Log message:
gh: update to 2.62.0

GitHub CLI 2.62.0

  * Update monotonic verification logic and testing
  * Check extension for latest version when executed
  * Shorten extension release checking from 3s to 1s
  * Mention GitHub CLI team on discussion issues

  * A security vulnerability has been identified in GitHub CLI that could allow
    remote code execution (RCE) when users connect to a malicious Codespace SSH
    server and use the gh codespace ssh or gh codespace logs commands.

    For more information, see GHSA-p2h2-3vg9-4p87.

GitHub CLI 2.61.0

Ensure users understand consequences before making repository visibility
changes

In v2.61.0, gh repo edit command has been enhanced to inform users about
consequences of changing visibility and ensure users are intentional before
making irreversible changes:

 1. Interactive gh repo edit visibility change requires confirmation when
    changing from public, private, or internal
 2. Non-interactive gh repo edit --visibility change requires new
    --accept-visibility-change-consequences flag to confirm
 3. New content to inform users of consequences
      + Incorporate GitHub Docs content into help usage and interactive gh repo
        edit experience
      + Expanded help usage to call out most concerning consequences
      + Display repository star and watcher counts to understand impact before
        confirming

What's Changed

  * Add acceptance test for project command
  * Add comprehensive testscript for gh ruleset
  * Add comprehensive testscript for gh ext commandset
  * Require visibility confirmation in gh repo edit
  * Clean up skipped online tests for gh attestation verify
  * gh attestation verify should only verify provenance attestations by default
  * Set dnf5 commands as default
  * Fix verbiage for deleting workflow runs
  * Bump github.com/creack/pty from 1.1.23 to 1.1.24
  * gh attestation verify policy enforcement refactor
  * Simplify Sigstore verification result handling in gh attestation verify
  * Print empty array for gh cache list when --json is provided
  * Bump actions/attest-build-provenance from 1.4.3 to 1.4.4
  * Create the automatic key when specified with -i
  * fix: gh pr create -w ignore template flag

GitHub CLI 2.60.1

This is a small patch release to fix installing gh via go install which was
broken with v2.60.0.

GitHub CLI 2.60.0

  * Add ArchivedAt field
  * Include startedAt, completedAt in run steps data
  * Adjust environment help for host and tokens
  * Add handling of empty titles for Issues and PRs
  * LiveSigstoreVerifier.Verify should error if no attestations are present
  * gh at verify retries fetching attestations if it receives a 5xx
  * Prevent local extension installations with invalid names and conflicts with
    core commands and other extensions
  * Rewrite a sentence in CONTRIBUTING.md
  * Use new GitHub preview terms in working-with-us.md
  * Use new GitHub previews terminology in attestation commands' help docs
  * Clarify in README that gh is supported on GitHub Enterprise Cloud

Log message:
gh: update to 2.58.0

- Better messaging for attestation verify custom issuer mismatch error
- Enhance gh repo create docs, fix random cmd link
- Add HasActiveToken method to AuthConfig to refactor auth check for
  attestation trusted-root command
- Improve the suggested command for creating an issue when an extension doesn't
  have a binary for your platform
- Disable auth check for attestation trusted-root command
- Fix tenant-awareness for trusted-root command
- Replace "GitHub Enterprise Server" option with "other" in \ 
gh auth login prompting

Log message:
gh: update to 2.57.0

2.57.0

- Added tenancy aware attestation commands
- Added --active flag to the gh auth status command
- gh attestation verify test for custom OIDC issuers
- Update gh attestation verify bundle parsing and validation errors
- Suppress attestation verify output when no TTY present
- Use api subdomains for tenant hosts

2.56.0

- Always print URL scheme to stdout
- Quote repo names consistently in gh repo sync stdout
- Fetch bundle from OCI registry for verify
- Remove Internal from gh repo create prompt when owner is not an org
- Drop surplus trailing space char in flag names in web
- fix the trimming of log filenames for gh run view
- "offline" verification using the bundle of attestations without any
  additional handling of the file
- gh attestation verify handles empty JSONL files
- Upgrade sigstore-go to v0.6.1
- Check for nil values to prevent nil dereference panic

Log message:
Revbump all Go packages after go122 update

Log message:
gh: update to 2.55.0

- Update gh variable get to use repo host
- Unify use of tab indent in non-test source files
- Improve Unix compliance gh repo set-default
- Document that gh run download downloads the latest artifact by default
- Replace --project.* flags' name with title in docs
- Wrap flags with backticks, continued
- Improve gh release create --notes-from-tag behavior with multiline tag
  annotation
- Add pr create --editor
- Require Sigstore Bundle v0.2+ when verifying with gh attestation
- Update Go and other extension workflow templates to reflect recent
  enhancements to cli/gh-extension-precompile
- Add note for external contributors to working-with-us.md
- Update attestation TUF root
- Improve documentation for pr checks and exit codes
- cmd/pr/checks: Describe bucket and state JSON fields
- Add Flox as an installation option
- fix behavior for gh issue develop -b does-not-exist-on-remote
- Update --project <number> flags in gh search to owner/number

Log message:
Revbump all Go packages after update

Log message:
gh: Update to 2.54.0

Changes:
GitHub CLI 2.54.0
## What's Changed
* Update documentation for gh api PATCH
* Clarify usage of template flags for PR and issue creation
* Expose json databaseId field for release commands
* Expose fullDatabaseId for PR json export
* Handle `--bare` clone targets
* Slightly clarify when CLI exits with code 4
* Exit with 1 on authentication issues
* Add `--remove-milestone` option to `issue edit` and `pr edit`

GitHub CLI 2.53.0
## What's Changed
* Add `--json` option to `variable get` command
* Add GH_DEBUG to issue template
* Fetch variable selected repo relationship when required
* Alternate gh attestation trusted-root subcommand
* docs: Update documentation for `gh repo create` to clarify owner
* Fix panic when calling `gh pr view --json stateReason`
* Add `issue create --editor`
* Add `pr update-branch` command

GitHub CLI 2.52.0
## What's Changed
* Add `-a` flag to `gh run list`
* Attestation Verification - Buffer Fix

GitHub CLI 2.51.0
## What's Changed
* Ensure signed RPMs have attestations
* Add `signer-repo` and `signer-workflow` flags to `gh attestation verify`
* Replace `--json-result` flag with `--format=json` in the attestation cmd
* Bump go-keyring to fix keepassxc prompt confirmation
* watch - handle annotation errors gracefully

Log message:
Revbump all Go packages after go122 security update

Log message:
Revbump all Go packages after go122 update

Log message:
gh: update to 2.50.0

GitHub CLI 2.50.0

  * Refactor git credential flow code
  * feat: add json output for gh pr checks
  * Rework first auth tests with new gitcredential abstractions
  * list the various alias permutations for the command and subcommands, via
    '--help' and 'gh reference'
  * Removed tty message when checking for extension upgrades
  * Fix doc bug for gh run watch
  * feat: add support for stateReason in gh pr view
  * fix: rename the Attempts field to Attempt; expose in gh run view and gh run
    ls
  * Update regex in changedFilesNames to handle quoted paths
  * Add a gh variable get FOO command
  * Add macOS pkg installer to deployment
  * Add integration tests for gh attestation verify shared workflow use case
  * Add build provenance for gh CLI releases
  * Build completions during release on macos
  * Clarify Mac OS Installer packages are unsigned

GitHub CLI 2.49.2

  * Improve run list doc with available --json fields
  * Move config interfaces into gh package
  * Creating doc to capture Codespace usage guidance
  * Fix repo fork regression
  * Add --latest=false to gh release create docs

GitHub CLI 2.49.1

  * Do not mutate headers when initialising tableprinter
  * Document relationship between host and active account
  * Run attestation command set integration tests separately
  * Added support for jobs with long filenames
  * Fix attestation verify source repository check bug

GitHub CLI 2.49.0

Support for GitHub Artifact Attestations

v2.49.0 release introduces the attestation command set for downloading and
verifying attestations about artifacts built in GitHub Actions! This is part of
the larger Artifact Attestations initiative. An artifact attestation is a piece
of cryptographically signed metadata that is generated as part of your artifact
build process. These attestations bind artifacts to the details of the workflow
run that produced them, and allow you to guarantee the integrity and provenance
of any artifact built in GitHub Actions.

# Verify a local artifact
gh attestation verify artifact.bin -o <your org>

# Verify a local artifact against a local artifact attestation
gh attestation verify artifact.bin -b ./artifact-v0.0.1-bundle.json -o <your \ 
org>

# Verify an OCI image
gh attestation verify oci://ghcr.io/foo/bar:latest -o <your org>

# Download artifact attestations
gh attestation download artifact.bin -o <your org>

To get started, check out gh help attestation. You can also use the gh at
<command> alias for short.

What's Changed

  * Improve gh run rerun docs
  * Add colon for gh secret set
  * Improve errors when loading bundle locally fails
  * Support offline mode for gh attestation verify
  * Add projectsV2 to JSON fields of gh repo commands
  * Support long URLs in gh repo clone
  * Fix issue with closing pager stream
  * proof of concept for flag-level disable auth check
  * Be more general with attestation host checks
  * Add beta designation on attestation command set
  * Tweaked gh attestation help strings to generate nicer cli manual site
  * Update cli/go-gh to v2.9.0
  * Document repo clone protocol behaviour