suyiiyii/yq
1
0
Fork 0
mirror of https://github.com/mikefarah/yq.git synced 2026-06-27 07:27:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,197 Commits 90 Branches 208 Tags 16 MiB
fc7c337d8f
Commit Graph

111 Commits

Author SHA1 Message Date
Mike Farah
602586d8fd
Create scorecard.yml 
Signed-off-by: Mike Farah <mikefarah@gmail.com>
 2026-04-14 18:43:11 +10:00
Copilot
9a0335abb2
fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege) (#2662) 
* Initial plan

* fix: add least-privilege token permissions to GitHub workflows (OSSF)

Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/1b5db5e2-af78-4289-a6e0-2e972fc68ef1

Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>
 2026-04-13 19:11:10 +10:00
Mike Farah
c8f6c1a042 Updating release to sign checksums 2026-04-12 19:39:01 +10:00
Copilot
0e803833fb
chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF scorecard) (#2658) 
* Initial plan

* chore: pin GitHub Actions dependencies to specific commit SHAs (OSSF)

Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/cbd03f0a-f2dc-4da4-b01c-7dd06ad83ee9

Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>

* chore: pin Dockerfile base images to specific SHA digests (OSSF)

Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/7a8f6690-37fb-42ab-b3dc-0dd23c270fbe

Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>

* chore: revert yq pins in test-yq.yml; add release note for github-action/Dockerfile SHA

Agent-Logs-Url: https://github.com/mikefarah/yq/sessions/e1b35d79-92a3-47d5-b4ac-a2efe2fd58ce

Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>

---------

Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: mikefarah <1151925+mikefarah@users.noreply.github.com>
 2026-04-12 19:31:32 +10:00
dependabot[bot]
68f0322ba3
Bump softprops/action-gh-release from 1 to 2 (#1978) 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 1 to 2.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/v1...v2)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-04-06 18:53:44 +10:00
dependabot[bot]
4df6e46f95
Bump docker/setup-buildx-action from 3 to 4 (#2627) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-21 09:28:17 +11:00
dependabot[bot]
16e4df2304
Bump docker/login-action from 3 to 4 (#2620) 
Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](https://github.com/docker/login-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 13:48:13 +11:00
dependabot[bot]
79a92d0478
Bump docker/setup-qemu-action from 3 to 4 (#2621) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 3 to 4.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-03-07 13:47:56 +11:00
dependabot[bot]
3a27e39778
Bump actions/setup-go from 5 to 6 (#2471) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-22 13:42:54 +11:00
dependabot[bot]
22510ab8d5 Bump actions/checkout from 5 to 6 
Bumps [actions/checkout](https://github.com/actions/checkout) from 5 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-12-06 14:28:39 +11:00
Alexander
588d0bb3dd Bumped to core24 and removed riscv64 2025-11-26 09:31:58 +11:00
Alexander
5d0481c0d2 Running build step on launchpad remote builder with supported architectures 2025-11-25 08:55:36 +11:00
dependabot[bot]
d5dd338707 Bump github/codeql-action from 3 to 4 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v3...v4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-10-12 13:42:48 +11:00
dependabot[bot]
c34edcf983 Bump actions/checkout from 4 to 5 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 5.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-09-04 14:18:19 +10:00
Jeremy L. Morris
76c817009f Use ghcr.io instead of ghrc.io 2025-08-27 08:23:00 +10:00
Ashok Pariya
fe06096514 Add s390x platform support to Docker release workflow 
Updated the list of supported platforms in the GitHub Actions
Docker release workflow to include linux/s390x.

Signed-off-by: Ashok Pariya <ashok.pariya@ibm.com>
 2025-04-05 20:18:39 +11:00
Zoltán Reegn
c9766c1cab Also push docker images to ghcr.io 
With docker-hub starting to introduce a much stricter limit on anonymous
pulls, it makes sense to also host the image in ghcr.io as well,
allowing users flexibility in where they pull the docker images from.

Also with the github action it makes more sense hosting the docker image
on github infrastructure.

I've introduced a github action for logging into registries as well.
 2025-03-25 15:45:15 +11:00
Brian Egge
f76815959a Create docker image for armv7 / raspberry pi3 2024-12-07 11:10:20 +11:00
Mike Farah
80310eaaac Removing temp docker fix 2024-11-16 20:37:27 +11:00
Mike Farah
8391193732 Temp fix docker version 2024-11-16 20:34:50 +11:00
Mike Farah
d858ab1644 Removing riscv64 from docker build as its not supported by the base golang:1.23.2 image 2024-11-16 20:31:39 +11:00
Mike Farah
129e597346 Fixing release pipeline 2024-11-16 15:43:21 +11:00
Matheus Macabu
c46c1a7128
build: use goreleaser for building cross-compiled binaries and add riscv64 target (#2135) 
* build: use goreleaser to cross-compile binaries for all platforms and archs

The main motivation behind it is because "gox" is unmaintained and archived
and it does not support "linux/riscv64" as a target.

Right now, goreleaser is only building the binaries, and I've tried to replicate
the exact same way the old script does.

In the future, if so desired, goreleaser could be used to further automate the
build and release pipeline by creating the release in GitHub.

* build: create binaries and OCI image for linux/riscv64
 2024-08-20 13:09:12 +10:00
Mike Farah
bf2bc29e47 Dont run release build on v4 branch 2024-02-09 10:23:46 +11:00
dependabot[bot]
16bab88946
Bump github/codeql-action from 2 to 3 (#1903) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-14 16:32:38 +11:00
dependabot[bot]
c7b14eacbd
Bump actions/setup-go from 4 to 5 (#1894) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v4...v5)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-12 09:55:42 +11:00
Mike Farah
779b26310e Updating references to yq being a YAML processor 2023-11-30 15:32:21 +11:00
dependabot[bot]
0667500b1b
Bump docker/setup-qemu-action from 2 to 3 (#1785) 
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-19 09:45:31 +10:00
dependabot[bot]
fa8cfd0400
Bump docker/setup-buildx-action from 2 to 3 (#1786) 
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-19 09:44:36 +10:00
dependabot[bot]
0a0182da13
Bump actions/checkout from 3 to 4 (#1776) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-09-13 07:58:30 +10:00
dependabot[bot]
cbe84232a3
Bump actions/setup-go from 3 to 4 (#1601) 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-03-18 14:22:25 +11:00
Mike Farah
f4e7203a55 Fix github action attempt 2023-02-11 23:50:47 +11:00
Mike Farah
5cb3c876fc bump to go 1.20 2023-02-11 04:06:16 +11:00
Mike Farah
a6d1a52e33 Fixing versioning code for release 2022-11-15 20:08:58 +11:00
Mike Farah
b202ccc5dc Updating snapcraft release notes 2022-11-15 11:05:56 +11:00
Mike Farah
9edff1f22c Use new github action syntax 2022-11-14 17:40:12 +11:00
Mike Farah
67864ffdab Use new github action syntax 2022-11-14 17:35:52 +11:00
Mike Farah
b55381f34e fixing snap release 2022-11-14 17:28:44 +11:00
Mike Farah
b6ad314dbb fixing snap release 2022-11-14 17:28:15 +11:00
Mike Farah
63db5de4e2 (attempt) to automate snap release 2022-11-14 17:00:50 +11:00
Takumi Sue
1fd96e168e
Fix mis-versioning due to hardcoding cmd.Version (#1431) 2022-11-14 16:38:43 +11:00
Mike Farah
eac988abdc Updated release to always use latest go 2022-10-23 14:50:00 +11:00
Mike Farah
6c94869329 test yq action can now be run manually 2022-10-19 12:04:52 +11:00
Mike Farah
600e132fb6 Actions use built docker-images 2022-10-19 11:10:50 +11:00
Mike Farah
a264833c06 test action using built docker image 2022-10-19 11:05:09 +11:00
Mike Farah
8ed817916f muiltiline github action test 2022-10-19 10:59:09 +11:00
Mike Farah
cb4c41eebf different name to docker github action 2022-10-19 10:49:04 +11:00
Mike Farah
ecc490a0fa Attempt to prebuild github action 2022-10-19 10:48:16 +11:00
Mike Farah
780ae29c2b Improved github action test 2022-10-17 15:28:38 +11:00
Mike Farah
b1a40a9fb7 Bumped go compiler; bumped quality tools 2022-08-29 14:13:15 +10:00