Commit Graph

1290 Commits

Author SHA1 Message Date
Mike Farah
72cdde78f6 Fixing issues found by codeql 2022-05-06 13:46:14 +10:00
Naveen
1aeb8e3025
chore: Enable codeql action (#1202)
This action runs GitHub's industry-leading semantic code analysis engine, CodeQL, against a repository's source code to find security vulnerabilities.

https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/about-code-scanning-with-codeql

https://github.com/ossf/scorecard/blob/main/docs/checks.md#sast
2022-05-06 13:43:51 +10:00
Mike Farah
689c535a29 Updated unique docs 2022-04-29 12:16:57 +10:00
Mike Farah
1425d0720e Bumping version 2022-04-29 11:57:37 +10:00
Mike Farah
55c5497fab Can specify a split expression file #1194 2022-04-29 11:08:41 +10:00
Mike Farah
67c79b7cb1 Fixes append map bug when key matches value in existing map #1200 2022-04-28 14:45:45 +10:00
Mike Farah
26529fae94 Nicer error message when trying to use merge anchor tags other than maps #1184 2022-04-27 14:46:52 +10:00
Mike Farah
70ad7a35a8 Don't automatically read stdin when the null input flag is used 2022-04-27 09:24:25 +10:00
Mike Farah
90261a2fdd Added type as an alias for tag #1195 2022-04-27 09:11:43 +10:00
Mike Farah
3ad5355777 Fixes bug when using inplace with no expression and multiple files #1193 2022-04-27 09:08:50 +10:00
Mike Farah
ed5b811f37 Bumping version 2022-04-15 08:51:55 +10:00
dependabot[bot]
22a2ccfdf4
Bump actions/setup-go from 2 to 3 (#1183)
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v2...v3)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-15 08:27:51 +10:00
dependabot[bot]
691e52e408
Bump golang from 1.18.0 to 1.18.1 (#1182)
Bumps golang from 1.18.0 to 1.18.1.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-15 08:27:40 +10:00
Mike Farah
b11075ec98 now assumes yaml idiomatic formatting when adding to empty maps/arrays 2022-04-15 08:27:22 +10:00
Mike Farah
ea66a73f43 Fixed sort dropping head comment #1181 2022-04-14 12:19:15 +10:00
Mike Farah
6f9f80cc48 Fixes with operation bug #1174 2022-04-14 12:03:18 +10:00
Mike Farah
13a27e8b2d Fixing docker release 2022-04-12 12:38:09 +10:00
Mike Farah
bcff465f11 Fixing docker release 2022-04-12 10:20:23 +10:00
Mike Farah
270d8bd51a Releasing 4.24.3 2022-04-12 09:49:13 +10:00
Mike Farah
2ef367b2b0 Trying new release process 2022-04-12 09:36:52 +10:00
Mike Farah
454e563a0e Trying new release process 2022-04-12 09:35:18 +10:00
Mike Farah
217744bc9a Pulled out docker build 2022-04-12 09:27:35 +10:00
Mike Farah
34ffb94d98 Moving alpline-publusher out of yq (gosec) 2022-04-12 09:22:30 +10:00
Roman
6f4702a230
Added action to automatically prepare a branch for the alpine package update (#1171) 2022-04-12 08:51:27 +10:00
Naveen
b1f77d975e
Set permissions for GitHub actions (#1168)
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions

https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions

https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs

[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/)

 Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.

Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-09 14:55:43 +10:00
Mike Farah
523b8335d8 Fixing string docs 2022-04-01 13:21:55 +11:00
Mike Farah
5d225b9454 Updating readme 2022-03-29 13:15:27 +11:00
Mike Farah
0956eefb1a Fixed help links 2022-03-29 11:08:50 +11:00
Mike Farah
a9ed08a5f8 Fixed compare docs 2022-03-29 11:01:02 +11:00
Benjamin Wuethrich
ae71824adc
Fix Markdown link formatting (#1157)
* Fix Markdown link formatting

* Fix parens
2022-03-29 10:23:32 +11:00
Mike Farah
186b319093 Added from_props 2022-03-28 19:48:30 +11:00
Mike Farah
bc2118736b v4.24.2 2022-03-28 14:36:27 +11:00
Mike Farah
1780027421 Bumping version 2022-03-28 14:24:28 +11:00
Mike Farah
3cd999bb87 Bumping to go1.18, bumping dev tools 2022-03-28 14:18:55 +11:00
Mike Farah
bbeae229ca Disable strict XML parsing by default #1155 2022-03-28 14:05:10 +11:00
Mike Farah
3a1e2c7518 Fixed silently ignored error in xml decoder 2022-03-27 11:42:07 +11:00
Mike Farah
fb148c305a Added comparison ops (>,>=...) 2022-03-24 11:38:05 +11:00
Mike Farah
897604142f Better string docs 2022-03-23 10:28:45 +11:00
Mike Farah
03f57b7034 Bumping version 2022-03-20 13:03:40 +11:00
Mike Farah
005b097cee
Boolean fix (#1148)
* Fixing booleans

* Fixed "and", "or" evaluating RHS when not required
2022-03-20 12:55:58 +11:00
Mike Farah
e08b6803f5 Simplify json > yaml cli example 2022-03-20 10:58:37 +11:00
Mike Farah
78e9cc7998
Envsubst params (#1147)
* Can give envsubst optional arguments
2022-03-20 10:56:50 +11:00
justin-f-perez
1a964c5055
update cli help (#1146)
- remove duplicate comment
- add common use case (json -> idiomatic yml)
2022-03-20 10:54:24 +11:00
Mike Farah
0ffee92175 Fixed += with multiple matches #1145 2022-03-19 18:42:12 +11:00
dependabot[bot]
99cd9e8aae
Bump github.com/spf13/cobra from 1.3.0 to 1.4.0 (#1143)
Bumps [github.com/spf13/cobra](https://github.com/spf13/cobra) from 1.3.0 to 1.4.0.
- [Release notes](https://github.com/spf13/cobra/releases)
- [Changelog](https://github.com/spf13/cobra/blob/v1.4.0/CHANGELOG.md)
- [Commits](https://github.com/spf13/cobra/compare/v1.3.0...v1.4.0)

---
updated-dependencies:
- dependency-name: github.com/spf13/cobra
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-17 21:00:40 +11:00
dependabot[bot]
8cb2422b57
Bump golang from 1.17 to 1.18.0 (#1144)
Bumps golang from 1.17 to 1.18.0.

---
updated-dependencies:
- dependency-name: golang
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-17 20:59:46 +11:00
Mike Farah
4bb2fa1652 Updated equals doc 2022-03-16 10:16:49 +11:00
Mike Farah
d27fb0ec78 Update multiply docs 2022-03-16 10:04:45 +11:00
Mikhail Katychev
406bbb8ca4
handled EvaluateNodes panic (#1140) 2022-03-15 13:28:52 +11:00
Mike Farah
3924ed8a35 Bumping version 2022-03-10 13:50:53 +11:00