Skip to content

Releases: mindersec/minder

v0.0.10

04 Nov 11:10
1c8c8c4
Compare
Choose a tag to compare

What's Changed

Read more

v0.0.9

30 Oct 16:54
7fa1be1
Compare
Choose a tag to compare

What's Changed

  • feat: implement an actions engine by @rdimitrov in #1192
  • Add remediation capability for GH branch protections by @jhrozek in #1174
  • Add option to fetch server secret from file by @eleftherias in #1199
  • Pull request remediations engine + codeQL + dependabot remediations by @jhrozek in #1200
  • Update deployment to enable account deletion by @eleftherias in #1212
  • PR vulnerability evaluation: Display summary of vulnerabilities found by @jhrozek in #1204
  • Update docs with identity config for mediator server by @eleftherias in #1195
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.45 to 1.19.0 by @dependabot in #1216
  • build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.13 to 2.0.14 by @dependabot in #1217
  • build(deps): bump @babel/traverse from 7.22.10 to 7.23.2 in /docs by @dependabot in #1220
  • Split mediator and db-update roles by @eleftherias in #1223
  • vulncheck: Don't try to render an empty summary table if no CVEs are found by @jhrozek in #1215
  • helm: Add extra_config_migrate to helm values by @JAORMX in #1224
  • Reduce cardinality of GRPC metrics from mediator. by @evankanderson in #1227
  • build(deps): bump google.golang.org/grpc from 1.58.3 to 1.59.0 by @dependabot in #1230
  • fix: Fix migration CI job by @JAORMX in #1229
  • ci: Add healthceck for keycloak container by @JAORMX in #1231
  • Support Python requirements.txt scanning for pull requests by @jhrozek in #1225
  • build(deps): bump github.com/open-policy-agent/opa from 0.57.0 to 0.57.1 by @dependabot in #1234
  • build(deps): bump k8s.io/apimachinery from 0.28.2 to 0.28.3 by @dependabot in #1235
  • Add postgres connection pool instrumentation by @evankanderson in #1246
  • feat: implement the rest of alerts by @rdimitrov in #1228
  • build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.14 to 2.0.15 by @dependabot in #1247
  • Don't error CLI on a lack of config by @lukehinds in #1245
  • Pi Evaluator that provides a summary of dependencies and their alternatives by @jhrozek in #1232
  • engine: Also traverse PullRequest rules when validating profiles by @jhrozek in #1260
  • Fix debug message argument by @jhrozek in #1261
  • build(deps): bump github.com/golangci/golangci-lint from 1.54.2 to 1.55.0 in /tools by @dependabot in #1263
  • Fix artifact_signature rule schema by @JAORMX in #1265
  • build(deps): bump actions/setup-node from 3 to 4 by @dependabot in #1272
  • ci: Fix database migration touch job by @JAORMX in #1271
  • Intial smoke tests by @lukehinds in #1268
  • feat: Implement ingester cache by @JAORMX in #1273
  • Add telemetry for counting number of users by @eleftherias in #1275
  • fix: update rule type descriptions to be consistent by @rdimitrov in #1277
  • Don't retry all handler errors by @jhrozek in #1281
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.19.0 to 1.19.1 by @dependabot in #1283
  • Makefile: leverage podman compose plugin instead of podman-compose by @JAORMX in #1282
  • Store PRs in the database to avoid special-casing them during evaluation by @jhrozek in #1270
  • feat: add stalebot to ci by @rdimitrov in #1284
  • Skip non-relevant webhook events by @jhrozek in #1280
  • build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.3 in /tools by @dependabot in #1286
  • fix: update permissions for stalebot.yml by @rdimitrov in #1287
  • build(deps): bump github.com/golangci/golangci-lint from 1.55.0 to 1.55.1 in /tools by @dependabot in #1288
  • build(deps): bump github.com/go-git/go-git/v5 from 5.9.0 to 5.10.0 by @dependabot in #1289
  • chore: use interfaces for actions and evaluation params by @rdimitrov in #1290
  • chore: ensure evalStatusParams implement eval and action interfaces by @rdimitrov in #1293
  • chore: prefix viper env vars with mediator by @rdimitrov in #1291
  • docs: update CONTRIBUTING.md by @rdimitrov in #1294
  • chore: explicitly declare the default actions settings by @rdimitrov in #1295
  • build(deps): bump github.com/google/uuid from 1.3.1 to 1.4.0 by @dependabot in #1300
  • build(deps): bump github.com/open-policy-agent/opa from 0.57.1 to 0.58.0 by @dependabot in #1301
  • build(deps): bump github.com/sigstore/sigstore from 1.7.4 to 1.7.5 by @dependabot in #1302
  • ci: Detect IF NOT EXISTS in migration scripts by @JAORMX in #1303
  • Remove user details from mediator database by @eleftherias in #1304
  • helm: Add deployment-specific settings by @JAORMX in #1299
  • fix: actually render values.yaml in helm job by @JAORMX in #1305
  • Use stable version of schemaspy by @eleftherias in #1307
  • chore: update evaluation logs for easier debugging by @rdimitrov in #1306
  • feat: Make watermill settings configurable by @JAORMX in #1297
  • cleanup: Make mediator wait for keycloak's health in compose file by @JAORMX in #1308
  • Fix link in CONTRIBUTING.md by @eleftherias in #1309
  • Add several metrics for mediator control plane by @jhrozek in #1298
  • Reconcile the PiReply struct with recent changes to Pi by @jhrozek in #1311
  • Update LICENSE by @rdimitrov in #1314
  • Make keycloak setup script compatible with DB by @eleftherias in #1320
  • fix: Make event persistence configurable and set to false by @JAORMX in #1323
  • feat: Add possibility for entitlements by @JAORMX in #1319
  • Remove obsolete token expiry check by @rdimitrov in #1321
  • Auto-generated DB schema update - 2023-10-30 14:28:37 by @github-actions in #1324
  • Refactor Mediator docs for inclusion in commercial by @evankanderson in #1318
  • Fix go.mod for tools and update go to 1.21 by @rdimitrov in #1322
  • Allow registering private repos specified in github.allowed_private_repos by @jhrozek in #1316
  • Add goreleaser, sboms, slsa3, sigstore and homebrew support by @rdimitrov in #1315

Full Changelog: v0.0.8...v0.0.9

v0.0.8

13 Oct 14:09
a2ab312
Compare
Choose a tag to compare

What's Changed

  • Auto-generated cli documentation update - 2023-10-12 14:55:37 by @github-actions in #1184
  • Create CONTRIBUTING.md by @dussab in #1186
  • build(deps): bump golang from 02d7116 to 24a0937 by @dependabot in #1189
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.44 to 1.18.45 by @dependabot in #1188
  • build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.20 to 1.2.21 by @dependabot in #1187
  • User account deletion in mediator by @eleftherias in #1185
  • Auto-generated cli documentation update - 2023-10-13 14:52:23 by @github-actions in #1193
  • build(deps): bump github.com/sigstore/sigstore from 1.7.3 to 1.7.4 by @dependabot in #1194
  • ux: subscribe to all events by default instead of allowing it to be configurable by @JAORMX in #1197

Full Changelog: v0.0.7...v0.0.8

v0.0.7

13 Oct 14:06
4e2141b
Compare
Choose a tag to compare

What's Changed

  • fix: Track rule type instantiations in profiles by @JAORMX in #1113
  • Make logout flow work with new login mechanism by @eleftherias in #1115
  • build(deps): bump golang.org/x/term from 0.12.0 to 0.13.0 by @dependabot in #1122
  • build(deps): bump golang.org/x/crypto from 0.13.0 to 0.14.0 by @dependabot in #1121
  • build(deps): bump golang from 1.21.1 to 1.21.2 by @dependabot in #1119
  • New email address added to CODE_OF_CONDUCT.md by @dussab in #1118
  • build(deps): bump golang.org/x/sync from 0.3.0 to 0.4.0 by @dependabot in #1120
  • testing: Use in-memory postgres for tests by @JAORMX in #1123
  • tests: enable configuring an external database for tests by @rdimitrov in #1127
  • profiles: Allow deleting rule_types if no profiles exist anymore by @jhrozek in #1131
  • rule_type: Check the right error by @jhrozek in #1130
  • db: update the database layer to support alerts by @rdimitrov in #1116
  • db: remove obsolete trigger - delete_eval_statuses by @rdimitrov in #1128
  • fix: get repositories in an ordered list by @rdimitrov in #1132
  • Add more rest remediations by @jhrozek in #1129
  • cli: add scrolling to repo register, fix --repo and update the cli docs by @rdimitrov in #1133
  • Remove domain model (part 1 CLI) by @lukehinds in #1137
  • Auto-generated cli documentation update - 2023-10-09 06:40:44 by @github-actions in #1143
  • build(deps): bump golang.org/x/tools from 0.13.0 to 0.14.0 in /tools by @dependabot in #1148
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.43 to 1.18.44 by @dependabot in #1147
  • build(deps): bump github.com/spf13/viper from 1.16.0 to 1.17.0 by @dependabot in #1146
  • cleanup: remove APIs we won't be exposing soon by @JAORMX in #1149
  • build(deps): bump golang.org/x/oauth2 from 0.12.0 to 0.13.0 by @dependabot in #1145
  • build(deps): bump github.com/aws/aws-sdk-go-v2/feature/rds/auth from 1.2.19 to 1.2.20 by @dependabot in #1144
  • Refresh access token before it expires by @eleftherias in #1150
  • Auto-generated cli documentation update - 2023-10-09 19:03:06 by @github-actions in #1156
  • ci: Add database migration freeze CI job by @JAORMX in #1124
  • harden: Only store registered repositories by @JAORMX in #1155
  • Remove unused auth commands and endpoints by @eleftherias in #1160
  • Auto-generated cli documentation update - 2023-10-10 13:03:12 by @github-actions in #1161
  • Move Keycloak configuration to script by @eleftherias in #1157
  • chore: disable registering private repositories by @rdimitrov in #1159
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.8.0 to 0.9.0 by @dependabot in #1167
  • build(deps): bump google.golang.org/grpc from 1.58.2 to 1.58.3 by @dependabot in #1166
  • build(deps): bump golang from 1.21.2 to 1.21.3 by @dependabot in #1165
  • Add capability for users to delete their account in IdP by @eleftherias in #1163
  • alerts: update rule type and profile definitions by @rdimitrov in #1164
  • Fix rule_type templates to align with the recent refactoring by @jhrozek in #1169
  • rule_type: print remediation error even if evaluation fails by @jhrozek in #1170
  • chore: do not process webhook events for private repos by @rdimitrov in #1162
  • engine: Pass params to the remediate interface, too by @jhrozek in #1171
  • Fix deleting rule_types..again.. by @jhrozek in #1168
  • ingestor: Return fallback body on certain HTTP status types by @jhrozek in #1172
  • rest remediator: body should be optional by @jhrozek in #1173
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.9.0 to 0.9.1 by @dependabot in #1181
  • build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 by @dependabot in #1180
  • build(deps): bump golang.org/x/net from 0.16.0 to 0.17.0 in /tools by @dependabot in #1179
  • alerts: add create and close github calls for security advisories by @rdimitrov in #1178
  • feat: Default to staging keycloak for identity configuration by @JAORMX in #1183

Full Changelog: v0.0.6...v0.0.7

v0.0.6

05 Oct 10:54
1028f16
Compare
Choose a tag to compare

What's Changed

  • Auto-generated cli documentation update - 2023-10-04 15:51:33 by @github-actions in #1104
  • usability: Print login information when logging in by @JAORMX in #1106
  • Annotate Pods for Prometheus Metrics Collection by @teodor-yanev in #1098
  • cleanup: Use policy name to fetch status by @JAORMX in #1105
  • Auto-generated cli documentation update - 2023-10-05 08:20:02 by @github-actions in #1107
  • cleanup: Rename policy to profile by @JAORMX in #1108

Full Changelog: v0.0.5...v0.0.6

v0.0.5

04 Oct 12:54
46392f0
Compare
Choose a tag to compare

What's Changed

  • providers: Change the signature of NewRequest to accept body as interface{} by @jhrozek in #1053
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.41.0 to 0.42.0 by @dependabot in #1066
  • build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.12 to 2.0.13 by @dependabot in #1069
  • build(deps): bump github.com/go-playground/validator/v10 from 10.15.4 to 10.15.5 by @dependabot in #1067
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.18.0 to 1.19.0 by @dependabot in #1068
  • cleanup: Move validations and parsing to our exported package by @JAORMX in #1052
  • Add documentation for running Keycloak by @eleftherias in #1061
  • Make cli-docs should delete docs for removed commands by @eleftherias in #1060
  • Create org, group, provider and role per user by @eleftherias in #1059
  • Incorrect naming for root cmd by @lukehinds in #1041
  • fix: handle artifact rule evaluation differently by @rdimitrov in #1030
  • Auto-generated cli documentation update - 2023-10-02 15:16:03 by @github-actions in #1071
  • Auto-generated cli documentation update - 2023-10-02 15:00:53 by @github-actions in #1070
  • Implement policy remediation support in the engine and add a REST remediator by @jhrozek in #1057
  • policy: Surface rule validation errors by @JAORMX in #1080
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.42 to 1.18.43 by @dependabot in #1081
  • Add rule and entity filtering to Policy Status list details by @lujunsan in #1036
  • Auto-generated cli documentation update - 2023-10-03 11:55:01 by @github-actions in #1085
  • cleanup: Use projects instead of groups and orgs by @JAORMX in #1054
  • Auto-generated cli documentation update - 2023-10-03 15:22:15 by @github-actions in #1089
  • Remove unused APIs by @lukehinds in #1091
  • chore: update default credentials by @rdimitrov in #1088
  • Fix medev rule by @jhrozek in #1095
  • authz: Make root project/org no longer special by @JAORMX in #1092
  • This prints out the user creation information in a stylish manner by @JAORMX in #1099
  • build(deps): bump postcss from 8.4.27 to 8.4.31 in /docs by @dependabot in #1100
  • cleanup: Goodbye marmot! Hello banners! by @JAORMX in #1102
  • cleanup: Make default project names more readable by @JAORMX in #1101
  • Add remediation status to the rule_evaluation_status table by @jhrozek in #1094
  • cleanup: Allow for policy files to not specify projects by @JAORMX in #1103

New Contributors

Full Changelog: v0.0.4...v0.0.5

v0.0.4

29 Sep 07:40
27645c7
Compare
Choose a tag to compare

What's Changed

  • Include assets into docker-compose mount by @JAORMX in #985
  • build(deps): bump @docusaurus/theme-mermaid from 2.4.1 to 2.4.3 in /docs by @dependabot in #987
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.40 to 1.18.41 by @dependabot in #991
  • build(deps): bump redocusaurus from 1.6.3 to 1.6.4 in /docs by @dependabot in #989
  • build(deps): bump @docusaurus/preset-classic from 2.4.1 to 2.4.3 in /docs by @dependabot in #990
  • build(deps): bump google.golang.org/grpc from 1.58.1 to 1.58.2 by @dependabot in #994
  • build(deps): bump github.com/grpc-ecosystem/go-grpc-middleware/v2 from 2.0.0 to 2.0.1 by @dependabot in #993
  • build(deps): bump golang from 1.20.3 to 1.21.1 by @dependabot in #979
  • go.mod: Manually update opentelemetry dependencies to fix go.mod by @jhrozek in #995
  • handlers_user: Include db err in the internal error by @jhrozek in #984
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.41 to 1.18.42 by @dependabot in #1008
  • Fix example YAMLs to call the medev evaluator by @jhrozek in #1009
  • build(deps): bump golang from cffaba7 to c416cee by @dependabot in #1007
  • policy status CLI: Render guidance as markdown by @JAORMX in #982
  • build(deps): bump github.com/rs/zerolog from 1.30.0 to 1.31.0 by @dependabot in #1013
  • chore: move metric server to a separate address by @rdimitrov in #1010
  • Add initial introduction of providers to the database by @JAORMX in #955
  • Auto-generated cli documentation update - 2023-09-25 18:55:48 by @github-actions in #1016
  • diff ingester: Allow configurable wildcards to match ecosystem file names, plus some cleanups by @jhrozek in #975
  • rule: Update trivy guidance by @JAORMX in #1015
  • cleanup: Move generated code to pkg/api instead of pkg/generated by @JAORMX in #1017
  • feat: Actual providers implementation by @JAORMX in #1011
  • Support Go dependency scanning for pull requests by @teodor-yanev in #1012
  • Adjust auth module to use common config by @evankanderson in #1020
  • ci: Build medev as part of the build Makefile target by @JAORMX in #1022
  • cleanup: don't expand generated API files by @JAORMX in #1023
  • feat: Persist provider configuration in protobuf by @JAORMX in #1021
  • Rework IsRequestAuthorized to reduce auth scope mismatches by @evankanderson in #986
  • build(deps): bump golang from c416cee to 19600fd by @dependabot in #1026
  • build(deps): bump github.com/sqlc-dev/pqtype from 0.2.0 to 0.3.0 by @dependabot in #1027
  • fix: don't upsert empty tags as valid value by @rdimitrov in #1025
  • fix: Run make mock by @eleftherias in #1032
  • Add support for detecting vulnerable Go packages in PRs by @jhrozek in #1024
  • fix: Also reconcile repo policy run on repo registration by @JAORMX in #1029
  • build(deps): bump github.com/prometheus/client_golang from 1.16.0 to 1.17.0 by @dependabot in #1034
  • medev: Fix provider configuration by @JAORMX in #1035
  • devex: Converge code generation into a single Makefile target by @JAORMX in #1033
  • Fix typo in list users command by @eleftherias in #1037
  • int32 database identifiers are evil! by @JAORMX in #1028
  • Auto-generated cli documentation update - 2023-09-28 13:25:57 by @github-actions in #1038
  • build(deps): bump github.com/open-policy-agent/opa from 0.56.0 to 0.57.0 by @dependabot in #1048
  • build(deps): bump go.opentelemetry.io/otel/sdk from 1.18.0 to 1.19.0 by @dependabot in #1046
  • Identity provider login from mediator CLI by @eleftherias in #1014
  • build(deps): bump go.opentelemetry.io/otel/sdk/metric from 0.41.0 to 1.19.0 by @dependabot in #1045
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.44.0 to 0.45.0 by @dependabot in #1047
  • Auto-generated cli documentation update - 2023-09-29 09:18:53 by @github-actions in #1050
  • cleanup: run go mod tidy by @JAORMX in #1051

New Contributors

Full Changelog: v0.0.3...v0.0.4

v0.0.3

19 Sep 13:42
2e90ef4
Compare
Choose a tag to compare

What's Changed

  • build(deps): bump google.golang.org/grpc from 1.57.0 to 1.58.0 by @dependabot in #879
  • medic: print policies as tables by @JAORMX in #880
  • rule: Add new rule type that checks if folks are using the latest tag in their Dockerfiles by @JAORMX in #884
  • Auto-generated cli documentation update - 2023-09-07 12:07:37 by @github-actions in #882
  • reconcilers: Add an initial concept of a dedicated reconcilers object in mediator by @JAORMX in #872
  • medic: print rule types as tables by @JAORMX in #881
  • EntityInfoWrapper: Add utility function to build+publish by @JAORMX in #886
  • Auto-generated cli documentation update - 2023-09-07 14:17:14 by @github-actions in #887
  • EntityInfoWrapper.BuildMessage: Return nil, error by @JAORMX in #885
  • Create new context for OAuth callback to prevent timeout by @eleftherias in #883
  • Auto-generated cli documentation update - 2023-09-07 15:01:35 by @github-actions in #889
  • Organize docs in more suitable layout by @lukehinds in #856
  • cli: Add table output for policy_status sub-command by @JAORMX in #888
  • fix watermill error loop by @JAORMX in #890
  • Auto-generated cli documentation update - 2023-09-07 15:56:42 by @github-actions in #891
  • Fix broken documentation link and extra package-lock.json by @evankanderson in #892
  • dockerfile_no_latest_tag rule: Use main branch, not master by @JAORMX in #893
  • chore: add guidance notes for rule_types by @rdimitrov in #895
  • Add Stacklok logo to enrollment complete html page by @eleftherias in #896
  • new rule: Add rule that verifies that the trivy action is used in a github workflow by @JAORMX in #900
  • Adjust getting started documentation by @eleftherias in #897
  • rego: Add option to skip for deny-by-default evaluator by @JAORMX in #903
  • medev fix: ensure we pass auth token to evaluator by @JAORMX in #901
  • docs: Update documentation with reference to detailed status by @JAORMX in #904
  • medev rule_type test: enable rego print statements when testing by @JAORMX in #902
  • rule_type create: Print one table instead of many by @JAORMX in #906
  • Fix OAuthService endpoint that got fixed manually by @evankanderson in #909
  • Auto-generated cli documentation update - 2023-09-08 13:10:53 by @github-actions in #907
  • db: Add pull_request as an allowed value of entities by @jhrozek in #910
  • Sort CSV list of known entities to prevent needless doc updates by @jhrozek in #911
  • Allow matching on any artifact name by @jhrozek in #917
  • Add basic support for PR vulnerability scanning by @jhrozek in #899
  • Auto-generated cli documentation update - 2023-09-08 16:52:44 by @github-actions in #918
  • Expose custom error message for 'must change password' by @evankanderson in #916
  • webhooks: Handle the case where a signature arrives after an unsigned artifact had been stored by @jhrozek in #919
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.1 to 2.18.0 in /tools by @dependabot in #922
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.1 to 2.18.0 by @dependabot in #921
  • eventer: Add extra logging and retriable events by @JAORMX in #926
  • eventer: Add logging to publisher as well by @JAORMX in #927
  • pipeline_policy: Also validate pull requests by @jhrozek in #929
  • webhook: Don't process events from repositories that are not registered by @JAORMX in #928
  • fix: resolve tag conflicts for versioned artifacts by @rdimitrov in #920
  • Move database golang code to internal package by @JAORMX in #931
  • golangci-lint: Turn on exhaustive linter by @JAORMX in #933
  • fix/refactor: Move auth.token_key and other parameters to AuthConfig structure by @JAORMX in #925
  • Use proto options to store auth config by @evankanderson in #894
  • fix: race condition for signed versioned artifacts by @rdimitrov in #932
  • Add token_key_passphrase to file location overrides following #925 by @evankanderson in #937
  • Dismiss stale reviews when reviewing PRs with vulnerable dependencies by @jhrozek in #934
  • build(deps): bump docker/setup-buildx-action from 2 to 3 by @dependabot in #940
  • build(deps): bump docker/build-push-action from 4 to 5 by @dependabot in #939
  • Move most packages to the internal package by @JAORMX in #941
  • build(deps): bump go.opentelemetry.io/otel from 1.17.0 to 1.18.0 by @dependabot in #942
  • build(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.9.0 by @dependabot in #946
  • build(deps): bump go.opentelemetry.io/otel/sdk from 1.17.0 to 1.18.0 by @dependabot in #943
  • chore: hide and gitignore docker volumes for github client id and secret by @rdimitrov in #948
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.40.0 to 0.41.0 by @dependabot in #944
  • Simplify policy structure and rename by @JAORMX in #947
  • Fix the link to apache license by @jhrozek in #950
  • vulndb evaluator: Cleanups and unit tests for the package database lookups by @jhrozek in #949
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.17.0 to 1.18.0 by @dependabot in #956
  • build(deps): bump github.com/go-playground/validator/v10 from 10.15.3 to 10.15.4 by @dependabot in #959
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.43.0 to 0.44.0 by @dependabot in #957
  • Manually bump k8s deps by @jhrozek in #960
  • vulnerability evaluator: Submit reviews with just comment if the author is the same as the mediator identity by @jhrozek in #952
  • build(deps): bump google.golang.org/grpc from 1.58.0 to 1.58.1 by @dependabot in #964
  • Enable environment overrides and built-in configuration defaults by @evankanderson in #963
  • Remove GetCryptoConfigWithDefaults, use DefaultConfigForTest by @evankanderson in #969
  • Fix auth.token_key variable for helm charts by @evankanderson in #970
  • Sequentially tag helm charts, rather than re-using the 0.1.0 version by @evankanderson in #971
  • build(deps): bump github.com/daixiang0/gci from 0.11.1 to 0.11.2 in /tools by @dependabot in #973
  • Forgot to actually update the actuon to set HELM_PACKAGE_VERSION by @evankanderson in #972
  • Fix chart publish workflow by @evankanderson in #974
  • Add docker dependabot configuration by @JAORMX in #978
  • Extend PR vulnerability checks with a configurable action to set commit status by @jhrozek in #966
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.39 to 1.18.40 by @dependabot in #980
  • Allow users to change their profile info and password by @evankanderson in #983

Full Changelog: v0.0.2...v0.0.3

v0.0.2

06 Sep 15:12
38f9f4b
Compare
Choose a tag to compare

What's Changed

  • build(deps): bump slsa-framework/slsa-github-generator from 1.8.0 to 1.9.0 by @dependabot in #757
  • rule_type create: Add option to create multiple rule types at once or read all filed in directory by @JAORMX in #748
  • Auto-generated cli documentation update - 2023-08-25 13:04:37 by @github-actions in #759
  • remove unused internal/engine/entities.go by @jhrozek in #762
  • Update Epic template to remove SaaS engineering section by @dussab in #763
  • Split rule type format to show explicit ingestion and evaluation by @JAORMX in #758
  • build(deps): bump slsa-framework/slsa-verifier from 2.3.0 to 2.4.0 by @dependabot in #769
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.0 to 2.17.1 by @dependabot in #768
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.17.0 to 2.17.1 in /tools by @dependabot in #770
  • Update docs with new rule type syntax by @JAORMX in #767
  • small refactor: Move files around for testability by @JAORMX in #771
  • engine: Handle skipped rules and silent skips by @JAORMX in #776
  • .gitignore: Ignore test coverage file by @JAORMX in #774
  • util: Use dedicated test package for unit tests by @JAORMX in #772
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.42.0 to 0.43.0 by @dependabot in #779
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.16.0 to 1.17.0 by @dependabot in #780
  • build(deps): bump github.com/go-playground/validator/v10 from 10.15.1 to 10.15.2 by @dependabot in #782
  • util: Add test coverage for JSON/YAML utilities by @JAORMX in #773
  • build(deps): bump go.opentelemetry.io/otel/sdk/metric from 0.39.0 to 0.40.0 by @dependabot in #781
  • build(deps): bump mobx from 6.10.0 to 6.10.1 in /docs by @dependabot in #789
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.39.0 to 0.40.0 by @dependabot in #790
  • build(deps): bump github.com/go-playground/validator/v10 from 10.15.2 to 10.15.3 by @dependabot in #791
  • Improve artifact support by storing artifact_id in the rule evaluation table and store artifact information during webhook processing by @jhrozek in #760
  • Auto-generated DB schema update - 2023-08-30 09:22:38 by @github-actions in #792
  • Increase timeout for syncing repositories by @JAORMX in #788
  • engine: Add rego evaluation engine by @JAORMX in #784
  • Use IS NOT DISTINCT FROM for comparing rule eval status on upsert by @JAORMX in #799
  • Add guidance to rule types by @JAORMX in #797
  • Auto-generated DB schema update - 2023-08-30 16:06:13 by @github-actions in #802
  • build(deps): bump github.com/open-policy-agent/opa from 0.52.0 to 0.55.0 by @dependabot in #809
  • Use a generic version of JQ accessor, called JQGetTypedFromAccessor to parse GitHub payload by @jhrozek in #801
  • engine: Make ErrEvaluationSkipSilently not so silent by @JAORMX in #803
  • Adjust group.order so that PI can claim URLs in the same host by @evankanderson in #815
  • repositories: Add clone URL to data we track by @JAORMX in #793
  • Auto-generated DB schema update - 2023-08-31 17:21:34 by @github-actions in #816
  • handlers_policy: return more information on artifacts by @jhrozek in #812
  • containers: Suppress error message when trying to fetch signatures by @jhrozek in #811
  • build(deps): bump github.com/open-policy-agent/opa from 0.55.0 to 0.56.0 by @dependabot in #818
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.37 to 1.18.38 by @dependabot in #821
  • build(deps): bump github.com/sigstore/cosign/v2 from 2.1.1 to 2.2.0 by @dependabot in #820
  • build(deps): bump mobx from 6.10.1 to 6.10.2 in /docs by @dependabot in #822
  • tests: Add a test to initialize the artifact ingester by @jhrozek in #823
  • Add git ingester by @JAORMX in #775
  • Putting it all together: Enables us to run rego rules on git contents by @JAORMX in #825
  • build(deps): bump github.com/sigstore/sigstore from 1.7.2 to 1.7.3 by @dependabot in #828
  • build(deps): bump golang.org/x/term from 0.11.0 to 0.12.0 by @dependabot in #827
  • rego: Introduce file.ls which allows us to list files by @JAORMX in #829
  • builtin: Return evalerrors.ErrEvaluationSkipSilently in case the builtin evaluator doesn't match the entity by @jhrozek in #800
  • Return why an artifact was skipped from the artifact ingester by @jhrozek in #810
  • Remove pr-size action by @lukehinds in #840
  • fix: use consistent sql.ErrNoRow error comparision by @rdimitrov in #832
  • Implements Dependabot Checks by @lukehinds in #843
  • build(deps): bump actions/checkout from 3 to 4 by @dependabot in #849
  • Policy to verify actions are pinned to sha1 by @lukehinds in #845
  • tools: Add setup.sh script by @JAORMX in #853
  • refactor: Move webhook event parsing logic to webhook handler by @JAORMX in #841
  • dev: Add log message when rule violation happens by @JAORMX in #854
  • cleanup: Remove commented out entries from policy by @JAORMX in #851
  • cleanup: remove unnecessary checkups from rule by @JAORMX in #852
  • Add policy init and reconcile policy support for artifacts by @jhrozek in #844
  • Auto-generated cli documentation update - 2023-09-05 16:39:02 by @github-actions in #855
  • rules: Fix actions_check_pinned_tags rule by @JAORMX in #857
  • Fix migratedown target by @eleftherias in #858
  • Avoid log spam on CheckHealth by @evankanderson in #864
  • build(deps): bump golang.org/x/tools from 0.12.0 to 0.13.0 in /tools by @dependabot in #866
  • build(deps): bump github.com/daixiang0/gci from 0.11.0 to 0.11.1 in /tools by @dependabot in #867
  • build(deps): bump golang.org/x/crypto from 0.12.0 to 0.13.0 by @dependabot in #868
  • build(deps): bump golang.org/x/oauth2 from 0.11.0 to 0.12.0 by @dependabot in #869
  • build(deps): bump github.com/ThreeDotsLabs/watermill from 1.3.3 to 1.3.4 by @dependabot in #870
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.18.38 to 1.18.39 by @dependabot in #871
  • rego: Fix constraints evaluation type and prettify result by @JAORMX in #863
  • medev: a CLI tool to work with mediator by @JAORMX in #865
  • Handle type cast errors by @eleftherias in #850
  • Auto-generated cli documentation update - 2023-09-06 16:08:57 by @github-actions in #877

New Contributors

Full Changelog: v0.0.1...v0.0.2

Medic v0.0.1

24 Aug 15:45
4f2cd2c
Compare
Choose a tag to compare
Fixes slsa-release action (#755)

Tested this locally, changes are needing to limit to medic for now
(which is fine as we release the server with helm)

I also needed to quote the go release as it was being read as
go 1.2 (not 1.20)

Tested this within my fork and works for me.

Signed-off-by: Luke Hinds <[email protected]>