Tags: prezha/guac
Tags
Bump actions/create-github-app-token from 1.11.0 to 1.11.1 (guacsec#2435 ) Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.11.0 to 1.11.1. - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@5d869da...c1a2851) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Add EOL processor so the certifier will run (guacsec#2394) Signed-off-by: Ben Cotton <ben@kusari.dev>
add depsdev scanner implementation (guacsec#2385) Signed-off-by: Brandon Lum <lumjjb@gmail.com>
[FIX] CDX vulnerability parsing and update ENT VEX index (guacsec#2371) * fix invalid reference handle, add affected via bom-ref Signed-off-by: pxp928 <parth.psu@gmail.com> * remove field statement and status notes from vex index Signed-off-by: pxp928 <parth.psu@gmail.com> * update atlas migration and re-gen code Signed-off-by: pxp928 <parth.psu@gmail.com> * fix cert vex integration tests for status note and statement Signed-off-by: pxp928 <parth.psu@gmail.com> * add new unit test for CDX Signed-off-by: pxp928 <parth.psu@gmail.com> * add very long status note for integration testing Signed-off-by: pxp928 <parth.psu@gmail.com> * add long statement for vex integration testing Signed-off-by: pxp928 <parth.psu@gmail.com> --------- Signed-off-by: pxp928 <parth.psu@gmail.com>
Bump golang.org/x/crypto from 0.29.0 to 0.31.0 (guacsec#2364) Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.29.0 to 0.31.0. - [Commits](golang/crypto@v0.29.0...v0.31.0) --- updated-dependencies: - dependency-name: golang.org/x/crypto dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
add contents write permission for goreleaser workflow (guacsec#2357) Signed-off-by: pxp928 <parth.psu@gmail.com>
check if batch query is empty, otherwise skip (guacsec#2252) Signed-off-by: pxp928 <parth.psu@gmail.com>
improve batch query (guacsec#2246) * update query to only return values with the latest time Signed-off-by: pxp928 <parth.psu@gmail.com> * update keyvalue backend to match and update backend tests Signed-off-by: pxp928 <parth.psu@gmail.com> * udpate graphql schema description for batch vuln and license query Signed-off-by: pxp928 <parth.psu@gmail.com> * udpate batch query to aggregate on timestamp and return latest values Signed-off-by: pxp928 <parth.psu@gmail.com> * remove debug from queries Signed-off-by: pxp928 <parth.psu@gmail.com> --------- Signed-off-by: pxp928 <parth.psu@gmail.com>
Bump github.com/prometheus/client_golang from 1.19.1 to 1.20.5 (guacs… …ec#2230) Bumps [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) from 1.19.1 to 1.20.5. - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](prometheus/client_golang@v1.19.1...v1.20.5) --- updated-dependencies: - dependency-name: github.com/prometheus/client_golang dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bump github.com/99designs/gqlgen from 0.17.54 to 0.17.55 (guacsec#2213) * Bump github.com/99designs/gqlgen from 0.17.54 to 0.17.55 Bumps [github.com/99designs/gqlgen](https://github.com/99designs/gqlgen) from 0.17.54 to 0.17.55. - [Release notes](https://github.com/99designs/gqlgen/releases) - [Changelog](https://github.com/99designs/gqlgen/blob/master/CHANGELOG.md) - [Commits](99designs/gqlgen@v0.17.54...v0.17.55) --- updated-dependencies: - dependency-name: github.com/99designs/gqlgen dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> * update generated code Signed-off-by: pxp928 <parth.psu@gmail.com> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: pxp928 <parth.psu@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: pxp928 <parth.psu@gmail.com>
PreviousNext