Ondřej Benkovský
257ca65a17
GO linting bump and removal of deprecated linters ( #5624 )
...
* bump golangci-lint with support of go 1.19
Signed-off-by: Ondřej Benkovský <ondrej.benkovsky@jamf.com >
* remove deprecated usage of varcheck, deadcode, and structcheck
Signed-off-by: Ondřej Benkovský <ondrej.benkovsky@jamf.com >
Signed-off-by: Ondřej Benkovský <ondrej.benkovsky@jamf.com >
2022-09-19 05:53:43 -07:00
Chris O'Haver
7beb76c045
Revert "build(deps): bump ossf/scorecard-action from 1.1.2 to 2.0.2 ( #5613 )" ( #5621 )
...
This reverts commit 78fffd3b44
2022-09-15 10:05:03 -04:00
dependabot[bot]
78fffd3b44
build(deps): bump ossf/scorecard-action from 1.1.2 to 2.0.2 ( #5613 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.2 to 2.0.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](ce330fde6b...68bf5b3327support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-09-12 10:05:26 -04:00
dependabot[bot]
b4d320cd79
build(deps): bump github/codeql-action from 2.1.21 to 2.1.22 ( #5596 )
2022-09-05 11:36:25 -07:00
dependabot[bot]
8366344529
build(deps): bump actions/setup-go from 3.2.1 to 3.3.0 ( #5591 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.1 to 3.3.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](84cbf80943...268d8c0ca0support@github.com >
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-29 08:01:40 -07:00
dependabot[bot]
d80d10c1c0
build(deps): bump github/codeql-action from 2.1.20 to 2.1.21 ( #5590 )
2022-08-29 06:44:39 -07:00
dependabot[bot]
0dd211a971
build(deps): bump actions/dependency-review-action from 2.0.4 to 2.1.0 ( #5582 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-22 16:06:26 +02:00
dependabot[bot]
b38f0c7fbd
build(deps): bump github/codeql-action from 2.1.18 to 2.1.20 ( #5581 )
...
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-22 16:06:07 +02:00
Yong Tang
c7fe4a0c4d
Bump golang to 1.19 ( #5564 )
...
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
Fix golang lint
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
2022-08-10 09:26:44 -07:00
Yong Tang
086b7d6083
Update to go mod tidy with 1.17+ ( #5563 )
...
* Update to go mod tidy with 1.17+
While running go mod tidy the following issue encountered:
```
go: downloading github.com/stretchr/objx v0.4.0
github.com/coredns/coredns/plugin/trace imports
gopkg.in/DataDog/dd-trace-go.v1/ddtrace/tracer imports
github.com/DataDog/datadog-go/v5/statsd tested by
github.com/DataDog/datadog-go/v5/statsd.test imports
github.com/stretchr/testify/mock imports
github.com/stretchr/objx loaded from github.com/stretchr/objx@v0.2.0,
but go 1.16 would select v0.4.0
To upgrade to the versions selected by go 1.16:
go mod tidy -go=1.16 && go mod tidy -go=1.17
If reproducibility with go 1.16 is not needed:
go mod tidy -compat=1.17
For other options, see:
https://golang.org/doc/modules/pruning
```
This PR cleans up to get rid of the issues above.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
* Update to use `go mod tidy -compat=1.17`, also changed to invoked daily
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
2022-08-09 23:24:52 +03:00
dependabot[bot]
72a6249b65
build(deps): bump github/codeql-action from 2.1.17 to 2.1.18 ( #5562 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.17 to 2.1.18.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](0c670bbf04...2ca79b6fa8support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-08 07:44:08 -07:00
dependabot[bot]
b420a6aa4a
build(deps): bump actions/stale from 5.1.0 to 5.1.1 ( #5553 )
...
Bumps [actions/stale](https://github.com/actions/stale ) from 5.1.0 to 5.1.1.
- [Release notes](https://github.com/actions/stale/releases )
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md )
- [Commits](532554b8a8...9c1b1c6e11support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-01 07:24:22 -07:00
dependabot[bot]
7e579a1d54
build(deps): bump github/codeql-action from 2.1.16 to 2.1.17 ( #5554 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.16 to 2.1.17.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](3e7e3b32d0...0c670bbf04support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-08-01 07:24:10 -07:00
dependabot[bot]
c0287e5ce2
build(deps): bump github/codeql-action from 2.1.15 to 2.1.16 ( #5521 )
2022-07-18 06:33:52 -07:00
dependabot[bot]
3b163237b3
build(deps): bump actions/setup-go from 3 to 3.2.1 ( #5522 )
2022-07-18 06:33:45 -07:00
dependabot[bot]
b7d9189abe
build(deps): bump actions/dependency-review-action from 2.0.2 to 2.0.4 ( #5523 )
2022-07-18 06:33:37 -07:00
dependabot[bot]
20892adfe0
build(deps): bump actions/stale from 5.0.0 to 5.1.0 ( #5520 )
2022-07-18 06:32:49 -07:00
Ondřej Benkovský
c2dbb7141a
add golangci-lint linter ( #5499 )
2022-07-10 11:06:33 -07:00
dependabot[bot]
caed456189
build(deps): bump github/codeql-action from 2.1.14 to 2.1.15 ( #5487 )
2022-07-04 08:29:22 -07:00
dependabot[bot]
88aae894ef
build(deps): bump ossf/scorecard-action from 1.1.1 to 1.1.2 ( #5488 )
2022-07-04 08:28:12 -07:00
dependabot[bot]
64885950cc
build(deps): bump github/codeql-action from 2.1.12 to 2.1.14 ( #5470 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.12 to 2.1.14.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](27ea8f8fe5...41a4ada31bsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-27 07:07:49 -07:00
dependabot[bot]
f08feea60a
build(deps): bump actions/dependency-review-action from 1.0.2 to 2.0.2 ( #5449 )
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1.0.2 to 2.0.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](a9c83d3af6...1c59cdf2a9support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-20 07:05:24 -07:00
dependabot[bot]
e24b42afdb
build(deps): bump github/codeql-action from 2.1.11 to 2.1.12 ( #5430 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.11 to 2.1.12.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](a3a6c128d7...27ea8f8fe5support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 09:31:46 -04:00
dependabot[bot]
50900bac9c
build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 ( #5429 )
...
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action ) from 1.1.0 to 1.1.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases )
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md )
- [Commits](5c8bc69dc8...3e15ea8318support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-06-06 09:30:43 -04:00
dependabot[bot]
d9ccb04e9d
build(deps): bump actions/setup-go from 3.1.0 to 3.2.0 ( #5420 )
2022-05-30 07:30:06 -07:00
dependabot[bot]
13e4a0ccc6
build(deps): bump ossf/scorecard-action from 1.0.4 to 1.1.0 ( #5421 )
2022-05-30 07:29:58 -07:00
dependabot[bot]
0a75e7ca05
build(deps): bump actions/dependency-review-action from 1.0.1 to 1.0.2 ( #5419 )
2022-05-30 07:29:49 -07:00
dependabot[bot]
3a02f268b7
build(deps): bump actions/dependency-review-action from 1.0.0 to 1.0.1 ( #5396 )
2022-05-23 15:31:30 +02:00
dependabot[bot]
f2b7003d57
build(deps): bump github/codeql-action from 2.1.10 to 2.1.11 ( #5395 )
2022-05-23 15:31:22 +02:00
dependabot[bot]
90d4a39c71
build(deps): bump actions/upload-artifact from 3.0.0 to 3.1.0 ( #5397 )
2022-05-23 15:30:59 +02:00
Naveen
c1d6386a2d
chore(deps): Included dependency review ( #5378 )
...
> Dependency Review GitHub Action in your repository to enforce dependency
> reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version
> changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com >
2022-05-16 09:52:26 -07:00
dependabot[bot]
8200bed5b7
build(deps): bump github/codeql-action from 2.1.9 to 2.1.10 ( #5385 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.9 to 2.1.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](7502d6e991...2f58583a1bsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 09:37:52 -04:00
dependabot[bot]
368b276f41
build(deps): bump actions/setup-go from 3.0.0 to 3.1.0 ( #5384 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8...fcdc43634asupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-16 09:37:30 -04:00
dependabot[bot]
900167881d
build(deps): bump github/codeql-action from 2.1.8 to 2.1.9 ( #5360 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.1.8 to 2.1.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1ed1437484...7502d6e991support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-05-02 07:29:18 -07:00
dependabot[bot]
93addfc70b
build(deps): bump reviewdog/action-suggester from 1.5.2 to 1.6 ( #5339 )
...
Bumps [reviewdog/action-suggester](https://github.com/reviewdog/action-suggester ) from 1.5.2 to 1.6.
- [Release notes](https://github.com/reviewdog/action-suggester/releases )
- [Commits](ecf27b2b88...8f83d27e74support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 07:42:03 -07:00
dependabot[bot]
b4e0620bde
build(deps): bump codecov/codecov-action from 3.0.0 to 3.1.0 ( #5338 )
...
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases )
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md )
- [Commits](e3c560433a...81cd2dc814support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 07:41:52 -07:00
dependabot[bot]
107ad75c02
build(deps): bump actions/checkout from 3.0.1 to 3.0.2 ( #5340 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](dcd71f6466...2541b1294dsupport@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-25 07:41:40 -07:00
dependabot[bot]
11f5bc2e64
build(deps): bump actions/checkout from 3.0.0 to 3.0.1 ( #5324 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3.0.0 to 3.0.1.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](a12a3943b4...dcd71f6466support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-18 06:36:06 -07:00
Chris O'Haver
068af64b19
inactive PRs awaiting info from author for > 30 days should go stale ( #5319 )
...
Signed-off-by: Chris O'Haver <cohaver@infoblox.com >
2022-04-13 13:03:27 -04:00
dependabot[bot]
83021637b3
build(deps): bump github/codeql-action from 2.1.6 to 2.1.8 ( #5316 )
2022-04-11 06:34:10 -07:00
dependabot[bot]
05f0262e4d
build(deps): bump codecov/codecov-action from 2.1.0 to 3 ( #5315 )
2022-04-11 06:33:52 -07:00
dependabot[bot]
5b87abb6f0
build(deps): bump github/codeql-action from 1.1.5 to 2.1.6 ( #5303 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.5 to 2.1.6.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](8834766498...28eead2408support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-05 08:48:08 -04:00
dependabot[bot]
24643ca94c
build(deps): bump github/codeql-action from 1.1.4 to 1.1.5 ( #5280 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.4 to 1.1.5.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f5d822707e...8834766498support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-21 06:40:14 -07:00
Yong Tang
d89f899dc4
Bump golang version to 1.18 ( #5270 )
2022-03-18 03:37:51 -07:00
Yong Tang
571efd9cb3
Fix yaml lint warning introduced by cifuzz ( #5261 )
...
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
2022-03-16 12:27:30 -04:00
dependabot[bot]
4da9439e3a
build(deps): bump github/codeql-action from 1.1.3 to 1.1.4 ( #5259 )
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 1.1.3 to 1.1.4.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v1.1.3...f5d822707ee6e8fb81b04a5c0040b736da22e587 )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 07:59:57 -07:00
dependabot[bot]
e8d01e122c
build(deps): bump reviewdog/action-suggester from 1.5.0 to 1.5.2 ( #5258 )
...
Bumps [reviewdog/action-suggester](https://github.com/reviewdog/action-suggester ) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/reviewdog/action-suggester/releases )
- [Commits](650721aae7...ecf27b2b88support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-14 07:59:46 -07:00
nathannaveen
78f12b4815
Enabling cifuzz ( #5221 )
...
Enabling cifuzz.
Signed-off-by: nathannaveen <42319948+nathannaveen@users.noreply.github.com >
2022-03-11 11:36:29 -08:00
dependabot[bot]
267ce8a820
build(deps): bump actions/checkout from 2.4.0 to 3 ( #5238 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.4.0 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](ec3a7ce113...a12a3943b4support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-07 07:05:33 -08:00
Yong Tang
4b864a97d1
Removed decoupled version comments in github actions ( #5240 )
...
The dependenabot is correctly updating the version of
the github actions with commit hash. However,
the version comments that was placed initially
is not updated. As such the version has been decoupled.
For example, the checkout action
ec3a7ce113134d7a93b817d10a8272cb61118579
is actually on v3.0 yet the comment is still on v2.4.0.
This PR removes the decoupled version comments to avoid
confusion.
Signed-off-by: Yong Tang <yong.tang.github@outlook.com >
2022-03-07 06:49:39 -08:00
