d4f6f27
chore: remove refs to deprecated io/ioutil
Signed-off-by: guoguangwu <guoguangwug@gmail.com> chore: remove refs to deprecated io/ioutil Signed-off-by: guoguangwu <guoguangwug@gmail.com>
guoguangwu created
1fa858d
fix: move codeql into an independent workflow
This seems to be necessary in order to support the advanced configuration. Change-Id: Ia5303123b3dcc22f77cdde4d514b484f29c60ca6
sudoforge created
7918af6
feat: bump node versions to 16.x, 18.x, and 20.x
Change-Id: Ic4809ab33cc9fd9e7e6e3e6eba1dd933e1ba585b
sudoforge created
5eabe54
feat: refactor pipelines into reusable workflows
This change refactors the build, test, and benchmarking pipelines to a `presubmit` and `trunk` parent workflow which invokes other reusable workflows. This simplifies the deluge of pipelines that are executed, allowing for better orchestration and reduced noise on failures (only one email will be sent instead of several). Closes: michaelmure/git-bug#1198 Change-Id: I52407c39366bb9fbfd8fc1455a4f4a1d94f04897
sudoforge created
e4c74ef
build(deps): bump jsonwebtoken and @graphql-tools/prisma-loader
Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [@graphql-tools/prisma-loader](https://github.com/ardatan/graphql-tools/tree/HEAD/packages/loaders/prisma). These dependencies need to be updated together. Removes `jsonwebtoken` Updates `@graphql-tools/prisma-loader` from 7.2.24 to 7.2.72 - [Release notes](https://github.com/ardatan/graphql-tools/releases) - [Changelog](https://github.com/ardatan/graphql-tools/blob/master/packages/loaders/prisma/CHANGELOG.md) - [Commits](https://github.com/ardatan/graphql-tools/commits/@graphql-tools/prisma-loader@7.2.72/packages/loaders/prisma) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-type: indirect - dependency-name: "@graphql-tools/prisma-loader" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
79c64ed
build(deps-dev): bump tough-cookie from 4.1.2 to 4.1.3 in /webui
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.1.2 to 4.1.3. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](https://github.com/salesforce/tough-cookie/compare/v4.1.2...v4.1.3) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
1700c8b
build(deps): bump github.com/xanzy/go-gitlab from 0.106.0 to 0.107.0
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.106.0 to 0.107.0. - [Changelog](https://github.com/xanzy/go-gitlab/blob/main/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.106.0...v0.107.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
968362e
build(deps): bump graphql from 16.6.0 to 16.8.1 in /webui
Bumps [graphql](https://github.com/graphql/graphql-js) from 16.6.0 to 16.8.1. - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](https://github.com/graphql/graphql-js/compare/v16.6.0...v16.8.1) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
c3d7463
build(deps-dev): bump undici from 5.11.0 to 5.28.4 in /webui
Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
3fab45f
build(deps): bump @babel/traverse from 7.19.3 to 7.24.8 in /webui
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.3 to 7.24.8. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.8/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
6664fcd
build(deps): bump github.com/99designs/gqlgen from 0.17.36 to 0.17.49
Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.36 to 0.17.49. - [Release notes](https://github.com/99designs/gqlgen/releases) - [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md) - [Commits](https://github.com/99designs/gqlgen/compare/v0.17.36...v0.17.49) --- updated-dependencies: - dependency-name: github.com/99designs/gqlgen dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
9b9d95b
build(deps): bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0
Bumps [github.com/dvsekhvalnov/jose2go](https://github.com/dvsekhvalnov/jose2go) from 1.5.0 to 1.6.0. - [Commits](https://github.com/dvsekhvalnov/jose2go/compare/v1.5...v1.6.0) --- updated-dependencies: - dependency-name: github.com/dvsekhvalnov/jose2go dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
bb4ea60
build(deps-dev): bump semver from 5.7.1 to 5.7.2 in /webui
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
8ffe01d
build(deps-dev): bump word-wrap from 1.2.3 to 1.2.5 in /webui
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
c8b0f87
build(deps-dev): bump express from 4.18.1 to 4.19.2 in /webui
Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.1...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
f195975
build(deps-dev): bump ws from 7.5.9 to 7.5.10 in /webui
Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.5.9...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
ddf34b8
build(deps): bump golang.org/x/vuln from 1.1.2 to 1.1.3
Bumps [golang.org/x/vuln](https://github.com/golang/vuln) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/golang/vuln/releases) - [Commits](https://github.com/golang/vuln/compare/v1.1.2...v1.1.3) --- updated-dependencies: - dependency-name: golang.org/x/vuln dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
cec3673
build(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.12.0
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.1 to 5.12.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.8.1...v5.12.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
29b5113
build(deps-dev): bump undici from 5.11.0 to 5.26.3 in /webui
Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.26.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.26.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
ebfad49
build(deps): bump github.com/vbauerster/mpb/v8 from 8.5.2 to 8.7.4
Bumps [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb) from 8.5.2 to 8.7.4. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v8.5.2...v8.7.4) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
33d6ca7
build(deps): bump webpack from 5.74.0 to 5.76.1 in /webui
Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.76.1. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.74.0...v5.76.1) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
355d91d
build(deps): bump github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0
Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy) from 5.4.1 to 5.5.0. - [Release notes](https://github.com/go-git/go-billy/releases) - [Commits](https://github.com/go-git/go-billy/compare/v5.4.1...v5.5.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-billy/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
480fb4d
build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /webui
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.31 to 0.7.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](https://github.com/faisalman/ua-parser-js/compare/0.7.31...0.7.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
02d89bc
build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.15 to 2.5.16
Bumps [github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser) from 2.5.15 to 2.5.16. - [Release notes](https://github.com/vektah/gqlparser/releases) - [Commits](https://github.com/vektah/gqlparser/compare/v2.5.15...v2.5.16) --- updated-dependencies: - dependency-name: github.com/vektah/gqlparser/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
a8b6e27
build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
4b00901
build(deps): bump json5 from 1.0.1 to 1.0.2 in /webui
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
3bf251a
build(deps): bump loader-utils from 2.0.2 to 2.0.4 in /webui
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.4) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
8ff5505
build(deps): bump minimatch and recursive-readdir in /webui
Bumps [minimatch](https://github.com/isaacs/minimatch) and [recursive-readdir](https://github.com/jergason/recursive-readdir). These dependencies needed to be updated together. Updates `minimatch` from 3.0.4 to 3.1.2 - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) Updates `recursive-readdir` from 2.2.2 to 2.2.3 - [Release notes](https://github.com/jergason/recursive-readdir/releases) - [Changelog](https://github.com/jergason/recursive-readdir/blob/master/CHANGELOG.md) - [Commits](https://github.com/jergason/recursive-readdir/commits/v2.2.3) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect - dependency-name: recursive-readdir dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
6c9aade
fix: add write for prs: stale/issue-and-pr
This change adds write permissions for pull requests to the workflow that is used to mark issues and pull requests as stale.
sudoforge created
ea86d57
feat: allow for manual execution of workflow: cron
This is a temporary change, that will be reverted later, simply to play catch-up with the backlog of items that are stale, but not marked as such.
sudoforge created
c67d75f
feat: increase operations per run for workflow: cron
This change increases the number of operations that the workflow will perform from the default (30) to 1000, in order to allow for a large number of issues and pull requests to be processed.
sudoforge created
eef6279
fix: add missing `with` property to //.github/workflows:cron.yml
Change-Id: I32844f07bc825dfd2c364e402e21262a6f9cb519
sudoforge created
00f5265
feat: add workflow for triaging stale issues and prs
Change-Id: I0fc9571d476b55a15edcef3645a5fa5f751fb427
sudoforge created
be005f6
feat: add initial editorconfig configuration file
Change-Id: Id08dfd59a4f2eb56f358d71c898ba9915400cf51
sudoforge created
4089b16
feat: add a common file for git-blame ignored revisions
Change-Id: Ia28c12c211c67fccbfc2f6a6dc2be390d13a29c0
sudoforge created
825eece
feat: add a commit message template
Change-Id: Iea66080cc9f7f49bbaac42ca0eb51de5dfc4bcdc
sudoforge created
bf75303
feat: add initial nix development shell
This change bootstraps the configuration of a development shell via nix. Change-Id: Ic171e7599b50bb29ecc07d9c4534bcbc117f2299
sudoforge created
eda0d67
feat: update action library versions
Change-Id: I957c6de57b3a9151e6d9ce8caba87f4e2c714846
sudoforge created
a4b8858
feat: add concurrency limits to all pipelines
This change restricts the number of active pipeline executions for a given tree to one, so that new pushes to a tree that trigger a pipeline will cancel older (but still running) pipelines. Change-Id: I1deda682d39cadbce97f8df4ca7c3110a96b4549
sudoforge created
f79ea38
fix: bump to go v1.22.5
The GHA build pipeline is failing with an error:
package crypto/ecdh is not in GOROOT (/opt/hostedtoolcache/go/1.19.4/x64/src/crypto/ecdh)
crypto/ecdh was added in Go 1.21 [0]. This change updates the matrix of
Go versions that the pipelines use to the latest, in order to resolve this
error.
[0]: https://tip.golang.org/doc/go1.21
sudoforge created
76de669
fix: correct typo: acceps => accepts
sudoforge created
8b6439e
build(deps): bump github.com/fatih/color from 1.16.0 to 1.17.0 (#1183)
Bumps [github.com/fatih/color](https://github.com/fatih/color) from 1.16.0 to 1.17.0. - [Release notes](https://github.com/fatih/color/releases) - [Commits](https://github.com/fatih/color/compare/v1.16.0...v1.17.0) --- updated-dependencies: - dependency-name: github.com/fatih/color dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
049e149
build(deps): bump github.com/gorilla/mux from 1.8.0 to 1.8.1 (#1181)
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.8.0 to 1.8.1. - [Release notes](https://github.com/gorilla/mux/releases) - [Commits](https://github.com/gorilla/mux/compare/v1.8.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/gorilla/mux dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
b5786c6
build(deps): bump github.com/spf13/cobra from 1.7.0 to 1.8.1 (#1179)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.7.0 to 1.8.1. - [Release notes](https://github.com/spf13/cobra/releases) - [Commits](https://github.com/spf13/cobra/compare/v1.7.0...v1.8.1) --- updated-dependencies: - dependency-name: github.com/spf13/cobra dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
568032e
build(deps): bump golang.org/x/vuln from 1.0.0 to 1.1.2 (#1171)
Bumps [golang.org/x/vuln](https://github.com/golang/vuln) from 1.0.0 to 1.1.2. - [Release notes](https://github.com/golang/vuln/releases) - [Commits](https://github.com/golang/vuln/compare/v1.0.0...v1.1.2) --- updated-dependencies: - dependency-name: golang.org/x/vuln dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
350b344
build(deps): bump golang.org/x/crypto from 0.21.0 to 0.25.0 (#1175)
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.21.0 to 0.25.0. - [Commits](https://github.com/golang/crypto/compare/v0.21.0...v0.25.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
9a1babe
build(deps): bump github.com/hashicorp/golang-lru/v2 from 2.0.5 to 2.0.7 (#1113)
Bumps [github.com/hashicorp/golang-lru/v2](https://github.com/hashicorp/golang-lru) from 2.0.5 to 2.0.7. - [Release notes](https://github.com/hashicorp/golang-lru/releases) - [Commits](https://github.com/hashicorp/golang-lru/compare/v2.0.5...v2.0.7) --- updated-dependencies: - dependency-name: github.com/hashicorp/golang-lru/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
fdceb72
build(deps): bump golang.org/x/text from 0.14.0 to 0.16.0 (#1173)
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.14.0 to 0.16.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.14.0...v0.16.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
82b2459
build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.8 to 2.5.15 (#1164)
Bumps [github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser) from 2.5.8 to 2.5.15. - [Release notes](https://github.com/vektah/gqlparser/releases) - [Commits](https://github.com/vektah/gqlparser/compare/v2.5.8...v2.5.15) --- updated-dependencies: - dependency-name: github.com/vektah/gqlparser/v2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created
9ebeba5
build(deps): bump github.com/hashicorp/go-retryablehttp (#1162)
Bumps [github.com/hashicorp/go-retryablehttp](https://github.com/hashicorp/go-retryablehttp) from 0.7.2 to 0.7.7. - [Changelog](https://github.com/hashicorp/go-retryablehttp/blob/main/CHANGELOG.md) - [Commits](https://github.com/hashicorp/go-retryablehttp/compare/v0.7.2...v0.7.7) --- updated-dependencies: - dependency-name: github.com/hashicorp/go-retryablehttp dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
dependabot[bot] and dependabot[bot] created