d56ac86
build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 (#1239)
dependabot[bot] created
Commit log
cea0650
build(deps): bump golang.org/x/text from 0.16.0 to 0.17.0 (#1237)
dependabot[bot] created
1bde5df
feat(ci): support a merge queue
Click to expand commit body
This change adds support for using the [Merge Queue][0] merge method. This still needs to be enforced at the repository level. [0]: https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/configuring-pull-request-merges/managing-a-merge-queue Change-Id: I4b464818c0cd82d1d56c4dd7f807f6cfc5dfa913
sudoforge created
f00e42e
DOC: it is "new" not "configure" command (also was missing \)
Yaroslav Halchenko created
4726ec4
build(deps): bump golang.org/x/sys from 0.22.0 to 0.23.0
Click to expand commit body
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.22.0 to 0.23.0. - [Commits](https://github.com/golang/sys/compare/v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
832dc02
build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.22.0
Click to expand commit body
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.21.0 to 0.22.0. - [Commits](https://github.com/golang/oauth2/compare/v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
15779d1
build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0
Click to expand commit body
Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.7.0 to 0.8.0. - [Commits](https://github.com/golang/sync/compare/v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
1dd8107
fix: correct path for reusable workflow: lifecycle
Click to expand commit body
Change-Id: I02c6e1f183e4b6ee67c0a4d0dcb7c5fbeff361ac
sudoforge created
66106f5
feat: merge go directive and toolchain specification
Click to expand commit body
Change-Id: Ic2ae23a886e9352b3b379f7e36c384a2d8956cea
sudoforge created
91fa676
feat: improved lifecycle management with stale-bot
Click to expand commit body
This change refactors the automatic lifecycle management workflow that uses the `stale-bot` action library, such that neither issues nor pull requests will be closed. An additional label of `lifecycle/rotten` has been added to indicate issues or pull requests which have been inactive for 180 days or more. Change-Id: Ia748552c91ada43b4a762879db469132131956f0
sudoforge created
d3cd818
Merge pull request #1210 from MichaelMure/dependabot/go_modules/github.com/vbauerster/mpb/v8-8.7.5
dependabot[bot] created
775e986
build(deps): bump github.com/vbauerster/mpb/v8 from 8.7.4 to 8.7.5
Click to expand commit body
Bumps [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb) from 8.7.4 to 8.7.5. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v8.7.4...v8.7.5) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
3297223
revert: "feat: increase operations per run for workflow: cron"
Click to expand commit body
This reverts commit c67d75faaa432889caa4deafc7e58d4099fac2cd.
sudoforge created
f507635
chore: update go dependencies
Click to expand commit body
This change is just a simple run of `go get -u` followed by `go mod tidy`. Change-Id: Icb0e31b811efaafa95ef400d961ca413e63a0da4
sudoforge created
5893f94
fix: run the presubmit pipeline for PRs
Click to expand commit body
commit 5eabe549e4f7fc98bbdf4e7b285cec00e5da4e99 refactored the workflows so that they were orchestrated with reusable workflows. an unintended side-effect of the rules that were created prevents the presubmit pipeline from executing for pull requests made against this repository. this change refactors this, so that the presubmit pipeline will _only_ run for pull requests against the default tree of this repository. we explicitly remove the `on: push` event for it, in order to avoid overlap that will occur for commits made in this repository that are also part of a PR. Change-Id: I56abc35c98cc40a06066952f2b6ed9194b1ab903
sudoforge created
d4f6f27
chore: remove refs to deprecated io/ioutil
Click to expand commit body
Signed-off-by: guoguangwu <guoguangwug@gmail.com> chore: remove refs to deprecated io/ioutil Signed-off-by: guoguangwu <guoguangwug@gmail.com>
guoguangwu created
1fa858d
fix: move codeql into an independent workflow
Click to expand commit body
This seems to be necessary in order to support the advanced configuration. Change-Id: Ia5303123b3dcc22f77cdde4d514b484f29c60ca6
sudoforge created
7918af6
feat: bump node versions to 16.x, 18.x, and 20.x
Click to expand commit body
Change-Id: Ic4809ab33cc9fd9e7e6e3e6eba1dd933e1ba585b
sudoforge created
5eabe54
feat: refactor pipelines into reusable workflows
Click to expand commit body
This change refactors the build, test, and benchmarking pipelines to a `presubmit` and `trunk` parent workflow which invokes other reusable workflows. This simplifies the deluge of pipelines that are executed, allowing for better orchestration and reduced noise on failures (only one email will be sent instead of several). Closes: michaelmure/git-bug#1198 Change-Id: I52407c39366bb9fbfd8fc1455a4f4a1d94f04897
sudoforge created
e4c74ef
build(deps): bump jsonwebtoken and @graphql-tools/prisma-loader
Click to expand commit body
Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [@graphql-tools/prisma-loader](https://github.com/ardatan/graphql-tools/tree/HEAD/packages/loaders/prisma). These dependencies need to be updated together. Removes `jsonwebtoken` Updates `@graphql-tools/prisma-loader` from 7.2.24 to 7.2.72 - [Release notes](https://github.com/ardatan/graphql-tools/releases) - [Changelog](https://github.com/ardatan/graphql-tools/blob/master/packages/loaders/prisma/CHANGELOG.md) - [Commits](https://github.com/ardatan/graphql-tools/commits/@graphql-tools/prisma-loader@7.2.72/packages/loaders/prisma) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-type: indirect - dependency-name: "@graphql-tools/prisma-loader" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
79c64ed
build(deps-dev): bump tough-cookie from 4.1.2 to 4.1.3 in /webui
Click to expand commit body
Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.1.2 to 4.1.3. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](https://github.com/salesforce/tough-cookie/compare/v4.1.2...v4.1.3) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
1700c8b
build(deps): bump github.com/xanzy/go-gitlab from 0.106.0 to 0.107.0
Click to expand commit body
Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.106.0 to 0.107.0. - [Changelog](https://github.com/xanzy/go-gitlab/blob/main/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.106.0...v0.107.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
968362e
build(deps): bump graphql from 16.6.0 to 16.8.1 in /webui
Click to expand commit body
Bumps [graphql](https://github.com/graphql/graphql-js) from 16.6.0 to 16.8.1. - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](https://github.com/graphql/graphql-js/compare/v16.6.0...v16.8.1) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
c3d7463
build(deps-dev): bump undici from 5.11.0 to 5.28.4 in /webui
Click to expand commit body
Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
3fab45f
build(deps): bump @babel/traverse from 7.19.3 to 7.24.8 in /webui
Click to expand commit body
Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.3 to 7.24.8. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.8/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
6664fcd
build(deps): bump github.com/99designs/gqlgen from 0.17.36 to 0.17.49
Click to expand commit body
Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.36 to 0.17.49. - [Release notes](https://github.com/99designs/gqlgen/releases) - [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md) - [Commits](https://github.com/99designs/gqlgen/compare/v0.17.36...v0.17.49) --- updated-dependencies: - dependency-name: github.com/99designs/gqlgen dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
9b9d95b
build(deps): bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0
Click to expand commit body
Bumps [github.com/dvsekhvalnov/jose2go](https://github.com/dvsekhvalnov/jose2go) from 1.5.0 to 1.6.0. - [Commits](https://github.com/dvsekhvalnov/jose2go/compare/v1.5...v1.6.0) --- updated-dependencies: - dependency-name: github.com/dvsekhvalnov/jose2go dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
bb4ea60
build(deps-dev): bump semver from 5.7.1 to 5.7.2 in /webui
Click to expand commit body
Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
8ffe01d
build(deps-dev): bump word-wrap from 1.2.3 to 1.2.5 in /webui
Click to expand commit body
Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
c8b0f87
build(deps-dev): bump express from 4.18.1 to 4.19.2 in /webui
Click to expand commit body
Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.1...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
f195975
build(deps-dev): bump ws from 7.5.9 to 7.5.10 in /webui
Click to expand commit body
Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.5.9...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
ddf34b8
build(deps): bump golang.org/x/vuln from 1.1.2 to 1.1.3
Click to expand commit body
Bumps [golang.org/x/vuln](https://github.com/golang/vuln) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/golang/vuln/releases) - [Commits](https://github.com/golang/vuln/compare/v1.1.2...v1.1.3) --- updated-dependencies: - dependency-name: golang.org/x/vuln dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
cec3673
build(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.12.0
Click to expand commit body
Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.1 to 5.12.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.8.1...v5.12.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
29b5113
build(deps-dev): bump undici from 5.11.0 to 5.26.3 in /webui
Click to expand commit body
Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.26.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.26.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
ebfad49
build(deps): bump github.com/vbauerster/mpb/v8 from 8.5.2 to 8.7.4
Click to expand commit body
Bumps [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb) from 8.5.2 to 8.7.4. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v8.5.2...v8.7.4) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
33d6ca7
build(deps): bump webpack from 5.74.0 to 5.76.1 in /webui
Click to expand commit body
Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.76.1. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.74.0...v5.76.1) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
355d91d
build(deps): bump github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0
Click to expand commit body
Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy) from 5.4.1 to 5.5.0. - [Release notes](https://github.com/go-git/go-billy/releases) - [Commits](https://github.com/go-git/go-billy/compare/v5.4.1...v5.5.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-billy/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
480fb4d
build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /webui
Click to expand commit body
Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.31 to 0.7.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](https://github.com/faisalman/ua-parser-js/compare/0.7.31...0.7.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
02d89bc
build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.15 to 2.5.16
Click to expand commit body
Bumps [github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser) from 2.5.15 to 2.5.16. - [Release notes](https://github.com/vektah/gqlparser/releases) - [Commits](https://github.com/vektah/gqlparser/compare/v2.5.15...v2.5.16) --- updated-dependencies: - dependency-name: github.com/vektah/gqlparser/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
a8b6e27
build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0
Click to expand commit body
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
4b00901
build(deps): bump json5 from 1.0.1 to 1.0.2 in /webui
Click to expand commit body
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
3bf251a
build(deps): bump loader-utils from 2.0.2 to 2.0.4 in /webui
Click to expand commit body
Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.4) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
8ff5505
build(deps): bump minimatch and recursive-readdir in /webui
Click to expand commit body
Bumps [minimatch](https://github.com/isaacs/minimatch) and [recursive-readdir](https://github.com/jergason/recursive-readdir). These dependencies needed to be updated together. Updates `minimatch` from 3.0.4 to 3.1.2 - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) Updates `recursive-readdir` from 2.2.2 to 2.2.3 - [Release notes](https://github.com/jergason/recursive-readdir/releases) - [Changelog](https://github.com/jergason/recursive-readdir/blob/master/CHANGELOG.md) - [Commits](https://github.com/jergason/recursive-readdir/commits/v2.2.3) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect - dependency-name: recursive-readdir dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot[bot] created
6c9aade
fix: add write for prs: stale/issue-and-pr
Click to expand commit body
This change adds write permissions for pull requests to the workflow that is used to mark issues and pull requests as stale.
sudoforge created
ea86d57
feat: allow for manual execution of workflow: cron
Click to expand commit body
This is a temporary change, that will be reverted later, simply to play catch-up with the backlog of items that are stale, but not marked as such.
sudoforge created
c67d75f
feat: increase operations per run for workflow: cron
Click to expand commit body
This change increases the number of operations that the workflow will perform from the default (30) to 1000, in order to allow for a large number of issues and pull requests to be processed.
sudoforge created
eef6279
fix: add missing `with` property to //.github/workflows:cron.yml
Click to expand commit body
Change-Id: I32844f07bc825dfd2c364e402e21262a6f9cb519
sudoforge created
00f5265
feat: add workflow for triaging stale issues and prs
Click to expand commit body
Change-Id: I0fc9571d476b55a15edcef3645a5fa5f751fb427
sudoforge created
be005f6
feat: add initial editorconfig configuration file
Click to expand commit body
Change-Id: Id08dfd59a4f2eb56f358d71c898ba9915400cf51
sudoforge created
4089b16
feat: add a common file for git-blame ignored revisions
Click to expand commit body
Change-Id: Ia28c12c211c67fccbfc2f6a6dc2be390d13a29c0
sudoforge created