Ecosyste.ms: Issues

An open API service for providing issue and pull request metadata for open source projects.

GitHub / enterprise-contract/ec-cli issues and pull requests

#871 - Bump github/codeql-action from 2.21.0 to 2.21.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#870 - Bump github.com/tektoncd/chains from 0.16.0 to 0.17.0 in /tools

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, go

#869 - Bump github.com/hashicorp/go-getter from 1.7.1 to 1.7.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#868 - Allow duplicate digests in bundles tracked with `ec track bundle`

Pull Request - State: closed - Opened by mbestavros about 1 year ago - 1 comment

#867 - Enable manual runs for "checks" and "lint" workflows

Pull Request - State: closed - Opened by mbestavros about 1 year ago - 3 comments

#866 - Add manifest files from the image to input

Pull Request - State: closed - Opened by zregvart about 1 year ago - 5 comments

#865 - Remove fetchers/oci/fake.FakeImage

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#864 - Bump github.com/go-git/go-git/v5 from 5.8.0 to 5.8.1 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#863 - Small NewPolicy refactor

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#862 - Appstudio error handling

Pull Request - State: closed - Opened by simonbaird about 1 year ago - 5 comments

#861 - Remove CONTRIBUTING.md

Pull Request - State: closed - Opened by robnester-rh about 1 year ago

#860 - Refactor fetchers

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#859 - Bump step-security/harden-runner from 2.4.1 to 2.5.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#858 - Increase number of returned assets in stats

Pull Request - State: closed - Opened by zregvart about 1 year ago - 2 comments

#857 - Document how to save the policy input object

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#856 - Upload statistics to website

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#854 - Document policy-input

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#836 - Add ec test command that mimics conftest test & supports the appstudio output format

Pull Request - State: closed - Opened by simonbaird about 1 year ago - 4 comments

#812 - Fix codecov coverage upload

Pull Request - State: closed - Opened by lcarva about 1 year ago - 3 comments

#781 - Update snapshots test to have pretty JSON

Pull Request - State: closed - Opened by seanconroy2021 over 1 year ago - 1 comment

#779 - Readable json in .snap files

Pull Request - State: closed - Opened by seanconroy2021 over 1 year ago - 9 comments

#779 - Readable json in .snap files

Pull Request - State: closed - Opened by seanconroy2021 over 1 year ago - 9 comments

#711 - Cleanup `go.mod`, most notably:

Pull Request - State: closed - Opened by zregvart over 1 year ago - 3 comments

#709 - Use go-snaps in acceptance tests

Pull Request - State: open - Opened by zregvart over 1 year ago - 1 comment

#708 - Bump github.com/stretchr/testify from 1.8.2 to 1.8.3 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#707 - Bump github.com/stretchr/testify from 1.8.2 to 1.8.3

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#706 - Bump k8s.io/apimachinery from 0.27.1 to 0.27.2 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#705 - Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.2

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#704 - Bump k8s.io/apimachinery from 0.27.1 to 0.27.2

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#703 - UPDATE build to work on RHEL-8

Pull Request - State: closed - Opened by robnester-rh over 1 year ago - 1 comment

#702 - Add one more canned policy for slsa3

Pull Request - State: closed - Opened by simonbaird over 1 year ago - 1 comment

#701 - Bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#700 - Bump github.com/google/go-containerregistry from 0.15.1 to 0.15.2

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#699 - Bump sigs.k8s.io/kind from 0.18.0 to 0.19.0 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#698 - Bump github.com/google/go-containerregistry from 0.15.1 to 0.15.2 in /acceptance

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#697 - Implement an ec init-policies command

Pull Request - State: closed - Opened by mbestavros over 1 year ago - 7 comments

#696 - Update link to issues

Pull Request - State: closed - Opened by robnester-rh over 1 year ago

#695 - Image relocation acceptance test

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#694 - Bump github.com/gkampitakis/go-snaps from 0.4.2 to 0.4.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#693 - HACBS-2155 Add CONTRIBUTING.md and other docs

Pull Request - State: closed - Opened by robnester-rh over 1 year ago - 1 comment

#692 - Move tag & GitHub release to the end

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#691 - Don't try to build images on darwin (MacOS)

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#690 - Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#689 - Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#688 - Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#687 - Bump github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#686 - Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#685 - Bump github.com/cloudflare/circl from 1.1.0 to 1.3.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#684 - remove xrefs in solution text

Pull Request - State: closed - Opened by joejstuart over 1 year ago - 1 comment

#683 - Fix persistence in acceptance tests

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#682 - Bump helm.sh/helm/v3 from 3.11.3 to 3.12.0 in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#681 - Bump github.com/testcontainers/testcontainers-go from 0.20.0 to 0.20.1 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#680 - Keep the tag when updating build-definitions

Pull Request - State: closed - Opened by zregvart over 1 year ago

#679 - update acceptance tests to work with MacOS and podman machine

Pull Request - State: closed - Opened by joejstuart over 1 year ago - 1 comment

#678 - Bump github.com/tektoncd/cli from 0.3.1-0.20230419203848-832d14301e20 to 0.31.0 in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#677 - Bump sigs.k8s.io/kustomize/api from 0.13.3 to 0.13.4 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#676 - Bump github.com/tektoncd/cli from 0.30.1 to 0.31.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#675 - Bump golang.org/x/tools from 0.9.0 to 0.9.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#674 - Bump github.com/open-policy-agent/conftest from 0.41.0 to 0.42.1 in /tools

Pull Request - State: open - Opened by dependabot[bot] over 1 year ago - 4 comments
Labels: dependencies, go

#673 - Bump github.com/tektoncd/chains from 0.15.1-0.20230406140737-50a40c019838 to 0.16.0 in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#672 - Bump github.com/testcontainers/testcontainers-go from 0.19.0 to 0.20.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#671 - Bump sigs.k8s.io/kustomize/kyaml from 0.14.1 to 0.14.2 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#670 - Bump github.com/transparency-dev/merkle from 0.0.1 to 0.0.2 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#669 - Bump github.com/google/go-containerregistry from 0.14.1-0.20230409045903-ed5c185df419 to 0.15.1 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 2 comments
Labels: dependencies, go

#668 - Bump sigs.k8s.io/kustomize/api from 0.13.2 to 0.13.3 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#667 - Bump golang.org/x/net from 0.9.0 to 0.10.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 3 comments
Labels: dependencies, go

#666 - Bump golang.org/x/tools from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#665 - Ensure dist dir exists in make reference docs

Pull Request - State: closed - Opened by simonbaird over 1 year ago - 2 comments

#664 - Bump github.com/hashicorp/go-getter from 1.7.0 to 1.7.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#663 - Bump github.com/google/go-containerregistry from 0.14.1-0.20230409045903-ed5c185df419 to 0.15.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#662 - Add policy as yaml file example to command documentation

Pull Request - State: closed - Opened by ralphbean over 1 year ago - 2 comments

#661 - Document the builtin policies via Rego files

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#660 - Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#659 - Bump github.com/in-toto/in-toto-golang from 0.8.0 to 0.9.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#658 - Bump github.com/in-toto/in-toto-golang from 0.8.0 to 0.9.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#657 - Bump github.com/sigstore/sigstore from 1.6.3 to 1.6.4

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#656 - Fix some broken formatting in validate image docs

Pull Request - State: closed - Opened by simonbaird over 1 year ago - 1 comment

#655 - fix: change test output timestamp to string

Pull Request - State: closed - Opened by dirgim over 1 year ago - 1 comment

#654 - Unit and acceptance tests for claim verifiers

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#653 - Bump github.com/sigstore/rekor from 1.0.1 to 1.1.1 in /tools

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#652 - Bump github.com/sigstore/rekor from 1.1.0 to 1.1.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#651 - Support reading ECP style policy config from a git url

Pull Request - State: closed - Opened by simonbaird over 1 year ago - 3 comments

#650 - Script to update bundle in build-definitions

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#649 - TODO: revert when Tekton Chains bug is fixed

Pull Request - State: closed - Opened by zregvart over 1 year ago - 2 comments

#648 - Bump k8s.io/klog/v2 from 2.90.1 to 2.100.1

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#647 - Enables TUF in development environment

Pull Request - State: closed - Opened by zregvart over 1 year ago - 1 comment

#646 - Bump github.com/otiai10/copy from 1.2.0 to 1.11.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#645 - Bump github.com/open-policy-agent/opa from 0.51.0 to 0.52.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#644 - Remove some references to old names

Pull Request - State: closed - Opened by lcarva over 1 year ago - 1 comment

#643 - Add acceptance tests for keyless workflow

Pull Request - State: closed - Opened by lcarva over 1 year ago - 2 comments

#642 - Strip old effective_on dates from conftest results

Pull Request - State: closed - Opened by mbestavros over 1 year ago - 5 comments

#641 - Send summary output to both old & new task results

Pull Request - State: closed - Opened by simonbaird over 1 year ago - 4 comments

#640 - Bump github.com/in-toto/in-toto-golang from 0.7.1 to 0.8.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#639 - Bump github.com/in-toto/in-toto-golang from 0.7.1 to 0.8.0

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#638 - Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#637 - Bump github.com/sigstore/cosign/v2 from 2.0.1 to 2.0.2

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago
Labels: dependencies, go

#636 - feat: expose effective time as a para of task verify-enterprise-contract

Pull Request - State: closed - Opened by cuipinghuo over 1 year ago - 2 comments

#635 - fix broken ec docs link

Pull Request - State: closed - Opened by joejstuart over 1 year ago - 1 comment

#634 - Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go

#633 - Bump github.com/sigstore/sigstore from 1.6.2 to 1.6.3

Pull Request - State: closed - Opened by dependabot[bot] over 1 year ago - 1 comment
Labels: dependencies, go