[go: up one dir, main page]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): bump sigstore/scaffolding from 04ed71b11e4d7589db77aef3093a571e461d11f7 to 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3 #9480

Merged
merged 1 commit into from
Jan 22, 2024
Merged

chore(deps): bump sigstore/scaffolding from 04ed71b11e4d7589db77aef3093a571e461d11f7 to 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3 #9480

merged 1 commit into from
Jan 22, 2024

Conversation

dependabot[bot]
Copy link
Contributor
@dependabot dependabot bot commented on behalf of github Jan 22, 2024
edited
Loading

Bumps sigstore/scaffolding from 04ed71b11e4d7589db77aef3093a571e461d11f7 to 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3.

Changelog

Sourced from sigstore/scaffolding's changelog.

Scaffolding Release Process

Prerequisites

You should be part of the scaffolding-codeowners or sigstore-oncall groups, which are defined within the community repo.

Steps

Sync tags

Ensure that sure your local branch is up-to-date from the upstream:

git pull upstream main --tags

Pick a new version number

The scaffolding repo uses semver. Your first step is to determine the latest tag used.

List the latest tags in date order:

git tag | tail

Example output:

...
v0.0.0
v0.1.0

Show a list of changes since the latest version (v0.1.0):

git log v0.1.0..

If the commits include a new feature or breaking change, bump the minor version. If it only includes bug fixes, bump the patch version.

Tagging

Once you have a version number in mind, tag it locally:

git tag -a v0.2.0 -m v0.2.0

... (truncated)

Commits
  • 46394ad Bump k8s.io/client-go from 0.29.0 to 0.29.1 (#951)
  • 5772329 Bump k8s.io/api from 0.29.0 to 0.29.1 (#952)
  • 6fdf322 Bump github.com/hashicorp/hcl from 1.0.1-vault-5 to 1.0.1-vault (#953)
  • 35e6edd Bump k8s.io/code-generator from 0.29.0 to 0.29.1 (#954)
  • 4c624dd Bump k8s.io/apimachinery from 0.29.0 to 0.29.1 (#955)
  • c40356a Bump github.com/sigstore/sigstore from 1.8.0 to 1.8.1 (#950)
  • 358d636 Bump actions/cache from 3 to 4 (#956)
  • 25aae07 Update TUF KMS key algorithm (#949)
  • 242e139 Grant TUF SA access to modify storage objects (#947)
  • See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jan 22, 2024
@dependabot dependabot bot mentioned this pull request Jan 22, 2024
Closed
@eddycharly
Copy link
Member

@dependabot rebase

@dependabot
chore(deps): bump sigstore/scaffolding
cfab0bc 
Bumps [sigstore/scaffolding](https://github.com/sigstore/scaffolding) from 04ed71b11e4d7589db77aef3093a571e461d11f7 to 46394ad8ebba8fb0d5b72ec9255aa967c0d716e3.
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](sigstore/scaffolding@04ed71b...46394ad)

---
updated-dependencies:
- dependency-name: sigstore/scaffolding
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/sigstore/scaffolding-46394ad8ebba8fb0d5b72ec9255aa967c0d716e3 branch from 8863742 to cfab0bc Compare January 22, 2024 11:54
@codecov Codecov
Copy link
codecov bot commented Jan 22, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (566db3a) 32.83% compared to head (cfab0bc) 32.83%.
Report is 2 commits behind head on main.

Additional details and impacted files 
@@           Coverage Diff           @@
##             main    #9480   +/-   ##
=======================================
  Coverage   32.83%   32.83%           
=======================================
  Files         326      326           
  Lines       26191    26191           
=======================================
  Hits         8599     8599           
  Misses      16794    16794           
  Partials      798      798

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@eddycharly eddycharly enabled auto-merge (squash) January 22, 2024 12:23
@eddycharly eddycharly merged commit 98ab4dd into main Jan 22, 2024
231 of 234 checks passed
@eddycharly eddycharly deleted the dependabot/github_actions/sigstore/scaffolding-46394ad8ebba8fb0d5b72ec9255aa967c0d716e3 branch January 22, 2024 12:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eddycharly eddycharly eddycharly approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@eddycharly