1.8.0

What's Changed

• feat: review generic docker workflows by @nepalevov in #44
  • rename workflows/test_vanilla_docker.yml --> workflows/generic_docker_pr.yml
  • rename publish_vanilla_docker.yml --> .github/workflows/generic_docker_release.yml
  • extract all generic docker tests to dedicated generic_docker_test.yml
  • add granular control for checks: enable_* enables or disables the job, bypass_* prevents a job from failing when a step fails
  • revoke high privileges for calculate_version job in workflows/generic_docker_release.yml
• chore: bump github/codeql-action from 3.24.0 to 3.24.8 by @dependabot in #45
• chore: bump aquasecurity/trivy-action from 0.17.0 to 0.18.0 by @dependabot in #41

Full Changelog: 1.7.0...1.8.0

1.7.0

What's Changed

• feat: Review python workflows by @nepalevov in #40
  • rename workflows/test_python_docker.yml --> workflows/python_docker_pr.yml
  • rename workflows/publish_python_docker.yml → workflows/python_docker_release.yml
  • rename workflows/test_python_package.yml --> workflows/python_package_pr.yml
  • rename workflows/publish_python_package.yml → workflows/python_package_release.yml
  • rename actions/prepare_python --> actions/python_prepare
  • extract all python docker tests to dedicated python_docker_test.yml
  • extract all python package tests to dedicated python_package_test.yml
  • add granular control for python checks: enable_* enables or disables the job, bypass_* prevents a job from failing when a step fails
  • revoke high privileges for calculate_version job in workflows/python_docker_release.yml, workflows/python_package_release.yml
  • add -P ort.analyzer.enabledPackageManagers=Poetry option for ort tool in workflows/python_docker_test.yml, workflows/python_package_test.yml
  • add cache for poetry dependencies in actions/python_prepare by default

Full Changelog: 1.6.1...1.7.0

1.6.1

What's Changed

• restore outputting trivy results to stdout by @nepalevov in 16df6d3

Full Changelog: 1.6.0...1.6.1

1.6.0

What's Changed

• review java workflows by @nepalevov in #39
  • rename workflows/test_gradle_docker.yml --> workflows/java_pr.yml
  • rename workflows/publish_gradle_docker.yml → workflows/java_release.yml
  • rename actions/prepare_gradle --> actions/java_prepare
  • extract all java tests to dedicated workflows/java_test.yml
  • add granular control for java checks: enable_* enables or disables the job, bypass_* prevents a job from failing when a step fails
  • revoke high privileges for calculate_version job in workflows/java_release.yml
  • add -P ort.analyzer.enabledPackageManagers=Gradle option for ort tool in workflows/java_test.yml
  • add cache for gradle dependencies in actions/java_prepare by default
  • minor node workflow corrections

Full Changelog: 1.5.0...1.6.0

1.5.0

What's Changed

• feat: publish rc npm packages by @nepalevov in #38

Full Changelog: 1.4.2...1.5.0

1.4.2

What's Changed

• fix: publish npm packages only on release-* branches by @nepalevov in #37

Full Changelog: 1.4.1...1.4.2

1.4.1

What's Changed

• chore: conditionally add latest tag for npm publishing by @nepalevov in #36
• chore: bump ort version

Full Changelog: 1.4.0...1.4.1

1.4.0

What's Changed

• chore: bump aquasecurity/trivy-action from 0.16.1 to 0.17.0 by @dependabot in #31
• chore: bump epam/ai-dial-ci from 1.3.0 to 1.3.1 by @dependabot in #33
• chore: bump marocchino/sticky-pull-request-comment from 2.8.0 to 2.9.0 by @dependabot in #32
• feat: review node workflows by @nepalevov in #34
  • rename workflows/test_yarn_docker.yml --> workflows/node_pr.yml
  • rename workflows/publish_yarn_docker.yml → workflows/node_release.yml
  • rename actions/prepare_node --> actions/node_prepare
  • extract all node tests to dedicated workflows/node_test.yml
  • add granular control for node checks: enable_* enables or disables the job, bypass_* prevents a job from failing when a step fails
  • revoke high privileges for calculate_version job in workflows/node_release.yml
  • migrate from yarn to npm everywhere
  • add publishing packages to npmjs (secrets.NPM_TOKEN required)
  • add -P ort.analyzer.enabledPackageManagers=NPM option for ort tool in workflows/node_test.yml
  • add cache for npm dependencies in actions/node_prepare by default
  • add optional (clean_install: true/false) step to install dependencies in actions/node_prepare
  • add optional registry_url support actions/node_prepare
  • review actions/build_docker to conditionally split building image, scanning and pushing it to registry
  • ignore unpatched/unfixed vulnerabilities for trivy in actions/build_docker by default (scan_ignore_unfixed: true)
  • upload Trivy scan results to GitHub Security tab in actions/build_docker
  • review actions/ort: get rid of "https instead of ssh", excessive checkout; fix "bypass"; add cli_args, analyze_args inputs support
  • bump 3rd-party actions versions

Full Changelog: 1.3.1...1.4.0

1.3.1

What's Changed

• fix: continue-on-error for composite actions by @nepalevov in #30

Full Changelog: 1.3.0...1.3.1

1.3.0

What's Changed

• chore: bump digital-blueprint/gitlab-pipeline-trigger-action from 1.0.6 to 1.1.0 by @dependabot in #26
• chore: bump peter-evans/create-or-update-comment from 3.1.0 to 4.0.0 by @dependabot in #27
• feat: add bypass_ort input variable by @nepalevov in #29
• fix: get correct GitLab pipeline URL

Full Changelog: 1.2.0...1.3.0