minder
minder copied to clipboard
stacklok
Software Supply Chain Security Platform
Bumps [github.com/bufbuild/buf](https://github.com/bufbuild/buf) from 1.59.0 to 1.60.0. Release notes Sourced from github.com/bufbuild/buf's releases. v1.60.0 Fix LSP published diagnostics to filter to the opened file. Add textDocument/documentSymbol support for buf lsp serve....
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [github.com/golangci/golangci-lint/v2](https://github.com/golangci/golangci-lint) from 2.6.1 to 2.6.2. Release notes Sourced from github.com/golangci/golangci-lint/v2's releases. v2.6.2 golangci-lint is a free and open-source project built by volunteers. If you value it, consider supporting us,...
Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from 0.20.9 to 0.20.10. Release notes Sourced from anchore/sbom-action's releases. v0.20.10 Changes in v0.20.10 chore(deps): update Syft to v1.38.0 (#548) [[anchore-actions-token-generator[bot]](https://github.com/[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator))] Commits fbfd9c6 chore(deps): update Syft to v1.38.0...
Bumps [actions/checkout](https://github.com/actions/checkout) from 5.0.0 to 6.0.0. Release notes Sourced from actions/checkout's releases. v6.0.0 What's Changed Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248 Persist...
Bumps [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) from 7.0.8 to 7.0.9. Release notes Sourced from peter-evans/create-pull-request's releases. Create Pull Request v7.0.9 ⚙️ Fixes an incompatibility with the recently released actions/checkout@v6. What's Changed ~70 dependency updates...
Bumps [chainguard-dev/actions](https://github.com/chainguard-dev/actions) from 1.5.8 to 1.5.10. Release notes Sourced from chainguard-dev/actions's releases. v1.5.10 What's Changed Bump chainguard-dev/actions from 1.5.8 to 1.5.9 in /wolfi-build-pkg by @dependabot[bot] in chainguard-dev/actions#650 Bump chainguard-dev/actions from...
# Summary The default value of `user_management` flag is false now. But related functionalities sets it to true. This PR is raised for the release of the flag. Fixes #5436
Bumps [github.com/google/osv-scalibr](https://github.com/google/osv-scalibr) from 0.3.2 to 0.3.4. Release notes Sourced from github.com/google/osv-scalibr's releases. v0.3.4 New secret detectors: DigitalOcean API keys, OpenAI project keys, Tink plaintext keysets, GitLab PAT, HashiCorp Vault+App tokens,...
Incorrect image/favicon path https://github.com/mindersec/minder/blob/ea1db4a67a5020520346c440de820e200156e19f/docs/docusaurus.config.js#L36-L39 docs https://docusaurus.io/docs/api/docusaurus-config#favicon
### Please describe the enhancement Currently, all PR rules use custom evaluators (`vulncheck`, `trusty`, `homoglyphs`), and the rule evaluation has side effects of adding comments to the PR, even if...
