v0.0.32

What's Changed

• Do not ingest indirect go dependencies by @rdimitrov in #2429
• Fix GHSA fix with respect to int64 update in #2415 by @evankanderson in #2431
• Fix client crash with fix for GHSA-q6h8-4j2v-pjg4 by @evankanderson in #2432
• Improve logging when ProjectsForUser returns an error by @evankanderson in #2435
• Add test coverage for #2432 by @evankanderson in #2434
• Log and report operating project details when return permission denied error by @evankanderson in #2436
• build(deps): bump golang.org/x/crypto from 0.19.0 to 0.20.0 by @dependabot in #2439
• build(deps): bump github.com/daixiang0/gci from 0.12.3 to 0.13.0 in /tools by @dependabot in #2437
• build(deps): bump github.com/puzpuzpuz/xsync/v3 from 3.0.2 to 3.1.0 by @dependabot in #2438
• build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.13.0 to 1.14.0 by @dependabot in #2442
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.45.2 to 0.46.0 by @dependabot in #2440
• build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.23.1 to 1.24.0 by @dependabot in #2441
• migrate webhook IDs to 64-bit integers by @dmjb in #2444
• Expose more errors as user-visible so users can adjust their queries in a useful way. by @evankanderson in #2448
• build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.1.0 by @dependabot in #2450
• build(deps): bump peter-evans/create-pull-request from 6.0.0 to 6.0.1 by @dependabot in #2449
• build(deps): bump github.com/prometheus/client_golang from 1.18.0 to 1.19.0 by @dependabot in #2451
• Use uber-go/mock instead of the deprecated github.com/golang/mock/gomock by @JAORMX in #2454
• Promote Github PR ID to int64 by @dmjb in #2446
• Print a helpful message in case of unauthenticated grpc code by @rdimitrov in #2455
• Add explicit severity to rule types by @JAORMX in #2452
• Auto-generated DB schema update - 2024-02-28 18:18:45 by @github-actions in #2460
• Add provider callback handler for web app by @eleftherias in #2413
• Auto-generated DB schema update - 2024-02-28 19:08:35 by @github-actions in #2461
• build(deps): bump github.com/fergusstrange/embedded-postgres from 1.25.0 to 1.26.0 by @dependabot in #2463
• build(deps): bump github.com/go-critic/go-critic from 0.11.1 to 0.11.2 in /tools by @dependabot in #2466
• build(deps): bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #2464
• bump github.com/openfga/cli from 0.2.5 to 0.2.6 in /tools by @JAORMX in #2467
• Add name validation for profiles and rule types, move static validation first, add tests by @evankanderson in #2462
• Ensure user is logged in upon going through the quickstart flow by @rdimitrov in #2458
• Auto-generated cli documentation update - 2024-02-29 14:10:50 by @github-actions in #2469
• build(deps): bump github.com/open-policy-agent/opa from 0.61.0 to 0.62.0 by @dependabot in #2472
• build(deps): bump github/codeql-action from 3.24.5 to 3.24.6 by @dependabot in #2471
• Catch errors in refresh token fetching by @JAORMX in #2473
• Move webhook create/delete into separate interface by @dmjb in #2459
• Allow for configuring CORS in minder's HTTP server by @JAORMX in #2474
• build(deps): bump github.com/styrainc/regal from 0.17.0 to 0.18.0 by @dependabot in #2480
• build(deps): bump github.com/go-playground/validator/v10 from 10.18.0 to 10.19.0 by @dependabot in #2478
• build(deps): bump github.com/norwoodj/helm-docs from 1.13.0 to 1.13.1 in /tools by @dependabot in #2476
• build(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 by @dependabot in #2477
• build(deps): bump github.com/openfga/openfga from 1.4.3 to 1.5.0 by @dependabot in #2479

Full Changelog: v0.0.31...v0.0.32

v0.0.31

What's Changed

• Fix CLI invocations in first_profile.md by @puerco in #2328
• Run "make gen" for main by @rdimitrov in #2333
• Add Homoglyphs detection in Minder by @teodor-yanev in #2312
• Unname unused params and bump golangci-lint by @puerco in #2335
• build(deps): bump github.com/go-playground/validator/v10 from 10.17.0 to 10.18.0 by @dependabot in #2336
• build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.12.0 to 1.13.0 by @dependabot in #2337
• build(deps): bump redocusaurus from 2.0.0 to 2.0.1 in /docs by @dependabot in #2339
• Update docs for getting started and how to by @rdimitrov in #2331
• Fix a few Trusty issues that enable support for Go in Minder by @rdimitrov in #2332
• build(deps): bump golang.org/x/tools from 0.17.0 to 0.18.0 in /tools by @dependabot in #2340
• Use MINDER_CONFIG to simplify selection of local / staging / prod by @evankanderson in #2329
• Enable Coveralls for coverage reporting by @evankanderson in #2342
• Revert "Enable Coveralls for coverage reporting" by @evankanderson in #2344
• build(deps): bump google.golang.org/grpc from 1.61.0 to 1.61.1 by @dependabot in #2347
• build(deps): bump github.com/openfga/go-sdk from 0.3.4 to 0.3.5 by @dependabot in #2346
• build(deps): bump github/codeql-action from 3.24.0 to 3.24.1 by @dependabot in #2345
• build(deps): bump github.com/sigstore/protobuf-specs from 0.2.1 to 0.3.0 by @dependabot in #2341
• build(deps): bump golang from ef61a20 to cefea7f by @dependabot in #2349
• Re-enable coverage reporting to coveralls by @evankanderson in #2351
• Replace unpinned actions with pinned action by @stacklokbot in #2352
• build(deps): bump coverallsapp/github-action from e5e2507fa218d2031f39816cd7d078ebd1f1a6c6 to 3dfc5567390f6fa9267c0ee9c251e4c8c3f18949 by @dependabot in #2356
• build(deps): bump golang from cefea7f to 7b297d9 by @dependabot in #2353
• build(deps): bump k8s.io/apimachinery from 0.29.1 to 0.29.2 by @dependabot in #2354
• build(deps): bump github.com/go-critic/go-critic from 0.11.0 to 0.11.1 in /tools by @dependabot in #2361
• build(deps): bump github/codeql-action from 3.24.1 to 3.24.3 by @dependabot in #2359
• Add coveralls badge, reduce debugging spew by @evankanderson in #2357
• build(deps): bump github.com/golangci/golangci-lint from 1.56.1 to 1.56.2 in /tools by @dependabot in #2360
• build(deps): bump github.com/daixiang0/gci from 0.12.1 to 0.12.3 in /tools by @dependabot in #2362
• build(deps): bump k8s.io/client-go from 0.29.1 to 0.29.2 by @dependabot in #2355
• Add test coverage for internal/util/statuses by @JAORMX in #2364
• Add test coverage for internal/util/rest by @JAORMX in #2363
• Remove unused functions from internal/util/rand by @JAORMX in #2366
• Remove internal/smoke package by @JAORMX in #2367
• Use latest golangci-lint in CI by @JAORMX in #2365
• Drop the artifact_versions table by @jhrozek in #2372
• Auto-generated DB schema update - 2024-02-19 13:19:33 by @github-actions in #2374
• tweak test coverage behaviour by @dmjb in #2373
• Add test coverage for internal/eea FlushAll by @JAORMX in #2375
• Allow golangci-lint to comment on PRs by @JAORMX in #2378
• Elevate the permissions on the linting job in main.yml by @rdimitrov in #2379
• When the context of a request is nil, return InvalidArgument/400 by @dmjb in #2377
• Fix linting permissions for pr.yml and tags.yml workflows by @rdimitrov in #2380
• build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.19 to 2.0.20 by @dependabot in #2382
• Add more coverage to internal/eea package by @JAORMX in #2383
• Deprecate the Trusty options from the protobuf by @rdimitrov in #2381
• Handle rate limiting errors for GitHub API by @Vyom-Yadav in #2271
• Deduplicate configuration reading from viper instance by @JAORMX in #2384
• Fix infinite wait for ratecache using non blocking Close() func by @Vyom-Yadav in #2385
• Change the yarn serve port for docs to 3001 by @jhrozek in #2387
• Update artifact provenance documentation by @jhrozek in #2389
• Clean up some JWT code by @evankanderson in #2390
• Revert proto changes from #2381, as they invalidated JSON stored in the Minder database by @evankanderson in #2395
• build(deps): bump github.com/styrainc/regal from 0.16.0 to 0.17.0 by @dependabot in #2398
• build(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 by @dependabot in #2397
• Mischief managed, return buf breaking checks to normal. by @evankanderson in #2396
• Standard PR template for Minder and a workflow check by @teodor-yanev in #2399
• Stacklokbot shouldn't run the PR validate workflow by @teodor-yanev in #2401
• add new type of PR for refactoring by @dmjb in #2403
• Replace unpinned actions with pinned action by @stacklokbot in #2400
• Replace unpinned actions with pinned action by @stacklokbot in #2406
• update: stacklokbot without [bot] by @teodor-yanev in #2405
• build(deps): bump github/codeql-action from 3.24.3 to 3.24.4 by @dependabot in #2408
• build(deps): bump actions/github-script from 5c56fde4671bc2d3592fb0f2c5b5bab9ddae03b1 to 60a0d83039c74a4aee543508d2ffcb1c3799cdea by @dependabot in #2407
• Fix TUF root init to bump to sigstore-go to v0.2.0 by @puerco in #2358
• Fix the PR check workflow to take into account the refactoring change type by @rdimitrov in #2410
• Refactor project structure: Move cursor file to utils package and migrate common config struct to common.go by @Vyom-Yadav in #2394
• move profile validation logic out of controlplane by @dmjb in #2402
• Updated Makefile to handle command failure within loops by @Vyom-Yadav in #2416
• Verify the signer identity upon evaluation by @rdimitrov in #2409
• Fix OSV support for Go to properly identify go.mod packages by @rdimitrov in #2417
• Upgrade repoID to int64, because that's the size from GitHub by @evankanderson in #2415
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.48.0 to 0.49.0 by @dependabot in #2425
• build(deps): bump github/codeql-action from 3.24.4 to 3.24.5 by @dependabot in #2420
• Hyperlink to trusty page for lower scored packages by @rdimitrov in #2419
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.48.0 to 0.49.0 by @dependabot in #2422
• build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.23.1 to 1.24.0 by @dependabot in #2423
• Bump helm-docs to v1.13.0 by @rdimitrov in #2427
• Fix trusty API URL by @rdimitrov in #2428

New Contributors

• @puerco made their first contribution in #2328

Full Changelog: v0.0.30...v0.0.31

v0.0.30

What's Changed

• Add provider listing functionality by @JAORMX in #2310
• Auto-generated cli documentation update - 2024-02-09 11:25:56 by @github-actions in #2324
• Full diff ingestor by @teodor-yanev in #2325
• Update CLI table outputs for ruletype and profile by @rdimitrov in #2327

Full Changelog: v0.0.29...v0.0.30

v0.0.29

What's Changed

• Update the tmpfs path for sigstore caching in docker compose by @rdimitrov in #2267
• Add documentation for built-in roles by @eleftherias in #2258
• Cleanup unused GRPC paths from ingress by @JAORMX in #2268
• Fix documentation formatting by @eleftherias in #2269
• Allow setting custom TUF root with the minder container verify command by @jhrozek in #2270
• build(deps): bump github.com/rs/zerolog from 1.31.0 to 1.32.0 by @dependabot in #2273
• build(deps): bump github/codeql-action from 3.23.2 to 3.24.0 by @dependabot in #2272
• Add wait to ensure all entity events are executed by @Vyom-Yadav in #2274
• Fix Rule Evaluation Logic for Handling Multiple Rules of the Same Type - Part 2 (Data Backfilling) by @Vyom-Yadav in #2206
• Auto-generated DB schema update - 2024-02-05 09:49:19 by @github-actions in #2276
• build(deps): bump GoTestTools/gotestfmt-action from 02b936e80bd5b0e515b98eb8f7d998a60ccca462 to 7dd37bbcc925453b6d7465164cf3bcbd87bc691d by @dependabot in #2278
• build(deps): bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #2279
• build(deps): bump github.com/styrainc/regal from 0.15.0 to 0.16.0 by @dependabot in #2280
• Add "openfga" to list of services to start by @dmjb in #2281
• build(deps): bump actions/setup-node from 4.0.1 to 4.0.2 by @dependabot in #2289
• minor: Add rule name to evaluation logs by @Vyom-Yadav in #2290
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.45.0 to 0.45.1 by @dependabot in #2288
• build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.22.0 to 1.23.0 by @dependabot in #2285
• Migrate to github.com/puzpuzpuz/xsync/v3 by @jhrozek in #2292
• Extend artifact processing to enable richer provenance checks by @jhrozek in #2235
• Auto-generated cli documentation update - 2024-02-07 12:48:38 by @github-actions in #2293
• Add test coverage for "nice status" middleware/interceptor by @JAORMX in #2294
• Support GH's private sigstore instance by @jhrozek in #2295
• Remove golang-based helm tests by @JAORMX in #2297
• some docs changes by @dmjb in #2296
• Verify all simple signing layers, do not filter events for .sig, enable OIDC identities by @rdimitrov in #2299
• build(deps): bump golang from 1.21.6 to 1.22.0 by @dependabot in #2308
• build(deps): bump go.opentelemetry.io/otel/sdk from 1.23.0 to 1.23.1 by @dependabot in #2307
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.47.0 to 0.48.0 by @dependabot in #2306
• build(deps): bump golang.org/x/term from 0.16.0 to 0.17.0 by @dependabot in #2303
• build(deps): bump github.com/golangci/golangci-lint from 1.55.2 to 1.56.0 in /tools by @dependabot in #2302
• build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.23.0 to 1.23.1 by @dependabot in #2304
• Display name of profile when running profile create by @dmjb in #2301
• Fix user deletion logic (first minder then keycloak) by @JAORMX in #2311
• Add test coverage for OpenFGA authz driver by @JAORMX in #2291
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 3.7.1 by @dependabot in #2316
• build(deps): bump github.com/golangci/golangci-lint from 1.56.0 to 1.56.1 in /tools by @dependabot in #2315
• build(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 by @dependabot in #2321
• build(deps): bump golang.org/x/crypto from 0.18.0 to 0.19.0 by @dependabot in #2318
• build(deps): bump go.opentelemetry.io/otel/exporters/prometheus from 0.45.1 to 0.45.2 by @dependabot in #2320
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.47.0 to 0.48.0 by @dependabot in #2319
• Add json/yaml output to whoami by @jhrozek in #2313
• Auto-generated cli documentation update - 2024-02-09 08:52:50 by @github-actions in #2322

New Contributors

• @dmjb made their first contribution in #2281

Full Changelog: v0.0.28...v0.0.29

v0.0.28

What's Changed

• build(deps): bump github.com/open-policy-agent/opa from 0.60.0 to 0.61.0 by @dependabot in #2200
• build(deps): bump github.com/sigstore/sigstore-go from 0.0.0-20240108223800-a3df13b8ba29 to 0.1.0 by @dependabot in #2199
• Add ability to evaluate scores based on detailed scores for trusty by @JAORMX in #2198
• Make authz tuple deletion idempotent by @JAORMX in #2201
• Remove unused code by @jhrozek in #2202
• Allow to configure a custom sigstore tuf root by @rdimitrov in #2204
• Add new policy writer role by @JAORMX in #2203
• Solidify authz Client interface by @JAORMX in #2205
• build(deps): bump github.com/openfga/openfga from 1.4.2 to 1.4.3 in /tools by @dependabot in #2208
• Update compose-migrate action to run openfga container alongside by @Vyom-Yadav in #2209
• Upgrade OpenFGA container to v1.4.3 in docker-compose by @JAORMX in #2210
• build(deps): bump github.com/evanphx/json-patch/v5 from 5.8.1 to 5.9.0 by @dependabot in #2215
• build(deps): bump github/codeql-action from 3.23.1 to 3.23.2 by @dependabot in #2213
• build(deps): bump mvdan.cc/gofumpt from 0.5.0 to 0.6.0 in /tools by @dependabot in #2216
• build(deps-dev): bump @docusaurus/module-type-aliases from 3.1.0 to 3.1.1 in /docs by @dependabot in #2214
• Upgrade keycloak in docker-compose to 23.0 by @JAORMX in #2211
• Define Permissions API by @JAORMX in #2217
• Fully rely on OpenFGA to delete user permissions by @JAORMX in #2207
• Print user subject on auth subcommands by @JAORMX in #2221
• Add permissions API to FGA model by @JAORMX in #2219
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.19.0 to 2.19.1 by @dependabot in #2223
• build(deps): bump github.com/google/go-containerregistry from 0.18.0 to 0.19.0 by @dependabot in #2222
• build(deps): bump anchore/sbom-action from 0.15.5 to 0.15.6 by @dependabot in #2224
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.19.0 to 2.19.1 in /tools by @dependabot in #2225
• Ensure roles in authz AllRoles are defined in FGA model by @JAORMX in #2220
• Bootstrap Permissions API in minder server and implement roles list by @JAORMX in #2226
• Add authorization relations in proto by @eleftherias in #2218
• build(deps): bump anchore/sbom-action from 0.15.6 to 0.15.7 by @dependabot in #2230
• build(deps): bump github.com/stacklok/frizbee from 0.0.12 to 0.0.13 by @dependabot in #2231
• Implement role assignment and removal APIs by @JAORMX in #2227
• Implement CLI for permissions by @JAORMX in #2229
• Auto-generated cli documentation update - 2024-01-31 13:44:42 by @github-actions in #2233
• Add ability to list role assignments in a project by @JAORMX in #2234
• Auto-generated cli documentation update - 2024-01-31 17:47:15 by @github-actions in #2236
• Add relation for fetching remote repos from GitHub by @eleftherias in #2237
• Fix Rule Evaluation Logic for Handling Multiple Rules of the Same Type - Part 1 (No Data Backfilling) by @Vyom-Yadav in #2161
• Move user id telemetry to token interceptor by @eleftherias in #2240
• Auto-generated DB schema update - 2024-01-31 10:34:06 by @github-actions in #2239
• Auto-generated cli documentation update - 2024-01-31 10:34:06 by @github-actions in #2238
• build(deps): bump anchore/sbom-action from 0.15.7 to 0.15.8 by @dependabot in #2243
• build(deps): bump peter-evans/create-pull-request from 5.0.2 to 6.0.0 by @dependabot in #2242
• build(deps): bump sigstore/cosign-installer from 3.3.0 to 3.4.0 by @dependabot in #2241
• build(deps): bump golang from 76aadd9 to 0c22572 by @dependabot in #2244
• Fix CLI error output for role grant list by @JAORMX in #2247
• Make openfga call in authz middleware by @eleftherias in #2246
• Upgrade postgres to 16.1-alpine in docker-compose by @JAORMX in #2212
• Change the database migration CI workflow to check for the expected DB version instead by @jhrozek in #2250
• Remove unused roles database tables by @JAORMX in #2249
• Auto-generated DB schema update - 2024-02-01 13:22:35 by @github-actions in #2251
• Remove the signing keys DB table and API by @jhrozek in #2252
• Auto-generated DB schema update - 2024-02-01 13:54:40 by @github-actions in #2253
• Fix a typo in minder server in docker-compose.yaml by @rdimitrov in #2257
• build(deps): bump golang from 0c22572 to 7b575fe by @dependabot in #2263
• Get project information for users from OpenFGA by @JAORMX in #2259
• Auto-generated DB schema update - 2024-02-02 11:16:11 by @github-actions in #2264
• Add PermissionsService to ingress configuration by @JAORMX in #2265
• Correct permissions for accessing provider enroll by @eleftherias in #2266

Full Changelog: v0.0.27...v0.0.28

v0.0.27

What's Changed

• Implement Cursor-Based Pagination in ListRepositories Endpoint by @Vyom-Yadav in #2097
• Auto-generated DB schema update - 2024-01-17 10:31:02 by @github-actions in #2136
• Switch to offline Sigstore verification and set TimestampVerificationData to nil by @rdimitrov in #2131
• Update proto files for pagination by @eleftherias in #2138
• Add middleware that populates project in context by @eleftherias in #2139
• Revert "Update proto files for pagination (#2138)" by @eleftherias in #2141
• Add project relationships to FGA model by @JAORMX in #2140
• build(deps): bump github/codeql-action from 3.23.0 to 3.23.1 by @dependabot in #2148
• build(deps): bump go.opentelemetry.io/otel/exporters/stdout/stdouttrace from 1.21.0 to 1.22.0 by @dependabot in #2143
• Remove EntityContext pointers and replace with struct references by @evankanderson in #2142
• build(deps): bump go.opentelemetry.io/otel/sdk/metric from 1.21.0 to 1.22.0 by @dependabot in #2147
• Bump go.opentelemetry.io/otel/exporters/prometheus from 0.44.0 to 0.45.0 by @eleftherias in #2150
• build(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 by @dependabot in #2152
• build(deps): bump k8s.io/apimachinery from 0.29.0 to 0.29.1 by @dependabot in #2156
• build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/database/sql/splunksql from 1.11.0 to 1.12.0 by @dependabot in #2153
• build(deps): bump github.com/signalfx/splunk-otel-go/instrumentation/github.com/lib/pq/splunkpq from 1.11.0 to 1.12.0 by @dependabot in #2154
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc from 0.46.1 to 0.47.0 by @dependabot in #2155
• build(deps): bump go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp from 0.46.1 to 0.47.0 by @dependabot in #2157
• Add BusinessTelemetry to authenticated RPC calls by @rdimitrov in #2117
• Create initial configuration for authz and create store as part of migration by @JAORMX in #2110
• build(deps): bump github.com/google/go-containerregistry from 0.17.0 to 0.18.0 by @dependabot in #2162
• Don't default to minder as default store ID is authz configuration by @JAORMX in #2163
• Actually run authz tests by @JAORMX in #2165
• Checkout back to the original branch to reset the filesystem preventing ingest cache from corrupting by @Vyom-Yadav in #2160
• Add authorization JSON model workflow by @JAORMX in #2166
• Move OpenFGA interactions to authz package by @JAORMX in #2164
• rego: Add new function to list files using a glob pattern by @JAORMX in #2158
• Initialize model on migration by @JAORMX in #2168
• Remove superadmin role by @eleftherias in #2169
• build(deps): bump anchore/sbom-action from 0.15.4 to 0.15.5 by @dependabot in #2174
• build(deps): bump github.com/openfga/go-sdk from 0.3.3 to 0.3.4 by @dependabot in #2172
• build(deps): bump k8s.io/client-go from 0.29.0 to 0.29.1 by @dependabot in #2173
• Skeleton of Authz client interface to enable integration by @JAORMX in #2175
• Add rego function to detect file types by @JAORMX in #2180
• Add new rego function called file.walk by @JAORMX in #2181
• Implement Write and Delete tuple functions for OpenFGA Authz Client by @JAORMX in #2177
• Add a mindev command to verify containers by @jhrozek in #2178
• Update: telemetry field to be string by @teodor-yanev in #2184
• Create new docs entry under "Using Minder" for using Minder with GHAS by @meganbruce in #2185
• build(deps): bump google.golang.org/grpc from 1.60.1 to 1.61.0 by @dependabot in #2188
• build(deps): bump github.com/openfga/cli from 0.2.4 to 0.2.5 in /tools by @dependabot in #2186
• build(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 by @dependabot in #2187
• build(deps): bump golang from 5f5d61d to 76aadd9 by @dependabot in #2189
• Move authorization logic to interceptor by @eleftherias in #2183
• Remove unused org owner enum by @eleftherias in #2190
• rego: Return true for file.exists for directories too by @JAORMX in #2191
• Hook up authz tuple writing to Minder server by @JAORMX in #2179
• Set up OpenFGA as authz client implementation for minder server by @JAORMX in #2192
• Update authz configuration example by @JAORMX in #2193
• build(deps): bump bufbuild/buf-setup-action from 1.28.1 to 1.29.0 by @dependabot in #2196
• build(deps): bump github.com/bufbuild/buf from 1.28.1 to 1.29.0 in /tools by @dependabot in #2197
• Add migration step for minder users to FGA tuples by @JAORMX in #2194
• Support GitHub attestation endpoint by @jhrozek in #2195

New Contributors

• @meganbruce made their first contribution in #2185

Full Changelog: v0.0.26...v0.0.27

v0.0.26

What's Changed

• Derive ruletype response from DB entry by @eleftherias in #2130
• build(deps): bump github.com/openfga/cli from 0.2.3 to 0.2.4 by @dependabot in #2133
• build(deps): bump github.com/evanphx/json-patch/v5 from 5.8.0 to 5.8.1 by @dependabot in #2134
• build(deps): bump golang from 6fbd2d3 to 5f5d61d by @dependabot in #2132
• Add overrides for enabling alerts and remediations when creating profiles by @JAORMX in #2129
• Auto-generated cli documentation update - 2024-01-17 10:56:53 by @github-actions in #2135

Full Changelog: v0.0.25...v0.0.26

v0.0.25

What's Changed

• Bump sigstore-go version by @rdimitrov in #2106
• Remove double-wrapping of "provider error" by @evankanderson in #2112
• Remove duplicate top level context by @eleftherias in #2107
• Repository deletion should remove the associated webhook by @Vyom-Yadav in #2109
• Initial implementation of telemetry store watermill middleware by @JAORMX in #2101
• build(deps): bump golang.org/x/tools from 0.16.1 to 0.17.0 in /tools by @dependabot in #2113
• build(deps): bump golang from ffbb0b8 to 6fbd2d3 by @dependabot in #2114
• build(deps): bump github.com/openfga/cli from 0.2.2 to 0.2.3 by @dependabot in #2115
• Move EntityInfoWrapper to a separate package to avoid import loop by @jhrozek in #2116
• Rule evaluator business telemetry by @jhrozek in #2104
• build(deps): bump github.com/evanphx/json-patch/v5 from 5.7.0 to 5.8.0 by @dependabot in #2123
• build(deps): bump github.com/go-playground/validator/v10 from 10.16.0 to 10.17.0 by @dependabot in #2122
• Cleanup entity context by @eleftherias in #2124
• Change auth scope owner for user requests by @eleftherias in #2126
• Allow retrieval of suggested patch version in patchLocatorFormatter interface by @gregfurman in #2127

Full Changelog: v0.0.24...v0.0.25

v0.0.24

What's Changed

• Make webhook tests more resilient by @JAORMX in #2024
• Remove POC related comments by @JAORMX in #2025
• Don't execute actions when running mindev ruletype test by @JAORMX in #2023
• Re-introduce variadic parameters to table API by @JAORMX in #2022
• build(deps): bump github.com/sigstore/sigstore from 1.7.6 to 1.8.0 by @dependabot in #2020
• Switch to horizontal tables for profile settings by @rdimitrov in #2027
• Remove crypto provenance and key generation utils by @rdimitrov in #2028
• Print profiles in one table instead of several by @JAORMX in #2030
• Show rule type details vertically in get call by @JAORMX in #2029
• entity event handler test fixes by @JAORMX in #2026
• Implement a DLQ for Watermill messaging by @teodor-yanev in #1994
• Add docs for minder CLI configuration by @rdimitrov in #2031
• Add metric for message processing latency by @eleftherias in #1956
• Add CI job that makes sure that go mod tidy is run by @JAORMX in #2032
• Add flag for identity server base URL by @eleftherias in #2033
• build(deps): bump google.golang.org/protobuf from 1.31.0 to 1.32.0 by @dependabot in #2037
• build(deps): bump styled-components from 6.1.2 to 6.1.3 in /docs by @dependabot in #2036
• build(deps): bump google.golang.org/protobuf from 1.31.1-0.20231027082548-f4a6c1f6e5c1 to 1.32.0 in /tools by @dependabot in #2035
• build(deps): bump github.com/daixiang0/gci from 0.12.0 to 0.12.1 in /tools by @dependabot in #2039
• build(deps): bump github.com/prometheus/client_golang from 1.17.0 to 1.18.0 by @dependabot in #2041
• build(deps): bump styled-components from 6.1.3 to 6.1.6 in /docs by @dependabot in #2042
• build(deps): bump clsx from 2.0.0 to 2.1.0 in /docs by @dependabot in #2044
• Refactor eventer middleware by @teodor-yanev in #2048
• Update CONTRIBUTING.md by @dussab in #2055
• build(deps): bump github.com/go-critic/go-critic from 0.10.0 to 0.11.0 in /tools by @dependabot in #2058
• Update config.yml by @dussab in #2054
• build(deps): bump anchore/sbom-action from 0.15.1 to 0.15.2 by @dependabot in #2057
• build(deps): bump aquasecurity/trivy-action from 0.16.0 to 0.16.1 by @dependabot in #2056
• Add instructions for updating webhook configuration for minder server by @Vyom-Yadav in #2046
• Fix: Docs - Update quickstart.md by @mdp in #2053
• Create a config structure for the minder CLI by @Vyom-Yadav in #2043
• Use project ID in context and as CLI flag by @eleftherias in #2061
• Update generated docs by @eleftherias in #2062
• Add DLQ metrics by @teodor-yanev in #2052
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.1 to 2.19.0 by @dependabot in #2066
• Refactor DLQ eventer observability func by @teodor-yanev in #2069
• Add dedicated test for to reproduce #2067 and another one to test cli by @JAORMX in #2068
• Refactor vulncheck's Eval() to address high cyclomatic complexity by @gregfurman in #2050
• Warn users when the target environment for the CLI is staging by @AGMETEOR in #2071
• build(deps): bump golang.org/x/sync from 0.5.0 to 0.6.0 by @dependabot in #2074
• build(deps): bump github.com/grpc-ecosystem/grpc-gateway/v2 from 2.18.1 to 2.19.0 in /tools by @dependabot in #2064
• build(deps): bump golang.org/x/term from 0.15.0 to 0.16.0 by @dependabot in #2073
• Split token validation and authorization middleware by @eleftherias in #2063
• Add MINDER_CONFIG env var for minder client, and docs on configuration by @evankanderson in #2034
• repo register --name should skip already registered repositories by @Vyom-Yadav in #2045
• No longer print usage once the minder command has started doing real work by @evankanderson in #2072
• Handle null values in config file to prevent incorrect data retrieval from viper store by @Vyom-Yadav in #2075
• build(deps-dev): bump @docusaurus/module-type-aliases from 3.0.1 to 3.1.0 in /docs by @dependabot in #2076
• build(deps): bump github.com/styrainc/regal from 0.14.0 to 0.15.0 by @dependabot in #2077
• Pipe a CLI warning to stderr by @jhrozek in #2079
• Remove unused protos by @eleftherias in #2080
• Add TelemetryStore interface by @evankanderson in #2059
• build(deps): bump github.com/cloudflare/circl from 1.3.6 to 1.3.7 by @dependabot in #2081
• Update README.md by @gregfurman in #2084
• build(deps): bump golang.org/x/crypto from 0.17.0 to 0.18.0 by @dependabot in #2090
• build(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 by @dependabot in #2089
• build(deps): bump github/codeql-action from 3.22.12 to 3.23.0 by @dependabot in #2087
• build(deps): bump anchore/sbom-action from 0.15.2 to 0.15.3 by @dependabot in #2086
• build(deps): bump follow-redirects from 1.15.2 to 1.15.4 in /docs by @dependabot in #2092
• build(deps): bump styled-components from 6.1.6 to 6.1.8 in /docs by @dependabot in #2085
• Remove context from user CRUD requests by @eleftherias in #2082
• build(deps): bump github.com/lestrrat-go/jwx/v2 from 2.0.18 to 2.0.19 by @dependabot in #2088
• build(deps): bump github.com/sqlc-dev/sqlc from 1.24.0 to 1.25.0 in /tools by @dependabot in #2065
• Add OpenFGA deployment to docker-compose by @JAORMX in #2093
• Remove unused endpoint token for web by @eleftherias in #2094
• Remove unused protos for web exchange by @eleftherias in #2095
• Add the ability to enable/disable payload logging (default disabled) by @evankanderson in #2083
• Increase size of latency buckets, add tests for exported Eventer metrics. by @evankanderson in #2091
• build(deps): bump github.com/openfga/cli from 0.2.1 to 0.2.2 by @dependabot in #2100
• build(deps): bump golang from 1.21.5 to 1.21.6 by @dependabot in #2099
• minor: Add comment for handling missing config file and directories by @Vyom-Yadav in #2098
• Use provider and project from context by @eleftherias in #2096
• Update column name for the rule type list table by @rdimitrov in #2102
• build(deps): bump golang from 7026fb7 to ffbb0b8 by @dependabot in #2108

New Contributors

• @Vyom-Yadav made their first contribution in #2046
• @mdp made their first contribution in #2053
• @gregfurman made their first contribution in #2050
• @AGMETEOR made their first contribution in #2071

Full Changelog: v0.0.23...v0.0.24

v0.0.23

What's Changed

• Auto-generated cli documentation update - 2023-12-21 11:15:12 by @github-actions in #2003
• Drop glossy table code by @JAORMX in #2006
• Change the profile get/list output format by @JAORMX in #2005
• Replace table layout strings with type by @JAORMX in #2007
• Use variadic parameters for the table interface by @JAORMX in #2008
• Revert "Use variadic parameters for the table interface (#2008)" by @rdimitrov in #2010
• Don't print informational message on stdout by @jhrozek in #2011
• Print Details, not Description when a rpc error is caught by @jhrozek in #2013
• Add a flag to delete an account non-interactively by @jhrozek in #2014
• Auto-generated cli documentation update - 2023-12-22 07:19:48 by @github-actions in #2016
• build(deps): bump github/codeql-action from 3.22.11 to 3.22.12 by @dependabot in #2017
• build(deps): bump github.com/norwoodj/helm-docs from 1.11.3 to 1.12.0 in /tools by @dependabot in #2015
• Add newline to No config file present, using default values. by @JAORMX in #2021

Full Changelog: v0.0.22...v0.0.23