dependabot[bot]
66a1d6b50f
Bump actions/dependency-review-action from 2.0.4 to 2.1.0 ( #3485 )
2 years ago
dependabot[bot]
9076a0051c
Bump actions/checkout from 3 to 3.0.2 ( #3483 )
2 years ago
Chris Lu
9b006250b2
Update pull_request_template.md
2 years ago
dependabot[bot]
da167e3134
Bump docker/build-push-action from 3.1.0 to 3.1.1 ( #3415 )
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1cb9d22b93
...c84f38281176d4c9cdb1626ffafcd6b3911b5d94)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2 years ago
chrislu
26dbc6c905
move to https://github.com/seaweedfs/seaweedfs
2 years ago
dependabot[bot]
a730c4211a
Bump docker/build-push-action from 3.0.0 to 3.1.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](e551b19e49
...1cb9d22b932e4832bb29793b7777ec860fc1cde0)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
9cf68c0cf8
Bump actions/dependency-review-action from 2.0.2 to 2.0.4
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 2.0.2 to 2.0.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](1c59cdf2a9
...94145f3150bfabdc97540cbd5f7e926306ea7744)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
dependabot[bot]
e098244afc
Bump actions/setup-go from 3.2.0 to 3.2.1
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.2.0 to 3.2.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](b22fbbc292
...84cbf8094393cdc5fe1fe1671ff2647332956b1a)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2 years ago
Chris Lu
fa8e33ccb8
Update binaries_dev.yml
2 years ago
Chris Lu
c349f81195
Update binaries_dev.yml
3 years ago
yulai.li
93dd33319f
Update github workflow configuration files
3 years ago
chrislu
1d0c53ea56
remote storage: stop supporting hdfs as a remote storage
3 years ago
dependabot[bot]
2d75dda243
Bump actions/dependency-review-action from 1.0.2 to 2.0.2
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1.0.2 to 2.0.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](a9c83d3af6
...1c59cdf2a9c7f29c90e8da32237eb04b81bad9f0)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Chris Lu
cc5d771088
Update container_dev.yml
3 years ago
Konstantin Lebedev
2b159c331d
fix build container
3 years ago
dependabot[bot]
37f48717f7
Bump actions/setup-go from 3.1.0 to 3.2.0
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.1.0 to 3.2.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](fcdc43634a
...b22fbbc2921299758641fab08929b4ac52b32923)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
ec38ff1a39
Bump actions/dependency-review-action from 1.0.1 to 1.0.2
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](39e692fa32
...a9c83d3af6b9031e20feba03b904645bb23d1dab)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Chris Lu
accf4d65c6
Create pull_request_template.md
3 years ago
Konstantin Lebedev
d68a37d3e6
build release containers for all tags and large volume
3 years ago
dependabot[bot]
99ffbcea7f
Bump actions/dependency-review-action
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 3f943b86c9
to 1. This release includes the previously tagged commit.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](3f943b86c9
...39e692fa323107ef86d8fdac0067ce647f239bd7)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
70779df038
Bump actions/setup-go from 3.0.0 to 3.1.0
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.0.0 to 3.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](f6164bd8c8
...fcdc43634adb5f7ae75a9d7a9b9361790f7293e2)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
chrislu
ca85b66511
fix build
3 years ago
Konstantin Lebedev
5ee51f7cbd
build binaries for linux with all tags
3 years ago
Konstantin Lebedev
8f762a1a06
build release containers for all tags
3 years ago
Naveen
21c95d9b29
Update codeql.yml
3 years ago
naveen
417d0a441d
chore: Enable codeql action
This action runs GitHub's industry-leading semantic code analysis engine,
CodeQL, against a repository's source code to find security vulnerabilities.
https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql
https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
Signed-off-by: naveen <172697+naveensrinivasan@users.noreply.github.com>
3 years ago
dependabot[bot]
82fb8f9333
Bump docker/build-push-action from 2.10.0 to 3
Bumps [docker/build-push-action](https://github.com/docker/build-push-action ) from 2.10.0 to 3.
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](ac9327eae2
...e551b19e49efd4e98792db7592c17c09b89db8d8)
---
updated-dependencies:
- dependency-name: docker/build-push-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
3a21196fc3
Bump docker/login-action from 1.14.1 to 2
Bumps [docker/login-action](https://github.com/docker/login-action ) from 1.14.1 to 2.
- [Release notes](https://github.com/docker/login-action/releases )
- [Commits](dd4fa0671b
...49ed152c8eca782a232dede0303416e8f356c37b)
---
updated-dependencies:
- dependency-name: docker/login-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
607ba90f62
Bump docker/metadata-action from 3.8.0 to 4.0.1
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.8.0 to 4.0.1.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md )
- [Commits](b2391d37b4
...69f6fc9d46f2f8bf0d5491e4aabe0bb8c6a4678a)
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
4093459630
Bump docker/setup-qemu-action from 1.2.0 to 2
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action ) from 1.2.0 to 2.
- [Release notes](https://github.com/docker/setup-qemu-action/releases )
- [Commits](27d0a4f181
...8b122486cedac8393e77aa9734c3528886e4a1a8)
---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
a50828d8f8
Bump docker/setup-buildx-action from 1.7.0 to 2
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.7.0 to 2.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](f211e3e9de
...dc7b9719a96d48369863986a06765841d7ea23f6)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Konstantin Lebedev
f58adaab25
build tag ydb since the growth of the binary is 5 mb
3 years ago
chrislu
e82233efa7
add back arm64 darwin
3 years ago
dependabot[bot]
94f302fb34
Bump docker/setup-buildx-action from 1.6.0 to 1.7.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](94ab11c41e
...f211e3e9ded2d9377c8cadc4489a4e38014bc4c9)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
dependabot[bot]
c772bbb704
Bump docker/metadata-action from 3.7.0 to 3.8.0
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.7.0 to 3.8.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](f2a13332ac
...b2391d37b4157fa4aa2e118d643f417910ff3242)
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
Chris Lu
15c7d6e7bc
temporarily skip arm64 for mac
3 years ago
Chris Lu
42cc8d8aa3
Update binaries_release2.yml
3 years ago
Chris Lu
14a917c262
Update dependabot.yml
3 years ago
chrislu
2988e69b1e
update go build
3 years ago
naveensrinivasan
3d5fc72d55
chore(deps): Included dependency review
> Dependency Review GitHub Action in your repository to enforce dependency reviews on your pull requests.
> The action scans for vulnerable versions of dependencies introduced by package version changes in pull requests,
> and warns you about the associated security vulnerabilities.
> This gives you better visibility of what's changing in a pull request,
> and helps prevent vulnerabilities being added to your repository.
https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
3 years ago
dependabot[bot]
9f9e0deafb
Bump docker/metadata-action from 3.6.2 to 3.7.0
Bumps [docker/metadata-action](https://github.com/docker/metadata-action ) from 3.6.2 to 3.7.0.
- [Release notes](https://github.com/docker/metadata-action/releases )
- [Commits](e5622373a3
...f2a13332ac1ce8c0a71aeac48a150dbb1838ab67)
---
updated-dependencies:
- dependency-name: docker/metadata-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
naveensrinivasan
5b352ec1d2
Set permissions for GitHub actions
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
3 years ago
naveensrinivasan
48a2d3327d
Dependabot config settings for golang
- Dependabot config settings for golang
3 years ago
dependabot[bot]
c0475cc267
Bump actions/setup-go from 2.2.0 to 3
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2.2.0 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](bfdd3570ce
...f6164bd8c8acb4a71fb2791a8b6c4024ff038dab)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
3 years ago
naveensrinivasan
d75d409800
Dependabot for GitHub actions
- Included dependabot config for GitHub actions.
3 years ago
naveensrinivasan
dd737bd755
Pin actions to a full length commit SHA
- Pinned actions by SHA https://github.com/ossf/scorecard/blob/main/docs/checks.md#pinned-dependencies
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
>Pin actions to a full length commit SHA
>Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.
https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions#using-third-party-actions
3 years ago
Chris Lu
5f3784ee05
Update binaries_dev.yml
3 years ago
Chris Lu
1dced26304
Update binaries_dev.yml
3 years ago
Chris Lu
e526a299dc
Update FUNDING.yml
3 years ago
Chris Lu
182fb9e3ed
Create FUNDING.yml
3 years ago