v0.77.0

Changes

🚀 Features

• feat: add argocd application autodiscovery @olblak (#2158)
• feat(maven): support unmarshalling maven responses in other XML charsets @mcwarman (#2147)

🐛 Bug Fixes

• fix: run git checkout before autodiscovery step @olblak (#2160)

🧰 Maintenance

• deps: bump golangci-lint to v1.58.1 @updateclibot (#2159)
• deps(go): bump module github.com/fluxcd/source-controller/api @updateclibot (#2133)
• deps(go): bump module golang.org/x/text @updateclibot (#2140)
• deps: bump golangci-lint to v1.58.0 @updateclibot (#2134)
• deps(go): bump module golang.org/x/oauth2 @updateclibot (#2087)
• deps(go): bump module golang.org/x/mod @updateclibot (#2085)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#2115)
• deps(go): bump module github.com/fluxcd/source-controller/api @updateclibot (#2121)
• deps(go): bump module github.com/minamijoyo/hcledit @updateclibot (#2117)
• deps(go): bump module helm.sh/helm/v3 @updateclibot (#2108)
• deps(go): bump module github.com/hashicorp/hcl/v2 @updateclibot (#2104)
• deps(go): bump module github.com/go-git/go-git/v5 @updateclibot (#2084)
• chore(deps): Bump anchore/sbom-action from 0.15.10 to 0.15.11 @dependabot (#2073)

Contributors

@dependabot, @dependabot[bot], @mcwarman, @olblak, @updateclibot and @updateclibot[bot]

v0.76.1

Changes

🐛 Bug Fixes

• fix: GitHub pullrequest description updated to a wrong content @olblak (#2074)
• fix: use API for creating branch and fetching hashes when committing using Github API @MattiasAng (#2070)

🧰 Maintenance

• chore(deps): Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 @dependabot (#2035)
• chore(deps): Bump golangci/golangci-lint-action from 4 to 5 @dependabot (#2051)

Contributors

@MattiasAng, @dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.76.0

Identified regression that will need a follow up fix

• GitHub pullrequest description updated to a wrong content

Changes

🚀 Features

• chore: gate GitHub API commit behind experimental flag @olblak (#2063)
• feat: gomod allow to check module existence only @olblak (#2061)
• feat: gomod plugin allow http,https,file scheme @olblak (#2060)
• feat: Add support for GitHub API commit @MattiasAng (#2046)
• chore: sort reports by results @olblak (#2036)

🐛 Bug Fixes

• fix: always try to update existing pullrequest description @olblak (#2057)
• fix: execute actions once all pipelines have been executed (part 2) @olblak (#2054)
• fix: execute actions once all pipelines have been executed @olblak (#2040)
• fix: updatecli autodiscovery only matching rule @olblak (#2033)

🧰 Maintenance

• chore(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 @dependabot (#2041)
• chore(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 @dependabot (#2038)

Contributors

@MattiasAng, @dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.76.0-rc.4

Changes

• deps: bump updatecli workflow to 0.76.0-rc.3 @olblak (#2055)

🚀 Features

• feat: Add support for GitHub API commit @MattiasAng (#2046)
• chore: sort reports by results @olblak (#2036)

🐛 Bug Fixes

• fix: always try to update existing pullrequest description @olblak (#2057)
• fix: execute actions once all pipelines have been executed (part 2) @olblak (#2054)
• fix: execute actions once all pipelines have been executed @olblak (#2040)
• fix: updatecli autodiscovery only matching rule @olblak (#2033)

🧰 Maintenance

• chore(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 @dependabot (#2041)
• chore(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 @dependabot (#2038)

Contributors

@MattiasAng, @dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.76.0-rc.3

Changes

🚀 Features

• feat: Add support for GitHub API commit @MattiasAng (#2046)
• chore: sort reports by results @olblak (#2036)

🐛 Bug Fixes

• fix: execute actions once all pipelines have been executed (part 2) @olblak (#2054)
• fix: execute actions once all pipelines have been executed @olblak (#2040)
• fix: updatecli autodiscovery only matching rule @olblak (#2033)

🧰 Maintenance

• chore(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 @dependabot (#2041)
• chore(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 @dependabot (#2038)

Contributors

@MattiasAng, @dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.76.0-rc.2

Changes

🚀 Features

• feat: Add support for GitHub API commit @MattiasAng (#2046)
• chore: sort reports by results @olblak (#2036)

🐛 Bug Fixes

• fix: execute actions once all pipelines have been executed @olblak (#2040)
• fix: updatecli autodiscovery only matching rule @olblak (#2033)

🧰 Maintenance

• chore(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 @dependabot (#2041)
• chore(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 @dependabot (#2038)

Contributors

@MattiasAng, @dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.76.0-rc.1

Changes

🚀 Features

• chore: sort reports by results @olblak (#2036)

🐛 Bug Fixes

• fix: execute actions once all pipelines have been executed @olblak (#2040)
• fix: updatecli autodiscovery only matching rule @olblak (#2033)

🧰 Maintenance

• chore(deps): Bump golang.org/x/net from 0.22.0 to 0.23.0 @dependabot (#2041)
• chore(deps): Bump actions/add-to-project from 1.0.0 to 1.0.1 @dependabot (#2038)

Contributors

@dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.75.0

This release introduces a major improvement when interacting with Git repositories.
By default, Updatecli now automatically recreate "working" branch if their base branch diverges.
It relies on the scm option force to enable/disable this behavior.

So, If a target relies on a scm configuration with the setting "force" set to "true" like in the following example:

pipelineid: example
scms:
    default:
        kind: github
        spec:
            branch: 'main'
            email: 'alice@foo.bar'
            owner: 'updatecli-test'
            repository: 'updatecli'
            token: '{{ requiredEnv "GITHUB_TOKEN" }}'
            user: 'updateclibot'
            username: 'alice'
            # force allows recreating the working branch 
            # and to force push the changes by running 
            # git push --force
            force: true
        disabled: false

Then Updatecli creates a working branch named "updatecli_main_example" based on the branch "main"
and each time the branch "main" is modified, Updatecli recreates the working branch "updatecli_main_example".
The setting "force" allows Updatecli to recreate the working branch and to run "git push --force" operation.

As a reminder, it's always a good practice to have branch protection in place to protect sensitive branches.

The scm git plugin has force set to false by default because it doesn't use working branch by default.
The scm plugin github,gitlab,stash, and gitea use force set to true by default as they all use working branch by default.

Changes

• clean: migrate some updatecli pipeline to update-compose.yaml @olblak (#2011)

🚀 Features

• feat: By default scm github/gitlab/stash/gitea uses force push @olblak (#2026)
• chore: show extra warning for git scm @olblak (#2025)
• feat: close GitHub pullrequest when no file changed @olblak (#2021)
• Allow to recreate working branch based on their "base" branch @olblak (#2018)

🧰 Maintenance

• deps: bump golangci-lint to v1.57.2 @updateclibot (#2017)
• chore(deps): Bump actions/add-to-project from 0.6.1 to 1.0.0 @dependabot (#2009)
• chore(deps): Bump anchore/sbom-action from 0.15.9 to 0.15.10 @dependabot (#2010)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1996)
• chore(deps): Bump anchore/sbom-action from 0.15.8 to 0.15.9 @dependabot (#1978)
• chore(deps): Bump actions/add-to-project from 0.6.0 to 0.6.1 @dependabot (#1997)
• deps(go): bump module helm.sh/helm/v3 @updateclibot (#2001)
• deps(go): bump module oras.land/oras-go/v2 @updateclibot (#2002)
• chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible @dependabot (#1998)
• deps(go): bump module github.com/google/go-containerregistry @updateclibot (#2003)
• deps(go): bump module github.com/drone/go-scm @updateclibot (#2004)
• chore(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 @dependabot (#1994)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#2006)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#1986)
• deps(go): bump module github.com/opencontainers/image-spec @updateclibot (#1987)
• deps(go): bump module github.com/goccy/go-yaml @updateclibot (#1988)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1990)
• deps(go): bump module golang.org/x/mod @updateclibot (#1991)
• chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 @dependabot (#1983)

Contributors

@dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.75.0-rc.2

This release introduces a major improvement when interacting with Git repositories.
Updatecli now automatically recreate "working" branch if their base branch diverges.
It relies on the scm option force to enable/disable this behavior.

So, If a target relies on a scm configuration with the setting "force" set to "true" like in the following example:

pipelineid: example
scms:
    default:
        kind: github
        spec:
            branch: 'main'
            email: 'alice@foo.bar'
            owner: 'updatecli-test'
            repository: 'updatecli'
            token: '{{ requiredEnv "GITHUB_TOKEN" }}'
            user: 'updateclibot'
            username: 'alice'
            # force allows recreating the working branch 
            # and to force push the changes by running 
            # git push --force
            force: true
        disabled: false

Then Updatecli creates a working branch named "updatecli_main_example" based on the branch "main"
and each time the branch "main" is modified, Updatecli recreates the working branch "updatecli_main_example".
The setting "force" allows Updatecli to recreate the working branch and to run "git push --force" operation.

As a reminder, it's always a good practice to have branch protection in place to protect sensitive branches.

The scm git plugin has force set to false by default because it doesn't use working branch by default.
The scm plugin github,gitlab,stash, and gitea use force set to true by default as they all use working branch by default.

Changes

• clean: migrate some updatecli pipeline to update-compose.yaml @olblak (#2011)

🚀 Features

• feat: By default scm github/gitlab/stash/gitea uses force push @olblak (#2026)
• chore: show extra warning for git scm @olblak (#2025)
• feat: close GitHub pullrequest when no file changed @olblak (#2021)
• Allow to recreate working branch based on their "base" branch @olblak (#2018)

🧰 Maintenance

• deps: bump golangci-lint to v1.57.2 @updateclibot (#2017)
• chore(deps): Bump actions/add-to-project from 0.6.1 to 1.0.0 @dependabot (#2009)
• chore(deps): Bump anchore/sbom-action from 0.15.9 to 0.15.10 @dependabot (#2010)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1996)
• chore(deps): Bump anchore/sbom-action from 0.15.8 to 0.15.9 @dependabot (#1978)
• chore(deps): Bump actions/add-to-project from 0.6.0 to 0.6.1 @dependabot (#1997)
• deps(go): bump module helm.sh/helm/v3 @updateclibot (#2001)
• deps(go): bump module oras.land/oras-go/v2 @updateclibot (#2002)
• chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible @dependabot (#1998)
• deps(go): bump module github.com/google/go-containerregistry @updateclibot (#2003)
• deps(go): bump module github.com/drone/go-scm @updateclibot (#2004)
• chore(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 @dependabot (#1994)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#2006)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#1986)
• deps(go): bump module github.com/opencontainers/image-spec @updateclibot (#1987)
• deps(go): bump module github.com/goccy/go-yaml @updateclibot (#1988)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1990)
• deps(go): bump module golang.org/x/mod @updateclibot (#1991)
• chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 @dependabot (#1983)

Contributors

@dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]

v0.75.0-rc.1

This release introduces a major improvement when interacting with Git repositories.
If a target relies on a scm configuration with the setting "force" set to "true" like in the following example:

pipelineid: example
scms:
    default:
        kind: github
        spec:
            branch: 'main'
            email: 'alice@foo.bar'
            owner: 'updatecli-test'
            repository: 'updatecli'
            token: '{{ requiredEnv "GITHUB_TOKEN" }}'
            user: 'updateclibot'
            username: 'alice'
            # force allows recreating the working branch 
            # and to force push the changes by running 
            # git push --force
            force: true
        disabled: false

Then Updatecli creates a working branch named "updatecli_main_example" based on the branch "main"
and each time the branch "main" is modified, Updatecli recreates the working branch "updatecli_main_example".
The setting "force" allows Updatecli to recreate the working branch and to run "git push --force" operation.

As a reminder, it's always a good practice to have branch protection in place to protect sensitive branches.

Changes

• clean: migrate some updatecli pipeline to update-compose.yaml @olblak (#2011)

🚀 Features

• chore: show extra warning for git scm @olblak (#2025)
• feat: close GitHub pullrequest when no file changed @olblak (#2021)
• Allow to recreate working branch based on their "base" branch @olblak (#2018)

🧰 Maintenance

• deps: bump golangci-lint to v1.57.2 @updateclibot (#2017)
• chore(deps): Bump actions/add-to-project from 0.6.1 to 1.0.0 @dependabot (#2009)
• chore(deps): Bump anchore/sbom-action from 0.15.9 to 0.15.10 @dependabot (#2010)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1996)
• chore(deps): Bump anchore/sbom-action from 0.15.8 to 0.15.9 @dependabot (#1978)
• chore(deps): Bump actions/add-to-project from 0.6.0 to 0.6.1 @dependabot (#1997)
• deps(go): bump module helm.sh/helm/v3 @updateclibot (#2001)
• deps(go): bump module oras.land/oras-go/v2 @updateclibot (#2002)
• chore(deps): Bump github.com/docker/docker from 24.0.7+incompatible to 24.0.9+incompatible @dependabot (#1998)
• deps(go): bump module github.com/google/go-containerregistry @updateclibot (#2003)
• deps(go): bump module github.com/drone/go-scm @updateclibot (#2004)
• chore(deps): Bump google.golang.org/protobuf from 1.32.0 to 1.33.0 @dependabot (#1994)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#2006)
• deps(go): bump module github.com/zclconf/go-cty @updateclibot (#1986)
• deps(go): bump module github.com/opencontainers/image-spec @updateclibot (#1987)
• deps(go): bump module github.com/goccy/go-yaml @updateclibot (#1988)
• deps(go): bump module github.com/aws/aws-sdk-go @updateclibot (#1990)
• deps(go): bump module golang.org/x/mod @updateclibot (#1991)
• chore(deps): Bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.3 @dependabot (#1983)

Contributors

@dependabot, @dependabot[bot], @olblak, @updateclibot and @updateclibot[bot]