bump google.golang.org/grpc from 1.72.0 to 1.72.2 * Fix expected error output of TestRepo/repo-rename-transfer-ownership * Add instructions for MidnightBSD installation
Pavel Dostál2025-06-24 15:16:13 +00:00
31f46c0ad5
- Update to version 2.74.0: * Update go-gh to v2.12.1 * fixup release asset digest tests * remove nolint comment for release header * Update pkg/cmd/release/view/view.go * chore(deps): bump github.com/sigstore/protobuf-specs from 0.4.1 to 0.4.2 * chore(deps): bump github.com/yuin/goldmark from 1.7.8 to 1.7.12 * fix: gh gist edit panic when no file in a gist (#10627) * docs(pr list): mention --head does not support <owner>:<branch> syntax * add Digest to ReleaseAsset struct * doc(update): improve comments on updaterEnabled * Refactor build tag logic * replace deprecated func * replace deprecated type * update sigstore-go to v1 * feat(update): add updateable build tag for update notifications * Update README.md * test(run): add tests for RenderJobs and RenderJobsCompact * Add --compact flag to run watch (#10629) * test: improve test case naming * chore: run go mod tidy * test: ensure proper usage of pipes in docs * Revert "[gh config] Escape pipe symbol in Long desc for website manual" * doc(pr): format allowed values and defaults in help * Mention created PR's URL will be printed upon success * Add example usage of --head option * doc(preview): add long description * fix(prompter): print to iostreams stdout * fix(prompter): update prompter create for changes in trunk * fix(preview): remove needless newlines
Pavel Dostál2025-05-30 10:34:14 +00:00
f9faad4e94
Accepting request 1280087 from devel:tools:scm
Ana Guerrero2025-05-26 16:40:12 +00:00
2f18907955
- Fixing boo#1237669 - CVE-2025-27144 - Go JOSE's Parsing Vulnerable to Denial of Service - Do not skip the TestAccessiblePrompter tests - Update to version 2.73.0: * refactor(api): inline struct definitions in RepoAssignableActors * refactor(api): change CopilotActorLogin to constant * fix(editable): include DefaultLogins in EditableAssignees clone * doc(params): incorrect func name in comment * refactor(api): use constant for Copilot login * doc(issue/pr edit): clarify @copilot usage * doc(issue/pr edit): doc @copilot assignee * test(params): enhance Copilot replacer tests for edge cases * fix(params): remove needless err return * doc(editable): remove needless comment * test(editable): prompts use assignee display names * fix(pr edit): clarify error messages for assignee actors and users * doc(pr edit): condense comment for reviewer/user filtering * test(pr edit): fix typo in test name * refactor(pr edit): move httpclient initialization * feat(issue/pr edit): support @copilot in assignee flags * doc(pr edit): Add comments describing the use of DefaultLogins * fix(issues): fix non-interactive assignee matching to logins&IDs * fix(pr edit): remove merge conflict artifact, extra detector * feat(pr edit): fetch assignable actors * feat(pr edit): fetch assigned actors * fix(api): correct var name capitalization * refactor(api): remove needless parenthesis * fix(api): correct var name capitalization * refactor(api): remove needless parenthesis * doc(api): code comment typo * feat(editable): update assigned actors to use display names
Pavel Dostál2025-05-26 08:39:08 +00:00
8fac54cbd3
Accepting request 1274346 from devel:tools:scm
Ana Guerrero2025-05-05 20:27:37 +00:00
15f0fd0d36
- Update to version 2.72.0: * Introduce gh accessibility help topic highlighting GitHub CLI accessibility experiences * [gh pr view] Support closingIssuesReferences JSON field * Fix expected error output of TestRepo/repo-set-default * Ensure accessible password and auth token prompters disable echo mode * Fix: Accessible multiselect prompt respects default selections - Update to version 2.71.2: * Fix pr create when push.default tracking and no merge ref - Update to version 2.71.1: * Fix pr create when branch name contains slashes - Update to version 2.71.0: * gh pr create: Support Git's @{push} revision syntax for determining head ref * Introduce option to opt-out of spinners * Update configuration support for accessible colors * gh config: add config settings for accessible prompter and disabling spinner * Fix multi pages search for gh search * Fix: project commands use shared progress indicator * Issue commands should parse args early * Feature detect v1 projects on issue view and edit * Feature detect v1 projects on web and non web-mode issue create * Refactor Sigstore verifier logic * bump deps
Pavel Dostál2025-05-05 05:04:53 +00:00
5355d6b899
Accepting request 1269601 from devel:tools:scm
Ana Guerrero2025-04-15 14:48:18 +00:00
9a74ddcc64
- Update to version 2.70.0: * Explain job log resolution reason * Document UNKNOWN STEP in run view * Add $ anchor to log file regexps * Test normal job run log is preferred over legacy one * Prefer normal job run log file over legacy one * Explain when a negative number prefix appears * Improve explanation for missing step logs * Explain the UNKNWON STEP placeholder * Replace UNKNOWN with UNKNOWN STEP in job run log * Explain why step logs are preferred * test(prompter): fix invalid comment * test(prompter): fix race condition * Ensure markdown confirm prompt shows editor name * fix(prompter): remove needless default value assignment * test(prompter): doc how accessible prompter tests work * test(prompter): describe why echo is editorcmd * test(prompter): use *testing.T instead * Add missing gc.AssertExpectations calls * Add tests for IsPinned method * Simplify cosign verification example by not using a regex. * chore: go mod tidy * fix(prompter): pass io to huh and refactor tests * fix(prompter): update huh and fix tests * refactor(prompter): rename speechSynthesizerFriendlyPrompter to accessiblePrompter * doc(prompter env): accessible prompter includes braille reader * chore: go mod tidy * Merge pull request #10749 from malancas/update-to-sigstore-go-v0.7.1 * Update pkg/cmd/run/shared/presentation.go * Apply suggestions from code review
Pavel Dostál2025-04-15 11:36:31 +00:00
dcf530adb8
Accepting request 1255611 from devel:tools:scm
Ana Guerrero2025-03-25 21:10:28 +00:00
57361f0aa3
Accepting request 1255610 from home:pdostal:branches:devel:tools:scm
Pavel Dostál2025-03-24 12:22:03 +00:00
26de198da9
Accepting request 1252360 from devel:tools:scm
Ana Guerrero2025-03-12 14:24:37 +00:00
4b84eacf66
- Update to version 2.68.1: * Fix secret command panic when base repo from cwd * Fix(ci): base64 decode GPG passphrase * Update pkg/cmd/attestation/verification/attestation.go * Update pkg/cmd/attestation/verification/attestation.go * Fix acceptance test descriptions * Fix gh secret disambiguity test * Expand gh secret acceptance tests * Expand gh secret base repo tests * [gh secret] Check GH_REPO too in addition to --repo for disambiguation * Deep Dive Document Release Process (#10503) * Fix unhandled panic in FindWorkflow and add tests * Bump actions/attest-build-provenance from 2.2.0 to 2.2.2 * Fix checkout when URL arg is from fork and cwd is upstream * Update project help text; fix unlink usage * Inconsistent format of examples in help text * Inconsistent format of description of flags (starting with lowercase letter) (#10507) * Update Go version to 1.23 in CONTRIBUTING.md * Fix minor auth login help typo * Add docs; rename function name * Bump github.com/go-jose/go-jose/v4 from 4.0.2 to 4.0.5 * docs: OAuth doc link moves to newline * fix expected test output * undo regex changes * remove signer-ref option * chore: update go version in devcontainer * docs: warn about process revoking all tokens * docs: document how to revoke gh OAuth tokens * refactor: use a more straightforward return value * Test pr checkout force on different branch
Pavel Dostál2025-03-12 09:42:18 +00:00
eabaf78e21
Accepting request 1245269 from devel:tools:scm
Ana Guerrero2025-02-12 20:36:22 +00:00
15bac0ff89
- Update to version 2.67.0: * Exit with error if no matching predicate type exists * Fix logic error in contributing docs * Improve http error test cases * Handle non-TTY behavior * Do not try to parse bodies for HEAD requests * Update pkg/cmd/pr/status/status.go * Collapse related instructions * Remove redundant instructions * Update language * [gh pr status] Mention gh pr checks in the Long section * Update release doc content * Doc: Clarify guidelines for help wanted issues and prs * Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 * Update tests * [gh project item-edit] Fix number type * Address review comments * Address review comments * Revert breaking change * Revert "[gh repo edit] Allow setting commit message defaults" * Use HTML numeric code instead of escaping with slash * [gh config] Escape pipe symbol in Long desc for website manual * Ensure item iteration field is populated in tests * Drop accidental help text change * Error when gh repo rename is used with a new repo name that contains an owner * [gh repo edit] Allow setting commit title defaults * Rename staggler * Formatting * AuoLink -> Autolink * Use http constants
Pavel Dostál2025-02-12 09:11:36 +00:00
112cab8d79
Accepting request 1245039 from devel:tools:scm
Ana Guerrero2025-02-11 20:29:38 +00:00
d6fd663411
- Update to version 2.66.1: * Address PR comments * Remove unused ErrNoGitRepository error * Handle error from ParsePRRefs when the selector is provided * Add comment to status recognizing when we require a repo * Refactor finder to work with URL selectors * Add tests for using the pr Finder outside of repo * Update deployment.yml * update tests to account for logic flip * flip bundle fetching logic * Update formatting for autolink output * Rename PRRefs to PullRequestRefs and PR comment cleanup * Remove redundant error check * Keeping autolink IDs the same in all test cases * Expand test case * Remove unused test field * Remove unused test field * Use defer instead * Error case test for viewRun * Autolink view HTTP tests * Shorten description * Updates following renaming domain to shared * Partial testing for view * Initial, working implementation * Stop progress indicator on failure (gh run list --workflow) * Cleaned up some naming and comments * Minor refactoring autolink create help and logic * Bump github.com/in-toto/attestation from 1.1.0 to 1.1.1 * Cleanup comment * Fix pr create tests
Pavel Dostál2025-02-11 09:12:59 +00:00
e7ee2b9ca6
Accepting request 1238006 from devel:tools:scm
Ana Guerrero2025-01-15 16:44:58 +00:00
2fbfbc7b9d
- Update to version 2.65.0: * Bump cli/go-gh for indirect security vulnerability * Panic mustParseTrackingRef if format is incorrect * Move trackingRef into pr create package * Make tryDetermineTrackingRef tests more respective of reality * Rework tryDetermineTrackingRef tests * Avoid pointer return from determineTrackingBranch * Doc determineTrackingBranch * Don't use pointer for determineTrackingBranch branchConfig * Panic if tracking ref can't be reconstructed * Document and rework pr create tracking branch lookup * Upgrade generated workflows * Fixed test for stdout in non-tty use case of repo fork * Fix test * Alternative: remove LocalBranch from BranchConfig * Set LocalBranch even if the git config fails * Add test for permissions check for security and analysis edits (#1) * print repo url to stdout * Update pkg/cmd/auth/login/login.go * Move mention of classic token to correct line * Separate type decrarations * Add mention of classic token in gh auth login docs * Update pkg/cmd/repo/create/create.go * docs(repo): make explicit which branch is used when creating a repo * fix(repo fork): add non-TTY output when fork is newly created * Move api call to editRun * Complete get -> list renaming * Better error testing for autolink TestListRun * Decode instead of unmarshal * Use 'list' instead of 'get' for autolink list type and method
Pavel Dostál2025-01-15 09:14:09 +00:00
a1fff0a4d6
Accepting request 1228756 from devel:tools:scm
Ana Guerrero2024-12-08 10:37:01 +00:00
8e41ed9582
- Update to version 2.63.2: * include alg with digest when fetching bundles from OCI * Error for mutually exclusive json and watch flags * Use safepaths for run download * Use consistent slice ordering in run download tests * Consolidate logic for isolating artifacts * Fix PR checkout panic when base repo is not in remotes * When renaming an existing remote in gh repo fork, log the change * Improve DNF version clarity in install steps * Fix formatting in client_test.go comments for linter * Expand logic and tests to handle edge cases * Refactor download testing, simpler file descends * Bump github.com/gabriel-vasile/mimetype from 1.4.6 to 1.4.7 * Improve test names so there is no repetition * Second attempt to address exploit
Pavel Dostál2024-12-06 11:50:53 +00:00
bae63c1e16
Accepting request 1227707 from devel:tools:scm
Ana Guerrero2024-12-02 15:59:24 +00:00
8fb4358e90
- Update to version 2.63.0: * Bump cli/go-gh for codespace fix * Update git/client_test.go * Update git/client_test.go * Update git/client_test.go * Add checkout test that uses ssh git remote url * Rename backwards compatible credentials pattern * Fix CredentialPattern doc typos * Remove TODOs * Fix typos and add tests for CredentialPatternFrom* functions * Add SSH remote todo * General cleanup and docs * Allow repo sync fetch to use insecure credentials pattern * Allow client fetch to use insecure credentials pattern * Allow client push to use insecure credential pattern * Allow client pull to use insecure credential pattern * Allow opt-in to insecure pattern * Support secure credential pattern * Refactor error handling for missing "workflow" scope in createRelease * ScopesResponder wraps StatusScopesResponder * Refactor workflow scope checking * pr feedback * pr feedback * Update pkg/cmd/attestation/verify/attestation_integration_test.go * Apply suggestions from code review * Refactor command documentation to use heredoc * pr feedback * remove unused test file * undo change * add more testing testing fixtures
Pavel Dostál2024-12-02 09:59:53 +00:00
e4d6f4d1e0
Accepting request 1224831 from devel:tools:scm
Ana Guerrero2024-11-18 19:02:17 +00:00
cc08cb6958
Accepting request 1224508 from home:AndreasStieger:branches:devel:tools:scm
Pavel Dostál2024-11-18 11:05:26 +00:00
47ce56054d
Accepting request 1218675 from devel:tools:scm
Ana Guerrero2024-10-28 14:20:46 +00:00
bd9046020e
- Update to version 2.60.1: * Update testscript to use hard fork * Note token redaction in Acceptance test README * Refactor gpg-key delete to align with ssh-key delete * Add acceptance tests for org command * Adjust environment help for host and tokens (#9809) * Add SSH Key Acceptance test * Add Acceptance test for label command * Add acceptance test for gpg-key * Update go-internal to redact more token types in Acceptance tests * Address PR feedback * Clarify gh is available for GitHub Enterprise Cloud * Remove comment from gh auth logout * Add acceptance tests for auth-setup-git and formattedStringToEnv helper func * Use forked testscript for token redaction * Use new GitHub preview terms in working-with-us.md * Use new GitHub previews terminology in attestation * Test json flags for repo view and list * Clean up auth-login-logout acceptance test with native functionality * Add --token flag to gh auth login to accept a PAT as a flag * Setup acceptance testing for auth and tests for auth-token and auth-status * Update variable testscripts based on secret * Check extOwner for no value instead * Fix tests for invalid extension name * Refactor to remove code duplication * Linting: now that mockDataGenerator has an embedded mock, we ought to have pointer receivers in its funcs. * Minor tweaks, added backoff to getTrustDomain * added test for verifying we do 3 retries when fetching attestations. * Fix single quote not expanding vars * Added constant backoff retry to getAttestations.
Pavel Dostál2024-10-27 17:20:00 +00:00
d5e7ef02f0
- Update to version 2.58.0: * build(deps): bump github.com/theupdateframework/go-tuf/v2 * Include dnf5 commands * Add GPG key instructions to appropriate sections * Update docs language to remove possible confusion around 'where you log in' * Change conditional in promptForHostname to better reflect prompter changes * Shorten language on Authenticate with a GitHub host. * Update language on docstring for gh auth login * Change prompts for gh auth login to reflect change from GHE to Other * Sentence case 'Other' option in hostname prompt * build(deps): bump github.com/henvic/httpretty from 0.1.3 to 0.1.4 * Add documentation explaining how to use hostname for gh auth login * Replace "GitHub Enterprise Server" with "other" in gh auth login prompt * fix tenant-awareness for trusted-root command * Fix test * Update pkg/cmd/extension/manager.go * Update comment formatting * Use new HasActiveToken method in trustedroot.go * Add HasActiveToken method to AuthConfig interface * Add HasActiveToken to AuthConfig. * Improve error presentation * Improve the suggested command for creating an issue when an extension doesn't have a binary for your platform * Update pkg/cmd/attestation/trustedroot/trustedroot_test.go * build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.4 to 2.0.5 * enforce auth for tenancy * disable auth check for att trusted-root cmd * better error for att verify custom issuer mismatch * Enhance gh repo create docs, fix random cmd link
Dirk Mueller2024-10-03 18:20:20 +00:00
7e2d83f814
Accepting request 1201739 from devel:tools:scm
Ana Guerrero2024-09-18 13:27:49 +00:00
21cacc5f95
- Update to version 2.57.0: * Update go-gh to use api subdomains * Use api subdomains for commands using ghinstance package * Add test for extension install fallback to amd64 on darwin * Stub hasRosetta for tests * Refactor conditions * suppress att verify output when no tty * add att verify test for custom OIDC issuer * build(deps): bump github.com/sigstore/sigstore-go from 0.6.1 to 0.6.2 * Suggest installing Rosetta when extension installation fails due to missing darwin-arm64 binary, but a darwin-amd64 binary is available * This commit introduces tenancy aware attestation policy building. * use sigstore-go v0.6.2 * check specific err * check err in GetLocalAttestations * go mod tidy * check for sigstore-go validation errs * get latest sigstore-go commit * handle os.PathError in GetLocalAttestations * Move non-integration test to different test file * print verify err * check for os.PathError * dont print err content * update bundle file parsing err messages * Expand active test cases * Added --active flag to the gh auth status command
Martin Pluskal2024-09-18 08:46:29 +00:00
27dcf26fb1
Accepting request 1201497 from devel:tools:scm
Ana Guerrero2024-09-17 16:18:34 +00:00
df36a73598
- Update to version 2.56.0: * Check for nil values to prevent nil dereference panic * build(deps): bump actions/attest-build-provenance from 1.4.2 to 1.4.3 * Update linux install to point to GPG troubleshoot * Revert "Remove note explaining 2 year old GPG ID change" * Remove note explaining 2 year old GPG ID change * Rename ProtobufBundle to Bundle * Upgrade to sigstore-go v0.6.1 * gh attestation verify handles empty JSONL files (#9541) * verify 2nd artifact without swapping order (#9532) * chore: fix some function names * Improve the help message for -F (#9525) * build(deps): bump actions/attest-build-provenance from 1.4.1 to 1.4.2 (#9518) * "offline" verification using the bundle of attestations without any additional handling of the file (#9523) * Drop surplus trailing space char in flag names in web * Remove Internal from gh repo create prompt when owner is not an org (#9465) * Fix doc typo for repo sync * Quote repo names consistently in gh repo sync stdout (#9491) * fixed the test * update error message * rename flag to bundle-from-oci * fix the trimming of log filenames for gh run view * Check http scheme as well * Fix tests * Always print URL scheme to stdout * udpate the options * addded more test * minor fixed * minor fixed * added test
Pavel Dostál2024-09-10 07:12:34 +00:00
01099c2f03
Accepting request 1195030 from devel:tools:scm
Ana Guerrero2024-08-21 21:26:30 +00:00
8665ff0552
- Update the go build requirements to >= 1.23 - Update to version 2.55.0: * Add flox to linux installation instructions * Update pkg/cmd/issue/develop/develop.go * Update api/queries_branch_issue_reference.go * add testing * fix behavior for issue develop -b non-exist-branch * Describe bucket and state JSON fields in pr checks command * Fix pr checks exit code (#9452) * Add a note about external contributors to working-with-us.md * Update attestation TUF root * include required permissions to generate attestations * build(deps): bump github.com/creack/pty from 1.1.21 to 1.1.23 (#9459) * Do not generate build attestations for otherBinWorkflow.yml * Use latest checkout version, generate attestations, and specify go version file input. * Update gh search issues --project flag doc to specify owner/number syntax * Update gh search prs --project flag doc to specify owner/number syntax * build(deps): bump actions/attest-build-provenance from 1.4.0 to 1.4.1 * Minor grammatical fix * Add test cases for PGP, SSH and X.509 signatures * Explain why not looking for signature begin marker * Wrap flags with backticks, continued * Replace --project.* flags' name with title in docs (#9443) * Change to requiring bundle v0.2 * Fix tests * Require Sigstore Bundle v0.3 when verifying with gh attestation * Change gh repo set-default --view to print to stderr when no default exists (#9431) * Document that gh run download downloads the latest artifact by default * Deduplicate the initialization of editor mode * Update docs/triage.md * Add Acceptance Criteria requirement to triage.md for accepted issues
Pavel Dostál2024-08-21 08:01:44 +00:00
d223decb6f
Accepting request 1191498 from home:pdostal:branches:devel:tools:scm
Martin Pluskal2024-08-04 14:11:31 +00:00
f94a414b6b
Accepting request 1188575 from devel:tools:scm
Ana Guerrero2024-07-22 15:15:27 +00:00
93fc4784b0
- Fix bsc#1227035 - VUL-0: CVE-2024-6104 - Disable TestGetTrustedRoot/successfully_verifies_TUF_root test due to #8928 - Update to version 2.53.0: * Rename package directory and files * Rename package name to update_branch * Rename gh pr update to gh pr update-branch * Add test case for merge conflict error * Handle merge conflict error * Return error if PR is not mergeable * Replace literals with consts for Mergeable field values * Add separate type for PullRequest.Mergeable field * Remove unused flag * Print message on stdout instead of stderr * Raise error if editor is used in non-tty mode * Add tests for JSON field support on issue and pr view commands * docs: Update documentation for gh repo create to clarify owner * Ensure PR does not panic when stateReason is requested * build(deps): bump actions/attest-build-provenance from 1.3.2 to 1.3.3 * Enable to use --web even though editor is enabled by config * Add editor hint message * Use prefer_editor_prompt config by issue create * Add prefer_editor_prompt config * Add issue create --editor * Update create.go * gh attestation trusted-root subcommand (#9206) * Fetch variable selected repo relationship when required * Update .github/ISSUE_TEMPLATE/bug_report.md * build(deps): bump github.com/hashicorp/go-retryablehttp
Dirk Mueller2024-07-19 09:16:23 +00:00
7641a9f959
Accepting request 1187339 from devel:tools:scm
Ana Guerrero2024-07-15 17:48:12 +00:00
649c9fe4c6
Accepting request 1185933 from home:AndreasStieger:branches:devel:tools:scm
Pavel Dostál2024-07-08 13:42:09 +00:00
eaad428a56
Accepting request 1180974 from devel:tools:scm
Ana Guerrero2024-06-17 17:28:22 +00:00
02b1d9b146
Accepting request 1180949 from home:pdostal:branches:devel:tools:scm
Pavel Dostál2024-06-14 19:28:26 +00:00
6d94634c3a
Accepting request 1177695 from devel:tools:scm
Ana Guerrero2024-05-30 13:34:00 +00:00
80a8f8796d
Accepting request 1177689 from home:pdostal:branches:devel:tools:scm
Pavel Dostál2024-05-30 08:43:17 +00:00
9fdf7b54e7
Accepting request 1173884 from devel:tools:scm
Ana Guerrero2024-05-14 11:38:32 +00:00
598c08dfbb
Accepting request 1173784 from home:pdostal:branches:devel:tools:scm
Dirk Mueller2024-05-14 06:51:07 +00:00
ef724242fb
Accepting request 1173592 from devel:tools:scm
Ana Guerrero2024-05-13 15:58:16 +00:00
4bb16fdc83
Accepting request 1173062 from home:pdostal:branches:devel:tools:scm
Martin Pluskal2024-05-13 08:00:46 +00:00
67850a17ee
Accepting request 1172965 from home:AndreasStieger:branches:devel:tools:scm
Pavel Dostál2024-05-10 07:31:38 +00:00
Ana Guerrero
Pavel Dostál
Martin Pluskal
Dominique Leuenberger
Dirk Mueller