Naveen
|
1aeb8e3025
|
chore: Enable codeql action (#1202)
This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities.
https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql
https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
|
2022-05-06 13:43:51 +10:00 |
|
Mike Farah
|
689c535a29
|
Updated unique docs
|
2022-04-29 12:16:57 +10:00 |
|
Mike Farah
|
1425d0720e
|
Bumping version
|
2022-04-29 11:57:37 +10:00 |
|
Mike Farah
|
55c5497fab
|
Can specify a split expression file #1194
|
2022-04-29 11:08:41 +10:00 |
|
Mike Farah
|
67c79b7cb1
|
Fixes append map bug when key matches value in existing map #1200
|
2022-04-28 14:45:45 +10:00 |
|
Mike Farah
|
26529fae94
|
Nicer error message when trying to use merge anchor tags other than maps #1184
|
2022-04-27 14:46:52 +10:00 |
|
Mike Farah
|
70ad7a35a8
|
Don't automatically read stdin when the null input flag is used
|
2022-04-27 09:24:25 +10:00 |
|
Mike Farah
|
90261a2fdd
|
Added type as an alias for tag #1195
|
2022-04-27 09:11:43 +10:00 |
|
Mike Farah
|
3ad5355777
|
Fixes bug when using inplace with no expression and multiple files #1193
|
2022-04-27 09:08:50 +10:00 |
|
Mike Farah
|
ed5b811f37
|
Bumping version
|
2022-04-15 08:51:55 +10:00 |
|
dependabot[bot]
|
22a2ccfdf4
|
Bump actions/setup-go from 2 to 3 (#1183)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-15 08:27:51 +10:00 |
|
dependabot[bot]
|
691e52e408
|
Bump golang from 1.18.0 to 1.18.1 (#1182)
Bumps golang from 1.18.0 to 1.18.1.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-04-15 08:27:40 +10:00 |
|
Mike Farah
|
b11075ec98
|
now assumes yaml idiomatic formatting when adding to empty maps/arrays
|
2022-04-15 08:27:22 +10:00 |
|
Mike Farah
|
ea66a73f43
|
Fixed sort dropping head comment #1181
|
2022-04-14 12:19:15 +10:00 |
|
Mike Farah
|
6f9f80cc48
|
Fixes with operation bug #1174
|
2022-04-14 12:03:18 +10:00 |
|
Mike Farah
|
13a27e8b2d
|
Fixing docker release
|
2022-04-12 12:38:09 +10:00 |
|
Mike Farah
|
bcff465f11
|
Fixing docker release
|
2022-04-12 10:20:23 +10:00 |
|
Mike Farah
|
270d8bd51a
|
Releasing 4.24.3
|
2022-04-12 09:49:13 +10:00 |
|
Mike Farah
|
2ef367b2b0
|
Trying new release process
|
2022-04-12 09:36:52 +10:00 |
|
Mike Farah
|
454e563a0e
|
Trying new release process
|
2022-04-12 09:35:18 +10:00 |
|
Mike Farah
|
217744bc9a
|
Pulled out docker build
|
2022-04-12 09:27:35 +10:00 |
|
Mike Farah
|
34ffb94d98
|
Moving alpline-publusher out of yq (gosec)
|
2022-04-12 09:22:30 +10:00 |
|
Roman
|
6f4702a230
|
Added action to automatically prepare a branch for the alpine package update (#1171)
|
2022-04-12 08:51:27 +10:00 |
|
Naveen
|
b1f77d975e
|
Set permissions for GitHub actions (#1168)
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
|
2022-04-09 14:55:43 +10:00 |
|
Mike Farah
|
523b8335d8
|
Fixing string docs
|
2022-04-01 13:21:55 +11:00 |
|
Mike Farah
|
5d225b9454
|
Updating readme
|
2022-03-29 13:15:27 +11:00 |
|
Mike Farah
|
0956eefb1a
|
Fixed help links
|
2022-03-29 11:08:50 +11:00 |
|
Mike Farah
|
a9ed08a5f8
|
Fixed compare docs
|
2022-03-29 11:01:02 +11:00 |
|
Benjamin Wuethrich
|
ae71824adc
|
Fix Markdown link formatting (#1157)
* Fix Markdown link formatting
* Fix parens
|
2022-03-29 10:23:32 +11:00 |
|
Mike Farah
|
186b319093
|
Added from_props
|
2022-03-28 19:48:30 +11:00 |
|
Mike Farah
|
bc2118736b
|
v4.24.2
|
2022-03-28 14:36:27 +11:00 |
|
Mike Farah
|
1780027421
|
Bumping version
|
2022-03-28 14:24:28 +11:00 |
|
Mike Farah
|
3cd999bb87
|
Bumping to go1.18, bumping dev tools
|
2022-03-28 14:18:55 +11:00 |
|
Mike Farah
|
bbeae229ca
|
Disable strict XML parsing by default #1155
|
2022-03-28 14:05:10 +11:00 |
|
Mike Farah
|
3a1e2c7518
|
Fixed silently ignored error in xml decoder
|
2022-03-27 11:42:07 +11:00 |
|
Mike Farah
|
fb148c305a
|
Added comparison ops (>,>=...)
|
2022-03-24 11:38:05 +11:00 |
|
Mike Farah
|
897604142f
|
Better string docs
|
2022-03-23 10:28:45 +11:00 |
|
Mike Farah
|
03f57b7034
|
Bumping version
|
2022-03-20 13:03:40 +11:00 |
|
Mike Farah
|
005b097cee
|
Boolean fix (#1148)
* Fixing booleans
* Fixed "and", "or" evaluating RHS when not required
|
2022-03-20 12:55:58 +11:00 |
|
Mike Farah
|
e08b6803f5
|
Simplify json > yaml cli example
|
2022-03-20 10:58:37 +11:00 |
|
Mike Farah
|
78e9cc7998
|
Envsubst params (#1147)
* Can give envsubst optional arguments
|
2022-03-20 10:56:50 +11:00 |
|
justin-f-perez
|
1a964c5055
|
update cli help (#1146)
- remove duplicate comment
- add common use case (json -> idiomatic yml)
|
2022-03-20 10:54:24 +11:00 |
|
Mike Farah
|
0ffee92175
|
Fixed += with multiple matches #1145
|
2022-03-19 18:42:12 +11:00 |
|
dependabot[bot]
|
99cd9e8aae
|
Bump github.com/spf13/cobra from 1.3.0 to 1.4.0 (#1143)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/v1.4.0/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0)
---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-17 21:00:40 +11:00 |
|
dependabot[bot]
|
8cb2422b57
|
Bump golang from 1.17 to 1.18.0 (#1144)
Bumps golang from 1.17 to 1.18.0.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-17 20:59:46 +11:00 |
|
Mike Farah
|
4bb2fa1652
|
Updated equals doc
|
2022-03-16 10:16:49 +11:00 |
|
Mike Farah
|
d27fb0ec78
|
Update multiply docs
|
2022-03-16 10:04:45 +11:00 |
|
Mikhail Katychev
|
406bbb8ca4
|
handled EvaluateNodes panic (#1140)
|
2022-03-15 13:28:52 +11:00 |
|
Mike Farah
|
3924ed8a35
|
Bumping version
|
2022-03-10 13:50:53 +11:00 |
|
dependabot[bot]
|
b1fee26a7f
|
Bump actions/checkout from 2 to 3 (#1130)
Bumps [actions/checkout](https://github.com/actions/checkout) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v2...v3)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
2022-03-10 13:43:36 +11:00 |
|