enterprise-contract/ec-policies issues and pull requests

#928 - Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#927 - Bump github.com/open-policy-agent/conftest from 0.49.1 to 0.50.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#926 - Create generic SLSA policies

Issue - State: open - Opened by lcarva 11 months ago

#925 - Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#924 - Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#923 - Bump gopkg.in/go-jose/go-jose.v2 from 2.6.2 to 2.6.3

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#922 - Bump gopkg.in/go-jose/go-jose.v2 from 2.6.2 to 2.6.3 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, go

#921 - Bump github.com/styrainc/regal from 0.17.0 to 0.18.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago - 2 comments
Labels: dependencies, go

#920 - Bump @zregvart/opa-inspect from 0.61.0-4856e7e to 0.62.0-439c0e2 in /antora/ec-policies-antora-extension

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, javascript

#919 - Bump codecov/codecov-action from 4.0.2 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions

#918 - Bump github/codeql-action from 3.24.5 to 3.24.6

Pull Request - State: closed - Opened by dependabot[bot] 11 months ago
Labels: dependencies, github_actions

#917 - Add source_image package

Pull Request - State: closed - Opened by lcarva 11 months ago - 1 comment

#916 - Two Makefile fixes

Pull Request - State: closed - Opened by simonbaird 11 months ago - 1 comment

#915 - Tolerate git URL with a slash at the end

Pull Request - State: closed - Opened by zregvart 12 months ago

#914 - Bump github.com/styrainc/regal from 0.16.0 to 0.17.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago - 2 comments
Labels: dependencies, go

#913 - Bump github/codeql-action from 3.24.3 to 3.24.5

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#912 - Bump codecov/codecov-action from 4.0.1 to 4.0.2

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#911 - Introduce tests using realistic attestation data

Pull Request - State: closed - Opened by simonbaird 12 months ago - 4 comments

#910 - Add documentation for customizing the list of acceptable Tasks

Pull Request - State: closed - Opened by mbestavros 12 months ago - 2 comments

#909 - Fixes the broken link in docs

Pull Request - State: closed - Opened by zregvart 12 months ago

#908 - Add rpm_ostree_task package

Pull Request - State: closed - Opened by lcarva 12 months ago - 2 comments

#907 - Bump github.com/tektoncd/cli from 0.35.0 to 0.35.1

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#906 - Bump github/codeql-action from 3.24.0 to 3.24.3

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#905 - Remove support for old acceptable bundles format

Pull Request - State: closed - Opened by lcarva 12 months ago - 1 comment

#904 - Rename RHTAP to Konflux in docs

Pull Request - State: closed - Opened by simonbaird 12 months ago - 1 comment

#903 - Add support for terms in step_image_registries

Pull Request - State: closed - Opened by lcarva 12 months ago

#902 - Warn/fail for Task expiry

Pull Request - State: closed - Opened by zregvart 12 months ago - 5 comments

#901 - Bump actions/setup-node from 4.0.1 to 4.0.2

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#900 - Bump actions/upload-artifact from 4.3.0 to 4.3.1

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, github_actions

#899 - Bump github.com/tektoncd/cli from 0.34.0 to 0.35.0

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#898 - Bump github.com/open-policy-agent/conftest from 0.49.0 to 0.49.1

Pull Request - State: closed - Opened by dependabot[bot] 12 months ago
Labels: dependencies, go

#897 - Fix update-bundles.sh script

Pull Request - State: closed - Opened by lcarva 12 months ago - 1 comment

#896 - Labels release rules support time-based data

Pull Request - State: closed - Opened by lcarva 12 months ago

#895 - WIP: Add a function to wrap values from `rule_data.yml` with `effective_on` metadata

Pull Request - State: closed - Opened by mbestavros almost 1 year ago - 2 comments

#894 - wip: Set effective_on dynamically

Pull Request - State: closed - Opened by lcarva almost 1 year ago - 4 comments

#893 - Add doc for adding to Red Hat trusted task list

Pull Request - State: closed - Opened by robnester-rh almost 1 year ago - 2 comments

#892 - Add labels.optional_disallowed_inherited_labels

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#891 - Move active threshold to time.rego

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#890 - Bump github.com/styrainc/regal from 0.15.0 to 0.16.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#889 - live-test: interrupt execution on new events

Pull Request - State: closed - Opened by lcarva about 1 year ago

#888 - Bump step-security/harden-runner from 2.6.1 to 2.7.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#887 - Bump codecov/codecov-action from 3.1.5 to 4.0.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 2 comments
Labels: dependencies, github_actions

#886 - Bump github/codeql-action from 3.23.2 to 3.24.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

#885 - Add trusted_task package

Pull Request - State: closed - Opened by lcarva about 1 year ago - 3 comments

#884 - Cleanup dependencies

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#883 - Bump github.com/moby/buildkit from 0.11.5 to 0.12.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#882 - Bump github.com/moby/buildkit from 0.11.5 to 0.12.5 in /acceptance

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#881 - Examples for representing git ref for Tasks

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#880 - Bump actions/upload-artifact from 4.2.0 to 4.3.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#879 - Bump github/codeql-action from 3.23.1 to 3.23.2

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#878 - Bump codecov/codecov-action from 3.1.4 to 3.1.5

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#877 - Bump @zregvart/opa-inspect from 0.60.0-4568528 to 0.61.0-4856e7e in /antora/ec-policies-antora-extension

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, javascript

#876 - New Task definition policy: enforce trusted artifacts convention

Issue - State: open - Opened by zregvart about 1 year ago - 3 comments

#875 - Add a new kind of acceptance tests for tekton task handling

Pull Request - State: closed - Opened by simonbaird about 1 year ago - 8 comments

#874 - Also update ec-task-policy image ref

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#873 - Remove collections from step image registries

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#872 - Add support for collections in all namespaces

Issue - State: open - Opened by lcarva about 1 year ago

#871 - Bump actions/upload-artifact from 4.1.0 to 4.2.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#870 - Bump github/codeql-action from 3.23.0 to 3.23.1

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#869 - Move step_image_registries to task namespace

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#868 - Trusted Artifact chain policy

Pull Request - State: closed - Opened by zregvart about 1 year ago - 12 comments

#867 - Do not require pre-built ec binary

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#866 - Minor improvements to acceptance tests

Pull Request - State: closed - Opened by lcarva about 1 year ago

#865 - Minor simplification of bundles.is_acceptable

Pull Request - State: closed - Opened by lcarva about 1 year ago - 2 comments

#864 - Add initial acceptance tests

Pull Request - State: closed - Opened by lcarva about 1 year ago - 1 comment

#863 - Consolidate pruning of stale acceptable bundles

Pull Request - State: closed - Opened by lcarva about 1 year ago - 2 comments

#862 - Bump actions/upload-artifact from 4.0.0 to 4.1.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#861 - Bump github.com/tektoncd/cli from 0.33.0 to 0.34.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#860 - Implement effective_on support for rule_data.yml

Pull Request - State: closed - Opened by mbestavros about 1 year ago - 3 comments

#859 - Use labels to determine task name

Pull Request - State: closed - Opened by lcarva about 1 year ago - 4 comments

#858 - See about `bundles.is_acceptable` checking `_is_unacceptable`

Issue - State: closed - Opened by zregvart about 1 year ago

#857 - Fix function producing multiple outputs

Pull Request - State: closed - Opened by zregvart about 1 year ago

#856 - Enforce pinning for additional types of Task refs

Pull Request - State: closed - Opened by lcarva about 1 year ago - 2 comments

#855 - Bump github/codeql-action from 3.22.12 to 3.23.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, github_actions

#854 - Bump @zregvart/opa-inspect from 0.59.0-695a89f to 0.60.0-4568528 in /antora/ec-policies-antora-extension

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, javascript

#853 - Bump github.com/open-policy-agent/conftest from 0.47.0 to 0.48.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago
Labels: dependencies, go

#852 - Bump github.com/styrainc/regal from 0.14.0 to 0.15.0

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#851 - Don't publish `beta` package

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#850 - Use image digest parsed from the reference

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#849 - Required task must be from acceptable bundle

Pull Request - State: closed - Opened by zregvart about 1 year ago - 4 comments

#848 - if a future required task throws a warning, report the date when that task is required

Pull Request - State: closed - Opened by joejstuart about 1 year ago - 2 comments

#847 - Move beta.packages to release.sbom_cyclonedx

Pull Request - State: closed - Opened by zregvart about 1 year ago - 1 comment

#846 - Remove enable-auto-merge workflow

Pull Request - State: closed - Opened by zregvart about 1 year ago

#845 - Handle duplicate acceptable bundle records

Pull Request - State: closed - Opened by zregvart about 1 year ago

#844 - Bump github.com/containerd/containerd from 1.7.9 to 1.7.11

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, go

#843 - Bump alexwilson/enable-github-automerge-action from 4871a27d951e570b6f5ccecbe98ec27ef27e0cbd to 922feaa6788152594a8872ef1ab18940f1c88504

Pull Request - State: closed - Opened by dependabot[bot] about 1 year ago - 1 comment
Labels: dependencies, github_actions

GitHub / enterprise-contract/ec-policies issues and pull requests