Navigation:
Browse pkgsrc
(this page)
net gh
CVSweb ] [ 
Homepage ] [ 
RSS ] [ 
Required by ] [ 
Add to tracker ] 2024-11-25 20:18:07 by Benny Siegert | Files touched by this commit (3) |  |
Log message:
gh: update to 2.62.0
GitHub CLI 2.62.0
* Update monotonic verification logic and testing
* Check extension for latest version when executed
* Shorten extension release checking from 3s to 1s
* Mention GitHub CLI team on discussion issues
* A security vulnerability has been identified in GitHub CLI that could allow
remote code execution (RCE) when users connect to a malicious Codespace SSH
server and use the gh codespace ssh or gh codespace logs commands.
For more information, see GHSA-p2h2-3vg9-4p87.
GitHub CLI 2.61.0
Ensure users understand consequences before making repository visibility
changes
In v2.61.0, gh repo edit command has been enhanced to inform users about
consequences of changing visibility and ensure users are intentional before
making irreversible changes:
1. Interactive gh repo edit visibility change requires confirmation when
changing from public, private, or internal
2. Non-interactive gh repo edit --visibility change requires new
--accept-visibility-change-consequences flag to confirm
3. New content to inform users of consequences
+ Incorporate GitHub Docs content into help usage and interactive gh repo
edit experience
+ Expanded help usage to call out most concerning consequences
+ Display repository star and watcher counts to understand impact before
confirming
What's Changed
* Add acceptance test for project command
* Add comprehensive testscript for gh ruleset
* Add comprehensive testscript for gh ext commandset
* Require visibility confirmation in gh repo edit
* Clean up skipped online tests for gh attestation verify
* gh attestation verify should only verify provenance attestations by default
* Set dnf5 commands as default
* Fix verbiage for deleting workflow runs
* Bump github.com/creack/pty from 1.1.23 to 1.1.24
* gh attestation verify policy enforcement refactor
* Simplify Sigstore verification result handling in gh attestation verify
* Print empty array for gh cache list when --json is provided
* Bump actions/attest-build-provenance from 1.4.3 to 1.4.4
* Create the automatic key when specified with -i
* fix: gh pr create -w ignore template flag
GitHub CLI 2.60.1
This is a small patch release to fix installing gh via go install which was
broken with v2.60.0.
GitHub CLI 2.60.0
* Add ArchivedAt field
* Include startedAt, completedAt in run steps data
* Adjust environment help for host and tokens
* Add handling of empty titles for Issues and PRs
* LiveSigstoreVerifier.Verify should error if no attestations are present
* gh at verify retries fetching attestations if it receives a 5xx
* Prevent local extension installations with invalid names and conflicts with
core commands and other extensions
* Rewrite a sentence in CONTRIBUTING.md
* Use new GitHub preview terms in working-with-us.md
* Use new GitHub previews terminology in attestation commands' help docs
* Clarify in README that gh is supported on GitHub Enterprise Cloud
|
| 2024-10-05 12:39:22 by Benny Siegert | Files touched by this commit (3) | |
Log message: gh: update to 2.58.0 - Better messaging for attestation verify custom issuer mismatch error - Enhance gh repo create docs, fix random cmd link - Add HasActiveToken method to AuthConfig to refactor auth check for attestation trusted-root command - Improve the suggested command for creating an issue when an extension doesn't have a binary for your platform - Disable auth check for attestation trusted-root command - Fix tenant-awareness for trusted-root command - Replace "GitHub Enterprise Server" option with "other" in \ gh auth login prompting |
| 2024-09-19 11:25:30 by Benny Siegert | Files touched by this commit (3) | |
Log message: gh: update to 2.57.0 2.57.0 - Added tenancy aware attestation commands - Added --active flag to the gh auth status command - gh attestation verify test for custom OIDC issuers - Update gh attestation verify bundle parsing and validation errors - Suppress attestation verify output when no TTY present - Use api subdomains for tenant hosts 2.56.0 - Always print URL scheme to stdout - Quote repo names consistently in gh repo sync stdout - Fetch bundle from OCI registry for verify - Remove Internal from gh repo create prompt when owner is not an org - Drop surplus trailing space char in flag names in web - fix the trimming of log filenames for gh run view - "offline" verification using the bundle of attestations without any additional handling of the file - gh attestation verify handles empty JSONL files - Upgrade sigstore-go to v0.6.1 - Check for nil values to prevent nil dereference panic |
| 2024-09-06 20:49:02 by Benny Siegert | Files touched by this commit (180) | |
Log message: Revbump all Go packages after go122 update |
| 2024-09-01 11:58:31 by Benny Siegert | Files touched by this commit (3) | |
Log message: gh: update to 2.55.0 - Update gh variable get to use repo host - Unify use of tab indent in non-test source files - Improve Unix compliance gh repo set-default - Document that gh run download downloads the latest artifact by default - Replace --project.* flags' name with title in docs - Wrap flags with backticks, continued - Improve gh release create --notes-from-tag behavior with multiline tag annotation - Add pr create --editor - Require Sigstore Bundle v0.2+ when verifying with gh attestation - Update Go and other extension workflow templates to reflect recent enhancements to cli/gh-extension-precompile - Add note for external contributors to working-with-us.md - Update attestation TUF root - Improve documentation for pr checks and exit codes - cmd/pr/checks: Describe bucket and state JSON fields - Add Flox as an installation option - fix behavior for gh issue develop -b does-not-exist-on-remote - Update --project <number> flags in gh search to owner/number |
| 2024-08-11 17:57:15 by Benny Siegert | Files touched by this commit (176) | |
Log message: Revbump all Go packages after update |
| 2024-08-04 16:59:46 by Leonardo Taccari | Files touched by this commit (3) | |
Log message: gh: Update to 2.54.0 Changes: GitHub CLI 2.54.0 ## What's Changed * Update documentation for gh api PATCH * Clarify usage of template flags for PR and issue creation * Expose json databaseId field for release commands * Expose fullDatabaseId for PR json export * Handle `--bare` clone targets * Slightly clarify when CLI exits with code 4 * Exit with 1 on authentication issues * Add `--remove-milestone` option to `issue edit` and `pr edit` GitHub CLI 2.53.0 ## What's Changed * Add `--json` option to `variable get` command * Add GH_DEBUG to issue template * Fetch variable selected repo relationship when required * Alternate gh attestation trusted-root subcommand * docs: Update documentation for `gh repo create` to clarify owner * Fix panic when calling `gh pr view --json stateReason` * Add `issue create --editor` * Add `pr update-branch` command GitHub CLI 2.52.0 ## What's Changed * Add `-a` flag to `gh run list` * Attestation Verification - Buffer Fix GitHub CLI 2.51.0 ## What's Changed * Ensure signed RPMs have attestations * Add `signer-repo` and `signer-workflow` flags to `gh attestation verify` * Replace `--json-result` flag with `--format=json` in the attestation cmd * Bump go-keyring to fix keepassxc prompt confirmation * watch - handle annotation errors gracefully |
| 2024-07-03 08:59:36 by Benny Siegert | Files touched by this commit (169) | |
Log message: Revbump all Go packages after go122 security update |
New packages: