aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.22.0dependabot[bot]2024-08-052-3/+3
| | | | | | | | | | | | | Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.21.0 to 0.22.0. - [Commits](https://github.com/golang/oauth2/compare/v0.21.0...v0.22.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0dependabot[bot]2024-08-052-3/+3
| | | | | | | | | | | | | Bumps [golang.org/x/sync](https://github.com/golang/sync) from 0.7.0 to 0.8.0. - [Commits](https://github.com/golang/sync/compare/v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: golang.org/x/sync dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* fix: correct path for reusable workflow: lifecyclesudoforge2024-08-031-1/+1
| | | | Change-Id: I02c6e1f183e4b6ee67c0a4d0dcb7c5fbeff361ac
* feat: merge go directive and toolchain specificationsudoforge2024-08-031-3/+1
| | | | Change-Id: Ic2ae23a886e9352b3b379f7e36c384a2d8956cea
* feat: improved lifecycle management with stale-botsudoforge2024-08-032-25/+99
| | | | | | | | | | | This change refactors the automatic lifecycle management workflow that uses the `stale-bot` action library, such that neither issues nor pull requests will be closed. An additional label of `lifecycle/rotten` has been added to indicate issues or pull requests which have been inactive for 180 days or more. Change-Id: Ia748552c91ada43b4a762879db469132131956f0
* Merge pull request #1210 from ↵dependabot[bot]2024-08-012-3/+3
|\ | | | | | | MichaelMure/dependabot/go_modules/github.com/vbauerster/mpb/v8-8.7.5
| * build(deps): bump github.com/vbauerster/mpb/v8 from 8.7.4 to 8.7.5dependabot[bot]2024-07-292-3/+3
|/ | | | | | | | | | | | | | Bumps [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb) from 8.7.4 to 8.7.5. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v8.7.4...v8.7.5) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v8 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* revert: "feat: increase operations per run for workflow: cron"sudoforge2024-07-271-1/+0
| | | | This reverts commit c67d75faaa432889caa4deafc7e58d4099fac2cd.
* chore: update go dependenciessudoforge2024-07-232-104/+130
| | | | | | | This change is just a simple run of `go get -u` followed by `go mod tidy`. Change-Id: Icb0e31b811efaafa95ef400d961ca413e63a0da4
* fix: run the presubmit pipeline for PRssudoforge2024-07-231-3/+4
| | | | | | | | | | | | | | | commit 5eabe549e4f7fc98bbdf4e7b285cec00e5da4e99 refactored the workflows so that they were orchestrated with reusable workflows. an unintended side-effect of the rules that were created prevents the presubmit pipeline from executing for pull requests made against this repository. this change refactors this, so that the presubmit pipeline will _only_ run for pull requests against the default tree of this repository. we explicitly remove the `on: push` event for it, in order to avoid overlap that will occur for commits made in this repository that are also part of a PR. Change-Id: I56abc35c98cc40a06066952f2b6ed9194b1ab903
* chore: remove refs to deprecated io/ioutilguoguangwu2024-07-238-38/+36
| | | | | | | | Signed-off-by: guoguangwu <guoguangwug@gmail.com> chore: remove refs to deprecated io/ioutil Signed-off-by: guoguangwu <guoguangwug@gmail.com>
* fix: move codeql into an independent workflowsudoforge2024-07-232-11/+32
| | | | | | | This seems to be necessary in order to support the advanced configuration. Change-Id: Ia5303123b3dcc22f77cdde4d514b484f29c60ca6
* feat: bump node versions to 16.x, 18.x, and 20.xsudoforge2024-07-231-1/+1
| | | | Change-Id: Ic4809ab33cc9fd9e7e6e3e6eba1dd933e1ba585b
* feat: refactor pipelines into reusable workflowssudoforge2024-07-229-194/+171
| | | | | | | | | | | This change refactors the build, test, and benchmarking pipelines to a `presubmit` and `trunk` parent workflow which invokes other reusable workflows. This simplifies the deluge of pipelines that are executed, allowing for better orchestration and reduced noise on failures (only one email will be sent instead of several). Closes: michaelmure/git-bug#1198 Change-Id: I52407c39366bb9fbfd8fc1455a4f4a1d94f04897
* build(deps): bump jsonwebtoken and @graphql-tools/prisma-loaderdependabot[bot]2024-07-221-458/+1018
| | | | | | | | | | | | | | | | | | | | | Removes [jsonwebtoken](https://github.com/auth0/node-jsonwebtoken). It's no longer used after updating ancestor dependency [@graphql-tools/prisma-loader](https://github.com/ardatan/graphql-tools/tree/HEAD/packages/loaders/prisma). These dependencies need to be updated together. Removes `jsonwebtoken` Updates `@graphql-tools/prisma-loader` from 7.2.24 to 7.2.72 - [Release notes](https://github.com/ardatan/graphql-tools/releases) - [Changelog](https://github.com/ardatan/graphql-tools/blob/master/packages/loaders/prisma/CHANGELOG.md) - [Commits](https://github.com/ardatan/graphql-tools/commits/@graphql-tools/prisma-loader@7.2.72/packages/loaders/prisma) --- updated-dependencies: - dependency-name: jsonwebtoken dependency-type: indirect - dependency-name: "@graphql-tools/prisma-loader" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump tough-cookie from 4.1.2 to 4.1.3 in /webuidependabot[bot]2024-07-221-6/+6
| | | | | | | | | | | | | | Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) from 4.1.2 to 4.1.3. - [Release notes](https://github.com/salesforce/tough-cookie/releases) - [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md) - [Commits](https://github.com/salesforce/tough-cookie/compare/v4.1.2...v4.1.3) --- updated-dependencies: - dependency-name: tough-cookie dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/xanzy/go-gitlab from 0.106.0 to 0.107.0dependabot[bot]2024-07-222-3/+3
| | | | | | | | | | | | | | Bumps [github.com/xanzy/go-gitlab](https://github.com/xanzy/go-gitlab) from 0.106.0 to 0.107.0. - [Changelog](https://github.com/xanzy/go-gitlab/blob/main/releases_test.go) - [Commits](https://github.com/xanzy/go-gitlab/compare/v0.106.0...v0.107.0) --- updated-dependencies: - dependency-name: github.com/xanzy/go-gitlab dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump graphql from 16.6.0 to 16.8.1 in /webuidependabot[bot]2024-07-222-8/+8
| | | | | | | | | | | | | Bumps [graphql](https://github.com/graphql/graphql-js) from 16.6.0 to 16.8.1. - [Release notes](https://github.com/graphql/graphql-js/releases) - [Commits](https://github.com/graphql/graphql-js/compare/v16.6.0...v16.8.1) --- updated-dependencies: - dependency-name: graphql dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump undici from 5.11.0 to 5.28.4 in /webuidependabot[bot]2024-07-221-6/+6
| | | | | | | | | | | | | Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.28.4. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.28.4) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump @babel/traverse from 7.19.3 to 7.24.8 in /webuidependabot[bot]2024-07-221-138/+150
| | | | | | | | | | | | | | Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.19.3 to 7.24.8. - [Release notes](https://github.com/babel/babel/releases) - [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md) - [Commits](https://github.com/babel/babel/commits/v7.24.8/packages/babel-traverse) --- updated-dependencies: - dependency-name: "@babel/traverse" dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/99designs/gqlgen from 0.17.36 to 0.17.49dependabot[bot]2024-07-222-12/+20
| | | | | | | | | | | | | | | Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.36 to 0.17.49. - [Release notes](https://github.com/99designs/gqlgen/releases) - [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md) - [Commits](https://github.com/99designs/gqlgen/compare/v0.17.36...v0.17.49) --- updated-dependencies: - dependency-name: github.com/99designs/gqlgen dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.6.0dependabot[bot]2024-07-222-3/+3
| | | | | | | | | | | | Bumps [github.com/dvsekhvalnov/jose2go](https://github.com/dvsekhvalnov/jose2go) from 1.5.0 to 1.6.0. - [Commits](https://github.com/dvsekhvalnov/jose2go/compare/v1.5...v1.6.0) --- updated-dependencies: - dependency-name: github.com/dvsekhvalnov/jose2go dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump semver from 5.7.1 to 5.7.2 in /webuidependabot[bot]2024-07-221-54/+54
| | | | | | | | | | | | | | Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2. - [Release notes](https://github.com/npm/node-semver/releases) - [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md) - [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2) --- updated-dependencies: - dependency-name: semver dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump word-wrap from 1.2.3 to 1.2.5 in /webuidependabot[bot]2024-07-221-6/+6
| | | | | | | | | | | | | Bumps [word-wrap](https://github.com/jonschlinkert/word-wrap) from 1.2.3 to 1.2.5. - [Release notes](https://github.com/jonschlinkert/word-wrap/releases) - [Commits](https://github.com/jonschlinkert/word-wrap/compare/1.2.3...1.2.5) --- updated-dependencies: - dependency-name: word-wrap dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump express from 4.18.1 to 4.19.2 in /webuidependabot[bot]2024-07-221-48/+48
| | | | | | | | | | | | | | Bumps [express](https://github.com/expressjs/express) from 4.18.1 to 4.19.2. - [Release notes](https://github.com/expressjs/express/releases) - [Changelog](https://github.com/expressjs/express/blob/master/History.md) - [Commits](https://github.com/expressjs/express/compare/4.18.1...4.19.2) --- updated-dependencies: - dependency-name: express dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump ws from 7.5.9 to 7.5.10 in /webuidependabot[bot]2024-07-221-13/+13
| | | | | | | | | | | | | Bumps [ws](https://github.com/websockets/ws) from 7.5.9 to 7.5.10. - [Release notes](https://github.com/websockets/ws/releases) - [Commits](https://github.com/websockets/ws/compare/7.5.9...7.5.10) --- updated-dependencies: - dependency-name: ws dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump golang.org/x/vuln from 1.1.2 to 1.1.3dependabot[bot]2024-07-222-12/+12
| | | | | | | | | | | | | | Bumps [golang.org/x/vuln](https://github.com/golang/vuln) from 1.1.2 to 1.1.3. - [Release notes](https://github.com/golang/vuln/releases) - [Commits](https://github.com/golang/vuln/compare/v1.1.2...v1.1.3) --- updated-dependencies: - dependency-name: golang.org/x/vuln dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/go-git/go-git/v5 from 5.8.1 to 5.12.0dependabot[bot]2024-07-222-22/+18
| | | | | | | | | | | | | | Bumps [github.com/go-git/go-git/v5](https://github.com/go-git/go-git) from 5.8.1 to 5.12.0. - [Release notes](https://github.com/go-git/go-git/releases) - [Commits](https://github.com/go-git/go-git/compare/v5.8.1...v5.12.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-git/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps-dev): bump undici from 5.11.0 to 5.26.3 in /webuidependabot[bot]2024-07-221-9/+24
| | | | | | | | | | | | | Bumps [undici](https://github.com/nodejs/undici) from 5.11.0 to 5.26.3. - [Release notes](https://github.com/nodejs/undici/releases) - [Commits](https://github.com/nodejs/undici/compare/v5.11.0...v5.26.3) --- updated-dependencies: - dependency-name: undici dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/vbauerster/mpb/v8 from 8.5.2 to 8.7.4dependabot[bot]2024-07-222-9/+9
| | | | | | | | | | | | | | Bumps [github.com/vbauerster/mpb/v8](https://github.com/vbauerster/mpb) from 8.5.2 to 8.7.4. - [Release notes](https://github.com/vbauerster/mpb/releases) - [Commits](https://github.com/vbauerster/mpb/compare/v8.5.2...v8.7.4) --- updated-dependencies: - dependency-name: github.com/vbauerster/mpb/v8 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump webpack from 5.74.0 to 5.76.1 in /webuidependabot[bot]2024-07-221-365/+365
| | | | | | | | | | | | | Bumps [webpack](https://github.com/webpack/webpack) from 5.74.0 to 5.76.1. - [Release notes](https://github.com/webpack/webpack/releases) - [Commits](https://github.com/webpack/webpack/compare/v5.74.0...v5.76.1) --- updated-dependencies: - dependency-name: webpack dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/go-git/go-billy/v5 from 5.4.1 to 5.5.0dependabot[bot]2024-07-222-9/+11
| | | | | | | | | | | | | | Bumps [github.com/go-git/go-billy/v5](https://github.com/go-git/go-billy) from 5.4.1 to 5.5.0. - [Release notes](https://github.com/go-git/go-billy/releases) - [Commits](https://github.com/go-git/go-billy/compare/v5.4.1...v5.5.0) --- updated-dependencies: - dependency-name: github.com/go-git/go-billy/v5 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump ua-parser-js from 0.7.31 to 0.7.33 in /webuidependabot[bot]2024-07-221-6/+10
| | | | | | | | | | | | | | Bumps [ua-parser-js](https://github.com/faisalman/ua-parser-js) from 0.7.31 to 0.7.33. - [Release notes](https://github.com/faisalman/ua-parser-js/releases) - [Changelog](https://github.com/faisalman/ua-parser-js/blob/master/changelog.md) - [Commits](https://github.com/faisalman/ua-parser-js/compare/0.7.31...0.7.33) --- updated-dependencies: - dependency-name: ua-parser-js dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump github.com/vektah/gqlparser/v2 from 2.5.15 to 2.5.16dependabot[bot]2024-07-222-3/+3
| | | | | | | | | | | | | | Bumps [github.com/vektah/gqlparser/v2](https://github.com/vektah/gqlparser) from 2.5.15 to 2.5.16. - [Release notes](https://github.com/vektah/gqlparser/releases) - [Commits](https://github.com/vektah/gqlparser/compare/v2.5.15...v2.5.16) --- updated-dependencies: - dependency-name: github.com/vektah/gqlparser/v2 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0dependabot[bot]2024-07-222-3/+3
| | | | | | | | | | | Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump json5 from 1.0.1 to 1.0.2 in /webuidependabot[bot]2024-07-221-12/+12
| | | | | | | | | | | | | | Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2. - [Release notes](https://github.com/json5/json5/releases) - [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md) - [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2) --- updated-dependencies: - dependency-name: json5 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump loader-utils from 2.0.2 to 2.0.4 in /webuidependabot[bot]2024-07-221-12/+12
| | | | | | | | | | | | | | Bumps [loader-utils](https://github.com/webpack/loader-utils) from 2.0.2 to 2.0.4. - [Release notes](https://github.com/webpack/loader-utils/releases) - [Changelog](https://github.com/webpack/loader-utils/blob/v2.0.4/CHANGELOG.md) - [Commits](https://github.com/webpack/loader-utils/compare/v2.0.2...v2.0.4) --- updated-dependencies: - dependency-name: loader-utils dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* build(deps): bump minimatch and recursive-readdir in /webuidependabot[bot]2024-07-221-32/+9
| | | | | | | | | | | | | | | | | | | | | | Bumps [minimatch](https://github.com/isaacs/minimatch) and [recursive-readdir](https://github.com/jergason/recursive-readdir). These dependencies needed to be updated together. Updates `minimatch` from 3.0.4 to 3.1.2 - [Release notes](https://github.com/isaacs/minimatch/releases) - [Commits](https://github.com/isaacs/minimatch/compare/v3.0.4...v3.1.2) Updates `recursive-readdir` from 2.2.2 to 2.2.3 - [Release notes](https://github.com/jergason/recursive-readdir/releases) - [Changelog](https://github.com/jergason/recursive-readdir/blob/master/CHANGELOG.md) - [Commits](https://github.com/jergason/recursive-readdir/commits/v2.2.3) --- updated-dependencies: - dependency-name: minimatch dependency-type: indirect - dependency-name: recursive-readdir dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>
* fix: add write for prs: stale/issue-and-prsudoforge2024-07-221-0/+1
| | | | | This change adds write permissions for pull requests to the workflow that is used to mark issues and pull requests as stale.
* feat: allow for manual execution of workflow: cronsudoforge2024-07-221-0/+1
| | | | | | This is a temporary change, that will be reverted later, simply to play catch-up with the backlog of items that are stale, but not marked as such.
* feat: increase operations per run for workflow: cronsudoforge2024-07-221-0/+1
| | | | | | This change increases the number of operations that the workflow will perform from the default (30) to 1000, in order to allow for a large number of issues and pull requests to be processed.
* fix: add missing `with` property to //.github/workflows:cron.ymlsudoforge2024-07-211-11/+12
| | | | Change-Id: I32844f07bc825dfd2c364e402e21262a6f9cb519
* feat: add workflow for triaging stale issues and prssudoforge2024-07-201-0/+28
| | | | Change-Id: I0fc9571d476b55a15edcef3645a5fa5f751fb427
* feat: add initial editorconfig configuration filesudoforge2024-07-201-0/+8
| | | | Change-Id: Id08dfd59a4f2eb56f358d71c898ba9915400cf51
* feat: add a common file for git-blame ignored revisionssudoforge2024-07-202-0/+23
| | | | Change-Id: Ia28c12c211c67fccbfc2f6a6dc2be390d13a29c0
* feat: add a commit message templatesudoforge2024-07-202-0/+38
| | | | Change-Id: Iea66080cc9f7f49bbaac42ca0eb51de5dfc4bcdc
* feat: add initial nix development shellsudoforge2024-07-205-0/+220
| | | | | | This change bootstraps the configuration of a development shell via nix. Change-Id: Ic171e7599b50bb29ecc07d9c4534bcbc117f2299
* feat: update action library versionssudoforge2024-07-206-16/+19
| | | | Change-Id: I957c6de57b3a9151e6d9ce8caba87f4e2c714846
* feat: add concurrency limits to all pipelinessudoforge2024-07-206-0/+24
| | | | | | | | This change restricts the number of active pipeline executions for a given tree to one, so that new pushes to a tree that trigger a pipeline will cancel older (but still running) pipelines. Change-Id: I1deda682d39cadbce97f8df4ca7c3110a96b4549
* fix: bump to go v1.22.5sudoforge2024-07-203-3/+3
| | | | | | | | | | | The GHA build pipeline is failing with an error: package crypto/ecdh is not in GOROOT (/opt/hostedtoolcache/go/1.19.4/x64/src/crypto/ecdh) crypto/ecdh was added in Go 1.21 [0]. This change updates the matrix of Go versions that the pipelines use to the latest, in order to resolve this error. [0]: https://tip.golang.org/doc/go1.21