v1.7.0
Changelog
Features
- b7cd1be: feat: build against go 1.22 in ci (@nscuro)
- cab6d46: feat: bump baseline go version to 1.21 (@nscuro)
- 7865448: feat: change default output spec version to v1.5 (@nscuro)
Fixes
- 5b5153e: fix: handle breaking change in
metadata.tools(@nscuro) - d0fc72d: fix: ignore deprecation lint on legacy
Tooltype (@nscuro) - 4550c9b: fix: spec version validation (@nscuro)
- 8018799: fix: work around broken
#nosecin gosec (@nscuro)
Building and Packaging
- 75d8eb6: build(deps): bump actions/checkout from 4.1.1 to 4.1.2 (@dependabot[bot])
- 10e3de7: build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 (@dependabot[bot])
- 5283b95: build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.19.0 (@dependabot[bot])
- 6bb9fdd: build(deps): bump docker/login-action from 3.0.0 to 3.1.0 (@dependabot[bot])
- 2eaa786: build(deps): bump github.com/CycloneDX/cyclonedx-go from 0.7.1 to 0.8.0 (@dependabot[bot])
- 44906d1: build(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0 (@dependabot[bot])
- 63d4b19: build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (@dependabot[bot])
- fbcff63: build(deps): bump gitpod/workspace-go from
817abc4tob746928(@dependabot[bot]) - 06ccb60: build(deps): bump golang from 1.21.6-alpine3.18 to 1.22.2-alpine3.18 (@dependabot[bot])
- f0d95f1: build(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 (@dependabot[bot])
- def890a: build(deps): bump golang.org/x/crypto from 0.19.0 to 0.22.0 (@dependabot[bot])
- 78946eb: build(deps): bump golang.org/x/mod from 0.14.0 to 0.15.0 (@dependabot[bot])
- 46c5b97: build(deps): bump golang.org/x/mod from 0.15.0 to 0.17.0 (@dependabot[bot])
- 268ed52: build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 (@dependabot[bot])
- b64ba8b: build(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (@dependabot[bot])
Contributors
nscuro and dependabot