Closed renovate[bot] closed 5 months ago
Pull request by bot. No need to analyze
Unable to locate .performanceTestingBot config file
Thanks for opening this Pull Request! We need you to:
Fill out the description.
Action: Edit description and replace <!- ... -->
with actual values.
Complete the activities.
Action: Complete If you want to rebase/retry this PR, check this box
If an activity is not applicable, use '\~activity description\~' to mark it not applicable.
Hi there! :wave: Thanks for opening a PR. :tada: To get the most out of Senior Dev, please uninstall the app from your organization, then re-install it into your organization. You can uninstall the app here :rocket:
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
This PR has 2
quantified lines of changes. In general, a change size of upto 200
lines is ideal for the best PR experience!
Was this comment helpful? :thumbsup: :ok_hand: :thumbsdown: (Email) Customize PullRequestQuantifier for this repository.
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
View changes in DiffLens
Aviator will automatically update this comment as the status of the PR changes. Comment
/aviator refresh
to force Aviator to re-examine your PR (or learn about other/aviator
commands).
This PR was merged manually (without Aviator). Merging manually can negatively impact the performance of the queue. Consider using Aviator next time.
View changes in DiffLens
This PR contains the following updates:
v1.5.0
->v1.9.0
Release Notes
slsa-framework/slsa-github-generator (slsa-framework/slsa-github-generator)
### [`v1.9.0`](https://togithub.com/slsa-framework/slsa-github-generator/blob/HEAD/CHANGELOG.md#v190) [Compare Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0) Release \[v1.9.0] includes bug fixes and new features. See the [full change list](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.8.0...v1.9.0). ##### v1.9.0: BYOB framework (beta) - **New**: A [new framework](https://togithub.com/slsa-framework/slsa-github-generator/blob/main/BYOB.md) to turn GitHub Actions into SLSA compliant builders. ##### v1.9.0: Maven builder (beta) - **New**: A [Maven builder](https://togithub.com/slsa-framework/slsa-github-generator/tree/main/internal/builders/maven) to build Java projects and publish to Maven central. ##### v1.9.0: Gradle builder (beta) - **New**: A [Gradle builder](https://togithub.com/slsa-framework/slsa-github-generator/tree/main/internal/builders/gradle) to build Java projects and publish to Maven central. ##### v1.9.0: JReleaser builder - **New**: A [JReleaser builder](https://togithub.com/jreleaser/release-action/tree/v1.0.0-java) that wraps the official [JReleaser Action](https://togithub.com/jreleaser/release-action/tree/v1.0.0-java). ### [`v1.8.0`](https://togithub.com/slsa-framework/slsa-github-generator/blob/HEAD/CHANGELOG.md#v180) [Compare Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0) Release \[v1.8.0] includes bug fixes and new features. See the [full change list](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0). ##### v1.8.0: Generic Generator - **Added**: A new [`base64-subjects-as-file`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.8.0/internal/builders/generic/README.md#workflow-inputs) was added to allow for specifying a large subject list. ##### v1.8.0: Node.js Builder (beta) - **Fixed**: Publishing for non-scoped packages was fixed (See [#2359](https://togithub.com/slsa-framework/slsa-github-generator/issues/2359)) - **Fixed**: Documentation was updated to clarify that the GitHub Actions `deployment` event is not supported. - **Changed**: The file extension for the generated provenance file was changed from `.sigstore` to `.build.slsa` in order to make it easier to identify provenance files regardless of file format. - **Fixed**: The publish action was fixed to address an issue with the package name when using Node 16. ### [`v1.7.0`](https://togithub.com/slsa-framework/slsa-github-generator/blob/HEAD/CHANGELOG.md#v170) [Compare Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.6.0...v1.7.0) This release includes the first beta release of the [Container-based builder](https://togithub.com/slsa-framework/slsa-github-generator/tree/v1.7.0/internal/builders/docker). The Container-based builder provides a GitHub Actions reusable workflow that can be used to invoke a container image with a user-specified command to generate an artifact and SLSA Build L3 compliant provenance. ##### v1.7.0: Go builder - **Added**: A new [go-version-file](https://togithub.com/slsa-framework/slsa-github-generator/blob/main/internal/builders/go/README.md#workflow-inputs) input was added. This allows you to specify a go.mod file in order to track which version of Go is used for your project. ### [`v1.6.0`](https://togithub.com/slsa-framework/slsa-github-generator/blob/HEAD/CHANGELOG.md#v160) [Compare Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.5.0...v1.6.0) This release includes the first beta release of the [Node.js builder](https://togithub.com/slsa-framework/slsa-github-generator/tree/v1.6.0/internal/builders/nodejs). The Node.js builder provides a GitHub Actions reusable workflow that can be called to build a Node.js package, generate SLSA Build L3 compliant provenance, and publish it to the npm registry along with the package. ##### Summary of changes ##### Go builder ##### New Features - A new [`prerelease`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.6.0/internal/builders/go/README.md#workflow-inputs) input was added to allow users to create releases marked as prerelease when `upload-assets` is set to `true`. - A new input [`draft-release`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.6.0/internal/builders/go/README.md#workflow-inputs) was added to allow users to create releases marked as draft when `upload-assets` is set to `true`. - A new output [`go-provenance-name`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.6.0/internal/builders/go/README.md#workflow-outputs) added which can be used to retrieve the name of the provenance file generated by the builder. ##### Generic generator ##### New Features - A new input [`draft-release`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.6.0/internal/builders/generic/README.md#workflow-inputs) was added to allow users to create releases marked as draft when `upload-assets` is set to `true`. ##### Container generator The Container Generator was updated to use `cosign` v2.0.0. No changes to the workflow's inputs or outputs were made. ##### Changelog since v1.5.0Configuration
š Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
š¦ Automerge: Disabled by config. Please merge this manually once you are satisfied.
ā» Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
š Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Mend Renovate. View repository job log here.