v0.0.10
What's Changed
- build(deps): bump github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible in /tools by @dependabot in #1328
- build(deps): bump github.com/docker/docker from 24.0.0+incompatible to 24.0.7+incompatible by @dependabot in #1327
- Use stacklokbot for commit author at homebrew-tap by @rdimitrov in #1330
- Add watermill event histogram by @jhrozek in #1329
- Read the Pi hostname from config instead of rule_type by @jhrozek in #1313
- remove unused Vulncheck protobuf message contents by @jhrozek in #1331
- Remove Go ecosystem config from the Pi rule-type by @jhrozek in #1332
- Update CONTRIBUTING.md by @dussab in #1334
- Update SECURITY.md by @dussab in #1335
- Delete .github/ISSUE_TEMPLATE/epic.md by @dussab in #1336
- Update user_story.md by @dussab in #1337
- Update README.md by @dussab in #1338
- Update CONTRIBUTING.md by @dussab in #1339
- Rename mediator.proto to minder.proto, implement bridge by @evankanderson in #1340
- Great client-side rename by @evankanderson in #1341
- build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.15 to 2.0.16 by @dependabot in #1345
- build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 by @dependabot in #1346
- cli: Remove
mediatorv1from rule type commands by @JAORMX in #1342 - Add a bunch of skeleton docs by @evankanderson in #1344
- chore: Move rego eval to use minder instead of mediator by @JAORMX in #1343
- fix: helpers: use viper instance instead of global by @JAORMX in #1348
- fix: config: Fix usage of global viper instance by @JAORMX in #1349
- chore: Add
-raceflag to test invocation by @JAORMX in #1347 - Rename keycloak clients to minder by @eleftherias in #1350
- Adjust Pi evaluator reply structure to the API response by @jhrozek in #1353
- Fix vulncheck's repo cache to be concurrency-friendly by @JAORMX in #1351
- Rename the package_intelligence evaluator to trusty evaluator by @jhrozek in #1354
- Add support for publishing minder to winget (Windows) by @rdimitrov in #1333
- Add
read_onlyflag to docker-compose by @JAORMX in #1355 - Close publisher and subsriber when closing eventer by @JAORMX in #1359
- Update CODE_OF_CONDUCT.md by @dussab in #1361
- Update README.md by @dussab in #1363
- build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.21 to 1.3.0 by @dependabot in #1365
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.19.1 to 1.20.0 by @dependabot in #1364
- build(deps-dev): bump @docusaurus/module-type-aliases from 2.4.3 to 3.0.0 in /docs by @dependabot in #1366
- Setup go before building with ko and update go.mod by @rdimitrov in #1362
- Restructure minder CLI docs by @eleftherias in #1367
- Fix Stacklok logo in staging by @eleftherias in #1358
- Print debug message if a particular project has private repos enabled by @JAORMX in #1368
- Add
setup-gostep to helm chart publish job by @JAORMX in #1369 - Add more debugging when registering private repos by @jhrozek in #1372
- Rename
mediatortominderin service health check by @JAORMX in #1375 - Stop logging health checks again by @JAORMX in #1376
- Fix credentials path to use minder by @eleftherias in #1377
- Update contact mail for published packages by @rdimitrov in #1379
- Implement whoami command for minder by @rdimitrov in #1378
- Auto-generated cli documentation update - 2023-11-01 15:20:14 by @github-actions in #1380
- Double the client timeout by @jhrozek in #1382
- Use the context in rule_type create for each rule_type by @jhrozek in #1384
- Implement repo delete for minder by @rdimitrov in #1371
- Auto-generated cli documentation update - 2023-11-01 16:17:00 by @github-actions in #1386
- rule_type list had confused -oyaml and -ojson by @jhrozek in #1385
- Show which server minder is connecting to by @rdimitrov in #1387
- Add how-to for enabling PR reviews by @eleftherias in #1388
- Add tutorial for registering repos and profiles by @eleftherias in #1381
- Update index.md by @dussab in #1390
- Update category.yml by @dussab in #1392
- Update index.md by @dussab in #1395
- Expose several errors in handlers_repositories to the user by @jhrozek in #1394
- Allow ServiceAccounts to be passed in to the chart by @evankanderson in #1396
- build(deps): bump golang from
24a0937to5206873by @dependabot in #1397 - build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.3.0 to 1.3.1 by @dependabot in #1398
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.20.0 to 1.21.0 by @dependabot in #1399
- Point to Trusty instance via an environment variable by @jhrozek in #1401
- Add metrics for outbound API calls by @jhrozek in #1360
- Rename mediator to minder in engine/actions by @rdimitrov in #1400
- Add a tutorial on automatic remediations by @jhrozek in #1391
- Show minder server on new user register table by @rdimitrov in #1402
- Skip 404 when listing handlers; add several log messages by @jhrozek in #1403
- Return nicer erorr messages if a token or a profile already exist by @jhrozek in #1406
- Don't report fatal error if there are no tokens for the provider during token revocation by @jhrozek in #1407
- The migrate container is now called minder_migrate_1 by @jhrozek in #1410
- Remove old token key secrets since we're using Keycloak by @evankanderson in #1411
- Update docs with minder logo by @dussab in #1412
- Add docs for profiles by @rdimitrov in #1405
- Add docs for alerts by @rdimitrov in #1404
- Add a document describing how to enroll an org by @jhrozek in #1408
- Extend the PR vuln check docs with commit status by @jhrozek in #1409
- Fixes to the OSV rule_type and profile by @jhrozek in #1416
- Implement a LICENSE rule type by @rdimitrov in #1419
- Add a reference about the pr_vulnerability_check type by @jhrozek in #1418
- build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.21.0 to 1.22.0 by @dependabot in #1421
- build(deps): bump golang from
5206873tob113af1by @dependabot in #1420 - Run minder in a read-only filesystem by @JAORMX in #1422
- Only append the status code label in http telemetry if we get a reply by @jhrozek in #1426
- Fix newline in auth login by @JAORMX in #1427
- Don't fail provider enroll if browser wasn't opened by @JAORMX in #1425
- change register repository calls to use one call per repo by @JAORMX in #1429
- Skip non JSON or YAML files when doing rule type create by @JAORMX in #1430
- Add how-to create a profile by @eleftherias in #1431
- Add user details about auth delete by @rdimitrov in #1432
- Make HPA settings configurable by @JAORMX in #1433
- Retry processing alert if it previously failed by @rdimitrov in #1435
- Add provider definition to docs by @eleftherias in #1434
- Shortcut the vulncheck evaluator if there are no dependencies in the PR by @jhrozek in #1437
- Shortcut trusty evaluator if no dependencies are detected by @jhrozek in #1439
- Change repo registration logic to handle one repo by @JAORMX in #1440
- Add rule type validation on updates by @JAORMX in #1389
- Create roadmap.md by @eryn-muetzel in #1415
- Create faq.md by @eryn-muetzel in #1414
- Add --all flag for rule_type delete command by @rdimitrov in #1393
- Auto-generated cli documentation update - 2023-11-03 18:56:38 by @github-actions in #1443
- Set ID in rule type update response by @JAORMX in #1442
- Add
updateandapplycommands for rule types by @JAORMX in #1441 - Auto-generated cli documentation update - 2023-11-03 19:12:00 by @github-actions in #1444
Full Changelog: v0.0.9...v0.0.10
Contributors
JAORMX, jhrozek, and 6 other contributors