v0.0.74

What's Changed

• Update oapi-codegen to v2.4.1 by @alexandear in #4947
• build(deps): bump github.com/charmbracelet/bubbletea from 1.2.1 to 1.2.2 by @dependabot in #4957
• build(deps): bump github.com/zitadel/oidc/v3 from 3.32.1 to 3.33.0 by @dependabot in #4955
• build(deps): bump github/codeql-action from 3.27.1 to 3.27.3 by @dependabot in #4954
• cli: Print rule types as applyable YAML by @JAORMX in #4936
• Print YAML with 2 spaces for indentation by @JAORMX in #4958
• build(deps): bump github.com/styrainc/regal from 0.28.0 to 0.29.0 by @dependabot in #4956
• Allow creating/applying ruletypes from standard input by @JAORMX in #4959
• build(deps): bump github.com/bufbuild/buf from 1.46.0 to 1.47.0 in /tools by @dependabot in #4967
• build(deps): bump github.com/zitadel/oidc/v3 from 3.33.0 to 3.33.1 by @dependabot in #4968
• cli: Print profiles as applyable YAML by @JAORMX in #4960
• Validate JQ query during ruletype creation/update by @eleftherias in #4966
• Add tests for rego validation in ruletypes by @eleftherias in #4969
• build(deps): bump github/codeql-action from 3.27.3 to 3.27.4 by @dependabot in #4978
• build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2 by @dependabot in #4977
• build(deps): bump github.com/bufbuild/buf from 1.47.0 to 1.47.2 in /tools by @dependabot in #4971
• Add more code docs for the required field validation by @JAORMX in #4979
• Fix properties update validation by @JAORMX in #4980
• build(deps): bump github.com/styrainc/regal from 0.29.0 to 0.29.1 by @dependabot in #4974
• build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2 in /tools by @dependabot in #4972
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.3 to 1.28.4 by @dependabot in #4976
• build(deps): bump buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go from 1.35.1-20240920164238-5a7b106cbb87.1 to 1.35.2-20240920164238-5a7b106cbb87.1 by @dependabot in #4975
• build(deps): bump the otel group with 2 updates by @dependabot in #4973
• Add data sources protobuf by @JAORMX in #4962
• Kick off CRUD API & Minder API Authz by @teodor-yanev in #4970
• Rule Type schema validation: change library and apply defaults by @JAORMX in #4953
• Exclude profiles with labels from history. by @blkt in #4910

New Contributors

• @alexandear made their first contribution in #4947

Full Changelog: v0.0.73...v0.0.74

v0.0.73

What's Changed

• Deprecate unused provider field in proto by @eleftherias in #4878
• Add proto validation for UUIDs by @eleftherias in #4880
• Add proto validation for integers by @rdimitrov in #4879
• Deprecate the port proto message by @rdimitrov in #4881
• Update ignore_empty to either use .ignore = IGNORE_IF_DEFAULT_VALUE or remove by @evankanderson in #4883
• Have run-docker-teardown respect services variable by @evankanderson in #4884
• Fix nil flag client, and warn about use in future by @evankanderson in #4885
• Sort profile status table by entities by @evankanderson in #4886
• build(deps): bump anchore/sbom-action from 0.17.6 to 0.17.7 by @dependabot in #4888
• build(deps): bump github.com/xanzy/go-gitlab from 0.112.0 to 0.113.0 by @dependabot in #4887
• Remove unimplemented rpc from proto file by @eleftherias in #4889
• Add proto validation for names by @eleftherias in #4890
• Add proto validation for artifact filtering via from by @rdimitrov in #4892
• Add proto validation for invite codes by @rdimitrov in #4893
• Add proto validation for cursor indexes by @rdimitrov in #4891
• Update proto validations for from and cursor fields by @rdimitrov in #4895
• build(deps): bump github.com/google/cel-go from 0.21.0 to 0.22.0 by @dependabot in #4896
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.1 to 1.28.2 by @dependabot in #4900
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.38.0 to 1.38.1 by @dependabot in #4898
• Add proto validation for RepositoryService by @rdimitrov in #4902
• Validate rego when parsing rule types by @JAORMX in #4906
• Add proto validation for OAuthService by @rdimitrov in #4901
• Add proto validation for Projects by @rdimitrov in #4909
• Add proto validation for EvalResultRequest by @rdimitrov in #4908
• Add proto validation for Providers by @rdimitrov in #4911
• Add proto validation for entity type in ProvidersService by @rdimitrov in #4903
• build(deps): bump github.com/charmbracelet/bubbletea from 1.1.2 to 1.2.0 by @dependabot in #4912
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.2 to 1.28.3 by @dependabot in #4913
• build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0 by @dependabot in #4914
• build(deps): bump goreleaser/goreleaser-action from 6.0.0 to 6.1.0 by @dependabot in #4916
• build(deps): bump google.golang.org/grpc from 1.67.1 to 1.68.0 by @dependabot in #4915
• Add proto validation for evaluation history filters by @eleftherias in #4904
• Fix type from trusty-sdk-go. by @blkt in #4917
• Update the project validation and return a user visible error if email validation fails by @rdimitrov in #4918
• Make description optional for project create and update by @rdimitrov in #4920
• Add validation for jq eval type by @JAORMX in #4919
• Add proto validation for ProfileService by @rdimitrov in #4905
• Bump trusty-sdk-go to latest release. by @blkt in #4922
• Allow for the ' character in names and descriptions by @rdimitrov in #4923
• Fix validation for getting profile by name by @rdimitrov in #4924
• Fix linting errors for golangci-lint v1.62 by @rdimitrov in #4933
• build(deps): bump github.com/google/osv-scalibr from 0.1.4-0.20241022131720-b583481e91a8 to 0.1.4 by @dependabot in #4897
• build(deps): bump the otel group with 9 updates by @dependabot in #4925
• build(deps): bump golang.org/x/tools from 0.26.0 to 0.27.0 in /tools by @dependabot in #4926
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.38.1 to 1.38.2 by @dependabot in #4927
• build(deps): bump golang.org/x/oauth2 from 0.23.0 to 0.24.0 by @dependabot in #4928
• build(deps): bump golang.org/x/mod from 0.21.0 to 0.22.0 by @dependabot in #4930
• build(deps): bump the docusaurus group in /docs with 5 updates by @dependabot in #4931
• build(deps): bump github/codeql-action from 3.27.0 to 3.27.1 by @dependabot in #4932
• build(deps): bump github.com/golangci/golangci-lint from 1.61.0 to 1.62.0 in /tools by @dependabot in #4929
• Upgrade to golang 1.23.3 by @JAORMX in #4934
• Add proto validation for RuleType by @rdimitrov in #4907
• Allow display names to have brackets by @rdimitrov in #4937
• build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.37.1 to 1.38.0 by @dependabot in #4938
• build(deps): bump github.com/charmbracelet/bubbletea from 1.2.0 to 1.2.1 by @dependabot in #4939
• build(deps): bump github.com/openfga/openfga from 1.7.0 to 1.8.0 by @dependabot in #4942
• build(deps): bump golang.org/x/term from 0.25.0 to 0.26.0 by @dependabot in #4940
• build(deps): bump golang.org/x/crypto from 0.28.0 to 0.29.0 by @dependabot in #4941
• Update the embedded secret_scanning ruletype used in quickstart by @rdimitrov in #4946
• Update proto validations by @rdimitrov in #4948
• Allow repo names to start with . by @rdimitrov in #4950

Full Changelog: v0.0.72...v0.0.73

v0.0.72

What's Changed

• Skip rule test files by @rdimitrov in #4836
• Simplify logic for required branch parameter to gh_branch_protection by @evankanderson in #4801
• build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.1.1 to 2.1.2 by @dependabot in #4832
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.37.0 to 1.37.1 by @dependabot in #4839
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.28.0 to 1.28.1 by @dependabot in #4837
• Add a YQ-powered remediation function by @jhrozek in #4830
• build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.37.0 to 1.37.1 by @dependabot in #4833
• Fix a 0.2% natschannel_test flake with some forced scheduler sleeps by @evankanderson in #4841
• build(deps): bump github.com/ThreeDotsLabs/watermill from 1.3.7 to 1.4.0 by @dependabot in #4842
• build(deps): bump anchore/sbom-action from 0.17.5 to 0.17.6 by @dependabot in #4844
• build(deps): bump github.com/bufbuild/buf from 1.45.0 to 1.46.0 in /tools by @dependabot in #4843
• Measure coverage for pkg folder. by @blkt in #4845
• build(deps): bump github.com/zitadel/oidc/v3 from 3.31.0 to 3.32.0 by @dependabot in #4847
• build(deps): bump github.com/openfga/openfga from 1.6.1 to 1.7.0 by @dependabot in #4848
• Add flag-driven event publisher by @evankanderson in #4784
• Add support for proto message validation by @rdimitrov in #4840
• Validate the user invitation HTML templates by @rdimitrov in #4835
• Allow proto email to be empty by @rdimitrov in #4852
• Fix proto validations for project and display_name by @rdimitrov in #4854
• build(deps): bump github.com/open-policy-agent/opa from 0.69.0 to 0.70.0 by @dependabot in #4857
• build(deps): bump github.com/charmbracelet/lipgloss from 0.13.1 to 1.0.0 by @dependabot in #4855
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.37.1 to 1.38.0 by @dependabot in #4858
• build(deps): bump buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go from 1.34.2-20240920164238-5a7b106cbb87.2 to 1.35.1-20240920164238-5a7b106cbb87.1 by @dependabot in #4856
• Remove duplicated if statement in NewEventer by @rdimitrov in #4859
• Fix the set bundle version query for the subscriptions table by @rdimitrov in #4860
• Add email field validation to protos by @eleftherias in #4861
• Add proto validation for project ID by @eleftherias in #4862
• Add pkg/querier package by @rdimitrov in #4849
• build(deps): bump github.com/golang-jwt/jwt/v4 from 4.5.0 to 4.5.1 by @dependabot in #4865
• build(deps): bump github.com/zitadel/oidc/v3 from 3.32.0 to 3.32.1 by @dependabot in #4866
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.22.0 to 2.23.0 in /tools by @dependabot in #4868
• build(deps): bump github.com/ThreeDotsLabs/watermill from 1.4.0 to 1.4.1 by @dependabot in #4867
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.22.0 to 2.23.0 by @dependabot in #4864
• Fix docs references in README.md by @staceypotter in #4863
• Add proto validation for entity IDs by @eleftherias in #4869
• Add proto validation for profile ID by @eleftherias in #4870
• Update docusaurus to 3.6.0 by @eleftherias in #4875
• Group docusaurus PRs into a single update group by @rdimitrov in #4876
• build(deps): bump path-to-regexp from 1.8.0 to 1.9.0 in /docs by @dependabot in #4877

Full Changelog: v0.0.71...v0.0.72

v0.0.71

What's Changed

• build(deps): bump k8s.io/client-go from 0.31.1 to 0.31.2 by @dependabot in #4803
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @dependabot in #4802
• build(deps): bump cookie and express in /docs by @dependabot in #4806
• Move config from internal to pkg by @rdimitrov in #4805
• Move selectors from internal/engine to pkg/engine by @rdimitrov in #4813
• Move getting a logger from config to the config package by @rdimitrov in #4816
• Move ruletypes from internal to pkg by @rdimitrov in #4810
• Document mindev entity schema by @ethomson in #4820
• Propagate project and entity information to rule evaluation logs by @evankanderson in #4818
• ko-build/ko broke their latest v0.17.0 release by @evankanderson in #4822
• build(deps): bump actions/setup-go from 5.0.2 to 5.1.0 by @dependabot in #4827
• build(deps): bump actions/setup-node from 4.0.4 to 4.1.0 by @dependabot in #4825
• build(deps): bump github.com/charmbracelet/bubbletea from 1.1.1 to 1.1.2 by @dependabot in #4823
• build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.36.1 to 1.37.0 by @dependabot in #4824
• build(deps): bump coverallsapp/github-action from 2.3.3 to 2.3.4 by @dependabot in #4826
• Move profiles from internal to pkg by @rdimitrov in #4811
• Move events from internal to pkg by @rdimitrov in #4812
• Fix mindev ruletype lint. by @blkt in #4828

Full Changelog: v0.0.70...v0.0.71

v0.0.70

What's Changed

• build(deps): bump mermaid from 10.8.0 to 10.9.3 in /docs by @dependabot in #4792
• Apply a bunch of dependabot updates by @evankanderson in #4791
• Fix auto-generated keycloak client by @JAORMX in #4796
• mindev: Add new subcommand to validate ruletype updates by @JAORMX in #4790
• build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @dependabot in #4797
• Make minder ruletype apply/create smarter by @JAORMX in #4798
• build(deps): bump github.com/openfga/go-sdk from 0.6.2 to 0.6.3 by @dependabot in #4795
• Expose a helper to run a JQ expression on YAML input through our Rego library by @jhrozek in #4793
• build(deps): bump http-proxy-middleware from 2.0.6 to 2.0.7 in /docs by @dependabot in #4799
• build(deps): bump github.com/charmbracelet/lipgloss from 0.13.0 to 0.13.1 by @dependabot in #4794

Full Changelog: v0.0.69...v0.0.70

v0.0.69

What's Changed

• Auto-generated cli documentation update - 2024-10-17 13:33:06 by @github-actions in #4774
• Change defaults for pull request rules by @eleftherias in #4773
• build(deps): bump github.com/yuin/goldmark from 1.7.7 to 1.7.8 by @dependabot in #4767
• build(deps): bump mobx from 6.13.4 to 6.13.5 in /docs by @dependabot in #4765
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.43 to 1.28.0 by @dependabot in #4768
• build(deps): bump coverallsapp/github-action from 2.3.1 to 2.3.3 by @dependabot in #4770
• build(deps): bump the otel group with 2 updates by @dependabot in #4766
• Add another mirror for Trivy DB in security.yml by @rdimitrov in #4776
• build(deps): bump github.com/nats-io/nats-server/v2 from 2.10.21 to 2.10.22 by @dependabot in #4779
• build(deps): bump github.com/stacklok/frizbee from 0.1.3 to 0.1.4 by @dependabot in #4778
• build(deps): bump go.uber.org/mock from 0.4.0 to 0.5.0 by @dependabot in #4777
• build(deps): bump go.uber.org/mock from 0.4.0 to 0.5.0 in /tools by @dependabot in #4780
• build(deps): bump @mdx-js/react from 3.0.1 to 3.1.0 in /docs by @dependabot in #4782
• build(deps): bump github.com/open-feature/go-sdk from 1.13.0 to 1.13.1 by @dependabot in #4781
• build(deps): bump anchore/sbom-action from 0.17.4 to 0.17.5 by @dependabot in #4789
• Introduce ResourceMeta and general resource parsing by @JAORMX in #4783

Full Changelog: v0.0.68...v0.0.69

v0.0.68

What's Changed

• Rule Types: Skip .test.yml files when linting/applying by @JAORMX in #4772

Full Changelog: v0.0.67...v0.0.68

v0.0.67

What's Changed

• build(deps): bump the otel group with 2 updates by @dependabot in #4747
• build(deps): bump github.com/xanzy/go-gitlab from 0.111.0 to 0.112.0 by @dependabot in #4749
• Output test coverage from unit tests action by @JAORMX in #4752
• build(deps): bump github.com/yuin/goldmark from 1.7.4 to 1.7.6 by @dependabot in #4748
• Re-enable NATS test by @evankanderson in #4746
• build(deps): bump github.com/yuin/goldmark from 1.7.6 to 1.7.7 by @dependabot in #4758
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.36.2 to 1.37.0 by @dependabot in #4760
• build(deps): bump github.com/prometheus/client_golang from 1.20.4 to 1.20.5 by @dependabot in #4759
• build(deps): bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 by @dependabot in #4757
• build(deps): bump anchore/sbom-action from 0.17.3 to 0.17.4 by @dependabot in #4756
• build(deps): bump mobx from 6.13.3 to 6.13.4 in /docs by @dependabot in #4754
• Add request id to logs. by @blkt in #4461
• Add evaluation error to security advisory by @eleftherias in #4761
• Display request ids in the CLI. by @blkt in #4763
• Deprecate pushing a brew formula to stacklok/tap by @rdimitrov in #4769
• Update Copyright headers, add workflow to enforce by @puerco in #4764
• Revert "Temporarily remove migration check" by @puerco in #4771
• Implement Minder TestKit by @JAORMX in #4762

Full Changelog: v0.0.66...v0.0.67

v0.0.66

What's Changed

• build(deps): bump github.com/stacklok/frizbee from 0.1.2 to 0.1.3 by @dependabot in #4709
• build(deps): bump bufbuild/buf-action from 1.0.1 to 1.0.2 by @dependabot in #4707
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.35.1 to 1.36.2 by @dependabot in #4694
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.42 to 1.27.43 by @dependabot in #4693
• Deprecate pull_requests database table by @JAORMX in #4713
• Don't look up the same entity multiple times in ListEvaluationHistory by @jhrozek in #4715
• Remove most zerolog messages from the properties service by @jhrozek in #4716
• Add template mapping functions by @JAORMX in #4714
• Gitlab: Add support for the Release entity by @JAORMX in #4706
• Set entity columns to be 'timestamp with time zone' to avoid TZ-related test failures by @evankanderson in #4720
• Fix race in github webhook handler tests. by @blkt in #4721
• Add osv-scalibr as a dependency extraction method for PR remediation by @evankanderson in #4688
• build(deps): bump coverallsapp/github-action from 2.3.0 to 2.3.1 by @dependabot in #4723
• build(deps): bump aquasecurity/trivy-action from 0.26.0 to 0.27.0 by @dependabot in #4724
• Implement an entity cache for the properties service by @JAORMX in #4729
• Fix diff full ingester double deref. by @blkt in #4732
• Use the new property cache in ListEvaluationResults by @jhrozek in #4731
• Remove database use from handleRelevantRepositoryEvent by @jhrozek in #4705
• Handle gitlab release deletion by @JAORMX in #4733
• build(deps): bump anchore/sbom-action from 0.17.2 to 0.17.3 by @dependabot in #4737
• Prepare docs for OpenSSF Migration by @lukehinds in #4649
• Explicitly do go mod download in CI by @JAORMX in #4741
• Replace stacklok/minder with mindersec/minder by @rdimitrov in #4742
• Remove unused RefreshRepositoryByUpstreamID by @jhrozek in #4734
• Add eval details template for JQ by @eleftherias in #4739
• Fix dependabot grouping of otel dependencies. by @blkt in #4740
• build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @dependabot in #4743
• build(deps): bump github.com/xanzy/go-gitlab from 0.110.0 to 0.111.0 by @dependabot in #4726
• Move the github webhook handler to the provider by @jhrozek in #4738
• Add eval details for rego constraints. by @blkt in #4730
• build(deps): bump the otel group across 1 directory with 11 updates by @dependabot in #4745
• Set mindersec as "release" owner in goreleaser config by @JAORMX in #4750

Full Changelog: v0.0.65...v0.0.66

v0.0.65

What's Changed

• build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.34.0 to 1.34.2 by @dependabot in #4552
• build(deps): bump github.com/prometheus/client_golang from 1.20.3 to 1.20.4 by @dependabot in #4553
• build(deps): bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #4551
• build(deps): bump actions/setup-node from 4.0.3 to 4.0.4 by @dependabot in #4550
• Add new watermill handlers that get or refresh entities by properties and call another handler by @jhrozek in #4545
• Disable the NATS tests temporarily again by @jhrozek in #4555
• Revert "build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.34.0 to 1.34.2 (#4552)" by @jhrozek in #4556
• Add template support to evaluation details. by @blkt in #4532
• Add hint by provider class to the refreshAndDo handler by @jhrozek in #4558
• Fix arguments passed to vulncheck template. by @blkt in #4560
• Implement Gitlab event handling by @JAORMX in #4559
• Update documentation for mindev, and add some handy debugging methods by @evankanderson in #4548
• Allow customizing AckDeadline to allow for long-running sets of retries by @evankanderson in #4549
• Fix data race in internal/entities/handlers/handler_test.go by @evankanderson in #4566
• Use new path for trusty package URLs by @JAORMX in #4567
• Remove backticks in vulncheck details template. by @blkt in #4562
• Handle users deleted through the Keycloak management API, as well as through the Keycloak UI by @evankanderson in #4563
• build(deps): bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #4575
• build(deps): bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #4574
• build(deps): bump mobx from 6.13.2 to 6.13.3 in /docs by @dependabot in #4577
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.35 to 1.27.38 by @dependabot in #4576
• build(deps): bump github.com/ThreeDotsLabs/watermill-sql/v3 from 3.0.3 to 3.1.0 by @dependabot in #4580
• build(deps): bump docker/build-push-action from 6.7.0 to 6.8.0 by @dependabot in #4581
• build(deps): bump github.com/nats-io/nats-server/v2 from 2.10.20 to 2.10.21 by @dependabot in #4579
• Use the new handlers when evaluating repo webhooks by @jhrozek in #4565
• Test otel instrumentation for panics. by @blkt in #4582
• build(deps): bump docker/build-push-action from 6.8.0 to 6.9.0 by @dependabot in #4592
• build(deps): bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in #4591
• build(deps): bump github.com/zitadel/oidc/v3 from 3.29.1 to 3.30.0 by @dependabot in #4590
• Clean up test providers and move EntityToProtoMessage as top-level interface function by @JAORMX in #4586
• Extend selectors to include provider name and class by @jhrozek in #4583
• Store provider's refresh token and expiry if possible by @JAORMX in #4588
• gitlab: don't use deprecated token database column by @JAORMX in #4593
• build(deps): bump github.com/bufbuild/buf from 1.42.0 to 1.43.0 in /tools by @dependabot in #4587
• Group otel-related updates into single PRs. by @blkt in #4490
• build(deps): bump google.golang.org/grpc from 1.66.2 to 1.67.1 by @dependabot in #4597
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.38 to 1.27.39 by @dependabot in #4599
• build(deps): bump github.com/open-policy-agent/opa from 0.68.0 to 0.69.0 by @dependabot in #4589
• build(deps): bump github.com/openfga/go-sdk from 0.6.0 to 0.6.1 by @dependabot in #4598
• build(deps): bump github.com/theupdateframework/go-tuf/v2 from 2.0.0 to 2.0.1 by @dependabot in #4600
• Use one workflow for trivy by @JAORMX in #4601
• GitHub: don't try to use OAuth token for github-app provider by @JAORMX in #4594
• build(deps): bump github.com/docker/cli from 27.2.1+incompatible to 27.3.1+incompatible by @dependabot in #4602
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.33.2 to 1.35.0 by @dependabot in #4603
• build(deps): bump github.com/go-viper/mapstructure/v2 from 2.1.0 to 2.2.1 by @dependabot in #4604
• Replace repository for entity in properties service by @JAORMX in #4607
• Slight modification in properties fetch log by @JAORMX in #4608
• Query Keycloak for user deletions every 5 minutes by @eleftherias in #4615
• build(deps): bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot in #4622
• gitlab: Handle token refresh by @JAORMX in #4606
• Adjust deadline on admin identity events as well as user events by @evankanderson in #4617
• Pass along transaction to RetrieveAllPropertiesForEntity by @jhrozek in #4633
• mindev: Use provider to construct entity protobufs by @JAORMX in #4630
• gitlab: Handle query parameters in REST trait by @JAORMX in #4632
• Update changelog and roadmap by @ethomson in #4631
• Remove RefreshRepositoryByUpstreamID from the repo reconciler by @jhrozek in #4620
• build(deps): bump github/codeql-action from 3.26.10 to 3.26.11 by @dependabot in #4640
• build(deps): bump github.com/bufbuild/buf from 1.43.0 to 1.44.0 in /tools by @dependabot in #4638
• build(deps): bump docker/setup-buildx-action from 3.6.1 to 3.7.0 by @dependabot in #4639
• build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.35.0 to 1.35.1 by @dependabot in #4635
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.39 to 1.27.40 by @dependabot in #4637
• Use generic refresh and message forwarding to evaluator for profile init by @jhrozek in #4634
• properties service: Don't fail if multiple entries are found by @JAORMX in #4642
• Print entity status name if available by @JAORMX in #4646
• Add eval details template for Trusty rule by @eleftherias in #4645
• Add feature flag for improved evaluation details. by @blkt in #4584
• build(deps): bump docker/setup-buildx-action from 3.7.0 to 3.7.1 by @dependabot in #4652
• build(deps): bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @dependabot in #4653
• build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.31.0 to 1.32.0 by @dependabot in #4655
• build(deps): bump golang.org/x/tools from 0.25.0 to 0.26.0 in /tools by @dependabot in #4659
• build(deps): bump golang.org/x/crypto from 0.27.0 to 0.28.0 by @dependabot in #4657
• build(deps): bump github.com/xanzy/go-gitlab from 0.109.0 to 0.110.0 by @dependabot in #4656
• build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.40 to 1.27.41 by @dependabot in #4658
• Add eval details template for deny-by-default rule. by @blkt in #4647
• Enable the originating entity handlers by @jhrozek in #4661
• origination: First get properties from provider before trying to persist by @JAORMX in #4660
• Add additional test coverage for common functions in GitHub provider by @gajananan in #4648
• Pass correct logger to watermill. by @blkt in #4662
• gitlab: Add support for pull requests by @JAORMX in #4641
• gitlab: Fix PR origination by @JAORMX in https://github....