Releases: jetstack/tally
Releases · jetstack/tally
v0.0.1
v0.0.1-rc.4
Changelog
- eb4adae Merge pull request #73 from jetstack/dependabot/go_modules/github.com/anchore/syft-0.81.0
- 97acb93 Bump github.com/anchore/syft from 0.76.0 to 0.81.0
- a6a4907 Merge pull request #72 from jetstack/dependabot/github_actions/sigstore/cosign-installer-3.0.5
- 7295b56 Merge pull request #74 from jetstack/dependabot/go_modules/github.com/sirupsen/logrus-1.9.2
- ea482be Merge pull request #71 from jetstack/dependabot/go_modules/golang.org/x/sync-0.2.0
- cc1b4f0 Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2
- 880b8d0 Bump golang.org/x/sync from 0.1.0 to 0.2.0
- 63e6727 Merge pull request #69 from jetstack/dependabot/go_modules/modernc.org/sqlite-1.22.1
- e14a4bb Bump sigstore/cosign-installer from 3.0.3 to 3.0.5
- d946eca Bump modernc.org/sqlite from 1.21.1 to 1.22.1
- a49850f Merge pull request #68 from jetstack/dependabot/github_actions/sigstore/cosign-installer-3.0.3
- 811f92b Merge pull request #63 from jetstack/dependabot/go_modules/github.com/spf13/cobra-1.7.0
- de2a328 Bump sigstore/cosign-installer from 3.0.1 to 3.0.3
- ac2bfb6 Bump github.com/spf13/cobra from 1.6.1 to 1.7.0
- ac9dc26 Merge pull request #52 from jetstack/dependabot/go_modules/google.golang.org/api-0.114.0
- dda6280 Merge pull request #59 from jetstack/dependabot/go_modules/github.com/CycloneDX/cyclonedx-go-0.7.1
- b5def31 Bump google.golang.org/api from 0.112.0 to 0.114.0
- a7cbc12 Bump github.com/CycloneDX/cyclonedx-go
- 523aa6c Merge pull request #60 from jetstack/dependabot/go_modules/github.com/ossf/scorecard-webapp-1.0.4
- 0eafcb4 Merge pull request #61 from jetstack/dependabot/go_modules/github.com/anchore/syft-0.76.0
- fb3c372 Bump github.com/anchore/syft from 0.75.0 to 0.76.0
- 7617410 Bump github.com/ossf/scorecard-webapp from 1.0.3 to 1.0.4
v0.0.1-rc.3
Changelog
- 121ed33 release: add --yes to goreleaser cosign sign
- 3719fa4 release: add --yes flag to cosign sign
- b3843e0 Bump actions/setup-go from 3 to 4 (#55)
- c42e0a4 Use Go 1.20 in test workflow
- 0754a15 Print all results in JSON regardless of -a setting
- eb2c506 Wrap results in a 'report' document
- 5d9e21b Create dedicated repository type
- 89dc888 Extract repository from the vcs_url qualifier in the purl
- 6bb23a9 Create aggregate type for package to repositories mappings
- a156d78 Extract repositories from syft-json format
- f993318 Restructure how packages are fetched from the BOM
- b9b5c74 Remove database
- c4ded6d Fix concurrency for scorecard generate client
- cbf7b8d Add flag to disable fetching scores from the API
- 46af7ca Update README
- 5991640 Make usage of the database optional and rename check flag
- 88298be Support any package type
- 700bc27 Remove scores from database
- fce9679 Return the full scorecard result format
- af5c2e2 Add a local cache for retrieved scores
- fd903fa Improve progress logging
- 9fbe57e Fetch scores from the scorecard API
- f508c49 Improve progress logging
- 5426827 Bump github.com/klauspost/compress from 1.16.0 to 1.16.3 (#49)
- b59a104 Bump github.com/cheggaaa/pb/v3 from 3.1.0 to 3.1.2 (#48)
- b08d309 Bump google.golang.org/api from 0.111.0 to 0.112.0 (#50)
- 9a9f0f7 Bump sigstore/cosign-installer from 2.8.1 to 3.0.1 (#47)
- 6104142 Bump google.golang.org/api from 0.109.0 to 0.111.0 (#46)
- 45bc91b Bump cloud.google.com/go/bigquery from 1.46.0 to 1.48.0 (#45)
- f5950b8 Bump github.com/klauspost/compress from 1.15.15 to 1.16.0 (#43)
- d6d278d Bump modernc.org/sqlite from 1.20.4 to 1.21.0 (#44)
- 9053b73 Bump modernc.org/sqlite from 1.20.3 to 1.20.4 (#39)
- 7a0fa93 Bump cloud.google.com/go/bigquery from 1.45.0 to 1.46.0 (#40)
- ffa3e67 Extract repository information from BOM (#34)
- 39a884e Bump google.golang.org/api from 0.108.0 to 0.109.0 (#33)
- 8b56e7d Bump github.com/ossf/scorecard/v4 from 4.8.0 to 4.10.2 (#21)
- 3da04a7 Bump github.com/google/go-containerregistry from 0.12.1 to 0.13.0 (#32)
- d9abe1f Bump google.golang.org/api from 0.103.0 to 0.108.0 (#31)
- ca3682b Bump modernc.org/sqlite from 1.19.5 to 1.20.3 (#30)
- b51bf8d Bump github.com/klauspost/compress from 1.15.12 to 1.15.15 (#29)
- 093c8f1 Bump cloud.google.com/go/bigquery from 1.43.0 to 1.45.0 (#27)
- 31b8ddb Bump goreleaser/goreleaser-action from 3 to 4 (#20)
- 183baf5 Bump docker/login-action from 1.9.0 to 2.1.0 (#15)
v0.0.1-rc.2
v0.0.1-rc.1
Changelog
- 579c94d Fix release
- 4dfb978 Add id-token write permissions for goreleaser
- 81ae2d4 Add signing with cosign to goreleaser
- 384464a Add container build with ko
- 3b7f9d7 Remove bigquery dataset feature
- d6ce868 Bump google-github-actions/auth from 0.8.3 to 1.0.0 (#9)
- 401a34a Add release process with goreleaser
- 59c46d3 Add dependabot
- 8d88e40 Add test workflow
- 2e11daa Add workflow to create database
- 2162df9 Remove unused manager.Dir()
- 3672d0a Update deps and bump to Go 1.19
- 56ea820 Update README.md
- d2fed3c Remove check output
- 0e70ab3 Refactor to simplify the manager and the database interfaces
- 1d00477 Add tests for bom package
- 280ebed Move scorecard generation to a scorecard package
- 5348ba1 Refactor archive implementation. Move packages around.
- 1326fdc Add individual check scores output
- 81b8a56 Validate database metadata on import
- 9444bf4 Print the image digest to stdout after push
- 57328f9 Pull database in root command
- c28c6c6 Add
db pull
command - f02b181 Add
db push
command - 25d716c Use DB interface for BQ dataset
- 72205c1 Get scores from the sqlite database.
- 9fea53b Add
db create
command - 79ba6aa Add a little emoji to the declaration about the development status
- 3805ded s/ribbybibby/jetstack
- d03cd99 Fix nil pointer error
- fcfb73b Exit out on low scores
- 704612e Only print info to os.Stderr
- 5aa06c3 cyclonedx: include the metadata component
- 2bdcb09 Add
dataset create
command - eef9ac9 Add terraform module to set up BigQuery dataset
- 41c34d6 Move packages functions
- dc4105b Don't require -t when -g is set
- b152936 Add dedicated packages for tables, create separate result type
- 721b841 Add LICENSE
- e1f55d8 Add a little disclaimer to the README
- 6236dcf Save generated scores to a separate table
- ac23606 Add dedicated package type
- c098914 Update README.md
- 5455557 Create Packages interface
- e92cdf6 Infer github repository from go module name
- 0e9f768 Generate missing scores
- 8275174 Make more changes to output.
- ae88a8a Walk through hierarchical CycloneDX SBOMs
- 8122822 Shorten default output, add extra output options
- 1142569 Retrieve scores from the latest scorecard table
- a06c3c0 Add support for syft-json format
- 8191645 Bring columns closer together in example
- 645bebe First implementation
- 1249e67 Initial commit