Add Approved technical charter for Criticality Score #680
Commits on Sep 4, 2024
-
Signed-off-by: riaan kleinhans <[email protected]>
-
Signed-off-by: Amanda L Martin <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Fix the "v2" behavior to match Go's git + mod functionality. (ossf#563)
Signed-off-by: Caleb Brown <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Add @latest to
go installcommands in docs. (ossf#572)Signed-off-by: Caleb Brown <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 (ossf#562)
Bumps google.golang.org/protobuf from 1.32.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump github.com/hasura/go-graphql-client from 0.12.0 to 0.12.1 (ossf#559
) Bumps [github.com/hasura/go-graphql-client](https://github.com/hasura/go-graphql-client) from 0.12.0 to 0.12.1. - [Release notes](https://github.com/hasura/go-graphql-client/releases) - [Commits](hasura/go-graphql-client@v0.12.0...v0.12.1) --- updated-dependencies: - dependency-name: github.com/hasura/go-graphql-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump golang.org/x/sys from 0.17.0 to 0.18.0 (ossf#561)
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.17.0 to 0.18.0. - [Commits](golang/sys@v0.17.0...v0.18.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/api from 0.156.0 to 0.170.0 (ossf#570)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.156.0 to 0.170.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.156.0...v0.170.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump cloud.google.com/go/bigquery from 1.57.1 to 1.59.1 (ossf#544)
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.57.1 to 1.59.1. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@bigquery/v1.57.1...bigquery/v1.59.1) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump gocloud.dev from 0.36.0 to 0.37.0 (ossf#565)
Bumps [gocloud.dev](https://github.com/google/go-cloud) from 0.36.0 to 0.37.0. - [Release notes](https://github.com/google/go-cloud/releases) - [Commits](google/go-cloud@v0.36.0...v0.37.0) --- updated-dependencies: - dependency-name: gocloud.dev dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
* Update go.work.sum Signed-off-by: Caleb Brown <[email protected]> * Add a long timeout for golanci-lint Signed-off-by: Caleb Brown <[email protected]> --------- Signed-off-by: Caleb Brown <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/protobuf from 1.31.0 to 1.33.0 in /tools (ossf…
…#569) Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump golang.org/x/sys from 0.18.0 to 0.19.0 (ossf#583)
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.18.0 to 0.19.0. - [Commits](golang/sys@v0.18.0...v0.19.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump actions/checkout from 4.1.1 to 4.1.2 (ossf#566)
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.1 to 4.1.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@b4ffde6...9bb5618) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump cloud.google.com/go/bigquery from 1.59.1 to 1.60.0 (ossf#581)
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.59.1 to 1.60.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@bigquery/v1.59.1...spanner/v1.60.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/api from 0.170.0 to 0.174.0 (ossf#587)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.170.0 to 0.174.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.170.0...v0.174.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump github/codeql-action from 3.24.3 to 3.25.1 (ossf#588)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.3 to 3.25.1. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.24.3...v3.25.1) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump actions/upload-artifact from 4.3.1 to 4.3.2 (ossf#590)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.1 to 4.3.2. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@5d5d22a...1746f4a) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump github.com/golangci/golangci-lint from 1.56.2 to 1.57.2 in /tools (
ossf#582) Bumps [github.com/golangci/golangci-lint](https://github.com/golangci/golangci-lint) from 1.56.2 to 1.57.2. - [Release notes](https://github.com/golangci/golangci-lint/releases) - [Changelog](https://github.com/golangci/golangci-lint/blob/master/CHANGELOG.md) - [Commits](golangci/golangci-lint@v1.56.2...v1.57.2) --- updated-dependencies: - dependency-name: github.com/golangci/golangci-lint dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump golang.org/x/net from 0.22.0 to 0.23.0 (ossf#591)
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0. - [Commits](golang/net@v0.22.0...v0.23.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Fix the issue lookback duration to be 90 days. (ossf#605)
Signed-off-by: Caleb Brown <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/protobuf from 1.33.0 to 1.34.0 (ossf#606)
Bumps google.golang.org/protobuf from 1.33.0 to 1.34.0. --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump github/codeql-action from 3.25.1 to 3.25.3 (ossf#601)
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.1 to 3.25.3. - [Release notes](https://github.com/github/codeql-action/releases) - [Commits](github/codeql-action@v3.25.1...v3.25.3) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump google.golang.org/api from 0.174.0 to 0.177.0 (ossf#607)
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.174.0 to 0.177.0. - [Release notes](https://github.com/googleapis/google-api-go-client/releases) - [Changelog](https://github.com/googleapis/google-api-go-client/blob/main/CHANGES.md) - [Commits](googleapis/google-api-go-client@v0.174.0...v0.177.0) --- updated-dependencies: - dependency-name: google.golang.org/api dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump cloud.google.com/go/bigquery from 1.60.0 to 1.61.0 (ossf#600)
Bumps [cloud.google.com/go/bigquery](https://github.com/googleapis/google-cloud-go) from 1.60.0 to 1.61.0. - [Release notes](https://github.com/googleapis/google-cloud-go/releases) - [Changelog](https://github.com/googleapis/google-cloud-go/blob/main/CHANGES.md) - [Commits](googleapis/google-cloud-go@spanner/v1.60.0...bigquery/v1.61.0) --- updated-dependencies: - dependency-name: cloud.google.com/go/bigquery dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Bump golang.org/x/sys from 0.19.0 to 0.20.0 (ossf#610)
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.19.0 to 0.20.0. - [Commits](golang/sys@v0.19.0...v0.20.0) --- updated-dependencies: - dependency-name: golang.org/x/sys dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Signed-off-by: riaan kleinhans <[email protected]>
-
Fix typo in README.md (ossf#620)
Signed-off-by: Dan Baston <[email protected]> Signed-off-by: riaan kleinhans <[email protected]>
-
Signed-off-by: riaan kleinhans <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.