Skip to content

Release v0.5.0
Compare
Choose a tag to compare
@joshrwolf joshrwolf released this 05 Oct 19:52
· 1575 commits to main since this release
v0.5.0
b54700f
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What's Changed

  • Rename Contexts to Builds by @jonjohnsonjr in #525
  • Add missing context propagation by @jonjohnsonjr in #527
  • Bug fix: silent env var replacement by @luhring in #533
  • Add otel spans by @jonjohnsonjr in #529
  • Bump apko dep to pick up otel spans by @jonjohnsonjr in #535
  • docs: explain how build cache works practically by @luhring in #537
  • build: package: forcibly treat libc as a shared library by @kaniini in #538
  • Change git-checkout depth default to 1 by @luhring in #539
  • Fix/python version issue by @mesaglio in #532
  • pull in apko with fix for blank SOURCE_DATE_EPOCH by @deitch in #542
  • Remove use of deprecated WaitImmediate by @jonjohnsonjr in #528
  • lima startup issues fixed by @deitch in #543
  • add dir option to ruby pipelines as not all gemspecs live in the root… by @rawlingsj in #544
  • K8s runner template bugs by @joshrwolf in #550
  • K8s runner retry exec by @joshrwolf in #549
  • Refactor some pipelines to more safely use pipeline expansions by @kaniini in #554
  • Default remove builder by @joshrwolf in #552
  • use go-apk.FullFS for retrieving builder workspaces by @joshrwolf in #548
  • Correct the variable name in the patch pipeline by @mattmoor in #555
  • Stop breaking github action. by @mesaglio in #546
  • Pod names must be RFC1123 compliant by @mattmoor in #557
  • K8s runner fetch workspace tgz by @joshrwolf in #551
  • Avoid using pargzip for compression by @jonjohnsonjr in #558
  • Add more otel spans to k8s runner by @jonjohnsonjr in #565
  • build(deps): bump k8s.io/client-go from 0.27.3 to 0.27.4 by @dependabot in #562
  • skip the cache mount for kubernetes runner builds by @joshrwolf in #566
  • Make sure we log errors. by @mattmoor in #570
  • Log errors bundling, enable GGCR Warn/Progress logs by @mattmoor in #574
  • add k8s runner config loading from envvars by @joshrwolf in #571
  • Remove wget -q from fetch by @mattmoor in #575
  • Several fixes to k8s runner. by @mattmoor in #578
  • Tweak the strip pipeline so that it never fails for deleted files by @mattmoor in #573
  • convert/python: check if release is found by @Dentrax in #572
  • Fix subpackage SBOM generation by @jonjohnsonjr in #569
  • build(deps): bump sigstore/cosign-installer from 3.1.0 to 3.1.1 by @dependabot in #530
  • build(deps): bump github.com/klauspost/pgzip from 1.2.5 to 1.2.6 by @dependabot in #561
  • build(deps): bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.0 by @dependabot in #564
  • build(deps): bump google.golang.org/api from 0.129.0 to 0.133.0 by @dependabot in #576
  • build(deps): bump github.com/docker/docker from 24.0.2+incompatible to 24.0.5+incompatible by @dependabot in #577
  • build(deps): bump google.golang.org/api from 0.133.0 to 0.134.0 by @dependabot in #580
  • build(deps): bump github.com/go-git/go-git/v5 from 5.7.0 to 5.8.1 by @dependabot in #579
  • Refactor the config/logging stuff out of build by @Elizafox in #581
  • renovate: update to use new config infrastructure by @Elizafox in #585
  • pipelines: meson/configure: explicitly invoke meson setup action by @kaniini in #582
  • Updates on ci and release by @cpanato in #583
  • Make var transforms work in bump by @Elizafox in #586
  • container: bubblewrap: do not defer closing files by @kaniini in #596
  • build: package: add pkgconf-based SCA to catalog SDKs which use it by @kaniini in #590
  • doc and lint revisions by @jessp01 in #598
  • build(deps): bump google.golang.org/api from 0.134.0 to 0.136.0 by @dependabot in #597
  • build(deps): bump golang.org/x/sys from 0.10.0 to 0.11.0 by @dependabot in #594
  • build(deps): bump github.com/lima-vm/lima from 0.16.0 to 0.17.0 by @dependabot in #593
  • build(deps): bump github.com/google/go-containerregistry from 0.15.2 to 0.16.1 by @dependabot in #592
  • Version transform block in melange by @Elizafox in #588
  • Add docs about custom pipelines, defining and using. by @vaikas in #604
  • Support for setting context in .melange.k8s.yaml by @tcnghia in #605
  • allow override go version for uses: go/build and go/install by @rawlingsj in #606
  • add melange sign command, slightly refactor and make public the signing methods by @joshrwolf in #607
  • plumb through SDE to EmitSignature by @joshrwolf in #608
  • support substitutions in provides lists by @imjasonh in #610
  • Set reasonable concurrency levels for pgzip by @jonjohnsonjr in #611
  • Bump pkgconfig to pick up the openblas fix. by @dlorenc in #612
  • Bump pkg-config again to actually pick up the openblas fix. by @dlorenc in #618
  • Add ${{targets.contextdir}} by @kaniini in #622
  • add --force option to recreate apk indexes with given signatures by @joshrwolf in #626
  • sign: do not rename across device boundaries by @kaniini in #627
  • Fix the links to commands, fix the URLs generated. by @vaikas in #624
  • cli: index: add --signing-key, --source and --merge options by @kaniini in #629
  • docs: typo in go-build example by @acuteaura in #630
  • Bump apko and fix everything I broke by @jonjohnsonjr in #631
  • Print the path to generated melange config. by @vaikas in #636
  • feat: support --recurse-submodules in git clone by @stormqueen1990 in #639
  • readlinkfs: ignore some security-module specific xattrs by @kaniini in #640
  • Add --wolfi-defaults flag, clean up flag handling. by @vaikas in #641
  • Start of exhaustively documenting the build file. by @vaikas in #609
  • Add a maven/configure-mirror pipeline to redirect to GCP. by @dlorenc in #644
  • Add flags for resolving git tags, release-monitoring by @vaikas in #643
  • add builtin pipelines for python by @imjasonh in #642
  • remove extra backtick. by @vaikas in #647
  • Bunch of lint fixes. No functional changes. by @vaikas in #645
  • Change GeneratedMelangeConfig to embed pkg/config/config instead of redefining it. by @vaikas in #650
  • Fix syntax in maven pipeline (and add test). by @dlorenc in #652
  • package: dereference symlinks for aliased pkg-config modules by @kaniini in #653
  • Fix issue: #658 by @vaikas in #659
  • feat: add output logs for the apkbuild converter by @stormqueen1990 in #660
  • Change default python-version from 3.11 to 3. by @vaikas in #649
  • feat: add new Perl pipelines for Makefile generation and cleanup by @stormqueen1990 in #657
  • add ${{package.full-version}} = ${{package.version}}-r${{package.epoch}} by @vaikas in #662
  • document / examples for ${{package.full-version}} by @vaikas in #664
  • config: copy all subpackage variables when doing a range expansion by @kaniini in #661
  • docs: add documentation for built-in pipelines by @stormqueen1990 in #665
  • construct the package.full-version in higher context than just pipeline. by @vaikas in #667
  • Replace the elements of the subpackage by @mattmoor in #668
  • docs: fix link in pkg/build/pipelines/README.md by @stormqueen1990 in #666
  • package: constrain library SCA to library search paths only by @kaniini in #669
  • Add environment var overriding to the pipeline. by @Elizafox in #676
  • Add tests for new pipeline variables by @Elizafox in #677
  • Fix some python generation issues: by @dlorenc in #674
  • package: only constrain library search paths for provides entries by @kaniini in #678
  • Bump goreleaser/goreleaser-action from 4.3.0 to 4.6.0 by @dependabot in #673
  • Bump actions/upload-artifact from 3.1.2 to 3.1.3 by @dependabot in #672
  • Add pecl pipelines for phpize & install. by @vaikas in #679
  • Bump go tests to 1.21 by @Elizafox in #682
  • Add regression tests for workdir propagation, fix long-standing bug with propagation across referenced pipelines by @kaniini in #681
  • Bump k8s test workflows to Go 1.21 by @Elizafox in #683
  • golangci-lint version bump to 1.54 by @Elizafox in #687
  • chore: remove CODEOWNERS file by @luhring in #688
  • git-checkout: Allow tags to matched annotated tag SHAs, don't allow by @wlynch in #686
  • build(deps): bump k8s.io/client-go from 0.28.0 to 0.28.1 by @dependabot in #632
  • Bump goreleaser/goreleaser-action from 4.6.0 to 5.0.0 by @dependabot in #690
  • Bump docker/login-action from 2.2.0 to 3.0.0 by @dependabot in #689
  • build(deps): bump go.opentelemetry.io/otel from 1.16.0 to 1.17.0 by @dependabot in #635
  • build(deps): bump actions/checkout from 3.5.3 to 4.0.0 by @dependabot in #654
  • build(deps): bump golangci/golangci-lint-action from 3.6.0 to 3.7.0 by @dependabot in #620
  • build(deps): bump cloud.google.com/go/storage from 1.31.0 to 1.32.0 by @dependabot in #617
  • build(deps): bump k8s.io/api from 0.28.0 to 0.28.1 by @dependabot in #633
  • build(deps): bump google.golang.org/api from 0.136.0 to 0.138.0 by @dependabot in #613
  • build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #600
  • build(deps): bump github.com/lima-vm/lima from 0.17.0 to 0.17.2 by @dependabot in #599
  • build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.1.2 by @dependabot in #655
  • Binary package linting by @Elizafox in #680
  • add goreleaser pipeline by @developer-guy in #671
  • Disable linters on -compat packages by @Elizafox in #691
  • log and continue when .pc file can't be loaded by @imjasonh in #694
  • Use Warnf over WARNING by @jonjohnsonjr in #696
  • Add dev, opt, and srv linters by @Elizafox in #697
  • fix the dir name as we already expect dir to be set explicit by @developer-guy in #692
  • linter: when subpackages are linted use the subpackage name as the pa… by @rawlingsj in #699
  • Add worldwrite linter by @Elizafox in #698
  • build: do not run linters on skipped subpackages by @kaniini in #701
  • bump go to 1.21 and apko to e9722fc by @joshrwolf in #702
  • exa is dead, use mdbook as a rust CI test instead. by @Elizafox in #703
  • Add post-file walk linting and empty package linting by @Elizafox in #700
  • Refactor the package linter into a submodule by @Elizafox in #706
  • build: refactor package linter invocation by @kaniini in #708
  • Do not delete extensions and plugins directories with ruby/clean by @found-it in #719
  • build(deps): bump google.golang.org/api from 0.138.0 to 0.142.0 by @dependabot in #717
  • build(deps): bump k8s.io/api from 0.28.1 to 0.28.2 by @dependabot in #718
  • build(deps): bump k8s.io/client-go from 0.28.1 to 0.28.2 by @dependabot in #716
  • build(deps): bump github.com/opencontainers/image-spec from 1.1.0-rc4 to 1.1.0-rc5 by @dependabot in #715
  • add docs for -compat packages by @imjasonh in #709
  • build(deps): bump github.com/docker/docker from 24.0.5+incompatible to 24.0.6+incompatible by @dependabot in #714
  • build(deps): bump cloud.google.com/go/storage from 1.32.0 to 1.33.0 by @dependabot in #713
  • build(deps): bump actions/checkout from 4.0.0 to 4.1.0 by @dependabot in #710
  • build(deps): bump github.com/klauspost/compress from 1.16.7 to 1.17.0 by @dependabot in #712
  • build(deps): bump actions/setup-go from 4.0.1 to 4.1.0 by @dependabot in #711
  • build(deps): bump google.golang.org/api from 0.142.0 to 0.143.0 by @dependabot in #720
  • pipelines: strip: use -g by default when stripping by @kaniini in #722
  • update alpine-go to latest git to fix indexing by @kaniini in #723
  • Add stripped file linter by @Elizafox in #724
  • strip linter: properly close tempfile by @Elizafox in #725
  • Update linter docs by @Elizafox in #726
  • Add section to linter docs about disabling linters by @Elizafox in #728
  • Add a PR checklist to melange. by @mattmoor in #734
  • build(deps): bump github.com/package-url/packageurl-go from 0.1.1 to 0.1.2 by @dependabot in #736
  • build(deps): bump go.opentelemetry.io/otel from 1.18.0 to 1.19.0 by @dependabot in #735
  • Fix yaml typo in linter docs by @imjasonh in #732
  • nit: fix mistake in function docs by @jspeed-meyers in #731
  • Enable linters to warn (via callback) instead of just failing. by @mattmoor in #739

New Contributors

Full Changelog: v0.4.0...v0.5.0

Contributors

tcnghia, imjasonh, and 21 other contributors
Assets 20
Loading