Skip to content

🌱 Update Builder Image group #182

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

🌱 Update Builder Image group #182

wants to merge 1 commit into from

Conversation

cluster-stack-bot[bot]
Copy link
Contributor

@cluster-stack-bot cluster-stack-bot bot commented Apr 1, 2025
edited
Loading

This PR contains the following updates:

Package Type Update Change
adrienverge/yamllint minor v1.35.1 -> v1.37.0
docker.io/aquasec/trivy (source) stage minor 0.59.1 -> 0.62.0
golangci/golangci-lint major v1.64.5 -> v2.1.5

Release Notes

adrienverge/yamllint (adrienverge/yamllint)

v1.37.0

Compare Source

v1.36.2

Compare Source

v1.36.1

Compare Source

v1.36.0

Compare Source

aquasecurity/trivy (docker.io/aquasec/trivy)

v0.62.0

Compare Source

Features
  • image: save layers metadata into report (#​8394) (a95cab0)
  • misconf: add option to pass Rego scanner to IaC scanner (#​8369) (890a360)
  • misconf: convert AWS managed policy to document (#​8757) (7abf5f0)
  • misconf: support auto_provisioning_defaults in google_container_cluster (#​8705) (9792611)
  • nodejs: add root and workspace for yarn packages (#​8535) (bf4cd4f)
  • rust: add root and workspace relationships/package for cargo lock files (#​8676) (93efe07)
Bug Fixes

v0.61.1

Compare Source

Changelog

  • 7d3b4ff release: v0.61.1 [release/v0.61] (#​8704)
  • 80d120f fix(k8s): skip passed misconfigs for the summary report [backport: release/v0.61] (#​8748)
  • 9d6290b fix(k8s): correct compare artifact versions [backport: release/v0.61] (#​8699)
  • 3799ebb test: use aquasecurity repository for test images [backport: release/v0.61] (#​8698)

v0.61.0

Compare Source

Features
Bug Fixes
Performance Improvements

v0.60.0

Compare Source

Features
Bug Fixes
  • db: fix case when 2 trivy-db were copied at the same time (#​8452) (bb3cca6)
  • don't use scope for trivy registry login command (#​8393) (8715e5d)
  • go: merge nested flags into string for ldflags for Go binaries (#​8368) (b675b06)
  • image: disable AVD-DS-0007 for history scanning (#​8366) (a3cd693)
  • k8s: add missed option PkgRelationships (#​8442) (f987e41)
  • misconf: do not log scanners when misconfig scanning is disabled (#​8345) (5695eb2)
  • misconf: ecs include enhanced for container insights (#​8326) (39789ff)
  • misconf: fix incorrect k8s locations due to JSON to YAML conversion (#​8073) (a994453)
  • os: add mapping OS aliases (#​8466) (6b4cebe)
  • python: add poetry v2 support (#​8323) (10cd98c)
  • report: remove html escaping for shortDescription and fullDescription fields for sarif reports (#​8344) (3eb0b03)
  • sbom: add SBOM file's filePath as Application FilePath if we can't detect its path (#​8346) (ecc01bb)
  • sbom: improve logic for binding direct dependency to parent component (#​8489) (85cca8c)
  • sbom: preserve OS packages from multiple SBOMs (#​8325) (bd5baaf)
  • server: secrets inspectation for the config analyzer in client server mode (#​8418) (a1c4bd7)
  • spdx: init pkgFilePaths map for all formats (#​8380) (72ea4b0)
  • terraform: apply parser options to submodule parsing (#​8377) (398620b)
  • update all documentation links (#​8045) (49456ba)
golangci/golangci-lint (golangci/golangci-lint)

v2.1.5

Compare Source

Due to an error related to Snapcraft, some artifacts of the v2.1.4 release have not been published.

This release contains the same things as v2.1.3.

v2.1.4

Compare Source

Due to an error related to Snapcraft, some artifacts of the v2.1.3 release have not been published.

This release contains the same things as v2.1.3.

v2.1.3

Compare Source

  1. Linters bug fixes
    • fatcontext: from 0.7.2 to 0.8.0
  2. Misc.
    • migration: fix nakedret.max-func-lines: 0
    • migration: fix order of staticcheck settings
    • fix: add go.mod hash to the cache salt
    • fix: use diagnostic position for related information position

v2.1.2

Compare Source

  1. Linters bug fixes
    • exptostd: from 0.4.2 to 0.4.3
    • gofumpt: from 0.7.0 to 0.8.0
    • protogetter: from 0.3.13 to 0.3.15
    • usetesting: from 0.4.2 to 0.4.3

v2.1.1

Compare Source

The release process of v2.1.0 failed due to a regression inside goreleaser.

The binaries of v2.1.0 have been published, but not the other artifacts (AUR, Docker, etc.).

v2.1.0

Compare Source

  1. Enhancements
    • Add an option to display absolute paths (--path-mode=abs)
    • Add configuration path placeholder (${config-path})
    • Add warn-unused option for fmt command
    • Colored diff for fmt command (golangci-lint fmt --diff-colored)
  2. New linters
  3. Linters new features or changes
    • go-errorlint: from 1.7.1 to 1.8.0 (automatic error comparison and type assertion fixes)
    • ⚠️ goconst: ignore-strings is deprecated and replaced by ignore-string-values
    • goconst: from 1.7.1 to 1.8.1 (new options: find-duplicates, eval-const-expressions)
    • govet: add httpmux analyzer
    • nilnesserr: from 0.1.2 to 0.2.0 (detect more cases)
    • paralleltest: from 1.0.10 to 1.0.14 (checks only _test.go files)
    • revive: from 1.7.0 to 1.9.0 (support kebab case for setting names)
    • sloglint: from 0.9.0 to 0.11.0 (autofix, new option msg-style, suggest slog.DiscardHandler)
    • wrapcheck: from 2.10.0 to 2.11.0 (new option report-internal-errors)
    • wsl: from 4.6.0 to 4.7.0 (cgo files are always excluded)
  4. Linters bug fixes
    • fatcontext: from 0.7.1 to 0.7.2
    • gocritic: fix importshadow checker
    • gosec: from 2.22.2 to 2.22.3
    • ireturn: from 0.3.1 to 0.4.0
    • loggercheck: from 0.10.1 to 0.11.0
    • nakedret: from 2.0.5 to 2.0.6
    • nonamedreturns: from 1.0.5 to 1.0.6
    • protogetter: from 0.3.12 to 0.3.13
    • testifylint: from 1.6.0 to 1.6.1
    • unconvert: update to HEAD
  5. Misc.
    • Fixes memory leaks when using go1.(N) with golangci-lint built with go1.(N-X)
    • Adds golangci-lint-fmt pre-commit hook
  6. Documentation
    • Improvements
    • Updates section about vscode integration

v2.0.2

Compare Source

  1. Misc.
    • Fixes flags parsing for formatters
    • Fixes the filepath used by the exclusion source option
  2. Documentation
    • Adds a section about flags migration
    • Cleaning pages with v1 options

v2.0.1

Compare Source

  1. Linters/formatters bug fixes
    • golines: fix settings during linter load
  2. Misc.
    • Validates the version field before the configuration
    • forbidigo: fix migration

v2.0.0

Compare Source

  1. Enhancements
  2. New linters/formatters
  3. Linters new features
    • ⚠️ Merge staticcheck, stylecheck, gosimple into one linter (staticcheck) (cf. Migration guide)
    • go-critic: from 0.12.0 to 0.13.0
    • gomodguard: from 1.3.5 to 1.4.1 (block explicit indirect dependencies)
    • nilnil: from 1.0.1 to 1.1.0 (new option: only-two)
    • perfsprint: from 0.8.2 to 0.9.1 (checker name in the diagnostic message)
    • staticcheck: new quickfix set of rules
    • testifylint: from 1.5.2 to 1.6.0 (new options: equal-values, suite-method-signature, require-string-msg)
    • wsl: from 4.5.0 to 4.6.0 (new option: allow-cuddle-used-in-block)
  4. Linters bug fixes
    • bidichk: from 0.3.2 to 0.3.3
    • errchkjson: from 0.4.0 to 0.4.1
    • errname: from 1.0.0 to 1.1.0
    • funlen: fix ignore-comments option
    • gci: from 0.13.5 to 0.13.6
    • gosmopolitan: from 1.2.2 to 1.3.0
    • inamedparam: from 0.1.3 to 0.2.0
    • intrange: from 0.3.0 to 0.3.1
    • protogetter: from 0.3.9 to 0.3.12
    • unparam: from 8a5130c to 0df0534
  5. Misc.
    • 🧹 Configuration options renaming (cf. Migration guide)
    • 🧹 Remove options (cf. Migration guide)
    • 🧹 Remove flags (cf. Migration guide)
    • 🧹 Remove alternative names (cf. Migration guide)
    • 🧹 Remove or replace deprecated elements (cf. Migration guide)
    • Adds an option to display some commands as JSON:
      • golangci-lint config path --json
      • golangci-lint help linters --json
      • golangci-lint help formatters --json
      • golangci-lint linters --json
      • golangci-lint formatters --json
      • golangci-lint version --json
  6. Documentation

v1.64.8

Compare Source

  • Detects use of configuration files from golangci-lint v2

v1.64.7

Compare Source

  1. Linters bug fixes
    • depguard: from 2.2.0 to 2.2.1
    • dupl: from 3e9179a to f665c8d
    • gosec: from 2.22.1 to 2.22.2
    • staticcheck: from 0.6.0 to 0.6.1
  2. Documentation
    • Add GitLab documentation

v1.64.6

Compare Source

  1. Linters bug fixes
    • asciicheck: from 0.4.0 to 0.4.1
    • contextcheck: from 1.1.5 to 1.1.6
    • errcheck: from 1.8.0 to 1.9.0
    • exptostd: from 0.4.1 to 0.4.2
    • ginkgolinter: from 0.19.0 to 0.19.1
    • go-exhaustruct: from 3.3.0 to 3.3.1
    • gocheckcompilerdirectives: from 1.2.1 to 1.3.0
    • godot: from 1.4.20 to 1.5.0
    • perfsprint: from 0.8.1 to 0.8.2
    • revive: from 1.6.1 to 1.7.0
    • tagalign: from 1.4.1 to 1.4.2

Configuration

📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

@cluster-stack-bot cluster-stack-bot bot added type/major type/minor update/container size/XS Denotes a PR that changes 0-20 lines, ignoring generated files. area/github Changes made in the github directory labels Apr 1, 2025
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/csctl-builder-image branch 3 times, most recently from 413a2d2 to f0ae165 Compare April 18, 2025 11:21
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/csctl-builder-image branch from f0ae165 to 651dcb9 Compare April 25, 2025 11:22
@cluster-stack-bot
🌱 Update Builder Image group
645b858 
| datasource  | package                 | from    | to      |
| ----------- | ----------------------- | ------- | ------- |
| github-tags | adrienverge/yamllint    | v1.35.1 | v1.37.0 |
| docker      | docker.io/aquasec/trivy | 0.59.1  | 0.62.0  |
| github-tags | golangci/golangci-lint  | v1.64.5 | v2.1.5  |
@cluster-stack-bot cluster-stack-bot bot force-pushed the renovate/csctl-builder-image branch from 651dcb9 to 645b858 Compare May 1, 2025 11:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
area/github Changes made in the github directory size/XS Denotes a PR that changes 0-20 lines, ignoring generated files. type/major type/minor update/container
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants