Description:
This update for gh fixes the following issues:
- Update to version 2.65.0:
* Bump cli/go-gh for indirect security vulnerability
* Panic mustParseTrackingRef if format is incorrect
* Move trackingRef into pr create package
* Make tryDetermineTrackingRef tests more respective of reality
* Rework tryDetermineTrackingRef tests
* Avoid pointer return from determineTrackingBranch
* Doc determineTrackingBranch
* Don't use pointer for determineTrackingBranch branchConfig
* Panic if tracking ref can't be reconstructed
* Document and rework pr create tracking branch lookup
* Upgrade generated workflows
* Fixed test for stdout in non-tty use case of repo fork
* Fix test
* Alternative: remove LocalBranch from BranchConfig
* Set LocalBranch even if the git config fails
* Add test for permissions check for security and analysis edits (#1)
* print repo url to stdout
* Update pkg/cmd/auth/login/login.go
* Move mention of classic token to correct line
* Separate type decrarations
* Add mention of classic token in gh auth login docs
* Update pkg/cmd/repo/create/create.go
* docs(repo): make explicit which branch is used when creating a repo
* fix(repo fork): add non-TTY output when fork is newly created
* Move api call to editRun
* Complete get -> list renaming
* Better error testing for autolink TestListRun
* Decode instead of unmarshal
* Use 'list' instead of 'get' for autolink list type and method
* Remove NewAutolinkClient
* Break out autolink list json fields test
* PR nits
* Refactor autolink subcommands into their own packages
* Whitespace
* Refactor out early return in test code
* Add testing for AutoLinkGetter
* Refactor autolink list and test to use http interface for simpler testing
* Apply PR comment changes
* Introduce repo autolinks list commands
* Remove release discussion posts and clean up related block in deployment yml
* Extract logic into helper function
* add pending status for workflow runs
* Feat: Allow setting security_and_analysis settings in gh repo edit
* Upgrade golang.org/x/net to v0.33.0
* Document SmartBaseRepoFunc
* Document BaseRepoFunc
* Update releasing.md
* Document how to set gh-merge-base
- Update to version 2.64.0:
* add test for different SAN and SourceRepositoryURI values
* add test for signerRepo and tenant
* add some more fields to test that san, sanregex are set properly
* Bump github.com/cpuguy83/go-md2man/v2 from 2.0.5 to 2.0.6
* update san and sanregex configuration for readability
* reduce duplication when creating policy content
* tweak output of build policy info
* Name conditionals in PR finder
* Support pr view for intra-org forks
* Return err instead of silentError in merge queue check
* linting pointed out this var is no longer used
* Removed fun, but inaccessible ASCII header
* further tweaks to the long description
* Exit on pr merge with `-d` and merge queue
* Addressed PR review feedback; expanded Long command help string, used ghrepo, clarified some abbreviations
* Update pkg/cmd/attestation/inspect/inspect.go
* Update gh auth commands to point to GitHub Docs
* Reformat ext install long
* Mention Windows quirk in ext install help text
* Fix error mishandling in local ext install
* Assert on err msg directly in ext install tests
* Clarify hosts in ext install help text
* Bump golang.org/x/crypto from 0.29.0 to 0.31.0
* Removed now redundant file
* minor tweak to language
* go mod tidy
* Deleted no-longer-used code.
* deleted now-invalid tests, added a tiny patina of new testing.
* Tightened up docs, deleted dead code, improved printing
* fix file name creation on windows
* wording
* hard code expected digest
* fix download test
* use bash shell with integration tests
* simplify var creation
* update integration test scripts
* fix: list branches in square brackets in gh codespace
* try nesting scripts
* run all tests in a single script
* windows for loop syntax
* use replaceAll
* update expected file path on windows
* run integration tests with windows specific syntax
* run all attestation cmd integration tests automatically
* Bump actions/attest-build-provenance from 1.4.4 to 2.1.0
* Improve error handling in apt setup script
* use different file name for attestation files on windows
* test(gh run): assert branch names are enclosed in square brackets
* docs: enhance help text and prompt for rename command
* Revert "Confirm auto-detected base branch"
* Confirm auto-detected base branch
* Merge changes from #10004
* Set gh-merge-base from `issue develop`
* Open PR against gh-merge-base
* Refactor extension executable error handling
* fix: list branches in square brackets in gh run view (#10038)
* docs: update description of command
* style: reformat files
* docs: update sentence case
* use github owned oci image
* docs: add mention of scopes help topic in `auth refresh` command help
* docs: add mention of scopes help topic in `auth login` command help
* docs: add help topic for auth scopes
* docs: improve help for browse command
* docs: improve docs for browse command as of #5352
* fix package reference
* add gh attestation verify integration test for oci bundles
* add integration test for bundle-from-oci option
* update tests
* update tests
* move content of veriy policy options function into enforcement criteria
* comment
* try switch statement
* remove duplicate err checking
* get bundle issuer in another func
* more logic updating to remove nesting
* inverse logic for less nesting
* remove unneeded nesting
* wip, linting, getting tests to pass
* wording
* var naming
* drop table view
* order policy info so relevant info is printed next to each other
* Update pkg/cmd/attestation/verification/policy.go
* Update pkg/cmd/attestation/verification/policy.go
* Update pkg/cmd/attestation/verification/policy.go
* wip: added new printSummaryInspection
* Improve error handling for missing executable
* experiment with table output
* Assert stderr is empty in manager_test.go
* Update error message wording
* Change: exit zero, still print warning to stderr
* wording
* Improve docs on installing extensions
* Update language for missing extension executable
* Update test comments about Windows behavior
* wording
* wording
* wording
* add newlines for additional policy info
* Document requirements for local extensions
* Warn when installing local ext with no executable
* wording
* formatting
* print policy information before verifying
* add initial policy info method
* more wip poking around, now with table printing
* wip, gh at inspect will check the signature on the bundle
* wip: inspect now prints various bundle fields in a nice json
- Update to version 2.63.2:
* include alg with digest when fetching bundles from OCI
* Error for mutually exclusive json and watch flags
* Use safepaths for run download
* Use consistent slice ordering in run download tests
* Consolidate logic for isolating artifacts
* Fix PR checkout panic when base repo is not in remotes
* When renaming an existing remote in `gh repo fork`, log the change
* Improve DNF version clarity in install steps
* Fix formatting in client_test.go comments for linter
* Expand logic and tests to handle edge cases
* Refactor download testing, simpler file descends
* Bump github.com/gabriel-vasile/mimetype from 1.4.6 to 1.4.7
* Improve test names so there is no repetition
* Second attempt to address exploit
- Update to version 2.63.0:
* Add checkout test that uses ssh git remote url
* Rename backwards compatible credentials pattern
* Fix CredentialPattern doc typos
* Remove TODOs
* Fix typos and add tests for CredentialPatternFrom* functions
* Add SSH remote todo
* General cleanup and docs
* Allow repo sync fetch to use insecure credentials pattern
* Allow client fetch to use insecure credentials pattern
* Allow client push to use insecure credential pattern
* Allow client pull to use insecure credential pattern
* Allow opt-in to insecure pattern
* Support secure credential pattern
* Refactor error handling for missing "workflow" scope in createRelease
* ScopesResponder wraps StatusScopesResponder
* Refactor `workflow` scope checking
* pr feedback
* pr feedback
* Update pkg/cmd/attestation/verify/attestation_integration_test.go
* Apply suggestions from code review
* Refactor command documentation to use heredoc
* pr feedback
* remove unused test file
* undo change
* add more testing testing fixtures
* update test with new test bundle
* naming
* update test
* update test
* Fix README.md code block formatting
* clean up
* wrap sigstore and cert ext verification into a single function
* Adding option to return `baseRefOid` in `pr view`
* verify cert extensions function should return filtered result list
* pr feedback
* Update pkg/cmd/attestation/download/download.go
* fix function param calls
* Update pkg/cmd/attestation/verification/extensions.go
* Formatting fix
* Updated formatting to be more clear
* Updated markdown syntax for a `note`.
* Added a section on manual verification of the relases.
* Handle missing "workflow" scope in createRelease
* Modify push prompt on repo create when bare
* Doc push behaviour for bare repo create
* Push --mirror on bare repo create
* Add acceptance test for bare repo create
* Doc isLocalRepo and git.Client IsLocalRepo differences
* Use errWithExitCode interface in repo create isLocalRepo
* Backfill repo creation failure tests
* Support bare repo creation
* use logger println method
* simplify verifyCertExtensions
* rename type
* refactor fetch attestations funcs
- Update to version 2.62.0
* CVE-2024-52308: remote code execution (RCE) when users connect
to a malicious Codespace SSH server and use the gh codespace
ssh or gh codespace logs commands
(boo#1233387, GHSA-p2h2-3vg9-4p87)
* Check extension for latest version when executed
* Shorten extension release checking from 3s to 1s
- includes changes from 2.61.0:
* Enhance gh repo edit command to inform users about
consequences of changing visibility and ensure users are
intentional before making irreversible changes
- Update to version 2.60.1:
* Note token redaction in Acceptance test README
* Refactor gpg-key delete to align with ssh-key delete
* Add acceptance tests for org command
* Adjust environment help for host and tokens (#9809)
* Add SSH Key Acceptance test
* Add Acceptance test for label command
* Add acceptance test for gpg-key
* Update go-internal to redact more token types in Acceptance tests
* Address PR feedback
* Clarify `gh` is available for GitHub Enterprise Cloud
* Remove comment from gh auth logout
* Add acceptance tests for auth-setup-git and formattedStringToEnv helper func
* Use forked testscript for token redaction
* Use new GitHub preview terms in working-with-us.md
* Use new GitHub previews terminology in attestation
* Test json flags for repo view and list
* Clean up auth-login-logout acceptance test with native functionality
* Add --token flag to `gh auth login` to accept a PAT as a flag
* Setup acceptance testing for auth and tests for auth-token and auth-status
* Update variable testscripts based on secret
* Check extOwner for no value instead
* Fix tests for invalid extension name
* Refactor to remove code duplication
* Linting: now that mockDataGenerator has an embedded mock, we ought to have pointer receivers in its funcs.
* Minor tweaks, added backoff to getTrustDomain
* added test for verifying we do 3 retries when fetching attestations.
* Fix single quote not expanding vars
* Added constant backoff retry to getAttestations.
* Address @williammartin PR feedback
* wip: added test that fails in the absence of a backoff.
* add validation for local ext install
* feat: add ArchivedAt field to Repository struct
* Refactor `gh secret` testscript
* Wrap true in '' in repo-fork-sync
* Rename acceptance test directory from repos to repo
* Remove unnecessary flags from repo-delete testscript
* Replace LICENSE Makefile README.md acceptance api bin build cmd context docs git go.mod go.sum internal pkg script share test utils commands with
* Wrap boolean strings in '' so it is clear they are strings
* Remove unnecessary gh auth setup-git steps
* Cleanup some inconsistencies and improve collapse some functionality
* Add acceptance tests for repo deploy-key add/list/delete
* Add acceptance tests for repo-fork and repo-sync
* Add acceptance test for repo-set-default
* Add acceptance test for repo-edit
* Add acceptance tests for repo-list and repo-rename
* Acceptance testing for repo-archive and repo-unarchive
* Add acceptance test for repo-clone
* Added acceptance test for repo-delete
* Added test function for repos and repo-create test
* Implement acceptance tests for search commands
* Remove . from test case for TestTitleSurvey
* Clean up Title Survey empty title message code
* Add missing test to trigger acceptance tests
* Add acceptance tests for `gh variable`
* Minor polish / consistency
* Fix typo in custom command doc
* Refactor env2upper, env2lower; add docs
* Update secret note about potential failure
* Add testscripts for `gh secret`, helper cmds
* Remove stdout assertion from release
* Rename test files
* Add acceptance tests for `release` commands
* Implement basic API acceptance test
* Remove unnecesary mkdir from download Acceptance test
* Remove empty stdout checks
* Adjust sleeps to echos in Acceptance workflows
* Use regex assert for enable disable workflow Acceptance test
* Watch for run to end for cancel Acceptance test
* Include startedAt, completedAt in run steps data
* Rewrite a sentence in CONTRIBUTING.md
* Add filtered content output to docs
* sleep 10s before checking for workflow run
* Update run-rerun.txtar
* Create cache-list-delete.txtar
* Create run-view.txtar
* Create run-rerun.txtar
* Create run-download.txtar
* Create run-delete.txtar
* Remove IsTenancy and relevant tests from gists as they are unsupported
* Remove unnecessary code branches
* Add ghe.com to tests describing ghec data residency
* Remove comment
* auth: Removed redundant ghauth.IsTenancy(host) check
* Use go-gh/auth package for IsEnterprise, IsTenancy, and NormalizeHostname
* Upgrade go-gh version to 2.11.0
* Add test coverage to places where IsEnterprise incorrectly covers Tenancy
* Fix issue creation with metadata regex
* Create run-cancel.txtar
* Create workflow-run.txtar
* Create workflow-view.txtar
* implement workflow enable/disable acceptance test
* implement base workflow list acceptance test
* Add comment to acceptance make target
* Resolve PR feedback
* Acceptance test issue command
* Support GH_ACCEPTANCE_SCRIPT
* Ensure Acceptance defer failures are debuggable
* Add acceptance task to makefile
* build(deps): bump github.com/gabriel-vasile/mimetype from 1.4.5 to 1.4.6
* Ensure pr create with metadata has assignment
* Document sharedCmds func in acceptance tests
* Correct testscript description in Acceptance readme
* Add link to testscript pkg documentation
* Add VSCode extension links to Acceptance README
* Fix GH_HOST / GH_ACCEPTANCE_HOST misuse
* Acceptance test PR list
* Support skipping Acceptance test cleanup
* Acceptance test PR creation with metadata
* Suggest using legacy PAT for acceptance tests
* Add host recommendation to Acceptance test docs
* Don't append remaining text if more matches
* Highlight matches in table and content
* Split all newlines, and output no-color to non-TTY
* Print filtered gists similar to code search
* Show progress when filtering
* Simplify description
* Disallow use of --include-content without --filter
* Improve help docs
* Refactor filtering into existing `gist list`
* Improve performance
* Add `gist search` command
* Fix api tests after function signature changes
* Return nil instead of empty objects when err
* Fix license list and view tests
* Validate required env vars not-empty for Acceptance tests
* Add go to test instructions in Acceptance README
* Apply suggestions from code review
* Error if acceptance tests are targeting github or cli orgs
* Add codecoverage to Acceptance README
* Isolate acceptance env vars
* Add Writing Tests section to Acceptance README
* Add Debug and Authoring sections to Acceptance README
* Acceptance test PR comment
* Acceptance test PR merge and rebase
* Note syntax highlighting support for txtar files
* Refactor acceptance test environment handling
* Add initial acceptance test README
* Use txtar extension for testscripts
* Support targeting other hosts in acceptance tests
* Use stdout2env in PR acceptance tests
* Acceptance test PR checkout
* Add pr view test script
* Initial testscript introduction
* While we're at it, let's ensure VerifyCertExtensions can't be tricked the same way.
* Add examples for creating `.gitignore` files
* Update help for license view
* Refactor http error handling
* implement `--web` flag for license view
* Fix license view help doc, add LICENSE.md example
* Update help and fix heredoc indentation
* Add SPDX ID to license list output
* Fix ExactArgs invocation
* Add `Long` for license list indicating limitations
* Update function names
* Reverse repo/shared package name change
* If provided with zero attestations to verify, the LiveSigstoreVerifier.Verify func should return an error.
* Bump cli/oauth to 1.1.1
* Add test coverage for TitleSurvey change
* Fix failing test for pr and issue create
* Make the X in the error message red and print with io writer
* Handle errors from parsing hostname in auth flow
* Apply suggestions from code review
* Refactor tests and add new tests
* Move API calls to queries_repo.go
* Allow user to override markdown wrap width via $GH_MDWIDTH from environment
* Add handling of empty titles for Issues and PRs
* Print the login URL even when opening a browser
* Apply suggestions from code review
* Update SECURITY.md
* Fix typo and wordsmithing
* fix typo
* Remove trailing space from heading
* Revise wording
* Update docs to allow community submitted designs
* Implement license view
* Implement gitignore view
* implement gitignore list
* Update license table headings and tests
* Fix ListLicenseTemplates doc
* fix output capitalization
* Cleanup rendering and tests
* Remove json output option
* Divide shared repo package and add queries tests
* First pass at implementing `gh repo license list`
* Emit a log message when extension installation falls back to a darwin-amd64 binary on an Apple Silicon macOS machine
- Update to version 2.58.0:
* build(deps): bump github.com/theupdateframework/go-tuf/v2
* Include `dnf5` commands
* Add GPG key instructions to appropriate sections
* Update docs language to remove possible confusion around 'where you log in'
* Change conditional in promptForHostname to better reflect prompter changes
* Shorten language on Authenticate with a GitHub host.
* Update language on docstring for `gh auth login`
* Change prompts for `gh auth login` to reflect change from GHE to Other
* Sentence case 'Other' option in hostname prompt
* build(deps): bump github.com/henvic/httpretty from 0.1.3 to 0.1.4
* Add documentation explaining how to use `hostname` for `gh auth login`
* Replace "GitHub Enterprise Server" with "other" in `gh auth login` prompt
* fix tenant-awareness for trusted-root command
* Fix test
* Update pkg/cmd/extension/manager.go
* Update comment formatting
* Use new HasActiveToken method in trustedroot.go
* Add HasActiveToken method to AuthConfig interface
* Add HasActiveToken to AuthConfig.
* Improve error presentation
* Improve the suggested command for creating an issue when an extension doesn't have a binary for your platform
* Update pkg/cmd/attestation/trustedroot/trustedroot_test.go
* build(deps): bump github.com/cpuguy83/go-md2man/v2 from 2.0.4 to 2.0.5
* enforce auth for tenancy
* disable auth check for att trusted-root cmd
* better error for att verify custom issuer mismatch
* Enhance gh repo create docs, fix random cmd link