search

micronaut-projects / micronaut-rxjava3

Integration between Micronaut and RxJava 3
Apache License 2.0
5 stars 3 forks source link

chore(deps): update slsa-framework/slsa-github-generator action to v1.2.1 #225

Closed renovate[bot] closed 2 years ago

renovate[bot] commented 2 years ago

Mend Renovate

This PR contains the following updates:

Package Type Update Change
slsa-framework/slsa-github-generator action patch v1.2.0 -> v1.2.1

Release Notes

slsa-framework/slsa-github-generator ### [`v1.2.1`](https://togithub.com/slsa-framework/slsa-github-generator/releases/tag/v1.2.1) [Compare Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.2.0...v1.2.1) ### What's Changed This release fixes an error that occurs on the "Generate Builder" step for various workflows. FAILED: SLSA verification failed: could not find a matching valid signature entry See [#​942](https://togithub.com/slsa-framework/slsa-github-generator/issues/942) #### Generic generator ##### buildType This release changes the [`buildType`](https://slsa.dev/provenance/v0.2#buildType) used in provenance created by the generic generator. The previous value was: "buildType": "https://github.com/slsa-framework/slsa-github-generator@v1", The new value is: "buildType": "https://github.com/slsa-framework/slsa-github-generator/generic@v1", See [#​627](https://togithub.com/slsa-framework/slsa-github-generator/issues/627) ##### Provenance file names Previously the default file name for provenance was `attestation.intoto.jsonl`. This has been updated to be in line with [intoto attestation file naming conventions](https://togithub.com/in-toto/attestation/blob/main/spec/bundle.md#file-naming-convention). The file name now defaults to `.intoto.jsonl` if there is a single artifact, or `multiple.intoto.jsonl` if there are multiple artifacts. See [#​654](https://togithub.com/slsa-framework/slsa-github-generator/issues/654) ##### Explicit opt-in for private repos Private repository support was enhanced to required the `private-repository` input field as the repository name will be made public in the public Rekor transparency log. Please add the following to your workflows if you opt into allowing repository names to be recorded in the public Rekor transparency log. ```yaml with: private-repository: true ``` See [#​823](https://togithub.com/slsa-framework/slsa-github-generator/issues/823) #### Go builder ##### Support private repos Support for private repositories was fixed. If using a private repository you must specify the `private-repository` input field as the repository name will be made public in the public Rekor transparency log. Please add the following to your workflows if you opt into allowing repository names to be recorded in the public Rekor transparency log. ```yaml with: private-repository: true ``` See [#​823](https://togithub.com/slsa-framework/slsa-github-generator/issues/823) ### New Contributors - [@​sethmlarson](https://togithub.com/sethmlarson) made their first contribution in [https://github.com/slsa-framework/slsa-github-generator/pull/758](https://togithub.com/slsa-framework/slsa-github-generator/pull/758) - [@​yunginnanet](https://togithub.com/yunginnanet) made their first contribution in [https://github.com/slsa-framework/slsa-github-generator/pull/776](https://togithub.com/slsa-framework/slsa-github-generator/pull/776) - [@​diogoteles08](https://togithub.com/diogoteles08) made their first contribution in [https://github.com/slsa-framework/slsa-github-generator/pull/957](https://togithub.com/slsa-framework/slsa-github-generator/pull/957) ### Full Changelog - doc: release doc typos by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/589](https://togithub.com/slsa-framework/slsa-github-generator/pull/589) - Haskell provenance by [@​mihaimaruseac](https://togithub.com/mihaimaruseac) in [https://github.com/slsa-framework/slsa-github-generator/pull/595](https://togithub.com/slsa-framework/slsa-github-generator/pull/595) - fix: Remove `build:id` in generic examples by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/596](https://togithub.com/slsa-framework/slsa-github-generator/pull/596) - Add provenance for Haskell by [@​mihaimaruseac](https://togithub.com/mihaimaruseac) in [https://github.com/slsa-framework/slsa-github-generator/pull/608](https://togithub.com/slsa-framework/slsa-github-generator/pull/608) - feat: Share util functions by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/598](https://togithub.com/slsa-framework/slsa-github-generator/pull/598) - Add digest input to container docs by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/591](https://togithub.com/slsa-framework/slsa-github-generator/pull/591) - Fix linter pre-submit by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/333](https://togithub.com/slsa-framework/slsa-github-generator/pull/333) - Add doc for attestation-name by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/618](https://togithub.com/slsa-framework/slsa-github-generator/pull/618) - Update golang.org/x/oauth2 digest to [`128564f`](https://togithub.com/slsa-framework/slsa-github-generator/commit/128564f) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/620](https://togithub.com/slsa-framework/slsa-github-generator/pull/620) - Add links to milestones as a roadmap by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/612](https://togithub.com/slsa-framework/slsa-github-generator/pull/612) - Update typos and formatting in RELEASE.md by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/518](https://togithub.com/slsa-framework/slsa-github-generator/pull/518) - Remove legacy env vars by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/616](https://togithub.com/slsa-framework/slsa-github-generator/pull/616) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/621](https://togithub.com/slsa-framework/slsa-github-generator/pull/621) - Move computesha256 to typescript by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/slsa-framework/slsa-github-generator/pull/546](https://togithub.com/slsa-framework/slsa-github-generator/pull/546) - Update tags for renovatebot by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/622](https://togithub.com/slsa-framework/slsa-github-generator/pull/622) - Update module github.com/sigstore/cosign to v1.10.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/623](https://togithub.com/slsa-framework/slsa-github-generator/pull/623) - Fix support for --signature="" by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/615](https://togithub.com/slsa-framework/slsa-github-generator/pull/615) - Update buildType of generic generator by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/628](https://togithub.com/slsa-framework/slsa-github-generator/pull/628) - Use a temp dir for cwd in tests by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/633](https://togithub.com/slsa-framework/slsa-github-generator/pull/633) - Update availability information of builders by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/635](https://togithub.com/slsa-framework/slsa-github-generator/pull/635) - Update generic README.md for availability by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/636](https://togithub.com/slsa-framework/slsa-github-generator/pull/636) - Update module github.com/slsa-framework/slsa-github-generator to v1.2.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/624](https://togithub.com/slsa-framework/slsa-github-generator/pull/624) - Update module github.com/coreos/go-oidc to v3 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/485](https://togithub.com/slsa-framework/slsa-github-generator/pull/485) - Update golang digest to [`9349ed8`](https://togithub.com/slsa-framework/slsa-github-generator/commit/9349ed8) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/557](https://togithub.com/slsa-framework/slsa-github-generator/pull/557) - Request for membership by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/slsa-framework/slsa-github-generator/pull/428](https://togithub.com/slsa-framework/slsa-github-generator/pull/428) - Fix builder dir in container workflow by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/640](https://togithub.com/slsa-framework/slsa-github-generator/pull/640) - Included typescript-eslint by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/slsa-framework/slsa-github-generator/pull/639](https://togithub.com/slsa-framework/slsa-github-generator/pull/639) - feat: Group NodeJs update by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/653](https://togithub.com/slsa-framework/slsa-github-generator/pull/653) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/648](https://togithub.com/slsa-framework/slsa-github-generator/pull/648) - Update module github.com/sigstore/rekor to v0.10.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/650](https://togithub.com/slsa-framework/slsa-github-generator/pull/650) - Update module github.com/coreos/go-oidc to v2.2.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/649](https://togithub.com/slsa-framework/slsa-github-generator/pull/649) - Update dependency prettier to v2.7.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/647](https://togithub.com/slsa-framework/slsa-github-generator/pull/647) - Update module github.com/sigstore/sigstore to v1.3.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/643](https://togithub.com/slsa-framework/slsa-github-generator/pull/643) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/689](https://togithub.com/slsa-framework/slsa-github-generator/pull/689) - chore: update verifier to v1.3.0 by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/718](https://togithub.com/slsa-framework/slsa-github-generator/pull/718) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/711](https://togithub.com/slsa-framework/slsa-github-generator/pull/711) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/723](https://togithub.com/slsa-framework/slsa-github-generator/pull/723) - Update dependency [@​types/node](https://togithub.com/types/node) to v16.11.53 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/645](https://togithub.com/slsa-framework/slsa-github-generator/pull/645) - Update module github.com/sigstore/rekor to v0.11.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/724](https://togithub.com/slsa-framework/slsa-github-generator/pull/724) - contents: write is required for the generic builder by [@​sethmlarson](https://togithub.com/sethmlarson) in [https://github.com/slsa-framework/slsa-github-generator/pull/758](https://togithub.com/slsa-framework/slsa-github-generator/pull/758) - docs: fix valid path to dir by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/717](https://togithub.com/slsa-framework/slsa-github-generator/pull/717) - bug: fix address for fulcio by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/760](https://togithub.com/slsa-framework/slsa-github-generator/pull/760) - Fix permissions in generic workflow doc by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/761](https://togithub.com/slsa-framework/slsa-github-generator/pull/761) - fix: type in OIDC word by [@​developer-guy](https://togithub.com/developer-guy) in [https://github.com/slsa-framework/slsa-github-generator/pull/774](https://togithub.com/slsa-framework/slsa-github-generator/pull/774) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/765](https://togithub.com/slsa-framework/slsa-github-generator/pull/765) - Update README.md by [@​yunginnanet](https://togithub.com/yunginnanet) in [https://github.com/slsa-framework/slsa-github-generator/pull/776](https://togithub.com/slsa-framework/slsa-github-generator/pull/776) - Temporarily disable Run test. by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/772](https://togithub.com/slsa-framework/slsa-github-generator/pull/772) - Fix log message for tlog upload by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/773](https://togithub.com/slsa-framework/slsa-github-generator/pull/773) - Rename attestation-name by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/777](https://togithub.com/slsa-framework/slsa-github-generator/pull/777) - Update dependency [@​actions/core](https://togithub.com/actions/core) to v1.9.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/644](https://togithub.com/slsa-framework/slsa-github-generator/pull/644) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/785](https://togithub.com/slsa-framework/slsa-github-generator/pull/785) - Update dependency [@​vercel/ncc](https://togithub.com/vercel/ncc) to v0.34.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/646](https://togithub.com/slsa-framework/slsa-github-generator/pull/646) - feat: harden checkout by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/795](https://togithub.com/slsa-framework/slsa-github-generator/pull/795) - Updated scorecard v2 by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/slsa-framework/slsa-github-generator/pull/791](https://togithub.com/slsa-framework/slsa-github-generator/pull/791) - feat: pin verify action by hash by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/796](https://togithub.com/slsa-framework/slsa-github-generator/pull/796) - Refactor Makefiles by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/792](https://togithub.com/slsa-framework/slsa-github-generator/pull/792) - Add pre-submit to verify base images by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/592](https://togithub.com/slsa-framework/slsa-github-generator/pull/592) - Runner API by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/632](https://togithub.com/slsa-framework/slsa-github-generator/pull/632) - Update pwd code in unit-test by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/826](https://togithub.com/slsa-framework/slsa-github-generator/pull/826) - Remove PWD from provenance env by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/825](https://togithub.com/slsa-framework/slsa-github-generator/pull/825) - Update module github.com/sigstore/sigstore to v1.4.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/766](https://togithub.com/slsa-framework/slsa-github-generator/pull/766) - Update module github.com/sigstore/cosign to v1.11.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/690](https://togithub.com/slsa-framework/slsa-github-generator/pull/690) - Update dependency eslint to v8.23.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/691](https://togithub.com/slsa-framework/slsa-github-generator/pull/691) - Update gcr.io/distroless/static Docker digest to [`f4787e8`](https://togithub.com/slsa-framework/slsa-github-generator/commit/f4787e8) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/838](https://togithub.com/slsa-framework/slsa-github-generator/pull/838) - Update github-actions by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/839](https://togithub.com/slsa-framework/slsa-github-generator/pull/839) - Update golang.org/x/oauth2 digest to [`f213421`](https://togithub.com/slsa-framework/slsa-github-generator/commit/f213421) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/841](https://togithub.com/slsa-framework/slsa-github-generator/pull/841) - Update dependency [@​types/node](https://togithub.com/types/node) to v16.11.58 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/842](https://togithub.com/slsa-framework/slsa-github-generator/pull/842) - Update module github.com/google/go-cmp to v0.5.9 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/843](https://togithub.com/slsa-framework/slsa-github-generator/pull/843) - Update typescript-eslint monorepo to v5.36.2 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/693](https://togithub.com/slsa-framework/slsa-github-generator/pull/693) - Add privacy-check action by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/836](https://togithub.com/slsa-framework/slsa-github-generator/pull/836) - Add call to privacy check to workflows by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/850](https://togithub.com/slsa-framework/slsa-github-generator/pull/850) - Remove contents:read from privacy-check by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/855](https://togithub.com/slsa-framework/slsa-github-generator/pull/855) - \[docs] Verifying provenance with kyverno by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/853](https://togithub.com/slsa-framework/slsa-github-generator/pull/853) - Updated README.md to include Scorecard badge by [@​naveensrinivasan](https://togithub.com/naveensrinivasan) in [https://github.com/slsa-framework/slsa-github-generator/pull/870](https://togithub.com/slsa-framework/slsa-github-generator/pull/870) - Update typescript-eslint monorepo to v5.37.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/869](https://togithub.com/slsa-framework/slsa-github-generator/pull/869) - Update dependency [@​types/node](https://togithub.com/types/node) to v16.11.59 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/862](https://togithub.com/slsa-framework/slsa-github-generator/pull/862) - Pin dependencies by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/861](https://togithub.com/slsa-framework/slsa-github-generator/pull/861) - Update dependency eslint to v8.23.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/866](https://togithub.com/slsa-framework/slsa-github-generator/pull/866) - Check result of dist and checkout pre-submits by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/887](https://togithub.com/slsa-framework/slsa-github-generator/pull/887) - Update dependency typescript to v4.8.3 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/867](https://togithub.com/slsa-framework/slsa-github-generator/pull/867) - Add example of using cosign and cue policy by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/902](https://togithub.com/slsa-framework/slsa-github-generator/pull/902) - Add OpenSSF best practices badge by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/891](https://togithub.com/slsa-framework/slsa-github-generator/pull/891) - feat: add log when verify-checkout fails by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/905](https://togithub.com/slsa-framework/slsa-github-generator/pull/905) - feat: Add npm builder workflow by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/881](https://togithub.com/slsa-framework/slsa-github-generator/pull/881) - Log the GitHub context by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/913](https://togithub.com/slsa-framework/slsa-github-generator/pull/913) - fix: verify-checkout uses wrong sha to validate for pull_requests by [@​laurentsimon](https://togithub.com/laurentsimon) in [https://github.com/slsa-framework/slsa-github-generator/pull/941](https://togithub.com/slsa-framework/slsa-github-generator/pull/941) - update verifier version in actions by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/945](https://togithub.com/slsa-framework/slsa-github-generator/pull/945) - Update READMEs to clarify that SLSA generators and builders must be referred by tag by [@​diogoteles08](https://togithub.com/diogoteles08) in [https://github.com/slsa-framework/slsa-github-generator/pull/957](https://togithub.com/slsa-framework/slsa-github-generator/pull/957) - Update module github.com/sigstore/rekor to v0.12.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/844](https://togithub.com/slsa-framework/slsa-github-generator/pull/844) - chore(deps): update dependency [@​types/node](https://togithub.com/types/node) to v16.11.64 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/906](https://togithub.com/slsa-framework/slsa-github-generator/pull/906) - fix(deps): update module github.com/sigstore/sigstore to v1.4.2 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/865](https://togithub.com/slsa-framework/slsa-github-generator/pull/865) - fix(deps): update dependency [@​actions/github](https://togithub.com/actions/github) to v5.1.1 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/907](https://togithub.com/slsa-framework/slsa-github-generator/pull/907) - chore(deps): update dependency eslint to v8.24.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/908](https://togithub.com/slsa-framework/slsa-github-generator/pull/908) - chore(deps): update typescript-eslint monorepo to v5.39.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/910](https://togithub.com/slsa-framework/slsa-github-generator/pull/910) - chore(deps): update gcr.io/distroless/static docker digest to [`7292458`](https://togithub.com/slsa-framework/slsa-github-generator/commit/7292458) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/972](https://togithub.com/slsa-framework/slsa-github-generator/pull/972) - fix(deps): update golang.org/x/oauth2 digest to [`b44042a`](https://togithub.com/slsa-framework/slsa-github-generator/commit/b44042a) by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/973](https://togithub.com/slsa-framework/slsa-github-generator/pull/973) - chore(deps): update dependency typescript to v4.8.4 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/979](https://togithub.com/slsa-framework/slsa-github-generator/pull/979) - fix(deps): update module github.com/sigstore/rekor to v0.12.2 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/980](https://togithub.com/slsa-framework/slsa-github-generator/pull/980) - fix(deps): update module github.com/sigstore/sigstore to v1.4.4 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/982](https://togithub.com/slsa-framework/slsa-github-generator/pull/982) - chore(deps): update dependency eslint to v8.25.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/983](https://togithub.com/slsa-framework/slsa-github-generator/pull/983) - fix(deps): update dependency [@​actions/core](https://togithub.com/actions/core) to v1.10.0 by [@​renovate-bot](https://togithub.com/renovate-bot) in [https://github.com/slsa-framework/slsa-github-generator/pull/986](https://togithub.com/slsa-framework/slsa-github-generator/pull/986) - Add secure-checkout action by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/971](https://togithub.com/slsa-framework/slsa-github-generator/pull/971) - Fix input default values by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/991](https://togithub.com/slsa-framework/slsa-github-generator/pull/991) - Update checkout-(go|node) to use secure-checkout by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/992](https://togithub.com/slsa-framework/slsa-github-generator/pull/992) - Fix secure-checkout bugs by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/994](https://togithub.com/slsa-framework/slsa-github-generator/pull/994) - Update secure-checkout by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/995](https://togithub.com/slsa-framework/slsa-github-generator/pull/995) - Update ref for checkout-go by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/993](https://togithub.com/slsa-framework/slsa-github-generator/pull/993) - Remove exclude checkout-go|node from presubmit by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/997](https://togithub.com/slsa-framework/slsa-github-generator/pull/997) - Support ref in secure-checkout by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/1005](https://togithub.com/slsa-framework/slsa-github-generator/pull/1005) - Use ref for secure-checkout by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/1006](https://togithub.com/slsa-framework/slsa-github-generator/pull/1006) - Restore default inputs for checkout-go by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/1007](https://togithub.com/slsa-framework/slsa-github-generator/pull/1007) - fix: fix ref from detect-env in pull_request by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1010](https://togithub.com/slsa-framework/slsa-github-generator/pull/1010) - update refs to generate-builder by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1009](https://togithub.com/slsa-framework/slsa-github-generator/pull/1009) - Fix token use in secure-checkout by [@​ianlewis](https://togithub.com/ianlewis) in [https://github.com/slsa-framework/slsa-github-generator/pull/1011](https://togithub.com/slsa-framework/slsa-github-generator/pull/1011) - fix: use updated ref for secure-checkout by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1046](https://togithub.com/slsa-framework/slsa-github-generator/pull/1046) - fix: update refs for checkout-go by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1048](https://togithub.com/slsa-framework/slsa-github-generator/pull/1048) - fix: update refs for checkout-go by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1049](https://togithub.com/slsa-framework/slsa-github-generator/pull/1049) - update refs for generate-builder by [@​asraa](https://togithub.com/asraa) in [https://github.com/slsa-framework/slsa-github-generator/pull/1050](https://togithub.com/slsa-framework/slsa-github-generator/pull/1050)

Configuration

📅 Schedule: Branch creation - "every weekend" in timezone Europe/Prague, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

This PR has been generated by Mend Renovate. View repository job log here.

sonarcloud[bot] commented 2 years ago

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information