Skip to content

Releases: mindersec/minder

v0.0.63

17 Sep 13:54
6f89a1d
Compare
Choose a tag to compare

What's Changed

  • Register RuleType GRPC server. by @blkt in #4340
  • Change error message in providers API by @JAORMX in #4341
  • Handle pull requests as general entities by @jhrozek in #4338
  • Skip the flaky NATS test until it's fixed by @jhrozek in #4344
  • Pass Provider ID to the GetEntity calls from the provider service by @jhrozek in #4343
  • Fix two bugs in PR properties by @jhrozek in #4346
  • Bump the properties timeout by @jhrozek in #4347
  • Store properties for artifacts by @jhrozek in #4345
  • Trusty: Print dependency name and version if fetching their data fails by @JAORMX in #4358
  • Improve errors returned by history list endpoint. by @blkt in #4359
  • Decouple legacy entity tables from results queries by @JAORMX in #4342
  • build(deps): bump peter-evans/create-pull-request from 6.1.0 to 7.0.0 by @dependabot in #4357
  • build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.33.0 to 1.33.1 by @dependabot in #4355
  • build(deps): bump github.com/daixiang0/gci from 0.13.4 to 0.13.5 in /tools by @dependabot in #4356
  • Handle synchronize events on github PRs. by @blkt in #4361
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.28.2 to 3.29.0 by @dependabot in #4351
  • build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.18.0 to 1.19.0 by @dependabot in #4352
  • Create interface for registering entity through Provider by @JAORMX in #4360
  • Fix GetEvaluationHistory from clause. by @blkt in #4364
  • build(deps): bump github.com/sigstore/sigstore-go from 0.6.0 to 0.6.1 by @dependabot in #4365
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.31 to 1.27.33 by @dependabot in #4374
  • build(deps): bump github.com/styrainc/regal from 0.25.0 to 0.26.0 by @dependabot in #4373
  • build(deps): bump github.com/openfga/cli from 0.5.2 to 0.5.3 in /tools by @dependabot in #4369
  • build(deps): bump golang.org/x/oauth2 from 0.22.0 to 0.23.0 by @dependabot in #4370
  • build(deps): bump golang.org/x/term from 0.23.0 to 0.24.0 by @dependabot in #4372
  • build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.33.1 to 1.33.2 by @dependabot in #4371
  • Take properties into use executor to fill selectors' properties by @jhrozek in #4377
  • Fix entity refresh for entities that have not been migrated by @jhrozek in #4378
  • Fix splitting artifact name property by @jhrozek in #4379
  • Re-enable NATS test with higher timeout by @evankanderson in #4366
  • build(deps): bump golang.org/x/crypto from 0.26.0 to 0.27.0 by @dependabot in #4384
  • build(deps): bump github.com/prometheus/client_golang from 1.20.2 to 1.20.3 by @dependabot in #4385
  • build(deps): bump github.com/styrainc/regal from 0.26.0 to 0.26.1 by @dependabot in #4383
  • build(deps): bump peter-evans/create-pull-request from 7.0.0 to 7.0.1 by @dependabot in #4386
  • Belatedly address several review comments of my earlier PRs by @jhrozek in #4381
  • Ignore sql.ErrNoRows on deleting repos by ID by @jhrozek in #4387
  • Ignore sql.ErrNoRows for GetRepositoryByRepoID by @jhrozek in #4389
  • EEA: Only lock if entity instance exists in a transaction by @JAORMX in #4388
  • build(deps): bump mobx from 6.13.1 to 6.13.2 in /docs by @dependabot in #4394
  • Bump Go to 1.23.1 including tools by @jhrozek in #4401
  • build(deps): bump github.com/go-playground/validator/v10 from 10.22.0 to 10.22.1 by @dependabot in #4397
  • build(deps): bump github.com/charmbracelet/bubbles from 0.19.0 to 0.20.0 by @dependabot in #4398
  • build(deps): bump github.com/openfga/cli from 0.5.3 to 0.6.0 in /tools by @dependabot in #4395
  • build(deps): bump github.com/golang-migrate/migrate/v4 from 4.17.1 to 4.18.1 by @dependabot in #4399
  • Report line numbers in log messages. by @blkt in #4402
  • Implement caching of providers on the provider manager by @JAORMX in #4400
  • Fetch and store the language property by @jhrozek in #4403
  • build(deps): bump github.com/bufbuild/buf from 1.39.0 to 1.40.1 in /tools by @dependabot in #4396
  • Extend selectors documentation with properties by @jhrozek in #4404
  • Implement general entity registration for the GitHub provider by @JAORMX in #4376
  • Add properties to Repositories protobuf message by @JAORMX in #4406
  • Don't pre-create github provider on registration by @psekar in #4367
  • Further harden NATS test, accept duplicate deliveries and out-of-order better by @evankanderson in #4392
  • Fix golangci-lint warnings by @evankanderson in #4408
  • Add initial MAINTAINERS document by @evankanderson in #4382
  • fetch by upstream ID in property service by @JAORMX in #4412
  • build(deps): bump github.com/openfga/cli from 0.6.0 to 0.6.1 in /tools by @dependabot in #4415
  • build(deps): bump golang.org/x/tools from 0.24.0 to 0.25.0 in /tools by @dependabot in #4413
  • build(deps): bump google.golang.org/grpc from 1.66.0 to 1.66.1 by @dependabot in #4409
  • Add better debugging to the properties service and fetcher by @jhrozek in #4427
  • build(deps): bump github.com/open-feature/go-sdk from 1.12.0 to 1.13.0 by @dependabot in #4410
  • Use rule display name as profile rule name default by @eleftherias in #4363
  • build(deps): bump github.com/golangci/golangci-lint from 1.60.3 to 1.61.0 in /tools by @dependabot in #4414
  • Fix retrieving properties by upstream ID and name by @jhrozek in #4432
  • build(deps): bump github.com/docker/cli from 27.2.0+incompatible to 27.2.1+incompatible by @dependabot in #4411
  • Implement getting entity name for gitlab provider by @JAORMX in #4430
  • properties service: Don't double query for entity information by @JAORMX in #4443
  • The Go GitHub API doesn't seem to escape user package names, only org package names by @jhrozek in #4445
  • build(deps): bump go.opentelemetry.io/otel/metric from 1.29.0 to 1.30.0 by @dependabot in #4438
  • build(deps): bump go.opentelemetry.io/otel/trace from 1.29.0 to 1.30.0 by @dependabot in #4437
  • Revert otel upgrade by @eleftherias in #4449
  • Increase timeout when deleting installations. by @blkt in #4447
  • Implement properties fetch for GitLab by @JAORMX in #4446
  • Group otel dependency updates into single PRs by @jhrozek in #4450
  • Handle calling the property service in transaction better by @jhrozek in #4434
  • Fix dependabot configuration by @JAORMX in #4453
  • build(deps): bump google.golang.org/grpc from 1.66.1 to 1.66.2 by @dependabot in #4458
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.54.0 to 0.55.0 by @dependabot in #4457
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.54.0 to 0.55.0 by @dependabot in #4456
  • build(deps): bump github.com/bufbuild/buf from 1.40.1 to 1.41.0 in /tools by @dependabot in #4454
  • Use central entity tables to list remote repos by @JAORMX in #4429
  • build(...
Read more

v0.0.62

02 Sep 09:45
3688fb9
Compare
Choose a tag to compare

What's Changed

  • Project deletion metadata audit log by @teodor-yanev in #4262
  • build(deps): bump github.com/nats-io/nats.go from 1.36.0 to 1.37.0 by @dependabot in #4309
  • build(deps): bump github.com/charmbracelet/bubbles from 0.17.1 to 0.19.0 by @dependabot in #4306
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.12.1 to 0.13.0 by @dependabot in #4310
  • build(deps): bump github.com/nats-io/nats-server/v2 from 2.10.18 to 2.10.19 by @dependabot in #4307
  • build(deps): bump github.com/charmbracelet/bubbletea from 0.26.6 to 1.0.0 by @dependabot in #4308
  • Get entity by attribute by @jhrozek in #4311
  • Remove test code from..tests. by @jhrozek in #4313
  • Finally remove per-entity columns from EEA by @JAORMX in #4305
  • Auto-generated DB schema update - 2024-08-29 13:37:06 by @github-actions in #4314
  • Take the property service into use in webhook and repository service by @jhrozek in #4299
  • Render rule guidance as markdown in the CLI. by @blkt in #4303
  • build(deps): bump styled-components from 6.1.12 to 6.1.13 in /docs by @dependabot in #4323
  • build(deps): bump github.com/open-policy-agent/opa from 0.67.1 to 0.68.0 by @dependabot in #4322
  • build(deps): bump github.com/charmbracelet/bubbletea from 1.0.0 to 1.0.1 by @dependabot in #4321
  • build(deps): bump github.com/ThreeDotsLabs/watermill-sql/v3 from 3.0.2 to 3.0.3 by @dependabot in #4320
  • build(deps): bump github.com/openfga/go-sdk from 0.5.0 to 0.6.0 by @dependabot in #4318
  • build(deps): bump github.com/nats-io/nats-server/v2 from 2.10.19 to 2.10.20 by @dependabot in #4319
  • build(deps): bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #4324
  • Validate rule guidance strictly. by @blkt in #4304
  • Refresh properties before reconcile and profile init by @jhrozek in #4332
  • Don't overwrite UserVisibleError when updating selectors fails by @jhrozek in #4334
  • build(deps): bump github.com/charmbracelet/bubbletea from 1.0.1 to 1.1.0 by @dependabot in #4337
  • Fix rule type name that has no pills. by @blkt in #4333
  • build(deps): bump github.com/openfga/openfga from 1.5.9 to 1.6.0 by @dependabot in #4336
  • Split ProfileService proto to ProfileService and RuleTypeService by @ChrisJBurns in #4234

Full Changelog: v0.0.61...v0.0.62

v0.0.61

28 Aug 13:15
42df741
Compare
Choose a tag to compare

What's Changed

  • Use structpb.Value as internal storage of Property by @jhrozek in #4250
  • Connect reminder service to minder server to dispatch reminders by @Vyom-Yadav in #3630
  • build(deps): bump github.com/charmbracelet/bubbletea from 0.27.0 to 0.27.1 by @dependabot in #4256
  • build(deps): bump github.com/bufbuild/buf from 1.37.0 to 1.38.0 in /tools by @dependabot in #4258
  • build(deps): bump github.com/golangci/golangci-lint from 1.60.2 to 1.60.3 in /tools by @dependabot in #4257
  • Handle int64 and uint64 in properties by wrapping it by @jhrozek in #4253
  • Add an Iterator over Properties by @jhrozek in #4254
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.28 to 1.27.29 by @dependabot in #4255
  • GetEntityByName must accept the type, too by @jhrozek in #4260
  • Introduce a ruletype state field in the minder proto by @rdimitrov in #4261
  • Add release_phase column to rule_type table. by @blkt in #4249
  • Auto-generated DB schema update - 2024-08-23 17:38:01 by @github-actions in #4264
  • build(deps): bump github/codeql-action from 3.26.4 to 3.26.5 by @dependabot in #4268
  • Change the Provider's FetchProperty/FetchAllProperties interface methods to look up by Properties, not just a name by @jhrozek in #4266
  • Add database helpers for managing entity properties by @jhrozek in #4267
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.29 to 1.27.30 by @dependabot in #4270
  • build(deps): bump github.com/prometheus/client_golang from 1.20.1 to 1.20.2 by @dependabot in #4271
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.50.0 to 0.51.0 by @dependabot in #4272
  • build(deps): bump github.com/ThreeDotsLabs/watermill-sql/v3 from 3.0.1 to 3.0.2 by @dependabot in #4273
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.53.0 to 0.54.0 by @dependabot in #4269
  • build(deps): bump micromatch from 4.0.5 to 4.0.8 in /docs by @dependabot in #4274
  • Property service for saving properties to database by @jhrozek in #4248
  • Remove temporary migrations and unused queries by @JAORMX in #4277
  • build(deps): bump github.com/ThreeDotsLabs/watermill from 1.3.5 to 1.3.7 by @dependabot in #4280
  • build(deps): bump github.com/fergusstrange/embedded-postgres from 1.28.0 to 1.29.0 by @dependabot in #4284
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.28.1 to 3.28.2 by @dependabot in #4283
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.30 to 1.27.31 by @dependabot in #4282
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.28.0 to 1.29.0 by @dependabot in #4281
  • Add general entity protobuf by @JAORMX in #4178
  • Populate the release_phase response to the related APIs by @rdimitrov in #4278
  • Show rule type release phase. by @blkt in #4275
  • Decouple minder core from entities. by @blkt in #4276
  • CodeQL: Specify manual build by @JAORMX in #4288
  • Use 25.0 keycloak tag instead of patch-specific one by @JAORMX in #4290
  • Checkpoint: Add HTTP URL and Method to HTTP/REST ingester by @JAORMX in #4289
  • Show can_remediate: false for the ruletype cli commands by @rdimitrov in #4291
  • build(deps): bump github.com/stacklok/frizbee from 0.1.1 to 0.1.2 by @dependabot in #4294
  • build(deps): bump github.com/docker/cli from 27.1.2+incompatible to 27.2.0+incompatible by @dependabot in #4293
  • build(deps): bump github.com/bufbuild/buf from 1.38.0 to 1.39.0 in /tools by @dependabot in #4297
  • build(deps): bump webpack from 5.90.3 to 5.94.0 in /docs by @dependabot in #4296
  • EEA: Rely solely on entity instances table by @JAORMX in #4287
  • Revert "EEA: Rely solely on entity instances table (#4287)" by @JAORMX in #4298
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.53.0 to 0.54.0 by @dependabot in #4295
  • Add rule display name to profile status table by @eleftherias in #4300
  • Validate rule type guidance as markdown. by @blkt in #4292
  • EEA: Rely solely on entity instances table by @JAORMX in #4301
  • Auto-generated DB schema update - 2024-08-28 13:30:41 by @github-actions in #4302
  • Add experimental NATS messaging channel by @evankanderson in #4075

Full Changelog: v0.0.60...v0.0.61

v0.0.60

22 Aug 09:34
d32c80c
Compare
Choose a tag to compare

What's Changed

  • build(deps): bump github.com/stacklok/frizbee from 0.1.0 to 0.1.1 by @dependabot in #4221
  • build(deps): bump github.com/charmbracelet/bubbles from 0.17.1 to 0.19.0 by @dependabot in #4224
  • Fix issue with missing evaluation results by @dmjb in #4226
  • Fix integer overflow lint errors by @dmjb in #4227
  • Enforce central entity ID in EEA and rule eval tables by @JAORMX in #4220
  • Generate default ID for properties, ensure the ID is not NULL by @jhrozek in #4228
  • Add owner flag validation during provider enrollment by @psekar in #4107
  • build(deps): bump bufbuild/buf-action from 1.0.0 to 1.0.1 by @dependabot in #4217
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.12.1 to 0.13.0 by @dependabot in #4223
  • build(deps): bump github.com/prometheus/client_golang from 1.20.0 to 1.20.1 by @dependabot in #4222
  • build(deps): bump github.com/golangci/golangci-lint from 1.60.1 to 1.60.2 in /tools by @dependabot in #4218
  • Bump go-feature-flag. by @blkt in #4230
  • Use central entities table for EEA logic by @JAORMX in #4229
  • Auto-generated DB schema update - 2024-08-21 16:17:39 by @github-actions in #4232
  • Add certificate definition to upload sigstore cert(s) from cosign by @evankanderson in #4235
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.27.0 to 3.28.1 by @dependabot in #4237
  • build(deps): bump github/codeql-action from 3.26.3 to 3.26.4 by @dependabot in #4238
  • build(deps): bump anchore/sbom-action from 0.17.1 to 0.17.2 by @dependabot in #4239
  • Make ruletype test token's viper path unique by @JAORMX in #4236

New Contributors

Full Changelog: v0.0.59...v0.0.60

v0.0.59

21 Aug 06:20
71af872
Compare
Choose a tag to compare

What's Changed

  • build(deps): bump github.com/google/go-containerregistry from 0.20.1 to 0.20.2 by @dependabot in #4094
  • build(deps): bump golang.org/x/term from 0.22.0 to 0.23.0 by @dependabot in #4092
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.26.0 to 3.26.1 by @dependabot in #4093
  • build(deps): bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #4096
  • build(deps): bump golang.org/x/tools from 0.23.0 to 0.24.0 in /tools by @dependabot in #4097
  • build(deps): bump golang.org/x/crypto from 0.25.0 to 0.26.0 by @dependabot in #4091
  • build(deps): bump github.com/bufbuild/buf from 1.35.1 to 1.36.0 in /tools by @dependabot in #4098
  • Use non-deprecated buf-action in CI by @eleftherias in #4100
  • Fix migrated column on rule evaluations by @dmjb in #4102
  • Disable additional buf commands in CI by @eleftherias in #4101
  • build(deps): bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #4105
  • build(deps): bump docker/build-push-action from 6.5.0 to 6.6.1 by @dependabot in #4104
  • Allow unmanaged attributes in KC for local dev by @eleftherias in #4106
  • Fix rule_instance_id column on rule_evaluations by @dmjb in #4103
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.26.1 to 3.27.0 by @dependabot in #4109
  • Initial implementation of GitLab provider by @JAORMX in #4088
  • build(deps): bump github.com/openfga/openfga from 1.5.7 to 1.5.8 by @dependabot in #4108
  • Populate evaluation history tables with old evaluations by @dmjb in #4065
  • Revert "Populate evaluation history tables with old evaluations (#4065)" by @dmjb in #4110
  • Use non-mock selectors in executor test by @eleftherias in #4111
  • Make go mock an explicit dependency in tools by @eleftherias in #4117
  • build(deps): bump github.com/openfga/cli from 0.5.1 to 0.5.2 in /tools by @dependabot in #4112
  • Change rule_evaluations upsert to set migrated to true by @dmjb in #4124
  • build(deps): bump github.com/go-viper/mapstructure/v2 from 2.0.0 to 2.1.0 by @dependabot in #4127
  • Update docusaurus to 3.5.1 by @eleftherias in #4121
  • Unescape quotes when retrieving selectors by @eleftherias in #4128
  • Add documentation for profile selectors by @eleftherias in #4120
  • Add central entities table with properties by @JAORMX in #4123
  • Auto-generated DB schema update - 2024-08-14 08:24:45 by @github-actions in #4131
  • build(deps): bump github.com/golangci/golangci-lint from 1.59.1 to 1.60.1 in /tools by @dependabot in #4140
  • Ensure ON DELETE is properly set for the central entities table by @JAORMX in #4133
  • Address linter issues coming from govet by @JAORMX in #4138
  • Delete repos from the central entities table by @JAORMX in #4132
  • Define own type around struct{} to work around linter warning by @jhrozek in #4148
  • Add CVE-2024-42473 to trivyignore by @JAORMX in #4139
  • build(deps): bump anchore/sbom-action from 0.17.0 to 0.17.1 by @dependabot in #4141
  • build(deps): bump k8s.io/apimachinery from 0.30.3 to 0.31.0 by @dependabot in #4146
  • build(deps): bump github.com/docker/cli from 27.1.1+incompatible to 27.1.2+incompatible by @dependabot in #4145
  • build(deps): bump github/codeql-action from 3.26.0 to 3.26.1 by @dependabot in #4143
  • build(deps): bump docker/build-push-action from 6.6.1 to 6.7.0 by @dependabot in #4142
  • Redo migration from PR #4065 by @dmjb in #4129
  • build(deps): bump k8s.io/client-go from 0.30.3 to 0.31.0 by @dependabot in #4144
  • build(deps-dev): bump @docusaurus/module-type-aliases from 3.5.1 to 3.5.2 in /docs by @dependabot in #4137
  • build(deps): bump @docusaurus/core from 3.5.1 to 3.5.2 in /docs by @dependabot in #4134
  • build(deps): bump github.com/openfga/openfga from 1.5.8 to 1.5.9 by @dependabot in #4147
  • Update no vulnerabilities message in PR review rule by @eleftherias in #4152
  • Create/Delete pull requests in central entities table by @JAORMX in #4150
  • Handle github repository transfer events. by @blkt in #4130
  • Fix the role verb wording in the template for the invite email by @rdimitrov in #4155
  • build(deps): bump github.com/openfga/openfga from 1.5.8 to 1.5.9 in /tools by @dependabot in #4156
  • Remove outdated architecture diagram by @mesembria in #4157
  • build(deps): bump github.com/prometheus/client_golang from 1.19.1 to 1.20.0 by @dependabot in #4159
  • build(deps): bump github/codeql-action from 3.26.1 to 3.26.2 by @dependabot in #4160
  • Persist artifacts in central entity table by @JAORMX in #4161
  • Calculate profile status based on evaluation history tables by @dmjb in #4149
  • Do a noop update when updating the entities table by @jhrozek in #4162
  • build(deps): bump github.com/styrainc/regal from 0.24.0 to 0.25.0 by @dependabot in #4174
  • build(deps): bump github.com/aws/aws-sdk-go-v2 from 1.30.3 to 1.30.4 by @dependabot in #4177
  • build(deps): bump github.com/aws/aws-sdk-go-v2/config from 1.27.27 to 1.27.28 by @dependabot in #4176
  • build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.32.3 to 1.32.4 by @dependabot in #4175
  • Change profile/rule status queries to use evaluation history table by @dmjb in #4089
  • Provider properties interface by @jhrozek in #4151
  • Update docs with GitHub App permissions by @eleftherias in #4180
  • Check for non-empty length of previous metadata by @dmjb in #4182
  • Fix issue with Alert URLs for pull requests and artifacts by @dmjb in #4183
  • Update enhancement.yml by @dussab in #4185
  • build(deps): bump dario.cat/mergo from 1.0.0 to 1.0.1 by @dependabot in #4188
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.21.0 to 2.22.0 by @dependabot in #4189
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.21.0 to 2.22.0 in /tools by @dependabot in #4194
  • build(deps): bump github.com/aws/aws-sdk-go-v2/service/sesv2 from 1.32.4 to 1.33.0 by @dependabot in #4187
  • build(deps): bump mvdan.cc/gofumpt from 0.6.0 to 0.7.0 in /tools by @dependabot in #4192
  • build(deps): bump github.com/bufbuild/buf from 1.36.0 to 1.37.0 in /tools by @dependabot in #4193
  • build(deps): bump github.com/sigstore/sigstore-go from 0.5.1 to 0.6.0 by @dependabot in #4186
  • Revert profile/rule status queries to use evaluation history table by @rdimitrov in #4195
  • Store repo license again by @jhrozek in #4190
  • Move properties fetcher methods into Provider by @JAORMX in #4181
  • Add reference to central entities table in EEA by @JAORMX in #4191
  • Auto-generated DB schema update - 2024-08-19 14:41:17 by @github-actions in #4199
  • Allow nil receiver on Properties by @jhrozek in #4198
  • Use nil evaluation state if there is no previous evaluation by @dmjb in #4197
  • Reapply reverted commits by @dmjb in #4200
  • build(deps): bump github.com/charmbracelet/bubbletea from 0.26.6 to 0.27.0 by @dependabot in #4202
    ...
Read more

v0.0.58

06 Aug 15:16
7ada493
Compare
Choose a tag to compare

What's Changed

  • Add entity evaluation checkpoint to the database by @JAORMX in #4050
  • Add initial structures for entity checkpoints by @JAORMX in #4049
  • Auto-generated DB schema update - 2024-07-31 15:06:43 by @github-actions in #4053
  • Fix the AWS SES migration to sdk v2 by @rdimitrov in #4054
  • Change profile validation to enforce case insensitive unique rule names by @dmjb in #4056
  • Additional DB migrations needed for evaluation history switchover by @dmjb in #4055
  • Auto-generated DB schema update - 2024-08-01 14:29:15 by @github-actions in #4057
  • Drop rule_entity_id column from rule_evaluations by @dmjb in #4058
  • Auto-generated DB schema update - 2024-08-02 07:48:45 by @github-actions in #4060
  • Align role descriptions with the docs by @rdimitrov in #4062
  • Update the email template for invitations by @rdimitrov in #4064
  • Persist checkpoints in evaluation history db by @JAORMX in #4059
  • Use Keycloak v25 image for local development by @eleftherias in #4066
  • Revert "Persist checkpoints in evaluation history db" by @rdimitrov in #4067
  • Bump trusty client to trusty-sdk-go@v0.2.0 by @puerco in #4072
  • build(deps): bump github.com/mikefarah/yq/v4 from 4.44.2 to 4.44.3 in /tools by @dependabot in #4077
  • build(deps): bump golang.org/x/oauth2 from 0.21.0 to 0.22.0 by @dependabot in #4078
  • build(deps): bump github.com/google/cel-go from 0.20.1 to 0.21.0 by @dependabot in #4079
  • build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0 by @dependabot in #4080
  • Swapped order of roles in user management docs by @mesembria in #4074
  • Bump trusty-sdk to v0.2.1 by @eleftherias in #4082
  • Persist checkpoints in evaluation history db. Try 2 by @JAORMX in #4083
  • build(deps): bump github.com/open-policy-agent/opa from 0.67.0 to 0.67.1 by @dependabot in #4086
  • Add integration tests for ListEvaluationHistory. by @blkt in #4076
  • Add missing column to history log tests' fixtures. by @blkt in #4087
  • build(deps): bump github.com/sqlc-dev/sqlc from 1.26.0 to 1.27.0 in /tools by @dependabot in #4085

Full Changelog: v0.0.57...v0.0.58

v0.0.57

31 Jul 11:57
84efc7e
Compare
Choose a tag to compare

What's Changed

  • Auto-generated cli documentation update - 2024-07-18 14:17:31 by @github-actions in #3931
  • Allow authenticated users without Minder projects to accept credentials by @evankanderson in #3909
  • Rename comment to description in profile's selector message by @jhrozek in #3919
  • build(deps): bump mobx from 6.13.0 to 6.13.1 in /docs by @dependabot in #3935
  • Add the protobuf message and the selector API by @jhrozek in #3797
  • Add from/to filters to minder history list. by @blkt in #3928
  • Fix entity id in ListEvaluationHistory RPC. by @blkt in #3933
  • Auto-generated cli documentation update - 2024-07-19 10:39:44 by @github-actions in #3937
  • Sizes of cursors and pages are integers in REST. by @blkt in #3938
  • Remove unnecessary type conversion causing errors. by @blkt in #3939
  • Trim quotes when returning selector comments by @jhrozek in #3940
  • Add tests to evaluation log entries conversion. by @blkt in #3941
  • Use rule instance table in executor by @dmjb in #3899
  • Make selectors available in mindev by @jhrozek in #3943
  • Add a DB function to delete all selectors for a profile by @jhrozek in #3942
  • Expand profile handlers with selector support by @jhrozek in #3944
  • build(deps): bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #3945
  • Respect the action overrides by @dmjb in #3946
  • Default security advisory alerts to Off by @dmjb in #3947
  • Ensure role exists before we try to remove the role assignment by @rdimitrov in #3949
  • Remove unused function and its tests. by @dmjb in #3951
  • Remove even more unused code by @dmjb in #3952
  • build(deps): bump github.com/bufbuild/buf from 1.34.0 to 1.35.0 in /tools by @dependabot in #3955
  • build(deps): bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @dependabot in #3960
  • build(deps): bump bufbuild/buf-setup-action from 1.34.0 to 1.35.0 by @dependabot in #3959
  • build(deps): bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #3958
  • build(deps): bump github.com/docker/cli from 27.0.3+incompatible to 27.1.0+incompatible by @dependabot in #3956
  • Remove unused SQL query ListProfilesByProjectID by @dmjb in #3954
  • Add evaluation id to ListEvaluationHistory RPC. by @blkt in #3950
  • Remove use of entity_profile_rules table by @dmjb in #3905
  • Fix ListEvaluationHistory RPC faulty navigation to next page. by @blkt in #3967
  • Align sort inversion with pagination direction. by @blkt in #3968
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.19 to 1.55.1 by @dependabot in #3970
  • Decouple from/to filtering in history log RPC. by @blkt in #3929
  • Log evaluation history by default by @dmjb in #3973
  • Add docs for user management and invitations (#3837) by @rdimitrov in #3972
  • Enable history log rpc. by @blkt in #3974
  • build(deps): bump github.com/docker/cli from 27.1.0+incompatible to 27.1.1+incompatible by @dependabot in #3969
  • build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.31.1 to 1.31.2 by @dependabot in #3957
  • Update openfga's entity_reconcile and remote_repo_get to require the editor role by @rdimitrov in #3977
  • build(deps): bump github.com/aws/aws-sdk-go from 1.55.1 to 1.55.2 by @dependabot in #3981
  • build(deps): bump bufbuild/buf-setup-action from 1.35.0 to 1.35.1 by @dependabot in #3982
  • build(deps): bump github.com/bufbuild/buf from 1.35.0 to 1.35.1 in /tools by @dependabot in #3985
  • build(deps): bump github.com/stacklok/frizbee from 0.0.20 to 0.1.0 by @dependabot in #3984
  • Accept filters multiple times in history list. by @blkt in #3979
  • Auto-generated cli documentation update - 2024-07-25 09:00:27 by @github-actions in #3986
  • Add entity_type column to evaluation_rule_entities by @dmjb in #3980
  • build(deps): bump github.com/sigstore/sigstore-go from 0.4.0 to 0.5.1 by @dependabot in #3983
  • Auto-generated DB schema update - 2024-07-25 09:17:38 by @github-actions in #3989
  • Remove migration_profile_backfill_log table by @dmjb in #3990
  • Auto-generated DB schema update - 2024-07-25 09:35:43 by @github-actions in #3991
  • Log errors from history service by @dmjb in #3992
  • Disambiguate entity type in history log query. by @blkt in #3994
  • Add profile ID to latest_evaluation_statuses by @dmjb in #3993
  • Auto-generated DB schema update - 2024-07-25 11:51:22 by @github-actions in #3997
  • Change selectors.New to not return an error by @jhrozek in #3995
  • Add rule_entity_id to rule_evaluations by @dmjb in #3999
  • Add PullRequest as available entity for selectors by @jhrozek in #4000
  • Auto-generated DB schema update - 2024-07-25 13:55:48 by @github-actions in #4001
  • Add history purge command to minder server cli. by @blkt in #3976
  • Add more context around repo lookup failures by @dmjb in #4002
  • build(deps): bump github.com/aws/aws-sdk-go from 1.55.2 to 1.55.3 by @dependabot in #4006
  • build(deps): bump github.com/open-policy-agent/opa from 0.66.0 to 0.67.0 by @dependabot in #4005
  • build(deps): bump sigs.k8s.io/release-utils from 0.8.3 to 0.8.4 by @dependabot in #4007
  • build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.20.0 to 2.21.0 by @dependabot in #4008
  • build(deps): bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in #4009
  • Return structured errors from the selectors API by @jhrozek in #3998
  • Update local Keycloak image to match deployed config by @eleftherias in #4011
  • Take selectors into use in executor by @jhrozek in #4004
  • Log errors when listing repositories by @dmjb in #4020
  • Re-apply #4010 by @evankanderson in #4019
  • build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.1.0 to 2.1.1 by @dependabot in #4025
  • build(deps): bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #4023
  • Add severity to rule in ListEvaluationHistory RPC. by @blkt in #4014
  • build(deps): bump github.com/openfga/openfga from 1.5.6 to 1.5.7 by @dependabot in #4024
  • build(deps): bump github.com/fergusstrange/embedded-postgres from 1.27.0 to 1.28.0 by @dependabot in #4026
  • Surface selector check errors to handlers by @jhrozek in #4021
  • Add converter for PR selector by @eleftherias in #4028
  • Extend test cases for selectors with multivalued selections by @jhrozek in #4022
  • Drop entity_profile_rules table by @dmjb in #3963
  • Auto-generated DB schema update - 2024-07-29 12:38:06 by @github-actions in #4030
  • Backfill entity_type in evaluation_rule_entities by @dmjb in #3996
  • Add GetProfileByName RPC by @JAORMX in #4029
  • Backfill latest_evaluation_statuses with profile_id by @dmjb in #4031
  • Auto-generated cli documentation update - 2024-07-29 16:19:31 by @github-actions in #4032...
Read more

v0.0.56

18 Jul 11:59
409ac76
Compare
Choose a tag to compare

What's Changed

  • Remove deduplication logic in evaluation history by @dmjb in #3893
  • Use project as targeting key, propagate message context through entity evaluation by @evankanderson in #3827
  • Require entity-type in profile status get to avoid permafail by @puerco in #3868
  • build(deps): bump docker/build-push-action from 6.3.0 to 6.4.0 by @dependabot in #3896
  • build(deps): bump slsa-framework/slsa-verifier from 2.5.1 to 2.6.0 by @dependabot in #3897
  • build(deps): bump anchore/sbom-action from 0.16.1 to 0.17.0 by @dependabot in #3898
  • Auto-generated DB schema update - 2024-07-15 18:32:14 by @github-actions in #3894
  • Cache RuleTypeEngine instances in Executor by @dmjb in #3741
  • Add tests for UpdateRole by @eleftherias in #3902
  • Show where roadmap is and how to request a feature by @lukehinds in #3900
  • Move ActionOpt types into a subpackage of profiles by @dmjb in #3901
  • Use simpler query to determine if rule type is in use by @dmjb in #3903
  • Use rule_instances table in CountProfilesByEntityType query by @dmjb in #3904
  • Add tests for RemoveRole by @eleftherias in #3907
  • build(deps): bump github.com/styrainc/regal from 0.23.1 to 0.24.0 by @dependabot in #3911
  • build(deps): bump github.com/google/go-containerregistry from 0.20.0 to 0.20.1 by @dependabot in #3910
  • Don't require the provider name when auto-enrolling repositories by @jhrozek in #3906
  • Updates the Install Minder Server documentation by @mesembria in #3880
  • Don't URL escape the package name when getting versions by @JAORMX in #3915
  • Add tests for AssignRole by @eleftherias in #3912
  • Upgrade go-github to v63 by @JAORMX in #3916
  • Removed option from minder history list. by @blkt in #3917
  • Fix potential race condition in rule type engine cache by @dmjb in #3918
  • build(deps): bump docker/build-push-action from 6.4.0 to 6.4.1 by @dependabot in #3920
  • build(deps): bump styled-components from 6.1.11 to 6.1.12 in /docs by @dependabot in #3921
  • build(deps): bump k8s.io/client-go from 0.30.2 to 0.30.3 by @dependabot in #3922
  • build(deps): bump github.com/openfga/openfga from 1.5.5 to 1.5.6 by @dependabot in #3924
  • Fix typos in documentation by @eleftherias in #3926
  • Add support for cursors to minder history list. by @blkt in #3925
  • Add format output for role grant and update by @rdimitrov in #3930

New Contributors

Full Changelog: v0.0.55...v0.0.56

v0.0.55

15 Jul 12:42
3be7c67
Compare
Choose a tag to compare

What's Changed

  • Update openfga entity_reconcile to require the admin role by @rdimitrov in #3818
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /tools by @dependabot in #3820
  • build(deps): bump anchore/sbom-action from 0.16.0 to 0.16.1 by @dependabot in #3821
  • build(deps): bump actions/setup-node from 4.0.2 to 4.0.3 by @dependabot in #3822
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.16 to 1.54.17 by @dependabot in #3824
  • build(deps): bump github.com/zitadel/oidc/v3 from 3.25.1 to 3.26.0 by @dependabot in #3825
  • build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.31.0 to 1.31.1 by @dependabot in #3823
  • Fix project creation conflict during user creation by @rdimitrov in #3815
  • Regenerate minder authz by @jhrozek in #3828
  • GetProfileByProjectAndID includes selectors by @jhrozek in #3833
  • Add First and Last name to the user identity object by @rdimitrov in #3832
  • Added ListEvaluationHistory RPC implementation. by @blkt in #3784
  • Artifact tag matcher: Curb complexity when parsing regexps from user input by @puerco in #3836
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.17 to 1.54.18 by @dependabot in #3845
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.11.0 to 0.11.1 by @dependabot in #3844
  • build(deps): bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #3841
  • Sort the authz roles in ListRoles response by @rdimitrov in #3857
  • Extend the db-to-pb profile code to include selectors by @jhrozek in #3854
  • Add a flag for informing if sending the email invite was skipped by @rdimitrov in #3859
  • Timestamps for evaluation statuses have time zone. by @blkt in #3858
  • CheckHealth RPC now logs error when failing. by @blkt in #3860
  • Use Version 2 config for sqlc.yaml by @dmjb in #3861
  • Fix issues with mapping of TIMESTAMPZ[] postgres type by @dmjb in #3863
  • Change ListEvaluationHistory to use default project ID by @dmjb in #3865
  • Move messages only used to generate Go structs out of minder.proto by @jhrozek in #3830
  • ListHistoryEvaluation filtering fixes. by @blkt in #3866
  • build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.17.0 to 1.18.0 by @dependabot in #3871
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.11.1 to 0.12.0 by @dependabot in #3870
  • Add history list subcommand to CLI by @dmjb in #3867
  • Auto-generated cli documentation update - 2024-07-12 10:25:04 by @github-actions in #3872
  • ListEvaluationHistory now enforces max page size. by @blkt in #3873
  • Some prep work for further changes to the executor by @dmjb in #3874
  • Set the auto_registration.entities.repository.enabled option to true when calling repo register --all by @jhrozek in #3876
  • Replace several internal protobufs with Go structs by @dmjb in #3878
  • Wire new Release + SDLC Core Entities by @puerco in #3839
  • Print provider config in provider get, if any by @jhrozek in #3881
  • Track evaluation times in executor by @dmjb in #3882
  • Auto-generated cli documentation update - 2024-07-12 19:24:31 by @github-actions in #3883
  • Fix offline token command flags not working by @rdimitrov in #3879
  • Auto-generated cli documentation update - 2024-07-15 10:16:24 by @github-actions in #3888
  • build(deps): bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #3887
  • build(deps): bump github.com/puzpuzpuz/xsync/v3 from 3.3.1 to 3.4.0 by @dependabot in #3886
  • build(deps): bump github.com/charmbracelet/lipgloss from 0.12.0 to 0.12.1 by @dependabot in #3885
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.18 to 1.54.19 by @dependabot in #3884
  • Revert "Replace several internal protobufs with Go structs (#3878)" by @JAORMX in #3890
  • Add Execution ID in the executor's evaluation param logs by @JAORMX in #3889
  • Give metric attributes unique names by @dmjb in #3891
  • Fix remediation/alert counter by @dmjb in #3892

Full Changelog: v0.0.54...v0.0.55

v0.0.54

09 Jul 14:29
35760c7
Compare
Choose a tag to compare

What's Changed

  • Do not allow removing the last admin role of a project by @rdimitrov in #3715
  • Disable the assignRole functionality if User Management is enabled by @rdimitrov in #3714
  • Allow a user to remove their own role from a project by @rdimitrov in #3716
  • Store alert and remediation history by @dmjb in #3713
  • Reuse the previous invite code when updating an invitation by @rdimitrov in #3719
  • build(deps): bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #3729
  • docs: switch to npm by @ethomson in #3732
  • Update roadmap in documentation by @ethomson in #3733
  • Fix npm run serve example in the docs' README by @jhrozek in #3734
  • Add database table and methods for profile selectors by @jhrozek in #3731
  • Auto-generated DB schema update - 2024-06-27 21:26:09 by @github-actions in #3736
  • build(deps): bump github.com/open-policy-agent/opa from 0.65.0 to 0.66.0 by @dependabot in #3737
  • Define API structures for evaluation history by @dmjb in #3647
  • Split message handling logic out of Executor by @dmjb in #3730
  • Deduplicate event handler and executor unit tests by @dmjb in #3740
  • Documentation updates by @ethomson in #3738
  • Update documentation site to underline hyperlinks in content area by @ethomson in #3742
  • build(deps): bump github.com/openfga/cli from 0.5.0 to 0.5.1 in /tools by @dependabot in #3745
  • build(deps): bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #3744
  • build(deps): bump mobx from 6.12.4 to 6.12.5 in /docs by @dependabot in #3743
  • Initial implementation of the invite email sending service by @rdimitrov in #3735
  • build(deps): bump github.com/docker/cli from 26.1.4+incompatible to 27.0.3+incompatible by @dependabot in #3754
  • build(deps): bump github.com/aws/aws-sdk-go from 1.53.21 to 1.54.12 by @dependabot in #3753
  • build(deps): bump redocusaurus from 2.1.0 to 2.1.1 in /docs by @dependabot in #3752
  • Add ProjectRoles field to GetUserResponse by @rdimitrov in #3755
  • Include the email template in the event message by @rdimitrov in #3756
  • Update the terms and privacy URLs in the invite email by @rdimitrov in #3760
  • Do not try to fill roles if project has none by @rdimitrov in #3761
  • build(deps): bump mobx from 6.12.5 to 6.13.0 in /docs by @dependabot in #3763
  • build(deps): bump go.opentelemetry.io/otel/metric from 1.27.0 to 1.28.0 by @dependabot in #3764
  • build(deps): bump go.opentelemetry.io/otel from 1.27.0 to 1.28.0 by @dependabot in #3765
  • build(deps): bump google.golang.org/grpc from 1.64.0 to 1.65.0 by @dependabot in #3766
  • build(deps): bump go.opentelemetry.io/otel/sdk from 1.27.0 to 1.28.0 by @dependabot in #3768
  • build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.27.0 to 1.28.0 by @dependabot in #3767
  • Use the correct org display name for invitations by @rdimitrov in #3769
  • Invite email: color and padding changes by @ethomson in #3771
  • Separate jwt functionality into its own package by @eleftherias in #3770
  • Show the subject display name along with the ID in minder role by @rdimitrov in #3772
  • Updates to the protocol documentation (and its generator) by @ethomson in #3747
  • build(deps): bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #3776
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.52.0 to 0.53.0 by @dependabot in #3778
  • build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.27.0 to 1.28.0 by @dependabot in #3779
  • build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.52.0 to 0.53.0 by @dependabot in #3781
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.12 to 1.54.14 by @dependabot in #3780
  • build(deps): bump github.com/thomaspoignant/go-feature-flag from 1.30.0 to 1.31.0 by @dependabot in #3777
  • Add unit test for GetInviteDetails by @eleftherias in #3773
  • Consider the environment when generating the invite URLs by @rdimitrov in #3783
  • Validate the Auth URL by @lukehinds in #3787
  • Add the selector message to the protobuf by @jhrozek in #3785
  • Fix project display name when listing invitations by @eleftherias in #3788
  • Fix project display name when resolving invite by @eleftherias in #3789
  • Add unit tests for ListInvitations and ResolveInvitation by @eleftherias in #3790
  • build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.49.0 to 0.50.0 by @dependabot in #3793
  • build(deps): bump golang.org/x/term from 0.21.0 to 0.22.0 by @dependabot in #3792
  • build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #3791
  • build(deps): bump golang.org/x/tools from 0.22.0 to 0.23.0 in /tools by @dependabot in #3798
  • build(deps): bump golang.org/x/crypto from 0.24.0 to 0.25.0 by @dependabot in #3801
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.14 to 1.54.15 by @dependabot in #3800
  • build(deps): bump github.com/puzpuzpuz/xsync/v3 from 3.2.0 to 3.3.1 by @dependabot in #3799
  • Extend the Profile List database calls to include selectors by @jhrozek in #3786
  • Increase CLI context timeout to 20s by @eleftherias in #3803
  • Bump minder to go 1.22.5 by @dmjb in #3804
  • build(deps): bump aquasecurity/trivy-action from 0.23.0 to 0.24.0 by @dependabot in #3805
  • build(deps): bump sigs.k8s.io/release-utils from 0.8.2 to 0.8.3 by @dependabot in #3807
  • build(deps): bump github.com/aws/aws-sdk-go from 1.54.15 to 1.54.16 by @dependabot in #3808
  • build(deps): bump github.com/google/go-containerregistry from 0.19.2 to 0.20.0 by @dependabot in #3809
  • build(deps): bump github.com/norwoodj/helm-docs from 1.13.1 to 1.14.2 in /tools by @dependabot in #3810
  • build(deps): bump github.com/stacklok/trusty-sdk-go from 0.1.0 to 0.1.1 by @dependabot in #3806
  • Fix broken documentation links by @eleftherias in #3811
  • Update error message when no project is specified by @eleftherias in #3813

Full Changelog: v0.0.53...v0.0.54